DEV Community: RICK SANCHEZ

Setting Up Postgres Server on Ubuntu

RICK SANCHEZ — Wed, 08 Mar 2023 10:16:48 +0000

Installing Postgres

Update and Upgrade the server
sudo apt install wget ca-certificates to install wget and ca-certificates
Get the certificate and add it to apt-key management
- wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
- sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
- Throw and Error: -> install this missing dependency : apt install gnupg
Update the server : sudo apt update
Install Postgres : apt install postgresql postgresql-contrib
Check Postgres : service postgresql status

Setting Up Postgres Server

Enable connection from the client nano /etc/postgresql/14/main/postgresql.conf
- Uncomment and replace ip_address with * : listen_addresses = '*'
Edit the PostgreSQL access policy nano /etc/postgresql/14/main/pg_hba.conf
- Append the following line : host all all 0.0.0.0/0 md5
Restart the Server systemctl restart postgresql

Creating a new User and Database

Creating a new user sudo -u postgres createuser <username>
Creaing a new databse sudo -u postgres createdb <dbname>
Change Password and grant privileges on database sudo -u postgres psql alter user <username> password '<password>'; grant all privileges on database <dbname> to <username> ;

Check the Connection using

psql -h <ip_address> -p 5432 -d <database> -U <username>

Vulnhub Harry Potter Aragog - Walkthrough

RICK SANCHEZ — Sat, 12 Nov 2022 15:57:28 +0000

Import the Vulnerable machine in your virtual box. Change the Network settings to bridged adapter so that you can access the machine.

Let's get started !

Inital Scanning

Nmap Scan

We can see that our machine is hosting and the ssh port is open. Let's check out the website.

Dirbuster

Use dirbuster to find the directories

We found '/blog' directory

Note
Configue the /etc/hosts to access other hyperlinks

By Looking at footer of the website we are able to confirm that it is a wordpress website and we can confirm it using wappalyzer

Metasploit

Scan for vulnerability

we use this module in metasploit to scan for the vulnerability.

we found a exploit on msf

run the exploit with the following options

Run the exploit

we got the meterpreter shell.

In the home directory we can see two folders

Inside hagrid's folder we found the First Horcrux

Here is the first Horcrux

horcrux_{MTogUmlkRGxFJ3MgRGlBcnkgZEVzdHJvWWVkIEJ5IGhhUnJ5IGluIGNoYU1iRXIgb2YgU2VDcmV0cw==}

Now we need to privelate the user permission

linpeas

Upload the lipeas.sh to the server

run linpeas

We found the DB login details

we got the user password hash.

Crack the hash with john the ripper.

ssh to hagrid98 with the password

Now its time to escalate to the root user.

Use pspy to find the process running in the backgound here is a guide on how to get started with pspy

https://vk9-sec.com/how-to-enumerate-services-in-use-with-pspy/

we found that backup.sh is running in background with interval and it is running as the root user.

Re-write the .backup.sh with a reverse shell.

https://www.revshells.com

run a listener on netcat and after sometime you will get the root shell

The second Horcrux

horcrux_{MjogbWFSdm9MbyBHYVVudCdzIHJpTmcgZGVTdHJPeWVkIGJZIERVbWJsZWRPcmU=}

Decode the Horcrux with base64:

1: RidDlE's DiAry dEstroYed By haRry in chaMbEr of SeCrets
2: maRvoLo GaUnt's riNg deStrOyed bY DUmbledOre

Getting Started With Vulnhub

RICK SANCHEZ — Fri, 11 Nov 2022 16:57:01 +0000

In this blog we will see how to set up a vulnhub machine and start hacking.Vulnhub is a website which contains vulnerable machines which you can download and start practicing your skills.

Visit vulnhub

You can download any machine that you want to practice with.

I will downloading the Aragog Machine from the Harry Potter Series

Open Virtual Box

Select "Tools" and Click on "Import"

Click on the file button

Navigate to the .ova file that you have dowloaded from the vulnhub website and click on open.

Click on Next and with the default values click on import.

Once the machine imported click on start to start the machine.

Happy Hacking!

Setting Up An ownCloud server on linode.

RICK SANCHEZ — Wed, 26 Oct 2022 17:33:38 +0000

Step 1
Create a ubuntu server in linode.

Step 2

Install Docker Engine and Docker Compose

1) Update the package index and install packages

$ sudo apt-get update

$ sudo apt-get install \ ca-certificates \ curl \ gnupg \ lsb-release

2) Add Docker's official GPG key

$ sudo mkdir -p /etc/apt/keyrings

$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

3) Set up the repository

$ echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

4) Install Docker Engine and Docker Compose

$ sudo apt-get update

$ sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

Step 3

Pull The Official Docker Image and run it

1) $ docker pull owncloud

2) $ docker run -d -p 80:80 owncloud

Now you can access owncloud by entering your server ip in browser.

Stay ahead on privacy with temporary E-mail

RICK SANCHEZ — Wed, 17 Aug 2022 17:46:00 +0000

Temporary email is a service which provides disposable temporary email addresses which delete itself after a certain time. Many websites and forums on the internet ask for your email addresses in exchange for visiting their page or to download files. These websites may or may not be a secure enough website, where they might trade your email with companies for their own profit.
Most insecure websites are always victims of data breaches and when you provide your personal/business email in an insecure website, your email can be an easy target for hackers. Some websites even store your password in clear text, which when many of us reuse our passwords, makes our mail vulnerable to hackers.
The best way to prevent this is to use a temporary email address. By using a temporary email address, you are secure, anonymous, spam-free and you can also keep the inbox of your real email clean. I personally use, “temp-mail.org” for temporary email service. So next time a website asks for your email address, try using a temporary mail id and you will see less spam emails in your spam box.

PRO TIP
Use temporary email addresses on websites which provide free trials or limited access per day. When your trial or a specific day’s access time has expired, you can log out and sign in again with another temporary email address and prolong the access you have to the websites. I use this on, “pngtree”, which is a website where you can download png images. Only a premium member can download unlimited png images, where for a free user, it’s only two images per day. I can download unlimited by using temporary email addresses. You can also use this on, “TunnelBear” and get good VPN service for free.

Tempmail