Watch video on YouTube here: https://youtu.be/xLib59l0aCs by Johnny Netsec
Divoom Timebox Speaker has been in the market for a few years now and the 4th generation hardware has been developed. This video shows my recent purchase of TimeBox EVO from Aliexpress and the openbox to have a quick test about this product. One of my main reason to buy this product is to show some text and add some coloring during recording my videos. You will see it on my desk more often in the future. All opinion is my person experience and not associated with any company or third partied. I am also not posting any link to suggest to buy. If you are interesting on this product, just search from Aliexpress.com, or google it. ==================================================================== If you found this video has some useful information, please give me a thumb up and subscribe this channel to get more updates: https://www.youtube.com/c/Netsec?sub_confirmation=1 Learning and Sharing - 海内存知己,天涯若比邻 - http://51sec.org
Watch video on YouTube here: https://youtu.be/xLib59l0aCs by Johnny Netsec
0 Comments
TeraBox is from Dubox, which was just renamed. It does provide 1TB large space for your cloud storage. Although lack of Desktop client, Android and iPhone client is available. It also can act as BT client to download BT file directly. Sharing feature is also friendly to use. Speed is acceptable to me. If you are looking for backup your mobile files, it might be a good solution. Unfortunately, free plan does not sync your videos. Related Post: https://ift.tt/2SDR3kY ==================================================================== If you found this video has some useful information, please give me a thumb up and subscribe this channel to get more updates: https://www.youtube.com/c/Netsec?sub_confirmation=1 Learning and Sharing - 海内存知己,天涯若比邻 - http://51sec.org
Watch video on YouTube here: https://youtu.be/SwUVtNb0_ss by Johnny Netsec Build Cloud File Download & Manage Site using FileBrowserAria2AriaNgRcloneCaddyGoogle Drive5/29/2021
Build Cloud File Download & Manage Site using FileBrowser+Aria2+AriaNg+Rclone+Caddy+Google Drive
This post is regarding how to use wahyd4/aria2-ui's docker image to achieve a downloading and file managing / sharing center. In just one docker image, you can do downloading (Aria2), Web GUI management for your downloading task (AriaNG) , File Managing (FileBrowser), supporting multi-type file view, and saving to Google Drive. Pre-requirement:
Install Docker and Portainer:
Open Firewall port at cloud firewall and local firewall if enabled:
Github Project and Docker Image InformationGithub project : Other related GitHub Sites:
Features
Quick Run for Testing
docker run -d --name aria2-ui -p 80:80 wahyd4/aria2-ui
Here are default URL and user name / password.
Modified Docker Run Command Based Requirements
Quick run is not exactly what we want. For my configuration, I would like to put this docker into different port, 8000, also I will need to map my host folders into docker. No need rclone to run in the docker, I will get it running on my host to mount my Google Drive. Also I will need some kind of authentication to be enabled for AriaNG web gui.
docker run -d --name aria2-ui \ --restart=unless-stopped \ -p 8000:80 \ -e ENABLE_AUTH=true \ -e ARIA2_SSL=false \ -e ARIA2_USER=user \ -e ARIA2_PWD=password \ -e ARIA2_EXTERNAL_PORT=8000 \ -e ENABLE_RCLONE=False \ -v ~/data:/data \ -v ~/gdrive:/gdrive \ wahyd4/aria2-ui
Configure FileBrowser to Manage Gdrive folder
This is an option to do if you would like FileBrowser web gui to manage your mounted google drive. Default it is managing download folder /data.
Change File Browser's folder. vi /app/Procfile Change default /data folder to /gdrive. So File Browser will open /gdrive when you log in. You can mange your Google Drive from File Browser directly. It is not necessary to do this step if you does not want to manage your Google Drive folder from FileBrowser page. [root@centos-nextcloud-aria2 ~]docker exec -it aria2-ui /bin/bash
|
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# curl https://ip.51sec.org/api 132.145.100.226
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# yum upgrade -y && yum update -y
Install NodeQuery Monitor Agent
Add a new server into your NodeQuery Account or select Reinstall to get code for agent installation.
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# wget -N --no-check-certificate https://raw.github.com/nodequery/nq-agent/master/nq-install.sh && bash nq-install.sh Zb8Ge0oBFXvx24SM6YgfpH
SWAP Size change
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# free
total used free shared buff/cache available
Mem: 823684 258292 120892 1904 444500 553072
Swap: 8388604 8532 8380072
Basic command:
wget https://raw.githubusercontent.com/51sec/swap/main/swap.sh && bash swap.sh
Install Docker and Docker Compose
curl -sSL https://get.docker.com/ | sh
systemctl start docker
systemctl enable docker
curl -L "https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# /usr/local/bin/docker-compose version
docker-compose version 1.29.2, build 5becea4c
docker-py version: 5.0.0
CPython version: 3.7.10
OpenSSL version: OpenSSL 1.1.0l 10 Sep 2019
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# docker version
Client: Docker Engine - Community
Version: 20.10.6
API version: 1.41
Go version: go1.13.15
Git commit: 370c289
Built: Fri Apr 9 22:44:36 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.6
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 8728dd2
Built: Fri Apr 9 22:43:02 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.4
GitCommit: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc:
Version: 1.0.0-rc93
GitCommit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]#
Install Portainer
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# docker volume create portainer_data
portainer_data
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]# docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
Unable to find image 'portainer/portainer-ce:latest' locally
latest: Pulling from portainer/portainer-ce
94cfa856b2b1: Pull complete
49d59ee0881a: Pull complete
f220caeff793: Pull complete
Digest: sha256:67e3edef02ba465d18663cd273cc24ec2764b27686ea5afbe8f392317a70ed72
Status: Downloaded newer image for portainer/portainer-ce:latest
d0ff883b063156b5929a8999593d38837501e6c16ffcefcbefb221ebe0301a32
[root@OCP1-CentOS8-Aria-Rclone-Portainer ~]#
Install Nginx using Portainer
Now you should get your Ngix page from http://<VPS's public ip>
Configure Nginx as Reverse Proxy
root@ba4a30ab7371:/# apt update -y && apt install nano -y
server {
listen 80;
server_name portainer1.51sec.eu.org;
location / {
proxy_pass http://172.31.23.170:6080;
proxy_http_version 1.1;
proxy_read_timeout 300;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-PORT $remote_port;
}
}
root@ba4a30ab7371:/# apt update -y && apt install nano -y
Enable Https for Nginx
Connect into Nginx console from Portainer portal or command: docker exec -it nginx bin/bash.
apt update
apt install certbot python-certbot-nginx
certbot --nginx
root@ba4a30ab7371:/# certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: portainer1.51sec.eu.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for portainer1.51sec.eu.org
2021/05/24 19:49:48 [notice] 1330#1330: signal process started
Waiting for verification...
Cleaning up challenges
2021/05/24 19:49:53 [notice] 1332#1332: signal process started
Deploying Certificate to VirtualHost /etc/nginx/conf.d/portainer.conf
2021/05/24 19:49:56 [notice] 1334#1334: signal process started
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://portainer1.51sec.eu.org
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=portainer1.51sec.eu.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/portainer1.51sec.eu.org/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/portainer1.51sec.eu.org/privkey.pem
Your cert will expire on 2021-08-22. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
root@ba4a30ab7371:/#
Custom Bridge Network
Create a new bridge network to join your Containers into same network. In this way, they can access it through their name directly.
Get your Docker Container to join into your new created bridge network.
root@ba4a30ab7371:/# ping portainer
PING portainer (172.20.20.3) 56(84) bytes of data.
64 bytes from portainer.mybridge (172.20.20.3): icmp_seq=1 ttl=64 time=0.104 ms
64 bytes from portainer.mybridge (172.20.20.3): icmp_seq=2 ttl=64 time=0.080 ms
64 bytes from portainer.mybridge (172.20.20.3): icmp_seq=3 ttl=64 time=0.081 ms
64 bytes from portainer.mybridge (172.20.20.3): icmp_seq=4 ttl=64 time=0.079 ms
^C
--- portainer ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 53ms
rtt min/avg/max/mdev = 0.079/0.086/0.104/0.010 ms
root@ba4a30ab7371:/#
server {
listen 80;
server_name portainer1.51sec.eu.org;
location / {
proxy_pass http://portainer:6080;
proxy_http_version 1.1;
proxy_read_timeout 300;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-PORT $remote_port;
}
}
Install Network Utilities in Container
root@ba4a30ab7371:/# cat /etc/*-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@ba4a30ab7371:/#
root@26a4cc3a312a:/# apt-get install traceroute
Note: net-tools will include ifconfig / netstat commands
via Blogger https://ift.tt/3ffxJU4
May 24, 2021 at 04:13PM Docker
Unlike passive information gathering, which involves an intermediate system for gathering information, active information gathering involves a direct connection with the target.The client probes for information directly with the target with no intermediate system in between. While this technique may reveal much more information than passive information gathering, there's always a chance of security alarms going off on the target system. Since there's a direct connection with the target system, all the information requests would be logged and can later be traced back to the source. The following diagram depicts active information gathering where the client is directly probing the target system:
OSI Model / TCP/IP Model
The TCP/IP model is a concise version of the OSI model. It contains four layers, unlike seven layers in the OSI model. The layers are:
- Process/Application Layer
- Host-to-Host/Transport Layer
- Internet Layer
- Network Access/Link Layer
Difference between TCP/IP and OSI Model:
TCP/IP | OSI |
---|---|
TCP refers to Transmission Control Protocol. | OSI refers to Open Systems Interconnection. |
TCP/IP has 4 layers. | OSI has 7 layers. |
TCP/IP is more reliable | OSI is less reliable |
TCP/IP does not have very strict boundaries. | OSI has strict boundaries |
TCP/IP follow a horizontal approach. | OSI follows a vertical approach. |
TCP/IP uses both session and presentation layer in the application layer itself. | OSI uses different session and presentation layers. |
TCP/IP developed protocols then model. | OSI developed model then protocol. |
Transport layer in TCP/IP does not provide assurance delivery of packets. | In OSI model, transport layer provides assurance delivery of packets. |
TCP/IP model network layer only provides connection less services. | Connection less and connection oriented both services are provided by network layer in OSI model. |
Protocols cannot be replaced easily in TCP/IP model. | While in OSI model, Protocols are better covered and is easy to replace with the change in technology. |
Layer 2 Discovery - Arping / netdiscover
┌──(root?kali)-[~] └─# arping 192.168.2.1 -c 3 1 ⨯ ARPING 192.168.2.1 60 bytes from 00:78:cd:00:fd:f4 (192.168.2.1): index=0 time=4.034 msec 60 bytes from 00:78:cd:00:fd:f4 (192.168.2.1): index=1 time=2.622 msec 60 bytes from 00:78:cd:00:fd:f4 (192.168.2.1): index=2 time=3.788 msec --- 192.168.2.1 statistics --- 3 packets transmitted, 3 packets received, 0% unanswered (0 extra) rtt min/avg/max/std-dev = 2.622/3.481/4.034/0.616 ms ┌──(root?kali)-[~] └─#
┌──(root?kali)-[~] └─# netdiscover -i eth0 -r 192.168.2.0/24 Currently scanning: Finished! | Screen View: Unique Hosts 172 Captured ARP Req/Rep packets, from 30 hosts. Total size: 10320 _____________________________________________________________________________ IP At MAC Address Count Len MAC Vendor / Hostname ----------------------------------------------------------------------------- 0.0.0.0 08:ea:40:f8:48:a2 48 2880 SHENZHEN BILIAN ELECTRONIC CO.,LTD 0.0.0.0 08:ea:40:fc:48:f3 46 2760 SHENZHEN BILIAN ELECTRONIC CO.,LTD 0.0.0.0 08:ea:40:f8:44:63 36 2160 SHENZHEN BILIAN ELECTRONIC CO.,LTD 192.168.2.1 00:78:cd:00:fd:f4 1 60 Ignition Design Labs 192.168.2.2 08:cc:68:40:71:c1 1 60 Cisco Systems, Inc 192.168.2.4 00:0c:29:1b:b7:e1 1 60 VMware, Inc.
┌──(root?kali)-[~] └─# netdiscover -p Currently scanning: (passive) | Screen View: Unique Hosts 307 Captured ARP Req/Rep packets, from 12 hosts. Total size: 18420 _____________________________________________________________________________ IP At MAC Address Count Len MAC Vendor / Hostname ----------------------------------------------------------------------------- 0.0.0.0 08:ea:40:f8:44:63 94 5640 SHENZHEN BILIAN ELECTRONIC CO.,LTD 192.168.2.155 24:be:05:e2:40:8f 13 780 Hewlett Packard 0.0.0.0 08:ea:40:f8:48:a2 82 4920 SHENZHEN BILIAN ELECTRONIC CO.,LTD 0.0.0.0 08:ea:40:fc:48:f3 82 4920 SHENZHEN BILIAN ELECTRONIC CO.,LTD 0.0.0.0 00:78:cd:03:d3:00 6 360 Ignition Design Labs 192.168.2.163 00:78:cd:03:d3:00 2 120 Ignition Design Labs 192.168.2.157 5c:cf:7f:73:26:55 13 780 Espressif Inc. 0.0.0.0 00:78:cd:01:05:b8 6 360 Ignition Design Labs 0.0.0.0 00:78:cd:03:d7:40 4 240 Ignition Design Labs
Layer 3 Discovery - Ping
Traceroute
- Use traceroute mode (–traceroute), be verbose (-V) in ICMP mode (-1) against the target (www.xxx.com):
-
- root@kali:~# hping3 --traceroute -V -1 www.xxx.com
- -q: brief output. -c: packets numbers. -d:packet site. -S:SYN packets. -p:Port Number. -w:tcp window size. --flood: shoot at discretion, replies will be ignored. --rand-source: hide source ip using a fake random ip.
-
- hping3 -q -c 10 -d 120 -S -w 64 -p 80 --flood --rand-source www.xxx.com
- fping -g 192.168.2.0/24 -c 1 | grep ms > results.txt
Layer 4 Discovery - Nmap
According to the official Nmap website –
Nmap Target Selection
Scan a single IP | nmap 192.168.2.1 |
Scan a host | nmap www.test.com |
Scan a range of IPs | nmap 192.168.2.1-20 |
Scan a subnet | nmap 192.168.2.0/24 |
Scan targets from a text file | nmap -iL list-of-ips.txt |
Nmap Port Selection
Scan a single Port | nmap -p 22 192.168.2.1 |
Scan a range of ports | nmap -p 1-100 192.168.2.1 |
Scan 100 most common ports (Fast) | nmap -F 192.168.2.1 |
Scan all 65535 ports | nmap -p- 192.168.2.1 |
Nmap Port Scan types
Scan using TCP connect | nmap -sT 192.168.2.1 |
Scan using TCP SYN scan (default) | nmap -sS 192.168.2.1 |
Scan UDP ports | nmap -sU -p 123,161,162 192.168.2.1 |
Scan selected ports - ignore discovery | nmap -Pn -F 192.168.2.1 |
Service and OS Detection
Detect OS and Services | nmap -A 192.168.2.1 |
Standard service detection | nmap -sV 192.168.2.1 |
More aggressive Service Detection | nmap -sV --version-intensity 5 192.168.2.1 |
Lighter banner grabbing detection | nmap -sV --version-intensity 0 192.168.2.1 |
Nmap Output Formats
Save default output to file | nmap -oN outputfile.txt 192.168.2.1 |
Save results as XML | nmap -oX outputfile.xml 192.168.2.1 |
Save results in a format for grep | nmap -oG outputfile.txt 192.168.2.1 |
Save in all formats | nmap -oA outputfile 192.168.2.1 |
Digging deeper with NSE Scripts
Scan using default safe scripts | nmap -sV -sC 192.168.2.1 |
Get help for a script | nmap --script-help=ssl-heartbleed |
Scan using a specific NSE script | nmap -sV -p 443 –script=ssl-heartbleed.nse 192.168.2.1 |
Scan with a set of scripts | nmap -sV --script=smb* 192.168.2.1 |
A scan to search for DDOS reflection UDP services
Scan for UDP DDOS reflectors | nmap –sU –A –PN –n –pU:19,53,123,161 –script=ntp-monlist,dns-recursion,snmp-sysdescr 192.168.2.0/24 |
HTTP Service Information
Gather page titles from HTTP services | nmap --script=http-title 192.168.2.0/24 |
Get HTTP headers of web services | nmap --script=http-headers 192.168.2.0/24 |
Find web apps from known paths | nmap --script=http-enum 192.168.2.0/24 |
Detect Heartbleed SSL Vulnerability
Heartbleed Testing | nmap -sV -p 443 --script=ssl-heartbleed 192.168.2.0/24 |
IP Address information
Find Information about IP address | nmap --script=asn-query,whois,ip-geolocation-maxmind 192.168.2.0/24 |
Scapy
>>> ARP().display()
###[ ARP ]###
hwtype= 0x1
ptype= IPv4
hwlen= None
plen= None
op= who-has
hwsrc= 00:0c:29:fc:11:ce
psrc= 192.168.2.20
hwdst= 00:00:00:00:00:00
pdst= 0.0.0.0
>>> sr1(ARP(pdst="192.168.2.1"))
Begin emission:
Finished sending 1 packets.
*
Received 1 packets, got 1 answers, remaining 0 packets
<ARP hwtype=0x1 ptype=IPv4 hwlen=6 plen=4 op=is-at hwsrc=00:78:cd:00:fd:f4 psrc=192.168.2.1 hwdst=00:0c:29:fc:11:ce pdst=192.168.2.20 |<Padding load='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' |>>
>>>
>> IP().display()
###[ IP ]###
version= 4
ihl= None
tos= 0x0
len= None
id= 1
flags=
frag= 0
ttl= 64
proto= hopopt
chksum= None
src= 127.0.0.1
dst= 127.0.0.1
\options\
>>> ICMP().display()
###[ ICMP ]###
type= echo-request
code= 0
chksum= None
id= 0x0
seq= 0x0
>>> sr1(IP(dst="192.168.2.1")/ICMP(),timeout=1)
Begin emission:
Finished sending 1 packets.
*
Received 1 packets, got 1 answers, remaining 0 packets
<IP version=4 ihl=5 tos=0x0 len=28 id=50232 flags= frag=0 ttl=64 proto=icmp chksum=0x3143 src=192.168.2.1 dst=192.168.2.20 |<ICMP type=echo-reply code=0 chksum=0xffff id=0x0 seq=0x0 |<Padding load='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' |>>>
>>> TCP().display()
###[ TCP ]###
sport= ftp_data
dport= http
seq= 0
ack= 0
dataofs= None
reserved= 0
flags= S
window= 8192
chksum= None
urgptr= 0
options= []
>>> sr1(IP(dst="192.168.2.1")/TCP(flags="S",dport=80),timeout=1)
Begin emission:
Finished sending 1 packets.
.*
Received 2 packets, got 1 answers, remaining 0 packets
<IP version=4 ihl=5 tos=0x0 len=44 id=0 flags=DF frag=0 ttl=64 proto=tcp chksum=0xb566 src=192.168.2.1 dst=192.168.2.20 |<TCP sport=http dport=ftp_data seq=3654116272 ack=1 dataofs=6 reserved=0 flags=SA window=29200 chksum=0x62bd urgptr=0 options=[('MSS', 1460)] |<Padding load='\x00\x00' |>>>
>>>
via Blogger https://ift.tt/3yIWPT4
May 23, 2021 at 02:54PM Threat Hunting
Deploy Web App to Vercel for Free to Show Visitor's Public IP Using Your Own Custom Domain
5/23/2021
Watch video on YouTube here: https://youtu.be/rnbQIQe2M4Y by Johnny Netsec
Terabox provides 1TB free space and provides web version plus IOS & Android clients for end user. It was just renamed from Dubox to Terabox recently. Dubox was launched on September 14, 2020, by C Popin, a Japanese subsidiary of Chinese search engine company Baidu. This product may actually be an overseas version of Baidu Netdisk(百度网盘). Baidu Netdisk asked for mobile phone numbers in mainland China around 2018, so foreign users couldn’t use the service. This may be why Baidu launched Dubox. Dubox provides free storage space up to 1TB (1,024 GB), and there is no limit on upload and download speed at this stage. But it banned access from users in Chinese mainland areas, which caused controversy on Weibo.
With the long history about Baidu Netdisk and the reputation for limiting free user's download speed, also deleting pirated content privately stored on Baidu Netdisk, in the future Terabox might use same strategy as Netdisk, which is thotting free user's ability then allowing user to pay for higher download speed and censor the content you stored privately.
Terabox Feature List
Free Terabox Features:
- 1024GB of free cloud storage to back up all your files.
- Upload multiple types of files to TeraBox.
- Multiple privacy protections.
- Safely storage your files with any devices.
- Quickly access recent and important files.
- Intelligent classified album.
- Sharing the files privately.
Premium Commercial Features:
- 2TB large space,
- download high-speed channel,
- video 2.0x speed playback,
- video automatic backup,
- 1080P playback,
- super large file upload
Subscription Price:
- $2.99 /month for consecutive months purchase,
- $3.99 /month for non-consecutive months purchase,
- $10.99 for non-consecutive quarters purchase,
- $38.99 /year for non-consecutive years purchase
Sharing
Remote Downloading by Uploading Torrent file
Tested with torrent file by creating a new BT task, it works well. You can close task window and tasks will continue run in background as long as you keep Terabox page opening.
Picture, Video & Music Playback directly
You can directly see the thumbnail of pictures and videos. Click it and watch the video from separate screen with 720p resolution for free user.
App
It is a pity Terabox does not provide a desktop client to sync from computer folders to cloud. But it does provide an IOS and Android app for mobile users.You can customize the sync folders and enable automatic backup feature, which is quite standard function. Sync speed is a bit slower than other cloud storage apps from my testing.
Common Cloud Storage Providers Limitations
1. Limited Free Space
Name | Link | Free Space |
---|---|---|
Ice Drive | https://icedrive.net/ | 10GB |
pCloud | https://www.pcloud.com/ | 10GB |
Mega | https://mega.nz/ | 50GB |
workdrive | https://www.zoho.com/workdrive/ | 20GB |
OneDrive | https://onedrive.live.com/about/en-us/ | 5GB |
Google Drive | https://www.google.com/drive/ | 15GB |
Dropbox | https://www.dropbox.com/ | 2GB |
IDrive | https://www.idrive.com/ | 5GB |
Amazon Drive | https://www.amazon.com/b?ie=UTF8&node=15547130011 | 5GB |
Sync | https://www.sync.com/ | 5GB |
Box | https://www.box.com/en-gb/drive | 10GB |
iCloud | https://www.apple.com/in/icloud/ | 5GB |
Yandex Disk | https://disk.yandex.com/ | 50GB |
Media Fire | https://www.mediafire.com/ | 10GB |
Koofr | https://koofr.eu/ | 10GB |
MiMedia | http://www.mimedia.com | 10GB |
Jumpshare | https://jumpshare.com/ | 2GB |
Note: https://ift.tt/31n05TR
2. Single File size restriction
from 100MB to 2GB
Baidu Netdisk is allowing 4GB for single file and paid user can go up to 20GB. Not able to find out any written statement, I am guessing Terabox might be using same limitation.
via Blogger https://ift.tt/344hYJh
May 21, 2021 at 10:29PM Cloud
Watch video on YouTube here: https://youtu.be/nJDj6YNy5_s by Johnny Netsec