sslh隐藏端口

嗨害嗨

已于 2023-02-03 01:28:08 修改

阅读量542

点赞数

分类专栏：胡4乱想文章标签： linux debian ssh

于 2023-02-03 01:25:26 首次发布

本文链接：https://blog.csdn.net/HH_beibei/article/details/128859986

版权

胡4乱想专栏收录该内容

7 篇文章 0 订阅

订阅专栏

环境：Kali

隐藏端口

环境：Kali

隐藏端口

通过端口复用来达到隐藏端口的目的。这里以隐藏SSH端口，通过SSH进行远程登录为例，通过SSLH让 HTTPS 和 SSH 共享同一个端口

下载sslh

┌──(root㉿kali)-[~]
└─ apt-get install sslh -y

配置sslh

# Default options for sslh initscript
# sourced by /etc/init.d/sslh

# binary to use: forked (sslh) or single-thread (sslh-select) version
# systemd users: don't forget to modify /lib/systemd/system/sslh.service
DAEMON=/usr/sbin/sslh

DAEMON_OPTS="--user sslh --listen <change-me>:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:443 --pidfile /var/run/sslh/sslh.pid"

#修改为

DAEMON_OPTS="--user sslh --listen 0.0.0.0:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:443 --pidfile /var/run/sslh/sslh.pid"

启动SSLH

┌──(root㉿kali)-[~]
└─ systemctl start sslh          

┌──(root㉿kali)-[~]
└─ systemctl enable sslh
Synchronizing state of sslh.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable sslh
Created symlink /etc/systemd/system/multi-user.target.wants/sslh.service → /lib/systemd/system/sslh.service.

测试，检查 SSLH 守护程序是否正在监听 443

┌──(root㉿kali)-[~]
└─ ps -ef | grep sslh
sslh     1093888       1  0 12:13 ?        00:00:00 /usr/sbin/sslh --foreground --user sslh --listen 0.0.0.0 443 --ssh 127.0.0.1 22 --tls 127.0.0.1 443 --pidfile /var/run/sslh/sslh.pid
sslh     1093890 1093888  0 12:13 ?        00:00:00 /usr/sbin/sslh --foreground --user sslh --listen 0.0.0.0 443 --ssh 127.0.0.1 22 --tls 127.0.0.1 443 --pidfile /var/run/sslh/sslh.pid
root     1094656 1094630  0 12:15 pts/2    00:00:00 grep --color=auto sslh

利用

[root@localhost ~] ssh -p 443 root@192.168.218.135
The authenticity of host '[192.168.218.135]:443 ([192.168.218.135]:443)' can't be established.
ECDSA key fingerprint is SHA256:nWuRpxRY+eRmSjDLm/PTvsyEyFVbQMyQfegunja7Z4k.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.218.135]:443' (ECDSA) to the list of known hosts.
root@192.168.218.135's password: 
Linux kali 5.18.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07) x86_64

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Feb  2 12:15:30 2023 from 192.168.218.1
┌──(root㉿kali)-[~]
└─ uname -srm            
Linux 5.18.0-kali5-amd64 x86_64