Bash Shellshock fix with scripts for Debian, Ubuntu, CentOS and other distros. including old

First check if your Bash is vulnerable, execute the following command-

env x='() { :;}; echo vulnerable’ bash -c ‘echo this is a test’

If your system is vulnerable, you will see:

vulnerable

this is a test

If your system is not vulnerable, you will see:

bash: warning: x: ignoring function definition attempt

bash: error importing function definition for `x’

this is a test

To check for the vulnerability CVE-2014-6271, run the following in Bash:

env X='() { (a)=>\’ sh -c “echo date”; cat echo

If your system is vulnerable, you will see:

bash: X: line 1: syntax error near unexpected toke `=’

bash: X: line 1: `’

bash: error importing function for `X’

Sun Sep 08:17:32 EST 2014

If your system is not vulernable, you will see:

date

cat: echo: No such file or directory

To test the vulnerability CVE-2014-7186, run the following in Bash:

bash -c ‘true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF’ || echo “CVE-2014-7186 vulnerable, redir_stack”

If your system is not vulnerable, you will see:

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’)

So, let’s start fixing it!

 

Below, I’ve tried to put various contributors solution to place in a single entry.

For Debian 6 (Squeeze)

 

Append this to your sources.list:

deb http://http.debian.net/debian squeeze-lts main contrib non-free

deb-src http://http.debian.net/debian squeeze-lts main contrib non-free

and then run

apt-get update

apt-get install -t squeeze-lts –only-upgrade bash Continue reading “Bash Shellshock fix with scripts for Debian, Ubuntu, CentOS and other distros. including old” »

Share

Reset the root password in Debian or Ubuntu

In order to boot into the recovery mode on Debian or Ubuntu, hold down SHIFT key after powering on your Linux machine. You will then be presented with GRUB menu. Select “recovery menu” option by pressing down arrow key. Do not press ENTER at this point, but rather press “e” key to enter edit mode.

You will see “GRUB” edit screen where you can edit GRUB boot parameters. Move your cursor to the line starting with “linux /boot/vmlinuz-…….”, and go to the end of that line. Append “init /bin/bash” right there, as shown below.

Then press Ctrl+X to proceed. After all subsequent booting sequence is over, you will finally get a root prompt.

In the recovery mode, the root partition is mounted as read-only by default, and so you cannot change the root password as is. In order to be able to reset the root password, you need to re-mount the root partition as read-write.

First, find out what the root partition of your system is, by using “fdisk -l” command.

As shown in the screenshot above, the partition marked with “*” under “Boot” column is the root partition of your system (e.g., /dev/sda1).

Remount the root partition as read-write, and finally reset the password, using passwd command.
$ mount -o remount,rw /dev/sda1 /
$ passwd

Share

Network Configuration on Debian or Ubuntu

 

Setting up an Ethernet Interface

The majority of network setup can be done via the interfaces configuration file at /etc/network/interfaces. Here, you can give your network card an IP address (or use dhcp), set up routing information, configure IP masquerading, set default routes and much more.

Remember to add interfaces that you want brought up at boot time to the 'auto' line.

See man interfaces for more options.

 

Using DHCP to automatically configure the interface

If you're just using DHCP then all you need is something like:

 

    auto eth0
    allow-hotplug eth0
    iface eth0 inet dhcp

Continue reading “Network Configuration on Debian or Ubuntu” »

Share

VBoxHeadless Running Virtual Machines With VirtualBox On A Headless Debian/ubuntu Server

I have implemented this on Debian 6 (Squeeze system) with the IP address 192.168.0.100 where I’m logged in as root.

Installing VirtualBox To install VirtualBox 4.1 on our Debian server, we open /etc/apt/sources.list… added this line-

deb http://download.virtualbox.org/virtualbox/debian squeeze contrib non-free

Use appropriate OS source list from https://www.virtualbox.org/wiki/Linux_Downloads

Then we download the VirtualBox public key…

wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | apt-key add -

… and update our package database: sudo apt-get update

Afterwards, we install VirtualBox 4.1 as follows:

apt-get install linux-headers-$(uname -r) build-essential virtualbox-4.1 dkms

(The dkms package ensures that the VirtualBox host kernel modules are properly updated if the Linux kernel version changes.) Starting with version 4.0, VirtualBox has introduced so called “extension packs” and has outsourced some functionality like remote desktop connection support (VRDP) that was part of VirtualBox packages before version 4.0 into these extension packs. Because we need remote desktop connections to control our virtual machines, we need to install the appropriate extension pack now. Go to http://www.virtualbox.org/wiki/Downloads, and you will find a link to the following extension pack: VirtualBox 4.1.18 Oracle VM VirtualBox Extension Pack Support for USB 2.0 devices, VirtualBox RDP and PXE boot for Intel cards. Download and install the extension pack as follows:

cd /tmp
wget http://download.virtualbox.org/virtualbox/4.1.18/Oracle_VM_VirtualBox_Extension_Pack-4.1.18-78361.vbox-extpack
VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-4.1.18-78361.vbox-extpack

(Make sure you grab the latest version from the VirtualBox web site.) Restart the Server at this stage to update the kernel with virtualbox optimized. Installing phpvirtualbox First create a system user called vbox and add it to the vboxusers group:

useradd -m vbox -G vboxusers

Create a password for the vbox user:

passwd vbox

Create the file /etc/default/virtualbox and put the line

VBOXWEB_USER=vbox

in it (so that the VirtualBox SOAP API which is called vboxwebsrv runs as the user vbox): vi /etc/default/virtualbox VBOXWEB_USER=vbox Next create the system startup links for vboxwebsrv and start it:

update-rc.d vboxweb-service defaults
/etc/init.d/vboxweb-service start

Now, run the following command to check if virtualbox kernel modules are loaded or not.

sudo systemctl status vboxdrv

Or

sudo /etc/init.d/vboxdrv status

Sample output:

vboxdrv.service - VirtualBox Linux kernel module
Loaded: loaded (/usr/lib/virtualbox/vboxdrv.sh; enabled; vendor preset: enabled)
Active: active (exited) since Thu 2015-11-26 16:38:30 IST; 42s ago

Nov 26 16:38:29 server systemd[1]: Starting VirtualBox Linux kernel module...
Nov 26 16:38:30 server systemd[1]: Started VirtualBox Linux kernel module.
Nov 26 16:38:30 server vboxdrv.sh[15008]: Starting VirtualBox kernel modules....
Hint: Some lines were ellipsized, use -l to show in full.

If it, not loaded, run the following command to load them:

sudo /etc/init.d/vboxdrv setup

We need a web server with PHP support to serve phpvirtualbox – I’m using Apache2 here. Install Apache2 and PHP5 as follows:

apt-get install apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common apache2 apache2-doc apache2-suexec libapache2-mod-php5 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libapr1 php5-common php5-mysql php5-suhosin php-pear wget

for Ubuntu you may install Apache-PHP with folliwng packages-

apt-get -y install apache2 php5-mysqlnd php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5 libapache2-mod-php5

For Ubuntu 16 use the following packs:

apt-get install php libapache2-mod-php php-mcrypt php-mysql  php-xml php-soap

Restart Apache2:

/etc/init.d/apache2 restart

Now, start vboxweb-service, and make it to start automatically on every reboot.

sudo systemctl status vboxweb-service

Or

sudo /etc/init.d/vboxweb-service start

Sample output:

Starting VirtualBox web service ...done.

I want to serve phpvirtualbox from Apache’s default virtual host with the document root /var/www (I will install it in /var/www/phpvirtualbox) – if you have a different document root, you must adjust the following steps: cd /var/www wget http://phpvirtualbox.googlecode.com/files/phpvirtualbox-4.1-7.zip Unzip phpvirtualbox and rename the phpvirtualbox-4.1-7 to phpvirtualbox for ease of use: unzip phpvirtualbox-4.1-7.zip mv phpvirtualbox-4.1-7 phpvirtualbox Next go to the /var/www/phpvirtualbox/ directory… cd /var/www/phpvirtualbox/ … and create the file config.php by copying it from config.php-example: cp config.php-example config.php Open config.php and fill in the password you created earlier for the vbox system user: vi config.php […] /* Username / Password for system user that runs VirtualBox */ var $username = ‘vbox’; var $password = ‘secret’; […] That’s it already – you can now open a browser and access phpvirtualbox as follows:

http://www.example.com/phpvirtualbox/

Optional Task

Removing & updating Virtualbox Extension Pack:

For example removing virtualbox extension pack 4.3 to 5.1 version, do the following things-

$ VBoxManage list extpacks
Extension Packs: 1
Pack no. 0: Oracle VM VirtualBox Extension Pack
Version: 4.1.12
Revision: 77218
Edition:
Description: USB 2.0 Host Controller, VirtualBox RDP, PXE ROM with E1000 support.
VRDE Module: VBoxVRDP
Usable: true
Why unusable:

How to remove an extension pack:

$ VBoxManage extpack uninstall "Oracle VM VirtualBox Extension Pack"
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
Successfully uninstalled "Oracle VM VirtualBox Extension Pack".

Src:

http://www.howtoforge.com/managing-a-headless-virtualbox-installation-with-phpvirtualbox-ubuntu-12.04

http://www.howtoforge.com/vboxheadless-running-virtual-machines-with-virtualbox-4.1-on-a-headless-ubuntu-12.04-server https://www.virtualbox.org/wiki/Linux_Downloads

http://www.virtualbox.org/manual/ch08.html#vboxmanage-extpack 

Share

Windows 7 theme on Ubuntu 10.04

Introduction

This wiki page helps you to setup Ubuntu to look like the Microsoft Windows 7 operating system.

This is a quick hack of the original theme at: http://gnome-look.org/content/show.php/Win2-7+Pack?content=113264.

This theme is for those who want to use a fast, secure operating system but do not want to learn a new user interface.

You can view information about installing Microsoft Office by clicking here.

Requirements

If the graphics card cannot do 3D effects then use one of the following for the window border theme. View theme installation instructions by clicking here.

http://ubuntu.sun.ac.za/setup/win7/metacity

Continue reading “Windows 7 theme on Ubuntu 10.04” »

Share