Posts

Can't use proxy because no authentication schemes are fully configured.

-
So you are having problems on webmin + squid authentication ? My current setup is below. I was eating my finger nails asking why before it was working and now it doesnt. System hostname localhost.localdomain (127.0.0.1) Operating system CentOS Linux 6.3 Webmin version 1.620 Virtualmin version 3.98.gpl GPL Earn  money  register free! [root@122 ~]# service squid start Starting squid:                                            [FAILED] 2013/02/23 00:17:00| Processing Configuration File: /etc/squid/squid.conf (depth 0) 2013/02/23 00:17:00| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. 2013/02/23 00:17:00| SECURITY NOTICE: Overriding config setting. Using 'all' instead. 2013/02/23 00:17:00| WARNING: (B) '::/0' is a subnetwork ...
Post a Comment
Read more

Ethical Hacking Prevent Directory Traversal Attack

-
http://www.hackingloops.com/2012/09/hacking-websites-using-directory-traversal-attacks.html https://www.owasp.org/index.php/Top_10_2007-Malicious_File_Execution
Post a Comment
Read more

Rewrite on .htaccess

-
Original article: http://onearth-syokhabis.blogspot.com/2011/08/how-to-install-modrewrite-to-linux.html?showComment=1360645631881#c3387048594454805636 Error Document 403 "Pencerobohan.. pencerobohan telah dikesan!" RewriteEngine On RewriteCond %{REQUEST_METHOD} (GET|POST) [NC] RewriteCond %{HTTP_USER_AGENT}^.*(nessus|havij|libwww|perl|python|nikto|acunetix|morfeu|w3af).* [NC,OR] RewriteCond %{QUERY_STRING}.*(union|select|cast|char|convert|declare|delete|drop|exec|insert|meta|script|hex|unhex|concat|set|truncate|update|).* [NC] RewriteRule (.*) - [F,L]
Post a Comment
Read more

Get all ip address using grep

-
grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
Post a Comment
Read more

modsecurity configuration

-
    Disable modsec on certain ip address via .htaccess   SetEnvIfNoCase Remote_Addr ^202\.202\.202\.202$ MODSEC_ENABLE=Off     SetEnvIfNoCase Request_URI ^/images/upload\.php$ MODSEC_ENABLE=Off
Post a Comment
Read more

Finding web shells on compromised linux servers

-
Finding web backdoor shells (1) grep -RPn "(system|phpinfo|pcntl_exec|python_eval|base64_decode|gzip|mkdir|fopen|fclose|read file|passthru)" (2) Install GIT and download git clone ssh://git@github.com:Neohapsis/NeoPI.git (see the documentation) (3) grep -RPl --include=*.{php,txt,asp} "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile) *\(" /var/www/ (4) grep -RPnDskip "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile) *\(" public_html/ Other Useful Links
Post a Comment
Read more

maildrop allow domain

-
if (/^From: .*@conal\.com/) {         log "conal.com disable SPAM filtering"     to "$HOME/$DEFAULT" } if (/^From: .*@atl\.com/) {         log "atl.com disable SPAM filtering"     to "$HOME/$DEFAULT" }}
Post a Comment
Read more