TEST12138

TEST12138

长路漫漫,唯心作伴。
HomeArchives友链

Set up a web service using an old unused mobile phone and use Cloudflare for internal network penetration, allowing domain name access.

#cloudflare213
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This article explains how to set up a web service using an old smartphone and Cloudflare's tunneling feature. It provides step-by-step instructions on installing the necessary software, setting up SSH, obtaining the IP address, connecting to the smartphone via SSH, and installing Linux. It also includes instructions on configuring Cloudflare's tunneling service and testing the setup. The article concludes by mentioning that Cloudflare's tunneling feature supports other services as well, with further details available in the documentation provided.

Preparation#

An old phone that is still functional (a new phone will also work)

Termux software

A domain name (you can get a free one from Freenom)

A Cloudflare account with domain proxy enabled

Installing Linux on Termux#

I will demonstrate the process on an Android 11 phone

Screenshot_20221215-153446_Settings.pngScreenshot_20221215-153437_Android_System.pngScreenshot_20211217-021318_Pixel_Launcher.png

After installation, open Termux

Screenshot_20211217-021336_Termux.png

Installing openssh#

Since it's not easy to operate on a phone, I will use ssh. If you are comfortable operating on a phone, you can skip this step. Alternatively, you can install any other ssh software you prefer.

After opening the software, enter pkg install openssh (I forgot to take a screenshot here)

After installation, enter passwd to set a password

Then enter sshd to start openssh

Enter whoami to get the username

Screenshot_20221214-150646_Termux.png

Enter ifconfig to get the IP address

Connecting via ssh from a computer#

The port is the port of the ssh service, and the default port for openssh is 8022

On your computer, use ssh -p port username@ip_address to connect (replace port with the actual port number and username@ip_address with the username and IP address you obtained earlier)

微信图片_20221215161630.png

Installing Linux#

Once connected, enter bash <(curl -L gitee.com/mo2/linux/raw/2/2) to install Linux

You can use other installation methods if you prefer. If you have another method, you can skip this step.

微信图片_20221215161848.png

Choose the first proot container

You may see a screen to choose the container again, but I didn't capture it. Just choose the first proot container again.

微信图片_20221215161953.png

Choose the first neon option

微信图片_20221215162139.png

Choose any font you like

微信图片_20221215162316.png

Choose the first option

微信图片_20221215162347.png

Choose the first option

微信图片_20221215162408.png

Choose the Linux distribution you want to use. However, please note that the official Cloudflare documentation only supports a few Linux distributions.

微信图片_20221215162431.png

微信图片_20221215162639.png

You can just click through the rest

I recommend installing a VNC server on this screen because later on, Cloudflare will require browser login, which requires a graphical interface.

微信图片_20221215163052.png

微信图片_20221215163108.png

微信图片_20221215163134.png

Installing and starting the web service#

You can search for instructions on how to install a web service

Installing cloudflared#

Go to https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/ and choose the appropriate installation method for your operating system

微信图片_20221215163512.png

If you're not sure which one to choose, click on "Cloudflare package repository"

微信图片_20221215162639.png

Follow the instructions in the official documentation to install (I forgot to take a screenshot here)

Logging in and creating a tunnel#

Then open a remote desktop connection

微信图片_20221215163959.png

In the terminal, enter cloudflared tunnel login

微信图片_20221215164040.png

A link will appear, click on the link to log in

微信图片_20221215164244.png

微信图片_20221215164255.png

After logging in, click on the link in the terminal again and select your domain name

VNC might be slow, so now go back to the ssh terminal. Enter cloudflared tunnel create tunnel_name to create a tunnel. You can choose any name for the tunnel (replace tunnel_name with your desired name).

Then enter cloudflared tunnel list to check if the tunnel has been successfully created and copy the tunnel ID

Binding the domain name#

Enter cloudflared tunnel route dns tunnel_name domain_name to bind the domain name

tunnel_name is the name of the tunnel you created earlier, and domain_name is your own domain name

微信图片_20221215165309.png

Writing the configuration file#

Enter nano ~/.cloudflared/config.yml to write the following configuration

tunnel: <tunnel_ID>
credentials-file: /root/.cloudflared/<tunnel_ID>.json
protocol: http2
originRequest:
  connectTimeout: 30s
  noTLSVerify: false
ingress:
  - hostname: <domain_name>
    service: http://localhost:port
  - service: http_status:404

If you want to open multiple ports, you can follow the example in the image below

微信图片_20221215165808.png

After saving, enter

nano /etc/systemd/system/cloudflared.service

and write the following

[Unit]
Description=cloudflared
After=network.target

[Service]
TimeoutStartSec=0
Type=notify
ExecStart=/usr/bin/cloudflared --loglevel debug --transport-loglevel warn --config /root/.cloudflared/config.yml tunnel run <tunnel_name>
Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target

微信图片_20221215170228.png

Make sure there are no line breaks

Save the file

Starting the service#

Enter systemctl enable cloudflared --now

微信图片_20221215170328.png

Testing if it's successful#

Open the website and see if the penetration is successful

微信图片_20221215170332.png

Other#

Other services are also supported, please refer to the documentation

https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/ingress/

c657d87d50a86bfd998e5b6cdacdb45.png

To access via ssh, you need to set up the local terminal

https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/use_cases/ssh/

微信图片_20221215171444.png

To access via ssh in a browser, you need to configure it in the Cloudflare Zero panel. You can refer to the documentation or I can write another post about it.

I have tested that running a web service on Termux can also be accessed through Linux, so it should not be limited to software. You can also try installing KSWeb on your phone.

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.