markdownサンプル文章です。ここは地の文です。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
acl blacklist_regex url_regex "/usr/local/squid/etc/blacklist.txt" | |
http_access deny blacklist_regex | |
... | |
... | |
access_log /var/log/squid/access.log squid | |
access_log /var/log/squid/deny.log squid blacklist_regex |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# coding: UTF-8 | |
# OpenSSH User Enumeration Time-Based Attack | |
# https://cureblog.de/2013/07/openssh-user-enumeration-time-based-attack/ | |
# 存在するユーザの場合は数十秒、存在しないユーザならば数秒で終わるため判定可能 | |
import sys | |
import socket |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
openssl pkcs12 -export -inkey localhost.key -certfile ca-bundle.crt < localhost.crt > server.p12 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DBDriver mysql | |
DBDParams host=dbserver,user=dbuser,pass=dbpass,dbname=dbname | |
DBDPersist Off | |
<Location /hoge/fuga.cgi> | |
SSLRequrireSSL | |
AuthBasicProvider dbd | |
AuthDBDUserPWQuery "SELECT ENCRYPT('...') ... FROM tablename WHERE id = %s" | |
AuthName "Basic Auth" | |
require valid-user |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
settings = { | |
core = { | |
real_name = "Unknown"; | |
user_name = "Unknown"; | |
nick = "Neme"; | |
}; | |
"fe-text" = { actlist_sort = "refnum"; }; | |
"fe-common/core" = { | |
autolog = "yes"; | |
autolog_path = "/home/ozuma/irclogs/%Y/$tag/$0.%m-%d.log"; |
- CentOS 6.5のISOファイルをダウンロードしてインストール
# yum --disablerepo=updates,extra install mod_ssl
のように、baseリポジトリからインストールする(そのまま入れるとupdatesから入っちゃう)
- CentOS 6.4はopenssl 1.0.0なのでheartbleedが無い。
Metasploitのモジュールが一番ちゃんとやってるぽい
msf > use auxiliary/scanner/ssl/openssl_ccs
msf auxiliary(openssl_ccs) > set RHOSTS 192.168.204.148
msf auxiliary(openssl_ccs) > exploit
脆弱性があると、こういうメッセージが出る。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HTTP_BAD_GATEWAY.html.var | |
HTTP_BAD_REQUEST.html.var | |
HTTP_FORBIDDEN.html.var | |
HTTP_GONE.html.var | |
HTTP_INTERNAL_SERVER_ERROR.html.var | |
HTTP_LENGTH_REQUIRED.html.var | |
HTTP_METHOD_NOT_ALLOWED.html.var | |
HTTP_NOT_FOUND.html.var | |
HTTP_NOT_IMPLEMENTED.html.var | |
HTTP_PRECONDITION_FAILED.html.var |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://stackoverflow.com/questions/3220419/openssl-s-client-using-a-proxy | |
proxytunnel -p yourproxy:8080 -d www.google.com:443 -a 7000 & | |
openssl s_client -connect localhost:7000 -showcerts |
OlderNewer