* You are viewing the archive for the ‘Linux’ Category

Instructions for down or upgrading Ubiquiti (UniFi) USG

Sometimes it doesn’t work upgrading or downgrading via the UniFi Controller GUI. If that is the case, doing it via the CLI is quite safe and should work without any issues.

Below is a step-by-step guide:



  • Download desired firmware (i.e v4.3.23.4913544)
  • Run FileZilla Client
  • Use sftp://yourfwipaddress with Siteusername and Sitepassword (leave Port blank), then Quickconnect
  • Upload the downloaded firmware upgrade.tar to the connected folder
  • Run PuTTY, Terminal (Mac/Linux) or any SSH-client to connect to your firewall
  • Connect using credentials Siteusername and Sitepassword to yourfwipaddress
  • Make sure you are in your homefolder (i.e /home/admin if your Siteusername is Admin)
  • Run sudo syswrapper.sh upgrade upgrade.tar
  • Once fully run device will restart and you will get disconnected from the session
  • Reconnect via browser and fill in … Continue Reading

  • Intel 82579V Gigabit Ethernet Driver for Debian Wheezy

    Apparently, this ethernet device still causes problems to Debian’s “Wheezy” distribution.

    In response to a request I present the pre-compiled kernel module for amd64 only.

    Instructions on how to get this puppy running are still available via this post and the comments below it.

    “Write anywhere” vulnerability in Parallels Confixx

    A proof of concept of a vulnerability in Parallels Confixx 3.3.9 (latest and final version) allowing an attacker to gain full write access (as root) to a UNIX server operating said hosting software.

    Continue Reading

    Apache Range header vulnerability script

    I wrote an upgraded variant of the Apache killer script propagated on Full Disclosure capable of HTTPS requests. Also, other than its descendant, it can follow a server’s initial response for redirection which the original script interprets as the server not being vulnerable.

    Script is available here: [download id=”18″]

    This script merely checks for vulnarabilities but will not exploit them.

    SSH authentication using a client certificate

    Strong passwords are a necessity when it comes to securing almost anything. This article shows how you can go that extra mile to securing access to an OpenSSH enabled server using not passwords but by flashing a badge… Continue Reading

    Intel 82579V Gigabit Ethernet Driver for Debian Squeeze

    To those trying to install the new Debian Squeeze distribution and being owners of an Intel 82579V Gigabit Ethernet adaptor to which appropriate driver files are missing from the installation disks (I tried netinst and KDE-disk1), I present a compiled kernel module for AMD64. Continue Reading