PHP, WEB

Modify error reporting behavior in PHP Part 1

Error reporting behavior can be modified at code level. This is very useful if you don’t have permissions to edit php.ini file. Here is a simple example to show you how to do it: //what should i report? ini_set(’error_reporting’, ‘E_ALL’); //show errors to user? ini_set(’display_errors’, ‘Off’); //log errors? ini_set(’log_errors’, ‘On’); //where should i log errors? …

Apache, Linux

Securing Apache Part 1

The following tips are things you can do to make your apache server more secure. Before you begin to follow the tips below, locate your apache’s configuration files first. Common places for apache’s configuration files are: /etc/apache2/apache2.conf, /etc/apache2/httpd.conf and /etc/apache2/sites-enabled/000-default. Before you make any changes, MAKE BACKUP COPIES OF YOUR FILES. Here we go: 1. …

Apache, Linux

Retrieve useful information from Apache logs

Common locations where you can find Apache logs are /var/log/apache2 and /var/log/httpd/. You can extract valuable information from your apache logs. Here are some useful examples! Extract unique IP addresses: cat /var/log/apache2/access.log | awk ‘{print $1}’ | sort | uniqcat /var/log/apache2/access.log | awk ‘{print $1}’ | sort | uniq   Extract unique IP addresses with …

Cracking, John the Ripper, Passwords

How to crack passwords with John the ripper

John the Ripper – is free and Open Source. You can find some passwords lists: here, here and here. To provide a wordlist to john you can do it with –wordlist argument like this: –wordlist=password.lst Suppose that you have a file passwords.txt like this: george:827ccb0eea8a706c4c34a16891f84e7b thanos:202cb962ac59075b964b07152d234b70 If you have installed john already, issue the folowing …

C#, Microsoft Windows

Get HTTP headers with C#

If you would like to get HTTP headers in C#, you can do it with a few lines of code! 1 2 3 4 5 6 7 8 9 String url = "http://www.site.com";   WebRequest webrequest = HttpWebRequest.Create(url); WebResponse webresponse = webrequest.GetResponse();   foreach (String key in webresponse.Headers) Console.WriteLine("{0}: {1}", key, webresponse.Headers[key]);   webresponse.Close();String url …

PHP, WEB

Create a zip file using PHP and ZipArchive class

You can create zip archives in PHP using ZipArchive class. public function createZipArchive($files, $archive, $overwrite) { $zip = new ZipArchive (); if ($overwrite) $flags = ZipArchive::CREATE | ZipArchive::OVERWRITE; else $flags = ZipArchive::CREATE; if (($zip->open ( $archive, $flags )) !== true) { return false; } else { foreach ( $files as $file ) { if (file_exists …

Linux, Netcat, Tools

Banner grabbing with netcat!

To gather more information about a service running on a system’s open port we are going to use a known technique, known as banner grabbing and netcat network tool.  nc -nvv x.x.x.x 80 -n        Suppress name/port resolutions -v        Verbose You will get an answer like this: Connection to 85.25.132.39 80 port [tcp/*] succeeded! …

Firewall, Ubuntu, Ubuntu Server, UFW

Iptables made easy with ufw

UFW is a front-end for iptables and is here to make your life easier!  Default Rule To deny all incoming connections: sudo ufw default denysudo ufw default deny To allow all incoming connections: sudo ufw default allowsudo ufw default allow   Enable or Disable ufw To enable ufw: sudo ufw enablesudo ufw enable To disable …