Is there a way to scan a list of targets with nmap and put in the list of targets, ports like the following:
1.1.1.1:80,443
2.2.2.2:3389,636
3.3.3.3:23,21
Or is there an easy way of doing this, i don't want to scan all the ports in the list, i only want to scan the ip and the associated ports to it?
Using files with predefined targets to scan to Nmap is pretty easy, in the file you only need to set a target, or a range per line. Create a file called targets by running:
open a new file (nano file_name) and write your targets in the file:
Example:
192.168.0.1
192.168.0.10
192.168.0.17
test.com
target.com
...
Now use the target file in nmap with down command:
nmap -iL file_path
Related
I'm trying to have wildcard RR in bind:
*.foo 10 IN A 1.2.3.4
At the same time I'm trying to add _acme-challenge TXT record:
_acme-challenge.b.foo IN TXT "example"
And it does not work. As soon as I have _acme-challenge.b.foo in domain file, b.foo.example.com stop resolving.
Is it possible to make them both to work? How to do it?
I am looking at the stackstorm docker-compose file, and within it almost all containers have a line dns_search: . According to docker-compose documentation, dns_search is for the purpose of configuring search domains.
I am used to seeing this in context of transparently adding a domain to unqualified short domains. For example if I add dns_search: mydomain.com, I would expect "host1" to transparently resolve as "host1.mydomain.com".
I have never seen this set as a single dot . before. What is the effect/purpose of doing this configuration?
I'm posting the answer from the Stackstorm Git project issue see comment/"dns_search: .". Paraphrasing: it was useful in old versions of Docker before 2017, before the ndots configuration was available. Nowadays that configuration has no impact, and in fact has been removed from the stackstorm docker-compose file.
I believe this is because all domain names end in . under the hood, but browsers and other software abstracts this out.
For example. under the hood www.google.com is actually www.google.com.
So, in the docker-compose file, this would essentially be saying "Find me any domain"
A bit more detail on why there's an extra dot, if you're interested:
Domain name resolution is heirachical, reading right to left, with each block, separated by a ., being a step in the process. A DNS resolver will first find a source of ., which will be able to return the address for a resolver for the next block, until it reaches the final block, where it returns the full DNS record.
Extending EdwardTeach's answer:
#ytjohn effectively said they did in the past because putting dns_search: . configures the DNS search domains to be only . instead of inheriting the host ones. I can't confirm that because I didn't test it.
Now, I tested what docker-compose does today, and in a container, cat /etc/resolve.conf returns:
nameserver 127.0.0.11
options ndots:0
Where options ndots:0 is (from resolv.conf docs):
ndots:n
Sets a threshold for the number of dots which must
appear in a name given to res_query(3) (see
resolver(3)) before an initial absolute query will
be made. The default for n is 1, meaning that if
there are any dots in a name, the name will be
tried first as an absolute name before any search
list elements are appended to it. The value for
this option is silently capped to 15.
With ndots:0, all domains will be attempted using the absolute name first, only then using the search list.
How I came to this conclusion
The Github comment:
If you don't set this dns_search: ., then whatever the host has in search in their /etc/resolv.conf will get put into your container's /etc/resolv.conf.
This doesn't happen. My host has search domain[0]: broadband (macOS command: scutil --dns), and in docker containers, it doesn't show broadband (linux command: cat /etc/resolv.conf). Instead, it says options ndots:0
dns_search docs:
dns defines custom DNS search domains to set on container network interface configuration. Can be a single value or a list.
What is a DNS search domain?
It is the DNS service used to resolve hostnames that are not fully qualified, e.g. hostname will try hostname.example.com then hostname.website.com if your search domains list was example.com, website.com. More information on https://superuser.com/a/184366
In another repo (crossdock), their dockerfile had the comment:
`dns_search: . # Ensures unified DNS config.`
When starting a scan with docker run -t owasp/zap2docker-stable zap-baseline.py -t https://10.1.2.3/zapwave the spider will follow back to the root URL https://10.1.2.3 and continue to scan out of scope items. eg /ghost, /mono, /webgoat
Is it possible to limit the scan scope to just the specified directory or below? The web application in this example is OWASP DWVA.
You haven't passed it a context file from which it would constraint to scope.
The baseline scan documentation is here:
https://github.com/zaproxy/zaproxy/wiki/ZAP-Baseline-Scan
In particular you probably care about:
-n context_file context file which will be loaded prior to spidering the target
You should probably also have a look at:
https://blog.mozilla.org/security/2017/01/25/setting-a-baseline-for-web-security-controls/
Also it's probably easiest to configure, test, and export the context from the GUI before trying to use it with automation.
I am trying to use InstallAssist (apicup) on ubuntu box to prepare the configuration file (apiconnect-up.yml) as part of creating an OVA file for management(mgmt) subsys.
I am having an issue with defining interfaces for the host (myhost.domain):
When I try apicup hosts list mgmt command, I get the following:
apicmgt01.lab
* host is missing traffic interface
* host is missing public interface
Device IP/Mask Gateway
eth0 192.168.10.166/255.255.255.0 192.168.10.1
The command I used to create the interfaces, based on IBM KC, is this:
picup iface create mgmt apicmgt01.lab eth0 192.168.10.166/255.255.255.0 192.168.10.1
I tried to google how exactly I need to set the those "traffic" and "public" interfaces with no success.
Note:
IBM knowledge reference mentions public_iface_id right after the command "apicup iface create mgmt ..." but it's not mentioned anywhere in the command itself nor anywhere else in the entire page!
With the scarce resource about the topic, I am struggling to get this part done. Any help will be very much appreciated.
I was just struggling with that, too.
If you run apicup subsys get mgmt you can see close to the output's beginning, there are values for public-iface and traffic-iface.
Make sure it's set to the correct value by running apicup subsys set mgmt public-iface=<iface_name> and apicup subsys set mgmt traffic-iface=<iface_name>.
I need to run multiple(more than 4) instances of JBoss server on a single machine.
I am using JBoss 4.2.3 GA.
I found the answer. We have to configure the jboss-service.xml to run multiple instances in the same machine.
We may need to keep the same "default" instance same as it is under the JBOSS_HOME\Server.
We have to create another folder say "instance2" under JBOSS_HOME\Server.
Copy all the contents from JBOSS_HOME\Server\default to this newly created folder.
Now goto conf folder under JBOSS_HOME\Server\instance2 directory.
Edit the jboss-service.xml.
Search for mbean code="org.jboss.services.binding.ServiceBindingManager" in this configuration file.
By default this xml tag is commented. We have to un comment it and change the value ports-00 to ports-01.
Then start this instance2 jboss instance. We can access this application by using the port number 8180.
We can go for at maximum of 3 instances with this way.
To run more than this we have to add some more running tags in
JBOSS_HOME\docs\examples\binding-manager\sample-bindings.xml.
You can make things a lot simpler by simply changing the IP that the server is bound to.
You will need to copy the entire jboss folder several times and configure run.bat to use the -b parameter on startup.
If this is a Windows server and you're running jboss as a service, you might want to edit the service.bat for each instance too so that the servers all have different names in the services control panel.
Part of the problem we ran into when trying to use different HTTP ports was that jboss uses 'lots' of ports for different purposes and it was a pain to edit all of these port numbers to be unique on each instance. By changing the bind address you can avoid this problem entirely.
Create multiple loopback adapters and bind each ip address to different instance.
No need of changing port.
RK
1) Copy the default folder with new name: instance name
2) In jboss-service.xml Uncomment the ServiceBindingManager mbean and change the ServerName to ports-01 or 02 or 03 e.g:ports-01 and ports-01/02/03 configuration should be there in sample-bindings.xml(present in docs/examples/binding-manager) And make the changes in all the ports mentioned under ports-01/02/03 tags, So that ports will not get conflict. Remember the server will run on the binding port like 8080/8180/8182.
from cmd promt go to the bin folder and run the instances with cmd:
run -c instancename
Running multiple instances of JBoss on the same server:
We should keep the "default" instance same as it is under the **JBOSS_HOME\Server
Copy the default folder with new name (instance name) say default2 under JBOSS_HOME\Server. Copy all the contents from JBOSS_HOME\Server\default to this newly created folder.
The binding service manager needs to be enabled in conf/jboss-service.xml for instances that are not using the default ports.
a. (i.e.) In the copied instance, go to conf folder under JBOSS_HOME\Server\default2 directory. Edit the jboss-service.xml.
b. Search for mbean code="org.jboss.services.binding.ServiceBindingManager" in this configuration file.
c. By default this xml tag is commented. We have to uncomment it and change the value ports-00 to ports-01.
In the same file, Under "Socket transport Connector", in the "Configuration" section, serverBindPort must be changed to another value or it will conflict with the default (4446).
<mbean code="org.jboss.remoting.transport.Connector"
name="jboss.remoting:service=Connector,transport=socket"
display-name="Socket transport Connector">
...
<attribute name="Configuration">
...
<attribute name="serverBindPort">25447</attribute>
...
In default2/deploy/ejb3.deployer/META-INF/jboss-service.xml, for the remoting.transport.Connector mbean, port 3873 must be changed to another value or it will conflict with the default.
<mbean code="org.jboss.remoting.transport.Connector"
name="jboss.remoting:type=Connector,name=DefaultEjb3Connector,handler=ejb3">
<depends>jboss.aop:service=AspectDeployer</depends>
<attribute name="InvokerLocator">socket://${jboss.bind.address}:25874</attribute>
...
In default2\deploy\jboss-web.deployer\server.xml
set redirect port value to the one configured in step 4
<Connector port="8180" address="${jboss.bind.address}"
maxThreads="250" maxHttpHeaderSize="8192"
emptySessionPath="true" protocol="HTTP/1.1"
enableLookups="false" redirectPort="25447" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
Also, the port value configured in step 5
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="25010" address="${jboss.bind.address}" protocol="AJP/1.3" //change the connector port value to avoid conflict
emptySessionPath="true" enableLookups="false" redirectPort="25874" /> // port value configured in step 5
In summary, the directory structure for setting up two other instances would be something
like the below with modifications in the filenames in bold.
$JBOSS_HOME/server/default
$JBOSS_HOME/server/default2
$JBOSS_HOME/server/default2/conf/jboss-service.xml
$JBOSS_HOME/server/default2/deploy/ejb3.deployer/META-INF/jboss-service.xml
$JBOSS_HOME/server/default2/deploy/jboss-web.deployer/server.xml**
$JBOSS_HOME/server/default3
$JBOSS_HOME/server/default3/conf/jboss-service.xml
$JBOSS_HOME/server/default3/deploy/ejb3.deployer/META-INF/jboss-service.xml
$JBOSS_HOME/server/default3/deploy/jboss-web.deployer/server.xml**
7.From command prompt go to the bin folder and run the instances with cmd:
run -c instancename
In this case, it is: run -c default2
And applications accessed with url’s like:
http://localhost:8080/myapp/
http://localhost:8180/myapp/
http://localhost:8280/myapp/
Note: We can go for maximum of 3 instances with this way.
To run more than this we have to add some more running tags in JBOSS_HOME\docs\examples\binding-manager\sample-bindings.xml.
I used this article to install mine.
http://wiki.adempiere.net/Setup_2_Adempiere_JBoss_server_in_1_physical_server
You should create different services to control the adempiere servers.
Also if you work with jasper report, use unique file names for reports or you will face permission denied exception.
Ex : if you attach "report.jrxml" to two servers. Server will create /tmp/report.jrxml tmp file.
The second server will also try to create the same file and get crashed
Copy complete JBOSS setup to new location, and start new server with offset option, which will start server on existing ip and changing port to previously_configured_port+offset
standalone.bat -c standalone-full.xml -Djboss.socket.binding.port-offset=100
This command will make default jboss console 9990 to 10090
Now you can add your war file in new deployments folder and start deployment on new port
The quickest and easiest way that comes into mind is simply configuring multiple IP addresses to the hosting machine. Then you can use the different IP addresses to bind to each instance. Doing this means you don't have to change any default ports and allows for an easier environment to manage.
We can easily do this on JBOSS EAP
For first instance, just start the JBOSS as it is.
for the second instance,
Copy the JBOSS home folder to a different location.
go to standalone/configuration/standalone.xml. go to the section(at bottom of the file) and set port-offset value to some value(EX: 10000) which doesn't have any port binding issue on currently running application. Here the default port-offeset value is 0.
start the second instance as usual .