Detailed steps for bypassing the gateway to penetrate a website

If you want to enter the official website, you should first break through the gateway (GetWay). This is easy to understand, because an intranet must always access the internet through the gateway. As for how to break through the gateway, this is no different from accessing a server that is not a gateway. After breaking through the gateway, our goal is to access 202 of the Internet through the gateway (IP Address: 192.168. 98. *. *).

If you want to enter the official website, you should first break through the gateway (GetWay). This is easy to understand, because an intranet must always access the internet through the gateway. As for how to break through the gateway, this is no different from accessing a server that is not a gateway.

After breaking through the gateway, our goal is to access 192.168.21.75 through the gateway (IP Address: 202. 98. In the future, we will try to establish packet forwarding through the Force port redirection of the gateway. Port redirection can be divided into two types (local and remote). However, we need to enable the Intranet to avoid using local redirection, local redirection is mainly used to bypass the firewall (I will write a separate article later to discuss how to use port redirection to bypass the firewall ).

1. Use Fpipe to establish port redirection.

Fpipe is very interesting. To prove the port redirection function of Fpipe, we will do this experiment.

First, run Fpipe on your machine, as shown below:

E: \ tool \ FPip> fpipe-l 80-s 90-r 80 202.98.177.162

FPipe v2.1-TCP/UDP port rEdIrector.

Copyright 2000 (c) by Foundstone, INc.

Http://www.foundstone.com

// Explain thisCommand

Fpipe-l 80-s 90-r 80 202.98.177.162

Connect Port 80 of the Local Machine to port 80 of port 202.98.177.162 through port 90.

The detailed syntax is as follows:

FPipe [-hv?] [-Brs] IP

-? /-H-shows this help tExT \ u0006

-C-maximum number of allowed simultaneous connections. Default is 32 # the maximum number of connections. The Default value is 32.

-L-listening port number # TCP port number to be listened on

-R-remote TCP port number # port number of the IP host to be directed

-S-outbound connection source port number # from which port the redirection information is sent

-V-verbose mode # detailed display process

In the above process, we have established port redirection on our own machine: connect the connection to port 80 of the local machine through port 90 to port 80 of port 202.98.177.162 \ u001F

Then, enter:

Http: // 127.0.0.1. the webpage of Kunming hi-tech zone is displayed, which indicates that our redirection is successful.

Fpipe implements the following content:

Pipe connected:

In: 127.0.0.1: 2092 --> 127.0.0.1: 80

Out: 192.168.168.112: 90 --> 202.98.177.162: 80

From the above output, we can see the path of the data packet (192.168.168.112 is my IP address)

After the operation is successful, we will copy the Fpipe to the gateway under our control and execute redirection:

Fpipe-l 81-s 91-r 21 192.168.21.75 # On the gateway (202. 98. *. *) execution, which is 202. 98. *. * port 81 forwards data to port 21 of 192.168.21.75 through port 91. Similarly:

Fpipe-l 82-s 92-r 23 192.168.21.75 # forward data from Port 82 to Port 202. 98. *. * to port 23 of 192.168.21.75 through port 92

Fpipe-l 83-s 93-r 80 192.168.21.75 # forward data to port 80 of 192.168.21.75 to port 83 of Port 202. 98. *. *.

Fpipe-l 84-s 94-r 139 192.168.21.75 # forward data to Port 202 of 192.168.21.75 through port 94

Here you should know more:

If you are in the local teLnThe 81 of et to 202. 98. *. * is equivalent to youTelnetTo 21 of 192.168.21.75, no! 21 of 192.168.21.75 should be on FTP (haha ).FtpTo port 81 of 202. 98!

2. Use rinetd to establish redirection.

The method is the same as above. Run rineted on the gateway, but create a configuration file (the file name and extension are arbitrary. Here I will use the configuration file conf. ini as an example)

Create a configuration file with the following content in the local project! It means to forward the 90 packets to 80 of 192.168.21.75)

202. 98. *. * 90 192.168.21.75 80

Save it as the conf. ini file and copy it with rineted to the Gateway (202. 98. *. *). Then

Run

Rinetd-c conf. ini

Then you connect 202. 98. *. * 90 to 192.168.21.75 80.

By the way, the syntax of the rinetd configuration file is

BindaDdRess bindport connectaddress connectport