Oct 3, 2014

Tools: iSniff GPS

iSniff GPS passively sniffs for SSID probes, ARPs and MDNS (Bonjour) packets broadcast by nearby iPhones, iPads and other wireless devices. The aim is to collect data which can be used to identify each device and determine previous geographical locations, based solely on information each device discloses about previously joined WiFi networks.
iOS devices transmit ARPs which sometimes contain MAC addresses (BSSIDs) of previously joined WiFi networks, as described in [1]. iSniff GPS captures these ARPs and submits MAC addresses to Apple's WiFi location service (masquerading as an iOS device) to obtain GPS coordinates for a given BSSID. If only SSID probes have been captured for a particular device, iSniff GPS can query network names on wigle.net and visualise possible locations.
By geo-locating multiple SSIDs and WiFi router MAC addresses, it is possible to determine where a device (and by implication its owner) is likely to have been.
Below: Visualisation of WiFi router locations in Melbourne, AU returned by Apple Location Services

Source:: https://github.com/hubert3/iSniff-GPS


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

CheatSheet: Useful tools for CTF



Source:: http://delimitry.blogspot.com/2014/10/useful-tools-for-ctf.html

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Oct 2, 2014

Howto: Search ShellShock in your access.log

find . \( -name '*-access_log.1' -o -name '*-access_log' \) -execdir grep --color=always -HE '\(.*\).*\{.*\}.*"' {} + attempts

 

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Sep 30, 2014

Video: DerbyCon

http://www.irongeek.com/i.php?page=videos/derbycon4/mainlist




If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Shellshock Test List

CVE-2014-6271

+env X='() { :; }; echo "CVE-2014-6271 vulnerable"' bash -c id


CVE-2014-7169

will create a file named echo in cwd with date in it, if vulnerable

CVE-2014-7186

CVE-2014-7187

 

CVE-2014-6277


Source:
https://github.com/mubix/shellshocker-pocs 
https://github.com/hannob/bashcheck



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Videos: Black Hat USA 2014

https://www.youtube.com/playlist?list=UUbbgnifxfH-nqx6z9XQ963Q

 

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.