AdSense
Monday, April 2, 2018
Setting up HTTP Basic Authentication
SETTING UP HTTP BASIC AUTHENTICATION
- Layout for this exercise:
- Web applications may provide their own access control methods, but a web server can also restrict access by using two types of authentications that are part of the HTTP standard: Basic and Digest authentication.
- HTTP Basic Authentication (BA) is the simplest way to enforce access control to web resources. When making a request, the user agent provides credentials (username and password) to the web server.
- BA uses standard fields in the HTTP header, not providing confidentiality because the credentials are sent just encoded with Base64, but not encrypted or hashed at all.
- For further information about HTTP Basic Authentication:
https://en.wikipedia.org/wiki/Basic_access_authentication
- To implement Basic Authentication on an Apache web server, first of all a password file must be created, so that Apache can read it whenever the web page is requested.
- The utility htpasswd (part of the apache2-utils package) manages user files for basic authentication. As an example, let's take:
username: admin (very common as default username in many devices)
password: ababa (simple, for the purpose of ease in this exercise)
- The hidden file .htpasswd has been created and stored encrypted on the server side:
- The default encryption format to store the credentials is "$apr1$" + the result of an Apache-specific algorithm using an iterated (1,000 times) MD5 digest of various combinations of a random 32-bit salt and the password.
https://httpd.apache.org/docs/2.4/misc/password_encryptions.html
- See source file apr_md5.c for the details of the algorithm:
http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_md5.c?view=markup
- Editing the Ubuntu default virtual host file (000-default.conf):
- Adding the HTTP BA restriction for the directory called "basicauth", where the web page is contained. The <Directory> block specifies that the type of authentication is Basic, the name of the realm (the realm name defines a protection space for a web resource in combination with the canonical root URL of the server being accessed), the path to the .htpasswd file, and the requirement of "valid-user" credentials:
- In this way, we have established a per-directory basis HTTP BA specific for the directory "basicauth" that we are interested in.
- After editing the virtual host file, let's restart the web server:
- Configtest command checks that the syntax of the configuration file is correct:
- Reviewing the status of the web server:
- Now, a user is prompted to enter credentials when trying to access the web resources contained in the directory "basicauth".
- In case of introducing bad credentials, the server answers with the default "Unauthorized" message:
- Introducing the correct credentials, the web resources are finally available:
Thursday, March 8, 2018
Pentest via cellular network (V): Nmap port scanner with SMS message
PENTEST VIA CELLULAR NETWORK (V): NMAP PORT SCANNER WITH SMS MESSAGE
- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):
- This exercise is based on the four previous exercises:
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-i-global.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-ii.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-iii-sms.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-iv-port.html
1 - Writing the Python script
- The Python script used in this exercise uses libraries and scripts from previous exercises:
- Some libraries are imported:
- A function is defined to process the SMS message requests:
- External stored data is invoked:
- The script waits until an SMS message arrives, then processing it, and finally giving back an answer:
2 - Testing the script
- First, from the smartphone an SMS message is launched asking about the port 22 of the localhost:
- Running the Python script at the Raspberry Pi, it detects the request from the smartphone and finally gives back an answer:
- Before launching another test to the host 192.168.1.6, let's perform an Nmap scan in the usual way:
- Now, from the smartphone an SMS message is launched inquiring about the port 135 of the host 192.168.1.6:
- The Raspberry Pi gives an answer back to the smartphone via an SMS message, and the result is equal to the usual Nmap port scanning: port 135 is open.
Pentest via cellular network (IV): port scanning with Python-nmap
PENTEST VIA CELLULAR NETWORK (IV): PORT SCANNING PYTHON-NMAP
- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):
1 - Installing Python-Map on the Raspeberry Pi
- python-nmap is a python library which helps in using Nmap port scanner.
- It allows to easilly manipulate nmap scan results and will be a perfect tool for systems administrators who want to automatize scanning task and reports.
- It also supports nmap script outputs.
- For further information:
https://xael.org/norman/python/python-nmap/
- Python-nmap works on top of Nmap, so let's make sure that Nmap is previosly installed:
- Downloading python-nmap:
- Uncompressing:
- Setting up and installing:
2 - Testing python-nmap with Python interactive mode
- Now, let's check its funcionality scanning the port 22 of the localhost Raspberry Pi, invoking python-nmap from Python:
- The SSH port 22 is in "open" status:
3 - Writing a Python script using python-nmap
- This Python script uses python-nmap for scanning, and it is based on the documentation provided by the python-nmap official website:
https://xael.org/norman/python/python-nmap/
- Let's notice that the final section of the script just indicates to scan the localhost port 22:
- Running the script the result is successful:
Pentest via cellular network (III): SMS messages with Hologram Python SDK
PENTEST VIA CELLULAR NETWORK (III): SMS MESSAGES WITH HOLOGRAM PYTHON SDK
- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):
- The goal of this exercise is to send/receive SMS messages between a Hologram modem (installed at a Raspberry Pi device) and a smartphone via the celullar network, using the Hologram Python SDK library.
- First of all, let's create an external data script where the device key and the phone number are stored:
- Now, importing libraries from the Hologram Python SDK, this Python script sends an SMS message and prints the successful result:
- Running SendTEST.py:
- In similar way, this Python script puts the modem into receiving mode and prints the message once it has been received:
- Running ReceiveTEST.py (in the image I have removed the sender phone number by privacy reasons):
- The smartphone screen displays the SMS messages exchanged with the modem:
Subscribe to:
Posts (Atom)