Categories
HowTos Linux

Disable SSH timeout

If you ever see your SSH session gets killed, don’t panic ๐Ÿ˜€ There is nothing wrong, you need to modify the following directives in your /etc/ssh/sshd_config

vim /etc/ssh/sshd_config

Update these directives :

TCPKeepAlive yes
ClientAliveInterval 30
ClientAliveCountMax 99999

Restart ssh daemon

/etc/init.d/sshd restart

DONE!

Categories
HowTos Linux Penetration Testing Privilege Escalation

How to install FireSheep on Linux

What is FireSheep ?

Come on damn.. Its not new! ๐Ÿ˜€ Its an old firefox addon. I am explaining it here for how can you use or install it on Linux.

Lets start ;

Taking Checkout from the repository :

git clone https://github.com/codebutler/firesheep.git

Output :

Initialized empty Git repository in /root/firesheep/.git/
remote: Counting objects: 1020, done.
remote: Compressing objects: 100% (605/605), done.
remote: Total 1020 (delta 589), reused 770 (delta 402)
Receiving objects: 100% (1020/1020), 5.48 MiB | 123 KiB/s, done.
Resolving deltas: 100% (589/589), done.

cd firesheep/
git submodule update --init

Output :

Output :Submodule ‘backend/deps/http-parser’ (git://github.com/ry/http-parser.git) registered for path ‘backend/deps/http-parser’
Initialized empty Git repository in /root/firesheep/backend/deps/http-parser/.git/
remote: Counting objects: 815, done.
remote: Compressing objects: 100% (328/328), done.
remote: Total 815 (delta 549), reused 735 (delta 483)
Receiving objects: 100% (815/815), 185.18 KiB | 95 KiB/s, done.
Resolving deltas: 100% (549/549), done.
Submodule path ‘backend/deps/http-parser’: checked out ‘459507f534c807d8ba741730fbc36d4b93b133c1’

Dependencies :

apt-get install libpcap-dev xulrunner-1.9.2-dev libboost-all-dev libtool libhal-dev autoconf

Compilation :

./autogen.sh
make

DONE!

How to Load it into Firefox?

firefox build/firesheep.xpi

Categories
HowTos Linux

Highly Anonymous Proxy squid 2.6 stable21 release

Anonymous proxy is used to hide your source information that includes UserAgent, YourIP, and many other header information can be hide easily.

In this Howto, we will configure our proxy to work highly anonymously with squid authentication, We will use CEntOS 5.5 with squid 2.6 stable21 release.

Squid Installation

yum install squid

User Authentication

User authentication is necessary to restrict it for personal use only.

vi /etc/squid/squid.conf

add;

auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl px-users ident testuser
http_access allow all px-users

save the file.

htpasswd -md /etc/squid/passwd testuser

New password:
Re-type new password:

service squid start

Now, set your browser to use this newly configured proxy and go to Verify your proxy header and you should see following header;

HTTP_CACHE_CONTROL:max-age=259200
HTTP_CONNECTION:keep-alive
HTTP_VIA:1.1 hackersgarage.com:2312 (squid/2.6.STABLE21)
HTTP_CONTENT_LENGTH:0
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_CHARSET:ISO-8859-1,utf-8;q=0.7,*;q=0.7
HTTP_ACCEPT_ENCODING:gzip, deflate
HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5
HTTP_HOST:www.proxydetect.com
HTTP_USER_AGENT:Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
HTTP_X_FORWARDED_FOR:222.223.32.13

๐Ÿ™ Ops.. It is disclosing all information are we running. Lets make it highly anonymous.

Making it Highly Anonymous Proxy

Before making it highly Anonymous Proxyย  Note WARNING: Doing this VIOLATES the HTTP standard.

vim /etc/squid/squid.conf

add following;

## HackersGarage.com - ACL
forwarded_for transparent
header_access Allow allow all
header_access Authorization allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Accept-Enncoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Cookie allow all
header_access Set_Cookie allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access All deny all
header_replace User-Agent anonymous

squid -k reconfigure

Now go to Verify your proxy header and you should see a new header which is highly anonymous.

HTTP_CACHE_CONTROL:max-age=259200
HTTP_CONNECTION:keep-alive
HTTP_CONTENT_LENGTH:0
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5
HTTP_HOST:www.proxydetect.com
HTTP_USER_AGENT:anonymous

Got a problem? Ask below ๐Ÿ™‚

Categories
HowTos Linux

Running Apache with Multiple PHP Versions

php5Running multiple php version e.g php4 & php5 required some times for old style applications that is dependant on php4 but applications like wordpress you are required to have php5. Let see how we tackle this problem.

In my scenario, i have CentOS 5 running on my server with apache2. I will be installing php4 in CGI mode and php5 as standalone module for apache. You can use the following method for debian distro too.

Installing apache2 & php5

yum install httpd
yum install php

php4 Installation PHP4

Now download the source code of php4, you can chose nearest php4 mirror from here.

wget http://www.php.net/get/php-4.4.9.tar.gz/from/ar.php.net/mirror
tar -zxvf php-4.4.9.tar.gz
cd php-4.4.9

Note : do not add support for apxs2, it will break up the php5 as module for apache2

./configure โ€“prefix=/usr/local/php4
make
make install
cp -v php.ini-recommended /usr/local/php/etc/php.ini

Configuring php4 as CGI script for Apache.

ln โ€“s /usr/local/php4/bin/php /var/www/html/cgi-bin/php
chmod 755 /var/www/html/cgi-bin/php

Configuring Apache for php4

cp โ€“av /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php4.conf

Update these :

vi /etc/httpd/conf.d/php4.conf

Action php4-script /cgi-bin/php
AddHandler php4-script .php4
AddType text/html .php
DirectoryIndex index.php4

Categories
HowTos Linux

How to track Linux Shell Users activity?

Linux Shell users loggingQuestion:

I am managing a team of Linux System Administrators, which manages a large number of servers remotely. This admins require root level privileges on servers. Now how can I keep track of each user activity for audit purpose and to keep record of each command is executed on server. Recommend open source application on Linux.

There are couple of available tools/scripts on Linux to achieve this goal. But we have found Rootsh a simple solution to this hitch.

What is rootsh?

rootsh is a shell wrapper that logs all keystrokes of a terminal with output and save it into a file whcih is randmoly generated for each user. rootsh also supports logging into syslog but it is bad idea because syslog file can easily be removed by a root user.

We will create a separate folder for logs where we will apply group level privileges & apply append attribute to restrict the group members to write/read only to this folder so our files would be secured.

How to install rootsh?

cd /tmp/

wget http://sourceforge.net/projects/rootsh/files/rootsh/1.5.3/rootsh-1.5.3.tar.gz/download
tar -zxvf rootsh-1.5.3.tar.gz

Create logs directory :

mkdir -vp /secure/admins-logs
./configure --disable-syslog --disable-linenumbering --with-logdir=/secure/admins-logs/
make && make install

Create a group for your admins so limited users can write to this folder.

groupadd admins

Creating a testadmin user and adding it to the group.

useradd testadmin
usermod -G testadmin admins

Applying appropriate permissions to logs folder & apply attributes.

chmod 770 /secure/admins-logs
chgrp admins /secure/admins-logs
chattr +a /secure/admins-logs

Edit /etc/shells – to allow our new loggable shell.

echo "/usr/local/bin/rootsh" >> /etc/shells

Enable logging for our user “testadmin”

vim /etc/passwd

search for a user testadmin and replace /bin/bash with /usr/local/bin/rootsh

Thats it! Now, try to login in with testadmin and you should see a log file created with username+timestamp e.g /secure/admins-logs/testadmin.3243423432.log

If you have any question, feel free to ask in comments.

Categories
HowTos Linux

How to use WorldCall EVDO USB on Linux?

Few days back, one of our friend from Pakistan requested us to write a recipe to Use WorldCall USB on Linux. By default Linux 2.6 Kernel support USB EVO devices but it required a little configuration in /etc/wvdial.conf.

BTW We are using BackTracK 5 Linux on our stations.

Configuring WorldCall usb on linux :

Install a PPP dialer on Ubuntu/BackTrack Linux

aptitude install wvdial

lsusb

You should see following
Bus 004 Device 002: ID 16d5:6502 AnyDATA Corporation

vim /etc/wvdial.conf

copy & paste following configuration,

[Dialer Defaults]
init1 = ATZ
init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
;init3 = AT+CGDCONT=1,"IP","data:tre:se"
Modem Type = USB Modem
Dial Command = ATDT
Baud = 460800
New PPPD = yes
Modem = /dev/ttyUSB0
Stupid Mode = 1
ISDN = 0
Phone = #777
Username = wcall@worldcall.com
Password = wcall

Run wvdial and start surfing internet ๐Ÿ™‚

wvdial

DONE!