Jun 242016

I hate when an application gets updated and then you have to remember how to make settings work that already worked previously.  So I am making this post as a reminder since it seems to not be a lot of info about it online.  If you don’t want to send things you delete to trash, which then requires you to go empty trash for it to really be deleted ….. then add a “Delete Permanently” to your right-click menu items.

Pretty simple to do …. just follow these steps:

Continue reading »

Feb 262014

I generally do most everything from a shell. I also generally script things when I can. However, I wanted to see changes made to arachni web interface and it had been a while since I used it. I’m not sure if this is automated via the links included in kali linux or not, I just know that when I went to fire up arachni_web it failed and this is how I fixed it.
Continue reading »

Dec 122013

I have been using this script for a long time (maybe 13 years) with only very slight changes.  It was probably one of the first cool ideas I had for a way to track laptops issued to employees that might possibly be stolen.  Granted, today, we use full disk encryption and other cool things that almost makes this script obsolete….but in the event something does get stolen, we can always track it.

The script only requires a crontab entry and a way to send mail (I use ssmtp btw).

Continue reading »

Oct 272013

This is a really simple fix which will block the user enumeration on a wordpress site (like the method by wpscan).

Before I get into this, I am very well aware of the IfIsEvil page on nginx wiki.  But it also says on this page, “The only 100% safe things which may be done inside if in location context are:  return and rewrite as the last statement in a location block”  With that in mind, we are going to use ONLY rewrite as the last statement in our location block.

Continue reading »

Mar 162013

So one thing you learn pretty quick once you move into the cloud, is that what you normally would do to stop bots, rogue traffic, hackers, etc doesn’t quit work…even at the packet level.  What I mean is this, you have a web server sitting behind an aws load balancer and its under attack.  You are running linux.  First thing you do is set up an iptables rule to drop connections from that ip address.  The problem is, iptables never sees that ip address.  Iptables can’t look into packets.  Instead, it sees the load balancer ip address.  The ip address of the user is hidden in the x-forward-for.  So first thing you need to do is enable x-forward-for logging in your web server.  I will use nginx as an example:

Continue reading »

Feb 092013

One thing I can’t stand is waiting on software to download.  I mean, I have a blazingly fast internet connection and I expect everything I do to be blazingly fast also.  So, one thing I noticed was my backbox linux installation was taking forever to download updates.  Looking into why, I noticed there were static addresses used in the /etc/apt/sources.list for ubuntu software repositories.

So here is how to fix it so that you always get the mirror closest to you:

Continue reading »

Jul 272012

Glastopf is a web application honeypot which emulates thousands of vulnerabilities to gather data from attacks targeting web applications.  The principle behind it is very simple:  Reply the correct response to the attacker exploiting the web application.

This article is mostly to cover the installation, setup, usage, etc


Continue reading »

Jul 132012

Credit where credit is due….The bulk of this article was obtained from the excellent article located here: http://www.xors.me/?p=4458

I found the original article and then modified it to fit my operating system and environment.  It has been modified to work with Backtrack Linux installation using native virtualbox-4.1 installation


To provide some background, Cuckoo Sandbox performs automated malware analysis using system virtualization technologies.  At a high level, Cuckoo executes Python scripts, which then spawn a VirtualBox Virtual Machines (VM) environment running a Guest OS (ie. Windows XP), to execute and analyze malware code in a controlled environment. Once the Guest OS launches, VirtualBox uses local shares to access Python scripts located on the Host OS (ie. Ubuntu/Backtrack).  Python therefore needs to be installed on both the Guest and Host OS environments for this product to work.  Within the Guest OS, youwill also need vulnerable applications to help analyze code, by forcing malware binary or malicious URLs execution.  As the installation documentation provided with Cuckoo Sandbox is missing a few requirements, this post will show a user how to perform a functional install of Cuckoo Sandbox.

A link to the original video is below in avi format.

cuckoo sandbox working under a normal user account

Continue reading »

Nov 192011
fluxbox basic

I don’ t really care for the bloated kde or gnome desktops, especially on a netbook with limited memory.  I have pretty much always been a fluxbox user since about 2003 or so.  Over the years my configuration changes, partially because the way I do things changes.  This means my fluxbox environment changes….but not too often.  What bothers me is that sometimes I will lose the latest file for my fluxbox environment, as I often tweak it every couple of days.  This used to be the case, but now pretty much everything goes to external backup in real time.  But many people ask me about my fluxbox because it does look pretty damn nice, its very functional, and my entire computer runs in about 200MB of memory.  So without further wait, here it is, complete with config files.

The first image below shows my fluxbox desktop.  The middle image shows fluxbox with the slit showing that I have set to auto hide so its not viewable in the first image.  The third image shows tmux running inside of an Eterm with two splits shown.  I just started using tmux and it allows you to have multiple windows inside of a console or term window (sort of how you can split horizontally or vertically inside of terminator).  I use the default bind keys in tmux, so not really anything I can tell you about it outside of providing you this link to the tmux cheat sheet.

# Updated 20111210 – several people asked about what I used on my desktop or laptops, since I sort of stupilated I didnt like bloated wm’s on my netbook, and fact is, I still use fluxbox with the exact same config.  Below are two screenshots from my Quad core desktop with 16GB memory and 1TB raid 0 drives (Images 4 and 5 in the gallery below)

Continue reading »