Skip to content

NXNJZ

Linux and Security

  • BLOG
  • Cowsay Fortune
  • Contact
  • Gitlab
  • Company Homepage
  • CVE-2021-42052 full disclosure

    August 4, 2022
    Vulnerability Details IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res R parameter. ------------------------------------------ [Vulnerability Type] Directory Traversal ------------------------------------------ [Vendor of Product] IPESA ------------------------------------------ [Affected Product Code Base] e-Flow - v.3.3.6 ------------------------------------------ [Affected Component] /lib/js/build/STEResource.res ------------------------------------------ [Attack Type] Remote ------------------------------------------ [Impact Information Disclosure] true ------------------------------------------ [Attack […]
  • How to Set Up an Interactive SSH Honeypot on CentOS 8.

    November 22, 2019
    Introduction A honeypot is a piece of software or a system that is designed to detect and monitor malicious activity, and deflect attackers from your actual production services and systems. This article will explain the deployment of an interactive SSH honeypot using Cowrie, a free and open-source SSH honeypot. It can log brute force connection […]
  • HackTheBox.eu Jarvis Writeup

    November 9, 2019
    Release Date: 22 June 2019 Creators: manulqwerty & Ghostpp7 Difficulty: Medium Retired on 10 November 2019 Summary SQL Injection in web app leads to command execution as www-data. www-data is allowed to run a particular script as the user “pepper”, it is vulnerable to command injection. SUID is set on systemctl, a systemd unit file is used […]
  • How to setup a simple proxy server with tinyproxy (Debian 10 Buster)

    October 7, 2019
    Introduction Tinyproxy is a lightweight HTTP/HTTPS proxy written in C. It is highly configurable and supports URL-based and domain-based filtering, custom headers and reverse proxying. This article will guide you through the compilation of Tinyproxy from source and its configuration in forward proxy mode. Prerequisites A newly deployed Debian 10 instance with a public IP […]
  • How to Install qdPM 9.1 on Debian 10 LEMP

    September 30, 2019
    Introduction qdPM is a free and open-source web application for project management. It is designed for small teams working on multiple projects and allows easy management of tasks and roles. qdPM is fully configurable and features a customer-facing ticket system that is integrated into task management. This guide will help you through the complete installation […]
  • How to Install qdPM 9.1 on CentOS 7.

    September 24, 2019
    Introduction qdPM is a free and open-source web application for project management. It is designed for small teams working on multiple projects and allows easy management of tasks and roles. qdPM is fully configurable and features a customer-facing ticket system that is integrated into task management. This guide will walk you through the complete installation […]
  • How to Install SuiteCRM on Debian 10 Buster

    September 23, 2019
    SuiteCRM is a free and open source alternative to the popular customer relationship management system SugarCRM. It became popular when SugarCRM decided to stop development of its community edition, on which SuiteCRM is based. This guide will explain the installation of SuiteCRM on a Debian 10 system. Prerequisites A fresh Debian 10 system. Root SSH […]
  • How to Install VtigerCRM on Debian 10 Buster

    September 22, 2019
    Vtiger CRM is a popular Customer Relationship Management web application which can help enterprises grow sales, deliver customer service, and increase profits. This article will guide you through the installation of Vtiger open source edition on a Debian 10 system with the Apache web server, MariaDB, and PHP. Prerequisites A newly deployed Debian 10 instance […]
  • How to Install PmWiki on Debian 10 / Nginx / PHP-FPM

    September 19, 2019
    Introduction PmWiki is an open-source wiki-based content management system built in PHP that was started in 2002, and is designed for collaborative creation and maintenance of websites. It allows quick editing as well as appearance changes using skins and templates. PmWiki also provides flexible password-based access control. This guide will explain the installation of PmWiki […]
  • Navigating Directories Efficiently on Linux

    September 17, 2019
    Navigating the Linux filesystem is commonly accomplished using the cd command, which can often get inefficient. Several commands and options can be used for faster, more efficient directory navigation. This guide will introduce: pushd, popd, dirs (bash built-ins) autocd, cdable_vars, cdspell, dirspell (bash options) The bd utility.
  • How to Install Postmill on Ubuntu 18.04 LTS with Apache or Nginx

    September 16, 2019
    Introduction Postmill is a free and open-source web-based social link aggregator with voting and nested comments, similar to the popular Reddit platform. This article will explain the full installation process on a Vultr Ubuntu 18.04 LTS system, including the setup of Nginx and Apache as replacements for the Symfony web server. Requirements A Ubuntu 18.04 […]
  • How to Install WallaBag on Debian 9.

    March 11, 2019
    Introduction Wallabag is a self-hosted PHP web application allowing you to save web pages for later reading. It extracts content so that you can read it when you have time. This article will explain the installation of Wallabag on a Debian 9 system. Prerequisites A Debian 9 installation. Root access to your server (via a […]
  • How to Install PrivateBin on Ubuntu 18.04 LTS

    March 11, 2019
    Introduction PrivateBin is a minimalist online pastebin where the server has zero knowledge of pasted data. This application supports password-protection, expiration, and self-destruction after reading. It is completely open-source and hosted on github. This article will guide through the installation and configuration of PrivateBin on Ubuntu 18.04 LTS. Prerequisites A Ubuntu 18.04 system. Root access […]
  • How to Install Wallabag on CentOS 7

    March 8, 2019
    Introduction Wallabag is a self-hosted PHP web application allowing you to save web pages for later reading. It extracts content so that you can read it when you have time. This article will explain the installation of Wallabag on a system running CentOS 7. NOTE: This guide assumes that SELinux is disabled, which is the […]
  • How to Install PrivateBin on CentOS 7.

    March 4, 2019
    Introduction PrivateBin is a minimalist online pastebin where the server has zero knowledge of pasted data. This application supports password-protection, expiration, and self-destruction after reading. It is completely open-source and hosted on github. This article will guide through the installation and configuration of PrivateBin on a CentOS 7 system. Prerequisites A CentOS 7 system. Root […]
  • How to Install WallaBag on Ubuntu 18.04 LTS

    February 21, 2019
    Introduction Wallabag is a self-hosted PHP web application allowing you to save web pages for later reading. It extracts content so that you can read it when you have time. This article will explain the installation of Wallabag on a Ubuntu 18.04 system. Prerequisites A Ubuntu 18.04 VPS. Root access to your server (via a […]
  • How to Install PrivateBin on Debian 9.

    February 20, 2019
    PrivateBin is a minimalist online pastebin where the server has zero knowledge of pasted data. This application supports password-protection, expiration, and self-destruction after reading. It is completely open-source and hosted on github. This article will guide through the installation and configuration of PrivateBin on a Debian 9 system. Prerequisites A Debian 9 server. Root access […]
  • How to Install Wallabag on Fedora 29.

    February 12, 2019
    Introduction Wallabag is a self-hosted PHP web application allowing you to save web pages for later reading. It extracts content so that you can read it when you have time. This article will explain the installation of Wallabag on a Fedora 29 system. Prerequisites Something running Fedora 29. Root access to your system (via a […]
  • How to Install PrivateBin on Fedora 29.

    February 12, 2019
    PrivateBin is a minimalist online pastebin where the server has zero knowledge of pasted data. This application supports password-protection, expiration, and self-destruction after reading. It is completely open-source and hosted on github. This article will guide through the installation and configuration of PrivateBin on a Fedora 29 system. Prerequisites A Fedora 29 system obviously. Root […]
  • Ampache streaming server installation guides.

    February 5, 2019
    Ampache is a web based audio/video streaming application and file manager allowing you to access your personal music & videos from anywhere, using almost any internet-connected device. It can be installed on most platforms with relative ease. You can visit Ampache’s github page here. Below are links to detailed guides for 4 major Linux distributions. […]

Recent Posts

  • CVE-2021-42052 full disclosure
  • How to Set Up an Interactive SSH Honeypot on CentOS 8.
  • HackTheBox.eu Jarvis Writeup
  • How to setup a simple proxy server with tinyproxy (Debian 10 Buster)
  • How to Install qdPM 9.1 on Debian 10 LEMP

Tags

802.11 ampache apache aspx bash cd centos cms crm cve debian exploits fedora fulldisclosure hackthebox honeypot http httpd ifconfig iw iwconfig labs lfi linux mariadb memory monit music nginx pastebin php privatebin privesc project management proxy reconnoitre selinux shopt ssh systemd txpower ubuntu wallabag wireless xxe

Categories

  • BASH (1)
  • CTF/Labs (2)
  • CVE / full disclosure (1)
  • Information Gathering (1)
  • Linux (25)
  • Password Cracking (1)
  • Privilege Escalation (2)
  • SQL Injection (1)
  • Web-Shells (1)
  • Wifi (2)
  • XXE (1)

Recent Comments

  • Bernard Martiny on How to Install PrivateBin on Ubuntu 18.04 LTS
  • VuCSA on List of security labs/challenges/CTFs
  • Brian on How to Install PrivateBin on Fedora 29.
  • Tyreeb on Installing Ampache on CentOS 7.
  • Christian Mora on Installing Ampache on CentOS 7.