It has been a long time since I’ve written an article. Recently I was working with a client, and the client lost his root password. The server was hosted with Hetzner. In this article, we are going to see that how we can reset the root password if it is somehow lost. You need to have access to Hetzner robot to reset server root password from the rescue system.
What is a rescue system?
Let see what is a rescue system, because sometimes people don’t really know what actually rescue system is and why it is used. Rescue system is basically a temporary Linux operating system which runs on the server itself (Inside server ram). It is most used when you have some trouble in your main operating system and something is not working, the good example is losing a root password.
Installing cPanel/WHM is fairly easy, you can install cPanel/WHM with only one command. However, in this article, we will discuss how we can first install cPanel/WHM and then perform the after-install steps so that we can get the maximum out of our dedicated server or VPS.
Some important things we need to decide which options to keep and which one not to, how to set security measures and more. Let see how we can do that.
I’ve been thinking to start some content on CyberPersons for quite some time now, and today is the day. It is a very simple contest, let see what you get if you win !
What will you get?
- 6 Months of free Cloud VPS.
- Free Setup.
- Security Hardening.
- Complete Help in blog or website setup.
- Website transfer.
Getting your site hacked is really a painfull thing, and if you are reading this probably your WordPress site got hacked. The first thing you need to do is don’t get panic. Be calm and let see how we can get your site back to normal. Since WordPress can be really hard for non-technical people to understand because with a lot of plugins installed we get confused that when and where are malicious files.
So we first need to identify malicious files, delete if the file is not a part of WordPress core, and make sure everything is in order. Let see that how we can clean a hacked WordPress site step by step.
Note: Don’t panic at all, try to follow these steps accordingly and hopefully everything will get back to normal. If you need help please contact us through the contact us form.
OVH or soyoustart control panel is not very user-friendly to use, recently I’ve been working on a client server with 3 disks on it. The client needed all those disks to be used for space. However ovh/soyoustart usually installs servers in Raid 1. So if a server has 3 * 120GB of disks you can only use 120GB disk space.
Even though its not very good idea to put a server in raid 0, but some times space requirement is more important. In this article, we will see how we can install a server without raid 1 and make sure that we can make use of complete space provided by 3 disks combined.
Step 1: Start installation!
The first step in this process will be to install the operating system with raid 0 only on disk one, later we can use other disks to either create volume groups or mount them directly. Let see how we can do that.
Burp proxy is a very nice tool to intercept HTTP traffic, it normally comes pre-installed with kali linux. In this article we will see how we can use burp proxy on Ubuntu and intercept GET and POST requests. I’am writing this separate article for burp proxy because some of its features are promising like stopping the web requests on fly from their GUI panel. You can also modify HTTP GET or post arguments. That’s is why its considered very useful tool in penetration testing.
We will start with the installation and move further towards intercepting HTTP traffic, so let see how we can use burp proxy to intercept HTTP traffic.
Python can be used to develop a small customized application to automate cross site scripting attack, it can be very useful if you are performing a penetration test and need to automate few tasks. We will be using two python libraries Beautiful Soup and Mechanize to parse the website document and than submit forms using Mechanize.
Python is great language for penetration testing, I saw that people mostly develop python applications with command line versions only. How ever python have such a beautiful library named Tkinter to develop a graphical user based application, in this article we will combine Tkinter with sql injection to create a small GUI application that can check a website for SQL Injection vulnerability. In this tutorial we are going to use SQL Injection code from tutorial present at:
Note: Article mentioned above is a must read, without reading the article above it might be hard for you to understand few things, but I’ve tried to explain everything in details.
This article provide you with basic understanding of how you can use python to automate SQL Injection. Now that you have good knowledge of how you can use python for penetration testing purposes we should first learn some basics about the Tkinter module.
Manually testing for SQL Injection on your web application is really a hectic job, and some times the automatic scanners available does not actually fit your needs. Python comes to our rescue with its rich set of available libraries that can easily automate this task for us. You can easily write python scripts that fits your application requirement plus you get the automation as well. In this article we will see how we can use python to automate sql injection tasks.
Before actually jumping to SQL Injection , we need to explore another python module named ‘requests‘ , this module is really helpful in making web requests towards any web site. We will use this module to automate our injection tests.
Website security is very important matter to date, and ModSecurity is one of the best web application firewall out there helping many web masters around the world securing their web application. Already a lot of hosting companies and individual users are using cPanel/WHM to manage their web servers, in this article we will see how we can install and configure ModSecurity on cPanel/WHM. So lets get to it!