Thursday, August 25, 2016

Windows 10 tip: Shut down OneDrive completely

In Windows 10 Pro or Enterprise, you can use Group Policy to make this change. Open Local Group Policy Editor (Gpedit.msc) and go to 
Computer Configuration > Administrative Templates > Windows Components > OneDrive. 
Double-click the policy Prevent The Usage Of OneDrive For File Storage and set it to Enabled.
After you restart your PC, you'll find that the OneDrive icon is no longer in the navigation pane and the sync client no longer runs.
On devices running Windows 10 Home, where Group Policy isn't available, you have to edit the registry manually. Using Registry Editor, navigate to HKLM\Software\Policies\Microsoft\Windows\OneDrive. 
(If that key doesn't exist, you need to create it). Add a new DWORD value, DisableFileSyncNGSC, and set it to 1. Restart the PC to make the policy setting effective.

Monday, August 22, 2016

Quick'n easy gpg cheatsheet

to create a key:
gpg --gen-key
generally you can select the defaults.
to export a public key into file public.key:
gpg --export -a "User Name" > public.key

to export a private key:
gpg --export-secret-key -a "User Name" > private.key

to import a public key:
gpg --import public.key

to delete a public key (from your public key ring):
gpg --delete-key "User Name"

to delete an private key (a key on your private key ring):
gpg --delete-secret-key "User Name"

To list the keys in your public key ring:
gpg --list-keys

To encrypt data, use:
gpg -e -u "Sender User Name" -r "Receiver User Name" somefile

To decrypt data, use:
gpg -d mydata.tar.gpg

I haven't used the commands:
gpg --edit-keygpg --gen-revoke

Tuesday, August 16, 2016

32Bit library for Fedora 24 64bit

The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.
dnf install glibc.i686
The libstdc++ package contains a rewritten standard compliant GCC Standard
C++ Library.
dnf install libstdc++-6.1.1-2.fc24.i686

Zlib is a general-purpose, patent-free, lossless data compression
library which is used by many different programs.
dnf install zlib-1.2.8-10.fc24.i686

Monday, August 15, 2016

Java : Send cookie with HttpURLConnection

This is an example of how to send a cookie with an HttpURLConnection request in Java

URL url = new URL("http://www.google.com");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
// Set the cookie value to send
conn.setRequestProperty("Cookie", "name1=value1; name2=value2");
// Send the request to the server
conn.connect();

This was an example of how to send cookies with HttpURLConnection requests in Java.



Securing SSH Simple Way

Change SSH port. Yes, it's not the best protection, but it helps you.
Default port is 22 and this change through/etc/ssh/sshd_config at the line Port 22.

Use SSH protocol version 2. At the line Protocol 2.

Forbid root login to access through SSH.
In /etc/ssh/sshd_config at the line PermitRootLogin yes change to no.

Enable only someone users: AllowUsers UserName.

SSH server can be set to listen only some IP address.
ListenAddress Or, you can set /etc/hosts.allow and /etc/hosts.
deny specific IP address which have access to specific services.
/etc/hosts.allow:
ALL: localhost #enable access to all services for localhost
ALL: 192.168.100.101 #enable access to all services for this IP address
sshd: 110.120.130.140 #enable access to the SSH server only from this IP address

/etc/hosts.deny:
ALL: 10.13.14.15 #forbid access to all services for this IP address
sshd: 100.101.102.103 #forbid access to the SSH server from this IP address

Forbid X mode. X11Forwarding yes change to no.

You can use SSH key instead of password.
How to do: SSH Password-less Login - Using Key AuthenticationUse 

Sunday, August 14, 2016

Javascript, setTimeout and setInterval

Repeated Events: Timeout or Interval

Timeout

<script>
function showHints() {
        var xmlhttp = new XMLHttpRequest();
        xmlhttp.onreadystatechange = function() {
            if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
                document.getElementById("txtHint").innerHTML = xmlhttp.responseText;
setTimeout(showHints, 1000);
   }
        };
        xmlhttp.open("GET", "asdhint.txt", true);
        xmlhttp.send();
}
setTimeout(showHints, 1000); // 1000 = 1sec
</script>

Interval

<script>
function showHints() {
        var xmlhttp = new XMLHttpRequest();
        xmlhttp.onreadystatechange = function() {
            if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
                document.getElementById("txtHint").innerHTML = xmlhttp.responseText;
}
        };
        xmlhttp.open("GET", "asdhints.txt", true);
        xmlhttp.send();
}
setInterval(showHints,1000);
</script>

Saturday, August 13, 2016

Apache2 SSL Configuration Steps

Server Side
root@28cf3aec9d2e:~# openssl req -x509 -nodes -days 1095 /
-newkey rsa:2048 -out /etc/apache2/ssl/example.crt /
-keyout /etc/apache2/ssl/example.key
root@28cf3aec9d2e:/# a2dissite example.conf
Site example disabled.
To activate the new configuration, you need to run:
service apache2 reload
root@28cf3aec9d2e:/# apachectl restart
root@28cf3aec9d2e:~# nano /etc/apache2/sites-available/example.conf
<VirtualHost *:443>
ServerName example.com
DocumentRoot /var/www/example
ErrorLog /var/log/apache2/exampleError.log
CustomLog /var/log/apache2/example.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/example.crt
SSLCertificateKeyFile /etc/apache2/ssl/example.key
</VirtualHost>
root@28cf3aec9d2e:/# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb already enabled
Module ssl already enabled
root@28cf3aec9d2e:/# a2ensite example.conf
Enabling site example.
To activate the new configuration, you need to run:
service apache2 reload
root@28cf3aec9d2e:/# apachectl restart
Workstation Side
webdev@localhost:~# firefox https://example.com



OpenSSL Short Info

Encryption/Decryption
How do I base64-encode something?
# send encoded contents of file.txt to stdout
openssl enc -base64 -in file.txt
# same, but write contents to file.txt.enc
openssl enc -base64 -in file.txt -out file.txt.enc
$ echo "encode me" | openssl enc -base64 ZW5jb2RlIG1lCg==
$ echo -n "encode me" | openssl enc -base64 ZW5jb2RlIG1l
$ echo "ZW5jb2RlIG1lCg==" | openssl enc -base64 -d encode me
How do I simply encrypt a file?
# or get a long list, one cipher per line How do I simply encrypt a file?
# or get a long list, one cipher per line
openssl list-cipher-commands
# encrypt file.txt to file.enc using 256-bit AES in CBC mode
openssl enc -aes-256-cbc -salt -in file.txt -out file.enc
# the same, only the output is base64 encoded for, e.g., e-mail
openssl enc -aes-256-cbc -a -salt -in file.txt -out file.enc
# decrypt binary file.enc
openssl enc -d -aes-256-cbc -in file.enc
# decrypt base64-encoded version
openssl enc -d -aes-256-cbc -a -in file.enc
Keys
How do I generate an RSA key?
# default 1024-bit key, sent to standard output openssl genrsa
# 2048-bit key, saved to file named mykey.pem
openssl genrsa -out mykey.pem 2048
# same as above, but encrypted with a passphrase
openssl genrsa -des3 -out mykey.pem 2048
How do I generate a public RSA key?
openssl rsa -in mykey.pem -pubout
Random data
How do I generate random data?
# write 128 random bytes of base64-encoded data to stdout
openssl rand -base64 128
# write 1024 bytes of binary random data to a file
openssl rand -out random-data.bin 1024
# seed openssl with semi-random bytes from browser cache
cd $(find ~/.mozilla/firefox -type d -name Cache)
openssl rand -rand $(find . -type f -printf '%f:') -base64 1024
# get 32 bytes from /dev/urandom and base64 encode them
head -c 32 /dev/urandom | openssl enc -base64



Thursday, August 11, 2016

hash Command (Work of the Day LOL) ⸚

root@28cf3aec9d2e:~# hash | sort -n
hits command
   1 /sbin/reboot
   1 /usr/bin/namei
   1 /usr/bin/sudo
   1 /usr/sbin/a2enconf
   2 /bin/uname
   2 /usr/sbin/apache2
   3 /sbin/shutdown
   3 /sbin/sysctl
   3 /usr/bin/sort
   3 /usr/sbin/a2disconf
   4 /usr/sbin/apachectl
   5 /bin/mv
   5 /bin/ps
   5 /sbin/ifconfig
   5 /usr/bin/w
   6 /bin/rm
   6 /bin/rmdir
   8 /bin/cp
   9 /bin/mkdir
  11 /bin/netstat
  31 /bin/cat
  39 /usr/sbin/a2dissite
  47 /usr/sbin/a2ensite
  59 /usr/sbin/service
  72 /bin/ls
 116 /usr/bin/nano
root@28cf3aec9d2e:~#

( Virtual Hosts ) Apache2 Configuration Steps

Server Side

root@28cf3aec9d2e:~# apache2 -v
Server version: Apache/2.4.7 (Ubuntu)
Server built:   May  4 2016 17:05:10
root@28cf3aec9d2e:~# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.4 LTS"
root@28cf3aec9d2e:~# uname -por
4.6.4-301.fc24.x86_64 x86_64 GNU/Linux
root@28cf3aec9d2e:~# nano /etc/apache2/sites-available/example.conf
<VirtualHost *:80>
ServerName example.com
ServerAdmin webmaster@example.com
DocumentRoot /var/www/example
ErrorLog ${APACHE_LOG_DIR}/example.log
CustomLog ${APACHE_LOG_DIR}/example.log combined
</VirtualHost>
root@28cf3aec9d2e:~# a2ensite example.conf
Enabling site example.
To activate the new configuration, you need to run:
  service apache2 reload
root@28cf3aec9d2e:~# service apache2 reload
root@28cf3aec9d2e:~# mkdir /var/www/example
root@28cf3aec9d2e:~# echo "<?php echo '<h1>example.com , it\'s Works..</h1>'; ?>" > /var/www/example/index.php

Workstation Side

webdev@localhost:~# echo "SERVER_IP  example.com" >> /etc/hosts
webdev@localhost:~# firefox example.com

Monday, August 8, 2016

( Virtual Hosts ) Multiple websites on Apache2


Say, for instance, we're setting up a test environment on our Apache2 server. We've created the test.conf file in /etc/apache2/sites-available with the contents:
Alias /test "/var/www/test/"
<Directory /var/www/test/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/test
SetEnv HTTP_HOME /var/www/test
</Directory>
Say you want, for whatever reason, test1—you could create a second sites-available .conf file for a second test1 instance. Name that file test1.conf with the following contents:
Alias /test1 "/var/www/test1/"
<Directory /var/www/test1/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/test1
SetEnv HTTP_HOME /var/www/test1
</Directory>
In order to enable those configuration files, you create the .conf file in sites-available and then use a simple command.
all we have to do is issue the command:
sudo a2ensite test.conf
sudo a2ensite test1.conf
The above command will copy the /etc/apache2/sites-available/test*.conf files to/etc/apache2/sites-enabled and make Apache2 aware of the new host. Restart Apache2 with the command:
sudo apachectl reload
Your test,test1 sites is now available to use.

Friday, August 5, 2016

Record your Screen as a GIF

In Fedora 24 you need to install byzanz:

dnf install byzanz


Recording with byzanz-record:


byzanz-record --delay=5 --x=91 --y=247 --width=500 --height=150 byzanz.gif

So how i can find x,y values? you can use "xwininfo","xev", or install "xdotool" or "wmctrl".

Check This Bash Script : https://gist.github.com/lucy/3042755


Thursday, August 4, 2016

What is a DNS leak?

When using an anonymity or privacy service "VPN", it is extremely important that all traffic originating from your computer is routed through the anonymity network. If any traffic leaks outside of the secure connection to the network, any adversary monitoring your traffic will be able to log your activity.

How can I fix a DNS leak?

OpenVPN v2.3.9+

As of OpenVPN version 2.3.9 you can now prevent DNS leaks by specifying a new OpenVPN option. Simply open the .conf (or .ovpn) file for the server that you are connecting to and add the following on a new line. For more information see the OpenVPN manual.

block-outside-dns


Source 

Monday, August 1, 2016

Reverse DNS Lookup


Performing Reverse DNS Lookup converts an IP-address into it’s Hostname.
For this we need to write the IP-address in reverse order (for e.g. 192.168.1.1 will be 1.1.168.192) and then append “.in-addr.arpa.” to it. Next we need to make a query for a PTR Record using DIG. Let’s make a DNS PTR query for 1.1.168.192, the command here would be :

dig 1.1.168.192.in-addr.arpa PTR