To many hacked servers, to many 0day. after alot bashing my head against a wall im on Jekyll

Australian Master Keys - BSides Canberra 2017

Get AD site name on Locked Down XP System

Everyone on the web seemed to point to

nltest /dsgetsite

Found myself on a locked down XP system needing to get this programmatically and came up with the below

Not fast but it works reliably to date

set cmd="gpresult | findstr /B /C:"Site Name:""
for /f "tokens=3" %%G IN (' %cmd% ') DO set location=%%G
echo %location%

Subversion 1.7 Debian

Update: Confirmed that this process works on svn 1.7.3 and 1.7.4, Works well on Debian Lenny (5.0) so if you have problems and your running Etch (4.0) or older please try and upgrade At the time of writing Subversion 1.7.x wasn't in the Debian Apt tree, and as i wanted to use the new HTTPv2 access method i decided to try my hand at building it from source. I started with a bare bones Debian 6.0.3 box, the only non standard package i installed was ssh. First off lets let apt-get do all the hard work when it comes to solving the dependencies for building SVN 1.7, we also may as well install Apache2 at this point. I have also added vim as its my text editor of choice for CLI
apt-get update
apt-get build-dep subversion subversion-tools libapache2-svn
apt-get install apache2 vim
Be warned, for me i needed 477 (432mb) packages to this may take awhile to get and install From here, lets use wget to grab the latest source package, the latest version should aways be listed on the Source Downloads on the Subversion website. at time of writing this is 1.7.1
Once this is done extract and install like any other package
tar xxf subversion-1.7.1.tar.gz
cd subversion-1.7.1
make install
Now if our like me you plan to use Apache2 need to copy the modules to the appropriate dir
cp ./subversion/mod_dav_svn/.libs/ /usr/lib/apache2/modules/
cp ./subversion/mod_authz_svn/.libs/ /usr/lib/apache2/modules/
Now to build a few config files, i prefer vim for my CLI text editing so i'm going to install it now, feel free to
touch /etc/apache2/mods-available/dav_svn.conf
vim /etc/apache2/mods-available/dav_svn.load
Simple config just copy and paste the text below
# Depends: dav
LoadModule dav_svn_module /usr/lib/apache2/modules/
LoadModule authz_svn_module /usr/lib/apache2/modules/
Now lets enable the module and restart apache
a2enmod dav_svn
/etc/init.d/apache2 restart
If you don't get any errors, Chances everything is installed and configured correctly, you can always use the --version switch on svn or svnadmin to confrim
svnadmin --version
So its installed, but lets setup a quick and dirty test repo to confrim that apache is working
mkdir /var/svn/
svnadmin create /var/svn/test
chown -R www-data:www-data /var/svn/test/
vim /etc/apache2/conf.d/svn_test
Config for /etc/apache2/conf.d/svn_test
<Location /svn>
        DAV svn
        SVNPath /var/svn/test
Restart Apache then you should be good to go
/etc/init.d/apache2 restart
Now browse to http://your_server/svn and you should see a screen similar to the one below [caption id="attachment_173" align="aligncenter" width="503" caption="What you should see in your browser"][/caption] From here you have the worlds most basic SVN server setup, no restrictions or limitations but if your just installing something on your local pc/network this may be enough for you, I plan to follow this up with a post about how i migrated 200gb 300,000+ revision corporate repo from my old 1.6.x server to my new 1.7.1 server

PowerShell Get AD Password Age

Wanted to be able confirm that a user had really changed their Active Directory password when they claimed they had, Powershell was easy enough, but took me a bit to find it

get-ADuser -Identity administrator -Properties |FT PasswordLastSet
or if you just want all the properties of the user, drop the pipe to filter
get-ADuser -Identity administrator -Properties *

XenDesktop 5.5 Second Hard Drive

So running my first Citrix XenDesktop 5.5 Deployment, Did the pilot and the design on 5.0 SP1 but when 5.5 came out the first day i saw no reason not to jump straight to 5.5. As i work for a software development company the requirements for developer are quite high so we took some careful consideration when designing the environment as one must when every user us utalising their own Oracle or MS SQL Database plus some JBoss and Eclipse thrown in for good measure.

Long story short we split up the system to a C: and a D: drive for OS and installs respectively, All well and good, nothing in any of the citrix design guides i read saying this wasent possable? XenDesktop just links into VMware and esentially clones the VM right? Wrong! think its best summed up by the one line i got from Citrix support

The Machine Creation Service will always recognise only the first drive, if you require desktops with multiple drives you would work around the MCS by using PVS to stream disks, use partitioning, or manually add disks after MCS has deployed the VM's.

Thanks Citrix.....

VTP Cisco Nexus 5020

There's alot of talk about the Nexus OS not supporting VTP and where it does its only on the 7K series ant it only supports transparent mode. This is a bit out of date. Once little thing i found after a moderate ammount of digging it is fully supported in the 5.x series of NX-OS, Namely Cisco NX-OS Release 5.0(2)N2(1) Version Info
  kickstart: version 5.0(3)N2(1)
  system:    version 5.0(3)N2(1)
All modes supported
sydnexus01(config)# vtp mode ?
  client       Set the device to client mode
  off          Set the device to off mode
  server       Set the device to server mode
  transparent  Set the device to transparent mode
Generic Config
switch# config t
switch(config)# feature vtp
switch(config)# vtp mode client
switch(config)# vt accountingin cisco
switch(config)# vtp version 2

Limit Apache Bandwith Debian

Install and Enable the mod
apt-get install libapache2-mod-bw
a2enmod bw
Apply config to vhost
<VirtualHost *:80>
# Enable BW Module
BandwidthModule On
# Force for Every Request
ForceBandWidthModule On
# Limit to 200kb/s
Bandwidth all 204800
#rest of your config
DocumentRoot /var/www/
Restart Apache
/etc/ini.d apache2 restart

Site Upgrades

Upgraded from Highlight Source Pro to CodeColorer as one of the latest updates fixed a bug where it didn't like my theme. Also upgraded to the latest Wordpress Version

Shouldn't cause any problems but if someone gets a mangled page let me know

Install Crowd Apache2 Module

For all those who use Atlassian Products such as Jira or Confluence, you may or may not be familiar with Crowd now for anyone using Jira and Confluence it can allow you to use your existing user DB for multiple other systems, Personally i use it as a client access database to keep external users out of my AD database wherever possible while allowing internal users to still access these systems with their AD accounts. With the right plug-in's you can hook the system into pretty much everything, the most flexible one is the Apache 2 module, personalty i use it mostly as i had endless troubles getting recursive sub group lockups working with the free Apache modules floating around. If you need to use a proxy, set it now
export http_proxy="http://proxy_server:3128"
For Debian just copy and past the commands below, for other Distrobutions you will need to install the equivalent packages
apt-get -y install libapache2-mod-perl2 libsoap-lite-perl libdigest-sha1-perl liberror-perl libcache-cache-perl unzip make
Then to download, install and build the required modules the commands below should work.
cd ~
mkdir crowd_apache
mv\?version\=1 crowd_apache/
cd crowd_apache
cd Atlassian-Crowd-1.2.3/
perl Makefile.PL
make install
cd ../Apache-CrowdAuth-1.2.3/
perl Makefile.PL
make install
cd ../Apache-CrowdAuthz-1.2.3/
perl Makefile.PL
make install
/etc/init.d/apache2 restart
From Here the Atlassian Article Integrating Crowd with Apache is the best place to go