T
theringe
In some Linux web apps, you may need to test the network, but the customer’s VNET doesn't allow external connections, and the available tools in the blessed image are limited.
This tutorial will show you how to work around this limitation by downloading the necessary binary (such as tcpping) from an external environment and then transferring it to the restricted environment using base64 encoding.
TOC:
Preparing the Binary from a Network-Accessible Environment
STEP 1: Find an environment that has internet access, and download the required binary (in this case, tcpping) or any other necessary binary using the wget command.
STEP 2: Since the restricted environment cannot access the internet directly, we will convert the binary into base64 format. If the binary is under 1 MB in size, it can be transferred using the terminal.
STEP 3: You now have a tcpping.txt file that contains the base64-encoded binary. Display the contents of the file so that you can copy and paste it into the restricted environment later:
Transferring the Binary to the Restricted Environment
STEP 1: Once you are in the restricted environment (where you cannot access the external network), save the base64-encoded binary by pasting it into a new text file. Use the following command to save it as tcpping.txt:
Replace YOUR_BASE64_HERE with the content of the base64-encoded tcpping.txt that you copied from the network-accessible environment.
STEP 2: Decode the base64-encoded file back into a binary using the following command:
Executing the Binary in the Restricted Environment
STEP 1: Run the binary to test the local network. For example, you can ping the loopback address (127.0.0.1):
STEP 2: Check the results of the network test to ensure that the tcpping binary is working properly.
Conclusion
By following these steps, you can successfully transfer and execute binaries in a Linux web app environment that does not allow external internet access. This method uses base64 encoding to move small binaries into the restricted environment for network testing or other purposes.
This approach has several limitations, aside from the overall file size not being too large:
Continue reading...
This tutorial will show you how to work around this limitation by downloading the necessary binary (such as tcpping) from an external environment and then transferring it to the restricted environment using base64 encoding.
TOC:
- Preparing the Binary from a Network-Accessible Environment
- Transferring the Binary to the Restricted Environment
- Executing the Binary in the Restricted Environment
- Conclusion
Preparing the Binary from a Network-Accessible Environment
STEP 1: Find an environment that has internet access, and download the required binary (in this case, tcpping) or any other necessary binary using the wget command.
wget https://pingpros.com/pub/tcppingSTEP 2: Since the restricted environment cannot access the internet directly, we will convert the binary into base64 format. If the binary is under 1 MB in size, it can be transferred using the terminal.
base64 tcpping > tcpping.txt ; rm tcppingSTEP 3: You now have a tcpping.txt file that contains the base64-encoded binary. Display the contents of the file so that you can copy and paste it into the restricted environment later:
cat tcpping.txt ; rm tcpping.txtTransferring the Binary to the Restricted Environment
STEP 1: Once you are in the restricted environment (where you cannot access the external network), save the base64-encoded binary by pasting it into a new text file. Use the following command to save it as tcpping.txt:
echo "YOUR_BASE64_HERE" > tcpping.txtReplace YOUR_BASE64_HERE with the content of the base64-encoded tcpping.txt that you copied from the network-accessible environment.
STEP 2: Decode the base64-encoded file back into a binary using the following command:
Code:
base64 -d < tcpping.txt > tcpping
chmod 755 tcppingExecuting the Binary in the Restricted Environment
STEP 1: Run the binary to test the local network. For example, you can ping the loopback address (127.0.0.1):
./tcpping 127.0.0.1STEP 2: Check the results of the network test to ensure that the tcpping binary is working properly.
Conclusion
By following these steps, you can successfully transfer and execute binaries in a Linux web app environment that does not allow external internet access. This method uses base64 encoding to move small binaries into the restricted environment for network testing or other purposes.
This approach has several limitations, aside from the overall file size not being too large:
- You must choose a static binary without dependent libraries, and it is best if it is a single file, such as nslookup or dig.
- You must ensure that the file source does not contain malicious code, and you cannot sacrifice system and data security for the sake of convenient transmission.
- Similarly, if the operating unit is a company, you need to pay extra attention to whether IT has any restrictions on related behaviors.
Continue reading...