XSS! Burp intruder preset list. [alert and prompt]

Friday, June 29, 2012 Posted by Unknown 0 comments
Cross-Site-Scripting preset list for Burp suite.

Download the file. http://pastie.org/4160616 you can just save it as a .txt file and load it in the intruder as a preset file. File includes Alert and Prompt. Prompt helps when Alert has been filtered.

If you don't know how to use Burp here is a pretty good tutorial


Labels:

Cracking Time Warner Cable Default WPA

Tuesday, June 26, 2012 Posted by Unknown 0 comments
In the Texas area I have noticed that all Time Warner Cable wireless access points are setup with the home owners home phone number. 


When I say all I really mean the 3 I have ran across but close enough for me. 


Using http://www.telcodata.us/ collected data for all phone numbers in Texas that belong to Time Warner. Cleaned the file up using a quick and dirty python program. TimeWarnerNum.dict 


First you need to collect the 4-way handshake.


Using oclHashCat-Plus to crack the WPA1/2 password. This is optimized for my AMD graphics card you can change the settings for your card. 


./oclHashcat-plus -m 2500 capture.hccap -a 6 -o TimeWarnerNum.dict ?d?d?d?d --output-format=6 --gpu-accel=32 --gpu-loops=256 --perm-min=10 --perm-max=10


This will append every possible digit to all the numbers Time Warner own. Because they own subset numbers like 972-966-7 if you don't set the min and max to 10 you will create 11 digit numbers.
Labels: , ,

HACKING WPA w/ PYRIT

Monday, June 25, 2012 Posted by Unknown 0 comments
Getting Pyrit to work with OpenCL and posgreSQL database. On Kubuntu 12.04 With a AMD Radon HD 7950 card.


You have to install AMD catalysis drivers and the AMD SDK. Make sure you install whatever one is older first then the newer one so you don't corrupt your install. This will change as they update the catalysis drivers and the SDK at different times. 


Go AMD and download and install the drivers for your card. here  
This page will help you install your drivers. here


Restart after install.


Download the latest SDK. here
This page will help you install your SDK. here


Restart after install.


name@box$: env


Check and make sure you have the following:


AMDAPPSDKROOT =/opt/AMDAPP/
LD_LIBRARY_PATH=/opt/AMDAPP/lib


Make sure everything is running correctly and the protocol is running by:
This has to be ran as a normal user. Application doesn't work as root.
name@box$: fglrxinfo




Some decencies that I ran into. This list my not be complete. 

apt-get install cmake libroot-python-dev libboost1.40-all-dev subversion libpcap-dev libssl-dev python-dev zlib1g-dev python-scapy libpcap0.8-dev libpq-dev 


install easy_install fuction. Follow the steps here
Now you can run:


name@box$: sudo easy_install SQLAlchemy
name@box$: sudo easy_install psycopg2



Now we are ready to install pyrit.


name@box$: wget https://pyrit.googlecode.com/files/pyrit-0.4.0.tar.gz
name@box$: wget https://pyrit.googlecode.com/files/cpyrit-opencl-0.4.0.tar.gz


name@box$ tar xvzf pyrit-0.4.0.tar.gz
name@box$ tar xvzf cpyrit-opencl-0.4.0.tar.gz


name@box$ cd pyrit-0.4.0
name@box$ sudo python setup.py build
name@box$ sudo python setup.py install


name@box$ cd ../cpyrit-opencl-0.4.0
name@box$ nano setup.py


You need to edit the setup.py file to match the below:




LIBRARIES.append('OpenCL') 
try: if os.path.exists(os.environ['AMDAPPSDKROOT']): OPENCL_INC_DIRS.append(os.path.join(os.environ['AMDAPPSDKROOT'], 'include')) 
    for path in ('lib/x86_64','lib/x86'): 
         if       os.path.exists(os.path.join(os.environ['AMDAPPSDKROOT'], path)):  OPENCL_LIB_DIRS.append(os.path.join(os.environ['AMDAPPSDKROOT'], path)) break except: pass for path in ('/opt/AMDAPP/include', \ '/opt/AMDAPP/include/CL'):


ctrl+o to save
ctrl+x to exit


name@box$ sudo python setup.py build
name@box$ sudo python setup.py install




install postgresql 9 from website
install pgadmin3 from ubuntu software center.


Setup new user and database. 
User:2wire 
password: putitinme  
Database: 2wireDB


To have pyrit connect to your database do the following
name@box$ pyrit -u postgresql://2wire:putitinme@127.0.0.1/2wireDB [pyrit command]


Now if you don't want to type out all that non-sense each time edit the following file:


name@box$ nano ~./pyrit/config


Change where it says file:// to read postgresql://2wire:putitinme@127.0.0.1/2wireDB


Ctrl+o to save
Ctrl+x to exit


now you can simply run pyrit


name@box$ pyrit [pyrit command]


Now it will automatically connect to the database. 


Might have left out a few steps if you run across this page and need some help feel free to hit me up. I know pages just like this helped me install pyrit.

Labels: , , , , ,

Speed Test Linux CLI

Friday, June 8, 2012 Posted by Unknown 0 comments
Quick way to get a decent speed test on the command line.








#!/bin/bash
curl -o /dev/null http://download.thinkbroadband.com/1GB.zip
Labels:

Silly Seedboxes

Tuesday, June 5, 2012 Posted by Unknown 0 comments

Just got a seedbox. snooped around a little. Make sure everything was setup right before I started to use it.

Noticed that in the /tmp/ directory it was storing all the .torrent files. cat a few of them sure enough peoples hashes from all the users on that box. It was a problem in deluge.

file: json_api.py
Line: tmp_file = os.path.join(tempfile.gettempdir(), url.split("/")[-1])


Patch submitted by admin I brought it up to:http://dev.deluge-torrent.org/attachment/ticket/2112/json_api_patch.diff
http://dev.deluge-torrent.org/ticket/2112

This is bad because you are not spouse to leak your hash to other people. You can download files under the other persons ID. It can also create lots of other problems I wont get into.

Labels:

cmyip

Posted by Unknown 0 comments
EDIT: They changed the way the numbers are encoded. See updated post: http://blog.init6.me/2012/11/update-cmyip.html


Just a little script that will echo back your current public IP address. Nice for when you are on a terminal and don't want to fire off any text browsers. etc.

#!/bin/bash
ip_addr=`curl -s http://cmyip.com | grep -o -E '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}'`
echo $ip_addr

Labels:
Subscribe to: Posts (Atom)