Jason Gardner's Cybersecurity Research Blog

In this example I created a simple CSRF token to validate a user's identity. Obviously the final implementation is going to take more than what I am showing here. But the point here is to understand what CSRF tokens are, how they are created and how they are used. A CSRF token, is unique to each user and is created in a randomized way. It is then used to identify the subsequent HTTP request and make sure the server is communicating the right data with the correct client. Below in PHP I start a session and then you can see that the session key tied to each user is a bin2hex() function which converts a string of characters to hexadecimal values. So that it remains unpredictable it is then multiplied using the random_bytes function. Random_bytes is a function that cryptographically generates pseudo-random bytes. The HTML is a simple submit form where a user enters their name and a CSRF token is then created. Within this code you can see that the CSRF token is created using sha256 encr

I found this today and it's quite interesting. With Mouseflow on a web page I am able to see recorded user sessions. This is particularly interesting because you can fully put yourself in the shoes of your visitors and see exactly how they interacted with a web page. It didn't seem to capture my particles.js particles I put on the test page, but it captured everything else. So it's not perfect but it seems to accurately record all the visitor's movements and actions.  This is obviously more useful as you analyze thousands of visitors and then clear patterns can be more visible. So by taking into account what parts of a site people hover a mouse over or what they actually click on it gives a direction for what to focus on based on the site's user base. The installation was quite simple. I included this little javascript tag:         <!--Mouseflow Test -->         <script type="text/javascript">             window._mfq = window._mfq || [];      

I started with creating an Ubuntu VPS. I then installed Memcached from the CLI via SSH from my local machine. I secured the '.conf' file by setting it to listen on localhost and disabling UDP. I then configured SASL support for connecting my PHP scripts to the backend SQL database. I then added Apache and PHP to the server. Next I created a php info page and put it on the server to view the memcached information. I can see that memcached is installed and is communicating with PHP properly.   Next to get a simple connection working and some data flowing back and forth I created this simple php page with a key. This script opens a new Memcached instance to the localhost and gets the requested key. If no key is found it adds one. On the next refresh then the newly created key which is a string of text is retrieved from Memcached.

For this example I added cPanel & WHM to a CentOS VPS I created. Upon installation of cPanel I did a lot of configurations including setting up the log rotations, a BIND nameserver and backups. The installation from the command line is simple. The syntax is just a little different than most of the other posts where I use Ubuntu because that's my favorite version of Linux. However, I like to use the most efficient tools when I can and in this case it's CentOS. I have done a fair amount of scripting and automation using CentOS and Vagrant boxes so this was a cinch.   To install the latest version of cPanel from the command line the commands are as follows: cd /home wget -N http://httpupdate.cpanel.net/latest sh latest /usr/local/cpanel/cpkeyclt  From here the most difficult parts are done and the rest is quite intuitive if you've worked with servers and monitoring systems. I added my email and the nameservers to begin with. As you can see below with cPanel it is more abou

This is a really simple way of creating a certbot server for SSL certificates that automatically get renewed using Let's Encrypt. I just added python-certbot-apache from the command line. Then I edited the /etc/apache2/sites-available/(TheTestDomain).conf file to have the proper server name.  I kept the default request scheme and port numbers. Now to renew the certificate all I have to do is run "certbot renew" from the command line and a new certificate will be generated and downloaded to my server. Now you can see that upon visiting the domain the connection is deemed secure because there is a proper certificate.  Here is more detailed information about the domain and the certificate.  Here is the overview information of the certificate. It is encrypted using SHA256withRSA. And now I just quickly double checked that certificates can indeed be renewed succesfully.

This is very simple but very powerful. Within Linux you can create programs that are always executing or running silently in the background. These are called Daemons and they do everything from wake up a computer when a mouse is moved, automatically backup a server or in this case it can monitor a server 24/7 and send alerts when it notices anything suspicious or out of line. Below I created a simple Daemon that monitors the disk space utilization and it sends emails to an account at tester@slabj.com which is the domain for the test server this is created on. In essence an infinite loop is created and when a predefined threshold is crossed the server sends an email message to alert the administrator. The rest of the process is identical to what I covered in monitoring memory usage in this way so I won't go over that again but you can look at that article here for more clarity:  https://jgardnerla.blogspot.com/2020/04/cron-job-daemon-shell-script-to-send.html . 

Samba works in a similar fashion as FTP but it is more robust and can be used as a file sharing and storage system. First I created a Linux Ubuntu virtual machine and installed Samba from the command line. I created a user named tester and added a password. I next created a user and a directory to be shared (/home/tester/samba). I configured the etc/samba/smb.conf file as below with the samba path and users. This is also not a read only server so files can be uploaded. Next I opened a connection locally from my macbook to the server. The server is at the IP of the VPS I created and samba is located at ('/'). Connecting from the mac in this way doesn't require the CLI. From here it is GUI based and is pretty straight forward. I just connect and then I can drag and drop files into my local samba folder which will write the contents to the web folder. Here is a sample text file I created in Atom on my macbook that I will send to the server. A