Showing posts with label Windows. Show all posts
Showing posts with label Windows. Show all posts

Sunday, June 19, 2016

2 Steps to restrict Jenkins access by IP address or Host Name



Steps to fresh jenkins installtion on on Apache Tomcat Server : http://www.automatethebox.com/2016/06/installing-jenkins-on-apache-tomcat.html

If Jenkins is installed on Tomcat Server 
  1.  Add any of the below entry in the conf\context.xml file :
    • <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1"/><!--Allow from Ip Address-->
    • <Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="127.0.0.1"/><!--Deny from Ip Address-->
    • <Valve className="org.apache.catalina.valves.RemoteHostValve" allow="yahoo.com"/><!--Allow from a Domain-->
    • <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|202.43.25.244"/><!--Allow from multipl ip's-->
  2.  Restart the Tomcat Server
Now, when you try to access Jenkins url, you should get 403 error

If Jenkins is installed on Apache Server 

  1. Add all of the below entries in the conf\.htaccess file to allow access from ip '45.67.87.67' and '10.66.62.0/24' LAN only
    • Order Deny,Allow
    • Deny from all
    • Allow from 45.67.87.67
    • Allow from 10.66.62.0/24
  2. Restart the Apache Server

Now, when you try to access Jenkins url, you should get 403 error
By - No comments:
Labels: , , , ,

Installing Jenkins on Apache Tomcat Server


First of all if you have not installed the Apache Tomcat Server, We will be going to install it on Windows following the below steps :
  • Download the Apache Server from Url :  http://www.apache.org/dyn/closer.cgi

  • Extract the Tomcat zip folder
  • Navigate to to 'conf' directory, path may be somewhat like '..\apache-tomcat-9.0.0.M8\conf' from where you have extracted the zip.
  • Open the Server.xml file and edit the PORT where you want the Tomcat to listen for the requests

  • Now start Command Prompt and go to '..\apache-tomcat-9.0.0.M8\bin' and call 'startup.bat'
  • Now start a browser and navigate to url '<your_system_ip:port_specified_in_step4>'. Example : 127.0.0.1:8080
    • You should see Tomcat Successfully installed page. Congratulation!


Now, we will be moving to next part of configuring Jenkins behind the Tomcat Server  :
  •  Download Jenkins.war file from https://jenkins.io/
  • Once downloaded, unzip and move the jenkins.war to directory '.\apache-tomcat-9.0.0.M8\webapps'
  • Restart the Tomcat. CTRL+C or call the .\apache-tomcat-9.0.0.M8\bin\shutdown.bat' and then start again.
    • Now when you navigate to 127.0.0.1/jenkins, you should see jenkins successfully installed.

Feel free to leave comments !!!
By - 1 comment:
Labels: , ,

Friday, March 20, 2015

Automatic logon in windows XP/7/8/Windows Server


  1. Open the Windows Registery editor from run.exe [ type regedit and ENTER ]
  2. Navigate to "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon"
  3. Set or create the following keys (DWORD, String, String)
    • AutoAdminLogon = "1"
    • DefaultUserName = Your user name
    • DefaultPassword = Your password
  4. Restart and now machine will be automatically logged in :) 
By - No comments:
Labels: ,

Thursday, January 22, 2015

The host supports Intel VT-x, but Intel VT-x is disabled


"The host supports Intel VT-x, but Intel VT-x is disabled" is thrown -  on trying to start a virtual machine e.g using VMware Player; when the Virtual Technology(VT) is disabled from system BIOS Settings.
The host supports Intel VT-x, but Intel VT-x is disabled

 Steps to fix this and run virtual machines successfully :-
  1. Close all the application and restart the System.
  2. Press F10 on system startup, to go to Bios Settings
  3. Enable the Virtual Settings from Bios Settings > System Configuration 
  4. Save the Changes and Start the System.
Video link :

Now try to start your virtual machine :) it should start without any error now :)


By - No comments:
Labels: ,

Monday, January 19, 2015

Install and run Sqlmap on Windows

Sqlmap is the most popular tool for finding and exploiting the sql vulnerability on the web. It is written in python for cross platform, today i will show the simple steps to install it on the Windows environment ( i am doing it on windows 8.1 :D )

  1. Download and install the Python interpreter from https://www.python.org/downloads/ on your System. Python 2.7.9 version should be fine.
  2. Now download the Sqlmap zip file from http://sqlmap.org/
    • Unzip the sqlmap zip folder
    • Open the command prompt > navigate to sqlmap unzipped folder
    • Launch command "sqlmap.py"
      Install Sqlmap on windows
Sqlmap is installed successfully and ready to roll and hack someone database :D ;)
By - No comments:
Labels: ,

Saturday, January 3, 2015

Hands on hacking - Windows 8.1 Elevation of Privilege vulnerability

Windows-Elevation of Privilege vulnerability in ahcache.sys/NtApphelpCacheControl, reported by the Google project Zero team is now all over in news. So, i thought to try it on my Windows 8.1 and let's see if the provided exploit works or not, and how to verify it ;)

Below are the steps taken directly from the report, and we will be going to execute it one by one and see how it works

1) Put the AppCompatCache.exe and Testdll.dll on disk
2) Ensure that UAC is enabled, the current user is a split-token admin and the UAC setting is the default (no prompt for specific executables). 
3) Execute AppCompatCache from the command prompt with the command line "AppCompatCache.exe c:\windows\system32\ComputerDefaults.exe testdll.dll". 
4) If successful then the calculator should appear running as an administrator. If it doesn't work first time (and you get the ComputerDefaults program) re-run the exploit from 3, there seems to be a caching/timing issue sometimes on first run.

Let's Start the test

  1. Download the exploit files from this link
  2. As per the step #2 from report, make sure your currently logged in user is
    • split-user token and UAC setting is set to default [  (i)-You should be an administrator, (ii)- Right click on calc.exe and select run as Administrator - an UAC pop up should be displayed ]
  3. Now navigate to downloaded folder poc\bin on command line and execute the below command:
    • AppCompatCache.exe c:\windows\system32\ComputerDefaults.exe testdll.dll
  4. Now you should see calc.exe (calculator) running in elevated administrator mode and that's also without any asking for any UAC pop up confirmation from logged in user :\
    Bypassing UAC using the exploit code (elevation of privilage)

You may wonder how to check if this is actually worked and calc.exe application is started in elevated mode, so here is how you can check :)
  • Open the Task Manager > Navigate to Details tab > Right click on columns > click on 'Select Columns'  > tick the 'Elevated' column and click on OK
    Adding elevated column in Task Manager process details tab 
  • once the 'elevated' column is added, you can see our calc.exe application is started as Administrator.
    checking a process Elevated status
Thank you :) 


PS : If you like to go in the bug report detail you can check it here https://code.google.com/p/google-security-research/issues/detail?id=118













By



-





No comments:
  


















Labels:
,
,

















          

        

          

        

Wednesday, August 20, 2014


          

        









Adding Windows PowerShell Cmdlets














 You may all have seen some error like below when running a command on Windows PowerShell. This usually occurs when the command PowerShell snap-in is not added.



The term 'Get-SPWebApplication' is not recognized as the name of a cmdlet, function, script file, or operable program.



Solution:  How to add the required snap-in if not already added from the PowerShell script itself.









# Example to add SharePoint Cmdlets [ SharePoint should be installed on machine ]

if ( (Get-PSSnapin -Name Microsoft.Sharepoint.Powershell -ErrorAction SilentlyContinue) -eq $null )

{

    Add-PsSnapin Microsoft.Sharepoint.Powershell

    Write-Output "`n Snap-in Microsoft.SharePoint.PowerShell added."

}

else

{

    Write-Output "`n Snap-in Microsoft.SharePoint.PowerShell already added."



 





# Example to add SQL Cmdlets [ SQL management tools should be installed on machine ]

if ( (Get-PSSnapin -Name SqlServerCmdletSnapin100 -ErrorAction SilentlyContinue) -eq $null )

{

    Add-PsSnapin SqlServerCmdletSnapin100

    Write-Output "`n Snap-in SqlServerCmdletSnapin100 added."

}

else

{

    Write-Output "`n Snap-in SqlServerCmdletSnapin100 already added."

}

if ( (Get-PSSnapin -Name SqlServerProviderSnapin100 -ErrorAction SilentlyContinue) -eq $null )

{

    Add-PsSnapin SqlServerProviderSnapin100

    Write-Output "`n Snap-in SqlServerProviderSnapin100."

}

else

{

    Write-Output "`n Snap-in SqlServerProviderSnapin100 already added."

}














By



-





2 comments:
  


















Labels:
,
,

















          

        

          

        

Monday, October 29, 2012


          

        










Install windows from bootable USB DRIVE/Pendrive














Hello friends,



Most of the time my friends asks me to help them install windows to their system via USB pen drive. So today I am going to write down the steps to make win7/vista bootable pen drive.



To make a bootable pendrive . You should have –

 Atleast 4 to 8 Gb pendrive.

 Windows 8/7/vista DVD or Windows 8/7/DVD image 













So once you have it.

10 Steps to make your pen drive boot-able :.

1.       Plugin your pendrive to your PC or laptop.

2.       Go to ‘My Computer’ and format the pen drive.

3.       Now open command prompt with Administrator priviledges.

(Go to Start > All programs > Accessories > command prompt , right click on command prompt and run it as an administrator.)

4.       When command prompt opens,enter the following command in series as written below

a.       DISKPART   ,  and press enter.



b.      LIST DISK  , press enter.

      

Once 'LIST DISK' command is completed. From the results remember the disk name of your pen drive. As in my case my USB name is “Disk 2”. So we will be using ‘Disk 2 ’ in our example.

Now, execute the following command one by one.





SELECT DISK 2

CLEAN

CREATE PARTITION PRIMARY

SELECT PARTITION 1

ACTIVE

FORMAT FS = NTFS

ASSIGN

EXIT





Now,don’t close the command prompt.

5.       Put your windows disk in you CD ROM (if your system CD ROM is  not working then you can use windows image file and mount it to virtual CD ROM).Now suppose your windows CD ROM drive is  “E:”.

6.       Then go to command prompt and execute following command.



E:

E:\> CD BOOT. Press enter  (Here ‘E:’ is your windows 7/vista disk drive name)

E:\BOOT> BOOTSECT.EXE /NT60 D:  (Here ‘D:’ is your USB disk drive name).



7.       Once above commands is executed. close the command prompt.

8.       Select all the files from your windows 8/7/Vista disk and copy them to your USB drive.Now USB is ready to boot windows.

9.       Now restart windows and boot from USB.(You can change boot priority in BIOS)

10.   Windows installation will start as normally like windows disk.(Enjoy : ))



If you find any problem ,then feel free to ask question and leave your comments…










By



-





2 comments:
  


















Labels:
,

















        

      









Subscribe to:
Posts (Atom)









AWS Certified Solutions Architect Associate - AWS Introduction -  Questions



              All the Best !!!   Show Result !!   Try Again !!        ×