Update Time Using Terminal in Linux

Yesterday, my Debian desktop was crash (gnome-shell) so i intend to install minimal desktop environment such as Fluxbox. I’m just using terminal to access servers everyday, so actually i don’t need GUI, i need GUI just for internet browsing, cause console-based browser such elinks or w3m couldn’t display an image, hahaha

 

I’d like to ‘suspend to disk’ (formerly: hibernate) my machine, instead completely or really shutdown the machine. One day i realized that my clock doesn’t display a correct time!!

 


$ date
Mon Feb 13 10:37:33 PST 2012

 


$ date -R
Mon, 13 Feb 2012 10:36:10 -0800

 

In fact, my host ‘live’ on different time zone (GMT +7, WIT)
So here it’s a little HOW-TO in full CLI method, very useful for server :)

 
Backup current timezone (file)


# mv /etc/localtime /etc/localtime-old

 

Change this file to appropriate timezone, (take a look at /usr/share/zoneinfo/*)
Create a symbolic link between them

 


# ln -sf /usr/share/Asia/Jakarta /etc/localtime-old

 
(nb: in my case i live in West Indonesia Time(WIT))
 
Now update current time to Time Server


# rdate -s time-a.nist.gov

 
or using ntpdate if rdate not currently installed on your system


# ntpdate time-a.nist.gov

 
Finally check again our time, is it in correct timezone or not?
 


$ date
Mon Feb 13 10:49:35 WIT 2012

 
or
 


$ date -R
Mon, 13 Feb 2012 10:49:32 +0700

 
Hope it helps :)
Thx

Building Transmission on Open Solaris and Enabling Remote Web Interface

 

Transmission logo

Transmission logo

 

Requirement:

[package name (download page), choose latest]

gettext dependencies :

make sure that your machine have these packages installed

 

Open terminal an login as root:

pfexec su -

 

Standard Procedure Installation:

tar -xvzf #for .tar.bz2 use tar -xvjf
cd /
./configure --prefix=/usr/
make
make install

 

Download Transmission Source Code

Download transmission at http://www.transmissionbt.com/download.php

select source code version and download the latest version

 

for example (i’m using wget):

wget http://download.transmissionbt.com/files/transmission-2.42.tar.bz2

and do standard procedure installation for tranmission too..

 

if something goes wrong, try to workaround with ./configure parameter, for example :

./configure LIBEVENT_LIBS="-L /usr/local/lib -R /usr/local/lib -levent -lrt" PKG_CONFIG=""pkg-config" location"

just see the error from configure script output and use it as our ‘clues’ :)

 

If everything is fine, our transmission binaries will located in “/usr/local/bin

here is my example :

admin@opensolaris:~$ ls /usr/local/bin/

curl intltool-merge pkg-config transmission-edit

curl-config intltool-prepare transmission-cli transmission-remote

event_rpcgen.py intltool-update transmission-create transmission-show

intltool-extract intltoolize transmission-daemon

 

there are 6 transmission binary :

  1. transmission-cli : transmission client (command line interface)
  2. transmission-create : creating a torrent file
  3. transmission-daemon : headless transmission session that can be controlled via transmission-remote or the web interface
  4. transmission-edit : editing torrent file
  5. transmission-remote : remote/local server started
  6. transmission-show : show torrent

 

Enabling Web Interface and Remote Access with Authentification:

Edit a transmission-daemon file configuration in :

$HOME/.config/transmission-daemon/settings.json

and edit some parameter such as :

"rpc-authentication-required": true,

“rpc-enabled": true,

"rpc-password": "your_password",

"rpc-username": "your_username",

 

So the web interface will prompt username and password, if we aim our transmission server for remote access, don’t forget to set up a ‘whitelist’ :

"rpc-whitelist": "127.0.0.1,192.168.1.101",

"rpc-whitelist-enabled": true,

 

from above example, our transmission web interface will be allowed to be accessed from:

localhost (127.0.0.1) and 192.168.1.101

 

To Access Web Interface :

type the “server_ip_address:9091” where server_ip_address is an our ip address of transmission machine and 9091 is a default transmission port.

 

Transmission Web Auth Prompt

Transmission Web Auth Prompt

 

Transmission Web Interface

Transmission Web Interface

 

Simply Use of ‘Screen’

 

Sometimes we have to connect our shell to the server for maintenance or just monitoring our remote work stuff. But there are some application that need an uninterruppable connection, if we’ve lost connection so the work too. For example, when we did some scp-ing or compiling a BSD based software or kernel, ouuuchh such a terrible things if we lost connection in our mid-work process.
So there is Screen formerlry GNU Screen, What is ‘Screen’?

 

“Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells” (http://www.gnu.org/s/screen/)

 

With the use of screen we wouldn’t lost our work when there is failed connection stuff. On the most POSIX Operating System, ‘screen’ is almost installed and ready to use. If there is no screen on OS, simply just download or install with your distro-way (apt-get, rpm etc)

 

To Use ‘screen’
Just type “screen” (without appostrophe) on terminal console

$ screen

So the welcome screen of ‘screen’ will appear:

Welcome screen of 'screen'

Welcome screen of 'screen'

just Enter when ready to use ‘screen’ and we will already in ‘screen’ immediately. Then we could doing our works.

 

Some useful keyboard shortcut
Ctrl + A : initiate ‘screen’ command
Ctrl + A and press A immediately : change windows (act like alt-tab in normal wm)
Ctrl + A and press C immediately : create a new window

 

To resume a disconnected ‘screen’
type “screen -list” to list all available ‘screen’ session and status Detached/Attached

$ screen -list

 

Here is my ‘screen’ list for example

gti@opensolaris:~$ screen -list
There is a screen on:
8936.pts-2.opensolaris (Dettached)
1 Socket in /home/gti/.screen.

 

To connecting the detached shell type “screen -r”

$ screen -r 8936.pts-2.opensolaris

And we will ‘connected’ again :)

 

To exit screen just type ‘exit’
so the “[screen is terminating]” message will appear

or just close the terminal :) )

How to Make OpenSUSE 11.4 (or Later) Live USB on Windows

opensuse on live usb stick

OpenSUSE Stick


 

Here is my 2nd try to migrate to OpenSUSE with my Laptop. My first try to migrate to OpenSUSE has make me disappointed, why? because proxy issues on OpenSUSE, so i got some trouble to get ‘uptodate’. On my 2nd try, i forced to use USB, because my optical drive was ‘gone’, hahaha.

 

After some googling days, attempts and a little frustating. Here is my way to make OpenSUSE Live USB on Windows, thx 4 people on openSUSE forum especialy Jefro, kiwi man and Lexar for creating an ‘unique’ tool.

 

Prepare some stuff

  1. OpenSUSE Live CD Image (i’m using OpenSUSE 11.4 KDE 64 bit, just in case :) )

    2.  

  2. SUSE studio image writer. Download here

    3.  

  3. BootIt by Lexar, to make USB flash drive act as local drive. Download here

    4.  

  4. Don’t forget, the USB Flash drive. I’m using kingston data traveller 1GB (as i’m using CD version), old but still badass =))

 
 

Procedures

  1. Rename downloaded ISO to .raw extension, so SUSE studio image writer could read it.

    2. for example : openSUSE-11.4-KDE-LiveCD-x86_64.iso.raw
     

  2. Install Lexar USB utility

    3.  

  3. Format the USB with Lexar USB utility (BootIt) Like mine : (my usb is drive F: dont forget to set active)

    4.  

    bootit example use

    BootIt to create usb flash drive act as fix/local drive


     

  4. Install or just run imagewriter.exe (SUSE studio image writer) BUT DONT DO ANYTHINK, JUST LAUNCH the imagewriter

    5.  

    imagewriter.exe

    SUSE studio image writer


     

  5. Format manually with windows WHILE imagewriter is still OPEN.

    6.  

  6. Last, press Copy Button!

 
 
 

Enjoy, and happy Live USB with the green lizard =))

How to Install and Use WPScan

wordpress logo

Wordpress Logo


 

WordPress is one of most fav CMS. There are so many people using this CMS because it’s easy, simple and can be tweaked more. But there are some vulnerabilities comes with wordpress through its plugins, theme etc. Remember the vulnerable not comes just from weak software management, but also weak Password/authentification.

 

So there are WPScan. What is WPScan?
WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.
This project is sponsored by the RandomStorm Open Source Initiative.
 

Some key of features :

  • Username enumeration (from author querystring and location header)
  • Weak password cracking (multithreaded)
  • Version enumeration (from generator meta tag and from client side files)
  • Vulnerability enumeration (based on version)
  • Plugin enumeration (2220 most popular by default)
  • Plugin vulnerability enumeration (based on version)
  • Plugin enumeration list generation
  • Other misc WordPress checks (theme name, dir listing, …)

 

Installation
Even WPScan comes in Backtrack 5R1 by default, we could install on almost Unix/Linux distro.
WPScan can be downloaded from its Google Code project’s page, but i think installing from SVN is more ‘uptodate’.
 

Software requirement/dependencies :

  • ruby (comes by default in most unix distro, i think :p )
  • subversion (for svn-ing)
  • libcurl4-gnutls-dev
  • libopenssl-ruby
  • some ruby packages : thypoeus and xml-simple

 

Install dependencies (for debian and debian based)

  • sudo apt-get install libcurl4-gnutls-dev
  • sudo apt-get install libopenssl-ruby
  • sudo gem install typhoeus
  • sudo gem install xml-simple

 

To install from read-only SVN :
svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only
After get source through SVN amd also deps, we could use it just dot slash it
 

cd wpscan-read-only
./wpscan.rb
 
Some quick usage

For basic enumeration:
./wpscan.rb --url www.example.com
 

For plugin enumeration:
./wpscan.rb --url www.example.com --enumerate p
 

Brute-Forcing:
./wpscan.rb --url www.example.com --wordlist wordlist.lst --username admin
 

Code aboves explain that www.exampe.com is being brute-forcing by admin as username and using password from wordlist.lst as wordlist/dictionary
 
 
 

source : http://code.google.com/p/wpscan and some experience :) )