Saturday, July 22, 2017

Resolve LetsEncrypt - Server only speaks HTTP, not TLS Error

You can setup SSL on your website using LetsEncrypt. I have encountered a few times when you want to add new domain to the LetsEncrypt, it throws the following error.

Waiting for verification...
Cleaning up challenges
Failed authorization procedure. xxxxxxxxx (tls-sni-01): urn:acme:error:malformed :: The request message was malformed :: Server only speaks HTTP, not TLS

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: XXXXXXX
   Type:   malformed
   Detail: Server only speaks HTTP, not TLS

I spent hours resolving this issue figuring out whether there is a problem on my VPS or web server configuration or VirtualHost config.

To resolve the issue, add the following lines to your Apache virtual host conf file. On Apache2, it is available under /etc/apache2/sites-available/000-default-le-ssl.conf

SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
Include /etc/letsencrypt/options-ssl-apache.conf

Then add ServerName to your 000-default.conf file.

ServerName domain-name

Last thing, restart your apache2

sudo service apache2 restart

You should now be able to generate SSL LetsEncrypt certificate via

sudo letsencrypt -d domain-name


Happy Reading !!!

Monday, November 21, 2016

Howdy, cleared CISSP in first attempt

Happy to announce that I'm now a Certified Information Systems Security Professional (CISSP) professional.

TL;DR of the success is:
  • Read just one book. This book is awesome for experienced security principle. Explains just what is needed for experienced person.
  • Utilized all practice questions and exams that came with the book
  • Practised full practice exam on CCCure.org approx 5 times. I did not find it much useful.
And

No questions were even near to practice exam questions, the exam was expectionally centric towards CONCEPTS.

TIPS for the exam:
  • Read the questions carefully before answering one
  • Attempt easy questions first
  • Attempt answering the scenario based questions correctly
  • One great benefit of giving the full practice test is it makes you sit to give 250 answers..:)
  • Take breaks whenever you want during the exam, you have plenty of time
All the best,
Nilesh

Tuesday, August 2, 2016

Setting Up a faster Android Emulator environment

Recently I had a revisit to setup a Android Emulator environment on my new Mac El Capitan. I realised that it has been running real slow after an upgrade. This was really annoying even when I used old API Level 19 with Android 4.4.2 emulation. It gave me this error message each time I started an emulator.

 

On selecting the x86 CPU arch, it throws another error saying "x86 is not supported. Hardware accelaration (HAXM) not supported".
 

I verified it from Android SDK Manager and it was already installed during the standard installation process.


After hours of googling, found that there is a separate Intel HAXM installer for Mac, Windows and Linux. You need to install this engine to make Android Emulator work to match your speed.

https://software.intel.com/en-us/android/articles/intel-hardware-accelerated-execution-manager


After installation, restart your Android SDK Manager and AVD Manager to solve the slow speed and error message annoyance. The emulator should now load up real quick.

The another problem that popped after this installtion was you cannot use -tcpdump switch with emulator utlity anymore.

/android/android-sdk-macosx/tools./emulator -avd android_emulator -tcpdump app_dump.pcap
qemu-system-i386: -tcpdump: invalid option

I could not find the workaround for this yet. Though you can still use -http-proxy option to hook your Burp with the android emulator. Please feel free to post answers in case you find the solution.

Happy Reading


Tuesday, February 9, 2016

OWASP New Zealand Day 2016

Last week I spoke at OWASP day in Auckland, New Zealand. It was all security+fun and had a crowd more than expected, ~600 approximately.

You can view the synopsis of my talk and bio here:

https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2016#tab=Speakers_List

The presentation slides will be available soon here:

https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2016#tab=Presentation_Schedule

It was pleasure meeting you the organisers and all security headed people out there. Please free to post any questions if you haven't got chance to ask.

Stay tuned!!!

Sunday, July 26, 2015

Update nessus from command line [Mac Yosemite]

Very often, I have encountered problems with updating nessus home feed plugins and components. This is the common message from Nessus.



The following commands can be used to update nessus plugins on yosemite, if you fail doing via web interface:

To update plugins:

cd /Library/Nessus/run/sbin
sudo ./nessuscli update

To update plugins and components:

sudo ./nessuscli update --all

To update just the plugins:

sudo ./nessuscli update --plugins-only

Monday, February 9, 2015

Exploiting SSH key based authentication

This is rather be a quick post and intended to be a reference note for me (and you all). 

Recently, I exploited a vulnerability to gain shell of the remote system. Yeah, this is remotely over SSH connection..:) The pre-requisites are:

1. Remote server must have SSH service running.
2. Remote server must have vagrant module installed.
3. Support key based authentication.

To detect server has vagrant module installed, browse http://example.com/vagrantfile. This should give you a pop-up to download a file. Refer here for vagrantfile info.

When vagrant is installed on the box, it creates a default user called vagrant with www rights and accepts incoming connections for the user vagrant having valid keys. The keys are known and can be downloaded from here. To exploit, replace these keys with your public and private keys or use below command:

ssh -i <key_files> vagrant@<remote_server_ip>

And here you go, you gain access to shell instantly and own the box...:)

Happy testing and hacking!!!







 

Monday, October 13, 2014

Way to go – CREST Certified

Monday morning and you hear the great news. How does it feel? Just received an email from CREST Australia that I have cleared the exam and now I’m CREST certified professional…J I’m all excited…J

For people who do not know about the certification, it’s an industry standard IT security certification for penetration testers that certifies that the individual follow best practice methodologies and the highest standards of test hygiene and conduct (applicable preforming any technical security assessment). Additionally, the certification also provides confidence to the buyer that the work will be carried out with up to date knowledge of the latest vulnerabilities and techniques used by real attackers.

The experience and pattern of the exam is simply amazing. The pattern actually tests the knowledge of the individual having both written and practical components. Its not all about memorising or mugging stuff. You actually have to demonstrate your pentesting skills with the time restriction applied. And yes, its completely different than any other paper based examinations.

Unfortunately I cannot disclose much about the exam as I’m bounded with CREST NDA (as all other candidates are). As a tip, I can only say is to go through the syllabus thoroughly and prepare the practicals well as they are the most time consuming and should take your major chunk of preparation.


All the best and Cheers…J