UPWORK/ODESK guru: Tips and Tricks for clients

skype: odesk.by / upwork.link , email: [email protected]/upwork.link

Archive for September, 2014

Bash: CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2014-6277

without comments

Test of problems with CVE-2014-7186 и CVE-2014-7187:

Read the rest of this entry »

Written by spectre

September 29th, 2014 at 9:20 am

Posted in Bash

Remote Code Exploitation through Bash

without comments

http://www.infoq.com/news/2014/09/bash-remote-exploit
https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability
http://www.pcweek.ru/foss/blog/foss/6963.php
https://launchpad.net/ubuntu/+source/bash/4.3-7ubuntu1.2
https://launchpad.net/ubuntu/+source/bash/4.3-7ubuntu1.3

nodeX:~ # env VAR='() { :; }; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash Test
nodeX:~ # ssh nodeY
nodeY:~ # env VAR='() { :; }; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash is vulnerable!
Bash Test
nodeY:~ # 

http://shellshock.brandonpotter.com/
http://www.shellshocktest.com/
http://bashsmash.ccsir.org/

if you have some old / EOL release:

mkdir src
cd src
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
#download all patches
for i in $(seq -f "%03g" 0 25); do wget     http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done
tar zxvf bash-4.3.tar.gz 
cd bash-4.3
#apply all patches
for i in $(seq -f "%03g" 0 25);do patch -p0 < ../bash43-$i; done
#build and install
./configure && make && make install
cd .. 
cd ..
rm -r src

Written by spectre

September 26th, 2014 at 10:46 pm

Posted in Bash

Protected: ModSecurity2: Caching, Acceleration and Rules.

without comments

This content is password protected. To view it please enter your password below:

Written by spectre

September 25th, 2014 at 8:32 pm

Posted in Tips and Tricks

ModSecurity2 to Apache HTTP Server (CentOS)

without comments

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server, IIS and NGINX. ModSecurity is a web application layer firewall. ModSecurity is free software released under the Apache license 2.0.

Read the rest of this entry »

Written by spectre

September 14th, 2014 at 12:22 am

Posted in Apache2

Postfix: systemd-services – mailgraph.service

without comments

File of service:
/etc/systemd/system/mailgraph.service

Activating service:

gate:/etc/systemd/system # systemctl enable mailgraph.service
ln -s ‘/etc/systemd/system/mailgraph.service’ ‘/etc/systemd/system/multi-user.target.wants/mailgraph.service’
gate:/etc/systemd/system #

Content of unit file:
Read the rest of this entry »

Written by spectre

September 8th, 2014 at 12:10 am

Posted in Postfix & Amavis