How to config site-ti-site VPN from Unifi USG to OpenVPN server

I’m trying to configure our Unifi USG with a site-to-site VPN into a private OpenVPN server with several computers behind it (which currently works with individual OpenVPN clients). The USG documentation for doing this is a bit vague and I’m looking for clarifications for these four fields:

• Remote Subnets: Click Add Subnet to add an address for a remote network.

So, the remote internal subnet? If server1 is at 172.31.1.2, server 2 is at 172.31.2.3, and server3 is at 172.31.4.5, I could enter 172.31.0.0/16?

• Remote Host: Enter the hostname of the remote router.

Why a hostname when the next field has the IP address? Is this just the reverse lookup of the IP address in the next field?

• Remote Address: Enter the internet IP address and port number of the remote router.

The Internet IP address and port of the OpenVPN server from the .ovpn file?

• Local Address: Enter the internet IP address and port number of the UniFi Security Gateway.

The internal network IP address of the USG, or our static external Internet IP address? And what port to specify here?

Can CN=localhost be used on a server that should run on any machine [duplicate]

Got a query about self-signed certificates that after doing several searches I don’t feel I’ve got a concrete answer for.

Say I have generated a self-signed server certificate with CN=localhost. Does this mean that I can use that certificate in a server and be able to run that server on any machine in a LAN, where any client on the network with the certificate public key can communicate with the server (i.e. the server listens to any IP)?

As an example, I used the following script to generate certificates for use in a mutual TLS scenario (based on this answer):

echo Generate CA key: openssl genrsa -passout pass:1111 -aes256 -out ca.key 4096  echo Generate CA certificate: openssl req -passin pass:1111 -new -x509 -days 36500 -key ca.key -out ca.crt -subj  "/C=UK/ST=UK/L=London/O=YourCompany/OU=YourApp/CN=MyRootCA"  echo Generate server key: openssl genrsa -passout pass:1111 -aes256 -out server.key 4096  echo Generate server signing request: openssl req -passin pass:1111 -new -key server.key -out server.csr -subj  "/C=UK/ST=UK/L=London/O=YourCompany/OU=YourApp/CN=localhost"  echo Self-sign server certificate: openssl x509 -req -passin pass:1111 -days 36500 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt  echo Remove passphrase from server key: openssl rsa -passin pass:1111 -in server.key -out server.key  echo Generate client key openssl genrsa -passout pass:1111 -aes256 -out client.key 4096  echo Generate client signing request: openssl req -passin pass:1111 -new -key client.key -out client.csr -subj  "/C=UK/ST=UK/L=London/O=YourCompany/OU=YourApp/CN=localhost"  echo Self-sign client certificate: openssl x509 -passin pass:1111 -req -days 36500 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt  echo Remove passphrase from client key: openssl rsa -passin pass:1111 -in client.key -out client.key 

What I am finding is that the server loads fine on some machines, however on other machines it fails to start, reporting that it could not bind to the port. I have checked that the port is definitely not being used by anything. Also the server starts fine if I don’t use any certificates.

Am I doing something specifically wrong in the script, or is it not possible to have a certificate with CN=localhost in a server that should be able to wrong on any machine in a local network, and accept connections from any client on the network that trusts the public key?

Queries on large database kill connection to the server, works with LIMIT

I’m trying to run queries on a large-ish database without killing the connection to the server.

I’m using Postgres 12.1 on a mac with 16gb of memory, and about 40gb of free disk. The database is 78gb according to pg_database_size with the largest table being 20gb according do pg_total_relation_size.

The error I get (from the log), regardless of which non-working query I run, is:

server process (PID xxx) was terminated by signal 9: Killed: 9 

In VS code the error is "lost connection to server".

Two examples that don’t work are:

UPDATE table SET column = NULL WHERE column = 0; 
select columnA from table1 where columnA NOT IN ( select columnB from table2 ); 

I can run some of the queries (the above one, for example) by adding a LIMIT of, say, 1,000,000.

I suspected that I was running out of disk due to temp files, but in the log (with log_temp_files = 0), I can’t see any temp files being written.

I tried increasing and decreasing work_mem, maintenance_work_mem, shared_buffers, and temp_buffers. None worked, the performance was about the same.

I tried dropping all indexes, which brought down the “cost” on some of the queries, but they still killed the connection to the server.

What could be my problem and how can I troubleshoot this further?

Additionally, I read that temp files from timed-out queries are stored in pqsql_tmp. I checked the folder, and it does not have files of significant size. Could the temp files be stored somewhere else?


The log file for running a failed query looks like:

2020-02-17 09:31:08.626 CET [94908] LOG:  server process (PID xxx) was terminated by signal 9: Killed: 9 2020-02-17 09:31:08.626 CET [94908] DETAIL:  Failed process was running: update table         set columnname = NULL         where columnname = 0;  2020-02-17 09:31:08.626 CET [94908] LOG:  terminating any other active server processes 2020-02-17 09:31:08.626 CET [94919] WARNING:  terminating connection because of crash of another server process 2020-02-17 09:31:08.626 CET [94919] DETAIL:  The postmaster has commanded this server process to roll back the current transaction and exi$   2020-02-17 09:31:08.626 CET [94919] HINT:  In a moment you should be able to reconnect to the database and repeat your command. 2020-02-17 09:31:08.626 CET [94914] WARNING:  terminating connection because of crash of another server process 2020-02-17 09:31:08.626 CET [94914] DETAIL:  The postmaster has commanded this server process to roll back the current transaction and exi$   2020-02-17 09:31:08.626 CET [94914] HINT:  In a moment you should be able to reconnect to the database and repeat your command. 2020-02-17 09:31:08.629 CET [94908] LOG:  all server processes terminated; reinitializing 2020-02-17 09:31:08.698 CET [94927] LOG:  database system was interrupted; last known up at 2020-02-17 09:30:57 CET 2020-02-17 09:31:08.901 CET [94927] LOG:  database system was not properly shut down; automatic recovery in progress 2020-02-17 09:31:08.906 CET [94927] LOG:  invalid record length at 17/894C438: wanted 24, got 0 2020-02-17 09:31:08.906 CET [94927] LOG:  redo is not required 

start proxy server on docker containers for http request from host

I have a docker container connected to a VPN, but sometimes i need to open a URL on browser for debug.

I cannot run the VPN on my host machine for security reasons, specifically i want to open the URL in my host machine and intercept request with BURP Suite, i already tried some “python proxy servers” from github to start a proxy on my docker machine and connect my host to it, without success.

Someone did something similar?. any ideas?

PD. sorry for my english. 🙂

Using XSS to Steal Cookies WITHOUT access to external server

I’m working on a project where we need to craft an HTML page that launches a CSRF attack that logs in to an attacker account on a victim computer. The biggest hurdle however is an authorization cookie needed to login.

I need to do an XSS attack on this website to steal the cookie needed and use it in the CSRF attack. However the catch is that the XSS attack must be done entirely on the html page itself, I can’t have a server or website that can catch the cookies from rudimentary XSS attack. This is where all the XSS cookie Steelers in finding falter, they rely on an external server to catch the cookies.

Does anyone know how I can perform XSS cookie stealing entirely within an HTML file?

DIY Server Security Concerns

As the title says, I have some concerns about the security on my home server and I would appreciate if someone make things clear for me.

Here’s the thing; I recently set up a server from an old computer case. I use docker to install and use different services on different ports and I would like to access some services from outside of my house.

I have a domain from namecheap and I set up dynamic dns which successfully sends my public IP to my domain periodically. Here’s the docker.

To reach different services on different ports with subdomains, I set up an nginx reverse proxy server with the help of a docker container. I only forwarded port 80 and port 443 from my router.

Now my setup works like a charm, let’s say I want to reach service1 which is on port 2525, I go to service1.mydomain.com and my nginx server redirects me to localhost:2525 .

Here is where my concerns started; I shut down the server at nights. Even though it is shut down, when I ping service1.mydomain.com, it shows my home’s IP address. It doesn’t lead to anywhere on browser, however it can still be pinged.

  • What problems can occur with this setup?
  • Or does any problem occur at all?
  • Can someone reach into my home network?

[Note that I use a standard router with low level firewall. And although my IP is not static (I didn’t buy), it hasn’t changed in months as I observed.]

Thanks.

Anyone need quality USA EZ(CN2) dedicated server?

2x E5-2630L 16GB 2TB SATA/480GB SSD Unmetered/1G 5   

E3-1230v3 16GB 2TB SATA/480GB SSD Unmetered/1G 5

E3-1230/Cloud Server 4GB/8GB 200GB SATA 5TB/100M 5/Up to 61 IPS

E3-1270/Cloud Server 8GB/16GB 400GB SATA 10TB/100M 5/Up to 61 IPS 

2xE5-2620/Cloud Server 16GB/64GB 1TB SATA 10TB/100M 5/Up to 61 IPS 

E3-1231v3 8GB 2TB SATA/480GB SSD Unmetered/1G 5 

E3-1230v5 16GB 2TB SATA/480GB SSD Unmetered/1G 5 

E3-1270v2 16GB 2TB SATA/480GB SSD Unmetered/1G 5 

E3-1270v3 16GB 2TB SATA/480GB SSD Unmetered/1G 5

E3-1275v5 16GB 2TB SATA/480GB SSD Unmetered/1G 5 

Skype ID:live:.cid.143257f04d8bf604

Telegram:@rosalie269

Hijacking Websocket – it is possible to change the server response?

i read every available hijacking websocket guide/explanation there is in the wild but i still don’t understand one thing.

In a CSWSH it is possible to custom requests to the server and retrieve sensitive information that an attacker can steal, also perform sensitive state-changing actions like a normal CSRF.

But, is it possible to send the normal/default request to the server and change the server’s response?

Lets say a website that uses websockets to receive prices of items,

a sample request would be:

{Price: apple} 

A simple response would be

Price apple: 100 

i want to know if it would be possible just to change the response from the server and say that apple is worth 5 or 500 instead of 100, without changing the request to the server… just the response

How to install SQL Server 2017 Express in “Quiet Simple” mode without an extraction folder?

I need to install SQL Server 2017 Express with as little user interaction as possible. I am using the SQLEXPR_x64_ENU.exe setup file that I found a Microsoft download for.

Currently I can do exactly what I want with 2012 by using the following parameters:

/FEATURES="SQL, Tools" /QS /IACCEPTSQLSERVERLICENSETERMS /ADDCURRENTUSERASSQLADMIN=1 /ACTION="Install" /ERRORREPORTING=0 /INSTANCENAME="MyDB" 

In 2012 this works great, however I am trying to now do the same in 2017. The problem I have is that it creates an extraction folder called “SQLEXPR_x64_ENU” in the same directory as the install. This is not desirable.

Question: Is there anyway to prevent this extraction folder from being used, so that it functions that same as the 2012 setup?

Alternatively, one of the following solutions would be acceptable:

  • Allow the user to select the extraction location – like it does with default install (non-quiet) – but still ensure /QS mode for the rest of the setup
  • Have the extraction folder automatically deleted after setup (it wouldn’t be so bad if it cleaned up it’s mess after it was finished)

Is cookie information stored on the server side?

I thought cookies are stored on client side only, as files. Then I realize if cookies are not stored on server side, how could a server match a cookie just received from a client to some session or other information created in the past?

So is it correct that cookie information is also stored on the server side?

How does a server store cookie information?

I have searched about “client side cookie” and “server side cookie” and reached several discussions including

  • https://www.quora.com/Are-cookies-client-side-or-server-side,

  • https://stackoverflow.com/questions/6922145/what-is-the-difference-between-server-side-cookie-and-client-side-cookie.

Thanks.