Website Local Attack: Difference between revisions
No edit summary |
|||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
== Mediawiki | == Mediawiki Installation == | ||
Autor: | Autor: Lauri Vosandi | ||
=== Mediawiki | === Mediawiki Requirement === | ||
[http://www.mediawiki.org/wiki/Manual:Installation_requirements http://www.mediawiki.org/wiki/Manual:Installation_requirements] <br> | [http://www.mediawiki.org/wiki/Manual:Installation_requirements http://www.mediawiki.org/wiki/Manual:Installation_requirements] <br> Basically, it is necessary to install a web server, PHP and MySQL, you need to root to install as follows:<br> | ||
<pre> | <pre> | ||
root@kaka:~#apt-get install apache2 mysql-server php5 | root@kaka:~#apt-get install apache2 mysql-server php5 | ||
</pre> | </pre> | ||
=== Download === | === Download === | ||
Latest revision as of 17:52, 15 September 2016
Mediawiki Installation
Autor: Lauri Vosandi
Mediawiki Requirement
http://www.mediawiki.org/wiki/Manual:Installation_requirements
Basically, it is necessary to install a web server, PHP and MySQL, you need to root to install as follows:
root@kaka:~#apt-get install apache2 mysql-server php5
Download
Tee oma valik http://www.mediawiki.org/wiki/Download/Matrix ning downloadi sobiv versioon.
n. Mine veebiserveri document-root -u, downloadi wgetiga, paki lahti:
root@kaka:~# cd /var/www/ root@kaka:/var/www# wget http://download.wikimedia.org/mediawiki/1.14/mediawiki-1.14.0.tar.gz --2009-03-13 13:08:43-- http://download.wikimedia.org/mediawiki/1.14/mediawiki-1.14.0.tar.gz Lahendan download.wikimedia.org... 208.80.152.183 Loon ühendust serveriga download.wikimedia.org|208.80.152.183|:80... ühendus loodud. HTTP päring saadetud, ootan vastust... 200 OK Pikkus: 10122254 (9,7M) [application/octet-stream] Saving to: `mediawiki-1.14.0.tar.gz.1' 100%[======================================>] 10 122 254 2,51M/s in 4,4s 2009-03-13 13:08:48 (2,18 MB/s) - `mediawiki-1.14.0.tar.gz.1' salvestatud [10122254/10122254] root@kaka:/var/www# tar -xvvf mediawiki-1.14.0.tar.gz
Install
http://www.mediawiki.org/wiki/Manual:Installing_MediaWiki
Muuda ära kataloogi nimi, muuda failide õigused:
root@kaka:/var/www# mv mediawiki-1.14.0 wiki root@kaka:/var/www# chown -R www-data:www-data ./wiki
Tekita mysql baas ning wiki jaoks eraldi kasutaja:
www-data@kaka:~/wiki$ mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 190 Server version: 5.0.67-0ubuntu6 (Ubuntu) Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> create database wikidb; Query OK, 1 row affected (0.01 sec) mysql> grant create, select, insert, update, delete, alter, lock tables on wikidb.* to 'wikiuser'@'localhost' identified by 'password'; Query OK, 0 rows affected (0.00 sec) mysql> exit Bye www-data@kaka:~/wiki$
Mine veebilehitsejaga äsja installeeritud wiki confi aadressile n. http://localhost/wiki/config ning pane seal täide esmane seadistus.
config kataloogi tekitatakse Localsetings.php fail mille peaksid tõstma oma wiki root kataloogi.
www-data@kaka:~/wiki$ mv config/LocalSettings.php .
Seadistus
Seadista mõned parameetrid LocalSettings.php failis:
$wgSitename = "ITC wiki"; $wgEmergencyContact = "webmaster@localhost"; $wgPasswordSender = "webmaster@localhost"; $wgEmailAuthentication = true; ## Database settings $wgDBtype = "mysql"; $wgDBserver = "localhost"; $wgDBname = "wikidb"; $wgDBuser = "wiki"; $wgDBpassword = "*******"; $wgDefaultSkin = 'modern'; $wgEnableUploads = true; # for maintenance put wiki read-only by uncommenting following variable # # $wgReadOnly = 'maintenance message here'; # Whether to allow inline images hosted on external websites $wgAllowExternalImages = true; # if false, allow uploading files with any extension $wgCheckFileExtensions = false; # if false, does not do mime check on uploaded files $wgMimeTypeFile = false; # define wikilogo and icon #$wgLogo = "$wgScriptPath/skins/common/images/wikilogo.png"; #$wgFavicon = "$wgScriptPath/skins/common/images/favicon.ico"; # do not show & allow editing anything if user is not logged in $wgGroupPermissions['*']['read'] = false; $wgGroupPermissions['*']['edit'] = false; # whitelists - pages what can be seen by people who are not logged in $wgWhitelistRead = array("Main Page", "Special:Userlogin", "-", "MediaWiki:Monobook.css"); # do not allow account creating $wgGroupPermissions['*']['createaccount'] = false;
Extensionite install
LDAP auth extension
http://www.mediawiki.org/wiki/LDAP
Eeldused
Vaja installida php5 LDAP support:
root@kaka:~#apt-get install php5-ldap
Download & install
http://svn.wikimedia.org/viewvc/mediawiki/trunk/extensions/LdapAuthentication/LdapAuthentication.php?view=co
Vaja downloadida LdapAuthentication.php fail, kuna too asub SVN-is, siis on selleks mitu eri varianti.
Lihtsaim on see link veebibrowseris avada ning saadud fail maha salvestada
Kopeeri allalaetud fail extensions kataloogi:
www-data@kaka:/var/www# cp /home/argoe/Töölaud/LdapAuthentication.php ./wiki/extensions/
Seadistus
LocalSettings.php faili lisa pisut infi oma LDAPi kohta:
###### LDAP Authentication ###### require_once 'extensions/LdapAuthentication.php'; $wgAuth = new LdapAuthenticationPlugin(); $wgLDAPDomainNames = array( 'itcollege' ); $wgLDAPServerNames = array( 'itcollege' => 'earl.itcollege.ee' ); $wgLDAPEncryptionType = array( 'itcollege' => 'clear' ); $wgLDAPSearchStrings = array( 'itcollege' => 'uid=USER-NAME,ou=People,dc=itcollege,dc=ee' ); //Don't automatically create an account for a user if the account exists in LDAP //but not in MediaWiki. //Default: false. #$wgLDAPDisableAutoCreate = array( #"testADdomain"=>true #); //Allow the use of the local database as well as the LDAP database. //wiki admin user is in local DB! $wgLDAPUseLocal = true;
FreeMind extension
http://www.mediawiki.org/wiki/Extension:FreeMind
Eeldused
Nõrk turva on aksepteeritav - mm failide uploadimiseks tuleb keelata wiki skriptide kontroll ning see võib viia igasugu pahade asjadeni nagu javaskripti injection jne.
Olete valmis muutma wiki koodi
Download & install
www-data@kaka:/var/www/wiki/extensions# wget http://freemind.sourceforge.net/dimitry_mediawiki_freemind_extension/MediawikiExtension.zip --2009-03-13 13:47:05-- http://freemind.sourceforge.net/dimitry_mediawiki_freemind_extension/MediawikiExtension.zip Lahendan freemind.sourceforge.net... 216.34.181.96 Loon ühendust serveriga freemind.sourceforge.net|216.34.181.96|:80... ühendus loodud. HTTP päring saadetud, ootan vastust... 200 OK Pikkus: 6242 (6,1K) [application/zip] Saving to: `MediawikiExtension.zip' 100%[==============================================================>] 6 242 --.-K/s in 0,1s 2009-03-13 13:47:07 (45,1 KB/s) - `MediawikiExtension.zip' salvestatud [6242/6242]
Lae alla järgmised failid:
http://sourceforge.net/project/downloading.php?group_id=7118&use_mirror=easynews&filename=freemind-browser-0_7_1.zip&36406726
http://www.efectokiwano.net/mm/freeMindFlashBrowser.zip
Paki failid lahti:
www-data@kaka:/var/www/wiki/extensions# unzip MediawikiExtension.zip Archive: MediawikiExtension.zip inflating: FreeMind.php replace README? [y]es, [n]o, [A]ll, [N]one, [r]ename: n inflating: freemind/appletwindow.php inflating: freemind/appletwindowFunction.php inflating: freemind/flashwindow.php inflating: freemind/flashwindowFunction.php www-data@kaka:~/wiki/extensions$ rm MediawikiExtension.zip www-data@kaka:/var/www/wiki/extensions# cd freemind www-data@kaka:/var/www/wiki/extensions/freemind# cp /home/argoe/Töölaud/free* . www-data@kaka:/var/www/wiki/extensions/freemind# unzip freemind-browser-0_7_1.zip Archive: freemind-browser-0_7_1.zip inflating: freemindbrowser.jar inflating: freemindbrowser.html www-data@kaka:/var/www/wiki/extensions/freemind# unzip freeMindFlashBrowser.zip Archive: freeMindFlashBrowser.zip inflating: bola.jpg inflating: bola4.gif extracting: estrella.png inflating: flashfreemind.css inflating: flashobject.js inflating: freeMindFlashBrowser.mm inflating: freeMindFlashBrowser.mm.bak inflating: mindmaps.html inflating: readme.txt inflating: visorFreemind.swf www-data@kaka:~/wiki/extensions/freemind$ rm *.zip
Seadistus
LocalSettings.php faili lisa järgmine rida:
include('extensions/FreeMind.php');
! Selleks, et mm tüüpi faile uploadida, on vaja keelata skriptide kontroll uploadidtud failides Juhendid:
http://freemind.sourceforge.net/wiki/index.php/Talk:Embedded_Mind_Maps#This_file_contains_HTML_or_script_code_that_may_be_erroneously_be_interpreted_by_a_web_browser
http://www.mediawiki.org/wiki/Allowing_HTML_Uploads
Kasutus ja näide
! Freemind töötab vaid wikisse uploaditud failidega
<mm>[[Osadmin2009.mm]]</mm>
WebsiteFrame extension
http://www.mediawiki.org/wiki/Extension:Website_in_iFrame
Eeldused
Nõrk turva on aksepteeritav - extansion loob võimaluse cross-site skriptimiseks http://en.wikipedia.org/wiki/Cross-site_scripting
Download & install
http://www.mediawiki.org/wiki/Extension:Website_in_iFrame lehel on kood üleval. Salvesta see extensions kataloogi faili websiteFrame.php
Seadistus
LocalSettings.php faili lisa järgmine rida:
include("extensions/websiteFrame.php");
Kasutus ja näide
Tuleb kasutada täielikku URLi a'la http://www.yourWebsite.com
<websiteFrame> website=[website URL] name=[string] align=[top,middle,bottom,left,right] height=[number] width=[number,percentage] border=[number] scroll=[yes,no,auto] longdescription=[long description URI] </websiteFrame>
Groupportal extension
http://www.mediawiki.org/wiki/Extension:GroupPortal
Eeldused
admin viitsib tekitada mõne kasutajagrupi koos õigustega, vaja tekitada ka mitu avalehte.
Kasutaja, kes on eraldi esilehega grupis, ei saa enam wiki originaal esilehte muuta.
Download & install
www-data@kaka:~/wiki$ cd extensions/ www-data@kaka:~/wiki/extensions$ wget http://upload.wikimedia.org/ext-dist/GroupPortal-MW1.14-r30722.tar.gz --2009-03-14 11:38:17-- http://upload.wikimedia.org/ext-dist/GroupPortal-MW1.14-r30722.tar.gz Lahendan upload.wikimedia.org... 91.198.174.3 Loon ühendust serveriga upload.wikimedia.org|91.198.174.3|:80... ühendus loodud. HTTP päring saadetud, ootan vastust... 200 OK Pikkus: 803 [application/x-tar] Saving to: `GroupPortal-MW1.14-r30722.tar.gz' 100%[================================================>] 803 --.-K/s in 0,002s 2009-03-14 11:38:17 (426 KB/s) - `GroupPortal-MW1.14-r30722.tar.gz' salvestatud [803/803] www-data@kaka:~/wiki/extensions$ tar -xvf GroupPortal-MW1.14-r30722.tar.gz GroupPortal/ GroupPortal/GroupPortal.php www-data@kaka:~/wiki/extensions$ rm GroupPortal-MW1.14-r30722.tar.gz www-data@kaka:~/wiki/extensions$
Seadistus
LocalSettings.php faili lisa järgmine rida:
require_once( "extensions/GroupPortal/GroupPortal.php" );
Kasutus ja näide
Tekitage kasutajagrupp http://www.mediawiki.org/wiki/Manual:User_rights
n. lisades järgneva rea LocalSettings.php faili tekitate grupi kala ning annate neile kõikide lehtede lugemisõiguse:
$wgGroupPermissions['kala']['read'] = true;
!Kui gruppi on lisatud mõni isik ning kui grupi nime muuta või kustutada, jääb ta kuhugi mysql baasi ikkagi alles ning
seda listitakse jätkuvalt mõningatel erilehtedel. Parandada saab otse baasist.
Lisa soovitud kasutajad soovitud gruppi: Eri:UserRights
Tekitage MediaWiki:Groupportal leht ning lisage sinna gruppide ja esilehtede mapping.
Näiteks:
kala|freemind sysop|Sysop Home *|Portals RandomGroup|Random Home
GraphViz extension
http://www.mediawiki.org/wiki/Extension:GraphViz
Eeldused
Vaja installeerida graphviz pakk:
root@kaka:~#apt-get install graphviz
Download & install
www-data@kaka:~/wiki$ cd extensions/ www-data@kaka:~/wiki/extensions$ wget http://mwextensions.cvs.sourceforge.net/*checkout*/mwextensions/mediawikiextensions/Graphviz.php Hoiatus: HTTP ei toeta jokkereid. --2009-03-14 12:18:27-- http://mwextensions.cvs.sourceforge.net/*checkout*/mwextensions/mediawikiextensions/Graphviz.php Lahendan mwextensions.cvs.sourceforge.net... 216.34.181.108 Loon ühendust serveriga mwextensions.cvs.sourceforge.net|216.34.181.108|:80... ühendus loodud. HTTP päring saadetud, ootan vastust... 200 OK Pikkus: määramata [text/plain] Saving to: `Graphviz.php' [ <=> ] 2 322 --.-K/s in 0,005s 2009-03-14 12:18:27 (450 KB/s) - `Graphviz.php' salvestatud [2322]
Seadistus
LocalSettings.php faili lisa järgmised read ning vaata, et dot asukoht oleks süsteemis sama.
include("extensions/Graphviz.php"); $wgGraphVizSettings->dotCommand = "/usr/bin/dot";
Kasutus ja näide
Palju näiteid on veebis http://www.graphviz.org/Gallery.php
<graphviz renderer='neato' caption='Hello Neato'> graph G { run -- intr; intr -- runbl; runbl -- run; run -- kernel; kernel -- zombie; kernel -- sleep; kernel -- runmem; sleep -- swap; swap -- runswap; runswap -- new; runswap -- runmem; new -- runmem; sleep -- runmem; } </graphviz>
PDF Export extension
http://www.mediawiki.org/wiki/Extension:Pdf_Export
Eeldused
Vaja installeerida htmldoc pakk + pakid millest ta sõltub:
root@kaka:~# apt-get install htmldoc Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: htmldoc-common libfltk1.1 The following NEW packages will be installed: htmldoc htmldoc-common libfltk1.1 0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded. Need to get 5855kB of archives. After this operation, 10,1MB of additional disk space will be used. Do you want to continue [Y/n]? y Get:1 http://ee.archive.ubuntu.com intrepid/main htmldoc-common 1.8.27-3 [5192kB] Get:2 http://ee.archive.ubuntu.com intrepid/main libfltk1.1 1.1.9-4 [460kB] Get:3 http://ee.archive.ubuntu.com intrepid/main htmldoc 1.8.27-3 [202kB] Fetched 5855kB in 24s (238kB/s) Varem valimata paki htmldoc-common valimine. (Andmebaasi lugemine ... hetkel on paigaldatud 109296 faili ja kataloogi.) Paki htmldoc-common lahtipakkimine (failist .../htmldoc-common_1.8.27-3_all.deb) ... Varem valimata paki libfltk1.1 valimine. Paki libfltk1.1 lahtipakkimine (failist .../libfltk1.1_1.1.9-4_i386.deb) ... Varem valimata paki htmldoc valimine. Paki htmldoc lahtipakkimine (failist .../htmldoc_1.8.27-3_i386.deb) ... Processing triggers for man-db ... Processing triggers for menu ... Paki htmldoc-common (1.8.27-3) paikasättimine ... Paki libfltk1.1 (1.1.9-4) paikasättimine ... Paki htmldoc (1.8.27-3) paikasättimine ... Processing triggers for libc6 ... ldconfig deferred processing now taking place Processing triggers for menu ...
Download & install
4 php faili kood on saadaval http://www.mediawiki.org/wiki/Extension:Pdf_Export/Source_Code
tee uus kataloog ning salvesta need sinna.
www-data@kaka:~/wiki$ cd extensions/ www-data@kaka:~/wiki/extensions$ mkdir PdfExport
Seadistus
LocalSettings.php faili lisa järgmine rida:
require_once("extensions/PdfExport/PdfExport.php");
Kasutus
Tööriistakastis on link "Print as PDF", sellel klikkides prinditakse hetkel aktiivne wiki leht PDF faili.
! Fail laetakse alla kui index.php, nime ja laiendi peab käsitsi ümber nimetama!
FCKeditor extension
http://www.mediawiki.org/wiki/Extension:FCKeditor_(by_FCKeditor_and_Wikia)
http://mediawiki.fckeditor.net/index.php/FCKeditor_integration_guide
Eeldused
Peab arvestama, et FCK editor mudib ära olemasolevad artiklid, kui need uuesti salvestada ning see ei pruugi alati kõige paremini lõppeda!
Lingid tehakse ringi, reavahetusi kustutatakse jne. Ei ole mõistlik paigaldada siis, kui kavatsetakse edaspidi veel käsitsi artikleid edida.
Download & install
tiri alla 1 fail veebist, http://rs426.rapidshare.com/files/205304883/FCKeditor.zip
kopi see extensions kataloogi ning paki lahti.
www-data@kaka:~/wiki$ cd extensions/ www-data@kaka:~/wiki/extensions/$ cp /home/argoe/Töölaud/FCKeditor.zip . www-data@kaka:~/wiki/extensions/$ unzip FCKeditor.zip www-data@kaka:~/wiki/extensions$ rm FCKeditor.zip
Seadistus
LocalSettings.php faili lisa järgmine rida:
require_once( "$IP/extensions/FCKeditor/FCKeditor.php" ); $wgUseAjax = true;
Kasutus
Voila - ongi kohe eriti fancy word-lookalike menüü olemas! õnneks või õnnetuseks on menüü vasakul ülemises nurgas olemas nupp kirjaga "wikitext" :D