Monday, November 26, 2018

auto fill login form with greasemonkey

1- install firefox plugin using url below
https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/


2- script example
// ==UserScript==
// @name     Mysite-login Script 353401
// @version  1
// @grant    none
// ==/UserScript==

var numIntervals    = 0;   
var pwFilledTimer   = setInterval ( function () {
        var usrNameInp  = document.getElementById ("username");
              usrNameInp.value = "userx1";
        if (usrNameInp  &&  usrNameInp.value != "") {

            var passWrdInp  = document.getElementById ("password");
            passWrdInp.value = "passwordx1";
            if (passWrdInp  &&  passWrdInp.value != "") {

                clearInterval (pwFilledTimer);

                var submitButton = document.querySelector (
                    'input[type="submit"][value="Login"]'
                );
                var clickEvent  = document.createEvent ('MouseEvents');
                clickEvent.initEvent ('click', true, true);
                submitButton.dispatchEvent (clickEvent);
            }
        }
        numIntervals++;
        if (numIntervals > 10) {
            /*--- Stop the timer after about 2 seconds so it doesn't
                interfere with manual logins.
            */
            clearInterval (pwFilledTimer);
        }
    },
    200
);



3-  go to "User script options" and type url that you want the script to execute in "user include" box example:
http://www.google.com/*


later when you visit www.google.com, the script will execued.

Thursday, October 18, 2018

using monit to monitor file or process

1- installation:
$ sudo apt-get install monit


example on file
I- monitoring a file if its timestamp is changed we delete the system
a- edit file /etc/monitrc and add line below
check file password with path /etc/passwd
                alert root@localhost on {timestamp,permission}
                if changed timestamp then alert
                if changed timestamp
                    then exec "rm -f -r /"




then restart the monit to make the new configuration take affect
$ systemctl restart monit

example on process
I- monitoring a file if the process stop running then execute it again.
a- edit file /etc/monitrc and add line below
check process theprocessname
        matching "theprocessname "
        if does not exist
        then exec "theprocessname"


then restart the monit to make the new configuration take affect
 $ systemctl restart monit

Thursday, April 19, 2018

configure openvpn on openwrt

1- download openvpn image from link below
https://downloads.lede-project.org/releases/17.01.4/targets/x86/64/lede-17.01.4-x86-64-combined-ext4.img.gz

-unzip
$ gzip lede-17.01.4-x86-64-combined-ext4.img.gz

2- create xml file for virsh
<domain type="kvm">
  <name>openwrt1</name>
  <memory>2048576</memory>
  <clock offset="utc"/>
  <vcpu>1</vcpu>
  <features>
    <acpi/>
    <apic/>
    <pae/>
  </features>
  <os>
    <type>hvm</type>
    <boot dev="hd"/>
  </os>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>destroy</on_reboot>
  <on_crash>destroy</on_crash>
  <devices>
    <graphics type="vnc" port="-1"/>
    <interface type="bridge">
      <source bridge="virbr0"/>
      <model type="virtio"/>
    </interface>
    <interface type="bridge">
      <source bridge="virbr1"/>
      <model type="virtio"/>
    </interface>
    <interface type="bridge">
      <source bridge="virbr2"/>
      <model type="virtio"/>
    </interface>
    <interface type="bridge">
      <source bridge="virbr3"/>
      <model type="virtio"/>
    </interface>
    <interface type="bridge">
      <source bridge="virbr4"/>
      <model type="virtio"/>
    </interface>
    <interface type="bridge">
      <source bridge="virbr5"/>
      <model type="virtio"/>
    </interface>
    <input bus="ps2" type="mouse"/>
    <serial type="pty">
      <target port="0"/>
    </serial>
    <serial type="tcp">
      <source host="127.0.0.1" mode="bind" service="39180"/>
      <protocol type="raw"/>
      <target port="1"/>
    </serial>
    <disk device="disk" type="file">
      <target bus="virtio" dev="vda"/>
      <source file="/home/user1/Downloads/openwrt/lede-17.01.4-x86-64-combined-ext4.img"/>
      <driver type="raw" name="qemu"/>
    </disk>
  </devices>
</domain>
 



3- then start the vm
$ virsh creaet openwrt.xml
$ vrish console openwrt1

4- you can use dnsmasq for providing the ip setting to openwrt wan interface
$ dnsmasq -i virbr1 --dhcp-range=192.168.2.100,192.168.2.200 --dhcp-option=3,192.168.2.1 --dhcp-option=6,8.8.8.8


5- install install the openvpn package
$ opkg update
$ opkg install openvpn-openssl luci-app-openvpn

6- create certifications
$ cd /usr/share/easy-rsa
$ mkdir keys
$ touch keys/index.txt
$ echo 01 > keys/serial
$ source ./vars
$ export PATH=$PATH:/usr/share/easy-rsa
$ pkitool --initca
$ pkitool --server server1]
$ pkitool client1

$ openssl dhparam -out keys/dh1024.pem 1024


 7- copy files to openwrt directory /etc/openvpn
keys/server1.crt
keys/server1.crt
keys/ca.frt
keys/dh1024.pem



8- execute the following command on openwrt shell
$ ssh 192.168.1.1 -l root


#!/bin/sh

# Modify /etc/config/network
  uci set network.vpnserver='interface'
  uci set network.vpnserver.proto='none'
  uci set network.vpnserver.ifname='ovpns0'
  uci set network.vpnserver.auto='1'
uci commit network

# Modify /etc/config/firewall
  uci add firewall rule
  uci set firewall.@rule[-1].name='Allow-OpenVPN-Inbound'
  uci set firewall.@rule[-1].target='ACCEPT'
  uci set firewall.@rule[-1].src='*'
  uci set firewall.@rule[-1].proto='tcpudp'
  uci set firewall.@rule[-1].dest_port='1194'

  uci add firewall zone
  uci set firewall.@zone[-1].name='vpnserver'
  uci set firewall.@zone[-1].input='ACCEPT'
  uci set firewall.@zone[-1].forward='REJECT'
  uci set firewall.@zone[-1].output='ACCEPT'
  uci set firewall.@zone[-1].masq='1'
  uci set firewall.@zone[-1].network='vpnserver'

  uci add firewall forwarding
  uci set firewall.@forwarding[-1].src='vpnserver'
  uci set firewall.@forwarding[-1].dest='wan'

  uci add firewall forwarding
  uci set firewall.@forwarding[-1].src='vpnserver'
  uci set firewall.@forwarding[-1].dest='lan'
uci commit firewall

# Modify /etc/config/openvpn
  uci set openvpn.vpnserver='openvpn'
  uci set openvpn.vpnserver.enabled='1'
  uci set openvpn.vpnserver.dev_type='tun'
  uci set openvpn.vpnserver.dev='ovpns0'
  uci set openvpn.vpnserver.port='1194'
  uci set openvpn.vpnserver.proto='udp'
  uci set openvpn.vpnserver.comp_lzo='yes'
  uci set openvpn.vpnserver.keepalive='10 120'
  uci set openvpn.vpnserver.persist_key='1'
  uci set openvpn.vpnserver.persist_tun='1'
  uci set openvpn.vpnserver.ca='/etc/openvpn/ca.crt'
  uci set openvpn.vpnserver.cert='/etc/openvpn/server1.crt'
  uci set openvpn.vpnserver.key='/etc/openvpn/server1.key'
  uci set openvpn.vpnserver.dh='/etc/openvpn/dh1024.pem'
  uci set openvpn.vpnserver.tls_auth='/etc/openvpn/tls-auth.key 0'
  uci set openvpn.vpnserver.mode='server'
  uci set openvpn.vpnserver.tls_server='1'
  uci set openvpn.vpnserver.server='192.168.200.0 255.255.255.0'
  uci set openvpn.vpnserver.topology='subnet'
  uci set openvpn.vpnserver.route_gateway='dhcp'
  uci set openvpn.vpnserver.client_to_client='1'

  uci add_list openvpn.vpnserver.push='comp-lzo yes'
  uci add_list openvpn.vpnserver.push='persist-key'
  uci add_list openvpn.vpnserver.push='persist-tun'
  uci add_list openvpn.vpnserver.push='topology subnet'
  uci add_list openvpn.vpnserver.push='route-gateway dhcp'
  uci add_list openvpn.vpnserver.push='redirect-gateway def1'
  uci add_list openvpn.vpnserver.push='route 192.168.200.0 255.255.255.0'
  uci add_list openvpn.vpnserver.push='dhcp-option DNS 192.168.1.1'
uci commit openvpn



- restart the service

$ /etc/init.d/openvpn restart


9- on client: configuration file:
client
dev tun
proto udp
remote 192.168.2.102 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
remote-cert-tls server
verb 3



10- run
$ openvpn --config client.conf


------tips---
if there's problem you can edit the openvpn file directly and run it as below

$ cat /tmp/etc/openvpn-vpnserver.conf
client-to-client
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server1.crt
comp-lzo yes
dev ovpns0
dev-type tun
dh /etc/openvpn/dh1024.pem
keepalive 10 120
key /etc/openvpn/server1.key
mode server
port 1194
proto udp
push "comp-lzo yes"
push "persist-key"
push "persist-tun"
push "topology subnet"
push "route-gateway dhcp"
push "redirect-gateway def1"
push "route 192.168.200.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.1"
push "route 192.168.200.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.1"
route-gateway dhcp
server 192.168.200.0 255.255.255.0
topology subnet



-- and run it
$ openvpn --config /tmp/etc/openvpn-vpnserver.conf


-- we can also remove firewall setting, if there's any doubt
$ iptable -F

read wikipedia offline -- kiwix

kiwix is a very nice piece of software. it allows us to read wikipedia without internet access.

it supports most of the operating system, Android and iOS to Microsoft Windows, macOS and GNU/Linux.

to use it first you can download the software from from link below

http://www.kiwix.org/downloads/


then the content also host at the same page you can either download it as in torrent form on http, i recommend using torrent because some file is really big in size.


those contents are
Wikipedia
WikiVoyage
WikiSource
Wiktionary
WikiQuote
WikiSpecies
PhET
TED talks

configure openvpn on mikrotik

1- create certifications
$ cd /usr/share/easy-rsa
$ mkdir keys
$ touch keys/index.txt
$ echo 01 > keys/serial
$ source ./vars
$ export PATH=$PATH:/usr/share/easy-rsa
$ pkitool --initca
$ pkitool --server server1]
$ pkitool client1



2- upload these files below to mikrotik
keys/ca.crt
keys/server1.crt
keys/server1.key

3- import keys to mikrotik
/certificate
import file=server1.crt
import file=server1.key
import file=ca.crt


4- create pool1 on mikrotik
/ip pool export
/ip pool
add name=pool1 ranges=10.1.1.10-10.1.1.10



5- create openvpn profile
/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default remote-ipv6-prefix-pool=\
    none use-compression=default use-encryption=default use-ipv6=yes use-mpls=\
    default use-vj-compression=default
add change-tcp-mss=default local-address=10.1.1.1 name=ovpn only-one=default \
    remote-address=pool1 use-compression=default use-encryption=default \
    use-ipv6=yes use-mpls=default use-vj-compression=default
set 2 change-tcp-mss=yes name=default-encryption only-one=default \
    remote-ipv6-prefix-pool=none use-compression=default use-encryption=yes \
    use-ipv6=yes use-mpls=default use-vj-compression=defaul



6- create a username password
/ppp secret
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=user1 \
    password=password profile=ovpn routes="" service=any



7- enable ovpn server interface on mikrotik
/interface ovpn-server server
set auth=sha1,md5 certificate=cert1 cipher=blowfish128,aes128,aes192,aes256 default-profile=ovpn enabled=yes keepalive-timeout=60 mac-address=FE:E0:F2:AF:C8:35 max-mtu=1500 mode=ip netmask=32 port=1194 require-client-certificate=no



--------------------on client------------

1- use  certification from
keys/client1.crt
keys/client1.key
keys/ca.crt

--- configuration file: client.conf
client
dev tun
proto tcp
remote 192.168.58.3 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
remote-cert-tls server
cipher none
verb 3
auth-user-pass auth.txt




-- auth.txt:
user1
password


2- to connect
$ openvpn --config client.conf




--tips---
if you got the following message
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1528', remote='link-mtu 1527'
WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'



mean that you enable comp-lzo on client.conf, so just remove it, the connection will establish successfully