mz
HOME BLOG SEARCH RULES
Preventing Error ERR_BLOCKED_BY_XSS_AUDITOR

Preventing Error ERR_BLOCKED_BY_XSS_AUDITOR

by | 09/04/2018 | Scripts

Place below code to .htaccess file

<IfModule mod_headers.c>
 Header set X-XSS-Protection "0; mode=block"
</IfModule>

Rule Cheatsheet:

X-XSS-Protection: 0
X-XSS-Protection: 1
X-XSS-Protection: 1; mode=block
X-XSS-Protection: 1; report=

0 Disables XSS filtering.

1 Enables XSS filtering (usually default in browsers).

If a cross-site scripting attack is detected, the browser will sanitize the page (remove the unsafe parts).

1;mode=block

Enables XSS filtering. Rather than sanitizing the page, the browser will prevent rendering of the page if an attack is detected.

1; report= (Chromium only)

Enables XSS filtering. If a cross-site scripting attack is detected, the browser will sanitize the page and report the violation. This uses the functionality of the CSP report-uri directive to send a report.

CentOS x64 Kernel Checker Script

CentOS x64 Kernel Checker Script

by | 09/04/2018 | Scripts

I’ve made this script to monitor out all my server if got any kernel update on my CentOS box.

It’s pretty easy to use, save the script, chmod the file and add to crontab (I set Cronjob to 24 hours)

#!/bin/bash
# CentOS x64 Kernel Checker Script
# Created By Mohamad Zulfahmy
# https://blog.zulfahmy.net/blog/centos-x64-kernel-checker-script
# Usage : 
# chmod +x kernel-checker.sh
# add script to crontab

set -x

NOTIFY_EMAIL="[email protected]"
HOSTNAME=`hostname`
IPADDR=`ifconfig|grep inet|grep inet6 -v|awk '{print $2}'|cut -d':' -f 2|head -1`

current_kernel=`uname -r | awk {'gsub(".x86_64", ""); print'}`

function kernel_update_check() {
        latest_kernel=`yum -q check-update |grep kernel| awk {'print $2;exit;'}`
        if [ $latest_kernel == $current_kernel ] ; then
                echo "Kernel already on latest version"
        else
                echo -e "Got kernel update on $HOSTNAME n Server IP : $IPADDR n Current Kernel : $current_kernel n Latest Kernel : $latest_kernel" | 
                mail -s "KERNEL UPDATE: $HOSTNAME" $NOTIFY_EMAIL
        fi

}

kernel_update_check
Bypass FCC Lockdown on TP-Link Routers

Bypass FCC Lockdown on TP-Link Routers

by | 08/04/2018 | Pentest

Previously, I try to flash out LEDE to my TP-Link Archer C5 AC1200 but it seems fail even I used TFTP method.

After do some googling and research to on LEDE firmware and original firmware, I found out that there is “special_id:” inside both firmware.

On the left was LEDE Firmware and on the right was original Firmware from TP-Link Website (it seems the firmware based on region)

I quickly edit my special_id on my LEDE and flash out my router using TFTP method and got it running successfully.

Flash LEDE TP-Link Archer C5 V2 (TM Malaysia Set)

Flash LEDE TP-Link Archer C5 V2 (TM Malaysia Set)

by | 08/04/2018 | Pentest

Hi. While playing with TM stock UniFi router, I was able to Flash LEDE 17.01.4 to this TP-Link Router.

*NOTES : DO NOT FLASH THE LEDE FROM WEB BASED UPGRADE. USE TFTP INSTEAD.
**NOTES : This version does not support 5Ghz Wi-Fi, and partially support 2.4Ghz Wi-Fi
Files/Tools Used : https://blog.zulfahmy.net/downloads/tp_link_c5/

Reference : https://www.tp-link.com/my/download/Archer-C5.html#Firmware
Reference 2 : https://downloads.lede-project.org/releases/17.01.4/targets/bcm53xx/generic/

1. Connect to any LAN port in the router

2. Upgrade your router with latest version of firmware here. You can upgrade using web based for this firmware.
https://blog.zulfahmy.net/downloads/tp_link_c5/archer_c5v2_ms-up-ver3-17-1-P1%5b20161223-rel56572a%5d.bin

3. Make sure router is properly rebooted and up normally

4. Set your PC IP to :
IP : 192.168.0.66
Netmask : 255.255.255.0

5. Download LEDE Firmware Here :
https://blog.zulfahmy.net/downloads/tp_link_c5/ArcherC5v2_tp_recovery_LEDE_mod_by_mzulfahmy.bin

6. Start TFTP Server, rename the firmware to “ArcherC5v2_tp_recovery.bin” and put on root/main directory of TFTP Server.

For Windows you can use http://tftpd32.jounin.net/

MAC OS : Will update on next tutorial

7. Switch off router, push and hold RESET/WPS button until the WPS LED stop blinking and keep on.
*Keep pushing RESET/WPS button until the router is rebooted.

8. Wait up to 3 minutes to router up, change the static IP back to DHCP.

If the router does’t come with LUCI, you can install with the following commands

opkg update
opkg install luci-ssl

*Will update a tutorial on how I tweaked LEDE firmware to able be flashed on this TP-Link Router (Bypass FCC lockdown)

Post : Bypass FCC Lockdown on TP-Link Routers

OpenVPN IPTables rules

by | 04/04/2018 | Linux

iptables -I INPUT -p tcp --dport 1194 -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to-source 167.99.65.178
iptables-save
iptables -t nat -D POSTROUTING 2
iptables -t nat -D POSTROUTING 3
iptables -t nat -D POSTROUTING 2
iptables-save