tag:blogger.com,1999:blog-34263087548650542422024-03-14T02:55:40.203-07:00Unchained MysteriesThis Blog is about my thoughts and my research.Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.comBlogger29125tag:blogger.com,1999:blog-3426308754865054242.post-10096048894995517612017-09-28T01:56:00.001-07:002017-09-28T01:56:39.459-07:00Py2Exe<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "courier new" , "courier" , monospace;">A very good utility which might come handy in a pentest is py2exe.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">This is an extension which helps you convert the Python Scripts in to a Windows Executable program and helps you run the same without the Python Installation altogether. But yes you will require Python on the machine where you are using py2exe.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Lets see on one of the scripts that helped me create a exe file to be run on a compromised Windows machine.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">python to exe</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">from distutils.core import setup</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">import py2exe, sys, os</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">sys.argv.append('py2exe')</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">setup(</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> options = {'py2exe': {'bundle_files': 1, 'compressed': True}},</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> windows = [{'script': "windows_test.py"}],</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"> zipfile = None,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Lets look into this closely.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">If you are aware of python programming the first few lines will be easy to understand. It actually calls some of the libraries including the DistUtlis with some of the function calls.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Then we call py2exe so that its functionality can be used to create our executable.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">You will see something called as bundle_files which is used to create single-file executable. There are values that can be used for that as below:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Valid values for bundle_files are:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">3 (default) don't bundle</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">2 bundle everything but the Python interpreter</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">1 bundle everything, including the Python interpreter</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">We also set the zipfile to None so that the files will be bundle within the executable.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">This approach does not require extracting files to a temporary location, which provides much faster program startup.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">I will say that visit their page and i am sure that you will not be disappointed.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">reference:: http://www.py2exe.org/index.cgi/</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">This is pretty useful.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-44706642596138982292017-09-27T22:08:00.002-07:002017-09-27T22:28:14.905-07:00Windows Virtual Machines<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: courier new, courier, monospace;"><span style="background-color: white; font-family: Courier New, Courier, monospace; font-size: 14.85px;">Hmm...Whenever you are in search of vulnerable machines to practice your Hacking Skills, all you get are Linux Machines all around.</span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"><span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;"><br /></span></span>
<span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;">If you are interested to do something on Windows, Microsoft has come to your rescue. They have made available some windows pre-compiled VM's for your practice. You can very well test Microsoft Edge and versions of IE8 through IE11 using these freely available virtual machines which can be downloaded and managed locally.</span></span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"><span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;"><br /></span></span>
<span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;">These are available in the following formats to use in Windows, Linux and Mac running hyper visors including Virtual Box, Vagrant, Hyper-V, VPC, Parallels, and VMware. For Mac Users, one can use The Unarchiver to unzip these files.</span></span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"><span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;"><br /></span></span>
<span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;">You can get these VM's at</span></span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"><span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;"><br /></span></span>
<span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;">https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/</span></span></span><br />
<span style="background-color: white; font-family: Courier New, Courier, monospace;"><span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;"><br /></span></span>
<span style="font-family: courier new, courier, monospace;"><span style="font-size: 14.85px;">Yeah the password to your VM is "Passw0rd!"</span></span></span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-84571031891152804142017-09-08T00:42:00.000-07:002017-09-08T00:42:06.283-07:00When there is nobody Talking To You (TTY)- POST EXPLOITATION<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">Now this is also a very critical place where we see a lot of challenges. One of them is getting an interactive shell on the compromised box but unable to run su or login.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Recently i was in the same place and thanks to the Pentesting-Monkey who has an awesome blog for this one here </span><br />
<span style="font-family: Courier New, Courier, monospace;">(http://pentestmonkey.net/blog/post-exploitation-without-a-tty)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">If you have python installed, we all know about the famous pty.spwan TTY </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">python -c ‘import pty; pty.spawn(“/bin/sh”)’</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">but there are situations where PYTHON is not installed. </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">In such situations when nobody TTY, one should try and start EXPECT in the first place ;)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">(http://en.wikipedia.org/wiki/Expect)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">sh-3.2$ expect sh.exp</span><br />
<span style="font-family: Courier New, Courier, monospace;">spawn sh</span><br />
<span style="font-family: Courier New, Courier, monospace;">sh-3.2$ su -</span><br />
<span style="font-family: Courier New, Courier, monospace;">Password:********</span><br />
<span style="font-family: Courier New, Courier, monospace;">localhost ~ #</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Special Thanks to Mr Pen Test Monkey as always :)</span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-27844346026315698212017-09-08T00:18:00.004-07:002017-09-08T00:18:32.785-07:00XML-RPC- NOTHING FANCY<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">XML-RPC- Nothing fancy about this post but can be a good read..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">This has been in discussion for long on how important is this in the context of worpress security and is the inherent risk is okay to be digested..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism.[1] "XML-RPC" also refers generically to the use of XML for remote procedure call, independently of the specific protocol. This article is about the protocol named "XML-RPC". </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">https://en.wikipedia.org/wiki/XML-RPC</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">There are multiple functionalities that is being used as a part of this XML-RPC.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">XML Remote Procedure Call as it is called as is used for providing powers to many of these features in WordPress:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Like if you want to connect to the website using your smartphone</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">It is used in the context when other sites refer to your site in the form of Trackbacks or pingbacks.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">But with respect to this there are also some security issues that popped up. One of them was Brute Force attacks which was because of one of functionality with respect to the system.multicall as this one allows the user(or attacker) to send multiple request on a single command.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">One very awesome example was showed by Mr Daniel Cid at Sucuri in 2015: He showcased on how to bypass the blocking mechanism and bruteforce the password with some 3 or 4 HTTP request attempts.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">You can read about it here (https://blog.sucuri.net/2015/10/brute-force-amplification-attacks-against-wordpress-xmlrpc.html)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">I know this is typical solution but is also the best way which is to turn the XML-RPC off. One of the ways can be adding a deny tag in your .htaccess file or you can also use the DISABLE XML-RPC plugin by wordpress which can be found here (https://wordpress.org/plugins/disable-xml-rpc/)</span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-359777645139251602017-08-21T04:25:00.003-07:002017-08-21T04:25:38.319-07:00DATASPLOITING<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">I recently decided to get my hands on the famous OSINT tool called as datasploit(https://datasploit.readthedocs.io/en/latest/#overview</span><span style="font-family: "Courier New", Courier, monospace;">)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">I will be posting this as and when i explore a new feature in it. </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The installation is pretty straight Forward and is mentioned in the docs as well.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">here are some of the challenges that you might face. Just install the dependencies and you will be good to go.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Here are the steps</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">root@dragon:/home# git clone</span><br />
<span style="font-family: Courier New, Courier, monospace;">https://github.com/datasploit/datasploit</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">root@</span><span style="font-family: "Courier New", Courier, monospace;">dragon</span><span style="font-family: "Courier New", Courier, monospace;">:/home/#</span><span style="font-family: "Courier New", Courier, monospace;"> </span><span style="font-family: Courier New, Courier, monospace;">sudo apt-get install python-dev</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">root@</span><span style="font-family: "Courier New", Courier, monospace;">dragon</span><span style="font-family: "Courier New", Courier, monospace;">:/home/#</span><span style="font-family: "Courier New", Courier, monospace;"> </span><span style="font-family: Courier New, Courier, monospace;">sudo apt-get install libxml2-dev libxslt1-dev</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">IF these dependencies doesnt help you get started use the below one as well along with the others you installed earlier.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">root@</span><span style="font-family: "Courier New", Courier, monospace;">dragon</span><span style="font-family: "Courier New", Courier, monospace;">:/home/#</span><span style="font-family: "Courier New", Courier, monospace;"> </span><span style="font-family: Courier New, Courier, monospace;">sudo apt-get install build-essential autoconf libtool pkg-config python-opengl python-imaging python-pyrex python-pyside.qtopengl idle-python2.7 qt4-dev-tools qt4-designer libqtgui4 libqtcore4 libqt4-xml libqt4-test libqt4-script libqt4-network libqt4-dbus python-qt4 python-qt4-gl libgle3 python-dev libssl-dev</span><br />
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">root@</span><span style="font-family: "Courier New", Courier, monospace;">dragon</span><span style="font-family: "Courier New", Courier, monospace;">:/home/datasploit#</span><span style="font-family: "Courier New", Courier, monospace;"> </span><span style="font-family: "Courier New", Courier, monospace;">pip install -r requirements.txt</span><br />
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">root@</span><span style="font-family: "Courier New", Courier, monospace;">dragon</span><span style="font-family: "Courier New", Courier, monospace;">:/home/datasploit#</span><span style="font-family: "Courier New", Courier, monospace;"> mv config_sample.py config.py</span><br />
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">root@</span><span style="font-family: "Courier New", Courier, monospace;">dragon</span><span style="font-family: "Courier New", Courier, monospace;">:/home/datasploit# nano config.py</span><br />
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">And here you have to give the API's that you have created. </span><br />
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">I will come back with some other awesome features of this very soon.</span><br />
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-30511751049496166522017-03-22T23:27:00.004-07:002017-03-22T23:27:36.678-07:00hiberfil.sys<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">OMG, I found a file in the root drive in my HDD which is so huge and i don't know what it does..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The files are hiberfil.sys and pagefile.sys. Though there were other files but these were the giant ones and i was really curious to free up my HDD from it.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVvjb7tduHRaY07Dss2qnwmhS2YG0PSKZbT5bnLkZfQlV4E9FQNHGCHysO5cmshzHDALXQBwmqrcRBT6IO0JbJcf18ta-zrFMpbnsHDDbrsvpZbzLD_wO8gGcoNYDnxptJcO4YRdDs0Q/s1600/1.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="80" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVvjb7tduHRaY07Dss2qnwmhS2YG0PSKZbT5bnLkZfQlV4E9FQNHGCHysO5cmshzHDALXQBwmqrcRBT6IO0JbJcf18ta-zrFMpbnsHDDbrsvpZbzLD_wO8gGcoNYDnxptJcO4YRdDs0Q/s640/1.jpeg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">When in Doubt.. Google it:)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">After some googling i found out that the culprit is my habit of hibernating my machine very often.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The file <b>hiberfil.sys</b> was something which actually stores the current state of my machine and by state i mean memory.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Now to delete this file you need to disable the hibernate mode and then probably try deleting it.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Okay so where to disable it. Of course there is a GUI version of the option available. Its a good exercise to find it :):)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Lets do some command line scoring.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">So open a command prompt and mind you that you have to be the obvious guy "The Administrator"</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>powercfg -h off</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhX9pHfPgOvPQjDwGX3oPM0Wpe0cgOPZT1hO7qyKZLqlhSM8qHIBxNcd8q90kbDmC-YXImJYYcNKdboSfmgMcs8ESr1io11wkPbNKtwS7uyNxBf0yt3rmSQGL9x58LkUY9pQOFfMRCPXA/s1600/2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="108" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhX9pHfPgOvPQjDwGX3oPM0Wpe0cgOPZT1hO7qyKZLqlhSM8qHIBxNcd8q90kbDmC-YXImJYYcNKdboSfmgMcs8ESr1io11wkPbNKtwS7uyNxBf0yt3rmSQGL9x58LkUY9pQOFfMRCPXA/s640/2.jpg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">This is the command which will help you disable the hibernation mode. yes you guessed it right. the 'on' switch will help you bring back the same.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Voila the file is gone as soon as you turn this option off.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPAuisAzIPoskdXtNbLeJcxKi8WsohQRhzSPx99WaWf-MNwoPxDufz9y_wgZ0_mwA8YGgHPBgTtuFI1KfA0_rGZg6Z7DiXQ-ybz5WtJLfJcY1le5Gee3eXS9mTxgjWCNN-AiG7zyIxw/s1600/3%252Cjpeg.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="64" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPAuisAzIPoskdXtNbLeJcxKi8WsohQRhzSPx99WaWf-MNwoPxDufz9y_wgZ0_mwA8YGgHPBgTtuFI1KfA0_rGZg6Z7DiXQ-ybz5WtJLfJcY1le5Gee3eXS9mTxgjWCNN-AiG7zyIxw/s640/3%252Cjpeg.jpg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">Enjoy</span><br />
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-14854470877266722092017-02-21T07:56:00.000-08:002017-02-21T08:00:51.125-08:00Offensive Security Certified Professional (OSCP) : A JOURNEY WHICH CANNOT BE FORGOTTEN..<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;">
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<span style="font-family: "courier new", courier, monospace;">When there is a doubt.. GOOGLE :)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<img alt="Offensive Security Certified Professional (OSCP)" height="416" src="https://www.offensive-security.com/wp-content/uploads/2012/01/oscp-certs.png" width="640" /><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">You cannot know on how much excited i am right now writing this review for one of the most prestigious examination of Security Industry. OSCP (Offensive Security Certified Professional)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Whenever I used to read a review I used to ask myself on I am ever going to write one and YES I TRIED HARDER..</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">This has been itching me back from the BACKTRACK days which finally ended in KALI.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Here are some thoughts of mine for this awesome TRANCE JOURNEY :)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">I have been hearing about the Methodologies of PenTesting since the start of my career but came to know about its real importance through the lab environment that was provided as a part of OSCP examination. You will get complete exposure towards various steps like <b>Reconnaissance</b>, <b>Enumeration</b>, <b>Vulnerability Assessment</b>, <b>Exploitation </b>and <b>Reporting</b>.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">And believe me by the end of 1st machine in the labs you will come to know the importance of Information Gathering and why people say that the more you know your target the easier is to attack it.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">You can check out the details about the exam and things <a href="https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/" target="_blank">HERE</a></span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><a href="https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf" target="_blank">HERE</a> is a Link to the Syllabus of the course</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">The course has some awesome data with respect to Kali Environment and basic LINUX scripting and administration along with some cool tools introduction as well. It also mentions about various techniques and methodologies for various phases of a pen test and gives you an awesome feeling on how an attacker actually attacks.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">I was like. Seriously.... Kewwwwwwwwwwwwwlllllll....</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>Here are some pointers from my side:</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">You should concentrate on the following stuff:</span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: "courier new" , "courier" , monospace;">Linux Basic Commands Administration</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">Windows Command Line(<a href="http://www.fuzzysecurity.com/tutorials/16.html" target="_blank">LINK</a>)</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">Linux Command Line (<a href="https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/" target="_blank">LINK</a>)</span></li>
</ul>
<br />
<span style="font-family: "courier new" , "courier" , monospace;">These guys are just amazing.. :)</span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: "courier new" , "courier" , monospace;">OWASP Top 10 (<a href="https://www.owasp.org/index.php/Top_10_2013-Top_10" target="_blank">LINK</a>)</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">Basics of Scripting- Choose your language. Bash or python will be a good choice</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">VulnHub (<a href="https://www.vulnhub.com/" target="_blank">LINK</a>)</span></li>
</ul>
<br />
<span style="font-family: "courier new" , "courier" , monospace;">This is pretty amazing and a good place to start. There are a lot of things to learn on this link for sure :)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">I would say no other certification was able to make me learn and i mean it, it made me learn stuff. And the credit goes to the Awesome LAB ENVIRONMENT. Ofcourse the exam teaches you a lot of stuff as well, one of them being able to perform under pressure.</span><span style="font-family: "courier new" , "courier" , monospace;"> </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Some more links for your access and reference are as below:</span><br />
<br />
<ul style="text-align: left;">
<li><span style="font-family: "courier new" , "courier" , monospace;"><a href="https://www.offensive-security.com/testimonials-and-reviews/">https://www.offensive-security.com/testimonials-and-reviews/</a></span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;"><a href="http://www.offensive-security.com/blog/">http://www.offensive-security.com/blog/</a></span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;"><a href="https://www.offensive-security.com/information-security-training/penetration-testing-training-kali-linux/">https://www.offensive-security.com/information-security-training/penetration-testing-training-kali-linux/</a></span></li>
</ul>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">And i totally was addicted to this website throughout my whole OSCP journey. Sometimes scared, sometimes demotivated and sometimes very motivated.. This link has it all</span></div>
<div>
<ul style="text-align: left;">
<li><span style="font-family: "courier new" , "courier" , monospace;"><a href="https://localhost.exposed/">https://localhost.exposed/</a></span></li>
</ul>
</div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">I will keep on adding whenever i have time :)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">P.S: Don't forget to jazz up your playlist of your favorite music. It is very important :):)</span><br />
<br /></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-66323792576570179342017-02-20T07:16:00.002-08:002017-02-20T07:18:35.832-08:00HTTP HEADER Analysis via getheader utility..<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "courier new" , "courier" , monospace;">I love this one in my arsenal. You can get more details <a href="https://httphacker.github.io/gethead/" target="_blank">HERE</a></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">The tool is given to us by Mr Nathan (<a href="https://twitter.com/httphacker" target="_blank">@httphacker</a>) .</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">WHAT IS IT ??</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">It is a cool python script. Oh did i say PYTHON. Ah man i love this snakey language.</span><br />
<ul style="text-align: left;">
<li><span style="font-family: "courier new" , "courier" , monospace;">It is a HTTP header analysis vulnerability tool. </span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">It is automated in nature</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">It identifies security Vulnerabilities</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">It identifies lack of protection in HTTP headers</span></li>
</ul>
<span style="font-family: "courier new" , "courier" , monospace;">Okay so lets do some command exercise...</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">To download just clone it from git repository as below:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>git clone https://github.com/httphacker/gethead.git</b></span><br />
<div>
<br /></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Make sure you have Python installed.</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">You will see a file called as gethead.py. Now it is as easy to run any python program which is </span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><b>python gethead.py http://<URL></b></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Lets see how the results look like. I have done a couple of them here as shown in screen shots:</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIQuN2c56dIwXctWO2UqWZ6kZOksewd7MlFM1yopjNbkwS3QewVjxt0pfjY726Var6MlIgeG60q-yjA7_n1X-fxooanHRuKaoBAxwEXIPrC28x0l4N99KAfoag17KfkJUwn_JJ-MBybw/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="396" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIQuN2c56dIwXctWO2UqWZ6kZOksewd7MlFM1yopjNbkwS3QewVjxt0pfjY726Var6MlIgeG60q-yjA7_n1X-fxooanHRuKaoBAxwEXIPrC28x0l4N99KAfoag17KfkJUwn_JJ-MBybw/s640/1.png" width="640" /></a></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">This is such a cool tool. The source code is at your use and you can play around with it as per your requirements. You can add or edit or delete and make appropriate use of the same as per your need. :):)</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Unfortunately there has no more work done after the 0.1 version. I am waiting eagerly for its upgraded features for sure. Are you ?</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Let me know via comments if you guys made any changes to find any new issues or vulnerabilities.</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><b>Happy HUNTING:)</b></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-51488118300921917272017-02-19T06:21:00.001-08:002017-02-19T06:25:54.687-08:00WAF ByPASS Trick-- SIMPLE and SWEET<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "courier new" , "courier" , monospace;">This post originates from the BLOG of Mr Haddix (Link <a href="https://community.hpe.com/t5/Protect-Your-Assets/Bypassing-web-application-firewalls-using-HTTP-headers/ba-p/6418366#.WKlv4Tt95PZ" target="_blank">HERE</a>) which is one of the most interesting hacks i have seen. Simple and Sweet</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">WAF- Web Application Firewall(<a href="https://www.owasp.org/index.php/Web_Application_Firewall" target="_blank">OWASP Definition</a>)or (<a href="https://en.wikipedia.org/wiki/Web_application_firewall" target="_blank">Wiki Definition</a>)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">It is a very awesome strategy for the DID (Defense in Depth) Model as they offer a great means of keeping the malicious data outside the boundary's of the Web Application but are of course not a substitute for the flaw in the application.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">The industry has adopted WAF in a significant manner and Pen Testers encounter them very often in their tests.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Usually the WAF is placed before the WebServer so that the malicious traffic is sorted out before it can reach the application asset.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br />There are a couple of ways in which we can identify the existence of a WAF. One of the ways can be checking out a cookie as some WAF's add their own cookie in the communication.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Another method can be examining the HTTP headers as WAFs may make the header to be changed or re-written.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">There may also be a possibility of a WAF if the sessions are expiring very quickly.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Sometimes we end up getting the bad characters as well which might be an indication of a WAF.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Also there are a couple of automated tools which gives us some indication for WAF.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">One such tool is called as WAFWOOF. Nmap our favorite also has a script which can be called via the NSE engine to check the presence of a WAF.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">You can also look into the following blog for more details on detection</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">(http://foxtrot7security.blogspot.in/2012/01/real-world-waf-detection-and-bypass.html</span><span style="font-family: "courier new" , "courier" , monospace;">)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Now lets look into on how can we evade this evil boy.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Usually we use the payloads in encoded format to evade the rules of WAF but gone were those days (still it works for a couple of them).</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">One of the other ways is described below but before that lets look on why this thing actually works.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Ideally the WAF should look for a proper lookup into the originating or incoming request the WAF sometimes if not configured properly keeps on looking on to the request HTTP Headers. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">If it does so we have a lot of headers in control that we can take advantage of like:</span><br />
<ul style="text-align: left;">
<li><span style="font-family: "courier new" , "courier" , monospace;">X-forwarded-for</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">X-remote-IP</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">X-originating-IP</span></li>
<li><span style="font-family: "courier new" , "courier" , monospace;">x-remote-addr</span></li>
</ul>
<span style="font-family: "courier new" , "courier" , monospace;">So here we are going to fool the WAF to believe that the request was from itself by adding the following request header and pointing it to localhost.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">GET /?login.aspx HTTP/1.1</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Host: 192.168.56.104</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:48.0) Gecko/20100101 Firefox/48.0</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">X-originating-IP: 127.0.0.1</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Accept-Language: en-US,en;q=0.5</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Accept-Encoding: gzip, deflate</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Connection: keep-alive</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Upgrade-Insecure-Requests: 1</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">There are various things that we can play around with the use of these headers. I love this image from <a href="https://twitter.com/Jhaddix" target="_blank">@Jhaddix</a></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxnJg_qCg39PJqasSpms4GEKBBbuZTIBVDW0Q8Q8xn-xOfUK_zQCvBt7-jhVWXhdhn8nUh7IHvfX9gEaIfnykfKjTIdK3Oz_RmwROq1jR1TqlMNNf-T8TTFPZ5MO7ZCXN6v_wknaKKBg/s1600/haddix.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="248" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxnJg_qCg39PJqasSpms4GEKBBbuZTIBVDW0Q8Q8xn-xOfUK_zQCvBt7-jhVWXhdhn8nUh7IHvfX9gEaIfnykfKjTIdK3Oz_RmwROq1jR1TqlMNNf-T8TTFPZ5MO7ZCXN6v_wknaKKBg/s640/haddix.png" width="640" /></a></div>
<br />
<span style="font-family: "courier new", courier, monospace;">Now lets see on how can this be automated via BURP(mostly everybodys fav proxy)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Open up BURP proxy and navigate to the <b>PROXY </b>tab.Click on the <b>OPTIONS </b>tab and scroll down to the <b>MATCH and REPLACE</b> section.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Here we are going to add some rules for our mission.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Click on Add and you will get a window asking some options. Give the details as:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">In the TYPE section choose REQUEST HEADER</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">In the REPLACE section write the header you want to use</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">In the comment section write some comments significant to the rule</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Click OK and you are good to go.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Refer the screenshot below.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqN0KXZacEQRegufDjkM2UggAbmV7_IqryW87YNJnGEgY8ngFi6FVgcnUfuGLxpsJse56LfWsw8Yn6lL0DI9sKVYLnBzptawl4KLZamQMm74PSyvWHB992CJeUEhpVU56WaRLXjjCdnQ/s1600/burp.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="512" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqN0KXZacEQRegufDjkM2UggAbmV7_IqryW87YNJnGEgY8ngFi6FVgcnUfuGLxpsJse56LfWsw8Yn6lL0DI9sKVYLnBzptawl4KLZamQMm74PSyvWHB992CJeUEhpVU56WaRLXjjCdnQ/s640/burp.png" width="640" /></a></div>
<br />
<span style="font-family: "courier new", courier, monospace;">Once added just enable the same by checking the check box next to your rule as shown below and VOILAA you are good to go :)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEis22HPrDj1_7i1IkyMK5BE5LJ3Ie9irw9Oy9y1nnRvddlNlWR6Ului2rjfA3ENDOCDmfFsxWt1f94dfpgFraiYMvwYsS5UJSqYUcRGtG8IrjoRG1GbJkFAHmlLtk03InJdFgTpGEmlwg/s1600/burp-2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="418" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEis22HPrDj1_7i1IkyMK5BE5LJ3Ie9irw9Oy9y1nnRvddlNlWR6Ului2rjfA3ENDOCDmfFsxWt1f94dfpgFraiYMvwYsS5UJSqYUcRGtG8IrjoRG1GbJkFAHmlLtk03InJdFgTpGEmlwg/s640/burp-2.png" width="640" /></a></div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span><span style="font-family: "courier new" , "courier" , monospace;">HAPPY HUNTING :)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-18713991467336536172017-02-19T02:21:00.000-08:002017-02-19T02:21:53.325-08:00http://www.phrack.org/archives/issues/7/3.txt<div dir="ltr" style="text-align: left;" trbidi="on">
A mesmerizing Write up way from 1986</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-54246918229241336332017-02-19T01:27:00.001-08:002017-02-19T01:36:36.183-08:00#ACKIM by Nullcon<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace;">Every year before one of the largest Security Conference of India NullCon, the nullcon team hosts a CTF. One of the most interesting challenges which is worth participating.</span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace;">IT's FREE of COST</span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace;"><br />This particular blog is for the first of the challenge of web applications called as WEB100</span></div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">This one i think was the most easiest for the ones atleast who are music lovers..</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Chris Martin was the Hint..</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">For those who don't know him..</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">https://en.wikipedia.org/wiki/Chris_Martin</span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">Will strongly suggest to know him through his outstanding songs.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWKm27SPj31Sqtg7NSrwwWIr0m5OKRs5W82xD_hZVxQmZaFjcgu9gYlAyrABM8SZOcQEbP792hXXYEo2IPFr46RI9ZJMncDVhL4pgrQE7_Z_yxsciIH6L4PSs8MQHBpCnzdVnemrHRuA/s1600/5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="542" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWKm27SPj31Sqtg7NSrwwWIr0m5OKRs5W82xD_hZVxQmZaFjcgu9gYlAyrABM8SZOcQEbP792hXXYEo2IPFr46RI9ZJMncDVhL4pgrQE7_Z_yxsciIH6L4PSs8MQHBpCnzdVnemrHRuA/s640/5.png" width="640" /></a></div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">It gave us a small hint on trying the same as user name and password.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>user: chris</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b>password:martin</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Oops My IP is locked. Somebody is watching..Hmm</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">View Source was my next weapon. Woooo i got something.. Looks like Base 64. Is it...Oh yeah it is.. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>MmI0YjAzN2ZkMWYzMDM3NWU1Y2Q4NzE0NDhiNWI5NWM=</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPXns_mP6UnCV7CjTWHtZ_mlG_nkGBo12G4ei6ZWqIm664K-Iiv1phfDb76x0IuJuC7wjA3w-d1z5wzoUYQ3q4R9GARdPv-LyNybOJamxPoSpq16iciZIGWo2rAa7ikH4q0qZjqVja1Q/s1600/3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="66" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPXns_mP6UnCV7CjTWHtZ_mlG_nkGBo12G4ei6ZWqIm664K-Iiv1phfDb76x0IuJuC7wjA3w-d1z5wzoUYQ3q4R9GARdPv-LyNybOJamxPoSpq16iciZIGWo2rAa7ikH4q0qZjqVja1Q/s640/3.png" width="640" /></a></div>
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>curl -w http://54.152.19.210/web100/</b> gives the same result.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Decoded the same. Sample command is </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>echo "YOUR STRING" | base64 -d</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguwg-19SrIhRHp7j5NvJgu3yWeMPIoeShhX8nULvOiegOA7Z_DDLz6CS33s6vAvuYueLwaN5Myxkbtva4NONtjokNQV9BvdQ7xCUhwiakCyhkb6A0j3ldRE1Pc0WebtsFvWBJw7OG1Pw/s1600/2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="68" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguwg-19SrIhRHp7j5NvJgu3yWeMPIoeShhX8nULvOiegOA7Z_DDLz6CS33s6vAvuYueLwaN5Myxkbtva4NONtjokNQV9BvdQ7xCUhwiakCyhkb6A0j3ldRE1Pc0WebtsFvWBJw7OG1Pw/s640/2.png" width="640" /></a></div>
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<b style="font-family: "Courier New", Courier, monospace;">echo "MmI0YjAzN2ZkMWYzMDM3NWU1Y2Q4NzE0NDhiNWI5NWM=" | base64 -d</b><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>2b4b037fd1f30375e5cd871448b5b95c</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Now there are two ways to crack this. One is to identify the kind of string it is and then see if it can be cracked.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitGTeEaBxAiaisRXOfGESt8iZwc0quu8B4LEUam7LkTc66TwwYlIayU7xxMv50-ePEaeq-wKCTBwEOQFvWWIauwKL5BZmlWjyAaj9imZ-kKnEJnQ7h5c_dlcwHp659rY4jOU1KgoJDnA/s1600/4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="66" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitGTeEaBxAiaisRXOfGESt8iZwc0quu8B4LEUam7LkTc66TwwYlIayU7xxMv50-ePEaeq-wKCTBwEOQFvWWIauwKL5BZmlWjyAaj9imZ-kKnEJnQ7h5c_dlcwHp659rY4jOU1KgoJDnA/s640/4.png" width="640" /></a></div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">The second one is easiest. Google :)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">I was lucky and got a couple of good results.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">With username and password as below gave us the flag:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>username:coldplay</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b>password:paradise</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>Wait, there was another </b></span><span style="font-family: courier new, courier, monospace;"><b>hindrance. Ah WAF again....Gosh..</b></span><br />
<span style="font-family: courier new, courier, monospace;"><b><br /></b></span>
<span style="font-family: courier new, courier, monospace;"><b>To bypass the WAF change the X-Forwarded-For header to 127.0.0.1. Ofcourse Martin has to come home...</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiORC5ohjUjmxnGem4wEw_inljlW68ZUIEhHYF3SALqrZ3OACbxUM1sVEPD7zCL59y5yAqNiHTBSehFgi8E3spuSfpjPod2WwhUJfJmjatp_t5iypqbtd94HzlRQeibEleRZZVPUMfWag/s1600/1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="378" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiORC5ohjUjmxnGem4wEw_inljlW68ZUIEhHYF3SALqrZ3OACbxUM1sVEPD7zCL59y5yAqNiHTBSehFgi8E3spuSfpjPod2WwhUJfJmjatp_t5iypqbtd94HzlRQeibEleRZZVPUMfWag/s640/1.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "courier new" , "courier" , monospace; text-align: left;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "courier new" , "courier" , monospace; text-align: left;">Yeahhh it is paradise....</span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "courier new" , "courier" , monospace; text-align: left;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIlzop3Dcmqb2rvK2CO_HGS4P4xxHPbsW92E980dFCHD8KICsGaU9p4i7ToKC3zIDBrvdwPqK6vY_XW1xCHDGPF7cMeoKtzXxgkPEAkFOpEDSCfHkjPTatj_TlHf6-PK21CEHQMSCzRw/s1600/coldplay-paradise-still.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="350" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIlzop3Dcmqb2rvK2CO_HGS4P4xxHPbsW92E980dFCHD8KICsGaU9p4i7ToKC3zIDBrvdwPqK6vY_XW1xCHDGPF7cMeoKtzXxgkPEAkFOpEDSCfHkjPTatj_TlHf6-PK21CEHQMSCzRw/s640/coldplay-paradise-still.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "courier new" , "courier" , monospace; text-align: left;"><br /></span></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-57417964666916801972015-09-10T02:58:00.000-07:002015-09-10T02:58:59.266-07:00Installing Virtualbox guest additions in KALI LINUX (1.x-2.0)<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">Installing Virtualbox guest additions in KALI LINUX (1.x-2.0):</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The first and foremost starting with this do an update:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><b>apt-get update</b></span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><b><br /></b></span>
<span style="font-family: 'Courier New', Courier, monospace;">Recheck on your source file:</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">You can access your source file at<b> /etc/apt/source.list</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>cat </b></span><b style="font-family: 'Courier New', Courier, monospace;">/etc/apt/source.list</b><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>deb http://http.kali.org/kali kali main contrib non-free</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>deb http://security.kali.org/kali-security kali/updates main contrib non-free</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>deb http://http.kali.org/kali sana main non-free contrib</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>deb http://security.kali.org/kali-security/ sana/updates main contrib non-free</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">Probabilities are there that you will not find the below lines:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>deb http://http.kali.org/kali kali main contrib non-free</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>deb http://security.kali.org/kali-security kali/updates main contrib non-free</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">If not kindly add them <b>(Source: g0tmi1k (</b><span style="background-color: white; color: #006621; font-size: 14px; line-height: 16px; white-space: nowrap;">https://twitter.com/</span><b style="background-color: white; color: #006621; font-size: 14px; line-height: 16px; white-space: nowrap;">g0tmilk</b></span><b style="font-family: 'Courier New', Courier, monospace;">))</b><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<span style="font-family: 'Courier New', Courier, monospace;">You will have to require to do an update if you have edited your source file.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<b><span style="font-family: Courier New, Courier, monospace;">apt-get update</span></b><br />
<b><span style="font-family: Courier New, Courier, monospace;"><br /></span></b>
<span style="font-family: Courier New, Courier, monospace;">Next installing linux headers:</span><br />
<b><span style="font-family: Courier New, Courier, monospace;"><br /></span></b>
<b><span style="font-family: 'Courier New', Courier, monospace;">apt-get install -y linux-headers-$(uname -r)</span></b><br />
<b><span style="font-family: 'Courier New', Courier, monospace;"><br /></span></b>
<b><span style="font-family: 'Courier New', Courier, monospace;">or you can combine the above two commands with an && operator:</span></b><br />
<b><span style="font-family: 'Courier New', Courier, monospace;"><br /></span></b>
<b><span style="font-family: Courier New, Courier, monospace;">apt-get update </span><span style="font-family: 'Courier New', Courier, monospace;">&& </span></b><b><span style="font-family: 'Courier New', Courier, monospace;">apt-get install -y linux-headers-$(uname -r)</span></b><br />
<b><span style="font-family: 'Courier New', Courier, monospace;"><br /></span></b>
<span style="font-family: 'Courier New', Courier, monospace;">Next is attaching </span><span style="font-family: 'Courier New', Courier, monospace;">the “Guest Additions” CD-ROM image. Select “Devices” from the VirtualBox menu and then select “Install Guest Additions”. This will mount the Guest Additions ISO in the virtual CD drive in your Kali Linux virtual machine. When prompted to autorun the CD, click the Cancel button.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;">Now call your friend <b>THE TERMINAL</b></span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">Search for a file in the cdrom and copy the <b>VBoxLinuxAdditions.run </b>to some local path on your system . I have copied it to root folder.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>cp /media/cdrom/VBoxLinuxAdditions.run /root/</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">Change the permissions on the file to make it executable.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>chmod 755 /root/VBoxLinuxAdditions.run</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">Go to the location where you have copied the </span><span style="font-family: 'Courier New', Courier, monospace;">VBoxLinuxAdditions.run file and run it. Below are the commands that can help you if you are stuck anywhere. :)</span><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<b style="font-family: 'Courier New', Courier, monospace;">cd /root</b><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<span style="font-family: Courier New, Courier, monospace;"><b>./VBoxLinuxAdditions.run</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Final step is to reboot the machine and Tada.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>reboot</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">You have the guest additions installed and can use full screen and full mouse integrations kinda stuff. I know it is not rocket science but this additions will be very helpful.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-22372143429162395422015-08-18T02:28:00.002-07:002015-08-18T02:28:45.926-07:00<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;"><b>VENOM--</b> </span><span style="background-color: white; color: #333333; font-size: 16px; line-height: 24.7999992370605px;"><span style="font-family: Courier New, Courier, monospace;">Virtualized Environment Neglected Operations Manipulation</span></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Another one in the wild. This years one of the biggest vulnerabilities till now but not as big as Heartbleed in the past year. This has impacted a lot of people including the corporate's and end users.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">In layman terms it can be stated as the vulnerability which is present in Virtual Floppy disc controller (FDC)code in the Hyper-visor package called as QEMU . The FDC was added in the QEMU codebase as a functionality in 2004 </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">This code is used in a lot of other hyper-visor packages like KVM and XEN etc...</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">As a matter of fact this virtual floppy drive is added to any newly created VM by default and irrespective of the administrator disabling this feature, an unrelated bug causes the FDC buggy code to still remain active and exploitable by attackers.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>NORMAL FUNCTIONING--</b>In the normal functioning the guest operating system communicates with the FDC by sending commands such as seek, read, write, format, etc. to the FDC’s input/output port. The QEMU’s virtual FDC uses a fixed buffer size for storing these commands and their associated data parameters. On the other hand t</span><span style="font-family: 'Courier New', Courier, monospace;">he FDC keeps track of how much data to expect for each command and, after all expected data for a given command is received from the guest system, the FDC executes the command and clears the buffer for the next command.</span><span style="font-family: 'Courier New', Courier, monospace;">This buffer reset is performed immediately at the completion of processing for all FDC commands, except for two of the defined commands. </span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><b>Here comes the twist--</b>An attacker can send these defined commands with specially crafted parameter data from the guest system to the FDC to overflow the data buffer and execute arbitrary code in the context of the host’s hypervisor process.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><b>Impact-- </b></span><span style="font-family: 'Courier New', Courier, monospace;">This FDC allows the VM to communicate with the underlying host and acts as a FLoppy Disc driver. This buffer overflow within the FDC can let the attacker access other VMs present in the hypervisor. </span><span style="font-family: Courier New, Courier, monospace;">They can also access the underlying hardware and use that to access other systems on the Hypervisor network. This is a serious threat for any kind of access to PII, corporate Intellectual property, not to mention the end users who rely on these kind of environments.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><b>Note:</b>the attacker or the attackers malicious code would require root or administrative privileges in the guest OS in order to run his exploit code.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;"><b>Patches-- </b> There are a couple of them which is out including Debian , red hat etc..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">If you have control over the environment you can try using </span><span style="font-family: 'Courier New', Courier, monospace;">SELinux which can be used to control access on these kind of resources.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;">Also access control on Virtual Environment can give you some relief for the time being.</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">If you dont have control over the environment::don't forget to contact your respective Vendors:):)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Dont forget to visit http://venom.crowdstrike.com/. They have created a super diagram to explain the buggy VENOM... :)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;">References: </span><u style="font-family: 'Courier New', Courier, monospace;">http://venom.crowdstrike.com/</u></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-89245286808808432262015-08-18T02:28:00.001-07:002015-08-18T02:28:13.180-07:00IAST- A new approach for Application security testing<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">Application Security has been one of the most important aspect of the whole of the Security domain because of the easy accessibility of the resources thereby increasing the threat and attack vectors along the decade.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">To make the applications more robust and strong the developers/testers/security testers on the other hand as well have made several efforts to minimize the vulnerable points and make the application more secure.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">There were many approaches for testing the application for vulnerabilities. SAST and DAST approach are two known and successful testing procedures which has been followed but both of them have their separate markets and separate pros and cons.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">There were talks for combining these two approaches to get the maximum use of them and provide more robust scenarios. This is how IAST approach came into picture.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">IAST== DAST+SAST</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The approach IAST takes is to start analyzing the application from within as it runs. You can compare it to be like a SECURITY DEBUGGER which looks into code execution in memory, file system access, web service calls, database queries,input validation etc and analyzes whether these events or calls are vulnerable or not which in a way covers all of the run time requests, data-flow, control flow etc..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">IAST is further subdivided into two on the basis on how it analyses the problems.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">One is <b>Active </b>and the other is <b>Passive</b>.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Passive on the other side is just looking into the application for vulnerable points at run time.False positive ratio is a little higher in this approach as it is very similar to the other testing procedures.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">IN active IAST we simulate a really attack scenario on the application by sending malicious traffic and then monitor whether this traffic induces any kind of vulnerable situation. Yes it is very much dependent on the richness of the malicious traffic.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">With this approach the analysis of the vulnerability and narrowing down to the exact problem becomes easy and accurate.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;">The toughest part is the implementing of an IAST as it is complicated than the others. It involves an installation of agents in a strategic way so that the scope is well covered. These agents provide the data to the main server for the analysis. It can also be thought like dividing the whole infra into two wherein one part simulates the malicious traffic and the other monitor and analyzes </span><span style="font-family: Courier New, Courier, monospace;">it.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">It does have a lot of advantages like more code coverage, completely automated etc but there are challenges as well which involves on the analysis and instrumentation part.</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">Do google on this approach and let me know your thoughts :)</span><br />
<br />
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-46472937144903600342015-08-12T03:09:00.001-07:002017-02-19T06:37:28.497-08:00Setting up a DHCP server for your Virtual Lab in Virtual Box<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "courier new" , "courier" , monospace;">This is an awesome trick to set up a DHCP server with the virtual lab that you have created for yourself.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>Requirement:</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Virtual Box Software (https://www.virtualbox.org/)</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Once you have installed the Virtual Box install the operating systems you like. For eg BT or Kali, Metasploitable, XP, Win7 etc.Now let us run into Configuring the Virtual Box Network.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;">Click on <b>Network</b>.</span><br />
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;"><b>Adapter 1</b> should be set to NAT to ensure any kind of internet
connectivity for updating of the tool etc.</span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;"><b>Adapter 2</b> should be set to internal Network thereby providing it a name of nay choice. In this case we have named it as INTERNAL-NETWORK.</span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;">Please note that for all other VMs that you will be creating, you
have to choose ADAPTER 1 and then internal network and name of each should be </span><span style="font-family: "courier new" , "courier" , monospace; text-indent: -24px;">INTERNAL-NETWORK</span><span style="font-family: "courier new" , "courier" , monospace; text-indent: -0.25in;">.</span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: "courier new" , "courier" , monospace;"><b>Configuring the DHCP in Virtual BOX:</b></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: "courier new" , "courier" , monospace;"> For
communicating on all the Virtual machine we will set up a DHCP server and help
them communicate with each other. Follow the instructions for the same:<o:p></o:p></span></span></div>
<br />
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: "courier new" , "courier" , monospace;">Open CMD prompt and change directory to
installation directory. For me on my windows machine it is:</span></span></div>
<div class="MsoNormal">
<br />
<span style="font-family: Courier New, Courier, monospace;"><b>C:\Program Files\Oracle\VirtualBox></b></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: "courier new" , "courier" , monospace;"></span></span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace;"><b><br /></b></span></div>
<div class="MsoNormal">
<span style="font-family: "courier new" , "courier" , monospace;">Once navigated run:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><b>VBoxManage dhcpserver add --netname INTERNAL-NETWORK --ip 192.168.99.100 --netmask 255.255.255.0 --lowerip 192.168.99.101 --upperip 192.168.99.150 –enable</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzUkdLQvgs2jCy_Yt_OyQx0bw5W66WFh0_wmkadbcDyUI0ppUmPGh4NT3-xMB49Nopo9hlLHHncRE7NbVKsRFAzROwRErat46G9roxlxQbzjnbvpuOnXGpx4gM3v6CZVmNpDKqD8uvgw/s1600/1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzUkdLQvgs2jCy_Yt_OyQx0bw5W66WFh0_wmkadbcDyUI0ppUmPGh4NT3-xMB49Nopo9hlLHHncRE7NbVKsRFAzROwRErat46G9roxlxQbzjnbvpuOnXGpx4gM3v6CZVmNpDKqD8uvgw/s640/1.jpg" width="640" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<span style="font-family: "courier new" , "courier" , monospace;">This feature is very much available in the GUI as well.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">I would suggest you to navigate to this utility called as VBOXMANAGE to explore its power.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Boot the BACKTRACK (or Kali whatever you have) Machine.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Check for the IP of Backtrack with the command <b>ifconfig.</b></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;">Check the DHCP interface by typing the command <b>dhclient “intf”</b> for the internal network interface.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrS5qTCVMV8ADjTBFCljA1zIgHj6tRjyWjVpMjBBpK_LCZluWpxHxXQs3kPqcoCLzDB3A2fZL4BawAqH7cNEn0gaPfUHkAPKfi_8ojXXsh0CGUbsWFhcdb4feEMwWgpyuHj-7FAFQUDg/s1600/2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="288" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrS5qTCVMV8ADjTBFCljA1zIgHj6tRjyWjVpMjBBpK_LCZluWpxHxXQs3kPqcoCLzDB3A2fZL4BawAqH7cNEn0gaPfUHkAPKfi_8ojXXsh0CGUbsWFhcdb4feEMwWgpyuHj-7FAFQUDg/s640/2.jpg" width="640" /></a></div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Then boot the other machines and check for the IP addresses to cross confirm. Ping each of the machines from and to each other to ensure connectivity.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Happy Hunting:)</span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-11797889952905350912015-08-12T02:49:00.001-07:002015-08-12T02:50:03.474-07:00Installing GIT in Linux<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: 'Courier New', Courier, monospace;">Git is an open-source revision control system which is very famous and used by a lot of software packages.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">This is really a simple blog and actually it doesnt make any sense to write something like this but bare with me ;)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The latest version available is Git 2.4.0. This version has come up with a lot of changes and fixes including fixes for performance optimizations and code clean-ups.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Adding the PPA (Personal Package Archives</span><span style="font-family: 'Courier New', Courier, monospace;">) to your system.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">*Note: The PPA's are provided by the community and there are risks which comes along with it. Be cautious when using PPA's. </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo add-apt-repository ppa:git-core/ppa</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: 'Courier New', Courier, monospace;">Updating the local repository index</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo apt-get update</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">Note for removing the PPA you have to remove it from <b>/etc/apt/sources.list.d</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">There can be a possibility that you will get an error that </span><span style="font-family: 'Courier New', Courier, monospace;">add-apt-repository does not exist.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;">For these kind of situations install the following:</span><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<b><span style="font-family: Courier New, Courier, monospace;">$ sudo apt-get install python-software-properties</span></b><br />
<b><span style="font-family: Courier New, Courier, monospace;"><br /></span></b>
<b><span style="font-family: Courier New, Courier, monospace;">$ sudo apt-get install software-properties-common</span></b><br />
<b><span style="font-family: Courier New, Courier, monospace;"><br /></span></b>
<b><span style="font-family: Courier New, Courier, monospace;">Finally installing the GIT</span></b><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Installing Git</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo apt-get install git</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>Happy researching :)</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>I would also like to share some good links that i found useful understanding the concepts.</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>READING:</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>http://askubuntu.com/questions/35629/are-ppas-safe-to-add-to-my-system-and-what-are-some-red-flags-to-watch-out</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>Repositories in Ubuntu: https://help.ubuntu.com/community/Repositories/Ubuntu</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>Software management: https://help.ubuntu.com/community/SoftwareManagement</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b></b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>Repositories and the command line: https://help.ubuntu.com/community/Repositories/CommandLine</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-56167997823960412822015-07-29T03:00:00.002-07:002015-07-29T03:00:44.528-07:00APT- Trouble Shooting (gap intentional)<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">These kind of errors are more often seen when ever you are trying to install a new software in your Linux machine.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>ERROR:::::</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>Reading package lists... Error!</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>E: Dynamic MMap ran out of room. Please increase the size of APT::Cache-Limit. Current value: 25165824. (man 5 apt.conf)</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>E: Error occurred while processing libradsec0 (NewVersion1)</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>E: Problem with MergeList /var/lib/apt/lists/http.kali.org_kali_dists_kali-dev_main_binary-i386_Packages</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>W: Unable to munmap</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>E: The package lists or status file could not be parsed or opened.</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Here is the solution that worked for me on <b>Backtrack 5 R2</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>Linux bt 3.2.6 i686 GNU/Linux</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Add the following line to the file <b>70debconf </b>which can be found under <b>/etc/apt/apt.conf.d</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">You can do the same by the following commands..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>cd /etc/apt/apt.conf.d</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Open the file in your favorite editor</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>nano 70debconf</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">And then add the following line</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>APT::Cache-Limit "100000000";</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Don't forget to do the last step of putting salt to your food ;)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>sudo apt-get clean && sudo apt-get update --fix-missing</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">With this there are some other commands as well that will come handy..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>apt-get autoclean</b>--- This command removes the .deb files for all the packages that are no longer installed on your system.</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">Now you can also remove these files from the location </span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>/var/cache/apt/archives</b>.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">And yes it gives you a lot of space.</span><br />
<span style="font-family: Courier New, Courier, monospace;">You can correlate this when you delete the %temp% files from your windows system. ;) (I know it is a bad example)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Similarly the command <b>apt-get clean</b> (that is used in the example above)removes all packages from the package cache.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">If you are too much into Ubuntu and want to learn more, here is the </span><br />
<span style="font-family: Courier New, Courier, monospace;">Link <b>http://manpages.ubuntu.com/manpages/natty/man5/apt.conf.5.html</b></span><br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-84364972488583639762015-07-20T09:02:00.002-07:002015-07-20T09:02:22.907-07:00Lets do some ettercapping..<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">This is a famous tool for performing MITM attacks.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">I am sure you all would have used it. Probably later sometime we will look into various aspect of using it.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">I faced some issues while using it so thought of writing a blog on troubleshooting steps.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Before running it the first time there are a couple of configurations that we have to perform so that we do not false any issues while using it.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">It comes pre-installed in KALI..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">To run the ettercap with root privileges, Hunt for the lines which are under [priv] section. Set the values for ec_uid and ec_gid as '0'</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyg2N3siifXh3ypaoGGwEuYZYTfYrGj80hZZ2P1UEw9PYskH5QSoBGFSAKBfTgCfwefARupjn6cCgGGu0zBqAtIbDWLx9SCoyFdFiV2MYnoTErdd3xTeCTs_pdyjUsSvtmeRGzQV1mDA/s1600/1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="422" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyg2N3siifXh3ypaoGGwEuYZYTfYrGj80hZZ2P1UEw9PYskH5QSoBGFSAKBfTgCfwefARupjn6cCgGGu0zBqAtIbDWLx9SCoyFdFiV2MYnoTErdd3xTeCTs_pdyjUsSvtmeRGzQV1mDA/s640/1.jpg" width="640" /></a></div>
<span style="font-family: 'Courier New', Courier, monospace;">Next is setting up the IPTABLES firewall rules (only if you or the network you are testing is using one) which help us to redirect the traffic. For this scroll down to the section where it says "LINUX" and uncomment the following lines. See image for reference.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO7PAzh0UMsXatuCOdXcvXSdvOdSB6halM6e4xTkx6j_j6ryRYW_SjwNJDjNS5BBe__Ky9bi7Zmzyn2Bw7aYwvlMFASiTYJAFqGQxbFBBJ4c5Pq_UhHVU1hwsaD5lnNcJw0j3pICEGhA/s1600/2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="430" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO7PAzh0UMsXatuCOdXcvXSdvOdSB6halM6e4xTkx6j_j6ryRYW_SjwNJDjNS5BBe__Ky9bi7Zmzyn2Bw7aYwvlMFASiTYJAFqGQxbFBBJ4c5Pq_UhHVU1hwsaD5lnNcJw0j3pICEGhA/s640/2.jpg" width="640" /></a></div>
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">I cannot escape thanking Georgia Weidman (i mean her book)who was the one who helped me sort out my issues ;)</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-25232820038393206642015-07-08T23:56:00.002-07:002015-07-08T23:56:58.844-07:00Installing NODE.js in LINUX<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">Hey Guys.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">In this blog let us look at the installation procedure of Node.js. I will leave up to you on how you want to explore the same ;)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Node.js® (https://nodejs.org/)is a platform for building fast and scalable network applications. It is really lightweight and is awesome at efficiency. These features comes from the architecture itself as it uses events for its various functionality. It is actually bundled with a lot of awesome libraries which will help you handle server tasks in a more easier manner.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The single thread non-blocking architecture also gives you the feasibility to design for the “First come, first served” which is the key of Nodejs to be more scalable than others.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">I was actually not aware of this earlier until i came across a super HTTP tool(htracr) whose pre-requisite was Node which made me inquisitive on what else it can do. I would highly recommend you guys to explore its website for more.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Usually Node.js is included in Ubuntu versions 13.04 and higher.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">There are a lot of blogs on the same topic on how to install kinda thing. But recently i was diving into my Mint and i faced a little problems installing it so thought of writing another blog on how it can be done to make it smoother for other guys may be. The best part about linux is , it always come up with one or the other dependencies when you are using the vanilla version which makes one explore more on what is required for what and how does things work. :)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">So lets dive in the terminal for a while.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Follow the steps to install Node.js and npm.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo apt-get install npm</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo ln -s /usr/bin/nodejs /usr/bin/node</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">If you want to install a more recent version, we have to do it from its PPA. For that first we will require some python libraries. If you already have it, look for an updated one (Suggested)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Following are the steps</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo apt-get install python-software-properties python g++ make</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Now lets add a repository to our sources list.We will be </span><span style="font-family: 'Courier New', Courier, monospace;">using the Chris-lea repository here. There are many others repository but these one seems reliable.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo add-apt-repository -y ppa:chris-lea/node.js</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Next is updating the local repository index which is a necessary step</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo apt-get update</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<b><span style="font-family: Courier New, Courier, monospace;"></span></b><br />
<span style="font-family: Courier New, Courier, monospace;"><b>$ sudo apt-get install npm</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>*</b>I forgot to mention that<b> npm</b>(Node's Packet Manager)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">There are some native add-on's from npm which you can install as per your wish</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>apt-get install --yes build-essential</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">This should ideally be enough for the running of your first Node program.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">Here is a sample for the same:) . Not one of mine though</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>// First_node.js</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>var http = require('http');</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>http.createServer(function (req, res) {</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b> res.writeHead(200, {'Content-Type': 'text/plain'});</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b> res.end('Hello Node.js\n');</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>}).listen(8007, "127.0.0.1");</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b></b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>console.log('Server running at http://127.0.0.1:8007/');</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjauwg2Hp6r1WAmtkaKSkFW0JO8zHT2lbdJoxdZFnlieWow7ANZZgKBF4706Jnazl2gNpm5cnNPNL6MneoPnUZprfOTqOgsPu67CCpBoHPAIE2zJ4bl5IAcI1lZZmCajTXcPVp2OwJivw/s1600/2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="486" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjauwg2Hp6r1WAmtkaKSkFW0JO8zHT2lbdJoxdZFnlieWow7ANZZgKBF4706Jnazl2gNpm5cnNPNL6MneoPnUZprfOTqOgsPu67CCpBoHPAIE2zJ4bl5IAcI1lZZmCajTXcPVp2OwJivw/s640/2.jpg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>To run your program you can type in </b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>$ node First_node.js</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b>Now, if you navigate to http://127.0.0.1:8007/ in your browser, you should see the message...</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVTMUFzxHF6n7CoxMSOh8LGFFJORgSHqrNQCj9wpYPaMl00mECsJ_WrsaM3Ew8vNp0Yxhr14s5O8jQmIvbrQTV2eSxWfwUclamUqfCVsm_UuHessgj_9El7XXO25MMLNBUXtJZOUOSXQ/s1600/1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="274" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVTMUFzxHF6n7CoxMSOh8LGFFJORgSHqrNQCj9wpYPaMl00mECsJ_WrsaM3Ew8vNp0Yxhr14s5O8jQmIvbrQTV2eSxWfwUclamUqfCVsm_UuHessgj_9El7XXO25MMLNBUXtJZOUOSXQ/s640/1.jpg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<br />
<br />
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-84659226997981926492015-07-07T08:27:00.001-07:002015-07-07T08:27:41.325-07:00Password cracking- lets make it an art to be.. (Creating Custom Wordlist using CeWL)<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: 'Courier New', Courier, monospace;">Cracking password is sometimes requirement and sometimes hobby for many of the security enthusiasts..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">When cracking password there are two things which are very important. One of them is how good is your password word-lists and to make it look good it has to have the word that is going to crack the password. :)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Also how efficient is your password cracking tool (The artillery) as in how much power it consumes and how much power it has to crack your password or in another word how many attempts it makes per second or how fast it is able to go through your word-list to pick up the correct password.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Time has changed and so is the computing power of the devices. Now there are password crackers which also utilize GPUs.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">I thought of writing this blog wherein we can create a custom word-list which will help you design your own word-list and thereby give more chances to find your password.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">One of the tool to do so is CeWL- Custom Word-list Generator. It comes pre-installed in the latest versions of Kali Linux.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The tool has been designed to spider the targeted websites searching for key words in the website thereby compiling them into a word list. It has some super powers wherein you can control this spidering feature like on how many links it should follow or what is the minimum word length you want in your website.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">It even supports some authentication mechanism wherein you can search authorised pages.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">So lets dive into this tool:)</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The foremost command that i like is the help command and i prefer it as my first command always as it helps us to understand how it works and what all options can we explore..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMUDpBd00sTu4oRKIs7QIOA5auM7RomhlAkkjyXWeGvO2XAYbOBlZcbPTXErd8cTIoVwor1mgTw9o59mZpkec28LHLPGRK8vJIyDNjF8yivibFEJvRq94OJ3YPLAxZM32SO1cZXUUkDw/s1600/1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="434" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMUDpBd00sTu4oRKIs7QIOA5auM7RomhlAkkjyXWeGvO2XAYbOBlZcbPTXErd8cTIoVwor1mgTw9o59mZpkec28LHLPGRK8vJIyDNjF8yivibFEJvRq94OJ3YPLAxZM32SO1cZXUUkDw/s640/1.jpg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Next let us look on what magic it can do when it is fed with proper inputs:P</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The format in which the command has to be written is as follows:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>cewl http://www.example.com/ -d 1 -m 6 -w example-wordlist.txt</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Lets look at the options we used in the command here:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>-d</b> - This defines the depth you want to go into or you can say as what is the depth the spider will crawl into</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>-m</b> -- This option tells as as what should be the minimum length of the word </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>-w</b> -- Write the output to a file named example-wordlist.txt</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Once this is done, we will be able to see that CeWL has noted down a lot of passwords for you..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">The following command will help you look into the same :</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>wc -l example-wordlist.txt</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Now there can be various scenarios which we can consider for generating our custom word-list. For e.g. </span><span style="font-family: 'Courier New', Courier, monospace;">if you have any kind of authentication mechanism in place and want the spider to crawl the authenticate pages. The creator of this wonderful tool has thought as well and have provided us with the options like:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>--auth_type:</b> digest or basic depending upon the mechanism to have</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>--auth_user:</b> authentication username</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>--auth_pass:</b> authentication password</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">And over all this if you want to know all the things the tool is doing i will suggest you go verbose by the option <b>-v</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Now your wordlist is ready to be used by your password cracker.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Some guys are looking for a more enhanced list depending upon the situation. So for that there is another wonderful tool probably which i will try to cover in my upcoming blogs which i call as UNCLE JOHN (The infamous John The Ripper). This tool is famous for the job it does and there are a lot of rules where you can play around and suit your needs.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Refer to <b>http://www.openwall.com/john/doc/RULES.shtml</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">Now for instance to integrate Uncle</span><span style="font-family: 'Courier New', Courier, monospace;"> John with your CeWL wordlist we can use the following command </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>john --wordlist=example-wordlist.txt --rules --stdout > new-wordlist.txt</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">And now you can see that there is alltogether an enhanced list as per the requirement or the rules you have told to Uncle John..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">This command will come handy again..</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><b>wc -l new-wordlist.txt</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<span style="font-family: Courier New, Courier, monospace;">So lets start cracking. Try out creating your custom lists with different rules around.</span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-43262300708746820842015-07-07T08:12:00.004-07:002016-01-03T10:24:44.134-08:00Metasploit- A new Start :)<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Courier New, Courier, monospace;">I am sure there are 100's of blogs on the favorite tool Metasploit. But somehow i felt that there should be some things on my blog as well which will involve some information or troubleshooting of some of the thing that new guys exploring the same face.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">I will not go in detail of what Metasploit does and what are its uses or what is its syntax. Rather i will give a small demo on what all things to be kept in mind before diving into the Meta World.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">First thing first. Metasploit uses PostgresSQL as its database.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">So first what you have to do is the start the Postgres Service.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">## <b>service postgresql sart</b></span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;"></span><br />
<span style="font-family: Courier New, Courier, monospace;">## <b>/etc/init.d/postgresql start</b></span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;"> For checking the same you can use the following command:</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLzcilsUWFY3z76FMqQwJ4OOu8tMRASDkwecvCikmO_B3840AK9ye6Ti_Frp7e-jiAbfO-jID6qTBrJMiNgo97g2h7Pd7cRKtJaGJSruxYdZqaEDDrDQLp-QKo51f8Jvz7d1kmclItFw/s1600/3.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="60" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLzcilsUWFY3z76FMqQwJ4OOu8tMRASDkwecvCikmO_B3840AK9ye6Ti_Frp7e-jiAbfO-jID6qTBrJMiNgo97g2h7Pd7cRKtJaGJSruxYdZqaEDDrDQLp-QKo51f8Jvz7d1kmclItFw/s640/3.jpg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;">Now once the database service is started start the Metasploit service. You can do the same by the following command :</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2VUHqQvatbJ4W_ftcoRgvXHfxwe6JqCRZLp17ZMgedp1JkVxTb9VKi3Q3JgqTneRhhI6uqJbbbmtAwD13_1N3zBwi8YJigCPYQyqDrWFg6-X224gOSIyMH6hk-EUG4HOnAonw5x0Y0w/s1600/4.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2VUHqQvatbJ4W_ftcoRgvXHfxwe6JqCRZLp17ZMgedp1JkVxTb9VKi3Q3JgqTneRhhI6uqJbbbmtAwD13_1N3zBwi8YJigCPYQyqDrWFg6-X224gOSIyMH6hk-EUG4HOnAonw5x0Y0w/s640/4.jpg" width="640" /></a></div>
<br />
<span style="font-family: Courier New, Courier, monospace;">If you have noticed the first time when i</span><span style="font-family: 'Courier New', Courier, monospace;">nstall it caches all the modules in the database. T</span><span style="font-family: 'Courier New', Courier, monospace;">he first time the service is launched it will create a database and a database user called as msf3. It also starts the RPC service and the web server automatically.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;">Now you have activated both the services. Once it is done you are good to go and launch the <b>msfconsole. </b>Once you are in you can check the connectivity with the database by typing the command:</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;">## <b>db_Status</b></span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><b><br /></b></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAgI2DsBjjQp8IudQcg0qjkrP4cXL7f9mWXBRC1Lal9Litmbrb1zmNJVoVGHHI7egI8mH3MRJGg2AymaTtnBTzlMAZRPpVPEdOEVemaRJ2tQLscD6nd56bJtvK6ztS19sJEzLle4Y42w/s1600/2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="36" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAgI2DsBjjQp8IudQcg0qjkrP4cXL7f9mWXBRC1Lal9Litmbrb1zmNJVoVGHHI7egI8mH3MRJGg2AymaTtnBTzlMAZRPpVPEdOEVemaRJ2tQLscD6nd56bJtvK6ztS19sJEzLle4Y42w/s640/2.jpg" width="640" /></a></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKX_pnWG189t9zKxjswuyg6zuypWhszEkKFjukxvu07_ksbM_42HE8SfmvAPpFNr7QNTwH3VNf1gyWExeOPmPYECab-ZZGqMZ9-1OILQbRSqTd6BeasGTXEqrKc4otwNeZL7trO2Z6gA/s1600/1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="430" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKX_pnWG189t9zKxjswuyg6zuypWhszEkKFjukxvu07_ksbM_42HE8SfmvAPpFNr7QNTwH3VNf1gyWExeOPmPYECab-ZZGqMZ9-1OILQbRSqTd6BeasGTXEqrKc4otwNeZL7trO2Z6gA/s640/1.jpg" width="640" /></a><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<b style="font-family: 'Courier New', Courier, monospace;">Some important stuffs and extra commands : </b><br />
<span style="font-family: 'Courier New', Courier, monospace;">This becomes a tedious task as the connection is lost once you have shutdown the machine. </span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">So how can we start the service on startup.</span><br />
<span style="font-family: Courier New, Courier, monospace;">Type in the following command and you are done:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">## <b>update-rc.d postgresql enable</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"></span><br />
<span style="font-family: Courier New, Courier, monospace;">## <b>update-rc.d metasploit enable</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdz7XHB2PwV-e_rRidKgsLUnYo9gfjSbC4Tyx0EqXg0P7hMe5cMHEsubJOdOGcGM_x9yqeXfaYbvijSwaDZy4_LSRQDbtQDGyBLKcxG_wwUzZ5FQ3tId3lg0Zf0lNWtbARIEyEO_HA3g/s1600/5.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="66" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdz7XHB2PwV-e_rRidKgsLUnYo9gfjSbC4Tyx0EqXg0P7hMe5cMHEsubJOdOGcGM_x9yqeXfaYbvijSwaDZy4_LSRQDbtQDGyBLKcxG_wwUzZ5FQ3tId3lg0Zf0lNWtbARIEyEO_HA3g/s640/5.jpg" width="640" /></a></div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<br />
<div>
<br /></div>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Some Extra Commands:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">You can rebuild the cache by typing the following in the msfconsole</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: 'Courier New', Courier, monospace;">## </span><b style="font-family: 'Courier New', Courier, monospace;">db_rebuild_cache</b><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<span style="font-family: 'Courier New', Courier, monospace;">If you want to have a look on the service, this comes in handy. Sometimes useful while troubleshooting the process described above.</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">## </span><span style="font-family: 'Courier New', Courier, monospace; font-weight: bold;">lsof -nPi |grep LISTEN</span><br />
<span style="font-family: Courier New, Courier, monospace;">##<b> watch -d 'lsof -nPi |grep LISTEN'</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<b style="font-family: 'Courier New', Courier, monospace;">That's all for now folks :):)</b><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<span style="font-family: Courier New, Courier, monospace;"><b><----------------------------xxxxxxx-------------------------------></b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b><br /></b></span>
<b style="font-family: 'Courier New', Courier, monospace;">UPDATE</b><br />
<b style="font-family: 'Courier New', Courier, monospace;"><br /></b>
<b><span style="font-family: Courier New, Courier, monospace;">Setting and Starting Metasploit framework in Kali 2.0</span></b><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">There has been some changes with in terms of Metasploit in Kali 2.0</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Quote from the official website (https://www.kali.org/news/kali-linux-20-released/</span><span style="font-family: 'Courier New', Courier, monospace;">)</span><br />
<br />
"<br />
<div class="wpb_text_column " style="background-color: white; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px;">
<div class="wpb_wrapper" style="box-sizing: border-box;">
<h2 style="box-sizing: border-box; color: #555555; font-family: 'Noto Sans', sans-serif; font-size: 32px; font-stretch: normal; font-weight: 300; line-height: 1.4; margin: 0px 0px 20px; padding-top: 0px;">
Metasploit Community / Pro no longer ships in Kali</h2>
</div>
</div>
<span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">At the request of Rapid7, we have</span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><strong style="background-color: white; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">removed the Metasploit Community / Pro package</strong><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">from Kali Linux and now host the open-source</span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><strong style="background-color: white; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"><em style="box-sizing: border-box;">metasploit-framework</em></strong><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">package only. For all of you who require Community or Pro, you will now need to</span><strong style="background-color: white; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">download it from Rapid7</strong><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">and then register and submit your personal details in order to get a license. In addition,</span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><em style="background-color: white; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">the Rapid7 team no longer maintains the Metasploit package in Kali</em><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">, which has brought with it some substantial changes – we’ve moved to a “native” setup, where rather than bundling all the required software needed to run Metasploit in one big package, we use native dependencies within Kali to support the</span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><strong style="background-color: white; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"><em style="box-sizing: border-box;">metasploit-framework</em></strong><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">package. This results in a</span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><strong style="background-color: white; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">faster, smoother work experience and easier integration</strong><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">with Metasploit dependencies. For more information about this, check out our</span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><a href="http://docs.kali.org/general-use/starting-metasploit-framework-in-kali" style="box-sizing: border-box; color: #447490; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; outline: 0px; text-align: justify; text-decoration: none; transition-duration: 0.3s; transition-property: background-color, box-shadow, border, color, opacity;" target="_blank">Metasploit Framework in Kali</a><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;"> </span><span style="background-color: white; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; text-align: justify;">documentation page.</span>"<br />
<br />
<div style="background-color: white; color: #666666; font-size: 14px; line-height: 22.4px; margin: 0px; padding: 0px;">
<div style="margin: 0px; padding: 0px;">
<div style="padding: 0px; text-align: justify;">
<span style="font-family: Courier New, Courier, monospace;">The regular way for metasploit service is no more available. These are the following steps that you have to perform now.:)</span></div>
<div style="padding: 0px; text-align: justify;">
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div style="padding: 0px; text-align: justify;">
<span style="font-family: Courier New, Courier, monospace;">Start the postgresql database the same way as usual and then start the msfdb server as below.</span></div>
<div style="padding: 0px; text-align: justify;">
<span style="font-family: Courier New, Courier, monospace;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5Ii8D8KDt5cr_7F7xxeAjhAdxBEJvCAatAI8z4zK11PRnwcUb2kXq93KGJzIEtCU4ZCJcYCCishEtdZaX2s-9s5IMuRVzmFfmib4TZTiyAOVLTn8NcGNG21LwUjT1Fz7DxyaBpxMarA/s1600/1%252Cjpg.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="102" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5Ii8D8KDt5cr_7F7xxeAjhAdxBEJvCAatAI8z4zK11PRnwcUb2kXq93KGJzIEtCU4ZCJcYCCishEtdZaX2s-9s5IMuRVzmFfmib4TZTiyAOVLTn8NcGNG21LwUjT1Fz7DxyaBpxMarA/s640/1%252Cjpg.jpg" width="640" /></a></div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br /></div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br /></div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br /></div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br /></div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br /></div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br /></div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br />
------------------------------------------------------xxxxxxx-----------------------------------------------------------------</div>
<div style="font-family: 'Open Sans'; padding: 0px; text-align: justify;">
<br /></div>
</div>
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-40873381206364693722015-06-23T05:40:00.001-07:002015-06-23T05:42:55.461-07:00<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "Courier New",Courier,monospace;">Wow....Here it is another release of the beta version of ELEMENTARY OS."OS FREYA".</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzhvGsM5NYvNZAIhGkfeLzsubGEMEVpbNwGOjIxyzjm6Yc0ixui1kFs3n_rLvviji90wb32eO68tBW1vHEzej3ObmjNt5HPo2CjflihVk6cp2X6pZ547iLPofUFk6ETVsXO1dOpYQgdw/s1600/1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="475" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzhvGsM5NYvNZAIhGkfeLzsubGEMEVpbNwGOjIxyzjm6Yc0ixui1kFs3n_rLvviji90wb32eO68tBW1vHEzej3ObmjNt5HPo2CjflihVk6cp2X6pZ547iLPofUFk6ETVsXO1dOpYQgdw/s640/1.jpg" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "Courier New",Courier,monospace;">It is an open source and its licensing model is based on GNU, GPL, LGPL and on various other free software license.(Visit the official website for more details)and has a monolithic Kernel. <br /><br />It is based on UBUNTU and uses its own shell named PANTHEON.<br /><br />The version which have come out till date are 0.1 JUPITER, 0.2 Luna, 0.3 Freya (beta) and the next one is supposed to be named as 0.4 LOKI. * (http://en.wikipedia.org/wiki/Elementary_OS)<br /><br />The developers have considered giving the taste of nearly all operating system and making the distro a lot USER FRIENDLY. To name it has a taste of GNOME,some form of windows, Xffce and not to mention the super OS X and Chrome. No doubt they have taken the blend of GUI very seriously and have delivered an extra ordinary look and feel to the end user.<br /><br />Though it has got a lot of criticism of its GUI and user interface as being very much similar to OS X , but at the same time appreciation was at its door from the Linux community for the hard work.</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-kVSjZRmnJjJLx1T0XxZbVpv_SS7x5UC08GZlxelV2yZkuwifhL-aVfjFVWaKMZN_o6uefyRSTRLDHgYjcvGdXPS22QVGyU-PR9qzeU8TzfkLMre2-HGfosvGnSuunXQDZ3YQANRcyw/s1600/2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="482" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-kVSjZRmnJjJLx1T0XxZbVpv_SS7x5UC08GZlxelV2yZkuwifhL-aVfjFVWaKMZN_o6uefyRSTRLDHgYjcvGdXPS22QVGyU-PR9qzeU8TzfkLMre2-HGfosvGnSuunXQDZ3YQANRcyw/s640/2.jpg" width="640" /></a></div>
<span style="font-family: "Courier New",Courier,monospace;">You can download the same here.(https://beta.elementary.io/) Not to mention that as it is still in beta version, more surprises are on its way..<br /><br />The most intelligent thing that these guys did was using the UBUNTU as their base through which they inherited the legacy that Ubuntu has carried all its way.This also gives access to the end user the huge repositories and packages of UBUNTU <br /><br />Along came the famous and user friendly UBUNTU SOFTWARE CENTER.NO doubt this also gives a lot of space for different software components of its own as well like, PLANK, MIDORI the web browser, MAYA, SWITCHBOARD etc.</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR6FMv18UFjmu4ghX4dIAYZnNaKll7KDeml8WjTnHIwl2Fv1IgMa2pCIf2-Qe-XtQxzxLAQ_NTrDqb2FnMeEzm_E_8toYBTfA7K-htoI0apE-NBrVZdFFQ7PSTiw4evc1EHmY3MujfrA/s1600/3.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR6FMv18UFjmu4ghX4dIAYZnNaKll7KDeml8WjTnHIwl2Fv1IgMa2pCIf2-Qe-XtQxzxLAQ_NTrDqb2FnMeEzm_E_8toYBTfA7K-htoI0apE-NBrVZdFFQ7PSTiw4evc1EHmY3MujfrA/s640/3.jpg" width="640" /></a></div>
<span style="font-family: "Courier New",Courier,monospace;">You can say that FREYA has come up by inculcating best of all the recipes present in every operating system, right from the OS X dock, to the GNOME shell to the CHROME OS menu part to using UBUNTU SOFTWARE Center.<br /><br />I would say on my personal opinion , it was one of the best LINUX experience that i had till date.</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">Note : Regular users would require to tweak some of the part of Freya as in there are a couple of things that can make u go mad. For e.g Trying to find a minimize button to an open window(Keep searching as there is none), Single click to open any application or an explorer window.</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">As a surprise there is a cool Elementary Tweak tool pack from which you can perform some really some cool things that can come handy to handle your madness;)</span><br />
<span style="font-family: "Courier New",Courier,monospace;"></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJJkoLBuBfmXOUHDGjUIfMeFTZGEp02WgP6Magrendi-d0scDSeJ2aUyUQa-WMWQkO0hyphenhyphenY9L1AR_LGyG5D6oiGj_4v-jhunnk-kNTpirG_xWrS9Z7meSg_yR4l7KeB1moBi0vSr6meyw/s1600/4.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="402" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJJkoLBuBfmXOUHDGjUIfMeFTZGEp02WgP6Magrendi-d0scDSeJ2aUyUQa-WMWQkO0hyphenhyphenY9L1AR_LGyG5D6oiGj_4v-jhunnk-kNTpirG_xWrS9Z7meSg_yR4l7KeB1moBi0vSr6meyw/s640/4.jpg" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDXsgxwreg2p42AQEGPCNjcAVdcuxvT8dviSrtDOVAe39zK9EfdUISOqox6Tyx-EhaDwinDIVCvXmtdhPnRfWDKBFB56zEJc4Z5vlXSCtEnP4iLPtyEIWYlD2K43FJqnNvwracn9JxHA/s1600/5.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="136" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDXsgxwreg2p42AQEGPCNjcAVdcuxvT8dviSrtDOVAe39zK9EfdUISOqox6Tyx-EhaDwinDIVCvXmtdhPnRfWDKBFB56zEJc4Z5vlXSCtEnP4iLPtyEIWYlD2K43FJqnNvwracn9JxHA/s640/5.jpg" width="640" /></a></div>
<span style="font-family: "Courier New",Courier,monospace;"></span>
<span style="font-family: "Courier New",Courier,monospace;"></span><br />
<span style="font-family: "Courier New",Courier,monospace;">And to be true this customization thing has no limits so i will leave it up to you to build your own Freya. Do share if you want to on what you built..<br /> </span><br />
<span style="font-family: "Courier New",Courier,monospace;">Let me know your comments and experience if you used it.<br /><br />Do support the developers of such an amazing project. Visit https://beta.elementary.io/ for more information. :):)</span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-57368549973586293722015-06-23T05:07:00.003-07:002015-06-23T05:08:38.787-07:00Code Injection- An Ocean to explore.. Fun place for Security Guys and Bad dream for Developers.. :):)<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "Courier New",Courier,monospace;">Code Injection: It is a technique of exploitation which is caused when the code is not able to make a difference between the good code and a bad code or in another words when your code is able to process an invalid piece of code without verification.<br /><br />Code injection was something which used to be a good technique which comes in handy for the end user when they want some specific output from a system which is diverted from the system. For e.g. a particular report format that is not supported or updating a system by a written script or a piece of code which gets activated on a particular day of the week or to perform some automated output which the application in use was not designed to perform.<br /><br />But there is always a bad side. Similarly this technique can also be used to perform some malicious activities which can cause diverse affects. For e.g.modifying values in a database or performing a web site defacement to injecting some kind of malicious code or taking superior privileges..<br /><br />Usually it is performed by sending a malicious code to the interpreter and executing it to gain unwanted information and privileges.<br /><br />They can be easily be discovered when doing a code review of the code but sometimes it becomes very difficult when one is doing a black box testing. The best way to find them is through fuzzer's or some good scanners.<br /><br />Some examples of Cod Injections are SQL injection, HTML injection,XML injection,Cross Site scripting, Remote file Injection, Object Injection and the most famous one Shell Injection. (There may be more of them as well..)<br /><br />Each of them is an individual area of research and interest .We are going to try them individually in coming days:)</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">References: Dont forget to go through some links for the time being:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">https://en.wikipedia.org/wiki/Code_injection</span><br />
<span style="font-family: "Courier New",Courier,monospace;">https://www.owasp.org/index.php/Top_10_2013-A1-Injection</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><br /></span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-54348886997290115502015-05-29T03:24:00.001-07:002015-05-29T03:26:48.931-07:00HASH IDENTIFIER- F!nd!ng a # TypE<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "Courier New",Courier,monospace;">There are a lot of scenarios wherein we need to identify the type of HASH before we want to see whether it is crackable or not.<br /><br />There is an awesome utility which is provided in our KALI LINUX called as HASH IDENTIFIER..</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><br />This is a very simple tool to use.<br /><br />It asks you the HASH you want to identify and gives the results on the fly:):)</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">Below is how it looks. Really Cool right ;)</span><br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhthERFoP5uqbNQ4iNizsoYuG_Hu_o6CKNXXXka1S7d5ybEFtCLTmYBhd22r6QkMC6yFzCUauAkN81ndJM_heM9ngtVJ0qbKoCq2Mghej1Ufalc5RgzSNj9bsM38Q8aAxbN5fhLEYxqKQ/s1600/1..jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhthERFoP5uqbNQ4iNizsoYuG_Hu_o6CKNXXXka1S7d5ybEFtCLTmYBhd22r6QkMC6yFzCUauAkN81ndJM_heM9ngtVJ0qbKoCq2Mghej1Ufalc5RgzSNj9bsM38Q8aAxbN5fhLEYxqKQ/s640/1..jpg" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<span style="font-family: "Courier New",Courier,monospace;">Once it is on you can enter the HASH you want to anlayse.</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">It also gives the probable HASH types in case of any probable matches.</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuZX3ADQzvQwZgiwHIbi7GBOhoIF3UjPcBOWAgePbmpfblZNRb9P7Jt_8-imHwpZNXusLqMhchcwDAMHAGftk0GI0ppyaWxIjduk9Ej3_Gt8pf9tFFLwEgOtMoliHF8jK-JkRjGVhGHg/s1600/2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="388" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuZX3ADQzvQwZgiwHIbi7GBOhoIF3UjPcBOWAgePbmpfblZNRb9P7Jt_8-imHwpZNXusLqMhchcwDAMHAGftk0GI0ppyaWxIjduk9Ej3_Gt8pf9tFFLwEgOtMoliHF8jK-JkRjGVhGHg/s640/2.jpg" width="640" /></a></div>
<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">Enjoy.!!</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><br /></span>
<span style="font-family: "Courier New",Courier,monospace;">Oh wait, what are you going to do once you have identified your HASH.</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><br /></span>
<span style="font-family: "Courier New",Courier,monospace;">Post getting the HASH. The next most probable thing you can do is try Cracking it. :D :D<br /><br />oCLhashcat is one of the very good tool which utilizes the computing power of your GPU and is really fast.<br /><br />The following syntax can be used to crack the HASH.<br /><br /><b>oclHashcat -m <hash type><hash list> <word list> -o <found list></b></span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">Let me give a little details on the options switches (Details can be found out on </span><span style="font-family: "Courier New",Courier,monospace;"><u><span style="font-family: "Courier New",Courier,monospace;">http://hashcat.net/wiki/doku.php</span></u>)<b> </b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><br /><b>-m </b>is the type of hash. You can go through the details on <u>http://hashcat.net/wiki/doku.php?id=example_hashes</u><br /> </span><br />
<span style="font-family: "Courier New",Courier,monospace;">Next enter the name and the path of the file containing the hashes: say example.hash<br /><br />Next is you have to choose the path where the word-list is present. say for me it is <b>/usr/local/code/wordlist/rockyou.txt </b>or if you are using windows I will say use GUI ;)<br /><br /><b>-o</b> is used to store the recovered value in a separate file say FOUND.txt</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">In my next blog we will see more of pswd cracking tools or may be continuation of this ;)</span><br />
<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">Happy Cracking :):)</span></div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0tag:blogger.com,1999:blog-3426308754865054242.post-9267407976583544442014-09-24T06:47:00.001-07:002014-09-24T06:47:18.179-07:00Creating a Bootable USB Device<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">In penetration testing there are scenarios
where you will require a boot-able device for testing purpose where it is not
possible to install anything.<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">In this tutorial we will see on how to
create a Bootable USB Device having Backtrack as the operating system.<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">We will use the famous UNetbootin too for
this tutorial. This tool is widely used as it allows us to create bootable USB
drives for Windows and Linux distros very easily. Its GUI is very easy and we
can do it in few steps.<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">UNetbootin uses the ISO file from your hard
drive and also has the feature to download the required files or distribution.<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">We can download the same from the link <a href="http://unetbootin.sourceforge.net/">http://unetbootin.sourceforge.net/</a><u><o:p></o:p></u></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Once you have downloaded the software we
are ready to make our bootable drive.<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Follow the steps:<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Start UNetbooin..</span></span></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNBkKoQZIUZJvUiZNB7FDJmm_JsA7vINs3fpPXXYvxflOBHolDpSRFM71Odntle5fENi5fhXN396Sdivl8xEYBgLR3g3lQdRdldOeI08-77t0EKDFBJS66sytxp72yYQMkHAh9rRCBKA/s1600/1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNBkKoQZIUZJvUiZNB7FDJmm_JsA7vINs3fpPXXYvxflOBHolDpSRFM71Odntle5fENi5fhXN396Sdivl8xEYBgLR3g3lQdRdldOeI08-77t0EKDFBJS66sytxp72yYQMkHAh9rRCBKA/s1600/1.jpg" height="472" width="640" /></a></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;">Fig:Overview unetbootin</span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: 'Trebuchet MS', sans-serif;">Configure the utility by select the “</span><b style="font-family: 'Trebuchet MS', sans-serif;">diskimage</b><span style="font-family: 'Trebuchet MS', sans-serif;">” option and select your Backtrack 5 ISO.</span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">You have to select your USB Drive now and
then click “OK”.<o:p></o:p></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEga0TqCjxMEarDv6HvsGEB5Wdrx82sgIr7pGaMQ7gm-_eWU78YKQg8T4yifr-rIJxUiC9jgAjPauuMHiBQd_4kUU6mAEiNumljijtLKepKIscB-aB5-OdQderjAA6qsukE9g5NKLuC6-w/s1600/2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEga0TqCjxMEarDv6HvsGEB5Wdrx82sgIr7pGaMQ7gm-_eWU78YKQg8T4yifr-rIJxUiC9jgAjPauuMHiBQd_4kUU6mAEiNumljijtLKepKIscB-aB5-OdQderjAA6qsukE9g5NKLuC6-w/s1600/2.jpg" height="472" width="640" /></a></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Fig: Configuring the unetbootin utility</span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">**Note: You have to keep one thing in mind that
this will format your USB Drive<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Post this select OK and the utility do its work. It will take hardly 10 min and your USB will be ready.</span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-ajYSNbX32puIZWAbobzQ_ZnlQOXjJpHnICtEdqcah0EyIu8kPlrL8giAZYw83A-Ux-NP1Pxs3S10nf3iAe4zqCgr_Wpu2F2wSvKFs27cdQjs9epMe2iE1WwIP4upwX7Sc2a5VCXtuQ/s1600/3.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-ajYSNbX32puIZWAbobzQ_ZnlQOXjJpHnICtEdqcah0EyIu8kPlrL8giAZYw83A-Ux-NP1Pxs3S10nf3iAe4zqCgr_Wpu2F2wSvKFs27cdQjs9epMe2iE1WwIP4upwX7Sc2a5VCXtuQ/s1600/3.jpg" height="472" width="640" /></a></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Fig: During installation</span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYpx1YKKkWPf2LoEgLLprDF4Xbr1SUJB0hpwaW2nWIv-su-a-W2R5VzkDf3HDE5Zcuxq4AeVgYjhDz6HmapW6Hm7WJbJuycztCB2_NziiOby3W3HjwIGzVGrZkNj3sZ1iDxCtr97EZBw/s1600/4.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYpx1YKKkWPf2LoEgLLprDF4Xbr1SUJB0hpwaW2nWIv-su-a-W2R5VzkDf3HDE5Zcuxq4AeVgYjhDz6HmapW6Hm7WJbJuycztCB2_NziiOby3W3HjwIGzVGrZkNj3sZ1iDxCtr97EZBw/s1600/4.jpg" height="472" width="640" /></a></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<br />
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Fig: It is all set to go ahead.:)</span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span lang="EN-IN"><span style="font-family: Trebuchet MS, sans-serif;">Now you should be able to boot off of your
USB Drive with Backtrack 5.</span><o:p></o:p></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/10272096505195485984noreply@blogger.com0