OwnCloud Installation : Ubuntu 14.04 LTS

1.     OwnCloud is a suite of client-server software for creating file hosting services and using them. For those who have been traditionally hooked to the pirated copies of Windows Server Softwares or used to crashing regulars of MS Server 2008 or even 2012 and later,I would rate this suite much better w.r.t simplicity of installation,less of configuration issues and the best part being open-source with lots of options for the user.I got introduced to it via a friend Nagraj and have been percolating in my circle since.

2.     OwnCloud is functionally very similar to the widely used Dropbox, with the primary functional difference being that OwnCloud is free and open-source, and thereby allowing anyone to install and operate it without charge on a private server, with no limits on storage space (except for disk capacity or account quota) or the number of connected clients.This post will give a stepped screenshot for installing the same on a Ubuntu 14.04 LTS version machine.

3.    The installation ahead has been done in a Virtual environment(I used Virtual Box) with the following setup :

First Virtual Machine : Ubuntu 14.04 LTS 64 bit with 2 GB RAM.This machine will be installed with the Owncloud server part.

Second Virtual Machine : Windows 7/32 bit 2 GB .This machine will be used as the client part who will be able to access the own cloud via web interface.

Installation

Firstly , the ethernet settings that come default to a new machine in UBUNTU are seen below.We will configure this later during installation.

 As we see localhost which currently has been not configured,we see the following screen :

 So,the first step is to visit link at https://software.opensuse.org/download.html?project=isv:ownCloud:community&package=owncloud

 Look for the mention of xUbuntu 14.04 as below :

 Go to Terminal and type :

sudo sh -c "echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"

 sudo apt-get update

wget http://download.opensuse.org/repositories/isv:ownCloud:community/xUbuntu_14.04/Release.key

 sudo apt-key add - < Release.key

 sudo apt-get install owncloud

 ...as it fetches,the screen keeps showing you thousands of lines of terminal commands being executed as below :

 the screen prompts for a root user sql password as below :

 continues installation part...

 and finally the screen scroll gets over with the installation and is seen like this :

Check the local host and u get this screen showing the Apache2 Ubuntu default page.

 and then you type at the web address : localhost/owncloud and you get the screen as below :

 Click storage and database link below the login

 Enter the sql root user and password as set earlier and click Finish setup and you get the successful login interface of admin as below :

 Meanwhile lets configure the network settings as below in the Ubuntu machine :

 The windows client networking addresses are configured as below :

 The network addresses for the Ubuntu machine are configured as below :

 Now from the client web browser ,try and access the server by typing the IP address/owncloud and you will likely get the following screen.

To resolve the issue we need to add this IP address in the trusted domain in the config.php file as seen below.The location of this config.php file is at /var/www/owncloud/config

 and you refresh the windows browser and you ready to go....

For any clarifications whilst installation you are free to comment here...reply assured asap. :-)

Kali Linux 2 : Putting SCANNERS at work

1.    In this post we get introduced to built in scanners that come preloaded with Metasploit in Kali Linux that let us search and recover service information from a single computer or an entire network.We assume the same setup of virtual machines as in my past post at http://anupriti.blogspot.in/2015/10/irc-exploit-tutorial-to-hack-into-root.html

SETTING UP THE VIRTUAL MACHINES

Exactly the same setup as I followed at the post at http://anupriti.blogspot.in/2015/10/irc-exploit-tutorial-to-hack-into-root.html

Virtual Machine One,VM1  : Kali Linux 2 @ 192.168.56.102

Virtual Machine Two,VM2 : Metasploitable 2 @ 192.168.56.103

Machines pinging each other...please check before proceeding ahead

Using SCANNERS to gain info

To find scanners available in Kali Linux,just run “msfconsole” from Kali command prompt and then type “search scanner” at the prompt as below :

msf > search scanner

U get something like this as seen below which is actually trimmed shot as the complete out is pretty exhaustive.

CLICK TO ENLARGE

nmap the metasploitable machine...as we did earlier and we get this screen as below :

CLICK TO ENLARGE

Let’s focus on Port 22 ie Secure Shell (ssh) and thus search Metasploit for ssh scanners as follows :

SSH

At msf terminals type : search scanner/ssh

Click to ENLARGE

We see from above about six of them and in these there is one looking for version information ie the “auxiliary/scanner/ssh/ssh_version” module.Will use this to find the version info as follows :

- Type, “use auxiliary/scanner/ssh/ssh_version” at the terminal of msf

- Then type “show options”

- set RHOSTS  

- Type “exploit” to run.

From above we see that the victim is running an SSH server and the software version is 

SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu

Mysql

But the above comes with a exclamation too...if we run mysql version query,then too we get some result that's different as seen below :

Click to ENLARGE

The scan reveals that MySQL 5.0.51.a-3ubuntu5 is running as seen in the shot above.

telnet

Click to ENLARGE

Highlighted text “Login with msfadmin/msfadmin to get started”, actually gives login credentials on the Telnet page....these kinds of security holes actually exists in the real world..real web at so many web sites....

smb

The above gives the SAAMBA version