Showing posts with label software. Show all posts
Showing posts with label software. Show all posts

Saturday 8 December 2012

DNS Rebinding Attack Using Rebind

Rebind is a tool that implements the multiple A record DNS rebinding attack. Although this tool was originally written to target home routers, it can be used to target any public (non RFC1918) IP address.

Rebind provides an external attacker access to a target router's internal Web interface. This tool works on routers that implement the weak end system model in their IP stack, have specifically configured firewall rules, and who bind their Web service to the router's WAN interface. Note that remote administration does not need to be enabled for this attack to work. All that is required is that a user inside the target network surf to a Web site that is controlled, or has been compromised, by the attacker.

Important Links

Download rebind

Tested Routers (Affected + Not affected)

Rebind FAQ

Defcon Slides

Kind of interesting vector and I guess many are vulnerable out there.


Tuesday 28 August 2012

Hack Attack The Networks With Yersinia

Yersinia is a network attack tool that takes advantages of inherent weaknesses of several protocols to attack the network using different attack vectors. Yersinia can prove as a solid tool for analyzing and testing the deployed networks and systems for possible weaknesses.

The protocols implemented for testing using Yersinia are:

  • Spanning Tree Protocol (STP)
  • Cisco Discovery Protocol (CDP)
  • Dynamic Trunking Protocol (DTP)
  • Dynamic Host Configuration Protocol (DHCP)
  • Hot Standby Router Protocol (HSRP)
  • IEEE 802.1Q
  • IEEE 802.1X
  • Inter-Switch Link Protocol (ISL)
  • VLAN Trunking Protocol (VTP)

Yersinia supports number of attacks in all of the above listed network protocols and hence can be used (or misused) to test any network.

The tool works on several operating systems such as OpenBSD 3.4 (with pcap libraries >= 0.7.2), Linux 2.4.x and 2.6.x, Solaris 5.8 64bits SPARC, Mac OSX 10.4 Tiger (Intel), etc.

Installation on ubuntu: Fire up the terminal and type:

sudo apt-get install yersinia

To download yersinia for other distros, go through the Download section of yersinia.


Monday 13 August 2012

Screen Recording Software Solutions For Linux

Windows users have several options to choose from when it comes to the desktop recording (and only paid ones are good generally) but Linux users have fewer options but robust, simple, and best of all, free and open source desktop screen recording tools that we can trust on.

Below are some of the screen recording tools you might want to try:


recordMyDesktop is a desktop session recorder for GNU/Linux written in C. recordMyDesktop itself is a command-line tool and few GUI frontends are also available for this tool. There are two frontends, written in python with pyGtk (gtk-recordMyDesktop) and pyQt4 (qt-recordMyDesktop). recordMyDesktop offers also the ability to record audio through ALSA, OSS or the JACK audio server. Also, recordMyDesktop produces files using only open formats. These are theora for video and vorbis for audio, using the ogg container.

Installation under debian and ubuntu:

sudo apt-get install gtk-recordmydesktop


XVidCap is a small tool to capture things going on on an X-Windows display to either individual frames or an MPEG video. It enables you to capture videos off your X-Window desktop for illustration or documentation purposes.It is intended to be a standards-based alternative to tools like Lotus ScreenCam.

sudo apt-get install xvidcap


Istanbul is a desktop session recorder for the Free Desktop. It records your session into an Ogg Theora video file. To start the recording, you click on its icon in the notification area. To stop you click its icon again. It works on GNOME, KDE, XFCE and others. It was named so as a tribute to Liverpool's 5th European Cup triumph in Istanbul on May 25th 2005.

sudo apt-get install istanbul


Vnc2flv is a cross-platform screen recording tool for UNIX, Windows or Mac. It captures a VNC desktop session (either your own screen or a remote computer) and saves as a Flash Video (FLV) file.


Wink is a Tutorial and Presentation creation software, primarily aimed at creating tutorials on how to use software (like a tutor for MS-Word/Excel etc). Using Wink you can capture screenshots, add explanations boxes, buttons, titles etc and generate a highly effective tutorial for your users. It requires GTK 2.4 or higher and unfortunately is just a freeware(could not find any source code for it).


Screenkast is a screen capturing program that records your screen-activities, supports commentboxes and exports to all video formats.

If you got any more suggestions, please drop the comment. :)


Download Youtube Videos From Command-Line With Youtube-dl

youtube-dl is a small command-line program to download videos from and few more sites. All it requires is the Python interpreter version 2.5 or higher, and it is not platform specific.

This small tool is simple and offers everything you would love to have, but not the GUI. It supports several websites listed as below:

Supported sites playlists (playlist URLs in "view_play_list" form). searches user videos, using user page URLs or the specifc "ytuser" keyword.
Google Video.
Google Video searches ("gvsearch" keyword).
Photobucket videos.
Yahoo! video.
Yahoo! video searches ("ybsearch" keyword).
The Daily Show / Colbert Nation.
The Escapist.
A generic downloader that works in some sites.

You can download the tool from GitHub. For more information about the tool, check the documentation. The standalone executable for windows is also available for download from the same github repository.


Sunday 12 August 2012

Rootbeer - High Performance GPU Computing in JAVA

Good news for JAVA guys that the high performance GPU compiler has been released that aims to bring high performance GPU computing to the Java Programming Language with the minimal effort from the developer.

Rootbeer is more advanced than CUDA or OpenCL Java Language Bindings. With bindings the developer must serialize complex graphs of objects into arrays of primitive types. With Rootbeer this is done automatically. Also with language bindings, the developer must write the GPU kernel in CUDA or OpenCL. With Rootbeer a static analysis of the Java Bytecode is done (using Soot) and CUDA code is automatically generated.

Rootbeer was created using Test Driven Development and testing is essentially important in Rootbeer. Rootbeer is 20k lines of product for and 7k of test code and all tests pass on both Windows and Linux. The Rootbeer test case suite covers every aspect of the Java Programming language except:
1. native methods
2. reflection
3. dynamic method invocation
4. sleeping while inside a monitor.

This means that all of the familar Java code you have been writing can be executed on the GPU.

GitHub of Rootbeer


Saturday 31 March 2012

nmbscan - Network Shares Scanner Based On NMB/SMB/NetBIOS Protocol

NMB Scanner scans the shares of a NetBIOS/SMB network, using the NMB/SMB/NetBIOS protocols. It is useful for acquiring information on a local area network for such purposes as security auditing.

It can obtain such information as NMB/SMB/NetBIOS/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/NetBIOS/Windows domain name, and master browser. It can discover all the NMB/SMB/NetBIOS/Windows hosts on a local area network by using the hosts lists maintained by master browsers.

You can download the version 1.2.6 of nmbscan tool from HERE.

After downloading, extract the files by typing:

mkdir nmbscan && tar -xvf nmbscan-1.2.6.tar.gz --directory nmbscan

Running nmbscan shows pretty much of information about the usage.

samar@Techgaun:~/Downloads/nmbscan$ ./nmbscan 
nmbscan version 1.2.6 - Techgaun - Sat Mar 31 00:04:15 NPT 2012

usage :
 ./nmbscan -L
  -L show licence agreement (GPL)

 ./nmbscan {-d|-m|-a}
  -d show all domains
  -m show all domains with master browsers
  -a show all domains, master browsers, and hosts

 ./nmbscan {-h|-n} host1 [host2 [...]]
  -h show information on hosts, known by ip name/address
  -n show information on hosts, known by nmb name

You can figure out the command line switches as per your necessity while using the tool. I hope this tool counts as useful for you. :)


Saturday 28 January 2012

KDE Version 4.8 Is Released With Updated Plasma Workspaces, Apps n Platforms

On 25th January 2012, KDE has released 4.8.0, containing compelling new features and improvements to the Plasma Workspaces, the KDE Applications and the KDE Development Platform. Version 4.8 is intended to provide many new features, and improved stability and performance.

Major KDE improvements in this version are:
Adaptive Power Management - Kwin optimizations, the redesign of power management, and integration with Activities.

Faster, More Scalable File Management - KDE v. 4.8 includes Dolphin with its new display engine, new Kate features and improvements, Gwenview with functional and visual improvements.

Enhanced Interoperability & Introduction of Touch-Friendly Components

Check the official announcement


Saturday 29 October 2011

Batch Image Processing Using GIMP

I've previously enlisted few tools regarding batch image resizing in windows. However they are limited to windows only and I was searching for something which was cross-platform. With some search, I found that GIMP loaded with David's Batch Processor would let us resize the images easily.

DBP (David's Batch Processor) is a simple batch processing plugin for the Gimp - it allows the user to automatically perform operations (such as resize) on a collection of image files. Its main advantage is that the user does not have to learn a scripting language. Like the Gimp itself, DBP relies on a graphical interface. The user creates a list of images, and sets up the processing required for each image. The results of the current settings can be displayed. Once the required sequence of operations has been set up, DBP performs the same processing on each image in turn. The images can be colour corrected, resized, cropped, and sharpened, then renamed and saved to a different file in a specified image format.

Check official website for more information on installation and downloads.