§ï¢k ßå§h §hï† ¥ðµ Ððñ† wåññå Ðð

 Hå¢kïñg, Lïñµx, Satire, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ, þrðgråmmïñg, †êå¢hïñg, †µ†ðrïål§  No Responses »
Oct 112011
 

….I can assure you, if I can’t do it in bash, it doesn’t need to be done…..the other side of the argument was, well, bash isn’t multi-threaded…..hahahahaha …..really??? Run this……

#!/bin/bash
 
set -m # Enable Job Control
trap '' 2 # disable ctrl + c so you can't stop this bitch
rand=${RANDOM} # lets find some big random number
 
let POWEROFTWO=${rand}**2 # and since its not big enough, make it ^2
 
	for i in `seq ${POWEROFTWO}`; do # start HUGE num jobs in parallel
		echo "99999999999^99999999999" | bc
		sleep 1 &
	done
 
# Wait FOREVER for jobs to finish cause you can't stop me now nemo
while [ 1 ]; do fg 2> /dev/null; [ $? == 1 ] && break; done

Gê† ¥ð §hð¢k ðñ!

 Arch, Gêñ†ðð, Lïñµx, Redhat, ßå¢k†rå¢k, Ubuntu, §¢rïþ†§  No Responses »
Aug 112011
 

ï£ ¥ð ¢åñ’† rêåÐ ßå§h, gê† Ðå £µ¢k 𵆆å hêrê

#!/bin/bash
 
# By Ed Wiget
# This script automates downloading youtube video and converting to mp3 file
# I use it to grab new songs for my ipod that I am too lazy to insert store bought cd  
 
# set this variable to the location of your scripts:
BASE_DIR=~/scripts
 
# this sets the location of the python youtube-dl script, relative to above
YOUTUBE_DL=${BASE_DIR}/youtube-dl/youtube-dl
 
# this sets the path of the downloaded files and temp directory
DL_FILES=~/Downloads
 
# this sets the path to were the final mp3 is stored
MP3_LOCATION=~/Music
 
# this checks for the youtube-dl script and if it doesn't exist, it gets it
# if it does exist, it checks to make sure its the latest version
if [ ! -d ${BASE_DIR}/youtube-dl ];
then
echo "grabbing the youtube-dl script"
cd ${BASE_DIR}
git clone git://github.com/rg3/youtube-dl.git youtube-dl
else
echo -e "youtube-dl already exists\n\nMaking sure we have the latest version"
${YOUTUBE_DL} -U
fi
 
# this checks to make sure we have ffmpeg and lame installed, and if not, grabs them
FFMPEG1=`which ffmpeg | wc -l`
LAME1=`which lame | wc -l`
 
if [ ${FFMPEG1} = 1 ];
then
echo "ffmpeg already exists"
else
echo "grabbing ffmpeg"
# for ubuntu based distros, use this line
sudo apt-get install ffmpeg
# for redhat based distros, use this line
#sudo yum install ffmpeg
# for arch
#pacman -S ffmpeg
fi
 
if [ ${LAME1} = 1 ];
then
echo "lame already exists"
else
echo "grabbing lame"
# for ubuntu use this line
sudo apt-get install lame
# for redhat use this line
# sudo yum install lame
# for arch linux
#pacman -S lame
fi
 
# next we ask the user for the video file, it should be in format like:
# http://www.youtube.com/watch?v=6E2hYDIFDIU
echo -e "What is the video to download, ie. http://www.youtube.com/watch?v=6E2hYDIFDIU"
read VIDEO_URL
 
echo "You entered ${VIDEO_URL} is this correct? ( y / n )"
read ANS
        if [ ${ANS} = "y" ];
                then
                        cd ${DL_FILES}
                        # grab the song title
                        SONG_TITLE=`${YOUTUBE_DL} --get-title ${VIDEO_URL}`
                        echo -e "the song title is ${SONG_TITLE}"
                        # downloading video
                        echo "downloading video....please wait"
                        ${YOUTUBE_DL} ${VIDEO_URL}
                        # we need to convert the dl url to a filename for later processing
                        # the url is like:  http://www.youtube.com/watch?v=6E2hYDIFDIU
                        # the downloaded file will be 6E2hYDIFDIU.mp4
                        MP4_FILE=`echo ${VIDEO_URL} | awk -F/ '{print$4}' | awk -F= '{print$2}'`
                        # get the downloaded file extension
                        FILE_EXT=`ls ${DL_FILES}/${MP4_FILE}* | awk -F. '{print$2}'`
                        echo "your video is located in ${DL_FILES}/${MP4_FILE}.${FILE_EXT}"
                        echo ""
                        echo "converting ${DL_FILES}/${MP4_FILE}.${FILE_EXT} to wav.....please wait"
                        # ffmpeg -i 6E2hYDIFDIU.flv 6E2hYDIFDIU.wav
                        ffmpeg -i ${DL_FILES}/${MP4_FILE}.${FILE_EXT} ${DL_FILES}/"${SONG_TITLE}".wav
                        echo "video converted to wav file....converting wav to mp3"
                        lame -b 128 ${DL_FILES}/"${SONG_TITLE}".wav ${MP3_LOCATION}/"${SONG_TITLE}".mp3
                        echo "${SONG_TITLE} is now available at ${MP3_LOCATION}/${SONG_TITLE}.mp3"
                        echo -e "\n\nmoving video download file ${DL_FILES}/${MP4_FILE}.${FILE_EXT} to ${MP3_LOCATION}/${SONG_TITLE}.${FILE_EXT}"
                        mv ${DL_FILES}/${MP4_FILE}.${FILE_EXT} ${MP3_LOCATION}/"${SONG_TITLE}".${FILE_EXT}
                        echo "video file is now at ${MP3_LOCATION}/"${SONG_TITLE}".${FILE_EXT}"
                        echo -e "\n\ndone .... and enjoy"
        else
                echo "there was an error...."
                exit
fi

ßħH: RåñÐðmïzïñg Ðå†å

 Hå¢kïñg, Lïñµx, Rê§êår¢h, ßå¢k†rå¢k, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Jul 222011
 

I am often on the go, and sometimes I only have a few hours to do something.  A scenario came up where I have a few hours of time and I wanted to do a quick pentest of a few sites during that time.  I had a long list of domains to audit, and during the previous two days I had started at the top of the list and worked my way down.  I had made it through about 13 domains, but had 150+ left to go.  So its during these brief periods where I could perform the bulk scan of a few domains that could help me stay on track to get this job completed on time.  Except, I didn’t have a way to really select 5 or 6 domains from the list without doing it manually.

I came up with an idea, what if I could randomly select a few hosts from the list, then keep track of the hosts I had audited this way….eventually I would get through the entire list.  The following script is what I came up with…

Continue reading »

ßå¢k†rå¢k: ĵ†ðmå†ïñg þêñ†ê§†

 Hå¢kïñg, Lïñµx, Rê§êår¢h, ßå¢k†rå¢k, Uncategorized, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
Jul 102011
 

So like most people who do pentesting, I am always strapped for time and always have way too many things on my plate.  So, what I have done over the years is try to automate the things I do on a regular basis.  This allows me to repeat the results consistently.  It also allows me to run a consistent pentest weekly, monthly, or however often I need to schedule them to be done.

I will go ahead and tell you now, these tests are extremely noisy.  They generate a lot of traffic, and I don’t try to slide under any IDS’s or anything else.  Why?  Because I am authorized to conduct these penetration tests.

Continue reading »

ßå§h: §êår¢hïñg £ðr Wêß ßå¢kÐððr§ / §hêll§

 Hå¢kïñg, Lïñµx, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ, Ðïgï†ål £ðrêñ§ï¢§  No Responses »
Jun 132011
 

As system administrators, we often need to search for potential backdoors or shells in web sites for servers we manage.  Its not something we want to happen, but need to do especially if we are supporting legacy code; have gotten behind on patches or updates; or a new exploit slipped through the cracks due to its popularity and how quickly it spread.

I wrote a quick bash script based on a php version I found here.

Here is the short script:

Continue reading »

Backtrack 5: Add OpenVAS 4

 Hå¢kïñg, Lïñµx, ßå¢k†rå¢k, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ, †µ†ðrïål§  4 Responses »
May 182011
 
openvas gsd interface

So backtrack 5 still using the older openvas-2 series and I actually like the newer version.  So here are the instructions on getting the latest version installed. This will install these versions: openvas libraries 4.0.5-1; openvas scanner 3.2.4-1; openvas client 3.0; openvas manager 2.0.4-1; openvas admin 1.1.1-1; gsa 2.0.1-1; gsd 1.2.0-1; openvas cli 1.1.2-1 as packaged by the opensuse build service.

 

NOTE: June 23, 2011 — if the version numbers have changed, you can browse the repository address and update this document accordingly.  Also, yes, this does work on my bt5 install on three different systems.  I am installing on a 4th system now and will update the steps because I think I may have left 1 or 2 out.

Continue reading »

Kêêþïñg ßå¢k†rå¢k µþ †ð Ðå†ê

 Gêñ†ðð, Hå¢kïñg, Lïñµx, Rê§êår¢h, ßå¢k†rå¢k, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ  No Responses »
May 052011
 

So on my backtrack installation and also on my gentoo laptop with the same directory structure, I keep everything up to date that is in subversion or similar using a script.  Here is the script…..

By the way, I don’t have the identical toolset as backtrack.  I have added a lot of things, and I generally try to get the subversion versions of them if possible.  The easiest way to find what software or applications you have in the /pentest directory is to do a scan for .svn folder.  If it exists, you can add that application to this script.

Continue reading »

Gêñ†ðð ñê†wðrkMåñågêr Ðï§þ冢hêr

 Gêñ†ðð, Lïñµx, §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ, †µ†ðrïål§  No Responses »
May 052011
 

Did you ever wish you could start certain scripts only when you are bringing the network up and then stop them when bring the network down?

For the longest time, I was using wicd to manage network connections.  At some point and time I decided to take a look at NetworkManager.

Using network manager, you can use the dispatcher to run scripts based on network connection, runlevel, etc.

This is how I got it working in gentoo linux and a few example scripts.

Continue reading »

Vêrïzðñ Kïll§ ÄñÐrðïÐ †ê†hêr – ñð† êñ†ïrêl¥

 Android, Gêñ†ðð, Hå¢kïñg, Lïñµx, †µ†ðrïål§  No Responses »
May 052011
 

I am sure many people have heard that verizon has asked google to remove tethering applications from their App Store.

Luckily I already had it installed but in case you don’t you can get it from here android-wifi-tether

I am running 2.0.7

In linux, you need to make sure you have this in the kernel config:

Device Drivers --->
  [*] Network device support --->
    USB Network Adapters --->
      [*] Multi-purpose USB Networking Framework
        <*> CDC Ethernet support
        <*> CDC EEM support
        <*> Simple USB Network Links (CDC Ethernet subset)
          [*] Embedded ARM Linux links
  [*] USB Support --->
    <*> USB Modem (CDC ACM) support
    <*> USB Wireless Device Management support

Continue reading »

 Older Entries  Newer Entries