Category: Uncategorized

Openvpn+Radius setup+2FA

Installing FreeRADIUS3

Pfsense-Package Manager-FreeRADIUS3

Pfsense-Service-FreeRADIUS-Interfaces-Add
->Port: 1812, Interface Type: Authentication

Pfsense-Service-FreeRADIUS-Interfaces-Add
->Port: 1813, Interface Type: Accountung

Pfsense-Service-FreeRADIUS-Interfaces-NAS/Clients-Add
->Client IP Address : 127.0.0.1
->Client Shared Secret : something

User Management

pfsense-System-User Manager-Authentication Servers-Add
->Type:RADIUS
->Hostname or IP address: 127.0.0.1
->Shared Secret: something
->RADIUS NAS IP Attribute: choose network

pfsense-Service-FreeRADIUS-Users-Add
->Username, Password

Verification

pfsense-Diagonostics-Authentication
->Authentication Server: Radserver
->Username, Password

Pfsense-Diagonostics-Authentication-Test

Add users and assign to specific resources

Pfsense-VPN-OpenVPN-Wizards
->Trype of Server: RADIUS
->Complete to default settings

Pfsense-Services-Users
->Edit/Add user to assgn IP address (one of tunnel network ip address)

pfSense-Firewall-Rule-OpenVPN
->delete Rules
->Add Rules for each users

2FA(Optional)

Pfsense-System-User Manager-Authentication Servers
->Protocol: MS-CHAPv2->PAP

Pfsense-Services-FreeRADIUS-Users
->Password: Leave empty
->Mobile-One-Time-Password : enable
->OTP Auth Method : Google-Authenticator (standard ToTP authentication)
->Generate OTP Secret
->PIN

Configure SMTP

Installing mail server on Ubuntu 19.10 LTS Server

Install postfix
Install mailutils
(optional) mailjet.com

Reference

https://www.linuxbabe.com/mail-server/setup-basic-postfix-mail-sever-ubuntu
https://www.linuxbabe.com/mail-server/postfix-smtp-relay
https://app.mailjet.com/docs/spf-dkim-guide
https://linuxaria.com/pills/how-to-setup-postfix-to-forward-email-to-another-email-account-on-debianubuntu

Cloudflare SSL full strict mode

Copy Cert and Key
Cloudflare – Origin Server – Create Certificate
Copy certificate key(site.pem) and private key (site.key) to origin server (web server)
/etc/cloudflare/site.ca.pem
/etc/cloudflare/site.ca.key

Configure Apache
$sudo a2enmod ssl
$sudo vi /etc/apache2/sites-available/site.ca.conf

ServerAdmin [email protected]
ServerName site.ca
ServerAlias www.site.ca
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
RewriteCond %{SERVER_NAME} =site.ca [OR]
RewriteCond %{SERVER_NAME} =www.site.ca
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

ServerAdmin [email protected]
ServerName site.ca
ServerAlias www.site.ca
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

SSLEngine on
SSLCertificateFile /etc/cloudflare/site.ca.pem
SSLCertificateKeyFile /etc/cloudflare/site.ca.key

$sudo apachectl configtest
$sudo systemctl restart apache2
$sudo a2ensite /etc/apache2/sites-available/site.ca.conf
$sudo a2enmod rewrite
$sudo systemctl restart apache2

Enable SSL Full strict mode on Cloudflare
Cloudflare – SSL/TLS – Full(strict)

Installing LAMP+WordPress in 5minutes

There are bunch of different instructions how to install LAMP+Wordpress on Ubuntu distro, I simplified the installation process based on Ubuntu 19.10 LTS, and it won’t take more than 5 minutes to complete entire procedures.

$sudo apt-get update && sudo apt-get upgrade
$sudo apt-get install lamp-server^
$sudo mysql_secure_installation

$sudo mysql
mysql>ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘root_password’;
mysql>CREATRE DATABASE dbname mysql>CREATE USER ‘username’@’localhost’ IDENTIFIED BY ‘user_password’;
mysql>GRANT ALL ON dbname.* TO ‘username’@’localhost’;
mysql>FLUSH PRIVILEGES;
mysql>exit;

Download latest wordpress at https://wordpress.org/latest.tar.gz and start installation on /var/www/html folder.

References;
https://www.techrepublic.com/article/how-to-install-a-lamp-server-on-ubuntu-server-19-10/
https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-ubuntu-18-04
https://ma.ttias.be/mysql-8-removes-shorthand-creating-user-permissions/

Preparing Forensic USB

USB (Ext4)

Created Ext4 partition for USB Drive using AOMEI application.

Install package/software

Linux Memory Grabber, Linux Memory Extractor and Volatility Framework are mostly used for memory forensic analysis. Those will be installed on USB drive then attached to SIFT-Workstation.

Git Repository;
Linux Memory Grabber: https://github.com/halpomeranz/lmg.git
Linux Memory Extractor: https://github.com/504ensicsLabs/LiME.git
Volatility Framework: https://github.com/volatilityfoundation/volatility.git

Move to USB Drive folder, then;
$git clone https://github.com/halpomeranz/lmg.git .
$git clone https://github.com/504ensicsLabs/LiME.git lime
$cd lime/src
$patch < ../../lime-Makefile.patch
$cd -
$tar xf static-dwarfdump.tgz
$git clone https://github.com/volatilityfoundation/volatility.git

CAPTURING LINUX RAM

Attach USB on SIFT VM and start capturing Linux RAM

$sudo ./lim

simple github first step

1. [github] Create github account

2.[github] Create repo

3.[local] register user info

$git config --global user.email "[email protected]"
$git config --global user.name "Your Name"

4. copy ssh publickey and paste it on github account
[github] user-setting-SSH and GPG key-New SSH Keys

5.[local] git init

$echo "# capstone" >> README.md
$git init
$git add README.md
$git commit -m "first commit"

6. Add origin

$git remote add origin [email protected]:JasonGrayHat/reponame.git
$git remote -v

7.Regular commands

$git add filename $git commit -m "comments" $git push origin master $git pull origin master

8.(optional for co-working) forking/fetching 

$git remote add upstream [email protected]:JasonGrayHat/capstone.git
$git fetch upstream
$git merge upstream/master

hashcat on AWS

HA_P2_GENERAL

Few months ago, I have installed GTX 1060 ti 6GB on desktop PC for using hashcat, but I found out that I rarely used hashcat to crack hash keys. Thus I decided to use AWS for cracking hashes. Kali (2019.03) distro is already in AWS market store. I selected US-West (Oregon) region with GPU enabled instance. I am using p2.xlarge and p3.2xlarge instances on Kali ; those are generally turned off and fair enough for my purposes.

It costs 0.9 CAD/h to 31,218 CAD/h with the Pay-As-You-Go rates depending on performance. The entry option is p2.xlarge(1* Tesla V100, 4 * vCPUs, 61GB RAM), and the highend option is p3dn.24xlarge(8 * Tesla V100, 256GB GPU Mem, 96 * vCPU with 768GB Mem)

https://aws.amazon.com/ec2/instance-types/p2/
https://aws.amazon.com/ec2/instance-types/p3/

CTF-forensics

I created 4 forensic challenges for CTF event. These might be interesting for someone who enjoy learning something.

Problems

1) What the *uck, where is my password?
Investigate file and identify stolen password

2) Hidden Personal Information
Find the leaked personal information

3) Meeting place
Investigate criminal’s meeting place and secure code

4) Ransome
Investigate raw disk image and recover those infected files

https://drive.google.com/file/d/1pvkNyMU_wDtySpxY1ms8onfoYSxNXhkz/view?usp=sharing

PRU and PWM – BBB

Component

  • 1 x BeagleBone Black
  • 1 x BreadBoard
  • 1 x Blue LED
  • 2 x Button
  • 1 x 330Ω Resistor
  • 2 x 1K Resistor
  • 7 x Connection cables

P9_2 – 330Ω – LED (10mm) – P9_14
P9_2 – 1KΩP – 9_23(GIPO_49) – Button 1
P9_4 – Button 1
P9_4 – Button 2
P9_2 – 1KΩP – 9_27(GIPO_115) – Button 2

Before I found out what Fritzing is, drawing connection map is time consuming work. This tool is intuitive and ease-to-use. We can import libraries for BeagleBone Black here.

Working Code

We can manipulate brightness of LED by implementing Pulse Width Modulation(PWM), thanks for the Python, integrating these modules were not too difficult. There are two buttons between circuits, it modifies Duty Cycles to change the LED brightness.