Secure Shell Authentication Key Manager

Featured

Posted on by
Reply

Secure Shell Authentication Key Manager
Hi all,
i have created a web application for all to record their SSH(Secure Shell) Authentication Key. the main purpose of this application is for;
1) Managing SSH Key, as SSH Key does not have any Expiry Date, which is a flaw, from the system you will be able to tell when was the SSH key generated.
2) To Manage the Cert. Enable Easy identifying of SSH Key cert to avoid duplicates, from the private key MD5sum, you will be able to tell if the cert are duplicated.
3) To verify if the current cert is original not being modified by third party.

Terms & Condition
1) To be able to use this system, you need to register with us @ http://knowledge-republic.com/CRM/wp-login.php?action=register

2) All Authentication key Record can only be view with Your own account. no one else will be able to view your records unless they own your Password & Username.

Disclaimer Agreement
1. Users shall have no claim against knowledge-republic.com, and knowledge-republic.com shall have no liability, for costs, damages or losses arising from the use of the SSH Authentication Key Manager including, without limitation, claims for direct, indirect, special, incidental or consequential damages. The foregoing disclaimer of liability extends to all types of costs, damages and losses incurred by the Beta Tester including without limitation, personal injury, loss or damage to property, loss of operations, loss of profits, loss of product, loss of productivity and down-time, suffered user.

If you agreed on the disclaimer, you may start to explore the system below.
SSH Authentication Key Manager

Freeware MD5Sum Checker for Window Bases users. Written by Me
MD5Sum Checker [Windows]

Ubuntu 12.04 Missing libxml2.so.2 File [Mod-Security2]

Posted on by
Reply 

# /etc/init.d/apache2 restart

apache2: Syntax error on line 210 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/mod-security.load: Cannot load /usr/lib/libxml2.so.2 into server: /usr/lib/libxml2.so.2: cannot open shared object file: No such file or directory

Action 'configtest' failed.

The Apache error log may have more information.

   ...fail!

This is the error you might encounter during installation of mod-security on ubuntu 12.04. i tried the following which doesn’t work.

# aptitude reinstall libxml2

Solution:
# aptitude download libxml2
# ar -xf libxml2_2.7.8.dfsg-5.1ubuntu4_amd64.deb
the following files will be extract from ubuntu package.
control.tar.gz data.tar.gz debian-binary libxml2_2.7.8.dfsg-5.1ubuntu4_amd64.deb
# rm libxml2_2.7.8.dfsg-5.1ubuntu4_amd64.deb control.tar.gz
# tar xf data.tar.gz
# cd usr/lib/x86_64-linux-gnu/
# ls
libxml2.so.2 libxml2.so.2.7.8
# mv * /usr/lib/x86_64-linux-gnu/
# cp /usr/lib/x86_64-linux-gnu/libxml2.so.2* /usr/lib/
# /etc/init.d/apache2 start
* Starting web server apache2 [ OK ]

Network Notepad Unexpected Error

Posted on by
Reply

Network Notepad Unexpected Error

Network Notepad Exits after fresh install with unexpected error, this is due to window privileges restriction.

The solution to solve this problem is to run as administrator for very first time, Network notepad will add the registry. you will not face this error again the next time when you attempt to run network notepad under your normal or restricted account.

Installation of MCrypt module on ubuntu [Encryption/Decryption]

Posted on by
Reply

To Install php Mcrypt for encryption and decryption.
perform the following steps. [Ubuntu]

1) aptitude install php5-mcrypt
2) echo extension=php_mcrypt.so >> /etc/php5/apache2/php.ini
3) /etc/init.d/apache2 restart

Vulnerabilities in Samsung TV (remote controller protocol) (Endless Restart)

Posted on by
Reply

Application: Samsung devices with support for remote controllers

http://www.samsung.com

Versions: current
Platforms: the vulnerable protocol is used on both TV and blue-ray
devices so both of them should be vulnerable (my tests
were performed only on a D6000 TV with the latest
firmware); the following are the products listed on the
iTunes section of the app but note that I have NOT
tested them:
- TV released in 2010 with Internet@TV feature
Models greater than or equal to LCD 650, LED 6500 and PDP 6500
- TV released in 2011 with AllShare feature
Models greater than or equal to LCD 550, LED 5500 and PDP 5500
- BD released in 2011 with Smart Hub feature
Models greater than or equal to BD-Player D5300
Models greater than or equal to BD-HTS D5000
BD-AVR D7000
BD-HDD Combo D6900/8200/8500/8900
Bugs: A] Endless restarts
B] Possible buffer-overflow
Exploitation: remote
Date: 19 Apr 2012
Author: Luigi Auriemma
e-mail: aluigi@autistici.org
web: aluigi.org

#######################################################################

1) Introduction
2) Bugs
3) The Code
4) Fix

#######################################################################

===============
1) Introduction
===============

All the current Samsung TV and BD systems can be controlled remotely
via iPad, Android and other software/devices supporting the protocol
used on TCP port 55000:

http://itunes.apple.com/us/app/samsung-remote/id359580639

https://play.google.com/store/apps/details?id=com.samsung.remoteTV

The vulnerabilities require only the Ethernet/wi-fi network connected
to be exploited so anyone with access to that network can do it.
I have not tested if there are limitations on Internet or in big WANs.
The remote controller feature is enabled by default like all the other
services (over 40 TCP ports opened on the TV).

#######################################################################

=======
2) Bugs
=======

When the controller packet is received on the device it displays a
message on the screen for telling the user that a new “remote” device
has been found and he must select “allow” or “deny” to continue.

The message includes also the name and MAC address specified in the
received packet, they are just normal strings (there is even a field
containing the IP address for unknown reasons).

——————-
A] Endless restarts
——————-

The controller packet contains a string field used for the name of the
controller.
When the user selects one of the two choices (allow/deny) available
after having received an invalid name string (for example containing
line feed and other invalid chars) the device enters in the following
endless loop:
- for about 5 seconds everything seems to work correctly
- then the TV can be no longer controlled manually (both the TV remote
controller and the TV panel become slow and then completely
inactive), it just doesn’t accept inputs
- after other 5 seconds the TV restarts automatically
- this situation will continue forever

During these continuous reboots it’s not even possible to reset the
device (for example the “EXIT” button for 15 seconds can’t work in
this state) or doing other operations allowed by the normal users
without affecting the warranty.

This is not a simple temporary Denial of Service, the TV is just
impossible to be used and reset so it’s necessary the manual
intervention of the technical assistance that will reset it via the
service mode (luckily the 5 seconds of activity are enough to reach the
reset option).

The user can avoid the exploiting of the vulnerability by pushing the
EXIT button on the controller when the message with allow/deny is
displayed on the screen.

—————————
B] Possible buffer-overflow
—————————

By setting some fields like the MAC address to a long string it’s
possible to crash the device, probably due to a buffer-overflow
vulnerability (just my guess).

No additional analysis is possible because I can’t debug the device and
sincerely I’m not interested in killing my poor TV just for finding
other bugs and understanding them :)

#######################################################################
C] Exploit Code
Samsung TV Remote Control Protocol Exploit code

Java Detect USB Storage Application

Posted on by
Reply

This application is created using Java. it will detect USB device Insert into server. Usage is pretty simple, onces usb devices is detected, it will send email to root@localhost
———————————————-
Configure Forward Root@localhost email to your email.
———————————————-
root@ubuntu:~/java# vi /etc/aliases

## /etc/aliases

# See man 5 aliases for format

postmaster: root

sysadmin:root

root: webmaster@knowledge-republic.com

# to load the changes, now all root@localhost will forward to webmaster@knowledge-republic.com
root@ubuntu:~/java# newaliases
———————————————-
Configure Detect USB
———————————————-
i did not configure the application to run on infinity loop, so it’s up to indivdual administrator to think how often do you wish to run this application to detect new usb storage devices. usually i would run it every 3 mins, as it’s common-sense that in linux after insert, you need some time to mount the drive then perform data theif, my configuration would looks something like this.

root@ubuntu:~/java# crontab -e

# m h dom mon dow command

*/3 * * * * java /root/java/detectusb

crontab: installing new crontab
root@ubuntu:~/java# pwd
/root/java
root@ubuntu:~/java# ls
detectusb.class detectusb.java dir_old.txt dir.txt
root@ubuntu:~/java#
———————————————-
Output of Notification when new USB Device Detect
———————————————-
root@ubuntu:~/java# java detectusb

root@ubuntu:~/java# mail -uroot

Mail version 8.1.2 01/15/2001. Type ? for help.

"/var/mail/root": 1 message 1 new

>N 1 root@localhost Sun Feb 19 18:58 45/1495 New USB Drive Detected!

& 1

Message 1:

From root@localhost Sun Feb 19 18:58:46 2012

X-Original-To: root@localhost

X-Mailer: Java

DATE: Sunday, February 19, 2012

From:root@localhost

To:root@localhost

Subject:New USB Drive Detected!

Hostname: ubuntu

Old USB drives
/dev/sda2 /dev/sda1 /dev/sda

New Usb Drives
/dev/sda5 /dev/sda2 /dev/sda1 /dev/sda

T: Bus=01 Lev=00 Prnt=00 Port=00 Cnt=00 Dev#= 1 Spd=12 MxCh= 8
D: Ver= 1.10 Cls=09(hub ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1
P: Vendor=1d6b ProdID=0001 Rev=02.06
S: Manufacturer=Linux 2.6.32-38-generic ohci_hcd
S: Product=OHCI Host Controller
S: SerialNumber=0000:00:06.0
C: #Ifs= 1 Cfg#= 1 Atr=e0 MxPwr=0mA
I: If#= 0 Alt= 0 #EPs= 1 Cls=09(hub ) Sub=00 Prot=00 Driver=hub

T: Bus=01 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#= 2 Spd=12 MxCh= 0
D: Ver= 1.10 Cls=00(>ifc ) Sub=00 Prot=00 MxPS= 8 #Cfgs= 1
P: Vendor=80ee ProdID=0021 Rev=01.00
S: Manufacturer=VirtualBox
S: Product=USB Tablet
C: #Ifs= 1 Cfg#= 1 Atr=80 MxPwr=100mA
I: If#= 0 Alt= 0 #EPs= 1 Cls=03(HID ) Sub=00 Prot=00 Driver=usbhid

Current Time : 19/02/2012 06:58:46
Free Server Monitoring tools from knowledgerepublic
To download the latest version visit us @
http://knowledge-republic.com/CRM/2012/02/java-detect-usb-storage-application/

detectusb.class

 

Monitor Ubuntu Server Linux Bonding Status for failure on NIC

Posted on by
Reply

Usage: change ADMIN=”NEw Email”

Cronjob:
* 30 * * * / 



#!/bin/bash

ADMIN="root@localhost"

for i in `ifconfig |grep -i bond |awk '{print $1}'| grep '[a-z]\{4\}[0-9]$'`

do

cat /proc/net/bonding/$i |grep down >/dev/null

if [ $? -eq 0 ];then

echo "<u><h2>Currently $i consist of these network devices.</h2></u>" | cat - /sys/class/net/$i/bonding/slaves > slavestatus



echo "<u><H2>$i Bonding Status</h2></u>" >> bond_status

cat /proc/net/bonding/$i >> bond_status 

while read lines 

do

echo $lines | grep down >/dev/null

if [ $? == 0 ] ; then

echo "<font color=red><b>$lines</b></font><br>" >> bondstatus

else 

echo "$lines<br>" >> bondstatus

fi

done < bond_status

rm bond_status

mv bondstatus bond_status

cat slavestatus | cat - bond_status | mail -s "[`hostname -f`] $i one of the bonding interface is down. please check" -a 'Content-Type: text/html'   $ADMIN 

rm bond_status

rm slavestatus

fi

done

Jailroot Bash Script

Posted on by
Reply

Usage:
Create a folder, copy the script to the folder.

root@ubuntu10:/chrootSYS/custom# ./chroot.sh
Usage ./chroot.sh clean/start/restart

Enable Disable Commands.
APPS=’/bin/sh /bin/bash /bin/ls /bin/mkdir /bin/mv /bin/ls /bin/rm /bin/cat /usr/bin/less /bin/more /usr/bin/vi /usr/bin/clear’

add or remove commands for chroot from above variable.

Setup chroot enviroment
./chroot.sh start

Clear chroot Enviroment
./chroot.sh clean

re-setup everything maybe shell got hack and libraries or application is contaminated
./chroot.sh restart

Commands Enabled for ssh

bash cat ls mkdir more mv rm sh clear less vi

Testing on Fresh Setup
root@ubuntu10:/chrootSYS/custom# ./chroot.sh start
START TO PREPARE CHROOT DIRECTORY
Preparing Library /lib/tls/i686/cmov/libc.so.6
Preparing Library /lib/ld-linux.so.2
Preparing Library /lib/ld-linux.so.2
root@ubuntu10:/chrootSYS/custom# ls
bin chroot.sh dev etc home lib root usr

Testing on Cleaning up Environment
root@ubuntu10:/chrootSYS/custom# ./chroot.sh clean
START CLEANING UP CHROOT SETTINGS
root@ubuntu10:/chrootSYS/custom# ls
chroot.sh home root

Testing on Re-setup Environment
root@ubuntu10:/chrootSYS/custom/home/demo# ls
testing
root@ubuntu10:/chrootSYS/custom/home/demo# pwd
/chrootSYS/custom/home/demo
root@ubuntu10:/chrootSYS/custom/home/demo# cd ../..
root@ubuntu10:/chrootSYS/custom# ls
bin chroot.sh dev etc home lib root usr
root@ubuntu10:/chrootSYS/custom# ./chroot.sh restart
START CLEANING UP CHROOT SETTINGS
START TO PREPARE CHROOT DIRECTORY
Preparing Library /lib/tls/i686/cmov/libc.so.6
Preparing Library /lib/ld-linux.so.2
Preparing Library /lib/libncurses.so.5
Preparing Library /lib/tls/i686/cmov/libdl.so.2
Preparing Library /lib/tls/i686/cmov/libc.so.6
Preparing Library /lib/ld-linux.so.2
Preparing Library /lib/tls/i686/cmov/librt.so.1
Preparing Library /lib/libselinux.so.1
Preparing Library /lib/libacl.so.1
Preparing Library /lib/tls/i686/cmov/libc.so.6
Preparing Library /lib/tls/i686/cmov/libpthread.so.0
Preparing Library /lib/ld-linux.so.2
Preparing Library /lib/tls/i686/cmov/libdl.so.2
Preparing Library /lib/libattr.so.1
Preparing Library /lib/libselinux.so.1
Preparing Library /lib/tls/i686/cmov/libc.so.6
Preparing Library /lib/tls/i686/cmov/libdl.so.2
Preparing Library /lib/ld-linux.so.2
root@ubuntu10:/chrootSYS/custom# ls
bin chroot.sh dev etc home lib root usr
root@ubuntu10:/chrootSYS/custom# cd home/demo/
root@ubuntu10:/chrootSYS/custom/home/demo# ls
testing

Testing on SSH
root@ubuntu10:/chrootSYS# ssh localhost -l demo
demo@localhost’s password:
Linux ubuntu10.domain.com 2.6.32-21-generic #32-Ubuntu SMP Fri Apr 16 08:10:02 UTC 2010 i686 GNU/Linux
Ubuntu 10.04 LTS

Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com/

System information as of Wed Dec 21 00:12:06 SGT 2011

System load: 0.07 Memory usage: 39% Processes: 74
Usage of /: 21.5% of 7.49GB Swap usage: 0% Users logged in: 1

Graph this data and manage this system at https://landscape.canonical.com/

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

Last login: Tue Dec 20 23:57:41 2011 from ::1
-bash-4.1$ ^C
-bash-4.1$ ls -la
total 24
drwxr-xr-x 2 1002 1003 4096 Dec 20 16:11 .
drwxr-xr-x 3 0 0 4096 Dec 20 15:45 ..
-rw——- 1 1002 1003 142 Dec 20 16:07 .bash_history
-rwxr-xr-x 1 1002 1003 1213 Dec 20 15:45 chroot.sh
-rwxr-xr-x 1 1002 1003 1213 Dec 20 16:11 chroot2.sh
-rwxr-xr-x 1 1002 1003 1213 Dec 20 15:50 chroot3.sh
-bash-4.1$ ls /bin/
bash cat ls mkdir more mv rm sh
-bash-4.1$

Testing on File Transfer:
root@ubuntu10:/chrootSYS# sftp demo@localhost
Connecting to localhost…
demo@localhost’s password:
ls
sftp> ls
chroot.sh chroot3.sh
sftp> get chroot3.sh
Fetching /home/demo/chroot3.sh to chroot3.sh
/home/demo/chroot3.sh 100% 1213 1.2KB/s 00:00
sftp> put chroot3.sh chroot2.sh
Uploading chroot3.sh to /home/demo/chroot2.sh
chroot3.sh 100% 1213 1.2KB/s 00:00
sftp> ls
chroot.sh chroot2.sh chroot3.sh
sftp> exit

Jailroot Script written by me :) Kelvin This script is tested only on ubuntu, use it at your own risk.

Bash Script to convert route table to route command

Posted on by
Reply

root@testing:~# cat route.txt

10.0.32.0        0.0.0.0         255.255.252.0   U     0      0        0 bond0

0.0.0.0         10.0.0.1        0.0.0.0         UG    100    0        0 bond0

root@testing:~# ./route_to_command route.txt



/sbin/route del 10.0.32.0/22 gw 0.0.0.0 dev bond0

/sbin/route add 10.0.32.0/22 gw 0.0.0.0 dev bond0

/sbin/route del default gw 10.0.0.1 dev bond0

/sbin/route add default gw 10.0.0.1 dev bond0

Bash Script

#!/bin/bash

if [ "$1" != "" ] ; then

while read lines

do

[ `echo $lines|awk '{print $3}'` == "240.0.0.0" ] && netmask="4"

[ `echo $lines|awk '{print $3}'` == "248.0.0.0" ] && netmask="5"

[ `echo $lines|awk '{print $3}'` == "252.0.0.0" ] && netmask="6"

[ `echo $lines|awk '{print $3}'` == "254.0.0.0" ] && netmask="7"

[ `echo $lines|awk '{print $3}'` == "255.0.0.0" ] && netmask="8"

[ `echo $lines|awk '{print $3}'` == "255.128.0.0" ] && netmask="9"

[ `echo $lines|awk '{print $3}'` == "255.192.0.0" ] && netmask="10"

[ `echo $lines|awk '{print $3}'` == "255.224.0.0" ] && netmask="11"

[ `echo $lines|awk '{print $3}'` == "255.240.0.0" ] && netmask="12"

[ `echo $lines|awk '{print $3}'` == "255.248.0.0" ] && netmask="13"

[ `echo $lines|awk '{print $3}'` == "255.252.0.0" ] && netmask="14"

[ `echo $lines|awk '{print $3}'` == "255.254.0.0" ] && netmask="15"

[ `echo $lines|awk '{print $3}'` == "255.255.0.0" ] && netmask="16"

[ `echo $lines|awk '{print $3}'` == "255.255.1280" ] && netmask="17"

[ `echo $lines|awk '{print $3}'` == "255.255.192.0" ] && netmask="18"

[ `echo $lines|awk '{print $3}'` == "255.255.192.0" ] && netmask="18"

[ `echo $lines|awk '{print $3}'` == "255.255.192.0" ] && netmask="18"

[ `echo $lines|awk '{print $3}'` == "255.255.192.0" ] && netmask="18"

[ `echo $lines|awk '{print $3}'` == "255.255.192.0" ] && netmask="18"

[ `echo $lines|awk '{print $3}'` == "255.255.192.0" ] && netmask="18"

[ `echo $lines|awk '{print $3}'` == "255.255.192.0" ] && netmask="18"

[ `echo $lines|awk '{print $3}'` == "255.255.224.0" ] && netmask="19"

[ `echo $lines|awk '{print $3}'` == "255.255.240.0" ] && netmask="20"

[ `echo $lines|awk '{print $3}'` == "255.255.248.0" ] && netmask="21"

[ `echo $lines|awk '{print $3}'` == "255.255.252.0" ] && netmask="22"

[ `echo $lines|awk '{print $3}'` == "255.255.254.0" ] && netmask="23"

[ `echo $lines|awk '{print $3}'` == "255.255.255.0" ] && netmask="24"

[ `echo $lines|awk '{print $3}'` == "255.255.255.128" ] && netmask="25"

[ `echo $lines|awk '{print $3}'` == "255.255.255.192" ] && netmask="26"

[ `echo $lines|awk '{print $3}'` == "255.255.255.224" ] && netmask="27"

[ `echo $lines|awk '{print $3}'` == "255.255.255.240" ] && netmask="28"

[ `echo $lines|awk '{print $3}'` == "255.255.255.248" ] && netmask="29"

[ `echo $lines|awk '{print $3}'` == "255.255.255.252" ] && netmask="30"

[ `echo $lines|awk '{print $3}'` == "255.255.255.255" ] && netmask="32"



if [ `echo $lines|awk '{print $1}'` == "0.0.0.0" ] ;then

        echo /sbin/route del default gw `echo $lines | awk '{print $2}'` dev `echo $lines | awk '{print $8}'`

        echo /sbin/route add default gw `echo $lines | awk '{print $2}'` dev `echo $lines | awk '{print $8}'`

else

        echo /sbin/route del `echo $lines | awk '{print $1}'`/$netmask gw `echo $lines | awk '{print $2}'` dev `echo $lines | awk '{print $8}'`

        echo /sbin/route add `echo $lines | awk '{print $1}'`/$netmask gw `echo $lines | awk '{print $2}'` dev `echo $lines | awk '{print $8}'`

fi

done < $1

else

echo "$0 Filename.txt"

fi

Tools to change All Interface MTU

Posted on by
Reply

i have created a application to change all network card default MTU to what i need, which can be roll out using Active Directory in future to ensure the rest of the newly join workstation have their MTU changed. The application i wrote was written using Visual C#.

Usage :

ApplicatioName

To run application, please kindly download 7zip to extract the file out.
Download ChangeMTU