May 052018
 

We have all lost a hard drive at one time or another on a laptop or desktop computer and it always seems like it happens right after several weeks of not performing backups.  Last year, I lost about 15 years of research on an external drive that failed.  I had this system that has worked as long as I can remember where I simply swapped an external drive every two years with a new one after copying the data.  What failed on me though was I became over-confident in this system and wiped out the older drives in order to make room for something else, meanwhile the current drive decided to barf after only about 6 months of usage … literally within a couple weeks of me wiping the previous drives clean.  I was pretty pissed to say the least.  So, lesson learned, I decided to implement a better backup plan.  I wanted a way that would work and be simple.  Instead of a file server and transferring data over a wire, I wanted an external drive I could plug-in and leave plugged in while working or at home or in some motel.  I wanted full backups and I wanted it to be incremental to save space.  This was how I accomplished these tasks …

Continue reading »

Jun 242016
 

I hate when an application gets updated and then you have to remember how to make settings work that already worked previously.  So I am making this post as a reminder since it seems to not be a lot of info about it online.  If you don’t want to send things you delete to trash, which then requires you to go empty trash for it to really be deleted ….. then add a “Delete Permanently” to your right-click menu items.

Pretty simple to do …. just follow these steps:

Continue reading »

Mar 162015
 
Screenshot of psecio-parse scan

I used rips for many years to help with auditing source code.  Lets face it, anytime you can automate a mundane task such as source code auditing, you free up time for other things to be done…..plus if you have ever stared at source code for 14+ hours straight reading line by line by line ….. you know how well automation helps save your vision.

Anyways, today I found a new project at github and wanted to document how I set it up.  One thing to keep in mind is that this is a relatively new project, and with any new project of this size and scope … we can generally expect a few things …. lots of development changes and false positives.  Even with this being known, I still love the direction the project is already moving … so lets begin.

Continue reading »

Feb 262014
 

I generally do most everything from a shell. I also generally script things when I can. However, I wanted to see changes made to arachni web interface and it had been a while since I used it. I’m not sure if this is automated via the links included in kali linux or not, I just know that when I went to fire up arachni_web it failed and this is how I fixed it.
Continue reading »

Dec 042013
 

I often review various vulnerability scanners.  When I review them, I look at several different things:

  • were they able to find a vulnerability I previously missed?
  • are they accurate in their findings?
  • how quickly do they complete an audit compared to “insert some other vulnerability scanner here”?
  • sometimes I will also grab the tcpdumps of the audits for even further analysis
  • how accessible and easy are they to use by “skiddies”?
  • based on the tcpdumps + noise generated on the server logs, are the audit signatures of wapiti easy to detect?

Continue reading »

Aug 262013
 

If you get these errors…..

insserv: warning: script 'S85vpnagentd_init' missing LSB tags and overrides
insserv: warning: script 'vpnagentd_init' missing LSB tags and overrides
insserv: There is a loop between service rmnologin and mountnfs if started
insserv:  loop involving service mountnfs at depth 7
insserv:  loop involving service networking at depth 6
insserv: There is a loop between service rmnologin and mountnfs if started
insserv: Starting vpnagentd_init depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting vpnagentd_init depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting vpnagentd_init depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Max recursions depth 99 reached
insserv:  loop involving service nfs-common at depth 4
insserv:  loop involving service pulseaudio at depth 13
insserv: exiting now without changing boot order!

The fix is….

Continue reading »

Jun 092013
 

I just bought this card to replace an older radeon 4500 series gpu.  Here are the benchmarks (this is a quad-core amd with 16GB memory, sata drives):

Pyrit

$ sudo pyrit benchmark
Pyrit 0.4.1-dev (svn r308) (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3+
 
Running benchmark (59139.3 PMKs/s)... - 
 
Computed 59139.26 PMKs/s total.
#1: 'CAL++ Device #1 'AMD GPU DEVICE'': 59710.6 PMKs/s (RTT 1.1)
#2: 'CPU-Core (SSE2)': 568.9 PMKs/s (RTT 3.0)
#3: 'CPU-Core (SSE2)': 572.3 PMKs/s (RTT 2.9)
#4: 'CPU-Core (SSE2)': 548.1 PMKs/s (RTT 3.0)

Continue reading »

Jun 012013
 

I finally got around to upgrading my desktop from Backtrack 5R3 to the latest Kali Linux.  After about two weeks, I finally set out to get the ati graphics card working so I could do some password cracking.  This turned into fun as the version of fglrx-drivers don’t support my 4500 series graphics card.  The fglrx-drivers-legacy don’t exist in the kali or debian repo’s.  Trying to install from the ati legacy drivers bundle failed.  Here is how I got it working using debian packages:

First add the correct repos:

Continue reading »

May 312013
 

Mostly doing this article as a note for the correct way to install java jdk or runtime for kali or debian wheezy.

Download either the jdk or jre tar.gz package from oracle

Install the java-package from debian

apt-get install java-package

Continue reading »