当前位置：网站首页>[Galaxy Kirin V10] [desktop and server] FRP intranet penetration

[Galaxy Kirin V10] [desktop and server] FRP intranet penetration

2022-07-04 10:32:00 【GUI Anjun @kylinos】

1、frp Introduce

frp It is a high performance reverse proxy application focusing on Intranet penetration , Support TCP、UDP、HTTP、HTTPS Other protocols . You can make intranet services secure 、 Convenient way through the public network IP Node transfer is exposed to the public network .

frp amd64 Version download address ：

link ：https://pan.baidu.com/s/1dWJAOmzgvKkCs-7lyyOamg

Extraction code ：kdml

Official documents ：https://gofrp.org/docs/

Official website download address ：

https://github.com/fatedier/frp/releases

( contain amd64、arm64、mips64el、linux Source package and windows package ）

2、 Experimental environment

Internet host ：centos7.5 x86_64 Hua Wei Yun Public network ip：124.71.168.106

Intranet host ： Galaxy Unicorn V10 Desktop 0710 x86_64 Intranet ip：192.168.1.5（ Both server and desktop versions are ok ）

The network environment ： Intranet hosts can access the Internet

The experiment purpose ： You can access the intranet host through the external host , Achieve intranet penetration , With ssh service 22 Port as an example , Through the external network host, you can ssh To intranet host

3、frp Server side （ Internet host ） build

# tar -xvf frp_0.26.0_linux_amd64.tar.gz // download frp Install the package and unzip

# cd frp_0.26.0_linux_amd64

# vim frps.ini // Modify the server configuration file ,frps finger server End ,frpc finger client End

[common]
# The port bound to the client for communication , Just find a port that is not in use 
bind_port = 7000

#http Access port of , Not http The agreement may not be written , Just find a port that is not in use 
vhost_http_port=6781

#https Access port of （ If necessary ）
vhost_https_port = 6782,, Just find a port that is not in use

# ./frps -c ./frps.ini // The business environment can be executed in the background , The terminal execution here is for the convenience of reading logs

4、frp client （ Intranet host ） build

# tar -xvf frp_0.26.0_linux_amd64.tar.gz // download frp Install the package and unzip

# cd frp_0.26.0_linux_amd64

# vim frpc.ini // modify frp Client configuration file ,frps finger server End ,frpc finger client End

[common]
# Internet host address 
server_addr = 124.71.168.106

# The port bound to the server for communication 
server_port = 7000     # Keep consistent with the port used by the server 


[ssh]
type = tcp             # agreement 
local_ip = 127.0.0.1   # Local intranet host ip
local_port = 22        # Local intranet host ssh Actual port 
remote_port = 6000     # The port used for forwarding the external network host of the server , Just find a port that is not in use 


# Here is web and rdp Templates , You can leave it blank if you don't need it 
#[http]
#type = http
#local_port = 1444
#remote = 6001
#custom_domains = www.xxxx.com

#[rdp]
# Part is to connect Windows Remote desktop 
#type = tcp
#local_ip = 127.0.0.1
#local_port = 3389
#remote_port = 3389
#custom_domains = www.xxxxx.cn

# ./frpc -c ./frpc.ini // The business environment can be executed in the background , The terminal execution here is for the convenience of reading logs

5、 Connectivity check

When both the server and the client are started , You can go to the external network host of the server to see that the connection between the server and the client is successful