ChaosVPN简要配置过程
作者:admin | 时间:2017-7-12 04:02:24 | 分类:黑客技术 隐藏侧边栏展开侧边栏
可能不少人听说过chaosvpn这个东西,还有相关的其他东西比如(.loky .clos 甚至Mariana)但是转了一圈除了网上传的玄之又玄的都市传说之外没有发现有价值的中文资料…
ChaosVPN配置方法
//*ChaosVPN是一个连接黑客和黑客空间的工具,以及。。进入某些网络的前置条件
简单介绍一下配置方法,以及可能遇到的错误和解决方法:
以下操作均在Linux下完成
测试采用的是Parrot OS
安装依赖
apt-get install tinc iproute2
apt-get install build-essential git bison flex libssl-dev zlib1g-dev debhelper devscripts
//如果tinc已经自带可以直接跳过安装,可能会遇到错误:
E: 软件包 bison 没有可安装候选
不影响,继续
添加chaosvpn的软件源:
vi /etc/apt/sources.list:
添加:
deb http://debian.sdinet.de/ stable chaosvpn
deb-src http://debian.sdinet.de/ stable chaosvpn
然后
apt-get update
可能会提示GPG 错误
apt-get install chaosvpn
如果提示错误无法安装
vi /etc/apt/sources.list
添加:
deb http://security.debian.org/debian-security wheezy/updates main
安装之前缺失的依赖
apt-get update apt-get install libssl1.0.0
然后
apt-get install chaosvpn
安装完成后
进行tinc和chaosvpn的对接操作
mkdir -p /etc/tinc/chaos
tincd --ne=chaosvpn --generate-keys=2048
可能会提示
Error opening file `/etc/tinc/=chaosvpn/rsa_key.priv': No such file or directory
输入
mkdir /etc/tinc/chaos/ecdsa_key.priv
再执行
tincd --ne=chaosvpn --generate-keys=2048
两次选择路径保存公钥和私钥(写信时候需要)
![A7]8VENV}T8$127UB9%GMJ.png
之后:
vi /etc/tinc/chaosvpn.conf
修改参数
$ my_vpn_ip = 172.31。<your Subnet>。[1-255]
只能使用a-z,0-9和下划线
ip地址要改为172.31.x.x
保存退出,到此配置文件结束。
ps:你要加入chaosVPN还必须写一封介绍信来表明你的动机,发送邮件到
chaosvpn-join@hamburg.ccc.de
如果成功加入,在终端输入chaosvpn,可以看一些信息(由于我懒得写介绍信了这里就不截图了有兴趣同学可以自己搞)
介绍信的内容为:
[<nodename>]
sponsor= # Name a person/nickname/nodename or organisation/hackerspace already on ChaosVPN that will # vouch for you getting access. gatewayhost=<clienthost> # This should be the external hostname or ip address of the client host, not a VPN address. # If the client is not reachable over the internet leave it out and set hidden=1 below. # If possible supply a hostname (even dyndns) and not an ip address for easier changing # from your side without touching the central config. network=<ipv4 subnet in the vpn>
network6=<ipv6 subnet in the vpn> # (mandatory, must include) # this may be more than one, IPv4 or IPv6, network6 with IPv6 is optional # # These subnets must be unique in our vpn, # simply renumber your home network (or use something like NETMAP) with a network block that is still free. # # Please use the list of assigned networks on ChaosVPN:IPRanges, and add yourself there. owner= # (mandatory, must include) # Admin of the VPN gateway, with email address - a way to contact the responsible # person in case of problems with your network link. port=4712 # (optional) # if not specified tinc works on tcp+udp port 655 # it is better if everyone chooses a random port for this. # either this specified port or port 655 should accept TCP and UDP traffic from internet. hidden=0 # (optional) # "I cannot accept inbound tunnel connections, I can only connect out." # (e.g. behind a NAT) silent=0 # (optional) # "I cannot connect out, but you can connect to me." # Only ONE of hidden=1 or silent=1 is possible. Ed25519PublicKey=<something> # (optional) # tinc 1.1pre11+ only, contents of your /etc/tinc/chaos/ed25519_key.pub -----BEGIN RSA PUBLIC KEY-----
....
-----END RSA PUBLIC KEY----- # (mandatory) # rsa-public-key - contents of your /etc/tinc/chaos/rsa_key.pub
ps:你要删除那些#号开头的行,那些只是介绍。
最后
启动chaosvpn
/etc/init.d/chaosvpn start
提示ok即代表启动成功
查看chaosvpn网络端口
route -n
*本文作者:Akira