I'm keeping the list of tools as online bookmark here -
https://github.com/automayt/FlowPlotter
http://threatstream.github.io/mhn/
https://github.com/stratosphereips/StratosphereTestingFramework
The list will grow from time to time so that I don't need to spawn another post.
Cheers ;)
Saturday, June 20, 2015
The Regex Goodies
I came across this post and thinking it's very useful information. A lot of teaching points for people who love regular expression.
https://www.loggly.com/blog/regexes-the-bad-better-best/
Enjoy the read, cheers ;)
https://www.loggly.com/blog/regexes-the-bad-better-best/
Enjoy the read, cheers ;)
Friday, June 19, 2015
Oniguruma Regular Expression
For the regex geeks -
http://www.geocities.jp/kosako3/oniguruma/doc/RE.txt
Good reference!
http://www.geocities.jp/kosako3/oniguruma/doc/RE.txt
Good reference!
Friday, June 12, 2015
Acrobat JavaScript API Reference
This is very complete reference from Acrobat and keep it for good when comes to analyse PDF file if javascript is embedded.
http://www.adobe.com/content/dam/Adobe/en/devnet/acrobat/pdfs/js_api_reference.pdf
Cheers (;])
http://www.adobe.com/content/dam/Adobe/en/devnet/acrobat/pdfs/js_api_reference.pdf
Cheers (;])
Friday, April 25, 2014
PPP Reference
I found this when wandering around the Internet, and think it's good to share out for packet monkeys, this is very good reference document for anyone who want to learn about point-to-point protocol, very straightforward indeed -
http://www.eit.lth.se/ppplab/PPPdocs/ppp-quick-ref.pdf
Check it out if you are interested.
http://www.eit.lth.se/ppplab/PPPdocs/ppp-quick-ref.pdf
Check it out if you are interested.
Wednesday, April 23, 2014
Argus 3: Debug & Testing
If you are testing argus 3, the best way is always compile argus source with debug mode on -
Argus -
shell>tar xvzf argus-3.0.5.tar.gz
shell>cd argus-3.0.7.5
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Argus Clients -
shell>tar xvzf argus-clients-3.0.7.25.tar.gz
shell>cd argus-clients-3.0.7.25
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argusc-3.0.7.25
shell>sudo make && make install
If argus or its client suite fails to run or behaves wrongly, you can just run them with -D 1-5 depending on the debug information you want. I'm just writing this as note to myself and hopefully it helps others who are using argus as well.
Cheers ;]
Argus -
shell>tar xvzf argus-3.0.5.tar.gz
shell>cd argus-3.0.7.5
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Argus Clients -
shell>tar xvzf argus-clients-3.0.7.25.tar.gz
shell>cd argus-clients-3.0.7.25
shell>touch .devel .debug
shell>./configure --prefix=/usr/local/stow/argusc-3.0.7.25
shell>sudo make && make install
If argus or its client suite fails to run or behaves wrongly, you can just run them with -D 1-5 depending on the debug information you want. I'm just writing this as note to myself and hopefully it helps others who are using argus as well.
Cheers ;]
Sunday, April 20, 2014
Ubuntu Linux: Argus 3 Installation
If you want to test the latest version of argus with all the features enabled on Ubuntu Linux, here's the fastest way, just follow the steps below -
I use stow to manage argus source -
shell>sudo apt-get install stow
shell>mkdir /usr/local/stow
Install mysql server -
shell>sudo apt-get install mysql-server
Install software dependencies for argus clients -
shell>sudo apt-get install flex bison libpcap-dev libmysqlclient-dev libncurses5-dev libreadline-dev libgeoip-dev libpcre3-dev
Now download argus and its client suite -
shell>wget http://qosient.com/argus/dev/argus-3.0.7.5.tar.gz
shell>wget http://qosient.com/argus/dev/argus-clients-3.0.7.23.tar.gz
Install argus -
shell>tar xvzf argus-3.0.7.5.tar.gz
shell>cd argus-3.0.7.5
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Install argus client -
shell>tar xvzf argus-clients-3.0.7.23.tar.gz
shell>cd argus-clients-3.0.7.23
shell>./configure --with-libpcre --prefix=/usr/local/stow/argusc-3.0.7.23
shell>sudo make && make install
Now you can use stow to link them to default PATH(/usr/local/sbin and /usr/local/bin) so that you don't need to define full path when running argus -
shell>cd /usr/local/stow
shell>sudo stow argus-3.0.7.5
shell>sudo stow argusc-3.0.7.23
Done and you can start testing argus for fun!
I use stow to manage argus source -
shell>sudo apt-get install stow
shell>mkdir /usr/local/stow
Install mysql server -
shell>sudo apt-get install mysql-server
Install software dependencies for argus clients -
shell>sudo apt-get install flex bison libpcap-dev libmysqlclient-dev libncurses5-dev libreadline-dev libgeoip-dev libpcre3-dev
Now download argus and its client suite -
shell>wget http://qosient.com/argus/dev/argus-3.0.7.5.tar.gz
shell>wget http://qosient.com/argus/dev/argus-clients-3.0.7.23.tar.gz
Install argus -
shell>tar xvzf argus-3.0.7.5.tar.gz
shell>cd argus-3.0.7.5
shell>./configure --prefix=/usr/local/stow/argus-3.0.7.5
shell>sudo make && make install
Install argus client -
shell>tar xvzf argus-clients-3.0.7.23.tar.gz
shell>cd argus-clients-3.0.7.23
shell>./configure --with-libpcre --prefix=/usr/local/stow/argusc-3.0.7.23
shell>sudo make && make install
Now you can use stow to link them to default PATH(/usr/local/sbin and /usr/local/bin) so that you don't need to define full path when running argus -
shell>cd /usr/local/stow
shell>sudo stow argus-3.0.7.5
shell>sudo stow argusc-3.0.7.23
Done and you can start testing argus for fun!
Tuesday, April 08, 2014
Kali/Backbox Linux: Alfa AWUS036H
After migrating from Backtrack to Kali Linux, I encountered problem with WLAN cracking using Alfa awus036h wireless adapter. The initial probem was
shell>airodump-ng wlan0
ioctl(SIOCSIWMODE) failed: Device or resource busy
ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
sure RFMON is enabled: run 'airmon-ng start wlan0 <#>'
Sysfs injection support was not found either.
So it states that I should run airmon-ng -
shell>airmon-ng start wlan0
airmon-ng start wlan0
Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
2625 dhclient
2722 NetworkManager
2971 wpa_supplicant
Interface Chipset Driver
mon0 Realtek RTL8187L rtl8187 - [phy0]
wlan0 Realtek RTL8187L rtl8187 - [phy0]
(monitor mode enabled on mon0)
We used to be able to run airodump-ng on wlan0 if we are using Backtrack, however it's not the case here, what you need to do is running airodump-ng on mon0 pseudo interface instead -
shell>airodump-ng mon0
Now everything looks good, however there's minor bug that shows the channel -1, to get everything running smoothly without the error, I run the following command instead -
shell>airodump-ng --ignore-negative-one mon0
Now you can perform the wlan cracking routine(aireplay-ng,aircrack-ng to do packet injection and cracking), but remember to run the aircrack-ng suite with argument --ignore-negative-one and everything will be fine.
Cheers (;])
p/s: If you are using another Linux distribution - Backbox, the same applies to it as well.
shell>airodump-ng wlan0
ioctl(SIOCSIWMODE) failed: Device or resource busy
ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
sure RFMON is enabled: run 'airmon-ng start wlan0 <#>'
Sysfs injection support was not found either.
So it states that I should run airmon-ng -
shell>airmon-ng start wlan0
airmon-ng start wlan0
Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
2625 dhclient
2722 NetworkManager
2971 wpa_supplicant
Interface Chipset Driver
mon0 Realtek RTL8187L rtl8187 - [phy0]
wlan0 Realtek RTL8187L rtl8187 - [phy0]
(monitor mode enabled on mon0)
We used to be able to run airodump-ng on wlan0 if we are using Backtrack, however it's not the case here, what you need to do is running airodump-ng on mon0 pseudo interface instead -
shell>airodump-ng mon0
Now everything looks good, however there's minor bug that shows the channel -1, to get everything running smoothly without the error, I run the following command instead -
shell>airodump-ng --ignore-negative-one mon0
Now you can perform the wlan cracking routine(aireplay-ng,aircrack-ng to do packet injection and cracking), but remember to run the aircrack-ng suite with argument --ignore-negative-one and everything will be fine.
Cheers (;])
p/s: If you are using another Linux distribution - Backbox, the same applies to it as well.
Subscribe to:
Posts (Atom)