Thursday, January 30, 2014

RedHat::VirtualBox guest additions error "unable to find the sources of your current Linux kernel"

I just cannot have an instance of Redhat (or anything, for that matter) running on VBox and NOT have guest additions installed!

Now, if you're doing it for the first time, chances are you'll come across this:

*** Error: unable to find the sources of your current Linux kernel. Specify KERN_DIR=<directory> and run Make again.  Stop.


Here's what you can do to fix it:

You need to install a few packages - you can do this by:

#yum update kernel-headers

this cmd will update your headers, if needed. You need to have a valid RedHat subscription for this to work. On other OSs like CentOS, it'll simply work.

Then, run this:

#yum install kernel*

this cmd will install something like four packages (depends on what you have and dont have already). Most important package in this list would be kernel-debug.

If you need to create a local repo or simply use the DVD, you can have a look at this - http://www.projectvnux.com/2013/09/creating-custom-repositories.html

Now, you can install the VBox Guest Additions - should work without errors.

Reboot. Enjoy fullscreen!
Share:

Saturday, January 25, 2014

PHP:: Stay on the same page after login or logout

Hey guys, working on a PHP project for quite some time now, thought I'll start sharing some tips and tricks as and when time allows!

This one is for that situation where you want the user to login from a page (say pageA.php) and after the credentials have been verified, you want the session to start but the user should stay on the same page.

First of all, you'll need to start the session in your php code - which, if you are using session-based authentication, should already exist in your code.

Something like:

<?php
session_start();

Now, to this you could add something like this:

$_SESSION['url'] = $_SERVER['REQUEST_URI'];

What this does is, sets the URI in the session using the php variable $_SERVER, as the current URL. This URL is the one that we will redirect to in our login.php (or whatever you've named that file) if the authentication has been successful. 

So, in all pages on your website, you'll need to start with something like:

<?php session_start();
ob_start();
$_SESSION['url'] = $_SERVER['REQUEST_URI'];
?>

Again, this could simply be included in a header file so you dont have to manually add these lines in all pages.

Once this has been done, in your login.php, simply add the following lines after the statement that checks for authentication:

if(isset($_SESSION['url'])) 
   $url = $_SESSION['url']; 
else 
   $url = "whatever page you want the user to be redirected to if the session wasnt able to capture the URL"; 
header("location: $url"); //this will redirect the user to previous URL, if set in the session

Hope this is useful in some way!
Cheers!
Share:

Nessus: Offline Plugin update on Linux


Offline Plugins Linux:
1. Generate a challenge code by running the following command:
/opt/nessus/bin/nessus-fetch --challenge

2. Go to https://plugins.nessus.org/offline.php and paste the challenge code, as well as the Activation Code into the appropriate text boxes.

3. After entering the challenge and activation code, the website will produce a link to download the latest Nessus plugin feed, as well as a link to download nessus-fetch.rc at the bottom of the screen. Be sure to save this link as it will be needed each time you want to update your plugins.

4. Copy the nessus-fetch.rc to the following directory: /opt/nessus/etc/nessus/

This will only need to be copied this one time, and not each time you download the plugins.

5. To register your scanner in offline mode, run the following command:
/opt/nessus/bin/nessus-fetch --register-offline /opt/nessus/etc/nessus/nessus-fetch.rc

(Syntax is nessus-fetch --register-offline <file.rc> )

6. Next, copy the all-2.0.tar.gz file downloaded from the website to the Nessus sbin directory, and run the following command:
# /opt/nessus/sbin/nessus-update-plugins all-2.0.tar.gz

7. Once the plugins are installed please rebuild plugins database:
# /opt/nessus/sbin/nessusd -R

8. Finally, restart the Nessus Server which can be done by running the following two commands:

# service nessusd restart
Share:

Nessus: Migration

NESSUS MIGRATION

When migrating Nessus from one machine to another, please make sure that the versions are same - at least the major version should be the same. 


In Nessus, the bit version (32bit or 64 bit) will not affect

Step One: Backup

On Windows:
1.      Install Nessus on the new drive or host.
2.      Do not run any scans or create any policies with the new copy of Nessus. Stop your Nessus
3.      Copy OLD_DRIVE:\\Program files\\Tenable\\Nessus\\nessus\\master.key to CURRENT_DRIVE:\\Program Files\\Tenable\\Nessus\\nessus\\master.key
4.      Copy OLD_DRIVE:\\Program files\\Tenable\\Nessus\\nessus\\users to CURRENT_DRIVE:\\Program Files\\Tenable\\Nessus\\nessus\\users
5.      Copy OLD_DRIVE:\\Program files\\Tenable\\Nessus\\nessus\\policies.db to CURRENT_DRIVE:\\Program Files\\Tenable\\Nessus\\nessus\\policies.db
6.      Start Nessus on the new system.
      Note: The path is C:\Documents and Settings\All Users\Application Data\Tenable\Nessus\nessus for WindowsXP users and programdata for windows vista/7 users
On *nix:
1.      Install Nessus on the new drive or host.
2.      Do not run any scans or create any policies with the new copy of Nessus. Stop your Nessus
3.      Copy OLD_DRIVE /opt/nessus/var/nessus/master.key to CURRENT_DRIVE /opt/nessus/var/nessus/master.key
4.      Copy OLD_DRIVE /opt/nessus/var/nessus/users to CURRENT_DRIVE /opt/nessus/var/nessus/users
5.      Copy OLD_DRIVE /opt/nessus/var/nessus/policies.db to CURRENT_DRIVE /opt/nessus/var/nessus/policies.db
6.      Start Nessus on the new system.
On Mac OS X:
1.      Install Nessus on the new drive or host.
2.      Do not run any scans or create any policies with the new copy of Nessus.
3.      Copy OLD_DRIVE /Library/Nessus/run/var/nessus/master.key to CURRENT_DRIVE /Library/Nessus/run/var/nessus/master.key
4.      Copy OLD_DRIVE /Library/Nessus/run/var/nessus/users to CURRENT_DRIVE /Library/Nessus/run/var/nessus/users
5.      Copy OLD_DRIVE /Library/Nessus/run/var/nessus/policies.db to CURRENT_DRIVE /Library/Nessus/run/var/nessus/policies.db
6.      Start Nessus on the new system.

Step Two: Reset the Activation code through portal

To reset your code you will need to log into the Support portal ( https://support.tenable.com ) then select Activation Codes then select the ‘+’ symbol beside “Nessus after the section is expanded select the feed you want reset and then click on the X next to the code to reset it. Reset codes have a 10 day waiting period before you can reset your code again. You can use the code immediately after it is reset.

Please be aware that our plugin download ip address is: 4.59.136.208 and, you may need to update your firewall rules to allow plugin downloads over port 443 for that IP address.

Three: reset the code in Nessus through command line

You can use the following to activate your Nessus. First you will need to reset the code on the support portal before running the commands listed below.


Unix Systems: (login as root user)

# service nessusd stop
# /opt/nessus/sbin/nessus-fix --reset

Set your proxy if you have one (if not skip these steps): Please note that nessus-fetch.db is needed for the proxy set up and this file will not exist in a fresh installation until the plugins get updated.

nessus-fix --secure --set proxy=%IP or Hostname of Proxy% 
nessus-fix --secure --set proxy_port=%Port of Proxy% 
nessus-fix --secure --set proxy_username=%Username of Proxy% 
nessus-fix --secure --set proxy_password=%Password of Proxy%

Register your code:
# /opt/nessus/bin/nessus-fetch --register ACTIVATIONCODE
# /opt/nessus/sbin/nessusd -R
# service nessusd start

Please replace the ACTIVATIONCODE with your own one

Windows system: ( you will need to run CMD as administrator) 

NET STOP “Tenable Nessus”
“\Program Files”\Tenable\Nessus\nessus-fix --reset

Register your code:
“\Program Files”\Tenable\Nessus\nessus-fetch --register ACTIVATIONCODE
“\Program Files”\Tenable\Nessus\nessusd –R
NET START “Tenable Nessus”

Please replace the ACTIVATIONCODE with your own one

Mac OSX system: 

# launchctl unload -w /Library/LaunchDaemons/com.tenablesecurity.nessusd.plist
# /Library/Nessus/run/sbin/nessus-fix --reset

Register your code:
# /Library/Nessus/run/bin/nessus-fetch --register ACTIVATIONCODE
# /Library/Nessus/run/sbin/nessusd -R
# launchctl load -w /Library/LaunchDaemons/com.tenablesecurity.nessusd.plist

Please replace the ACTIVATIONCODE with your own. 
Share:

Tenable Nessus: Proxy and plugin update troubles

If you have a firewall on your network, you must allow outgoing access from the scanner to the following addresses via TCP port 443/https:

plugins.nessus.org (4.59.136.208)
plugins-us.nessus.org (4.59.136.208)

Run your command line as administrator 

cd c:\program files\tenable\nessus net stop "Tenable Nessus"
nessus-fix --reset
y

Set your proxy if you have one (if not skip these steps):
nessus-fix --secure --set proxy=%IP or Hostname of Proxy% 
nessus-fix --secure --set proxy_port=%Port of Proxy% 
nessus-fix --secure --set proxy_username=%Username of Proxy% 
nessus-fix --secure --set proxy_password=%Password of Proxy%

Nessus-fetch --register <activation code> 

After it finishes updating the plugins run this:
Nessusd -R
Net start "Tenable Nessus"
Share: