Jump to content

Mihai

Members
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

3 Neutral

About Mihai

  • Rank
    Newbie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I know there are other threads out there for this, but I really think docker-compose yml support would be really nice. The Docker UI thing is nice and all, but I think creating an XML file for everything I want to add can add overhead. Example: I want to use this inside Unraid, but it would be nice if it would also have UI support. https://github.com/hardware/mailserver The way I'm thinking about it an addon to the current Docker app, where it can import/edit docker-compose files.
  2. I would use these sshd configurations + setting the users disabled. I don't think having users with empty passwords is a good idea. Thanks for the fast reply!
  3. Btw, here's a PoC in bash (anonymized the IPs a bit, hope you don't mind ) ``` [root@taicasimaica ~]# curl -ks4 showip.net 124.122.71.51 [root@taicasimaica ~]# ssh -D 3129 -f -C -q -N bin@x.ninja -p 7127 The authenticity of host '[x.ninja]:7127 ([91.82.91.172]:7127)' can't be established. ECDSA key fingerprint is SHA256:/Kg3rfHXB/0XIa2nW5UHOLAiipUztnhNDvxAyz91CP8. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes [root@taicasimaica ~]# export http_proxy=socks5://127.0.0.1:3129 [root@taicasimaica ~]# curl -ks4 showip.net 91.82.91.172 [root@taicasimaica ~]# ```
  4. If you had an SSH port opened to the internet my post I made a few minutes ago will explain this. You can try it yourself: Note: The tunnel opened will be socks5, so you'll have to configure your browser as such to actually test it.
  5. Hello guys, I couldn't find any proper channels for announcing vulnerabilities, so i think this might be the best way to catch your attention. Apologies if there are proper channels, I did not have enough time to search for them. Upon looking at some logs I noticed: ```sshd[28121]: Accepted none for lp from 194.61.26.34 port 26028 ssh2``` Then after i took a close look at /etc/shadow I noticed almost all users don't have passwords. While they can't actually execute commands on the system, they can see information about the system: ``` $ ssh unraid -l news Linux 4.19.107-Unraid. Could not chdir to home directory /usr/lib/news: No such file or directory Connection to unraid closed. $ ``` But most troublesome, and maybe you guys are not aware of this, but in order to open an ssh tunnel you don't need an actual shell. ``` $ ssh -D 3129 -f -C -q -N lp@unraid $ netstat -plan | grep 3129 tcp 0 0 127.0.0.1:3129 0.0.0.0:* LISTEN 1658854/ssh ``` Voila! then you have an ssh tunnel opened. For now I patched my box, but of course it won't survive the reboot. An easy fix would be: `sed -i -e 's/::1/:!!:1/g' /etc/shadow` Cheerio, Mihai
  6. Hey guys, So quick question: How do i make sure emhttpd starts at boot? Around version 6.8.7 I believe I changed the SSL port and for some reason I was starting emhttpd through /boot/config/go, but since in 6.8.1 that doesn't work anymore, I don't know why I changed it in the first place. So I was wondering if there's some setting I can revert. The only thing I remember is that at one I changed the 443 port to a non standard one 1443, and since then I've been starting it with the `go` file. AAfter upgrading to 6.8.1 at every reboot I need to login via ssh and execute emhttpd. Thank you!