Thursday, August 27, 2020

SocialNets! let's connect networks

Have you ever found yourself in a situation where you can't connect to your company VPN and want to do some quick tests on hosts lying inside the VPN? Or want to connect to machines in VPN via your mobile phone while travelling?

Let's think what is hurdle here?

  • We can't reach these hosts from outside even if they are listening

 

Solution

  • These hosts can connect to internet
  • Create a mediator to which these hosts connect and listen for commands.

 

Sub-problems in this solution

  • Create a mediator in the internet? 
    • Should we buy a public IP?
  • What about authentication of the users?

 

Solution

  • We don't need to buy a IP when messaging services exist in the internet. Let's consider such a system, "Facebook"
    • Facebook allows developers to create test user accounts which are disposable.
    • Facebook also messaging service which allows exchange of messages between these users and no real facebook user can send messages to these users.
    • What about Authentication?
      • Let facebook do it for you. 
  • We can run some custom Facebook client on the hosts inside the VPN and let them execute the tasks sent to it as a text message.

 

Enough, show me a demo

  • For this example's purpose we need two Facebook test users, let's call them F1 and F2. You have to login to facebook using these user credentials and make them friends.
  • To create a custom Facebook client, we will use the fbchat python library. To install it using pip run the below command   
pip install fbchat
  • Here is the python code which will execute the messages sent to it as a command, create a file called novpn.py and add the below content. Replace the user, passwd, recvFrom values in this file.
  • Run the code in a host which is accessible in VPN

 python novpn.py

  • Login to facebook using the credentials of user F2 and send messages to F1. They will be run as bash commands and output will be sent right back to you.

 

Demo


 

Limitations

  1. Large messages are not supported (I haven't tested the max limit, comment it if you get to know about it) 
  2. There will be a delay between message transfers
  3. Interactive applications are not supported (vim, nano, more, less etc)

 

Improvements

  1. We can write a custom client, to address the above mentioned limitations using the same fbchat APIs.

 

-madhusoodan

at
Labels: , , ,

1 comment:

Subscribe to: Post Comments (Atom)