Blog

PHPServerMon Public Page Hack

Yes there is my modifications :

Create a Public user, give access to servers you want
Memorize the ID it gives to you
\src\psm\Service\User.php
Line 98 (after $this->session = $session;)

$kl = “”;
$kl = isset($_GET[“kl”]) ? $_GET[“kl”] : ”;
if ($kl == “public”){
$user_id = 3;
$this->setUserLoggedIn($user_id, true);
$user = $this->getUser($user_id);
$this->newRememberMeCookie();
}

When you will tap the URL http:/server/servermonitor/?kl=public it will take the Public account

This method use a particular userid so even if somebody change the password, the script will never use it anyway.

I changed something else to cut some menu items
\psm\Module\AbstractController.php

Line 271 : erase the server_update function, I think this is only the crontab need to make a status update and I seen some troubles when I make it manually.

$items = array(‘server_status’, ‘server’, ‘server_log’, ‘user’, ‘config’);

Line 274 : comment the entire items line, when you are only User (Public account) you don’t want to have other things to see other then the servers status page

//$items = array(‘server_status’, ‘server’, ‘server_log’, ‘server_update’);

 

Source is https://sourceforge.net/p/phpservermon/discussion/845823/thread/f1b2e4ff/#66a7

 

With some modes to the code.

Posted in: Blog, Technical

Leave a Comment (0) →

“WARNING: Interbase component has been detected on the computer”

Error: “WARNING: Interbase component has been detected on the computer”
Ensure ALL previous versions of Interbase Client have been COMPLETELY uninstalled from this computer PRIOR to running the Medtech IBXE-7 Update5 Server Setup Installation.


This typically happens when the InterBase Services are not completely stopped (both Guardian and Server Services) prior to uninstalling the old version of InterBase. It leaves associated DLL file/s behind which need to be removed.

Before attempting to install, delete all “Embarcadero” and “InterBase” folders in:
C:\Program Files\
C:\Program Files (x86)\Borland\

Delete the GDS32.DLL file (the culprit) from C:\Windows\SysWOW64 folder and attempt the installation again.

Posted in: Blog, Technical

Leave a Comment (0) →

Yeastar Password Reset

1. Power on your MyPBX U520 device, with Putty connected to console (baud rate 57600)

2. As soon your device got power, press any key several times to interrupt the boot process of device and get to the u-boot prompt, in my case it was

pbx300>

3. Enter the printenv command to get the u-boot constant values.

4. You should see this type of output:

bootdelay=1
baudrate=57600
autoload=no
verify=yes
loadaddr=0x81000000
ipaddr=192.168.5.52
update-sf=tftp 0x88000000 u-boot.spi;sf probe 0;sf erase 0 0x40000;sf write 0x88000000 0 ${filesize}
bootargs=console=tty01,57600n8 rw mem=768M root=/dev/ram
ramboot=run nandboot1;run nandboot2;run tftp-boot


and other output

5. Now you need the bootargs row. Copy the bootargs value.

6. Set the boot arguments to boot the single user mode.
For this, enter this command:
setenv bootargs ‘paste your bootargs + keyword single

For me it was like this:

pbx300>setenv bootargs 'console=tty01,57600n8 rw mem=768M root=/dev/ram single'

BE VERY CAREFULL AND DONT COPY FROM HERE, YOU CAN HAVE DIFFERENT VALUES IN YOUR BOOTARGS ROW!

Changes made by setenv are lost after reboot!

7. After you set the new boot arguments, you can process to boot into the system.
If you will enter the saveenv command, you will save the current configured bootargs, and will enter single mode every time after reboot, so DONT saveenv!

8. Enter the boot command to boot with configured single mode.

9. You should boot in the system with the @(none):/# prompt.

10. Type /dev/ and press Tab twice. You should get the list of devices. You are interested in mtdblock2 device. This is the NAND memory the PBX normally boots from.

11. Create temporary mount point, using this command:

@(none):/# mkdir /mnt/temp

12. After mount point was created, mount mtdblock2 device to your running system, like that:

@(none):/# mount -t yaffs2 /dev/mtdblock2 /mnt/temp

-t yaffs2 = indicates that mounted device has YetAnotherFlashFileSystem

13. Now access memory through mount point.

@(none):/# cd /mnt/temp

Enter ls command and check if there is present /etc directory. If yes, cd into it

@(none):/mnt/temp# cd ./etc/

14. ls again, you should find passwd file.

15. Now you are going to purge the forgotten root password. For this you need to edit the passwd file, where all password are saved in encrypted form.

Check your prompt, it indicates that you are int the etc directory:

@(none):/mnt/temp/etc#

Open passwd file using ‘vi’ text editor

@(none):/mnt/temp/etc# vi passwd

See the row (in my case):

root:m*&y32yu48&*(u4yh3r43^yio.t/fvGaz:0:0:root:/:/bin/sh

The random bunch of letters and characters

m*&y32yu48&*(u4yh3r43^yio.t/fvGaz

is the encrypted password.
CAREFULLY DELETE it, so you get the following row:

root::0:0:root:/:/bin/sh

15. Enter :wq command to save and exit from the editor. Enter vi passwd command again and check if anything is ok and password is purged. Enter the :q command to just exit the vi text editor.

16. Enter the reboot command. Now your PBX will boot in normal way, because after reboot your setenv settings will be lost, because these was  not saved with the saveenv command. However, root password is purged now.

17. After PBX boots up and login as: prompt apperas, try to login as root. When the password prompt will appear, just hit ENTER.

You should be able to log in console with root privileges. Now enter passwd command and enter the new password.

That’s all. Be careful and don’t forget your passwords, like i did, haha! 😀

Source https://support.yeastar.com/hc/en-us/community/posts/222734327-MyPBX-U520-root-password-reset

 

Posted in: Blog, Technical

Leave a Comment (0) →

Magento not able to log in with chrome. No Error

I had a customer update their Magento install and after got reports that chrome users couldn’t log in some times. I found a post that point me in the right direction after spreading a while researching the issue.

 

The trick was to create the directory app/code/local/Mage/Customer/Model and copy the file Session.php from app/code/core/Mage/Customer/Mode  into it.

Then comment out $this->renewSession(); from the setCustomerAsLoggedIn Function.

So it looks like this.

    public function setCustomerAsLoggedIn($customer)
{
    $this->setCustomer($customer);
    //$this->renewSession();
    Mage::dispatchEvent('customer_login', array('customer'=>$customer));
    return $this;
}

Make sure to clear out all login cookies using ./n98-magerun.phar cache:clean config

If this doesn’t work try running  n98-magerun.phar sys:check and check if there are any issues listed.

Posted in: Blog, Technical

Leave a Comment (0) →

LibreNMS and check_http

You can add a service from the Services menu or you can go to devices and choose a device. We are going to add the HTTP service to monitor the status code, response time, and SSL certificate expiration. Choose your device and then click on Services which should be in between Inventory and Logs. Click Add Service and choose http for the type. Fill in the description you want. For IP address fill in the website address such as stupiderror.com. If your site redirects to www then fill in something like www.stupiderror.com. For the Parameters we are going to use -S -w 3 -c 5. The -S tells it to connect with ssl so it uses HTTPS instead of HTTP. The -w says to put the service in a Warning state if it takes 3 seconds or longer to respond. The -c option tells it to put the service in a Critical state if it takes 5 seconds or longer to respond.

To monitor the expiration of the certificate click on Add Service again. Choose HTTP for type. For IP address fill in your domain name, something like www.stupiderror.com. For Parameters we can do -C 30,14. This says the service is good when the certificate is valid for more than 30 days. If the certificate is valid for 15 to 30 then days then change the state to Warning and if it is valid for 14 or less days then change the state to Critical. If you click on Details you can see graphs for these metrics.

For more information on check_http check out the man page: https://www.monitoring-plugins.org/doc/man/check_http.html

 

Source https://www.stupiderror.com/add-nagios-plugins-to-librenms-and-setup-check_http/

 

Posted in: Blog

Leave a Comment (0) →

Send from domain IP addresses MailCleaner CBL

 

I have a customer that got listed on CBL using Mailcleaner.

I found this.

If you have mailservers relaying through your mailcleaner cluster, do not turn on “Mask IP address of relayed host on port 587” OR “Masquerade relayed HELO with sender domain” as you wil find yourself listed very quickly in the CBL.abuseat.org RBL, which is part of Spamhaus XBL, and hence can unleash a world of pain if you get listed.

Source http://forum.mailcleaner.org/viewtopic.php?t=2230

 

Posted in: Blog, Technical

Leave a Comment (0) →

Cisco IOS Port forward Range

Port forwarding on Cisco IOS devices can be a bit tricky but here is a easy way to do it.

192.168.59.10 is the server you want to port forward to. (You need to have this in twice for the NAT Pool)

ip nat pool POOL1 192.168.59.10 192.168.59.10 netmask 255.255.255.0 type rotary
ip nat inside destination list VOIP pool POOL1
!
ip access-list extended VOIP
permit tcp any any eq 5060
permit udp any any eq 5060
permit tcp any any range 10000 15000
permit udp any any range 10000 15000

Posted in: Blog

Leave a Comment (0) →
Page 1 of 14 12345...»