Tuesday 30 November 2010

Installing Evan's Debugger in Ubuntu

I needed a debugger(other than GDB) in my ubuntu and searched the net and came across the Evans Debugger. Though installation does not require much work, some of you might want some sort of article on installing it so here it is.

First, we will prepare our system by downloading the required dependencies(QT4 dev and boost dev libraries) and then we compile the debugger source archive we have previously downloaded from HERE.
Follow the steps as below to have the debugger installed on your system.

$ sudo apt-get install libqt4-dev libboost1.42-all-dev
$ tar zxvf debugger-0.9.16.tgz
$ cd debugger-0.9.16
$ qmake -makefile DEFAULT_PLUGIN_PATH="/usr/lib/edb/"
$ make
$ sudo make INSTALL_ROOT=/usr install

Now you can make the launcher or shortcut in the menu by giving the path for command as /usr/bin/edb. Hope this helps.


Tuesday 23 November 2010

Some useful linux commands

This page lists some of the useful linux commands you might need to be using frequently. This is however not the complete list of the commands, rather I'd try to post more and more useful linux commands here.

gksudo command/program - run the visual sudo and start the specified command/program with elevated privilege.

sudo command - run the command with elevated privilege.

ps -A | grep -i your_program_name - ps gives the snapshot of the current running processes and this can be quite useful to view the running program's PID to use with kill command.

kill pid - this will kill the target program by using PID. you might need to use sudo version sometimes if the running program was not run by the current user.

ifconfig - display the network interface information. iwconfig is the similar tool for the wireless device.

ufw enable/disable - enable or disable the firewall.

uname -a - get every information about your linux kernel.

sudo dpkg --configure -a - configure and repair the broken package.

I'll be updating this list with any commands I happen to remember.


Making movie from your pictures in ubuntu using PhotoFilmStrip

If you are in the need of creating the movie from your pictures in ubuntu, PhotoFilmStrip might be the perfect tool to use.

PhotoFilmStrip creates movies out of your pictures in just 3 steps. First select your photos, customize the motion path and render the video. There are several output possibilities for VCD, SVCD, DVD up to FULL-HD. This tool creates animated slideshows.

Get the DEB package from PhotoFilmStrip SourceForge

Thanks. :)


Monday 22 November 2010

Some hacking and security distribution to try

So you want to learn the art of hacking or you want to be in the professional pen-testing? or whatever related to information security. You can try some of the security and hacking distributions which I've listed as below:

Backtrack: It is the highest rated and acclaimed Linux security distribution to date. BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD, or using your favorite thumbdrive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester. So don't miss this one.
Site: www.backtrack-linux.org

NodeZero: It is Ubuntu based linux designed as a complete system which can also be used for penetration testing. NodeZero uses Ubuntu repositories so your system will be always up to date. The system setup is basic and it's primarly designed for disk installation and customization as you want. With NodeZero comes around 300 tools for penetration testing and set of basic services which are needed in penetration testing. Also they are preparing a repository of pentest tools so your system will be up to date at all time.
Site: www.netinfinity.org

DEFT Linux: DEFT Linux v6 is based on the new Kernel 2.6.35 (Linux side) and the DEFT Extra 2.1 (Computer Forensic GUI) with the best freeware Windows Computer Forensic tools. DEFT it’s a new concept of Computer Forensic live system that use LXDE as desktop environment and thunar file manager and mount manager as tool for device management. It is a very easy to use system that includes an excellent hardware detection and the best free and open source applications dedicated to incident response and computer forensics.
Site: www.deftlinux.net

Katana: Katana is a portable multi-boot security suite which brings together many of today's best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Abel, and many more.
Site: Katana Home

I'll update this post when I get to know more distros.


Sunday 21 November 2010

Enabling telnet in windows 7

AYesterday when I was on my saturday class in kathmandu, I needed to use telnet in order to find the ssh version of some server as the part of recon challenge for my friend. But I found that the windows 7 by default has no telnet client. After returning to KU, I played around with my friends laptop to find the way to enable telnet client.

Just go to the control panel and choose the programs and features option.
There, you'll find the option Turn Windows features on or off.
Check the telnet client and hit Ok.
Now you can use the telnet client in your windows 7. Have fun.


Nude.js - Nudity detection with javascript and HTMLCanvas

Today I came across an interesting page on nudity detection with javascript and HTMLCanvas. nude.js is an open source script that would be pretty useful for client side nudity detection for child filter and other social media platforms.

nude.js is a JavaScript implementation of a nudity scanner based on approaches from research papers. HTMLCanvas makes it possible to analyse image data and afterwards decide whether it should be displayed or not. The detection algorithm runs at the client, therefore it's possible (with user interaction) to display the image even if it's identified as nude (false positive).

you can download the nude.js from HERE.

For the demo, visit this page.


Friday 19 November 2010

Installing Damn Vulnerable Linux under virtualbox

I had some problems while installing Damn Vulnerable Linux under virtualbox so I thought I would share the process I did to instal the DVL with virtualbox. I won't be going into the details of what the DVL is, anyway.

First, with the .iso file or the DVD drive, boot with the live DVD of Damn Vulnerable Linux(DVL) and login as root. Now we will prepare partition using fdisk utility. Follow the steps as i describe below:

-> Type startx to start the GUI for DVL.

-> Under konsole, type fdisk /dev/hda. Replace hda with the appropriate disk like /dev/sda for you.

-> Now you'll get the following prompt:
command (m for help):
type the letter n and press enter.
then type the letter p to create a primary partition and type 1 again.
Then type a and then type 1 to make the partition bootable. Finally type w to write the partition table.

-> Now we will format the newly created partition by entering the following command:
mkfs.ext3 /dev/hda1 Replace with the proper device like hda2 or sda1...You might need to restart the VM sometimes before or maybe after doing this.

-> now we create the folders to mount our hdd and DVL iso.

mkdir /mnt/dvl/
mkdir /mnt/iso/

-> Next we mount the hard drive and iso as below:

mount /dev/hda1 /mnt/dvl/
mount /dev/hdc /mnt/iso/

-> The prepartion phase is over. Now lets start the backtrack installer from application menu(Be ReSlaxed > System > Backtrack Installer)

-> Now configure the installer as shown below:
Source(Backtrack CD): /mnt/iso/
Install BackTrack to: /mnt/dvl/
Write MBR to: /dev/hda
Installation Method: Real

Next click on install and wait for the installation and copying of the Damn Vulnerable Linux.

-> Finally enter the following commands in terminal:

chroot /mnt/dvl/ /bin/bash
lilo -v

Now remove the DVD/.iso file and you should have your DVL installed in your virtual machine.


Variations for exploiting the File Inclusion vulnerability

This post lists some of the ways that I've learnt to exploit the file inclusion vulnerability. I'm quite sure that there are much more variations and modifications to exploit file inclusion so if you have any, feel free to comment here.

Before going on this post, you might want to read my previous articles posted here before:
LFI tutorial
RFI tutorial
-> A sample vulnerable piece of code would be something like below: test.php

-> including file in the same directory

-> path traversal to include files in other directories

-> Nullbyte injection

-> Directory listing with nullbyte injection only for FreeBSD (afaik) and magic quotes off

-> PHP stream/wrappers inclusion

-> Path Truncation inclusion
test.php?page=../../../../../../etc/passwd.\.\.\.\.\.\.\.\.\.\.\ …

I'll update it more and more when I get to know other variations on exploiting the file inclusion vulnerabilities.


Updating|Upgrading ubuntu via terminal

While you might be mostly using the GUI update manager (System-> Administration-> Update Manager), you might also be interested to know how to update your ubuntu from the terminal.

Open your terminal and enter the following two lines of code and you'll be easily updating ubuntu from your terminal.

sudo apt-get update

sudo apt-get upgrade

Isn't that as easy as using the GUI update manager? Hope it helps.


Thursday 18 November 2010

Converting dynamic disk to basic with diskpart

For some reason I had to convert my virtual hard disk from dynamic to basic type and Disk management GUI didn't allow me to do so. So here I am going to show you how to accomplish this task with command line option with the diskpart.exe

First delete all the volumes in the disk from the disk management GUI tool(type diskmgmt.msc in run).

You'll have to follow the following steps in order to convert the disk type:
- type diskpart in the command prompt
- to view the available disk, type list disk
- now select your target disk, type select disk n where n = ID of the disk
- finally type convert basic to have your disk converted to the basic type.

Hope it will be useful sometimes.


Tuesday 9 November 2010

Speeding up softwares installation in ubuntu with apt-fast

By default, we use apt-get to install the applications in the linux but it is not always that good in terms of the speed of download. So apt-fast.sh has come as an open source alternative for this purpose.

The apt-fast script from mattparnell.com is a little shellscript that increases the speed of apt-get by many times. You need to have the axel download accelerator installed, which is a simple, short process, but everything else is extremely straight forward.

So, you'll have to first install the axel download accelerator either from the ubuntu software center or by doing as below:

sudo apt-get install axel

After installing axel, just download the apt-fast shellscript from HERE. After downloading the shellscript, just do the following and you are done.

sudo cp $HOME/Downloads/apt-fast.sh /usr/bin/apt-fast
sudo chmod +x /usr/bin/apt-fast

Now you can use apt-fast from the terminal to install and update the packages installed under your ubuntu installation. Hope this helps to improve your speed. :)


Changing the default GRUB2 boot order

In order to change the way GRUB works, you need to edit the GRUB configuration file which is located at /etc/default/grub. Here, I'll post the way to change the default boot order of the GRUB2.

In order to edit the GRUB configuration file, enter the following command in the terminal:

sudo gedit /etc/default/grub

Its content will look like below:
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.

GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`

# Uncomment to disable graphical terminal (grub-pc only)

# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'

# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux

# Uncomment to disable generation of recovery mode menu entries

# Uncomment to get a beep at grub start
#GRUB_INIT_TUNE="480 440 1"

You need to change the value of GRUB_DEFAULT=0 parameter in order to change the default boot order of the grub.

0 is the first and default entry so lets say another OS like Windows 7 is in the 5th position of the boot order, you would change the value of GRUB_DEFAULT=0 parameter to 4.

Now with the change in the GRUB, you need to update grub by issuing the following command in terminal:
sudo update-grub

Hope this helps you. :)


Monday 8 November 2010

Password protecting the mounting of NTFS drives in Ubuntu

You might want to password protect the mounting process of the NTFS drives in your ubuntu OS for the purpose of privacy...

Enabling password protection is not hard stuff enough. Just follow the following instructions for this:

- Open the terminal and type:

sudo gedit /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla

- Just comment by adding # at the beginning of each line in the first four lines or all the lines above the line [Change CPU Frequency scaling] i.e. upto the line ResultActive=yes

- Now save the file and whenever you try to mount the NTFS drives under ubuntu, it will prompt you for the pasword.


Accessing shared folders of host system from Backtrack4(virtual)

As the title of the post says, this post will help you to access the shared folders. The example is based on the Backtrack 4 installed as virtual OS with VirtualBox OSE under ubuntu 10.10 but there should not be problem in other systems too as long as the virtual OS is linux-based.

From the VirtualBox menu, Device->Shared Folders, you can add, edit and remove the shared folders that are shared by the host OS with the virtual OS.

Now onto the main problem, just enter the following command in order to successfully access the shared folders from within the BT4.

mount -t vboxsf /mnt

For example, if I share the folder $HOME/Desktop, I would do following in the BT4 konsole.

mount -t vboxsf Desktop /mnt

Note that if the windows system is the host OS, then I think you should include your shared folders as the Transient folder (anyone to make sure of this?) instead of the Machine Folders.
That's all. I hope this helps you.


Installing VirtualBox Addition in Backtrack 4 Final

I run ubuntu linux and Win XP and BT4 in the Virtual environment using VirtualBox OSE. There was no problem installing VirtualBox Guest Addition in XP, however, I had problem installing it in Backtrack 4 so I tried few things and finally was successful to solve it. And I thought to share with you as it might help you as well.

Just enter the following commands one after another in the terminal(konsole in BT 4) and you're done.

- mkdir /vboxguest

- mount /dev/hdc /vboxguest

- cd /vboxguest

- ./VBoxLinuxAddition-x86.run

- reboot

After the reboot, you'll see the VirtualBox Guest Addition working properly for your BT4 installation. Hope this helps.


Solving Wireless Disabled Problem in Ubuntu 10.10

I was experiencing problem enabling the wireless in HP DV6 and tried few solutions for it. Finally, I came with this small solution which might be useful for you too.

Follow the steps as follows:
- Turn on the wireless switch(it still looks like being turned off).

- Now you need to edit the NetworkManager.state file located at /var/lib/NetworkManager/.
So enter the following command in the terminal:

sudo gedit /var/lib/NetworkManager/NetworkManager.state

This will open the NetworkManager.state file in the text editor which will most probably look like below:


Now, change the line WirelessEnabled=false line to true and save and close the text editor.

Now, we'll have to use rfkill command to view and unblock the wireless device. Note that the rfkill command is the tool to enable and disable wireless devices such as WiFi and bluetooth.

In the terminal, run the command rfkill list which will list the wireless devices, their identifier(numeric value like 0, 1) and the status of blocking at software and hardware level.

Now, pick up the identifier of the wifi(in my case, its 0 for hp-wifi) and just issue the command rfkill unblock 0 and then reboot the system.

This should solve the problem for you. If not, drop your comment here and I'll try to find the best solution for you.