Skip to main content

Posts

Showing posts from February, 2017

setting up laravel in windows

Please make sure you have php5 and composer installed.  It's best you install it under C:\php directory because most settings assume that we follow this.

Next run the following command,
composer globalrequire"laravel/installer"
If you encounter error saying that you are using an insecure connection, then issue the following command from command prompt.

composer config -g secure-http false

Next you need to create a laravel application by using the following statement. Here we just created an app called 'blog'
laravel newblog Please change directory into blog and issue the following command
composer install Many text will say that you will be able to run from the local development server....well that's not the case. Issue the following command first, You need to make sure you have enabled extension :- openssl and mbstrings. Open up your php.ini file and look under the section 'extensions' and begin to modify it. Otherwise this won't work.  
copy .env.…

Playing with PHP

I was having a go at some of the feature of PHP especially around class, traits, interface and properties. Some take aways are :-

a) php don't support multiple returns

b) php support single inheritance (extends) and multiple interface (implements) - that's pretty straight forward

c) php traits are quick way to add feature and functionality. Haven't tested with unit testing yet which can be pretty interesting. Not forgetting multiple traits can be used.

d) autonomous class loading - looked at it but not sure what it brings


scapy traceroute

Traceroute often used to discover path to destination when packets hops from router to router.  It sends a short live packet out and then waits for ICMP response. Repeating and incrementing TTL each time until a destination is reached.

Traceroute comes in different flavours :

a) Tcp trace route - Is becoming more popular because TCP are not block by network administrator. Sometimes when UDP used, it ends up to firewall and stops there. If TCP is used, it would make a step further.

b) Intrace - Still reading up on this.

c) Traceroute - normally traceroute uses UDP on Linux and ICMP on Windows.








Setting up Scapy for Python 3.

Please note : I tried installing it on Windows 10 but I'm getting library exceptions being reported. So I installed it on Docker Ubuntu instead.

Scapy all Pen tester to easily create their own tools for network analysis.

Please download Scapy from here.  Please note : This requires Python3.

There are some setup instruction which allows you to manually install or through pip.

If you're sitting behind the firewall, you might get need to run the following commands :-

'python setup.py install'

That's probably it. But if you encounter issue like 'unable to find wpcap.dll', just http://www.winpcap.org/ and install winpcap.exe

Fire up python from command prompt and issue the following command to test your installation.

from scapy.all import *

send(IP(dst='www.google.com')/ICMP())


You can see that 1 packet is being sent out.




Powersploit - Metasploit in Powershell

If you ever decide to try Powersploit , chances are your antivirus will automatically remove those files. :(

But if you decide to proceed (by disabling your AntiVirus - at your own risk) then just copy the entire folder in your Powershell installation module, which could be something like this :-

C:\Program Files (x86)\WindowsPowerShell\Modules

To get started with it, following instruction in README.MD in each subfolders.
For example, if you're going to try out Recon modules,  follow instruction here.

Empire Powershell Installation

Stumble upon a project called Empire Powershell. It is like a Metasploit that targets system running Powershell. I am not sure why i think it can run on Windows. So you guess it, I tried install it on Windows and it failed. Lots of question mark at this point.

A bit of Googling, finally I got it installed on my Linux box. Hurray!

It's pretty easy to setup. Just run install.sh on a folder called setup. After that, run Empire.

Now i can build my empire and kick start my evil plan to dominate the powershell world





application of fibonacci number

As we all know fibonacci number goes something like this,

1,1,2,3,5,8,13,21,34 ...blah blah blah.

One of the area of application is convert km to miles and vice versa. If you want to

a) km to miles = read from left to right
b) miles to km = read from right to left

It work except for 1. :) Cuz 1 miles is 0.6 km. Close enuff tho if we apply rounding rules.

python loop through subdirectories

Probably one of the weirdest python code i have ever seen to loop through files in a directory. But i think its pretty efficient.


for subdir, dirs, files in os.walk("."):
    for file in files:
        print os.path.join(subdir, file)


-Yay! prints all the files in a directory.

Task scheduler : Executing powershell script from a specific folder

Say you have a powershell scripts that reference other .net assemblies in a folder and you need to have a task scheduler to run it, you might run into "unable to find reference type" error. 
The solution is really simple, basically run powershell, change directory to the folder and execute your script. 
Here is a quick way to do it via a windows batch file and you probably have something like this setup. 



And then here comes the scripts. What this scripts does is, start powershell, use push-location to change directory and then execute your script. Noticed I added a "-noexit" flag to stop powershell to close execution window.





activemq - buggy and causes strange behaviour

I guess ActiveMq is a pretty famous but it is also buggy. I have issues like messages not being return entirely. I don't know where the messages went. If i tries to do a second read (using QueryBrowser), I get those messages again.

If you load balance it, you need to be reading it off 2 different ports and DO NOT expect messages to be return ordered by timestamps.

More challenges that other people have experienced before :-

http://stackoverflow.com/questions/19262898/why-activemq-receiver-class-can-not-receive-all-the-message-from-sender-class