--- tags: ccdc --- # HTTPS migration ## verify openssl installed ```bash= openssl version ``` ## generate certificate and key ```bash= openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt ``` ## allow https for firewall ### iptables ```bash= iptables -I INPUT -p tcp --dport 443 -j ACCEPT ``` ### ufw ```bash= ufw allow 443 ``` ## restart web server example with apache: ```bash= systemctl restart apache2 ``` ## verify everything works connect in browser w/ https
Last changed by  
UAA CSC
UAA Cyber Security Club
65

Read more

Untitled

#include <stdio.h> int main() { int i; for (i = 0; i < 10; i++) { puts("Hello, World!"); } } Directories (not case-sensitive)

4/28/2021
Securing CyberPatriot Windows Hosts (Windows Vista/Server 2K8 and Above)

Note: It is recommended to solve the forensic Questions first! However, some answers may be not be easy to find without fixing some mis-configurations. Please use gpresult before you do anything. Checkout the Checklist! * Sections made after the wildcard event are denoted by "*". (Rayce) All of the machines from cyberpatriot (and cybersentinel) are in my possession. You will find unregistered copies of the Round 3 Cybersentinel machines on ccdcmoose. The Windows 10 image was the most problematic due to a user policy that disabled security settings in the Computer scope. Initial Overview Open command prompt as an administrator

4/2/2021
Update website user passwords

obtain a list of users find user table in database can run (mysql) query from terminal and write to file like: mysql -u root -p database_name -e "use database_name; select username_field from user_table_name" > users determine hashing algorithm and number of hash rounds used for user passwords common hash algos: $1$ | MD5

3/31/2021
Linux Database Migration

Note: most values/variables with _ (underscores) are not literal and will need to be changed to an appropriate literal value Determine relevent database in DBMS mysql: SHOW DATABASES; Dump database to file db.sql (example, use a meaningful name) For SQL databases:

3/31/2021
Read more from UAA CSC
Published on HackMD