Tuesday, October 6, 2015

Configure Apache to run Python Scripts in Windows

This is a simple writeup to fill a gap in various "HOWTO"'s that I read when trying to setup my Apache web server to run python scripts as CGI and it will apply to any cgi scripts (perl, c, c++). 

[1] Install python for Windows: 

  https://www.python.org/downloads/ 

 [2] Install Apache: 

  http://httpd.apache.org/download.cgi 

  (or) 

 [2] Install XAMP or WAMP: 

  [2.1] XAMP: 

   https://www.apachefriends.org/download.html 

  (or) 

  [2.1] WAMP:  

   http://www.wampserver.com/en/ 
[3] Configure httpd.conf: 

  httpd.conf can be located %apache_install_dir%\conf\httpd.conf 

  [3.1] Add ExecCGI to "options". The line should now look similar to the following (NOTE: there may be more options listed): 

Options Indexes FollowSymLinks ExecCGI 

  [3.2] Add a .py to AddHandler:

  AddHandler cgi-script .cgi .py 

  [3.3] Add Registry-Strict to ScriptInterpreterSource: 

  ScriptInterpreterSource Registry-Strict 

  [4] Register python interpreter in Windows registry to handle python scripts Create a .reg file and execute it
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.py\Shell\ExecCGI\Command] @="c:\\python27\\python.exe"

Restart apache web server. You are all set now :-)
Posted by at No comments:

Wednesday, July 8, 2015

If you are going to #BlackHat2015 come by our...

If you are going to #BlackHat2015 come by our booth #759 & learn why #Cyphort is the clear alternative to FireEye http://t.co/CChJCbrvQ6

If you are going to #BlackHat2015 come by our...

If you are going to #BlackHat2015 come by our booth #759 & learn why #Cyphort is the clear alternative to FireEye http://t.co/CChJCbrvQ6
Cyphort Social Hub
Posted by at No comments:

Wednesday, July 1, 2015

OPM Data Breach: What Needs to Happen Now

OPM Data Breach: What Needs to Happen Now

OPM Data Breach: What Needs to Happen Now

Given that OPM handles records for federal employees, including those obtaining security clearances, the damage can potentially go beyond financial crimes.
Cyphort Social Hub
Posted by at No comments:

Helping Cyphort Defeat The Enemy Inside The...

Helping Cyphort Defeat The Enemy Inside The Gates | Sapphire Ventures @sapphirevc

Helping Cyphort Defeat The Enemy Inside The...

When it comes to cybersecurity, we live in unprecedented times! The enemy has figured out how to breach the perimeter security – including firewalls, anti-virus, endpoint security, and more – that enterprises have put up over the last decade and is already inside the gates of enterprises. Security breaches have become so passé that some of them don’t even get mentioned in the press, and if they do the shelf-life of news about the breach lasts only a few days. However, for nearly all enterprises these kinds of security breaches are top-of-mind since the costs associated with each breach continue to creep up and up. According to an IBM study, the average consolidated total cost of a data breach is $3.8 million representing a 23 percent...Read More
Cyphort Social Hub
Posted by at No comments:

NGFW – WTF is the Intelligence?

NGFW – WTF is the Intelligence?

NGFW – WTF is the Intelligence?

Definition: Intelligence - can be generally described as the ability to perceive and/or retain knowledge or information and apply it to itself or other instances of knowledge Today’s state of cyber security is one of the most interesting, and challenging it has ever been. If you take a step back and review the advancements in the traditional security infrastructure, there has been little innovation in the terms of providing protection layers that are as advanced as the tactics used by today’s threat actors. Let’s take a look at the state of firewalls, and their mos
Cyphort Social Hub
Posted by at No comments:

Tuesday, July 23, 2013

"Master key" Exploit Scanner

Google has released patch for the master key vulnerability to third party Android Mobiles, but google's Nexus devices still remain vulnerable against mater key exploits. Android user are advised not to download apps from 3rd party app markets. You can use the python version of the scanner (download link) to check for the exploits that exploit this vulnerability.

A simple web search will give details about this vulnerability.

Download Python version of the scanner;
MasterKey Exploit Scanner

I recommend you to develop Android version of this simple tool to use in your Android mobiles.
Posted by at No comments:
Subscribe to: Posts (Atom)