Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Roxy-wi CVE-2022-31137 #314

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Roxy-wi CVE-2022-31137 #314

wants to merge 1 commit into from

Conversation

am0o0
Copy link
Contributor

@am0o0 am0o0 commented Apr 19, 2023
edited

Linux distribution: Ubuntu 18.04 TLS

mkdir /var/www
cd /var/www/
git clone https://github.com/hap-wi/roxy-wi.git /var/www/haproxy-wi
cd haproxy-wi
git checkout 6448ca20e0bafacf411331006d70b9d31ef0a737
cd ..
sudo apt-get install apache2 python3 python3-pip python3-ldap rsync ansible python3-requests python3-networkx python3-matplotlib python3-bottle python3-future python3-jinja2 python3-peewee python3-distro python3-pymysql python3-psutil python3-paramiko netcat-traditional nmap net-tools lshw dos2unix libapache2-mod-wsgi-py3 openssl sshpass -y
sudo chown -R www-data:www-data haproxy-wi/
sudo cp haproxy-wi/config_other/httpd/roxy-wi_deb.conf /etc/apache2/sites-available/roxy-wi.conf
sudo a2ensite roxy-wi.conf
sudo a2enmod cgid ssl proxy_http rewrite
sudo pip3 install -r haproxy-wi/config_other/requirements_deb.txt
sudo systemctl restart apache2

sudo pip3 install paramiko-ng 
chmod +x haproxy-wi/app/*.py 
sudo cp haproxy-wi/config_other/logrotate/* /etc/logrotate.d/
sudo mkdir /var/lib/roxy-wi/
sudo mkdir /var/lib/roxy-wi/keys/
sudo mkdir /var/lib/roxy-wi/configs/
sudo mkdir /var/lib/roxy-wi/configs/hap_config/
sudo mkdir /var/lib/roxy-wi/configs/kp_config/
sudo mkdir /var/lib/roxy-wi/configs/nginx_config/
sudo mkdir /var/lib/roxy-wi/configs/apache_config/
sudo mkdir /var/log/roxy-wi/
sudo mkdir /etc/roxy-wi/
sudo mv haproxy-wi/app/roxy-wi.cfg /etc/roxy-wi
sudo openssl req -newkey rsa:4096 -nodes -keyout /var/www/haproxy-wi/app/certs/haproxy-wi.key -x509 -days 10365 -out /var/www/haproxy-wi/app/certs/haproxy-wi.crt -subj "/C=US/ST=Almaty/L=Springfield/O=Roxy-WI/OU=IT/CN=*.roxy-wi.org/emailAddress=aidaho@roxy-wi.org"
sudo chown -R www-data:www-data /var/www/haproxy-wi/
sudo chown -R www-data:www-data /var/lib/roxy-wi/
sudo chown -R www-data:www-data /var/log/roxy-wi/
sudo chown -R www-data:www-data /etc/roxy-wi/
sudo systemctl daemon-reload
sudo systemctl restart rsyslog
sudo systemctl restart apache2

cd /var/www/haproxy-wi/app
sudo ./create_db.py
sudo chown -R www-data:www-data /var/www/haproxy-wi/
sudo chown -R www-data:www-data /var/lib/roxy-wi/

change SSLEngine on to SSLEngine off in /etc/apache2/sites-available/roxy-wi.conf
one of the interesting things during final test of this plugin was an issue about self signed or outdated SSL certificates, I tied to disable httpRequest default behavior about this issue but I didn't get any successful result. so I disabled the SSL on my tests.
I think many of tsunami targets have SSL issues! so it can be a good idea to set SSL validation check to false as default.

@am0o0
Copy link
Contributor Author

am0o0 commented Apr 19, 2023

please tell me if you like to I write detector for default credentials.

@tooryx tooryx added the Contributor queue When a contributor has already one issue/PR in review, we put the following ones on hold with this. label Feb 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Contributor queue When a contributor has already one issue/PR in review, we put the following ones on hold with this.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@am0o0 @tooryx