Comp Sec

------For Educational Purpose Only----
------Next One Comming soon -----
*******************************************************************



Apache CSR Creation using OpenSSL


How to generate a CSR for Apache using OpenSSL
Recommended: Save yourself some time by using our new OpenSSL CSR Wizardto create your apache ssl csr. Just fill in the details, click Generate, and paste your customized openssl command into your terminal.
If you will be using Apache for Mac OS X server 10.5, see our Mac OS X CSRinstructions.
Preview of OpenSSL CSR Wizard
Of course if you prefer to build your own shell commands to generate your apache csr, just follow our old instructions below:
  1. Login to your server via your terminal client (ssh). At the prompt, type:
    openssl CSR generation command
    openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
    where server is the name of your server.
  2. This begins the process of generating two files: the Private-Key file for the decryption of your SSL Certificate, and a certificate signing request (CSR) file (used to apply for your SSL Certificate) with apache openssl.
    When you are prompted for the Common Name (domain name), enter the fully qualified domain name for the site you are securing. If you are generating an Apache CSR for a Wildcard SSL Certificate your common name should start with an asterisk (such as *.example.com).
    You will then be prompted for your organizational information, beginning with geographic information. There may be default information set already.
    This will then create your openssl .csr file.
  3. Open the CSR file with a text editor and copy and paste it (including the BEGIN and END tags) into the DigiCert Certificate order form.
  4. Save (backup) the generated .key file as it will be required later for Certificate installation.
Apache SSL Certificates Purchase an SSL Certificate
Apache SSL Certificates, Guides, & Tutorials

Generating an Apache CSR for Issuance of an SSL Certificate in Apache with OpenSSL

Para un tutorial en español visite la página Apache Crear CSR.
How to generate an SSL Certificate Signing Request for your Apache Web Server with OpenSSL..



OpenSSL CSR Wizard

   The fastest way to create your CSR for Apache (or any platform using OpenSSL)
Fill in the details, click Generate, then paste your customized OpenSSL CSR command into your terminal.
Certificate Details







Information
Common Name (Server Name)

The fully qualified domain name that clients will use to reach your server.

To secure https://www.example.com, your common name must be www.example.com or*.example.com for a wildcard certificate.

Less commonly, you may also enter the IP address or short name of your internal server. For example, appserver1 or 192.168.1.200.
Where do I paste this command?
You can run this command wherever you have OpenSSL available—most likely on your server, but you can also run it on your own computer if you have installed OpenSSL locally. Just make sure you keep track of your private key file after you create your CSR, because you'll need that private key to install your certificate.
What happens when I run this command?
OpenSSL creates both your private key and your certificate signing request, and saves them to two files: .key, and .csr. You can then copy the contents of the CSR file and paste it into the CSR text box in our order form.
What kind of certificate should I buy?
If you want an SSL certificate for Apache, your best options are Single certificates and Wildcard certificates.
DigiCert Wildcard can protect all server names on your domain (such as *.example.com). Our unlimited server license lets you protect all your servers for just one price. Many of our customers save thousands of


 *************************************************************************************************************************

Using XHydra to hack router password

Here we are. Firstly i must advise you to only use these methods to test your own security. I will be hacking my own email address / router password as example. 
here are your tools - all can be found in backtrack 5 and some earlier versions.

Given the popularity of this post.



 

Start X-Hydra

 Also Start Zenmap 

 Everything should start by looking like this:
We will start by hacking a local network router password. This can be very useful to a hacker in the scenario where one has cracked a wifi password and gained local access to the network. After gaining access to the router possibilities are endless. all router security can be disabled and then we can perform MitM attacks (i will write an article on this later). if you're experienced enough in networking then you get the picture.
Typically a router's IP address will start with 192.168.x.x. (which it may be in your case) to check this type ipconfig in windows and ifconfig in linux. the routers IP will be the Default Gateway). 
Now i'm sure you have seen this before:


What we are going to do is tell Xhydra to connect to the routers http server with a protected page, input the username and bruteforce the password. Note this method can be used against any similar password protected page not using forms (will make another post on how to use against forms later).

so your input should be like this:
Check off show attempts as it makes it easier. single target SHOULD BE YOUR DEFUALT GATEWAY. perhaps 192.168.0.1. do not use this against websites or hardware you do not own or have permission to test. Important - port should be 80 or in some cases 8080. EVEN MORE IMPORTANT under PROTOCOL find http-get and click it. to find open ports on a device just scan the target IP with zenmap.
Back to hydra


in most cases the username will be admin. also in most cases the password will be either "password" "admin" or BLANK.
however, in my situation the default password is far different from admin or blank. so what i have done was selected a wordlist. you can find many wordlists using google. typically the bigger the better especially on a local network. backtrack comes with a few. can be found in: /root/pentest/passwords/wordlists
 i have compiled my own and named it password.lst.
Click Here for a basic wordlist 
so:
click username enter admin
click Password list and select your list
also check off "try login as password" and "try empty password"
then move to the Specific tab.
change http / https url to just a slash    /
this tells hydra what directory the protected page is on the server.

goto the start tab and click start. results will follow.

This quick tutorial is mainly for people beginning. i do not claim to be an expert in the field, however i am qualified to talk about these things. hydra is a powerful tool. it can be used for much more than just bruteforcing protected page passwords. there are a numerous amount of protocols, ftp, pop3, smtp and ssh being my favorite. next tutorial i will get a little more in depth on the scanning part and i will show you how to do this with virtually any email address.