Feb 12, 2015

Tools: WAIDPS - Wireless Auditing and IPS/IDS

WAIDPS is an open source wireless swissknife written in Python and work on Linux environment. This is a multipurpose tools designed for audit (penetration testing) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all WiFi information in the surrounding and store in databases. This will be useful when it comes to auditing a network if the access point is ‘MAC filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment.

WAIDS may be useful to penetration testers, wireless trainers, law enforcement agencies and those who is interested to know more about wireless auditing and protection. The primarily purpose for this script is to detect intrusion. Once wireless detect is found, it display on screen and also log to file on the attack. Additional features are added to current script where previous WIDS does not have are :
  • automatically save the attack packets into a file
  • interactive mode where users are allow to perform many functions
  • allow user to analyse captured packets
  • load previously saved pcap file or any other pcap file to be examine
  • customizing filters
  • customize detection threshold (sensitivity of IDS in detection)
At present, WAIDS is able to detect the following wireless attacks and will subsequently add other detection found in the previous WIDS.
  • Association / Authentication flooding
  • Detect mass deauthentication which may indicate a possible WPA attack for handshake
  • Detect possible WEP attack using the ARP request replay method
  • Detect possible WEP attack using chopchop method
  • Detect possible WPS pin bruteforce attack by Reaver, Bully, etc.
  • Detection of Evil-Twin
  • Detection of Rogue Access Point
Source:: http://n0where.net/waidps-wireless-auditing-ipsids/


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Feb 11, 2015

Howto: Fix "sudo: Sorry, you must have a tty to run sudo Error on a Linux and Unix"

if you try some command such as "ssh user@target sudo command /path/to/file" and it's return error
"sudo: Sorry, you must have a tty to run sudo Error on a Linux and Unix"
or
"sudo: no tty present and no askpass program specified"

you can solve this problem with -t option

ssh -t hostname sudo command
ssh -t user@hostname sudo command
ssh -t user@hostname sudo command /path/to/file

Or

you can resolve this problem with edit /etc/sudoers
#Defaults    requiretty 

Source:: http://www.cyberciti.biz/faq/linux-unix-bsd-sudo-sorry-you-must-haveattytorun/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: PuTTY Extractor

PuTTY Extractor is a simple script that extracts your PuTTY config for SSH & Telnet and parses it out as connection strings for linux/unix/osx command lines.

I put this together in an evening so it's not feature rich. I personally didn't require this tool but thought it might be a nice learning experience.
My main intention was to use the output of the tool to create aliases or port over my sessions to another operating system. It is also helpful at showing where all your keys are if you're untidy like me and spread them all over your system.

Source:: https://github.com/NullMode/PuTTYExtractor



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: Configure SFTP(SSH Settings) and SELinux Settings

1. Configure SSHD Configure
Match Group sftponly
           ForceCommand internal-sftp
           ChrootDirectory %h

2. Restart SSHD
# systemctl restart sshd.service

3. Add User
# useradd -M -g sftponly sftponlyuser

4. Configure Chroot folder of sftponlyuser
# mkdir -p /home/sftponlyuser/upload
# chown sftponlyuser: /home/sftponlyuser/upload
# restorecon -R -v /home/sftponlyuser

5. Setting SELinux
setsebool -P ssh_chroot_rw_homedirs on 

*** If still denied, try set this policy "ssh_chroot_full_access"
setsebool -P ssh_chroot_full_access on

Source:: 
- http://bachradsusi.livejournal.com/2239.html 
- http://serverfault.com/questions/581323/sftp-gives-permission-denied-only-when-chrooted

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: WPA2-HalfHandshake-Crack

Conventional WPA2 attacks work by listening for a handshake between client and Access Point. This full fourway handshake is then used in a dictonary attack. This tool is a Proof of Concept to show it is not necessary to have the Access Point present. A person can simply listen for WPA2 probes from any client withen range, and then throw up an Access Point with that SSID. Though the authentication will fail, there is enough information in the failed handshake to run a dictionary attack against the failed handshake.  

Source:: https://github.com/dxa4481/WPA2-HalfHandshake-Crack


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: INFERNAL WIRELESS

This is the tool created to automate Evil Twin attack and capturing public and guest credentials of Access Point
What this tool will do ?
  1. Set up monitoring interface
  2. Set up DB
  3. Scan wireless network in the range
  4. Connect to the network selected SSID
  5. Obtain login page of authentication
  6. Modify the login page with attacker controlled php script to obtain the credentials
  7. Set up Apache Server and serve fake login page
  8. Give a victim an IP
  9. Set up NAT table
  10. Dump the traffic
Note:
This tool might need modifactions and contributions are welcome.


Source::  https://github.com/entropy1337/infernal-twin


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Feb 10, 2015

Kali Linux 1.1.0

Upgrade to latest version
# apt-get update
# apt-get dist-upgrade


New: 
  • The new release runs a 3.18 kernel, patched for wireless injection attacks.
  • Our ISO build systems are now running off live-build 4.x.
  • Improved wireless driver support, due to both kernel and firmware upgrades.
  • NVIDIA Optimus hardware support.
  • Updated virtualbox-tool, openvm-tools and vmware-tools packages and instructions.
  • A whole bunch of fixes and updates from our bug-tracker changelog.
  • And most importantly, we changed grub screens and wallpapers!
Source:: https://www.kali.org/news/kali-linux-1-1-0-released/



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Feb 9, 2015

Tools: SSLH - Using SSL and SSH in the same port

sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.
Applicative Protocol Multiplexer
- share SSH and HTTPS on the same port -
Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow


Source:: http://getprismatic.com/story/1423268171328?share=MTQ2MjE1.MTQyMzI2ODE3MTMyOA.ltQcDykuKzjjAUFAkibkyNNrYIE

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Feb 8, 2015

Tools: OS Fingerprint Obfuscation for modern Linux Kernels

OS Fingerprint Obfuscation for modern Linux Kernels.
Author: Anton Hinterleitner is111012@fhstp.ac.at
Description: Fools the probes of nmap scanner
Prerequisites:
  • Linux
  • Python 2.6+
  • python-nfqueue (apt-get install python-nfqueue)
  • scapy (pip install -r requirements.txt)
 
 Source:: https://github.com/glastopf/oschameleon


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: packETH Ethernet Packet Generator

packETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful and supports many adjustments of parameters while sending sequence of packets. And lastly, it has the most beautiful web site of all the packet generators.

  • You can create and send any ethernet packet. The Following protocols are currently supported:
    • ethernet II, ethernet 802.3, 802.1q, QinQ, user defined ethernet frame
    • ARP, IPv4, IPv6, user defined network layer payload
    • UDP, TCP, ICMP, ICMPv6, IGMP, user defined transport layer payload
    • RTP (payload with options to send sin wave of any frequency for G.711)
    • JUMBO frames (if network driver supports it)
  • Sending sequence of packets
    • delay between packets, number of packets to send
    • sending with max speed, approaching the theoretical boundary
    • change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)
  • Saving configuration to a file and load from it – pcap format supported


Source:: http://n0where.net/packeth-ethernet-packet-generator/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.