April 29, 2020 Computer virus Malware Ransomware

I'm interested about cryptography. But, I didn't explore about ransomware in deep. However recently one of my friend said that, some officials make decryption keys for ransomwares. I get wonder how they decrypt AES. If it is possible to decrypt, most of SSL connections, disk encryptions, bitcoin network, etc. will be a lie. That's why I became wonder.

However ransomware decryptors are possible.

I asked a Q&A in Malwaretips community. Then I got a answer from struppigel. He explained a thing that I didn't realize. It was, "most of ransomware developers make a mistake". then I got the point.

For encryption ransomeware should carry AES256 key which also need to decrypt. So if we cant extract in to ransomware and explore binary of it, we can find the KEY. If we can't there is no hope.

---

October 15, 2019 Outline-VPN VPN

Outline is a Shadowsocks  based VPN server which means hard to monitor traffic. Actually Shadowsocks and VPN works differently. Both Shadowsocks  and VPN encrypt data. But Shadowsocks is more lightweight. Shadowsocks uses normal HTTPS traffic with multiple TCP connections which ISP or a Government cannot monitor.

Using Shadowsocks Nobody cannot block you. If ISP or Government Cooperation know your Outline server's IP, then they can. But who's gonna tell? There is no way to monitor Shadowsocks because all traffic going through HTTPS. 



Downloads(Windows)

Outline Manager: https://raw.githubusercontent.com/Jigsaw-Code/outline-releases/master/manager/stable/Outline-Manager.exe#

Outline Client : https://raw.githubusercontent.com/Jigsaw-Code/outline-releases/master/client/stable/Outline-Client.exe#


If you are running deterrent OS than windows visit: https://getoutline.org/

---

October 12, 2018 CentOS Let's Encrypt Ngnix SSL

You're founding this page because of you already know what is Nginx and Let's Encrypt. In this simple tutorial you will learn how to install and configure Nginx and Let's Encrypt on CentOS 7.

If you're using Amazon web services or Google Cloud Platform or any other cloud service first make sure you have allowed HTTP and HTTPS access to the VM.

Update your CentOS 7

sudo yum update

Installing and configuring Nginx

sudo yum install nginx

Next we need to point a domain to the server. Run following command.

sudo vi /etc/nginx/nginx.conf

Find the server_name_; line and replace the _ underscore with your domain name.
(By clicking Insert button on keyboard you can edit the file. Press Esc and type :wq and hit Enter will save your config)

e.g: server_name example.com www.example.com;

By running below commands make sure your setting is successful.

sudo systemctl start nginx

sudo systemctl enable nginx

sudo nginx -t 

Setting Firewall

We also need to allow HTTP (port:80) and HTTPS (port:443) via VM local firewall.

If you're running firewalld, run below commands.

sudo firewall-cmd --add-service=http 
sudo firewall-cmd --add-service=https 
sudo firewall-cmd --runtime-to-permanent

If you're running iptables, run following commands. 

sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT 

If you're not sure what is your firewall, just run firewalld and iptables configuration commands. It will not damage your settings.

Obtaining a Certificate using Nginx plugin

Run below command, with your domain names. It will ask you simple questions. Just answer them.

sudo certbot --nginx -d example.com -d www.example.com 

Updating Diffie-Hellman Parameters

Now you successfully installed and configured done Nginx web server with Let's Encrypt. But if you're checking SSL via SSL Labs, it will show you a B Grade due to weak Diffie-Hellman parameters. We can fix this by creating a new dhparam.pem file and adding it to our server block.

Run following command.

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 

This will take a long time to generate.

Setting Up Auto Renewal

Let's Encrypt certificates only valid for ninety(90) days. So when it will near to expire soon, you will get an email notification. Running following command you can renew certificate yourself.

certbot renew 

But it is easy when we use crone jobs. 

Run following command:

sudo crontab -e 

Add following line and save it.

0 0 1 * * /usr/bin/certbot renew --quiet

It will renew your certificate every month. If you need change to custom time period please find the Configuring Cron Tasks on CentOS docs.

You're all done. If anything wrong please let me know. 

Source: digitalocean.com

---

October 06, 2018 Laravel

When you normally install Laravel Framework in a updated system (Chrome and Firefox, laravel.dev privacy error) you'll get a privacy error in web browser. Following steps will save your time.

First you need to download and install Xampp and Composer.

Install Laravel Framework

Open command prompt and run below command. It will download and install Laravel Framework for you, in C:\Users\USER_NAME directory. 

composer create-project laravel/laravel your-project-name 

Config Xampp for Virtual Host

Open httpd-vhosts.conf file via your favorite notepad. In default it locates at C:\xampp\apache\conf\extra directory. Add following lines at the end of the file.

# VirtualHost for LARAVEL.TEST
<VirtualHost laravel.test:80>   
 DocumentRoot "C:\Users\USER_NAME\your-project-name\public"   
 ServerAdmin laravel.test   
<Directory "C:\Users\USER_NAME\your-project-name">         
 Options Indexes FollowSymLinks         
 AllowOverride All         
 Require all granted   
</Directory>
</VirtualHost>
   

Then open and edit hosts file with admin privileges(run notepad as admin) which located on C:\Windows\System32\drivers\etc directory. add following line and save it.

127.0.0.1 laravel.test

Now you have successfully installed and configured done for Laravel Framework. Navigate to laravel.test  via your favorite web browser.

Bonus Configurations

Enable SSL (HTTPS) for Laravel localhost

If you have done above steps, again open httpd-vhosts.conf file via your favorite notepad. In default it locates at C:\xampp\apache\conf\extra directory. and then also add following lines.

<VirtualHost laravel.test:443>
  DocumentRoot "C:\Users\USER_NAME\your-project-name\public"
  ServerAdmin laravel.test
  SSLEngine on
  SSLCertificateFile "conf/ssl.crt/server.crt"
  SSLCertificateKeyFile "conf/ssl.key/server.key"
  <Directory "C:\Users\USER_NAME\your-project-name">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
 </Directory>
</VirtualHost>

Solving Laravel Specified key was too long error

Duet o laravel default database character set you will get following error if you're going to add some users to database.

SQLSTATE[42000]: Syntax error or access violation: 1071 Specified key was too long; max key length is 767 bytes (SQL: alter table `users` add unique `users_email_unique`(`email`))

For solve this error you need to edit AppServiceProvider.php which locates in /your-project-name/app/Providers directory.

Add following line after, namespace App\Providers;

use Illuminate\Support\Facades\Schema;

Add following line inside public function boot()

Schema::defaultStringLength(191);

After complete AppServiceProvider.php will look like below,

<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Facades\Schema;
class AppServiceProvider extends ServiceProvider
{
    /**
     * Register any application services.
     *
     * @return void
     */
    public function register()
    {
        //
    }
    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {
        Schema::defaultStringLength(191);
    }
}

---

April 04, 2018 VPN

This video will guide you to how to setup your own VPN server on Google Cloud Platform.



 This script will let you setup your own VPN server, even if you haven't used OpenVPN before. It has been designed to be as unobtrusive and universal as possible.

Installation 

Run the script and follow the assistant:

wget https://skiddow.github.io/OpenVPN/openvpn-install.sh && sudo bash openvpn-install.sh

Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.

Download OpenVPN client: https://openvpn.net/index.php/open-source/downloads.html

---