Translate

Saturday 30 November 2013

w3af Discovery plugin missing. w3af version 1.6

May be you see this message on running latest cloned w3af. (version 1.6)
The profile you are trying to load (fast_scan) seems to be outdated, this is a common issue which happens when the framework is updated and one of its plugins adds/removes one of the configuration parameters referenced by a profile, or the plugin is removed all together.
So dont worry here is solution.

-- w3af installation guide is good document to study how to install w3af.
-- w3af installation needs several python plugins to work.
-- use pip or easy_install to install these packages.
-- Details of these packages are given in Guide.
-- pdfminer is also a python plugin required.
-- after installation when running ./w3af_console. w3af automatically console generate bash script to install remaining plugins.
-- the problem was in after running ./w3af_console , profiles --> use fast_scan w3af shows above message.
-- Searching the problem results in following link. You can also read from this link but i have also mentioned problem and solution in this post.
-- This message is usually due to that you have several attempts to install w3af on ubuntu.
--Problem was that latest cloned w3af use previous installation files which are in .w3af directory.
-- After removing this directory rm -r .w3af.. ./w3af_console works fine.
-- w3af installation is complete on ubuntu
-- w3af may say that again some plugin is missing. At least in my case it says that. But dont worry just install missing plugin from script automatically created by w3af in /tmp/ directory or read the message carefully it will guide you where is bash script placed by w3af.
-- simply run script using by moving to directory and entering ./dependency_fileName.sh. w3af should work now.
-- If you still have issue then you can also post new issue by registering into github and using this link. https://github.com/andresriancho/w3af/issues/144
click on new issue. write all used method of installation and python version ,installed python packages , gtk version , and error message as well. 



Monday 11 November 2013

How to download Videos from ubuntu ..Donwload Manager for Ubuntu ,

Note : This method will not work for anonymous web browsing. 
To download videos form ubuntu and to use a good download manager for ubuntu follow these steps.
(1) Download Uget download manager from here. Download debian version for easy installation.
(2) Install FlashGot add-on in firefox from firefox add-on site.


Sunday 10 November 2013

SFTP Server setup , with SFTP restricted Account , SFTP user Restricted to one directory only

Here is complete method to create setup SFTP server on ubuntu server. This method will

Setup SFTP server on ubunut server.
Create SFTP user.
SFTP user will be restricted to one directory only.
SFTP user will not have SSH Secure Shell Access.

SFTP server will access server using SSH. So to install SSH .

sudo apt-get install openssh-server

Edit   /etc/ssh/sshd_config with your favourit editor. I am using vim for this procedure and you can use yours like nano. Add this at the end of file. testuser is username of sftp user.

UsePAM yes
Match User testuser
ChrootDirectory %h
ForceCommand internal-sftp
X11Forwarding no
AllowTCPForwarding no

Save it and enter following commands to terminal.

To create testuser enter. -m flag will create root directory in /home/ by default. To set it to your desired directory use -d flag (e.g. useradd -d /home/user/myDirectory testuser).
useradd -m testuser

Add user to group sftp. (To create group sftp enter in terminal "groupadd sftp")
usermod -G sftp testuser

The following command is so much important. It defines the login shell of testuser. If it is not set then shell for test user will be default. Restrict user to its home directory only. This will also restrict user to access SSH access.
 usermod -s /bin/false testuser

Change owner so that he can have full access to his directory.
NOTE : This is root directory ROOT should be owner of this directory. To upload and download files create sub directory  with ("chown testuser:sftp /home/testuser/newDirectory")
 chown root:root /home/testuser

Change mod to 755 . Read , Write , execute for user. Read and execute for sftp group members. Read and execute for all other users.
 chmod 0755 /home/testuser

To set password for testuser enter.
passwd testuser

and do not forget to restart your sshd.
/etc/init.d/ssh restart

Test Your sftp setup

To test your sftp setup on LAN or WAN. Install filezilla on other system and enter the IP of your sftp server. From menu bar click on site manager and select sftp as file transfer. Leave port number blank, it will be default to 22. Enter user name and password for sftp user which you created on target machine. testuser in my case.



Troubleshooting :
Before testing remotely. Test newly created sftp user on localhost by entering this cammand

sftp testuser@localhost 

then enter password. If successful this error comes Request for subsystem 'sftp' failed on channel 0

comment subsystem line in /etc/ssh/sshd_config. And write this one  
Subsystem sftp internal-sftp
 
To understand this error visit this .

Comments , Suggestions , Questions and Corrections are Welcome :)