Jul 132012
 

Credit where credit is due….The bulk of this article was obtained from the excellent article located here: http://www.xors.me/?p=4458

I found the original article and then modified it to fit my operating system and environment.  It has been modified to work with Backtrack Linux installation using native virtualbox-4.1 installation

Background

To provide some background, Cuckoo Sandbox performs automated malware analysis using system virtualization technologies.  At a high level, Cuckoo executes Python scripts, which then spawn a VirtualBox Virtual Machines (VM) environment running a Guest OS (ie. Windows XP), to execute and analyze malware code in a controlled environment. Once the Guest OS launches, VirtualBox uses local shares to access Python scripts located on the Host OS (ie. Ubuntu/Backtrack).  Python therefore needs to be installed on both the Guest and Host OS environments for this product to work.  Within the Guest OS, youwill also need vulnerable applications to help analyze code, by forcing malware binary or malicious URLs execution.  As the installation documentation provided with Cuckoo Sandbox is missing a few requirements, this post will show a user how to perform a functional install of Cuckoo Sandbox.

A link to the original video is below in avi format.

cuckoo sandbox working under a normal user account

Continue reading »

Feb 112012
 

You might also want to see my article Installing JTR On Backtrack for Multiprocessor Cores

I am too lazy to restore the old version of this file from my old website (it was hosted for years on mambo and I am just too lazy to do the db conversion).  Anyways, this website serves a couple of purposes, first is to keep some of my own notes handy and second to help others.  With that in mind, here is a collection of tips on using john the ripper:

Prepare Linux Shadow Passwords

umask 077
./unshadow /etc/passwd /etc/shadow > mypasswds

Continue reading »

Feb 112012
 

Lets face it, John the Ripper has been around a long time and the reason its been around a long time is because its damn good at cracking passwords.  Yea, hashcat and oclhashcat are great for gpu cracking, but it doesn’t support as many algorithms as JTR.  So, imagine my surprise when I fire up John The Ripper on backtrack 5 64 bit and find out it is using a single CPU.  That is letting a potential 75% of my system sit there wanting to do something.  Luckily the fix is easier than fixing a sandwich.

If you already have jtr installed, you may want to see my john tips article.

First, lets grab the jumbo sourcecode….

Continue reading »

Jan 182012
 

 

I usually don’t disable apache, php, nginx headers because to me that is just security through obscurity.

My thoughts are this…..

  1. if someone doesn’t know what version of software you are running and they decide to hack your domain or server, they will simply throw every public exploit at it that exists for said product or even simply “fingerprint” it for the correct version
  2. It makes my life easier because I can also query for those headers if for some reason I don’t remember the version of software (which saves me from logging in to the server or using other methods that might take longer – efficiency is key!)
  3. skiddies are going to throw everything at it anyways

On the flipside…..

Continue reading »

Jan 102012
 

For some reason, websecurify does not work in fluxbox…..well, it works just fine, you just can’t see the results due to a theme issue.  It definately appears related to the chrome theme used in websecurify because changing qt theme and gtk theme has no effect.  Also changing the fluxbox theme does not work and my regular chrome browser works fine.

Images below…

Jan 102012
 

Everybody knows I have been an avid daily linux user since…..1995 or so, and I switched to linux as my primary desktop around 1997.  The ONE struggle I have had since day 1 is that I do photography as a hobby and since I started using photoshop (I think around version 3), I have never been able to find a permanent solution for linux.  I have used gimp, I even used gimp in the photography classes I taught but it is lacking in several areas…..one being 16+ bit support, the second being layered tiffs, and the third being its just not photoshop.  Then, along came lightroom while I was actually beginning to use gimp with digikam more….and that pretty much moved me back to photoshop again.

So, I have been fighting with trying to keep photoshop and lightroom working on wine and really just wishing adobe would come out with a photoshop and lightroom version for linux (I think they would make a freaking killing), trying Bibble again and trying to decide if I wanted to pay the price (I actually went to purchase it and for the life of me couldn’t figure out how….so you guys lost a sale just because there was no way to make a purchase from my signed in account with my expired trial license)…..when I came across Darktable.  Darktable aims to be a replacement for Lightroom.  Its really easy to install too.

Installation

Continue reading »

Dec 122011
 

So, I use linux exclusively….for everything except my photography post-processing.  I don’t care about the rants and raves people give me about gimp, my workflow has included photoshop since Photoshop v3.0 (like mid-1990’s), and its just too hard to switch…..so I keep one windows machine around just to do photoshop tasks.

Now that I have my fluxbox bliss on my 16GB Quad-core machine dual booting with the factory Windows 7….I thought it would be nice to be able to run windows 7 inside of Linux.  In the past, I always did the “virtualbox from new installation”.  Its kind of a pain in the ass and a huge waste of disk space.

Doing some quick research, I found several articles on booting the physically installed windows in virtualbox and after many trials and errors, I found a simple solution that works.

Here is how I set it up…..

Continue reading »

Nov 302011
 

I have set up many laptops and netbooks with linux and have always used either full-disk encryption or ~/ encrypted.  Its really easy to do and ANY laptop/netbook/tablet/pad/whatever_next mobile device should be encrypted.  I won’t get into the mechanics of why, just do it.  The last article I wrote about this is no longer online (Maysville Linux Users Group, circa 2007) and it was much harder to accomplish back then, often requiring custom kernels to be compiled, etc.  Backtrack has “nearly” everything it takes right on the live cd.

Prerequisites

  1. A laptop
  2. bootable media (backtrack on usb stick, cdrom, some other distro, etc)
  3. Internet connection (backtracks only requirement is to download two files)

Continue reading »