Sep 27 2011

DotDotPwn - The Directory Traversal Fuzzer.
It's a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module. It's written in perl programming language and can be run either under *NIX or Windows platforms.

Sep 12 2011
web-server / # cat /etc/apache2/vhosts.d/00_default_vhost.conf

...

<VirtualHost *:80>
...


        ###### You can...
	##
	# 	Deny access to .svn folders on Apache...
	#
	RedirectMatch 404 /\\.svn(/.*|$)

        ###### or ...
	##
	# 	Restrict access to .svn folders on Apache... 
	#
	<DirectoryMatch .*\.svn/.*>
		Order allow,deny
    		Deny From All
	</DirectoryMatch>

...

</VirtualHost>
...

When we work with hardened kernels and tools like grsecurity and PaX, we faced to problems like:

Jun 11 2011

This guide is to learn how to set correctly the timezone in a Gentoo Linux and Mexico/General timezone.

First copy or link the proper zone to localtime:

pluton ~ # ln -sf /usr/share/zoneinfo/Mexico/General /etc/localtime
pluton ~ # ls -l /etc/localtime
lrwxrwxrwx 1 root root 23 Jun  6 18:13 /etc/localtime -> /usr/share/zoneinfo/GMT

Now specify your timezone:

Jun 10 2011

First you need to install the Ice libs.

zeus ~ # emerge Ice -av
These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild   R   ] dev-libs/Ice-3.4.1  USE="ncurses python -debug -doc -examples -mono -ruby -test" RUBY_TARGETS="ruby18" 0 kB

Total: 1 package (1 reinstall), Size of downloads: 0 kB

Would you like to merge these packages? [Yes/No] 

And then copy the compressed file in a safe and different place, then go there and expand the file.

Just modify the data file to look like this one.

evo ~ # vi /bla/bla/bla/tinydns-IPX/root/data
...
...
...
# myowndomain.com's MX Servers
@myowndomain.com::aspmx.l.google.com.:10:86400
@myowndomain.com::alt1.aspmx.l.google.com.:20:86400
@myowndomain.com::alt2.aspmx.l.google.com.:20:86400
@myowndomain.com::aspmx2.googlemail.com.:30:86400
@myowndomain.com::aspmx3.googlemail.com.:30:86400
@myowndomain.com::aspmx4.googlemail.com.:30:86400
@myowndomain.com::aspmx5.googlemail.com.:30:86400
...
...
...
Jun 9 2011

Edit the file /boot/grub/device.map to look like this

(fd0) /dev/fd0
(hd0) /dev/cciss/c0d0
.....

Run grub like this:

hercules ~ # /sbin/grub --batch --device-map=/boot/grub/device.map --config-file=/boot/grub/grub.conf --no-floppy

grub shell:

grub> root (hd0,0)
grub> setup (hd0)
grub> quit

Pages

Subscribe to RSS - linux