Thursday, November 21, 2013

Lighttpd basic configuration for OpenWEBMAIL on OpenBSD

In the last days i have been playing with Apache and SpeedyCGI to make openwebmail perl scripts to run faster but until now i havet been able to doit on OpenBSD 4.8 machine, i know i have to UPGRADETHEF...SYS but i ll doit i promise but since i was not able to doit i have to look for alternatives and this one is using lighttpd since its a good example for fast and light webserver now im playing to use at the en nginx since OpenBSD crowd has moved to that server, any way here it is the very very basi configuration for lighttpd.conf for serving openwebmail files

server.modules     = (
                               "mod_rewrite",
                               "mod_redirect",
                               "mod_alias",
                               "mod_access",
                               "mod_fastcgi",
                               "mod_cgi",
                                "mod_accesslog" )

server.document-root         = "/var/www/htdocs/"
alias.url = ( "/cgi-bin/" => "/var/www//cgi-bin/" )
accesslog.filename             = "/var/www/logs/access.log"
server.errorlog                  = "/var/www/logs/error.log"
server.use-ipv6 = "enable"
$SERVER["socket"] == "0.0.0.0:80" { }
url.access-deny             = ( "~", ".inc" )
$HTTP["url"] =~ "\.pdf$" {
  server.range-requests = "disable"
}
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
server.pid-file            = "/var/run/lighttpd.pid"
# chroot() to directory
#server.chroot              = "/var/www/"
server.user                      = "www"
server.groupname            = "www"
cgi.assign = ( ".pl" => "")

i omit the lines that i did not touch so here is the basic for serving openwebmail but thereis nothing with php or fastcgi or any other 
  |
{|:{
  |

Posted by at No comments:

Thursday, November 7, 2013

FIx proxychais-metasploit postgresql connection FAIL

The last days i have been trying to use metasplot with proxychains just to play with and learn a little i have just figure out the basic use of proxychains and metasploit but when i went to use metasploit with proxychains the problems came out:

 |S-chain|-<>-127.0.0.1:9050-<><>-127.0.0.1:5432-<--denied
[-] Failed to connect to the database: could not connect to server: Connection refused
    Is the server running on host "127.0.0.1" and accepting
    TCP/IP connections on port 5432?

 so i start reading firs over the internet and found that i have to tweak the proxychain.config file in order to fix the problem i got it from this site:
https://forums.kali.org/showthread.php?17233-Proxychains-and-Metasploit
+
 ~----> /etc/proxychains.conf:::localnet 127.0.0.1 000 255.255.255.255

 use the line above with no luck so i check out if postresql were up, and it ware not so i start it up but the problem still there and after several tries to fix the problem using the localnet configurations none of thease seems to work then i try to set up tor over different network so proxychains does not get confused on when to proxying the request but this does not fix the problem 

  |
[|:¬(
 |

after several tries to fix this problem i have just get it fixed and stated that:
check out tor works ok
$ sudo service tor start|status
check out postgre
$ sudo service postgresql start|status
and finally

$ sudo proxychains msfconsole
BINGO!!!
 |
[|:¬)
 |
so all the time the problem were this the use of sudo wich means that when proxychains tries to bind up with postgres then the system does not allow it why i could not see this on the logs well i was not checking the logs DAMM! but here is the correction

i found this on the log for tor /var/log/tor/log

Nov 07 13:09:39.439 [warn] Your application (using socks4 to port 5432) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS. [1 similar message(s) suppressed in last 5 seconds]
Nov 07 13:09:39.454 [warn] Rejecting SOCKS request for anonymous connection to private address [scrubbed]
Nov 07 13:09:39.462 [warn] Rejecting SOCKS request for anonymous connection to private address [scrubbed]

now using sudo:

Nov 07 13:11:49.728 [warn] Your application (using socks4 to port 53) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.

meaning no complains :0
Posted by at No comments:

Tuesday, November 5, 2013

Metasploit on Linux Mint 13

here are the steps i use to install Metasplot framework on Linux Mint 13 i have just use the tutorial by darkoperator http://www.darkoperator.com/installing-metasploit-in-ubunt/ but in practice when i follow the instructions there were some errors so i put all my steps with the changes! here they are no explanations at all if u want the explanation go to darkoperator tuto  : p

UPDATEs
$ sudo apt-get update
$ sudo apt-get upgrade

INSTALLs packages needed
$ sudo apt-get install build-essential libreadline-dev  libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre subversion git-core autoconf postgresql-9.1 pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev ruby1.9.3
$ sudo gem install wirble sqlite3 bundler

NMAP
$ mkdir ~/Development
$ cd ~/Development
$ svn co https://svn.nmap.org/nmap
$ cd nmap
$ ./configure
$ make
$ sudo make install
$ make clean

USERSnDBs
$ sudo -s
$ su postgres
$ createuser msf -P -S -R -D
$ createdb -O msf msf
$ exit
$ exit

Framework
$ cd /opt
$ sudo git clone https://github.com/rapid7/metasploit-framework.git
$ cd metasploit-framework
$ sudo bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'
$ curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage-latest.tgz
$ sudo tar -xvzf /tmp/armitage.tgz -C /opt
$ sudo ln -s /opt/armitage/armitage /usr/local/bin/armitage
$ sudo ln -s /opt/armitage/teamserver /usr/local/bin/teamserver
$ sudo mkdir -p /usr/local/share/armitage
$ sudo su
# echo java -jar /usr/local/share/armitage/armitage.jar \$\* > /usr/local/share/armitage/armitage
# exit
$ touch /usr/local/share/armitage/teamserver
$ perl -pi -e 's/armitage.jar/\/usr\/local\/share\/armitage\/armitage.jar/g' /usr/local/share/armitage/teamserver
$ bundle install

create the database.yml file that will contain the configuration parameters that will be use by framework:
$ sudo joe /opt/metasploit-framework/database.yml
 production:
   adapter: postgresql
   database: msf
   username: msf
   password:
   host: 127.0.0.1
   port: 5432
   pool: 75
   timeout: 5
 
provide the password you entered in the user creating step in the password field for the database:
$ sudo su
# sh -c "echo export MSF_DATABASE_CONFIG=/opt/metasploit-framework/database.yml" >> /etc/profile
# source /etc/profile
# exit

i did not found the pcaprub on /opt/metasploit-framework/external as the tutorial says so i use git as the git web page of pcabrub says
$ git clone git://github.com/shadowbq/pcaprub.git
$ cd /opt/metasploit-framework/external/pcaprub/
$ sudo ruby ext/pcaprub/extconf.rb
$ sudo make && sudo make install
-oxes ~ $ msfconsole
WARNING: Nokogiri was built against LibXML version 2.8.0, but has dynamically loaded 2.7.8

Unable to handle kernel NULL pointer dereference at virtual address 0xd34db33f
EFLAGS: 00010046
eax: 00000001 ebx: f77c8c00 ecx: 00000000 edx: f77f0001
esi: 803bf014 edi: 8023c755 ebp: 80237f84 esp: 80237f60
ds: 0018   es: 0018  ss: 0018
Process Swapper (Pid: 0, process nr: 0, stackpage=80377000)


Stack: 90909090990909090990909090
       90909090990909090990909090
       90909090.90909090.90909090
       90909090.90909090.90909090
       90909090.90909090.09090900
       90909090.90909090.09090900
       ..........................
       cccccccccccccccccccccccccc
       cccccccccccccccccccccccccc
       ccccccccc.................
       cccccccccccccccccccccccccc
       cccccccccccccccccccccccccc
       .................ccccccccc
       cccccccccccccccccccccccccc
       cccccccccccccccccccccccccc
       ..........................
       ffffffffffffffffffffffffff
       ffffffff..................
       ffffffffffffffffffffffffff
       ffffffff..................
       ffffffff..................
       ffffffff..................


Code: 00 00 00 00 M3 T4 SP L0 1T FR 4M 3W OR K! V3 R5 I0 N4 00 00 00 00
Aiee, Killing Interrupt handler
Kernel panic: Attempted to kill the idle task!
In swapper task - not syncing


         =[ metasploit v4.8.0-dev [core:4.8 api:1.0]
+ -- --=[ 1216 exploits - 661 auxiliary - 189 post
+ -- --=[ 322 payloads - 30 encoders - 8 nops

msf >
hummmm (}:{)

-oxes ~ $ msfconsole
WARNING: Nokogiri was built against LibXML version 2.8.0, but has dynamically loaded 2.7.8
Call trans opt: received. 2-19-98 13:24:18 REC:Loc

     Trace program: running

           wake up, Neo...
        the matrix has you
      follow the white rabbit.

          knock, knock, Neo.

                        (`.         ,-,
                        ` `.    ,;' /
                         `.  ,'/ .'
                          `. X /.'
                .-;--''--.._` ` (
              .'            /   `
             ,           ` '   Q '
             ,         ,   `._    \
          ,.|         '     `-.;_'
          :  . `  ;    `  ` --,.._;
           ' `    ,   )   .'
              `._ ,  '   /_
                 ; ,''-,;' ``-
                  ``-..__``--`

                             http://metasploit.pro


         =[ metasploit v4.8.0-dev [core:4.8 api:1.0]
+ -- --=[ 1216 exploits - 661 auxiliary - 189 post
+ -- --=[ 322 payloads - 30 encoders - 8 nops

msf >
           |
yeay ! {|:)
           |
Posted by at No comments:
Subscribe to: Posts (Atom)