BackTrack 5 is the most popular Penetration testing among Security Analysts. We have also been using it for a very long time.
Today we were testing one application on our back track 5 Linux. It has Apache installed but with a limited modules. I couldn’t access any page of my application because all URLs were rewritten using mod_rewrite. I performed following troubleshooting and finally installed mod_rewrite module.
mod_rewrite module is actually available under back track 5 Linux, but you
have to just activate it.
How to check module if it is already available?
Module path : ls -l /usr/lib/apache2/modules/mod_rewrite.so
Module config path : ls -l /etc/apache2/mods-available/rewrite.load
How to Enable mod_rewrite now?
a2enmod rewrite
Output : Enabling module rewrite.
Run ‘/etc/init.d/apache2 restart’ to activate new configuration!
Restart Apache /etc/init.d/apache2 restart
Test you application, all URLs that is rewritten should work now!
Today I was migrating CPanel account to another server using a WHM/Cpanel Utility /scripts/pkgaccount. Package was successfully migrated to a new server and domain was live again on new server. But several functionality of the site was not working and the following error was appearing in apache error log constantly.
symbolic link not allowed or link target not accessible
There are two possibility of this error:
Your apache configuration doesn’t allow to Follow Sym Links.
Your SymLink owner doesn’t match (This usually happens on WHM/CPanel because CPanel uses unique user for unique domain)
Fix “symbolic link not allowed or link target not accessible” on WHM/CPanel Server :
Connect to your WHM/CPanel with root privileges from browser e.g http://example.com:2086
Go To
Main >> Service Configuration >> Apache Configuration >> Global Configuration
Check FollowSymLink
FollowSymLinks
Now, in our example your domain name is hackersgarage.com and your CPanel user is hacker. Simple change ownership of your symlink files to hacker
Jumple to document root of your domain cd /home/hacker/public_html/
Change ownership chown hacker:hacker *
If you are still having difficulties or unable to change ownership of files or its just not working. You can again Go To;
Main >> Service Configuration >> Apache Configuration >> Global Configuration
Uncheck SymLinksIfOwnerMatch
SymLinksIfOwnerMatch
Save it! It should rebuild Apache configuration and reload httpd daemon.
Fix “symbolic link not allowed or link target not accessible” on With Control Panel Server (CentOS/Ubuntu/RedHat):
vim /etc/httpd/conf/httpd.conf
Add
Options +FollowSymLinks -SymLinksIfOwnerMatch
Reload httpd /etc/init.d/httpd reload
on debian base distro; /etc/init.d/apache gracefull
If you don’t have access to httpd.conf, you can add this in your .htaccess of your document root. vim .htaccess
Options +FollowSymLinks -SymLinksIfOwnerMatch
Save it! Here you don’t need to reload httpd daemon.
Note : Using .htaccess method you need to make sure, your httpd.conf is configured/instructed to read .htaccess in your document root.
CPanel is a popular WHM solution. In past few days, i faced trouble while working with it. Thought to share with you if you face the same problem.
/scripts/easyapache
Not a HASH reference at /var/cpanel/perl/easy/Cpanel/Easy.pm line 340
Solution /scripts/checkperlmodules --full
How to Disable ConfigServer Security & Firewall /etc/csf/uninstall.sh
How to Disable Mandatory SSL (Web Login to WHL) vim /var/cpanel/cpanel.config
Find,
alwaysredirecttossl=1
requiressl=1
And change the “1” to “0”, and save the file changes.
Now execute the following command to effect the changes; /usr/local/cpanel/whostmgr/bin/whostmgr2 --updatetweaksettings
How to Install RRDTOOL
Download the required packages and execute rpm to install it. wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-1.2.23-1.el5.rf.x86_64.rpm
wget http://dag.wieers.com/rpm/packages/rrdtool/perl-rrdtool-1.2.23-1.el5.rf.x86_64.rpm
wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-devel-1.2.23-1.el5.rf.x86_64.rpm
rpm -ivh rrdtool-1.2.23-1.el5.rf.x86_64.rpm rrdtool-devel-1.2.23-1.el5.rf.x86_64.rpm perl-rrdtool-1.2.23-1.el5.rf.x86_64.rpm
[ipcheck] Problem with DNS setup on
When your server hostname doesn’t resolve to IP address and you don’t want to add ‘A’ record in your dns, you will have to disable this script to stop sending these alerts.
ls -l /scripts/ipcheck
-rwxr-xr-x 1 root root 7428 Jun 28 18:47 /scripts/ipcheck
chmod 000 /scripts/ipcheck
Make it write protected, so its permission won’t change.
chattr +i /scripts/ipcheck
ls -l /scripts/ipcheck
———- 1 root root 7428 Jun 28 18:47 /scripts/ipcheck
Openx is enterprise class ad inventory solution for your business. Normally I carry out its configuration from command line interface but this moment I decided to enable one plugin using UI (Web based Interface) but it failed and the following error appeared on screen:
It is not possible to edit all settings because the configuration file is locked for security reasons. If you want to make changes, you may need to unlock the configuration file for this installation first.
I tried to see all option but didn’t find a way to unlock the configuration file. Finally I found that its config file should be writable by your apache user.
Today i captured one tutorial using recordmydesktop utility on my backtrack and decided to view it but unfortunately backtrack 5 Linux didn’t include a good media player to do entertainment 😀 when you get bored with dirty work.
Anyways, i installed vlc using following command ; aptitude install vlc
And tried to run vlc as root i got error on my terminal ; vlc
VLC is not supposed to be run as root. Sorry.
If you need to use real-time priorities and/or privileged TCP ports
you can use vlc-wrapper (make sure it is Set-UID root and
cannot be run by non-trusted users first).
This error says straight forward vlc can not be run as root privileged user. What to do now? Don’t be panic. Here is the hacked solution 😀 vi /usr/bin/vlc
search for geteuid and replace it with getppid
Save file & Exit.
Now it should work, try to run it again 😉
Note : This is a very bad practice to run certain application with administrative rights. Do it at your own risk! 😉
I call this Error in error, because it reports wrong error.
I got this error while i execute ./adb devices
ERROR :
adb: No such file or directory
Error itself is very confusing, because the file is exist there and it reports false error. Well after searching on googe, found i36 compatibility libraries are missing there which i installed it simply with apt-get.
FIX “adb: No such file or directory”
apt-get install ia32-libs
It worked great for me. Let me know if you are stuck in same trouble.
BackTrack 5 is the most popular Penetration testing among Security Analysts. We have also been using it for a very long time.
