Install PiHole With SSL On Apache Running Ubuntu Server 20 LTS

This is another quick post to serve as a general note. This post will cover the install of PiHole with SSL on Apache. The guide should work for most Debian-based Linux distributions. We are running PHP7.4 as it’s native to the OS and does not require any PPA addons. You can install PHP8/+ if you like.

Step 1: Bash Into root


1
     sudo bash

Enter your password.

Step 2: Install Apache2


1
     apt-get install apache2 -y

Step 3: Install PHP 7.4


1
2
     apt-get install php -y
     apt-get install php-common php-mysql php-xml php-curl php-cli php-imap php-mbstring php-opcache php-soap php-zip php-intl php-sqlite3 -y

Step 4: Install PiHole


1
     curl -sSL https://install.pi-hole.net | bash

During the course of the install, you will be prompted ~5 times. At the last prompt, you will be asked if you want to install the Lighttpd web server. At this point, you want to select no and complete the install process.

Once completed your PiHole setup should work. and should be accessible via ip/domain.com/admin/

Step 5 Cleanup:

As of today, I have noticed a rare glitch that will cause the folder structure to be odd after the pihole install. This can be easily fixed with the following details.

The default install will create folders like this:


1
2
     pihole folder: /var/www/html/pihole
     admin folder: /var/www/html/admin

Although not a big deal, this causes a problem when trying to access the admin dashboard from the default pihole URL (http://ip/pihole), the link on the page that is supposed to link to the admin page will be broken. At this point, you can update the page link manually in pihole/index.php to forward to the correct URL or you can change/move folders to your liking.

To fix this issue, as root, first we move the folder to the correct directory.


1
     mv /var/www/html/admin /var/www/html/pihole

Second, we update the default pihole root index file links


1
    vim /var/www/www/html/pihole/index.php

We want to edit three lines 77, 81, and 83 to reflect the new URL structure.


1
2
3
4
5
6
7
8
     Line 77:
     <link rel='shortcut icon' href='/pihole/admin/img/favicons/favicon.ico' type='image/x-icon'>

     Line 81:
     <img src='/pihole/admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />

     Line 83:
     <a href='/pihole/admin/'>Did you mean to go to the admin panel?</a>

Once done you can consider the process complete.

Step S: Installing SSL on PiHole:

To keep things classy, if not already, bash into root:


1
     sudo bash

Let’s enable the PHP’s SSL module and make our SSL folder to house our certs.


1
2
     a2enmod ssl
     mkdir /etc/apache2/certs/pihole

Now let’s generate our self-signed cert:


1
     openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/certs/pihole/piholio.key -out /etc/apache2/certs/pihole/piholio.crt

Edit our default SSL virtual hosts config:


1
     vim /etc/apache2/sites-available/default-ssl.conf

Replace lines 32 and 33 with the following lines


1
2
     SSLCertificateFile /etc/apache2/certs/pihole/piholio.crt
     SSLCertificateKeyFile /etc/apache2/certs/pihole/piholio.key

Save and exit.

Next, enable SSL and restart the apache service:


1
     a2ensite default-ssl.conf && systemctl apache2 restart

At this point, you’ve successfully installed PiHole with SSL. We have another issue, by default apache does not reroute to SSL so you will still be able to visit the non-SSL URL. To fix this we need to enable the Rewrite module and enter our conditions into our domain’s virtual host configuration (or .htaccess).

Let’s enable that rewrite module:


1
2
     a2enmod rewrite
     systemctl apache2 restart

Let’s edit our default virtual host file:


1
     vim /etc/apache2/sites-available/000-default.conf

Add the following three lines of code before the </VirtualHost> closing tag. You can replace the * on the second line with your local IP or domain.


1
2
3
     RewriteEngine On
     RewriteCond %{SERVER_NAME} =*
     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Save the file and restart Apache.


1
     systemctl apache2 restart

Your PiHole install should now be “running in SSL”. If anyone viewing my notes has questions feel free to leave a comment.

Install PHP8 on Ubuntu Server 18 & 20 LTS Running Apache

This post is a quick post to serve as a note, don’t expect long explanations of general LAMP stack design concepts. If you encounter any issues feel free to leave a comment below.

Step 1: Bash Into root User


1
2
    sudo bash
    ("sudo -su" if you prefer)

Enter your password to enter the root superuser account.

Step 2: Preparation

As root enter


1
     apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y && apt-get autoremove -y && apt-get autoclean -y

Step 3: Adding PHP8 Repository


1
     apt-get install ca-certificates apt-transport-https software-properties-common -y

Once the command above completes its process:


1
     add-apt-repository ppa:ondrej/php -y && apt-get update -y

Step 4: Installing PHP8


1
     apt-get install php8.0 libapache2-mod-php8.0 -y && systemctl restart apache2

1
     apt-get install php8.0-fpm libapache2-mod-fcgid

Enable default PHP8 FastCGI manager module and config:


1
2
     a2enmod proxy_fcgi setenvif
     a2enconf php8.0-fpm

Restart Apache:


1
systemctl restart apache2

You might need these as well… MySQL, MBString, and MailParse


1
     apt-get install php8.0-mbstring php8.0-mailparse php8.0-mysql php8.0-xml php8.0-zip -y

WordPress Modules


1
     apt-get install php8.0-imagick -y

*****

To get jiggy with it… (installs all PHP modules, typically reserved for DevOps/Sandboxing)


1
     apt-get install php8.0-dev

*****

Once you’re done with installing any additional modules, although not required, it’s recommended you reboot your machine. Let’s do a little cleanup in case something unnecessary (like previous PHP7 packages) was left behind.


1
     apt-get update -y && apt-get upgrade -y && dist-upgrade -y && apt-get autoclean -y && apt-get autoremove -y && reboot

Step 5 (Optional): Additional Caching Modules

Memcached


1
     apt-get install php8.0-memcached

Redis


1
     apt-get install php8.0-redis

ODROID-C2 Headless Ubuntu 20 Image

This is a quick post for anyone who was looking to get a headless image from HardKernal but couldn’t actually find it (It doesn’t exist). This guide will use their hosted image for general security reasons.

Why would you want to do this? If you don’t plan on using it as a desktop. Also, why not save ~100MB of RAM and have an even more stable system.

If you haven’t already you can download the official HardKernal Odroid-C2 Ubuntu Image for your Odroid-C2 here.

Skipping The Install Process…

It’s 2021, I’m not going over the install process. This guide assumes you already have a clean Ubuntu 20 installed (from the OFFICIAL repository) and running on your C2. If your ODROID starts auto-patching security updates as soon as you connect it to your network, let it complete before starting.

(Optional)

You can install whatever ssh server you like for your C2, it will make the process much easier to copy and paste commands.

1
     sudo apt-get install openssh-server -y

Removing Mate

1
     sudo apt-get purge $(dpkg --://www.php.net/list">list | grep MATE | awk '{print $2}')

Once the command above completes, continue removing additional traces left behind

1
2
3
4
5
6
7
     sudo apt-get purge libmate-sensors-applet-plugin0 -y
     && sudo apt-get purge libmateweather-common libmateweather1:amd64 -y
     && sudo apt-get purge mate-accessibility-profiles -y
     && sudo apt-get purge mate-notification-daemon -y
     && sudo apt-get purge mate-notification-daemon-common -y
     && sudo apt-get purge plymouth-theme-ubuntu-mate-logo -y
     && sudo apt-get purge plymouth-theme-ubuntu-mate-text -y

Finally Remove The LightDM “Screen Greeter”

1
     sudo apt-get remove lightdm -y

Additional Apps You Might Want To Remove

This is what I chose to remove, feel free to remove any apps you also wont be using without any desktop GUI.

1
     sudo apt-get remove firefox -y

Finish cleaning up

1
     sudo apt-get autoclean -y && apt-get autoremove -y && reboot

That should pretty much sum up the process, let me know if you encounter any issues.

Northwest Victims Tricked Into Calling Scammers Fake Support Number

There seems to be some hilarious tomfoolery going on where victims are tricked into calling a fake support number via email. The worst part is the scammer’s effort or IQ level, put some effort loser, but I digress. The worst part seems to be it targeting the poor (those experiencing financial hardship if you want to be P.C.) as they would be most likely to panic and call. Beware if you’re lucky enough to fall for it, you are further exploited into giving account details, credit cards numbers, nuclear codes, etc. The scam is some basic sh*t but for the uninitiated, it can spell a bad week or month/s of the recovery process. So the moral of the post is if you get a shady email telling you to thank you for your some unknown purchase from Amazon (or wherever), with a crazy price, support numbers listed in the same email multiple times… I’d probably call it, f*ck it.

No, no, don’t call. Validate the sender’s address, no support email from any big company will come from Gmail or Hotmail, it will come from the companies domain. If you’re still in doubt, don’t panic, do a quick search on Google, look up the company visit the site, look up their support information, and contact them. Don’t be a statistic.

Solving the PHP Warning: fsockopen(): unable to connect (Connection timed out)

If you’ve worked with APIs you’ve probably gotten this error and know how annoying it is. All because the native function never returns any actionable error for its request timing out. The best way to detect if the fsockopen() function request is timing out is to use a error control operator. The idea is to suppress the timeout warning with a @ prefix, so the function only returns true if it completes its cycle/request. You can review the example PHP code below.

1
2
3
4
5
6
7
8
9
10
11
12
    if($fp = @://www.php.net/fsockopen">fsockopen($host, $port, $errno, $errstr, $timeout))
    {  

        return true;
                   
    }
    else
        {
         
            return false;

        }

Issues? leave your questions.

PHP CLI & Terminal Colors

A Simple PHP class for wrapping your console/terminal output text in color. Keep in mind that building a class for such projects will require customization as each terminal emulator will process colors a bit different. For the most part, the colors in this class work with any popular terminal emulator.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
    // Command Line Interface Class
    class CLI
    {

        // this function requires 1 variable, content. The color arguement is optional.
        function cout_color($content, $color=null)
        {
           
            // if a color is set use the color set.
            if(!://www.php.net/empty">empty($color))
            {
                // if our color string is not a numeric value
                if(!://www.php.net/is_numeric">is_numeric($color))
                {
                        //lowercase our string value.
                        $c = strtolower($color);
                   
                }
                else
                    {  
                        // chec if our color value is not empty.
                        if(!://www.php.net/empty">empty($color))
                        {
                           
                            $c = $color;
                       
                        }
                        else
                            {
                                // no color was set so lets pick a random one...
                                $c = rand(1,14);
                               
                            }
                       
                    }
                   
            }
            else    // no color @paramter was passed, so lets pick a random one...
                {
                   
                    $c = rand(1,14);
                               
                }
           
            $cheader = '';
            $cfooter = "\033[0m";
           
            // let check which color code was used so we can then wrap our content.
            switch($c)
            {
                       
                case 1:
                case 'red':
                   
                    // color code header.
                    $cheader .= "\033[31m";

                break;
               
                case 2:
                case 'green':
                   
                    // color code
                    $cheader .= "\033[32m";

                break;

                case 3:
                case 'yellow':
                   
                    // color code
                    $cheader .= "\033[33m";

                break;
               
                case 4:
                case 'blue':
                   
                    // color code
                    $cheader .= "\033[34m";

                break;
               
                case 5:
                case 'magenta':
                   
                    // color code
                    $cheader .= "\033[35m";

                break;
               
                case 6:
                case 'cyan':
                   
                    // color code
                    $cheader .= "\033[36m";

                break;
               
                case 7:
                case 'light grey':
                   
                    // color code
                    $cheader .= "\033[37m";

                break;
               
                case 8:
                case 'dark grey':
                   
                    // color code
                    $cheader .= "\033[90m";

                break;
               
                case 9:
                case 'light red':
                   
                    // color code
                    $cheader .= "\033[91m";

                break;
               
                case 10:
                case 'light green':
                   
                    // color code
                    $cheader .= "\033[92m";

                break;
               
                case 11:
                case 'light yellow':
                   
                    // color code
                    $cheader .= "\033[93m";

                break;
               
                case 12:
                case 'light blue':
                   
                    // color code
                    $cheader .= "\033[94m";

                break;
               
                case 13:
                case 'light magenta':
                   
                    // color code
                    $cheader .= "\033[95m";

                break;
               
                case 14:
                case 'light cyan':
                   
                    // color code
                    $cheader .= "\033[92m";

                break;
               
            }
             
            // wrap our content.
            $content = $cheader.$content.$cfooter;
           
            //return our new content.
            return $content;
           

        }
         
         

    }

Example Usage:

1
2
3
4
5
6
7
8
9
10
    $cli = new CLI();

    // echo a string using the class string color 'red'.
    echo $cli-&gt;cout_color('It Works!', 'red');

    // echo a string using the class color id 1.
    echo $cli-&gt;cout_color('It Works!', 1);

    // echo a string using a random color.
    echo $cli-&gt;cout_color('It Works!');

Add/Remove based on your project requirements.

Propagating The “CryptoCurrency Is An Unstoppable Force” Myth

I am sure you’ve heard that mantra, Bitcoin can’t be stopped. All regurgitated by a handful of those who have to benefit from it going mainstream. So they begin to ramble on about blockchain technology, wallets, nodes, revolution, etc. Yet, they always fail to mention that almost ALL cryptocurrencies rely on the internet being open and accessible. Ask a network engineer if they can block bitcoin traffic, “But, but it can’t be banned!”, ok buddy. It doesn’t necessarily need to be. As I’ve clearly stated in previous posts, what has made a reserve currency a viable option was security but ultimately its accessibility.

While cryptocurrency can offer accessibility, it cannot provide security… yet. Yes, it will work on a Mickey Mouse scale; it even creates an immutable log, cold storage mechanisms bla-bla-bla, so? Aside from cheaper ways to accomplish this, breaking network encryption for a true quantum computer will be like AI beating the first level of Tetris on its own… sinchy.

With the Snowden leaks (Vault 7 etc.), we learned quite a bit about network security at a nation-state level. Governments were actively weaponizing their networks; in some cases, some had already been at it for years. With the disclosure came the fallout; governments began internalizing their networks and software stacks. This also led first-world countries to up their electronic warfare capabilities, specifically EMP technology. An undisclosed EMP weapon was first used on the USS Donald Cook as it traveled through the Black Sea. On April 10, 2014, courtesy of a Russian SU-24, the USS Donald Cook’s entire weapon systems were disabled by a simple fly-by. With this in mind, how many detonations at an atmospheric altitude would it take to disable entire countries’ electronic and power systems? The answer would scare you. Do you know what would happen to metal? Nothing.

Aside from the obvious boring subject of electronic warfare, cyberwar is where all the fun is at. With absolute and unchecked power, like anonymity, cryptocurrency has no chance. When you own or have access to every network and power utility globally, with enough data from both datasets, you can quickly generate an algorithmic model to detect and pinpoint mining across multiple platforms. Just like financial data, your energy footprint says a lot about you. A few significant nodes coming down would cause massive network latency issues. The process could then be further weaponized to cause persistent network fragmentation resulting in wasted network resources and long network transaction times. Oh, but you want to mine a cryptographic network on solar, a cool story… Via satellite? You can’t successfully do it on land, you want to do it wirelessly? Who’s going to protect it? Do you think wireless signals are invisible? Even easier to find and destroy.

Most nation-states, with and who have insatiable budgets, are setting up multiple network sensors across global networks using various cloud providers, if they don’t already, to help map hidden/encrypted traffic—ever heard of supercookies? Imagine what other undisclosed headers/packet injection takes place at an ISP level, for “national security,” of course. They probably already do this for users who get flagged for using VPNs and Tor. It wouldn’t be hard to target central nodes and start causing massive fragmentation and chaos, or better yet, a few controlled power outages, and the men in black show up at your door and take you and all your equipment.

If it can be blocked, why haven’t governments banned Bitcoin then? One Word, Geopolitics. Can they block it? It depends on your definition of “block.” Again, do you have to block it to stop it? So why has no government done anything about it? Currently, governments around the world entertain the idea as it serves as a case study, hedge, and perfect tool to weaken the petro-dollar. No boogie man, no immediately identifiable group to blame, dress up, or call a terrorist, Bitcoin can’t be blamed, vilified, or assassinated. Don’t worry; governments connected with central banks will tell you that Bitcoin and cryptocurrencies are generally bad and contribute to crime. All while they make their own “safe” centralized versions (backdoored) in their dark closets. At the end of the day what ultimately makes Bitcoin bad to government institutions is it can’t be mandated to comply. A Decentralized cryptocurrency doesn’t care about opinion, only consensus.

Why do governments have an incentive to stop any trans-national rogue currency/currencies? Easy, who wants their local economies hijacked and manipulated by unknown foreigners? Kind of like how transnational corporations already do? Most importantly, how will governments fund their illegal freedom wars? This alone is the single greatest threat to government institutions, the ability to tax you arbitrarily. How do you fund any war without its people’s backing? This is why a rouge currency will never be allowed to become a world reserve currency. They will kill the internet, heck, some would say it already is.

Bitcoin is an idea, and if you ever watched V for Vendetta, you know that ideas are indestructible. I’ve always said who gives a rat’s ass about the currency aspect; it’s the protocol that matters. Although Bitcoin currently relies on digital networks, its true potential won’t be viable until two crucial technologies pass. The first and most important will be Quantum Networking, and the second, Zero Point Energy. These two, in conjunction, will make the concept genuinely unstoppable, unhindered by physical network constraints, censorship, and energy consumption.

If you still think Bitcoin today, as a reserve currency has a chance, you need to get off your non-binary unicorn and put the crack pipe down.

New Email Scam Targeting Small-Medium Sized Businesses In The Pacific Northwest

I decided to write a quick post on the topic as I just received one of these new scams and almost fell for it and hopefully can prevent someone else from falling for it. The scam campaign seems to be targeting small-medium sized businesses and may variate in tactics depending on the industry targeted, the email example below is real and should be used as a template for what to look out for.

The prospect, in this case, is also the attacker (a fake prospect), sends a vague email as the one below (this is an actual scam email ):


 

scammer email


It Looks ok, right? Weary of the pdf attachment I scan it for malware or trojan but nothing was detected. I was still weary, being a computer & network security expert I decided to upload it to Google drive (lol) and previewed it there. To my surprise, it actually was a banner design…


fake salf banner


At this point, I was 75% convinced that this was a legitimate prospect. I decided to reply with additional questions required to effectively do the job or at least provide an accurate quote. The next day I received a reply:


scammer reply


After receiving the reply, I took some time to further analyze the entire conversation and began to find problems in his requests such as:

1. His email address, it was a Gmail address, easy to create anonymously.
2. Why is Save A Life Foundation (SALF) making banners for HIV/AIDS?
3. The banners mention sponsors but nothing about the SALF.
4. The banner size is an odd size, not a standard size, and doesn’t mind “any good” size.

Still weary but curious, I decided to go further down the rabbit hole and give them a quote which they then replied:


scam email 3


After I received this response I was convinced it was a scam and decided to do some research.

So SALF is asking me to send banners to a Mexican Address huh? let’s check it out…



Yeah doesn’t look like the Save a Life Foundation unless they’ve downsized and are outsourcing now, it’s obviously not any organization saving lives.

The email midlandshipping@usa.com looks absolutely wrong but somewhat legitimate because of the @usa.com domain behind it, which is why attacker used it. Thinking the attacker had compromised a mail server belonging to the domain, I decided to look at the domain in search for their abuse email so I could notify them of a possible breach with their mail server. Upon my search of the usa.com site, I came upon this on the usa.com site contact page.



So now we see how he was able to get the @usa.com email, it’s completely free.

This experience was annoying because of the time wasted but was good practice. I suggest people research companies who want to send your business requests for quotes and then ask to ship outside the country. Make sure their request makes logical sense, someone asking for something in quantity should be asking for standardized items and should require a standardized transactional process, no special or shady instructions, if it feels wrong don’t do it! In my case, it saved me a few thousand dollars that would have been most likely through a chargeback from a stolen credit card the attacker used.

sihost exe Hard Error Fix, Windows 10 Derp Edition

We noticed that a lot of customer PC’s where coming in with the same problem after installing a Windows update, specifically the April update. After a few hours of troubleshooting, the only conclusion to fixing the problem was creating a USB Windows 10 installation media and reinitiating the update process from the USB media (It will reinstall windows but download everything via USB update instead of the OS). We tried everything (sfc /scannow, dism…) and this was the ONLY solution that worked. So the solution to your broken windows is simply restarting the updating process through a Windows 10 USB installation media, the process should leave all your old files intact and only fix the broken OS, specifically the Administrative/System accounts which is what caused this problem originally.