API tools faq
paste
Advertisement
omarosh1

lab2 Security

omarosh1
Jun 6th, 2022
1,285
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.07 KB | None | 0 0
raw download clone embed print report
  1. Task1)
  2. Configuring secure SSL connection
  3.     -sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -  out /etc/ssl/certs/apache-selfsigned.crt
  4.     -sudo nano /etc/apache2/conf-available/ssl-params.conf
  5.         SSLCipherSuite EECDH+AESGCM:EDH+AESGCM
  6.         # Requires Apache 2.4.36 & OpenSSL 1.1.1
  7.         SSLProtocol -all +TLSv1.3 +TLSv1.2
  8.         SSLOpenSSLConfCmd Curves X25519:secp521r1:secp384r1:prime256v1
  9.         # Older versions
  10.         # SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
  11.         SSLHonorCipherOrder On
  12.         # Disable preloading HSTS for now.  You can use the commented out header line that includes
  13.         # the "preload" directive if you understand the implications.
  14.         # Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
  15.         Header always set X-Frame-Options DENY
  16.         Header always set X-Content-Type-Options nosniff
  17.         # Requires Apache >= 2.4
  18.         SSLCompression off
  19.         SSLUseStapling on
  20.         SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
  21.         # Requires Apache >= 2.4.11
  22.         SSLSessionTickets Off
  23.     -sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak
  24.     -sudo nano /etc/apache2/sites-available/default-ssl.conf
  25.                 ServerAdmin odteam12@gmail.com
  26.                 ServerName omarosh.com
  27.         SSLCertificateFile      /etc/ssl/certs/apache-selfsigned.crt
  28.                 SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
  29.     -sudo nano /etc/apache2/sites-available/000-default.conf
  30.         <VirtualHost *:80>
  31.             Redirect "/" "https://omarosh.com/"
  32.                 </VirtualHost>
  33.     -sudo systemctl restart apache2
  34. activate ssl
  35.     -sudo a2enmod ssl
  36.     -sudo a2enmod headers
  37. use default config file:
  38.     -sudo a2ensite default-ssl
  39. To activate the new configuration, you need to run:
  40.     -sudo systemctl reload apache2
  41.     -sudo a2enconf ssl-params
  42. test config and restart
  43.     -sudo apache2ctl configtest
  44.     -sudo systemctl restart apache2
  45.  
  46. TASK2) USING sqlmap to test SQL Injection
  47.  
  48. sudo apt install sqlmap
  49. sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --dbs
  50.  
  51.  
  52.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!