Building Transmission on Open Solaris and Enabling Remote Web Interface

 

Transmission logo

 

Requirement:

[package name (download page), choose latest]

• pkg-config (http://pkgconfig.freedesktop.org/releases/)
• libevent (http://libevent.org/)
• gettext (http://ftp.gnu.org/pub/gnu/gettext/)

gettext dependencies :

• curl (http://curl.haxx.se/download.html)
• intltool (http://ftp.acc.umu.se/pub/gnome/sources/intltool/)

make sure that your machine have these packages installed

 

Open terminal an login as root:

pfexec su -

 

Standard Procedure Installation:

tar -xvzf #for .tar.bz2 use tar -xvjf
cd /
./configure --prefix=/usr/
make
make install


 

Download Transmission Source Code

Download transmission at http://www.transmissionbt.com/download.php

select source code version and download the latest version

 

for example (i’m using wget):

wget http://download.transmissionbt.com/files/transmission-2.42.tar.bz2


and do standard procedure installation for tranmission too..

 

if something goes wrong, try to workaround with ./configure parameter, for example :

./configure LIBEVENT_LIBS="-L /usr/local/lib -R /usr/local/lib -levent -lrt" PKG_CONFIG=""pkg-config" location"

just see the error from configure script output and use it as our ‘clues’

 

If everything is fine, our transmission binaries will located in “/usr/local/bin“

here is my example :

admin@opensolaris:~$ ls /usr/local/bin/

curl intltool-merge pkg-config transmission-edit

curl-config intltool-prepare transmission-cli transmission-remote

event_rpcgen.py intltool-update transmission-create transmission-show

intltool-extract intltoolize transmission-daemon


 

there are 6 transmission binary :

1. transmission-cli : transmission client (command line interface)
2. transmission-create : creating a torrent file
3. transmission-daemon : headless transmission session that can be controlled via transmission-remote or the web interface
4. transmission-edit : editing torrent file
5. transmission-remote : remote/local server started
6. transmission-show : show torrent

 

Enabling Web Interface and Remote Access with Authentification:

Edit a transmission-daemon file configuration in :

$HOME/.config/transmission-daemon/settings.json


and edit some parameter such as :

"rpc-authentication-required": true,

“rpc-enabled": true,

"rpc-password": "your_password",

"rpc-username": "your_username",

 

So the web interface will prompt username and password, if we aim our transmission server for remote access, don’t forget to set up a ‘whitelist’ :

"rpc-whitelist": "127.0.0.1,192.168.1.101",

"rpc-whitelist-enabled": true,

 

from above example, our transmission web interface will be allowed to be accessed from:

localhost (127.0.0.1) and 192.168.1.101

 

To Access Web Interface :

type the “server_ip_address:9091” where server_ip_address is an our ip address of transmission machine and 9091 is a default transmission port.

 

Transmission Web Auth Prompt

 

Transmission Web Interface

 

Simply Use of ‘Screen’

 

Sometimes we have to connect our shell to the server for maintenance or just monitoring our remote work stuff. But there are some application that need an uninterruppable connection, if we’ve lost connection so the work too. For example, when we did some scp-ing or compiling a BSD based software or kernel, ouuuchh such a terrible things if we lost connection in our mid-work process.
So there is Screen formerlry GNU Screen, What is ‘Screen’?

 

“Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells” (http://www.gnu.org/s/screen/)

 

With the use of screen we wouldn’t lost our work when there is failed connection stuff. On the most POSIX Operating System, ‘screen’ is almost installed and ready to use. If there is no screen on OS, simply just download or install with your distro-way (apt-get, rpm etc)

 

To Use ‘screen’
Just type “screen” (without appostrophe) on terminal console

$ screen

So the welcome screen of ‘screen’ will appear:

Welcome screen of 'screen'

just Enter when ready to use ‘screen’ and we will already in ‘screen’ immediately. Then we could doing our works.

 

Some useful keyboard shortcut
Ctrl + A : initiate ‘screen’ command
Ctrl + A and press A immediately : change windows (act like alt-tab in normal wm)
Ctrl + A and press C immediately : create a new window

 

To resume a disconnected ‘screen’
type “screen -list” to list all available ‘screen’ session and status Detached/Attached

$ screen -list

 

Here is my ‘screen’ list for example

gti@opensolaris:~$ screen -list
There is a screen on:
8936.pts-2.opensolaris (Dettached)
1 Socket in /home/gti/.screen.

 

To connecting the detached shell type “screen -r”

$ screen -r 8936.pts-2.opensolaris

And we will ‘connected’ again

 

To exit screen just type ‘exit’
so the “[screen is terminating]” message will appear

or just close the terminal )

How to Make OpenSUSE 11.4 (or Later) Live USB on Windows

OpenSUSE Stick

 

Here is my 2nd try to migrate to OpenSUSE with my Laptop. My first try to migrate to OpenSUSE has make me disappointed, why? because proxy issues on OpenSUSE, so i got some trouble to get ‘uptodate’. On my 2nd try, i forced to use USB, because my optical drive was ‘gone’, hahaha.

 

After some googling days, attempts and a little frustating. Here is my way to make OpenSUSE Live USB on Windows, thx 4 people on openSUSE forum especialy Jefro, kiwi man and Lexar for creating an ‘unique’ tool.

 

Prepare some stuff

1. OpenSUSE Live CD Image (i’m using OpenSUSE 11.4 KDE 64 bit, just in case )

 

2. SUSE studio image writer. Download here

 

3. BootIt by Lexar, to make USB flash drive act as local drive. Download here

 

4. Don’t forget, the USB Flash drive. I’m using kingston data traveller 1GB (as i’m using CD version), old but still badass =))

 
 

Procedures

1. Rename downloaded ISO to .raw extension, so SUSE studio image writer could read it.

for example : openSUSE-11.4-KDE-LiveCD-x86_64.iso.raw
 

2. Install Lexar USB utility

 

3. Format the USB with Lexar USB utility (BootIt) Like mine : (my usb is drive F: dont forget to set active)

 



BootIt to create usb flash drive act as fix/local drive


 
4. Install or just run imagewriter.exe (SUSE studio image writer) BUT DONT DO ANYTHINK, JUST LAUNCH the imagewriter

 



SUSE studio image writer


 
5. Format manually with windows WHILE imagewriter is still OPEN.

 

6. Last, press Copy Button!

 
 
 

Enjoy, and happy Live USB with the green lizard =))

How to Install and Use WPScan

Wordpress Logo

 

WordPress is one of most fav CMS. There are so many people using this CMS because it’s easy, simple and can be tweaked more. But there are some vulnerabilities comes with wordpress through its plugins, theme etc. Remember the vulnerable not comes just from weak software management, but also weak Password/authentification.

 

So there are WPScan. What is WPScan?
WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.
This project is sponsored by the RandomStorm Open Source Initiative.
 

Some key of features :

• Username enumeration (from author querystring and location header)
• Weak password cracking (multithreaded)
• Version enumeration (from generator meta tag and from client side files)
• Vulnerability enumeration (based on version)
• Plugin enumeration (2220 most popular by default)
• Plugin vulnerability enumeration (based on version)
• Plugin enumeration list generation
• Other misc WordPress checks (theme name, dir listing, …)

 

Installation
Even WPScan comes in Backtrack 5R1 by default, we could install on almost Unix/Linux distro.
WPScan can be downloaded from its Google Code project’s page, but i think installing from SVN is more ‘uptodate’.
 

Software requirement/dependencies :

• ruby (comes by default in most unix distro, i think :p )
• subversion (for svn-ing)
• libcurl4-gnutls-dev
• libopenssl-ruby
• some ruby packages : thypoeus and xml-simple

 

Install dependencies (for debian and debian based)

• sudo apt-get install libcurl4-gnutls-dev
• sudo apt-get install libopenssl-ruby
• sudo gem install typhoeus
• sudo gem install xml-simple

 

To install from read-only SVN :
svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only
After get source through SVN amd also deps, we could use it just dot slash it
 

cd wpscan-read-only
./wpscan.rb
 
Some quick usage

For basic enumeration:
./wpscan.rb --url www.example.com
 

For plugin enumeration:
./wpscan.rb --url www.example.com --enumerate p
 

Brute-Forcing:
./wpscan.rb --url www.example.com --wordlist wordlist.lst --username admin
 

Code aboves explain that www.exampe.com is being brute-forcing by admin as username and using password from wordlist.lst as wordlist/dictionary
 
 
 

source : http://code.google.com/p/wpscan and some experience )

Fix Google Chrome Preference Issue

Google Chrome Launcher

I actually have been a long have chromium browser (call for google chrome on ubuntu) installed, but just lately I use it for playing flash games, hehehe and after a long absence to open chrome, an error message are occured every chrome starting-up:

Screenshot-Chromium

then I tried to analyze it, there must be a something wrong with the file permissions, and then I became to find it in my $HOME folder that has a chrome related and it is located in the .config/chromium so we have change the file permissions with the following command:

 

sudo chown -R $USER:$USER $HOME/.config/chromium

 
this command is used to update the ownership of our chrome profile, and it successfully