For a new project I needed a tool that could scan a web server for the http status code of different URLs and have the results listed in a easily parseable result. The URLs are typical Linux resources (f.e. the password file, the hostname, services file, …) that could lead to disclosing sensitive system information.
There are already a number of tools that can achieve this but none really provided the output that I needed. … Read more.
It can sometimes be useful to have a script that captures all the HTTP requests and that logs these requests to a file. The PHP script below works for me. I use this script in combination with the htaccess file to catch all web page requests and redirect them to one file.
The .htaccess file :
The apache config for the virtual host is straightforward.
This post demonstrates how relatively easy it is to setup a system that harvests user credentials (username and password) for different web services (Facebook, Twitter, Yahoo).
For this exercise we’ll use two machines :
An end-user laptop or desktop with a browser; Kali Linux with a number of pentesting tools. The Kali Linux machine needs at least one network interface with internet connection.
The exercise scenario involves three major steps :
Have … Read more.
The /etc/passwd file stores crucial information which is required during login on Linux systems.
A line in /etc/passwd is one entry for a user account. The fields are separated by a colon (:).
The format is as follows (note that for the purpose of formatting the display, the line is split. A real /etc/passwd file would have all the data on one line).
If the password field (2) contains an X then the encrypted … Read more.
TOR (https://www.torproject.org/) is a great project if you want to take care of your privacy. You can use TOR to proxy your nmap scans making it very difficult for the scanned network to find the source.
First check that you have TOR installed. It should be listening on a local network port tcp/9050.
You also need to install a package called proxychains that will proxy all the traffic through TOR. Proxychains has its configuration file … Read more.
An older script that I use on OpenBSD to update ddclient hostnames. The script should run with minor modifications on Linux.
If you are unable to get your public IP from a local interface then you can use dyndns.org.
I use Dropbox to have online backups of my files. Dropbox already provides a good set of protection mechanisms (Two-step verification, …). If you need an additional level then Boxcryptor is worth having a look.
Unfortunately Boxcryptor is not available on Linux but it is compatible with encfs. The blog of Boxcryptor has a post describing in details how you can setup encfs on Ubuntu.
The blog post lacks some useful additional details.
… Read more.
The documentation of Redmine describes the upgrade process. I upgraded from Redmine 1.3.1 to Redmine 2.2.2. On an older Ubuntu (10.04.4 LTS) the upgrade steps described in the documentation were not sufficient.
Extract the latest redmine file in your web root. I use a symlink pointing redmine to the latest version. This allows you to keep different version and provides an easy way to switch between versions. You then have to copy the different configuration … Read more.
Below is a PHP script that will graph the first 8 bits of the visitors source IP in your apache logs. The bigger the circle, the more visitors you had. You’ll need gd support in PHP. The minimal width of the circle is set to 3, the maximum width is 85. You can run the script with
The first parameter is the log file. The second parameter is either 20x, 40x or 50x. This graphs … Read more.
If you want to run Postfix as a blackhole mail server (accepting connection for every user on every domain) then all you have to do is add these settings to /etc/postfix/main.cf :
Note: Postfix is not acting as an open relay in this configuration because it discards mails and is not relaying them to the final destination.
Graphs made with cudeso posts stats
By continuing to use the site, you agree to the use of cookies. more information
An HTTP cookie, is a small piece of text sent from a website and stored in your web browser. Cookies are a reliable mechanism for websites to remember your preferences and improve your browsing experience.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.