H 130: sslh (10 pts)

What You Need for this Project

A Linux machine--I used a Google Cloud Debian 10 server

Purpose

To install, configure, and test the sslh multiplexer.

Adjusting the Google Cloud Firewall

On the left side of the Google Cloud Platform page, click the three-bar "hamburger" icon. Click "Compute Engine", "VM instances".

In the "VM instances" page, on your Debian instance's line, on the right side, click the three-dot icon and click "View network details".

On the left side, click Firewall.

At the top center, click "CREATE FIREWALL RULE".

Enter these values, as shown below.

Name: http
Targets: All instances on the network
Source filter: IP ranges
Source IP ranges: 0.0.0.0/0
Protocols and ports: Specified protocols and ports
tcp: 80,443

At the bottom, click the CREATE button.

Installing Apache

On your Linux server, in an SSH session, execute these commands:


sudo apt update
sudo apt install apache2 -y
sudo ss -nltp

Apache is listening on port 80, and SSH is listening on port 22, as shown below.

Testing your Web Server

In a Web browser, open this URL, replacing the IP address with the public address of your Linux server, which you can find in Google Cloud Console:

http://35.188.199.249

An Apache page opens, as shown below.

Installing sslh

On your Linux server, in an SSH session, execute these commands:

sudo apt install build-essential git -y sudo apt install libconfig-dev libwrap0-dev -y sudo apt install libsystemd-dev libpcre3-dev -y sudo apt install libcap-dev libbsd0 libbsd-dev -y git clone https://github.com/yrutschle/sslh.git cd sslh make sudo cp sslh-fork /usr/local/sbin/sslh sudo cp basic.cfg /etc/sslh.cfg sudo cp scripts/etc.init.d.sslh /etc/init.d/sslh sudo ln -s /usr/local/sbin/sslh /sbin/sslh sudo nano /etc/sslh.cfg

Make these two changes, as shown below:

Add a # to comment out the "chroot" line
Change the hostname to 0.0.0.0

Press Ctrl+X, Y, Enter to save the file.

Starting sslh

On your Linux server, in an SSH session, execute these commands:

sudo /etc/init.d/sslh start sudo ss -ntlp

The sslh service is listening on port 443, as shown below.

Testing sslh for HTTP

In a Web browser, open this URL, replacing the IP address with the public address of your Linux server, which you can find in Google Cloud Console:

http://35.188.199.249:443

An Apache page opens, as shown below.

Testing sslh for SSH

Use another Linux system, such as a second Debian cloud server.

Execute this command, replacing the IP address with the public address of your server running sslh:

ssh 35.188.199.249 -p 443

You get a warning that the fingerprint is not recognized, as shown below. That proves that the port 443 traffic is being redirected correctly to SSH!

Flag H 130.1: Nmap Scan (10 pts)
Use another Linux system, such as a second Debian cloud server.
Execute these commands, replacing the IP address with the public address of your server running sslh:
sudo apt install nmap -y sudo nmap 35.188.199.249
The flag is the service Nmap detects, covered by a green rectangle in the image below.

References

sslh -- A ssl/ssh multiplexer

Posted 6-18-2020
Launch command changed 8-1-20