Monday, December 27, 2021

[FIX] multipathd error on Ubuntu 20.04.1

  

During our reguler syslog monitoring, we found some of our linux machine running Ubuntu 20.04.1 which running on top of VMWare are showing the following error :


So if you experiencing the same error then the following solution might also help you fix the issue.

1. Edit /etc/multipath.conf file : vi /etc/multipath.conf

defaults {
    user_friendly_names yes
}

blacklist {
    device {
        vendor "VMware"
        product "Virtual disk"
    }
}

2. Restart the multipahd service : systemctl restart multipath-tools.service


3. Alhamdulillah, no more multipathd error recorded in syslog.

That's it hope it useful.






Friday, October 1, 2021

DST Root CA X3 Expiration (30 September 2021)

 

According to the given information in Let's Encrypt Official site which is reachable at the following url https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ the important message is From Sept 30th 2021 Let's Encrypts previous root certificate DST Root CA X3 (and it's R3 intermediate) will expire. It has been replaced by their ISRG Root X1 certificate (and replacement R3 intermediate).


The impact of this expired root certificate may cause your server or some of your users will experience the following error message at their browser :

Your connection is not private
Attackers might be trying to steal your information from {domain name}.

NET::ERR_CERT_AUTHORITY_INVALID
NET::ERR_CERT_DATE_INVALID


To fix this issue from the server sider, we need to remove and disable the DST_Root_CA_X3:

# Find DST_Root_CA_X3 location :
root@localhost:~# locate DST_Root_CA_X3.crt
/usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt

# Remove DST_Root_CA_X3 :
root@localhost:~# rm /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt

# Edit ca-certificates list :
root@localhost:~#  vi /etc/ca-certificates.conf
# Find mozilla/DST_Root_CA_X3.crt and disable it 
!mozilla/DST_Root_CA_X3.crt

# Then update CA
root@ssocon:~# update-ca-certificates
Updating certificates in /etc/ssl/certs...
0 added, 1 removed; done.

Or you can simply reboot your server.

For client side simply ask them to update their browser version and also add/update the following certificates :

Root CA Certificates :

ISRG Root X1 : PEM Format | DER Format
ISRG Root X2 : PEM Format | DER Format

Intermediate Certificate :

Lets Encrypt R3 : PEM Format | DER Format

I hope this information will be useful.



Saturday, May 1, 2021

Shrink XFS partition, simply possible ?

 

My colleague asking me how to resize/shrink his CentOs 7 /home partition which is 240 GB to 160 GB and then allocate the remaining free space to / (root). Well, actually we can't directly shrink XFS therefore what we can do is backup all the data on /home, delete it and then recreate the /home, here is what todo :

1. Backup the contents of /home

tar -czvf /data/home.tgz -C /home .

2. Test Backup

tar -tvf /data/home.tgz

3. Unmount home

umount /dev/mapper/cl-home

4. Remove the home logical volume

lvremove /dev/mapper/cl-home

5. Recreate logical volume for /home, format and mount it

lvcreate -L 160GB -n home cl

mkfs.xfs /dev/mapper/cl-home

mount /dev/mapper/cl-home /home

6. Extend /root 

lvextend -r -l +100%FREE /dev/mapper/cl-root

7. Restore /home

tar -xzvf /data/home.tgz -C /home

8. Check /etc/fstab for any mapping of /home volume and ensure the file system type.

cat /etc/fstab

10. Ensure things already on their places.

$ lvdisplay

$ fdisk -l

$ mount -l 

$ df -h 

 

 

 

 

        

Walkthrough WebGoat Assignment Crypto Basics #8

 


Walkthrough WebGoat Assignment Crypto Basics #8 :
  1. First run the docker as requested : docker run -d webgoat/assignments:findthesecret
  2. Hints is to escalate using su - , what about BF ing su ?, but we go arround the other way, what we do is escalating user in docker to root, here is what we need to do :
           a) Copy /etc/passwd which contain UID & GID from Container to localsystem.
                $ docker cp Container-ID:/etc/passwd test.passwd

           b) Check test.passwd.
                $ cat test.passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/bin/false
webgoat:x:1000:1000::/home/webgoat: 
 
           c) Edit test.passwd, change webgoat UID & GID from previous 1000:1000 to 0:0.
                    root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/bin/false
webgoat:x:0:0::/home/webgoat:

           c) Copy edited test.passwd from localsystem to Container.

                $ docker cp test.passwd Container-ID:/etc/passwd 

           d) Access to Container.
                $ docker exec -it Container-ID /bin/bash

           e) Goto /root folder, and find the secret file (default_secret), and check it.
root@42284f82e8ff:/# cd /root/
root@42284f82e8ff:~# ls
default_secret 
root@42284f82e8ff:~# cat default_secret
ThisIsMySecretPassw0rdF0rY0u 

           f) Run decryption against  given secret to default_secret file. 

root@42284f82e8ff:~# echo "U2FsdGVkX199jgh5oANElFdtCxIEvdEvciLi+v+5loE+VCuy6Ii0b+5byb5DXp32RPmT02Ek1pf55ctQN+DHbwCPiVRfFQamDmbHBUpD7as=" | openssl enc -aes-256-cbc -d -a -kfile default_secret  

Leaving passwords in docker images is not so secure


What is the unencrypted message : Leaving passwords in docker images is not so secure

and what is the name of the file that stored the password :  default_secret




Sunday, February 28, 2021

SAP GUI Download

 ﷽



Hereby below is SAP GUI download link for those who might need it.

SAP GUI 7.50

  • Microsoft Windows OS, File size : 856 MB [ Download ]
  • Mac OSX, File Size : 156 MB [ Download ]

SAP GUI 7.70
  • Microsoft Windows OS, File size : 660 MB [ Download ]
  • Mac OSX, File Size : 179 MB [ Download ]

Thursday, January 28, 2021

[Fix] Global Protect Client Install Error

 

You may experiencing the following error when trying to install Global Protect client on Microsoft based OS :

This advertised application will not be installed because it might be unsafe

Here is the simple solution :

1. Copy GlobalProtect*.msi installer to c:\

2. Open CMD and choose to Run as administrator

3. Type & run : cd c:\

4. Type & run : msiexec /i GlobalProtect*.msi /qb

That's it ... i hope this information will be helpful

40 Hadist Seputar Keluarga Samawa (Bagian 3)

 ﷽ Ustadz Yusuf Abu Ubaidah As-Sidawi hafizahullohuta'ala Masjid Al-Aziz  Jl. Soekarno Hatta No. 662 Bandung Hadist 11 : Doa Orangtua Bu...