Application of intranet penetration – How to use SFTP file transfer in Termux and combine with intranet penetration to achieve remote transmission

Article directory

    • 1. Install openSSH
    • 2. Install cpolar
    • 3. Remote SFTP connection configuration
    • 4. Remote SFTP access
    • 4. Configure a fixed remote connection address

SFTP (SSH File Transfer Protocol) is a file transfer protocol based on the SSH (Secure Shell) security protocol. Compared with the FTP protocol, SFTP uses encryption and authentication mechanisms to protect the security and integrity of data, and can transfer files in unsecured networks, so it is more secure and reliable.

The following describes how to use SFTP file transfer in termux and combine it with [cpolar intranet mapping tool] (cpolar – a secure intranet penetration tool) to achieve remote transmission.

1. Install openSSH

To use SFTP, we first need to install SSH. Enter the command to install openssh directly. There will be a prompt in the middle where you need to enter: Y and then continue the installation.

pkg install openssh

Start ssh, the open port defaults to 8022.

sshd

View username

whoami

You can see that the user name is u0_a42, you need to remember this!!!

image-20230609140951106

To change the password, enter the following command: After entering, you will be prompted to enter a new password. Just enter it as required. In this way, our openSSH installation is complete.

passwd

image-20230509135850913

2. Install cpolar

Create a folder sources.list.d:

mkdir -p $PREFIX/etc/apt/sources.list.d

Add cpolar to download source files

echo "deb [trusted=yes] http://termux.cpolar.com termux extras" >> $PREFIX/etc/apt/sources.list.d/cpolar.list

Update repository

pkg update

Install cpolar

pkg install cpolar

Install termux service, note: After the installation is complete, remember to close and restart termux for it to take effect!!

pkg install termux-services

After restarting termux, then start cpolar

sv up cpolar

Set up auto-start at power on

sv-enable cpolar

This is to stop the cpolar service

sv down cpolar

cpolar.yml main configuration file path location

$PREFIX/etc/cpolar/cpolar.yml

Then we enter http://localhost:9200 in the mobile browser to see the cpolar management interface. You can log in using the account registered on the cpolar official website.

cpolar official website: https://www.cpolar.com

image-20230509155942139

3. Remote SFTP connection configuration

Open the cpolar management interface in the mobile browser. We click Tunnel Management – Create Tunnel on the left dashboard. Since the default SSH connection is port 8022, we need to create a tcp tunnel pointing to port 8022:

  • Tunnel name: Customizable, be careful not to repeat it
  • Protocol: tcp
  • Local address: 8022 (default port)
  • Domain name type: Random temporary TCP domain name
  • Region: Select China VIP

Click Create

image-20230609144608727

After creation, open the online tunnel list and view the generated random public network tcp address.

image-20230609144634409

4. Remote SFTP access

We open any SFTP client tool, select SFTP, enter the public network address and corresponding port we created in cpolar, and then enter the username and password to access successfully (this article uses winSCP as an example, the same applies to other clients)

image-20230609151418685

After connecting, we select the usr directory and you can see the directories under usr listed. The connection is successful.

image-20230609151537934

4. Configure a fixed remote connection address

It should be noted that the above steps use cpolar’s random temporary TCP port address, and the generated public network address is a random temporary address, which will change randomly within 24 hours. Next, we configure a fixed TCP port address for it. This address will not change. After setting it, there will be no need to modify the address repeatedly every day.

Configuring a fixed TCP port address requires upgrading cpolar to the Professional Edition package or above.

Reserve a fixed tcp address

Log in to the cpolar official website, click Reserve on the left, and find the reserved TCP address. Let’s reserve a fixed TCP address for Minecraft:

  • Region: Select China vip
  • Description: Notes, customizable

Click Keep

image-20230609152730361

After the address is successfully reserved, the system will generate the corresponding fixed public address and copy it.

image-20230609152806010

Configure the fixed tcp address, return to the cpolar web ui management interface on the mobile browser, click Tunnel Management – Tunnel List on the left dashboard, find the tcp tunnel we created above, click Edit

image-20230609152911630

Modify the tunnel information and configure the successfully reserved fixed tcp address into the tunnel.

  • Port type: modified to fixed tcp port
  • Reserved tcp address: fill in the address successfully reserved by the official website,

Click Update

image-20230609152948909

After the tunnel is successfully updated, click the status on the left dashboard – Online Tunnel List, and you can see that the public network address has been updated to a fixed TCP address.

image-20230609153030167

Above we set and fixed the public network address for remote access to the Termux SFTP file configured in cpolar. Now we use the SFTP client tool to test the connection.

image-20230609153210972

Similarly, listing the file list indicates that remote access is successful. In this way, we have set a fixed public network address for SFTP to access files in Termux.

image-20230609153358359