Openvpn+Radius setup+2FA

Installing FreeRADIUS3

Pfsense-Package Manager-FreeRADIUS3

->Port: 1812, Interface Type: Authentication

->Port: 1813, Interface Type: Accountung

->Client IP Address :
->Client Shared Secret : something

User Management

pfsense-System-User Manager-Authentication Servers-Add
->Hostname or IP address:
->Shared Secret: something
->RADIUS NAS IP Attribute: choose network

->Username, Password


->Authentication Server: Radserver
->Username, Password


Add users and assign to specific resources

->Trype of Server: RADIUS
->Complete to default settings

->Edit/Add user to assgn IP address (one of tunnel network ip address)

->delete Rules
->Add Rules for each users


Pfsense-System-User Manager-Authentication Servers
->Protocol: MS-CHAPv2->PAP

->Password: Leave empty
->Mobile-One-Time-Password : enable
->OTP Auth Method : Google-Authenticator (standard ToTP authentication)
->Generate OTP Secret

Configure SMTP

Installing mail server on Ubuntu 19.10 LTS Server

Install postfix
Install mailutils


Cloudflare SSL full strict mode

Copy Cert and Key
Cloudflare – Origin Server – Create Certificate
Copy certificate key(site.pem) and private key (site.key) to origin server (web server)

Configure Apache
$sudo a2enmod ssl
$sudo vi /etc/apache2/sites-available/

ServerAdmin [email protected]
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
RewriteCond %{SERVER_NAME} [OR]
RewriteCond %{SERVER_NAME}
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

ServerAdmin [email protected]
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

SSLEngine on
SSLCertificateFile /etc/cloudflare/
SSLCertificateKeyFile /etc/cloudflare/

$sudo apachectl configtest
$sudo systemctl restart apache2
$sudo a2ensite /etc/apache2/sites-available/
$sudo a2enmod rewrite
$sudo systemctl restart apache2

Enable SSL Full strict mode on Cloudflare
Cloudflare – SSL/TLS – Full(strict)

Installing LAMP+WordPress in 5minutes

There are bunch of different instructions how to install LAMP+Wordpress on Ubuntu distro, I simplified the installation process based on Ubuntu 19.10 LTS, and it won’t take more than 5 minutes to complete entire procedures.

$sudo apt-get update && sudo apt-get upgrade
$sudo apt-get install lamp-server^
$sudo mysql_secure_installation

$sudo mysql
mysql>ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘root_password’;
mysql>CREATRE DATABASE dbname mysql>CREATE USER ‘username’@’localhost’ IDENTIFIED BY ‘user_password’;
mysql>GRANT ALL ON dbname.* TO ‘username’@’localhost’;

Download latest wordpress at and start installation on /var/www/html folder.


Preparing Forensic USB

USB (Ext4)

Created Ext4 partition for USB Drive using AOMEI application.

Install package/software

Linux Memory Grabber, Linux Memory Extractor and Volatility Framework are mostly used for memory forensic analysis. Those will be installed on USB drive then attached to SIFT-Workstation.

Git Repository;
Linux Memory Grabber:
Linux Memory Extractor:
Volatility Framework:

Move to USB Drive folder, then;
$git clone .
$git clone lime
$cd lime/src
$patch < ../../lime-Makefile.patch
$cd -
$tar xf static-dwarfdump.tgz
$git clone


Attach USB on SIFT VM and start capturing Linux RAM

$sudo ./lim

simple github first step

1. [github] Create github account

2.[github] Create repo

3.[local] register user info

$git config --global "[email protected]"
$git config --global "Your Name"

4. copy ssh publickey and paste it on github account
[github] user-setting-SSH and GPG key-New SSH Keys

5.[local] git init

$echo "# capstone" >>
$git init
$git add
$git commit -m "first commit"

6. Add origin

$git remote add origin [email protected]:JasonGrayHat/reponame.git
$git remote -v

7.Regular commands

$git add filename $git commit -m "comments" $git push origin master $git pull origin master

8.(optional for co-working) forking/fetching

$git remote add upstream [email protected]:JasonGrayHat/capstone.git
$git fetch upstream
$git merge upstream/master

hashcat on AWS


Few months ago, I have installed GTX 1060 ti 6GB on desktop PC for using hashcat, but I found out that I rarely used hashcat to crack hash keys. Thus I decided to use AWS for cracking hashes. Kali (2019.03) distro is already in AWS market store. I selected US-West (Oregon) region with GPU enabled instance. I am using p2.xlarge and p3.2xlarge instances on Kali ; those are generally turned off and fair enough for my purposes.

It costs 0.9 CAD/h to 31,218 CAD/h with the Pay-As-You-Go rates depending on performance. The entry option is p2.xlarge(1* Tesla V100, 4 * vCPUs, 61GB RAM), and the highend option is p3dn.24xlarge(8 * Tesla V100, 256GB GPU Mem, 96 * vCPU with 768GB Mem)


I created 4 forensic challenges for CTF event. These might be interesting for someone who enjoy learning something.


1) What the *uck, where is my password?
Investigate file and identify stolen password

2) Hidden Personal Information
Find the leaked personal information

3) Meeting place
Investigate criminal’s meeting place and secure code

4) Ransome
Investigate raw disk image and recover those infected files



  • 1 x BeagleBone Black
  • 1 x BreadBoard
  • 1 x Blue LED
  • 2 x Button
  • 1 x 330Ω Resistor
  • 2 x 1K Resistor
  • 7 x Connection cables

P9_2 – 330Ω – LED (10mm) – P9_14
P9_2 – 1KΩP – 9_23(GIPO_49) – Button 1
P9_4 – Button 1
P9_4 – Button 2
P9_2 – 1KΩP – 9_27(GIPO_115) – Button 2

Before I found out what Fritzing is, drawing connection map is time consuming work. This tool is intuitive and ease-to-use. We can import libraries for BeagleBone Black here.

Working Code

We can manipulate brightness of LED by implementing Pulse Width Modulation(PWM), thanks for the Python, integrating these modules were not too difficult. There are two buttons between circuits, it modifies Duty Cycles to change the LED brightness.