Friday, February 24, 2017

scapy traceroute



Traceroute often used to discover path to destination when packets hops from router to router.  It sends a short live packet out and then waits for ICMP response. Repeating and incrementing TTL each time until a destination is reached.

Traceroute comes in different flavours :

a) Tcp trace route - Is becoming more popular because TCP are not block by network administrator. Sometimes when UDP used, it ends up to firewall and stops there. If TCP is used, it would make a step further.

b) Intrace - Still reading up on this.

c) Traceroute - normally traceroute uses UDP on Linux and ICMP on Windows.








Thursday, February 23, 2017

Setting up Scapy for Python 3.


Please note : I tried installing it on Windows 10 but I'm getting library exceptions being reported. So I installed it on Docker Ubuntu instead.

Scapy all Pen tester to easily create their own tools for network analysis.

Please download Scapy from here.  Please note : This requires Python3.

There are some setup instruction which allows you to manually install or through pip.

If you're sitting behind the firewall, you might get need to run the following commands :-

'python setup.py install'

That's probably it. But if you encounter issue like 'unable to find wpcap.dll', just http://www.winpcap.org/ and install winpcap.exe

Fire up python from command prompt and issue the following command to test your installation.

from scapy.all import *

send(IP(dst='www.google.com')/ICMP())


You can see that 1 packet is being sent out.




Powersploit - Metasploit in Powershell


If you ever decide to try Powersploit , chances are your antivirus will automatically remove those files. :(

But if you decide to proceed (by disabling your AntiVirus - at your own risk) then just copy the entire folder in your Powershell installation module, which could be something like this :-

C:\Program Files (x86)\WindowsPowerShell\Modules

To get started with it, following instruction in README.MD in each subfolders.
For example, if you're going to try out Recon modules,  follow instruction here.

Wednesday, February 22, 2017

Empire Powershell Installation


Stumble upon a project called Empire Powershell. It is like a Metasploit that targets system running Powershell. I am not sure why i think it can run on Windows. So you guess it, I tried install it on Windows and it failed. Lots of question mark at this point.

A bit of Googling, finally I got it installed on my Linux box. Hurray!

It's pretty easy to setup. Just run install.sh on a folder called setup. After that, run Empire.

Now i can build my empire and kick start my evil plan to dominate the powershell world





Some thoughts on PHP Object injection


I was reading PHP Object injection coming from Security Cafe . While I do think it works but I don't think anyone would be writing code like that - codes that allows users to pass what object to serialized

Take for me is, understand how the underlying system work and lock down features that is insecure accessible to users..




Monday, February 20, 2017

application of fibonacci number


As we all know fibonacci number goes something like this,

1,1,2,3,5,8,13,21,34 ...blah blah blah.

One of the area of application is convert km to miles and vice versa. If you want to

a) km to miles = read from left to right
b) miles to km = read from right to left

It work except for 1. :) Cuz 1 miles is 0.6 km. Close enuff tho if we apply rounding rules.

Wednesday, February 15, 2017

python loop through subdirectories


Probably one of the weirdest python code i have ever seen to loop through files in a directory. But i think its pretty efficient.


for subdir, dirs, files in os.walk("."):
    for file in files:
        print os.path.join(subdir, file)


-Yay! prints all the files in a directory.

Sunday, February 12, 2017

ionic framework image assets location

Where is the location of image asset in Ionic Framework?
Answer  :  www\images

This where you should place your images assets

Tuesday, February 07, 2017

Task scheduler : Executing powershell script from a specific folder


Say you have a powershell scripts that reference other .net assemblies in a folder and you need to have a task scheduler to run it, you might run into "unable to find reference type" error. 

The solution is really simple, basically run powershell, change directory to the folder and execute your script. 

Here is a quick way to do it via a windows batch file and you probably have something like this setup. 




And then here comes the scripts. What this scripts does is, start powershell, use push-location to change directory and then execute your script. Noticed I added a "-noexit" flag to stop powershell to close execution window.