Copy IP address? Steal? Connect to company network / use company IP address at home?

Vi
37

I need your help in the field of IT. Mostly I work in the workplace. However, I have been traveling a lot since the New Year and need to access important data with my PC. We have our own company network (domain) - unfortunately I can't explain… On the / we need to access regularly. When I'm in my workplace, it's enough to log in and you're inside. But if I'm on the road now, the system will not let me down, because I have a different IP address than the one at work. Of course I could take my company's laptop / pc with me, but on my own it's a lot more comfortable and I have to lug around all the corporate hardware.

Now I have the IP address of the company PC. I also have more information, but I do not know what to do with it.

Useragent: Mozilla / 5.0 (Windows NT 6.1, Win64, x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 70.0.3538.110 Safari / 537.36 as well as the IP address which does not want to publish now.

I know that I have to put this information into my PC somehow so that I have access to the company website (login page). Unfortunately I research it after 3 days, try it out… Still NOT done. I even bought the Nord VPN program, with the hope that I paste this data by Copy and Past and click on Start. Unfortunately failed:-(

It's really important that it works on my own laptop.

P.s I read that I still need a port for the IP address, but I do not have it. Unfortunately, I can't continue. Do you know how I can do that? (-am own PC and not take the company PC) Does anyone have experience?

Po

You could leave your company PC on and then connect to the company network via Remote Desktop or SSH.

Problems are:

1.) The PC should not run permanently

2.) Additional vulnerability by creating an interface.

Problem 1 could be solved by setting up or setting up a server or a Raspberry Pi as an access point or by using existing servers.

However, using the existing server does not necessarily work. It would be simpler, your PC simply in the firewall to whitlists, but also causes problems from point 2 …

Point 2 Should you tell the company head of IT security whose job is to guarantee it.

I advise you to deal with the responsible person for the IT of your company, also, because otherwise you might be liable for possible security gaps, if the connection was not approved by the IT.

Em

I suspect that will be bound as already described IP. If your company laptop has no problems connecting to the company network while on the road, then it seems likely that a VPN tunnel will be set up. Runs the company laptop only in the company smoothly, then you could run it there permanently and on it, for example. Install Openvpn as a server to create a VPN tunnel to the company laptop and thus to the company internal network.

The above solutions would now rather be the custom solutions, it would be better to ask a sysadmin the company which possibilities exist, maybe there's already a workaround to the problem.

Vi

Thanks, but I got this information from the IT. (User Agent: Mozilla / 5.0 (Windows NT 6.1, Win64, x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 70.0.3538.110 Safari / 537.36 and the IP address) You have guaranteed that it is possible to be from the outside connect. Unfortunately I can't use a stream or something similar. It's really hard to explain, but outside the firm I do not have access to the laptop or the hardware. I have to somehow program this information into my PC or the company server has to think when logging in the username and password that I log in from the company. At least that's what IT has told me.

Vi

Thanks, but I got this information from the IT. (User Agent: Mozilla / 5.0 (Windows NT 6.1, Win64, x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 70.0.3538.110 Safari / 537.36 and the IP address) You have guaranteed that it is possible to be from the outside connect. Unfortunately I can't use a stream or something similar. It's really hard to explain, but outside the firm I do not have access to the laptop or the hardware. I have to somehow program this information into my PC or the company server has to think when logging in the username and password that I log in from the company. At least that's what IT has told me.

Po

Give it to the IT your laptop and let the set up…

Maybe they did not tell you something important, because they assumed that would be natural… That happens very often with IT…

How did you enter the address into your browser?

Would have to be an IPV6 or a DomainName, otherwise that is not clear…

Po

By the way, what IT has given you looks more like a weblog than a guide… Sure they understood you correctly and did not just give you the data of the PCs you've logged in with?

Vi

So logging in with this is very simple. I open the company website go to the loggin area and enter username and password. After that, I'm usually inside. But somehow the company network always recognizes when I access it from another PC. It wants to do a biometric scan. But the necessary stuff, so the test system is in the company and I do not want to take the heavy suitcase to check always. That's why I got this information, so IP… And I was told to simply program (it was a process of several hours) but then no biometrics is needed anymore.

Vi

That's exactly what they did. They only gave me the dats of the PCs. Sorry that it has come across wrong. But I'm supposed to program the data into my personal PC, which will make the login site think I'm logging in from the company.

Po

The longing of you as a layman, that you carry out a process of several hours to "hack" into the corporate network?

Somehow it seems to me that IT was just too lazy to set it up for you ;-)

Well… Where exactly should you program that?

Did they tell you where to enter something?

Have you given any key to replacing the biometric scan? If not, this would be relatively pointless if you could just handle it without a key.

Vi

YES, I got the biometrics. However, this test is one - I do not want to overdo it but 15kg case - inside. This is really annoying to always drag along. At first I did it, but now I need daily access outside the company. That's why with the IP and such. And the IT is that I always have the Biometric suitcase with me. However, a friend of mine is working in IT and has given me this info. He did it too. Currently he is on a mission in Afghanistan and I can't contact him.

Po

So:

1.) To be legally on the safe side you should use the biometric suitcase and possibly ask for a lighter copy.

2.) If your friend has given you tips on how to reverse the biometric test, then this vulnerability should actually be fixed rather than exploited.

If you still want to take advantage of them, you'll have to ask your friend for advice, who can set up the whole thing for you. This is a bit too special to give a general answer…

Vi

Yes, that will be a bit difficult, But I found a website, where is how to do something. Unfortunately, it did not work for me. I do not even know if it's the right one, but a try would be worth it. Or?

https://praxistipps.chip.de/...gehts_9609

Po

Now,

1.) You probably have to pretend another MAC

2.) Should you test if pretending works. On the website is a page linked to the test… Whether this is reliable I do not know, because I get myself checking only nonsense… But synonymous with other sites…

So maybe you can compare the displayed with other IP ad pages…

Vi

Thanks for your help. Unfortunately, the setting with the IP address does not work for me. So when I stop it I suddenly have no internet anymore. No matter what IP address I use. I'll have to continue researching:-( Thanks anyway for the support ;-)

Po

No more internet when using a proxy…

That sounds more like a problem for the Girlfriend community…

1.) Which browser do you use?

2.) Did you create an account with Xroxy or a similar provider, as mentioned in the instructions ku7rz?

Or what did you enter as a proxy?

Vi

I've tried Mozilla, Chrome, Safari, Opera (Developer) and more. Also in the Mac settings. With Xroxy I selected some IP addresses with haven number and then into the attitudes with manual IP address inserted. I have not registered / logged in.

Po

Your IP will then be redirected via this proxy you picked out…

That brings relatively little… In itself you would have to set up a proxy as a proxy in your network.

But honestly, I do not think it really is the IP that you have to fake…

Since you should ask your friend again more precisely…

Vi

Yes I do.

Em

You thought you should only customize the user agent? He does not even look special. Well, have you ever tried the user agent as a header to send instead of the original?

Vi

No, because I do not know how to do it.

Em

Which browser do you want to use?

Vi

It does not matter. I have all

Em

Then you should call me your preferred browser. It will require a browser plugin to manipulate the header.

Vi

So I prefer Google Chrome.

Em

Install the plugin https://chrome.google.com/...dake?hl=de

and add

Mozilla / 5.0 (Windows NT 6.1; Win64; x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 70.0.3538.110 Safari / 537.36

added. On the company website you then set the preferred user agent via plugin (select).

To test if the plugin can do its job properly callhttp://whatsmyip.org/more-info-about-you/.

Vi

WOW Thank you. It worked. Now only the IP address. Can ihc also change this tool?

Em

Now you have to know how you mean the question. You do not want to change (and possibly can't) the IP address with which the TCP stream is running - unless you use a VPN tunnel. If the X-Forwarded-For header plays a role (which I now rather not go out in the case) of course this can be adjusted.

Vi

That's a really good question. I'll try it, maybe I'll join the network. If not, I'll keep watching ;-)

Vi

Unfortunately it did not work. I do not know if I should publish it here, but the IP address is 87.12 * .200.1 * 6

Em

Which services do you want to access? Is there a statement from the IT department?

Vi

So I want to access the HR service. From there I can see where I have to go, which job was assigned to me, can submit my reports and more. But I also have access to all my corporate accounts. I could handle it, but then I would always have to take my biometric scanner with me. I do not want to overdo it, but it weighs 15 KG. With this device, I can access all data in seconds, without having to change a user agent IP address. Unfortunately, I travel a lot this year and it is really annoying to always carry the device along. My friend (who is responsible in the IT department) gave me this information at the end of the year to change the user agent and IP address. Apparently you can thus easily bypass the biometric scan. Unfortunately, I do not get any support from the IT because my company insists that I always carry all the stuff with me. At the moment my friend is traveling to Afghanistan and can't provide any further support.

Em

Okay, so it stays with HTTP (S) as far as I understand. It would be convenient, if you would access https://license.pproj.de/header.php times from the company laptop, in the connection via private laptop and me the data could send by mail (for data protection reasons - if you do not care you can of course post them publicly:-)).

Ch

Completely wrong approach. Let the IT department explain how you can get the data from home! And with this I mean: If that is allowed for you, they have the task of explaining it in a way that you understand it.

All other ways are partly illegal (they can be seen as an attack on the corporate network) or hopeless. And if they work, someone in the IT department has shamed - that's what you should report, not exploit!

And no, it's not the IP of your computer. You obviously do not know enough of networks than I could explain it here in 200 words. In any case, you either need a secure resource on the Internet (web interface, such as Citrix) or a VPN. You can't set up both, but it has to be created in the company IT.

Vi

OK, that would have been done. Here's the data:

HTTP_CF_CONNECTING_IP = 5.146.249.29

HTTP_COOKIE = __ = cfduid d14fd467d0b7ffe71bdb32d3be21f898a1546687116

HTTP_ACCEPT_LANGUAGE = DE-DE, q = 0.9, en-US; q = 0.8, en; q = 0.7

HTTP_REFERER =

HTTP_ACCEPT = text / html, application / xhtml + xml, application / xml; q = 0.9, image / webp, image / apng, * / *; q = 0.8

HTTP_USER_AGENT = Mozilla / 5.0 (Windows NT 6.1; Win64; x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 70.0.3538.110 Safari / 537.36

HTTP_UPGRADE_INSECURE_REQUESTS = 1

HTTP_CACHE_CONTROL = max-age = 0

HTTP_CF_VISITOR = { "scheme", "https"}

HTTP_X_FORWARDED_PROTO = https

HTTP_CF_RAY = 4945a373dc21c77b-AMS

HTTP_X_FORWARDED_FOR = 5.146.249.29

HTTP_CF_IPCOUNTRY = EN

HTTP_ACCEPT_ENCODING = gzip

HTTP_CONNECTION = Keep-Alive

HTTP_HOST = license.pproj.de

Em

Which computer does this data come from? What data does the other computer output?

Vi

The data was sent to me by my colleague from the company computer. I'm now outside the company for a longer period. My own data is currently: HTTP_CF_CONNECTING_IP = 85.248.157.230

HTTP_COOKIE = NO REQUEST

HTTP_ACCEPT_LANGUAGE = DE-DE, q = 0.9, en-US; q = 0.8, en; q = 0.7

HTTP_REFERER =

HTTP_ACCEPT = text / html, application / xhtml + xml, application / xml; q = 0.9, image / webp, image / apng, * / *; q = 0.8

HTTP_USER_AGENT = Mozilla / 5.0 (Macintosh, Intel Mac OS X 10_13_6) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 71.0.3578.98 Safari / 537.36

HTTP_UPGRADE_INSECURE_REQUESTS = 1

HTTP_CACHE_CONTROL = max-age = 0

HTTP_CF_VISITOR = { "scheme", "https"}

HTTP_X_FORWARDED_PROTO = https

HTTP_CF_RAY = 494d03b84fdd5a20-VIE

HTTP_X_FORWARDED_FOR = 85248157230

HTTP_CF_IPCOUNTRY = SK

HTTP_ACCEPT_ENCODING = gzip

HTTP_CONNECTION = Keep-Alive

HTTP_HOST = license.pproj.de

Em

It would be convenient if you had both laptops at home and could provide the data of both as a direct comparison.