Saturday, June 20, 2015

Interesting Projects

I'm keeping the list of tools as online bookmark here -

The list will grow from time to time so that I don't need to spawn another post.

Cheers ;)

The Regex Goodies

I came across this post and thinking it's very useful information. A lot of teaching points for people who love regular expression.

Enjoy the read, cheers ;)

Friday, June 19, 2015

Oniguruma Regular Expression

For the regex geeks -

Good reference!

Friday, June 12, 2015

Acrobat JavaScript API Reference

This is very complete reference from Acrobat and keep it for good when comes to analyse PDF file if javascript is embedded.

Cheers (;])

Friday, April 25, 2014

PPP Reference

I found this when wandering around the Internet, and think it's good to share out for packet monkeys, this is very good reference document for anyone who want to learn about point-to-point protocol, very straightforward indeed -

Check it out if you are interested.

Wednesday, April 23, 2014

Argus 3: Debug & Testing

If you are testing argus 3, the best way is always compile argus source with debug mode on -

Argus -
shell>tar xvzf argus-3.0.5.tar.gz
shell>cd argus-
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argus-
shell>sudo make && make install

Argus Clients -
shell>tar xvzf argus-clients-
shell>cd argus-clients-
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argusc-
shell>sudo make && make install

If argus or its client suite fails to run or behaves wrongly, you can just run them with -D 1-5 depending on the debug information you want. I'm just writing this as note to myself and hopefully it helps others who are using argus as well.

Cheers ;]

Sunday, April 20, 2014

Ubuntu Linux: Argus 3 Installation

If you want to test the latest version of argus with all the features enabled on Ubuntu Linux, here's the fastest way, just follow the steps below -

I use stow to manage argus source -

shell>sudo apt-get install stow
shell>mkdir /usr/local/stow

Install mysql server -

shell>sudo apt-get install mysql-server

Install software dependencies for argus clients -

shell>sudo apt-get install flex bison libpcap-dev libmysqlclient-dev libncurses5-dev libreadline-dev libgeoip-dev libpcre3-dev

Now download argus and its client suite -


Install argus -

shell>tar xvzf argus-
shell>cd argus-
shell>./configure --prefix=/usr/local/stow/argus-
shell>sudo make && make install

Install argus client -

shell>tar xvzf argus-clients-
shell>cd argus-clients-
shell>./configure --with-libpcre --prefix=/usr/local/stow/argusc-
shell>sudo make && make install

Now you can use stow to link them to default PATH(/usr/local/sbin and /usr/local/bin) so that you don't need to define full path when running argus -

shell>cd /usr/local/stow
shell>sudo stow argus-
shell>sudo stow argusc-

Done and you can start testing argus for fun!

Tuesday, April 08, 2014

Kali/Backbox Linux: Alfa AWUS036H

After migrating from Backtrack to Kali Linux, I encountered problem with WLAN cracking using Alfa awus036h wireless adapter. The initial probem was

shell>airodump-ng wlan0
ioctl(SIOCSIWMODE) failed: Device or resource busy

ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead.  Make
sure RFMON is enabled: run 'airmon-ng start wlan0 <#>'
Sysfs injection support was not found either.

So it states that I should run airmon-ng -

shell>airmon-ng start wlan0
airmon-ng start wlan0

Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
PID    Name
2625    dhclient
2722    NetworkManager
2971    wpa_supplicant

Interface    Chipset        Driver

mon0        Realtek RTL8187L    rtl8187 - [phy0]
wlan0        Realtek RTL8187L    rtl8187 - [phy0]
                (monitor mode enabled on mon0)

We used to be able to run airodump-ng on wlan0 if we are using Backtrack, however it's not the case here, what you need to do is running airodump-ng on mon0 pseudo interface instead -

shell>airodump-ng mon0

Now everything looks good, however there's minor bug that shows the channel -1, to get everything running smoothly without the error, I run the following command instead -

shell>airodump-ng --ignore-negative-one mon0

Now you can perform the wlan cracking routine(aireplay-ng,aircrack-ng to do packet injection and cracking), but remember to run the aircrack-ng suite with argument --ignore-negative-one and everything will be fine.

Cheers (;])

p/s: If you are using another Linux distribution - Backbox, the same applies to it as well.