linux – vane (a fork of wpscan)

Source
Vane is a GPL fork of the now non-free popular wordpress vulnerability scanner WPScan.

Prerequisites

  • Windows not supported
  • Ruby => 1.9
  • RubyGems
  • Git

Installing on Debian/Ubuntu

sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev
git clone https://github.com/delvelabs/vane.git
cd vane
sudo gem install bundler && bundle install --without test development

Continue reading linux – vane (a fork of wpscan)

FacebookTwitterGoogle+Share

linux – file commands

 diff <file1> <file2> compare files
 rm -rf <dir> force delete of <dir>
 touch -r <ref_file> <file> matches timestamp <file> to <ref_file>
 touch -t <YYYYMMDDHHSS> <file> set <file> timestamp
 sudo fdisk -i list connected drives
 file <file> determine file type info
 mount /dev/sda# /mnt/usbdrive mount usb drive
 echo -n “<string>” | md5sum generate md5 hash for <string>
 md5sum -t <file> generate md5 hash for <file>
 echo -n “<string>” | sha1sum generate sha1 hash for <string>
 sha1sum <file> generate sha1 hash for <file>
 sort -u <file> sort unique lines in <file>
 grep -c “<string>” <file> count lines with <string> in <file>
 shred -f -u <file>overwrite / delete files
 dos2unix <file> convert <file> to unix format
 find -iname “*<string>*” find files with <string> in the filename
 find / -perm -4000 -o -perm -2000 find suid and gid files
 split -b <size> <file> split <file> in <size> blocks
 awk ‘sub(“$”, “\r”)’ <file_input> > <file_output> convert <file_input> to windows format
 dd skip=1000 count=2000 bs=8 if=<file> of=<file> cut block 1K-3K from <file>
 chattr <+/->i <file> set / unset immutable bit
tail -f * find modified files in current dir
FacebookTwitterGoogle+Share

windows – autolock your system with your phone

download
Download btprox from the sourceforge website and start the installer.

Btprox setup screen 1
Btprox setup screen 1

You can keep the original destination folder and click on Install and close it when it is finished.
Now pair your phone with your laptop by bluetooth. You can do this by rightclicking on the bluetooth icon Bluetooth iconand clicking on add a bluetooth device.  Now select your phone (You have to enable bluetooth and make your phone visible first)

Nexus 5 bluetooth pair
Nexus 5 bluetooth pair

After this we start the btproxy.exe from the C:\Program Files (x86)\BtProx folder

Btprox screen
Btprox screen

Select your phone at Used device

Select BT device
Select BT device

Now you can add the lock command in the Lock command box. The command to lock your system is: rundll32.exe user32.dll,LockWorkStation

Btprox with lock command
Btprox with lock command

Now press Start and your all set.
When you reboot the system BTprox will autostart.

FacebookTwitterGoogle+Share

windows – redirect to smb vulnerability

source and the whitepaper
Redirect to SMB is a way for attackers to steal valuable user credentials by hijacking communications with legitimate web servers via man-in-the-middle attacks and then sending them to malicious SMB servers that logs the  victim’s username, domain and hashed password.

source: VU#672268
Many software products use HTTP requests for various features such as software update checking. A malicious user can intercept such requests (such as with a MITM proxy) and use HTTP Redirect to redirect the victim a malicious SMB server. If the redirect is a file:// URL and the victim is running Microsoft Windows, Windows will automatically attempt to authenticate to the malicious SMB server by providing the victim’s user credentials to the server. These credentials can then be logged by the malicious server. The credentials are encrypted, but may be “brute-forced” to break the encryption.

The following Windows API functions (available via urlmon.dll) have been identified as being affected:

  • URLDownloadA
  • URLDownloadW
  • URLDownloadToCacheFileA
  • URLDownloadToCacheFileW
  • URLDownloadToFileA
  • URLDownloadToFileW
  • URLOpenStream
  • URLOpenBlockingStream

urlmon uses the wininet library for processing, therefore the affected functionality may be contained within wininet; it is currently not clear where the vulnerability lies. Internet Explorer and the WebBrowser component of .NET have also be reported vulnerable to this SMB redirection.

FacebookTwitterGoogle+Share