I love tweetdeck, so imagine my surprise when Adobe decided to not support AIR on linux anymore. So until today, I had still been using the native adobe air version of tweetdeck on linux. Yesterday though, tweetdeck would randomly lock up. Today, it wouldn’t post or anything so I set out to install the windows version on linux using wine. Its actually pretty damn easy and so far, no problems.
This is how you do it in 5 steps or less in ubuntu’ish linux:
The error:
svn: /opt/metasploit/common/lib/libssl.so.0.9.8: no version information available (required by /opt/metasploit/common/lib/libserf-0.so.0)
svn: /opt/metasploit/common/lib/libcrypto.so.0.9.8: no version information available (required by /opt/metasploit/common/lib/libserf-0.so.0)
The Fix:
Open terminal and enter these lines:
#!/bin/bash
# By Ed Wiget
# This script sets up a proxy so that you can audit web servers anonymously over tor
# 20111113 - initial script (better method)
# enable next line for debugging
#set -x
echo "Please enter the ip address of the target host or a domain name"
read dom
# this checks to see if we set a domain name or ip address
# it sets the variable IP to the ip address of domain or ip entered
# if you are auditing more than .com, .net, .org, .edu addresses, you need to add them below
if [ "`echo ${dom} | egrep 'com|net|org|edu' | wc -l`" = "1" ]; then
IP=`tor-resolve ${dom}`
else
IP=${dom}
fi
# for debugging to make sure we are setting IP correctly
#echo ${IP}
# here we set up a socat proxy listening on localhost port 8080
# it forwards any tcp requests to ${IP} port 80
# via the socks tor listening on localhost 9050
sudo socat TCP4-LISTEN:8080,fork SOCKS4:127.0.0.1:${IP}:80,socksport=9050 &
# the sleep is required or the check for listening fails below
sleep 2
if [ "`sudo netstat -ptane | grep 8080 | wc -l`" = "1" ]; then
echo "proxy started successfully"
else
echo "proxy not running"
exit
fi
# here we are going to check port 80 for a web server which will likely tell us the
# operating system too via the results
sudo proxychains nmap -sT -PN -n -sV ${IP} -p80
# here we need to set up w3af_gui running as root in order to connect to our proxy
echo "when w3af opens, click on advanced target settings"
sleep 1
echo "set the target ip in w3af to http://127.0.0.1:8080"
sleep 1
echo "set the targetos and targetframework in w3af as returned by the nmap check above"
sleep 1
sudo /pentest/web/w3af/w3af_gui &
So now you can audit a web app using w3af. If you wanted to use nessus or metasploit, just plug in the address as 127.0.0.1:8080
echo "deb http://updates.repository.backtrack-linux.org revolution main microverse non-free testing" >> /etc/apt/sources.list
apt-get update
apt-get dist-upgradeAnd it includes these new tools:
arduino bluelog bt-audit dirb dnschef dpscan easy-creds extundelete
findmyhash golismero goofile hashcat-gui hash-identifier hexorbase horst hotpatch
joomscan killerbee libhijack magictree nipper-ng patator pipal pyrit
reaver rebind rec-studio redfang se-toolkit sqlsus sslyze sucrack
thc-ssl-dos tlssled uniscan vega watobo wcex wol-e xspy
After upgrading to Linux kernel 3.2.6, rebooting, reconfiguring initramfs for encrypted drives, rebooting again, and reinstalling ati graphics, my normal xrandr command no longer worked. That command is:
xrandr --output LVDS --mode 1920x1200 --pos 1680x0 --rotate normal --output CRT1 --mode 1680x1050 --pos 0x0 --rotate normal --output DFP2 --off --output DFP1 --offAnd the error was “xrandr screen only supports 1920 x 1200”
The fix is really simple….
If you run fix-splash on a backtrack installation and get:
$ sudo fix-splash
[*] Fixing Initrd
[*] Extracting Initrd
181100 blocks
cpio: File ./initrd grew, 46361600 new bytes not copied
181100 blocks
[*] Reboot and bask in the joys of BootSplashThe fix is really simple…..
You might also want to see my article Installing JTR On Backtrack for Multiprocessor Cores
I am too lazy to restore the old version of this file from my old website (it was hosted for years on mambo and I am just too lazy to do the db conversion). Anyways, this website serves a couple of purposes, first is to keep some of my own notes handy and second to help others. With that in mind, here is a collection of tips on using john the ripper:
Prepare Linux Shadow Passwords
umask 077
./unshadow /etc/passwd /etc/shadow > mypasswds
Lets face it, John the Ripper has been around a long time and the reason its been around a long time is because its damn good at cracking passwords. Yea, hashcat and oclhashcat are great for gpu cracking, but it doesn’t support as many algorithms as JTR. So, imagine my surprise when I fire up John The Ripper on backtrack 5 64 bit and find out it is using a single CPU. That is letting a potential 75% of my system sit there wanting to do something. Luckily the fix is easier than fixing a sandwich.
If you already have jtr installed, you may want to see my john tips article.
First, lets grab the jumbo sourcecode….
I created this because I always forget the command to enumerate snmp and I am often too lazy to read man pages 🙂
#!/bin/bash
# by Ed Wiget
# This script takes an input ip or domain and performs a snmpwalk using common community strings
# 20120204 - initial script
function proghelp (){
echo ""
echo ""
echo "Help:"
echo "./eds-smtpwalk.sh ip_address"
echo ""
echo "Example:"
echo "./eds-smtpwalk.sh 127.0.0.1"
echo ""
echo ""
}
if [ $# -ne 1 ]; then
clear
proghelp
exit
fi
# set up the first input value
if [ "$1" == "" ]; then
echo "What is the ip address to query?"
read SVRIP
else
SVRIP=$1
fi
if [ -f wordlist-common-snmp-community-strings.txt ]; then
for COMSTG in `cat wordlist-common-snmp-community-strings.txt; do
snmpwalk -v2c -c ${COMSTG} $1 system
done
else
echo "wordlist-common-snmp-community-strings.txt does not exist.......fetching now......please wait"
echo "" wget https://github.com/fuzzdb-project/fuzzdb/blob/master/wordlists-misc/wordlist-common-snmp-community-strings.txt
echo "" echo "please run again....."
fi
So, I use linux exclusively….for everything except my photography post-processing. I don’t care about the rants and raves people give me about gimp, my workflow has included photoshop since Photoshop v3.0 (like mid-1990’s), and its just too hard to switch…..so I keep one windows machine around just to do photoshop tasks.
Now that I have my fluxbox bliss on my 16GB Quad-core machine dual booting with the factory Windows 7….I thought it would be nice to be able to run windows 7 inside of Linux. In the past, I always did the “virtualbox from new installation”. Its kind of a pain in the ass and a huge waste of disk space.
Doing some quick research, I found several articles on booting the physically installed windows in virtualbox and after many trials and errors, I found a simple solution that works.
Here is how I set it up…..