Openvpn+Radius setup+2FA

Installing FreeRADIUS3

Pfsense-Package Manager-FreeRADIUS3

Pfsense-Service-FreeRADIUS-Interfaces-Add
->Port: 1812, Interface Type: Authentication

Pfsense-Service-FreeRADIUS-Interfaces-Add
->Port: 1813, Interface Type: Accountung

Pfsense-Service-FreeRADIUS-Interfaces-NAS/Clients-Add
->Client IP Address : 127.0.0.1
->Client Shared Secret : something

User Management

pfsense-System-User Manager-Authentication Servers-Add
->Type:RADIUS
->Hostname or IP address: 127.0.0.1
->Shared Secret: something
->RADIUS NAS IP Attribute: choose network

pfsense-Service-FreeRADIUS-Users-Add
->Username, Password

Verification

pfsense-Diagonostics-Authentication
->Authentication Server: Radserver
->Username, Password

Pfsense-Diagonostics-Authentication-Test

Add users and assign to specific resources

Pfsense-VPN-OpenVPN-Wizards
->Trype of Server: RADIUS
->Complete to default settings

Pfsense-Services-Users
->Edit/Add user to assgn IP address (one of tunnel network ip address)

pfSense-Firewall-Rule-OpenVPN
->delete Rules
->Add Rules for each users

2FA(Optional)

Pfsense-System-User Manager-Authentication Servers
->Protocol: MS-CHAPv2->PAP

Pfsense-Services-FreeRADIUS-Users
->Password: Leave empty
->Mobile-One-Time-Password : enable
->OTP Auth Method : Google-Authenticator (standard ToTP authentication)
->Generate OTP Secret
->PIN

Configure SMTP

Installing mail server on Ubuntu 19.10 LTS Server

Install postfix
Install mailutils
(optional) mailjet.com

Reference

https://www.linuxbabe.com/mail-server/setup-basic-postfix-mail-sever-ubuntu
https://www.linuxbabe.com/mail-server/postfix-smtp-relay
https://app.mailjet.com/docs/spf-dkim-guide
https://linuxaria.com/pills/how-to-setup-postfix-to-forward-email-to-another-email-account-on-debianubuntu

Cloudflare SSL full strict mode

Copy Cert and Key
Cloudflare – Origin Server – Create Certificate
Copy certificate key(site.pem) and private key (site.key) to origin server (web server)
/etc/cloudflare/site.ca.pem
/etc/cloudflare/site.ca.key

Configure Apache
$sudo a2enmod ssl
$sudo vi /etc/apache2/sites-available/site.ca.conf

ServerAdmin [email protected]
ServerName site.ca
ServerAlias www.site.ca
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
RewriteCond %{SERVER_NAME} =site.ca [OR]
RewriteCond %{SERVER_NAME} =www.site.ca
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

ServerAdmin [email protected]
ServerName site.ca
ServerAlias www.site.ca
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

SSLEngine on
SSLCertificateFile /etc/cloudflare/site.ca.pem
SSLCertificateKeyFile /etc/cloudflare/site.ca.key

$sudo apachectl configtest
$sudo systemctl restart apache2
$sudo a2ensite /etc/apache2/sites-available/site.ca.conf
$sudo a2enmod rewrite
$sudo systemctl restart apache2

Enable SSL Full strict mode on Cloudflare
Cloudflare – SSL/TLS – Full(strict)

Installing LAMP+WordPress in 5minutes

There are bunch of different instructions how to install LAMP+Wordpress on Ubuntu distro, I simplified the installation process based on Ubuntu 19.10 LTS, and it won’t take more than 5 minutes to complete entire procedures.

$sudo apt-get update && sudo apt-get upgrade
$sudo apt-get install lamp-server^
$sudo mysql_secure_installation

$sudo mysql
mysql>ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘root_password’;
mysql>CREATRE DATABASE dbname mysql>CREATE USER ‘username’@’localhost’ IDENTIFIED BY ‘user_password’;
mysql>GRANT ALL ON dbname.* TO ‘username’@’localhost’;
mysql>FLUSH PRIVILEGES;
mysql>exit;

Download latest wordpress at https://wordpress.org/latest.tar.gz and start installation on /var/www/html folder.

References;
https://www.techrepublic.com/article/how-to-install-a-lamp-server-on-ubuntu-server-19-10/
https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-ubuntu-18-04
https://ma.ttias.be/mysql-8-removes-shorthand-creating-user-permissions/

homelab for grownup

I have just completed re-building my home lab and it took for few weeks to make certain worked. Hypervisors and pfsense are core parts of systems, but I also want to try that legacy or retired gadgets like Cisco ASA or HP DL3 series. Using cloud services such as AWS, Azure or DigitalOcean could make our life more easier, but on-premise systems are still important to understand what is going on there.

I feel like installing the Pfsense is at least 5 times easier than Cisco ASA. We can make connection worked even few mouse clicks; however, we can not understand how packet flows and how to make different machines are connected between each other under hood. There’re lots of trial errors as always. From wipe-out firmware images on that bare-metal firewall to complete ACL, those process gave me lots of fun anyway.

Each networks are divided into different VLANs and totally isolated each other to prevent security holes. Maybe I could do malware analysis on this environment. Metasploitable 2 and DVWA/WebGoat will be used for penetration practice, then any packets between attack/target machines are monitored.

Regarding the hyper visors, I would like to say, they have both pros and cons. Windows Hyper-V provides ease-of-use experience with nice looking graphic interface. More than that, we can use Hyper-V bare-metal machine as a monitoring server as well. But it requires lots of computing resources. ESXi is a very solid hyper visor and it needs few resource. Although I reinstalled because of its’ speed, it was working okay on 32GB SD Card. I am still not so sure which one is better, so I am using two hyper visors simultaneously.

My total budget for this lab was under 400$ CAD thanks for the retired but still healthy generals.

Preparing Forensic USB

USB (Ext4)

Created Ext4 partition for USB Drive using AOMEI application.

Install package/software

Linux Memory Grabber, Linux Memory Extractor and Volatility Framework are mostly used for memory forensic analysis. Those will be installed on USB drive then attached to SIFT-Workstation.

Git Repository;
Linux Memory Grabber: https://github.com/halpomeranz/lmg.git
Linux Memory Extractor: https://github.com/504ensicsLabs/LiME.git
Volatility Framework: https://github.com/volatilityfoundation/volatility.git

Move to USB Drive folder, then;
$git clone https://github.com/halpomeranz/lmg.git .
$git clone https://github.com/504ensicsLabs/LiME.git lime
$cd lime/src
$patch < ../../lime-Makefile.patch
$cd -
$tar xf static-dwarfdump.tgz
$git clone https://github.com/volatilityfoundation/volatility.git

CAPTURING LINUX RAM

Attach USB on SIFT VM and start capturing Linux RAM

$sudo ./lim

simple github first step

1. [github] Create github account

2.[github] Create repo

3.[local] register user info

$git config --global user.email "[email protected]"
$git config --global user.name "Your Name"

4. copy ssh publickey and paste it on github account
[github] user-setting-SSH and GPG key-New SSH Keys

5.[local] git init

$echo "# capstone" >> README.md
$git init
$git add README.md
$git commit -m "first commit"

6. Add origin

$git remote add origin [email protected]:JasonGrayHat/reponame.git
$git remote -v

7.Regular commands

$git add filename $git commit -m "comments" $git push origin master $git pull origin master

8.(optional for co-working) forking/fetching

$git remote add upstream [email protected]:JasonGrayHat/capstone.git
$git fetch upstream
$git merge upstream/master

hashcat on AWS

HA_P2_GENERAL

Few months ago, I have installed GTX 1060 ti 6GB on desktop PC for using hashcat, but I found out that I rarely used hashcat to crack hash keys. Thus I decided to use AWS for cracking hashes. Kali (2019.03) distro is already in AWS market store. I selected US-West (Oregon) region with GPU enabled instance. I am using p2.xlarge and p3.2xlarge instances on Kali ; those are generally turned off and fair enough for my purposes.

It costs 0.9 CAD/h to 31,218 CAD/h with the Pay-As-You-Go rates depending on performance. The entry option is p2.xlarge(1* Tesla V100, 4 * vCPUs, 61GB RAM), and the highend option is p3dn.24xlarge(8 * Tesla V100, 256GB GPU Mem, 96 * vCPU with 768GB Mem)

https://aws.amazon.com/ec2/instance-types/p2/
https://aws.amazon.com/ec2/instance-types/p3/

CTF-forensics

I created 4 forensic challenges for CTF event. These might be interesting for someone who enjoy learning something.

Problems

1) What the *uck, where is my password?
Investigate file and identify stolen password

2) Hidden Personal Information
Find the leaked personal information

3) Meeting place
Investigate criminal’s meeting place and secure code

4) Ransome
Investigate raw disk image and recover those infected files

https://drive.google.com/file/d/1pvkNyMU_wDtySpxY1ms8onfoYSxNXhkz/view?usp=sharing

PRU and PWM – BBB

Component

  • 1 x BeagleBone Black
  • 1 x BreadBoard
  • 1 x Blue LED
  • 2 x Button
  • 1 x 330Ω Resistor
  • 2 x 1K Resistor
  • 7 x Connection cables

P9_2 – 330Ω – LED (10mm) – P9_14
P9_2 – 1KΩP – 9_23(GIPO_49) – Button 1
P9_4 – Button 1
P9_4 – Button 2
P9_2 – 1KΩP – 9_27(GIPO_115) – Button 2

Before I found out what Fritzing is, drawing connection map is time consuming work. This tool is intuitive and ease-to-use. We can import libraries for BeagleBone Black here.

Working Code

We can manipulate brightness of LED by implementing Pulse Width Modulation(PWM), thanks for the Python, integrating these modules were not too difficult. There are two buttons between circuits, it modifies Duty Cycles to change the LED brightness.