Monday, December 29, 2014

Install Guacamole

tomcat - server.xml - listen localhost only:
<Connector address="127.0.0.1" port="8009" protocol="AJP/1.3"
connectionTimeout="20000"
URIEncoding="UTF-8" />
<Connector address="127.0.0.1" port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
view raw server.xml hosted with ❤ by GitHub
Guacamole - apache as reverse proxy for tomcat:
<Location /guacamole/>
Order allow,deny
Allow from all
ProxyPass ajp://127.0.0.1:8009/guacamole/ max=20 flushpackets=on
ProxyPassReverse ajp://127.0.0.1:8009/guacamole/
AuthName "Password"
AuthUserFile /etc/guacamole/.htpasswd
SetEnv proxy-chain-auth On
AuthType Basic
Order deny,allow
Deny from all
require valid-user
</Location>
view raw guacamole.conf hosted with ❤ by GitHub

apt-get install xubuntu-desktop xrdp
apt-get install libcairo2-dev libpango1.0-dev libpng12-dev freerdp-x11 libssh2-1 libvncserver-dev libfreerdp-dev libvorbis-dev libssl0.9.8 libssh-dev libssh2-1-dev libpulse-dev
apt-get install uuid uuid-dev libossp-uuid-dev
Posted by at

compile apache module for existing apache binary

apxs - APache eXtenSion tool

mod-authn-otp - Apache module for one-time password authentication

apt-get install build-essential apache2 apache2-dev apache2-utils
apt-get autotools-dev automake checkinstall
apt-get unzip zip
apt-get install libssl-dev
./autogen.sh
./configure
make
apxs -i -a mod_authn_otp.la
chown www-data:www-data otp
chown www-data:www-data otp/otp-users.txt
a2enmod authn_otp proxy_http headers
Posted by at

simulate hanging windows service


simulate hanging service:
        protected override void OnStop()
        {
            while (true) { }
        }

Posted by at

Tuesday, December 16, 2014

Kill-Service.ps1

1: function Kill-Service() {
2: param(
3: [Parameter(Mandatory=$true)]
4: [string]$srvcName,
5: [Parameter(Mandatory=$false)]
6: [string]$ComputerName='.',
7: [Parameter(Mandatory=$false)]
8: [string]$TimeOut='00:00:05'
9: )
10: $srvName
11: $ComputerName
12: $TimeOut
13: #Invoke-Command -cn $ComputerName -ArgumentList $srvcName -ScriptBlock {
14: Invoke-Command -ArgumentList $srvcName -ScriptBlock {
15: $svc = Get-Service $srvcName
16: if ($svc -ne $null) {
17: try {
18: Write-Host($svc.Name)
19: $svc.stop() # stoppe Service
20: $svc.WaitForStatus('Stopped',$TimeOut) # Warte $Timeout auf Stop von Service
21: Write-Host ('Service exited gracefully')
22: }
23: catch [System.ServiceProcess.TimeoutException] {
24: #sichere Service FailureActions
25: $regpath="HKLM:\SYSTEM\CurrentControlSet\Services\"+$srvcName
26: $before=(Get-ItemProperty -Path $regpath -Name FailureActions).FailureActions
27: Write-Host('Recovery Settings saved')
28: # ermittele PID des Service-Prozesses
29: $ServiceNamePID = Get-Service $srvcName
30: $ServicePID = (Get-WmiObject Win32_Service | Where {$_.Name -eq $ServiceNamePID.Name}).ProcessID
31: set-itemproperty -Path $regpath -Name FailureActions -Value ([byte[]](0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0xea,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0xea,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0xea,0x00,0x00))
32: Write-Host('Recovery Settings overwritten')
33: Stop-Process $ServicePID -Force
34: Write-Host('Process ' + $ServicePID + ' Killed')
35: #(Get-WmiObject -class win32_process -filter ('ProcessId = '+$ServicePID)).terminate()
36: set-itemproperty -Path $regpath -Name FailureActions -Value $before
37: Write-Host('Recovery Settings restored')
38: }
39: catch [Exception] {
40: write-host $_.Exception.GetType().FullName;
41: write-host $_.Exception.Message;
42: }
43: }
44: else
45: {
46: Write-Host('No Service returned')
47: }
48: }
49: }
view raw gistfile1.ps1 hosted with ❤ by GitHub
Posted by at

Friday, December 5, 2014

usefull links

PowerShell-AD-Recon

PowerSploit and other

http://adsecurity.org/

mimikatz

syphersec

https://github.com/samratashok/nishang

veil-powerview

https://github.com/darkoperator/Posh-SecMod

Write-MiniDump

https://zmap.io/



Posted by at