Thursday, February 26, 2015

Chameleon - Website IP Address Seeker (CDN Unhidden)


What is CDN?

A content delivery network or content distribution network (CDN) is a large distributed system of servers deployed in multiple data centers across the Internet. The goal of a CDN is to serve content to end-users with high availability and high performance. CDNs serve a large fraction of the Internet content today, including web objects (text, graphics and scripts), downloadable objects (media files, software, documents), applications (e-commerce, portals), live streaming media, on-demand streaming media, and social networks.

Content providers such as media companies and e-commerce vendors pay CDN operators to deliver their content to their audience of end-users. In turn, a CDN pays ISPs, carriers, and network operators for hosting its servers in their data centers. Besides better performance and availability, CDNs also offload the traffic served directly from the content provider's origin infrastructure, resulting in possible cost savings for the content provider. In addition, CDNs provide the content provider a degree of protection from DoS attacks by using their large distributed server infrastructure to absorb the attack traffic. While most early CDNs served content using dedicated servers owned and operated by the CDN, there is a recent trend to use a hybrid model that uses P2P technology. In the hybrid model, content is served using both dedicated servers and other peer-user-owned computers as applicable.

*** Quote from Wikipedia

When the websites are using CDN, such as Cloudflare, their IP addresses may be hidden. However, those IP addresses can be retrieved by the following methods :

(We take Cloudflare as an example)
(1) CloudFlare-Watch
(2) Netcracft.net
(3) Fierce Domain Scan
(4) NoCloudAllowed by Allison Nixon
(5) Chameleon (this article)

Introduction

Chameleon is an Open Source project by Samiux under GPLv3. Chameleon is developing based on NoCloudAllowed.

As same as NoCloudAllowed (Perl script), Chameleon (Python script) assumes that the target website is within an IP address range(s). The IP address range(s) of a certain country can be obtained via IP2Location. Once you get a CIDR list of the country, you need to extract it to the IP addresses list.

For the comparsion, you need an *unique* string from the target site. Once the string is found, the findings will be recorded in a file for further processing.

For extracting the IP addresses from CIDR list that obtained from IP2Location, I use prips. prips is not installed in Kali Linux by default.

Chameleon is well tested on Kali Linux 1.1.0 and Ubuntu 14.04 LTS.

Limitation

If the IP address and/or the domain is not pointed to the web root directory, Chameleon cannot find the site as expected. Do NOT set the "--thread" too large as it will consume all your RAM.

Download

wget http://www.infosec-ninjas.com/files/chameleon-0.0.3.tar.gz

tar -xvzf chameleon-0.0.3.tar.gz

sha1sum : dab2486c72d2745075d06698be0f693254dae0da    chameleon-0.0.3.tar.gz

Changelog

FEB 22, 2015 - Version 0.0.1 (sha1sum : c2a7af574e0132ab19a8597ded97c13b5f94dece    chameleon-0.0.1.tar.gz)
[+] First release

FEB 25, 2015 - Version 0.0.2 (sha1sum : 8714d5a8ef8566ff6d36adbbbbfaee65bff8a728    chameleon-0.0.2.tar.gz)
[+] Add input file for the ip address comparison
[+] Add timeout option
[-] Drop the single ip address for comparison

FEB 26, 2015 - Version 0.0.3 (sha1sum : dab2486c72d2745075d06698be0f693254dae0da    chameleon-0.0.3.tar.gz)
[+] Add exceptional error handling
[+] Add threading option
[+] Add output file option
[+] Add batch of IP address per thread option
 

Usage

Usage: chameleon.py [options]

Options:
  -h, --help            show this help message and exit
  -s SEARCHSTRING, --string=SEARCHSTRING
                        specify the unique string to search
  -f INFILE, --file=INFILE
                        input file contains ip addresses for comparison
  -p PROTO, --proto=PROTO
                        protocol to use, http or https
  -o TIMEOUT, --timeout=TIMEOUT
                        timeout, default 2 seconds
  -t NUMTHREAD, --thread=NUMTHREAD
                        number of threading, default is 1
  -w OUTFILE, --write=OUTFILE
                        output file for findings, default is find.txt
  -b BATCH, --batch=BATCH
                        batch of IP address per thread, default is 1

Example : python chameleon.py -s github -f ip-addresses.txt -p https -b 10 -t 1000 -w github.txt -o 3


Original link

That's all! See you.

Thursday, February 12, 2015

HOWTO : OTR with Pidgin on Kali Linux 1.1.0

Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.

The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing.


apt-get install pidgin pidgin-otr pidgin-plugin-pack

That's all! See you.

HOWTO : nVidia CUDA with Kali Linux 1.1.0

Hardware

CPU : Intel i7-3930K
RAM : 32GB DDR3
Hard Drive : 3TB
Display Card : Two nVidia GeForce GTX 590

Install Kali

Install Kali Linux 1.1.0 on the box as usual. Make sure "secure boot" is disabled in your BIOS before installing. After that, you update the Kali accordingly.

apt-get update
apt-get dist-upgrade


Install nVidia Driver

apt-get install -y linux-headers-$(uname -r)
apt-get install nvidia-kernel-dkms nvidia-driver nvidia-cuda-toolkit nvidia-xconfig

nvidia-xconfig

sed 's/quiet/quiet nouveau.modeset=0/g' -i /etc/default/grub
update-grub
reboot


Please note that Kali official does not recommend to compile applications yourself as they think that it will damage the Kali.

Install cudaHashcat

mkdir hacking
cd hacking

wget http://hashcat.net/files-legacy/cudaHashcat-1.31.7z

7za x cudaHashcat-1.31.7z


(Please noted that the current version 1.32 does not compatible to Kali 1.1.0's nVidia driver 340.x).

Test the cudaHashcat

cd /root/hacking/cudaHashcat-1.31/
./cudaExample0.sh

cd /root/hacking/cudaHashcat-1.31/
./cudaExample400.sh

cd /root/hacking/cudaHashcat-1.31/
./cudaExample500.sh


Install John the Ripper

apt-get install libssl-dev

cd hacking

wget http://www.openwall.com/john/g/john-1.8.0-jumbo-1.tar.gz
tar -xvzf john-1.8.0-jumbo-1.tar.gz
cd john-1.8.0-jumbo-1/src

./configure
make
make


** If your hashes or passwords are longer than 8 characters, you need to change the following before compiling the John.

cd john-1.8.0-jumbo-1/src
nano params.h


Then change from "8" to "18" or "20" and etc.

#define CHARSET_LENGTH 8

Test the John the Ripper

cd /root/hacking/john-1.8.0-jumbo-1/run

./john --device=0,1,2,3 --format=sha512crypt-cuda /etc/shadow


* since I have 4 GPUs, so the --device should be 4.

*** When you changed the CHARSET_LENGTH, you need to generate a new charset. Do it once only.

wget http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2
bunzip2 -d rockyou.txt.bz2
cp rockyou.txt /root/hacking/john-1.8.0-jumbo-1/run

cd /root/hacking/john-1.8.0-jumbo-1/run

cat rockyou.txt | sed 's/^/:/' > rockyou.pot

mv all.chr all.chr-original
mv alnum.chr alnum.chr-original
mv alpha.chr alpha.chr-original
mv digits.chr digits.chr-original
mv lanman.chr lanman.chr-original

./john --pot=rockyou.pot --make-charset=all.chr
./john --pot=rockyou.pot --make-charset=alnum.chr --external=filter_alnum
./john --pot=rockyou.pot --make-charset=alpha.chr --external=filter_alpha
./john --pot=rockyou.pot --make-charset=digits.chr --external=filter_digits
./john --pot=rockyou.pot --make-charset=lanman.chr --external=filter_lanman


Then your cracking command will be :

./john --pot=rockyou.pot --device=0,1,2,3 --format=sha512crypt-cuda /etc/shadow

Install and Test Cryptohaze

cd hacking
wget http://sourceforge.net/projects/cryptohaze/files/Cryptohaze-Linux_x64_1_31a.tar.bz2/download -O Cryptohaze-Linux_x64_1_31a.tar.bz2

tar xjvf Cryptohaze-Linux_x64_1_31a.tar.bz2

cd /root/hacking/Cryptohaze-Linux
./Cryptohaze-Multiforcer -h NTLM -c charsets/charsetall -f test_hashes/Hashes-NTLM-Full.txt


That's all! See you.

HOWTO : Kali Linux 1.1.0 on Optimus Laptop

Step 1 :

apt-get install linux-headers-$(uname -r)
apt-get install nvidia-kernel-dkms nvidia-cuda-toolkit nvidia-driver


After that, reboot your Kali. Then, we need to install bumblebee.

Step 2 :

apt-get install bumblebee-nvidia primus

If you need to support i386 architecture 3D software in 64-bit Kali, you may need to install the following :

dpkg --add-architecture i386
apt-get update
apt-get install bumblebee-nvidia primus primus-libs:i386


Step 3 :

Now, you need to add you (e.g. root) to the bumblebee group.

adduser $USER bumblebee

Step 4 :

To run your application with the discrete nVidia card :

optirun iceweasel

If optirun displays the following error :

[ERROR]Cannot access secondary GPU - error: Could not load GPU driver

You need to edit the following :

sed 's/KernelDriver=nvidia/KernelDriver=nvidia-current/g' -i /etc/bumblebee/bumblebee.conf

The following are optional :

If you want to run glxgears with the discrete nVidia card, you need to install VirtualGL

32-bit Kali Linux -
wget http://sourceforge.net/projects/virtualgl/files/2.3.90%20%282.4beta1%29/virtualgl_2.3.90_i386.deb/download -O virtualgl_2.3.90_i386.deb

64-bit Kali Linux -
wget http://sourceforge.net/projects/virtualgl/files/2.3.90%20%282.4beta1%29/virtualgl_2.3.90_amd64.deb/download -O virtualgl_2.3.90_amd64.deb

dpkg -i virtualgl_2.3.90_i386.deb

or
h
dpkg -i virtualgl_2.3.90_amd64.deb

Then run :

optirun glxgears -info

or

optirun glxgears

The following are CUDA applications :

Please note that the Kali official does not recommend to compile applications yourself for Kali as they think that it would damage kali.

The next steps are to install cudaHashcat, john, Cryptohaze and pyrit.

(1) cudaHashcat installation

Grab the source code and extract it. The current version is 1.31 at this writing.

wget http://hashcat.net/files-legacy/cudaHashcat-1.31.7z
7za x cudahashcat-1.31.7z


(Please noted that the current version of cudaHashcat 1.32 does not compatible with Kali 1.1.0's nVidia 340.x driver).

Then run the sample scripts to test the cudahashcat by the following commands.

cd cudaHashcat-1.31
optirun ./cudaExample0.sh
optirun ./cudaExample400.sh
optirun ./cudaExample500.sh


When it is your first time to run cudaHashcat, you will be prompted for the license and you just answer "YES" to continue.

(2) John the Ripper Installation

Install the required package before going further.

apt-get install libssl-dev

Grab the current version of john (the current version at this writing is 1.8.0-jumbo-1) and compile it.

wget http://www.openwall.com/john/j/john-1.8.0-jumbo-1.tar.gz
tar -xvzf john-1.8.0-jumbo-1.tar.gz
cd john-1.8.0-jumbo-1/src
./configure
make clean
make


To run john, you can execute the following command.

cd ../run
optirun ./john --format=sha512crypt-cuda /etc/shadow


Please note that the captioned command will have fruitless result when your password is longer than 8 characters which is the default for john. If requires, you can make some changes on "params.h". However, it is out of the scope of this guide.

(3) Cryptohaze Installation

Grab the current version of Cryptohaze (the current version is 1.3a at this writing).

wget http://sourceforge.net/projects/cryptohaze/files/Cryptohaze-Linux_x64_1_31a.tar.bz2/download -O Cryptohaze-Linux_x64_1_31a.tar.bz2
tar xjvf Cryptohaze-Linux_x64_1_31a.tar.bz2
cd Cryptohaze-Linux


To perform the sample run, you can execute the following command.

optirun ./Cryptohaze-Multiforcer -h NTLM -c charsets/charsetall -f test_hashes/Hashes-NTLM-Full.txt

(4) pyrit Installation

The first step is to install the required packages.

apt-get install libssl-dev libpcap0.8-dev python-dev

Grab the current version of pyrit. However, pyrit is not updated for a long time.

svn checkout http://pyrit.googlecode.com/svn/trunk/ pyrit

Compile it with the following commands.

cd pyrit/pyrit
python setup.py build
python setup.py install

cd ../cpyrit_cuda
python setup.py build
python setup.py install


To test it, you can execute the following commands.

optirun pyrit list_cores
optirun pyrit benchmark


That's all! See you.

HOWTO : Performance Tuning on Kali Linux 1.1.0

Kali Linux 1.1.0 is released recently. It is much faster than before. However, we can tune it for better performance too. Here we go!

Step 1 :

nano /etc/sysctl.conf

Append the following to the sysctl.conf :



sysctl -p

Step 2 :

nano /etc/rc.local

Insert the following before "exit 0" :

echo 1024 > /sys/block/sda/queue/read_ahead_kb
echo 256 > /sys/block/sda/queue/nr_requests


If your device is not sda, please change it accordingly.

Step 3 :

It is very danger for this step. Make sure you do NOT have any typing error; otherwise, you cannot boot your Kali up.

nano /etc/fstab

Locate "ext4" and add the following before "errors=remount-ro" :

noatime,nodiratime,norelatime

If you are using LVM, it will look like :

/dev/mapper/kali-root / ext4 noatime,nodiratime,norelatime,errors=remount-ro 0 1

After that, run :

mount -a
mount -o remount /


If no error message, then reboot. If there is any error message, double check if you have any typing error or not.

That's all! See you.

Wednesday, February 11, 2015

HOWTO : Minor fix on Kali Linux 1.1.0

Kali Linux 1.1.0 is released recently. Some bugs had been fixed and the performance is improved a lot.

However, you may encounter that you need to set the volume of the sound device every time when you boot up. You can solve this problem by the following :

apt-get install alsa-base alsa-utils

amixer sset Master unmute

Then adjust the volume when necessary.

Secondary, when your hard driver or SSD is fully encrypted, your GRUB screen is in blue. You can get the awesome Kali GRUB screen back by the following :

If you are using BIOS -

apt-get --purge remove grub-pc
apt-get install grub-pc


* select the GRUB to be installed at /dev/sda, if you have only one hard driver or SSD.

If you are using UEFI -

apt-get --purge remove grub-efi
apt-get install grub-efi


The GRUB screen is already Kali GRUB awesome screen.

Thirdly, OpenJDK 6 and 7 are installed in Kali Linux 1.1.0. However, only OpenJDK 6 (1.6.x) is enabled. If your application requires OpenJDK 7 (1.7.x), you need to enable it. You can :

update-alternatives --config java

Then select OpenJDK 7. I select 2 in my case.

Fourthly, Transmission is dropped in this version. You need to install yourself.

apt-get install transmission-gtk

Known Issue

If you are running virtual machine, such as Virtualbox or VMWare and the guest network interface is running on NAT and/or bridged mode, you cannot access internet on every boot up. You can issue the following command to gain internet access :

dhclient

That's all! See you.

Tuesday, February 10, 2015

HOWTO : Thinkpad Touchpad Malfunction Fixed on Kali Linux 1.0.9a


This guide also works for Kali Linux 1.1.0

My friend has a Lenovo Thinkpad New X1 Carbon. However, the touchpad is malfunction and caused the system hang up. Fortunately, he followed this WiKi (except the "The syndaemon Helper", if included, you cannot login.) the problem is solved.

That's all! See you.

Monday, February 09, 2015

HOWTO : Ubuntu 14.04 LTS Desktop on Mac Pro (Late 2013)

You should install rEFInd 0.8.5 on Mac Pro which is running OSX 10.10.2. Please follow the instruction on rEFInd for the installation. It is very simple and easy.

Insert your Ubuntu Desktop 14.04 LTS USB boot stick. Then, boot up Mac Pro without pressing any key. You will see a penguin icon and press it. You will then see a GRUB boot menu, press any arrow key as soon as possible. Move the highlight bar back to "Try Ubuntu without install". Press "e" and insert "nomodeset radeon.audio=1" between "splash" and "--". After that, press F10 to boot to Ubuntu Live mode.

At the Ubuntu Live mode, click the Install icon to install. When reaching the partition option, select customize. Make sure you do NOT delete the "EFI" partition. You can repartition the existing HFS+ partition or delete it to configure it to your desired Linux partitions, such as / and swap.

When the installation is completed, you will ask to continue testing or restart. Select "continue". Click to the hard drive icon on the left hand side menu bar. Your hard drive (SSD) is mounted. Go to /media/ubuntu/[a serial number]/boot/grub/grub.cfg. Locate the "splash" and insert "nomodeset radeon.audio=1" and the end of "splash". Do the same thing at /media/ubuntu/[a serial number]/etc/default/grub.

Now, you can reboot your Mac Pro. If everything going fine, you can boot to Ubuntu. After login, you should run "sudo update-grub" to update the GRUB.

At last, do NOT try to install the AMD Radeon proprietary drivers from the Ubuntu repository or AMD official site. It is because you will unable to go to the login screen after installing the proprietary drivers.

That's all! See you.

HOWTO : Network Interfaces Bonding on Kali Linux 1.0.9a


This guide also works for Kali Linux 1.1.0

If you have two network interface cards, you can bond two interfaces together to increase the bandwidth (aka teaming). I am going to show you how to configure Mode 0 (balance-rr). You can do it on Ubuntu too.

We need to install the driver.

apt-get update
apt-get install ifenslave-2.6


Activate bonding when boot up.

echo "bonding" >> /etc/modules

Load the module now for configuration.

modprobe bonding

Backup the interfaces configure file.

mv /etc/network/interfaces /etc/network/interfaces.orig

Edit the interfaces configure file.

nano /etc/network/interfaces

The content should be looking as the following. Please note that the address, gateway and netmask may be different from yours.



To confirm the bonding is working by the following commands :

The result of ifconfig will be looking like this.



Then we check the bonding interfaces.



Description of Bonding modes

Mode 0 - balance-rr

Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.

Mode 1 - active-backup

Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond's MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.

Mode 2 - balance-xor

XOR policy: Transmit based on selectable hashing algorithm. The default policy is a simple source+destination MAC address algorithm. Alternate transmit policies may be selected via the xmit_hash_policy option, described below. This mode provides load balancing and fault tolerance.

Mode 3 - broadcast

Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.

Mode 4 - 802.3ad

IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.

Prerequisites:
Ethtool support in the base drivers for retrieving the speed and duplex of each slave.
A switch that supports IEEE 802.3ad Dynamic link aggregation. Most switches will require some type of configuration to enable 802.3ad mode.

Mode 5 - balance-tlb

Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave.

Prerequisites:
Ethtool support in the base drivers for retrieving the speed of each slave.

Mode 6 - balance-alb

Adaptive load balancing: includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server.

That's all! See you.

Monday, February 02, 2015

HOWTO : OTR with Hexchat on Kali Linux 1.0.9a

What is OTR?

Please refer to Off-the-Record Messaging

Step 1 :

We need backports repos :

echo "deb http://ftp.debian.org/debian wheezy-backports main contrib non-free" >> /etc/apt/sources.list

Step 2 :

apt-get update
apt-get install libotr5-bin libotr5 libotr5-dev libgcrypt11-dev gnome-common


Step 3 :

git clone https://github.com/TingPing/hexchat-otr.git

Step 4 :

cd hexchat-otr
./autogen.sh
make -s
make install


Usage :

To to nick "samiux" with otr :
/query samiux
/otr start


If you trust the connection :
/otr trust

You may consider to auth with password :
/otr auth [password]

If everything is okay, you will see all message from samiux is encrypted. You can confirmed with his nick, it will be *samiux* on the screen.

When chatting is finished :
/otr finish

Remarks :

Make sure you do not keep the log.

However, this program is not perfect. If you encounter any problem that cannot solve, you can uninstall it by :

sudo make uninstall

That's all! See you.

Sunday, January 18, 2015

HOWTO : Kali Linux 1.0.9a on Optimus Laptop

The guide is updated on FEB 4, 2015 as Kali Linux 1.9.0a has included the nVidia driver 340.x and CUDA 5.5.x.

Step 1 :

echo "deb http://ftp.debian.org/debian wheezy-backports main contrib non-free" >> /etc/apt/sources.list

apt-get update

Step 2 :

apt-get install -y linux-headers-$(uname -r)
apt-get install -t wheezy-backports nvidia-kernel-dkms nvidia-cuda-toolkit nvidia-driver


Optionally, you can uninstall the backports linux kernel headers 3.16 (if any) as it comes with the backports nVidia drivers installation.

apt-get --purge remove linux-headers-3.16


Finally, reboot. Then, we need to install bumblebee.

Step 3 :

apt-get install -t wheezy-backports bumblebee-nvidia primus

If you need to support i386 architecture 3D software in 64-bit Kali, you may need to install the following :

dpkg --add-architecture i386
apt-get update
apt-get install -t wheezy-backports bumblebee-nvidia primus primus-libs:i386 primus-libs:ia32


Step 4 :

Now, you need to add you (e.g. root) to the bumblebee group.

adduser $USER bumblebee

Step 5 :

To run your application with the discrete nVidia card :

optirun iceweasel

If optirun displays the following error :

[ERROR]Cannot access secondary GPU - error: Could not load GPU driver

You need to edit the following :

sed 's/KernelDriver=nvidia/KernelDriver=nvidia-current/g' -i /etc/bumblebee/bumblebee.conf

If you want to run glxgears with the discrete nVidia card, you need to install VirtualGL

32-bit Kali Linux -
wget http://sourceforge.net/projects/virtualgl/files/2.3.90%20%282.4beta1%29/virtualgl_2.3.90_i386.deb/download -O virtualgl_2.3.90_i386.deb

64-bit Kali Linux -
wget http://sourceforge.net/projects/virtualgl/files/2.3.90%20%282.4beta1%29/virtualgl_2.3.90_amd64.deb/download -O virtualgl_2.3.90_amd64.deb

dpkg -i virtualgl_2.3.90_i386.deb

or
h
dpkg -i virtualgl_2.3.90_amd64.deb

Then run :

optirun glxgears -info

or

optirun glxgears

The next steps are to install cudaHashcat, john, Cryptohaze and pyrit.

(1) cudaHashcat installation

Grab the source code and extract it. The current version is 1.31 at this writing.

wget http://hashcat.net/files/cudaHashcat-1.31.7z wget http://hashcat.net/files-legacy/cudaHashcat-1.31.7z
7za x cudahashcat-1.31.7z


(Please noted that the current version of cudaHashcat 1.32 does not compatible with nVidia 340.x driver).

Then run the sample scripts to test the cudahashcat by the following commands.

cd cudaHashcat-1.31
optirun ./cudaExample0.sh
optirun ./cudaExample400.sh
optirun ./cudaExample500.sh


When it is your first time to run cudaHashcat, you will be prompted for the license and you just answer "YES" to continue.

(2) John the Ripper Installation

Install the required package before going further.

apt-get install libssl-dev

Grab the current version of john (the current version at this writing is 1.8.0-jumbo-1) and compile it.

wget http://www.openwall.com/john/j/john-1.8.0-jumbo-1.tar.gz
tar -xvzf john-1.8.0-jumbo-1.tar.gz
cd john-1.8.0-jumbo-1/src
./configure
make clean
make


To run john, you can execute the following command.

cd ../run
optirun ./john --format=sha512crypt-cuda /etc/shadow


Please note that the captioned command will have friutless result when your password is longer than 8 characters which is the default for john. If requires, you can make some changes on "params.h". However, it is out of the scope of this guide.

(3) Cryptohaze Installation

Grab the current version of Cryptohaze (the current version is 1.3a at this writing).

wget http://sourceforge.net/projects/cryptohaze/files/Cryptohaze-Linux_x64_1_31a.tar.bz2/download -O Cryptohaze-Linux_x64_1_31a.tar.bz2
tar xjvf Cryptohaze-Linux_x64_1_31a.tar.bz2
cd Cryptohaze-Linux


To perform the sample run, you can execute the following command.

optirun ./Cryptohaze-Multiforcer -h NTLM -c charsets/charsetall -f test_hashes/Hashes-NTLM-Full.txt

(4) pyrit Installation

The first step is to install the required packages.

apt-get install libssl-dev libpcap0.8-dev python-dev

Grab the current version of pyrit. However, pyrit is not updated for a long time.

svn checkout http://pyrit.googlecode.com/svn/trunk/ pyrit

Compile it with the following commands.

cd pyrit/pyrit
python setup.py build
python setup.py install

cd ../cpyrit_cuda
python setup.py build
python setup.py install


To test it, you can execute the following commands.

optirun pyrit list_cores
optirun pyrit benchmark


That's all! See you.

Thursday, January 08, 2015

HOWTO : Kali Linux NetHunter on OnePlus One 64GB

The most simplest way to flash NetHunter is by using Windows application that provided by Offensive Security at here (the version at this writing is 1.1.6). You should follow the instructions on the screen to complete the task.

I select OnePlus One 64GB version as it comes with 3GB RAM and 64GB storage. It is running Cyanogen CM11 (version 4.4.4) ROM. It is very ideal for installing NetHunter in my own opinion. The current version of NetHunter does not support Android 5.0 and please do not try to flash onto it.

I am using MacBook Air with VMWare Fusion and Windows 8.1 guest to flash NetHunter. The Android USB driver provided by the captioned application cannot be installed automatically in my case. I need to install it manually via "Device Manager". Make sure two certifications (ADB and Fastboot) as well as the USB driver have been installed properly, the process will be very smooth.

If you do not have Windows machine or virtual machine available, you should follow the instructions mentioned in the official site. Make sure you root the device before doing so. This task will be very hard and more easy to run into mistakes. Make sure you have read the instructions on the official site completely and carefully before doing so. Therefore, I recommend not to use this method unless you need to.

After the NetHunter is flashed, you can optionally encrypt your OnePlus One. Before doing that, you should unmount the Kali by issue the following by using "Terminal Emulator" :

su -c killkali

Then reboot the OnePlus One. Once it is reboot, you can carrying out the phone encryption procedure.

After the encryption is completed, you need to re-mount the Kali by issue the following command :

su -c bootkali

That's all! See you.

Tuesday, December 23, 2014

HOWTO : Oracle Java 8 on Kali Linux 1.0.9a

For some reasons, you need to install Oracle Java 8 instead of the default OpenJDK 7 on Kali Linux.

nano java8

Add the following to the file and save.

echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee /etc/apt/sources.list.d/webupd8team-java.list
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee -a /etc/apt/sources.list.d/webupd8team-java.list
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys EEA14886
apt-get update
apt-get install oracle-java8-installer


Make the file executable.

chmod +x java8

Run it to install.

./java8

To uninstall.

apt-get --purge remove oracle-java8-installer

That's all! See you.

Wednesday, December 17, 2014

HOWTO : Flash Plugin on Kali Linux 1.0.9a

Iceweasel

To install Flash :
apt-get install flashplugin-nonfree

To update Flash :
update-flashplugin-nonfree --install

Google Chrome

nano /etc/apt/sources.list

Append the following line :

deb http://http.debian.net/debian wheezy-backports main contrib non-free

To install Flash :

apt-get update
apt-get -t wheezy-backports install pepperflashplugin-nonfree

Make sure to comment out the newly added repos after the install :

#deb http://http.debian.net/debian wheezy-backports main contrib non-free

To update Flash :
update-pepperflashplugin-nonfree --install

That's all! See you.

Saturday, December 06, 2014

HOWTO : Fine Tune of iPad Mini 3 LTE

Personal Hotspot

By default, Personal Hotspot is hidden. You need to activate it by the following procedure :

(a) Settings - Cellular Data - Personal Hotspot - APN Settings - Personal Hotspot

(b) Enter some information at APN, Username and Password. Those information is not required to be real data.

(c) Exit and return, you will find Personal Hotspot option on the menu.

Cellular Data and Wifi Connection Timeout

(a) Settings - Touch ID & Passcode

(b) Enable iPad Unlock, Enable Require Passcode

(c) Settings - General - Auto-Lock

(d) Set to Never. If you cannot find "Never", you need to go to Settings - General - Reset - Reset All Settings.

(e) Enable Lock/Unlock

The internet connection will not be timeout or disconnected even you close the smartcase cover, unless you quit the application.

Make sure your MacBook Air's Energy Saving setting is set to "Never" when it is using battery. Meanwhile, the Energy Saving setting is set to prevent computer sleeping when using power adapter. However, I encounter some problem when connecting the shared wifi. I think we should wait for the release of 10.10.2 for the wifi fix.

In addition, the Personal Hotspot share with Bluetooth is awesome. It is stable and fast but with the distance limitation. It is the alternative of the wifi share at the moment.

That's all! See you.

Friday, December 05, 2014

HOWTO : Sandboxing Firefox on Mac OS X Yosemite (10.10.1)

Step 1 :

Go to the Apple Apps Store to install the current version of XCode if you do not have it installed.

Step 2 :

Install Homebrew if you do not have it installed.

sudo ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

To test the install if it is success or not :

brew doctor

Step 3 :

Install git if you do not have it installed.

brew install git

Step 4 :

cd /Users/Shared/

sudo git clone https://github.com/pansen/macos-sandbox-profiles.git

Step 5 :

cd /Applications/Firefox.app/Contents/MacOS/
sudo mv firefox-bin firefox-bin.real
sudo ln -sf /Users/Shared/macos-sandbox-profiles/bin/firefox-bin .


Step 6 :

Quit the Firefox if it is still running (not just close the browser) and then restart it.

That's all! See you.

Thursday, December 04, 2014

HOWTO : ArpON on Kali Linux 1.0.9a

ArpON (ARP handler inspection) is a portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning or ARP Poison Routing (APR) attacks. It blocks also the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.

Step 1 :

apt-get update
apt-get install arpon


Step 2 :

nano /etc/default/arpon

Uncomment the DARPI and RUN, makes it looking as :

DAEMON_OPTS='-q -f /var/log/arpon/arpon.log -g -d"
RUN="yes"


Step 3 :

Reboot your Kali Linux.

REFERENCE

ArpON - ARP Handler Inspection
Protect you from being ARP spoofing

That's all! See you.

HOWTO : ArpON on Mac OSX Yosemite (10.10.1)

ArpON (ARP handler inspection) is a portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning or ARP Poison Routing (APR) attacks. It blocks also the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.

Step 1 :

Go to the Apple Apps Store to install the current version of XCode if you do not have it installed.

Step 2 :

Install Homebrew if you do not have it installed.

sudo ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Step 3 :

To test the install if it is success or not :

brew doctor

Step 4 :

brew install git
brew install cmake
brew install libdnet
brew install libnet

brew link libdnet


Step 5 :

cd ~
sudo git clone git://git.code.sf.net/p/arpon/code arpon

sudo -sH
cd arpon
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/usr ..
make
make install


exit

Step 6 :

cd ~
nano arpon_startup

/usr/sbin/arpon -i en0 -D -q


chmod +x arpon_startup

Step 7 :

sudo nano /System/Library/LaunchDaemons/org.arpon.startup.plist



*** Please note that where "samiux" is my username, change to your username accordingly.

Step 8 :

Reboot your Mac.

REFERENCE

ArpON - ARP Handler Inspection
Installing Homebrew on OS X Yosemite 10.10, Package Manager for Unix Apps
Protect you from being ARP spoofing

That's all! See you.