#mkdir -p /tmp/test1
#cd /tmp/test1
#wget -r -l 5 http://URL/index.html; grep -nR -i keyword URL | tee ./report.txt
Sunday, October 27, 2019
Friday, October 25, 2019
cgi_login3.pl
#!/usr/bin/perl -wT
use CGI qw(:standard);
$username='test1';
$password='test2';
$salt='173173';
$string=$username.$password;
$digest=crypt($salt,$string);
$the_cookie = cookie('test');
if($the_cookie ne $digest){
print "Content-type: text/html\n\n";
print "<script>alert('Your are not allowed to access this page!')</script>";
print "<script>window.history.back()</script>";
}else{
print "Content-type: text/html\n\n";
print start_html("Authenticated");
print <<EOF;
You have successfully logged into the system!<br>
EOF
print end_html;
}
use CGI qw(:standard);
$username='test1';
$password='test2';
$salt='173173';
$string=$username.$password;
$digest=crypt($salt,$string);
$the_cookie = cookie('test');
if($the_cookie ne $digest){
print "Content-type: text/html\n\n";
print "<script>alert('Your are not allowed to access this page!')</script>";
print "<script>window.history.back()</script>";
}else{
print "Content-type: text/html\n\n";
print start_html("Authenticated");
print <<EOF;
You have successfully logged into the system!<br>
EOF
print end_html;
}
cgi_login2.pl
#!/usr/bin/perl -wT
use CGI qw(:standard);
$username='test1';
$password='test2';
$salt='173173';
$string=$username.$password;
$digest=crypt($salt,$string);
$user = param('username');
$pass = param('password');
if(($user eq $username) && ($pass eq $password)){
$cookie = cookie(-name => 'test', -value => "$digest");
print redirect(-url => 'cgi_login3.pl', -cookie => $cookie);
}elsif((defined($user)) || (defined($pass))){
print "Content-type: text/html\n\n";
print "<script>alert('The username or password is wrong!')</script>";
print "<script>window.history.back()</script>";
}else{
;
}
use CGI qw(:standard);
$username='test1';
$password='test2';
$salt='173173';
$string=$username.$password;
$digest=crypt($salt,$string);
$user = param('username');
$pass = param('password');
if(($user eq $username) && ($pass eq $password)){
$cookie = cookie(-name => 'test', -value => "$digest");
print redirect(-url => 'cgi_login3.pl', -cookie => $cookie);
}elsif((defined($user)) || (defined($pass))){
print "Content-type: text/html\n\n";
print "<script>alert('The username or password is wrong!')</script>";
print "<script>window.history.back()</script>";
}else{
;
}
cgi_login1.pl
#!/usr/bin/perl -wT
use CGI qw(:standard);
print header;
print start_html("Login");
print <<EndHTML;
<form action="cgi_login2.pl" method="POST">
Please enter your login name and password.<br>
username: <input type="text" name="username" size=10><br>
password: <input type="password" name="password" size=10><p>
Be sure you have cookies turned on in your browser.<p>
<input type="submit" value="Log In">
</form>
EndHTML
print end_html;
use CGI qw(:standard);
print header;
print start_html("Login");
print <<EndHTML;
<form action="cgi_login2.pl" method="POST">
Please enter your login name and password.<br>
username: <input type="text" name="username" size=10><br>
password: <input type="password" name="password" size=10><p>
Be sure you have cookies turned on in your browser.<p>
<input type="submit" value="Log In">
</form>
EndHTML
print end_html;
Sunday, October 20, 2019
Enable Perl-CGI at Apache2
Enable CGI:
#ln -s /etc/apache2/conf-available/serve-cgi-bin.conf /etc/apache2/conf-enabled/serve-cgi-bin.conf
#ln -s /etc/apache2/mods-available/cgi.load /etc/apache2/mods-enabled/cgi.load
Add a CGI script:
#touch /usr/lib/cgi-bin/test.pl
#vi /usr/lib/cgi-bin/test.pl
-----------------------------
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Testing";
:wq!
-----------------------------
#cd /usr/lib
#chmod -R +x ./cgi-bin
Restart Apache2:
#systemctl restart apache2.service
Verify:
Access http://127.0.0.1/cgi-bin/test.pl
#ln -s /etc/apache2/conf-available/serve-cgi-bin.conf /etc/apache2/conf-enabled/serve-cgi-bin.conf
#ln -s /etc/apache2/mods-available/cgi.load /etc/apache2/mods-enabled/cgi.load
Add a CGI script:
#touch /usr/lib/cgi-bin/test.pl
#vi /usr/lib/cgi-bin/test.pl
-----------------------------
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Testing";
:wq!
-----------------------------
#cd /usr/lib
#chmod -R +x ./cgi-bin
Restart Apache2:
#systemctl restart apache2.service
Verify:
Access http://127.0.0.1/cgi-bin/test.pl
Sunday, October 6, 2019
Install Docker in Kali Linux
References:
https://www.runoob.com/docker/docker-tutorial.html
Installation:
#curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
#echo 'deb [arch=amd64] https://download.docker.com/linux/debian buster stable' > /etc/apt/sources.list.d/docker.list
#apt-get update
#apt-get remove docker docker-engine docker.io
#apt-get install docker-ce
Testing:
#docker run hello-world
Start and Enable Docker:
#systemctl enable docker
#systemctl start docker
Search and Pull a docker:
#docker search apache
#docker pull httpd
Show installed images:
#docker images
Run a docker: (P.S.: "-d" represents running in the background, and "-P" represents Transport-Layer Port Mapping)
#docker run -d -P httpd
And the mapped Transport-Layer port can be specified:
#docker run -d -p 8443:443 httpd
The command above maps the docker's TCP443 to the host machine's TCP8443.
Run a docker in a shell:
#docker run -t -i IMAGE_NAME /bin/bash
Such as:
#docker run -t -i metasploitframework/metasploit-framework /bin/bash
Enter a running docker with a shell:
#docker exec -t -i CONTAINER_ID /bin/bash
Such as:
#docker exec -t -i b936b0afeb23 /bin/bash
Show what dockers are running:
#docker ps
Show Transport-Layer ports related to the docker:
#docker port CONTAINER_ID
Such as:
#docker port b936b0afeb23
Show logs generated by the docker:
#docker logs -f CONTAINER_ID
Such as:
#docker logs -f b936b0afeb23
Check the performance of the docker:
#docker top CONTAINER_ID
Such as:
#docker top b936b0afeb23
Show the details of the docker:
#docker inspect CONTAINER_ID
Such as:
#docker inspect b936b0afeb23
Stop a docker
docker stop CONTAINER_ID
Such as:
#docker stop b936b0afeb23
Delete a docker:
#docker rmi -f httpd
https://www.runoob.com/docker/docker-tutorial.html
Installation:
#curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
#echo 'deb [arch=amd64] https://download.docker.com/linux/debian buster stable' > /etc/apt/sources.list.d/docker.list
#apt-get update
#apt-get remove docker docker-engine docker.io
#apt-get install docker-ce
Testing:
#docker run hello-world
Start and Enable Docker:
#systemctl enable docker
#systemctl start docker
Search and Pull a docker:
#docker search apache
#docker pull httpd
Show installed images:
#docker images
Run a docker: (P.S.: "-d" represents running in the background, and "-P" represents Transport-Layer Port Mapping)
#docker run -d -P httpd
And the mapped Transport-Layer port can be specified:
#docker run -d -p 8443:443 httpd
The command above maps the docker's TCP443 to the host machine's TCP8443.
Run a docker in a shell:
#docker run -t -i IMAGE_NAME /bin/bash
Such as:
#docker run -t -i metasploitframework/metasploit-framework /bin/bash
Enter a running docker with a shell:
#docker exec -t -i CONTAINER_ID /bin/bash
Such as:
#docker exec -t -i b936b0afeb23 /bin/bash
Show what dockers are running:
#docker ps
Show Transport-Layer ports related to the docker:
#docker port CONTAINER_ID
Such as:
#docker port b936b0afeb23
Show logs generated by the docker:
#docker logs -f CONTAINER_ID
Such as:
#docker logs -f b936b0afeb23
Check the performance of the docker:
#docker top CONTAINER_ID
Such as:
#docker top b936b0afeb23
Show the details of the docker:
#docker inspect CONTAINER_ID
Such as:
#docker inspect b936b0afeb23
Stop a docker
docker stop CONTAINER_ID
Such as:
#docker stop b936b0afeb23
Delete a docker:
#docker rmi -f httpd
Subscribe to:
Posts (Atom)