/* printer identifier wont work let me know if someone has an idea*/
#include <stdio.h>
#include <stdlib.h>
void do_heading(char *filename);
int line = 0, page = 0;
int main(int argv, char *argc[])
{
char buffer [256];
FILE *fp;
if (argv < 2)
{fprintf(stderr, "\nProper usage is :");
fprintf(stderr, "\n\nprint_it filename.ext\n");
return(1);
}
if ((fp = fopen(argc[1], "r")) == NULL)
{ fprintf(stderr, "error opeing file , %s!", argc[1]);
return(1);
}
page = 0;
line = 0;
do_heading( argc[1]);
while ( fgets( buffer, 256, fp) != NULL)
{ if (line % 55 == 0)
do_heading( argc[1] );
fprintf( stdprn, "%4d:\t%s", line++, buffer);
}
fprintf(stdprn, "\f" );
fclose(fp);
system("PAUSE");
return 0;
}
void do_heading( char *filename)
{page++;
if (page > 1)
fprintf(stdprn, "\f");
fprintf(stdprn, "page: %d, %s\n\n", page, filename);
}
system("PAUSE");
return 0;}
Monday, January 31, 2011
Friday, January 28, 2011
Tcpwrapped
For the most part its a very good strategy of being protected by the casual hacker, and is quite difficult to get passed. I have yet found a good article to cite on here about it and getting through one but I have knowledge on firewall evasion,
Here is some stuff
One of the major things that tends to happen in response to a attempt to connect to a filtered port are security logs. For the most part tcpwrappers also produce logs of there own, usually once someone sees them they tend to run, well that's the hope involved.
easy example of firewall detection would be this example, but plug in ports of common firewalls
nmap -n -vv -P0 -p256, 257, 258, 1080, 1745 <victim>
also banner grabbing to enumerate a service that might be a firewall
nc -v -n < target Ip> <port>
a lot of times enumerating a firewall will entail specific details like version number of the firewall or a message deployed by some generic ones which can be searched for 0 day
Traceroute is a easy example of getting there till hitting the blockade one you get the asterisk you have hit the firewall
traceroute <target ip>
You may also use the -I argument to enforce the use of icmp packets if ttl/udp is being blocked.
You can also reconstruct packets to spoof a known packet to get through, firewalls do not do packet content analysis. There is a formula to get the right spoofed packet I encourage you to look it up the result number will go after -p.
traceroute -p28 <target ip>
You may also need to stop port incrementation so use the -S argument, but keep the conditioned packet
traceroute -S -p28 <target ip>
Fire walking:
There are two requirements
1. Ip address of last gateway detected before firewall is hit
2. Ip address of host located in fire walled area.
Enumeration behind firewall
firewalk -n -P1-8 -pTCP <target gateway> < target host>
Raw packet transmission with hping
Enumerates the ACL by analyzing whether it RST/ACK/REJECT/DROP packets
Depending on what your result is you will know if a firewall is present or not
hping <target ip> -c2 -S -p21 -n
If you find yourself a vunerable firewall your next step would be fragmentation and spoofing more to the side of fragmentation
**This is a general and broad view of Firewall evasion and enum/detection. This was a introduction to the tools used, full in depth research is required before use.
I wouldn't want to go into depth and spoon feed you =] cheers!**
0r1x
Here is some stuff
One of the major things that tends to happen in response to a attempt to connect to a filtered port are security logs. For the most part tcpwrappers also produce logs of there own, usually once someone sees them they tend to run, well that's the hope involved.
easy example of firewall detection would be this example, but plug in ports of common firewalls
nmap -n -vv -P0 -p256, 257, 258, 1080, 1745 <victim>
also banner grabbing to enumerate a service that might be a firewall
nc -v -n < target Ip> <port>
a lot of times enumerating a firewall will entail specific details like version number of the firewall or a message deployed by some generic ones which can be searched for 0 day
Traceroute is a easy example of getting there till hitting the blockade one you get the asterisk you have hit the firewall
traceroute <target ip>
You may also use the -I argument to enforce the use of icmp packets if ttl/udp is being blocked.
You can also reconstruct packets to spoof a known packet to get through, firewalls do not do packet content analysis. There is a formula to get the right spoofed packet I encourage you to look it up the result number will go after -p.
traceroute -p28 <target ip>
You may also need to stop port incrementation so use the -S argument, but keep the conditioned packet
traceroute -S -p28 <target ip>
Fire walking:
There are two requirements
1. Ip address of last gateway detected before firewall is hit
2. Ip address of host located in fire walled area.
Enumeration behind firewall
firewalk -n -P1-8 -pTCP <target gateway> < target host>
Raw packet transmission with hping
Enumerates the ACL by analyzing whether it RST/ACK/REJECT/DROP packets
Depending on what your result is you will know if a firewall is present or not
hping <target ip> -c2 -S -p21 -n
If you find yourself a vunerable firewall your next step would be fragmentation and spoofing more to the side of fragmentation
**This is a general and broad view of Firewall evasion and enum/detection. This was a introduction to the tools used, full in depth research is required before use.
I wouldn't want to go into depth and spoon feed you =] cheers!**
0r1x
Wednesday, January 26, 2011
Connecting wpa/wep
Connection to wep
#iwconfig <interface> essid <nameofnetwork> key <hexkey>
#dhclient <interface>
Connection to wpa/wpa2
\\first make a conf file in dir /etc/wpa_supplicant
#touch wpa_supplicant.conf
#wpa_passphrase your_ssid your_psk
\\ copy your output and pastse it in here
#sudo nano -w /etc/wpa_supplicant.conf
#sudo wpa_supplicant -Bw -Dwext -i eth0 -c/etc/wpa_supplicant.conf
You can always type --help after the command to view more info
I know some of you asked me this recently including recently so I thought id give somthing to reference
#iwconfig <interface> essid <nameofnetwork> key <hexkey>
#dhclient <interface>
Connection to wpa/wpa2
\\first make a conf file in dir /etc/wpa_supplicant
#touch wpa_supplicant.conf
#wpa_passphrase your_ssid your_psk
\\ copy your output and pastse it in here
#sudo nano -w /etc/wpa_supplicant.conf
#sudo wpa_supplicant -Bw -Dwext -i eth0 -c/etc/wpa_supplicant.conf
You can always type --help after the command to view more info
I know some of you asked me this recently including recently so I thought id give somthing to reference
Tuesday, January 25, 2011
Almost done with first C book
Just ordered another book, the one I ordered is "Sams Teach Yourself C in 21 days"
suppose to be intermediate book. Should be able to grind through it pretty quick. Then on too "Advanced C" I forget what author.
Heres were I'm at
#include <cstdlib>
#include <iostream>
#include <conio.h>
#include <ctype.h>
#include <string.h>
#include <stdio.h>
#include <math.h>
#include <stdlib.h>
using namespace std;
main()
{
int ctr;
int idSearch;
int found = 0;
int custID[10] = {313, 453, 502, 101, 892,
475, 792, 912, 343, 633};
float custBal[10] = { 0.00, 45.43, 71.23, 301.56, 9.08,
192.41, 389.00, 229.27, 18.31, 59.54};
int tempID, inner, outer, didSwap;
float tempBal;
for (outer = 0; outer < 9; outer++)
{didSwap = 0;
for (inner = outer; inner < 10; inner++)
{if (custID[inner] < custID[outer])
{tempID = custID[inner];
tempBal = custBal[inner];
custID[inner] = custID[outer];
custBal[inner] = custBal[outer];
custID[outer] = tempID;
custBal[outer] = tempBal;
didSwap = 1;}}
if (didSwap == 0)
{break;}
}
printf("\n***Customer Balance lookup***\n");
printf(" What is your customer ID?");
scanf(" %d", &idSearch);
for (ctr=0; ctr<10; ctr++)
{if (idSearch == custID[ctr])
{found = 1;
break;}
if (custID[ctr] > idSearch)
{break;}
}
if (found)
{ if (custBal[ctr] > 100.00)
{printf("\n That customer balance is %.2f.\n", custBal[ctr]);
printf(" No Credit\n");
}
else
{printf(" The customers Credit is good\n");}
}
else
{ printf("\n **** You must hav typed an incorrect cusomter ID****\n");
printf(" \n Id number %3d was not found in list\n", idSearch);}
system("PAUSE");
return 0;
}
Best song for Grinding applies to grinding in games too is
Wheel in the sky - journey
suppose to be intermediate book. Should be able to grind through it pretty quick. Then on too "Advanced C" I forget what author.
Heres were I'm at
#include <cstdlib>
#include <iostream>
#include <conio.h>
#include <ctype.h>
#include <string.h>
#include <stdio.h>
#include <math.h>
#include <stdlib.h>
using namespace std;
main()
{
int ctr;
int idSearch;
int found = 0;
int custID[10] = {313, 453, 502, 101, 892,
475, 792, 912, 343, 633};
float custBal[10] = { 0.00, 45.43, 71.23, 301.56, 9.08,
192.41, 389.00, 229.27, 18.31, 59.54};
int tempID, inner, outer, didSwap;
float tempBal;
for (outer = 0; outer < 9; outer++)
{didSwap = 0;
for (inner = outer; inner < 10; inner++)
{if (custID[inner] < custID[outer])
{tempID = custID[inner];
tempBal = custBal[inner];
custID[inner] = custID[outer];
custBal[inner] = custBal[outer];
custID[outer] = tempID;
custBal[outer] = tempBal;
didSwap = 1;}}
if (didSwap == 0)
{break;}
}
printf("\n***Customer Balance lookup***\n");
printf(" What is your customer ID?");
scanf(" %d", &idSearch);
for (ctr=0; ctr<10; ctr++)
{if (idSearch == custID[ctr])
{found = 1;
break;}
if (custID[ctr] > idSearch)
{break;}
}
if (found)
{ if (custBal[ctr] > 100.00)
{printf("\n That customer balance is %.2f.\n", custBal[ctr]);
printf(" No Credit\n");
}
else
{printf(" The customers Credit is good\n");}
}
else
{ printf("\n **** You must hav typed an incorrect cusomter ID****\n");
printf(" \n Id number %3d was not found in list\n", idSearch);}
system("PAUSE");
return 0;
}
Best song for Grinding applies to grinding in games too is
Wheel in the sky - journey
Monday, January 24, 2011
The Truth of Hacker
The Definition of hacker has been debated for a long time, it's nothing new. It's common with today's perception, at instance when someone perceives hacking its immediately thought of breaking a into a system or account. Dogmatic people are, for we can validate it with by cnn's comments. Im not going to debate why theres two definitions, to keep it simple, one person ruins it for the rest. Then the media reports amplified contorted versions.
From my Websters New World 10th edition Computer dictionary
The untouched definition
"Traditionally, a computer enthusiast who enjoys learning everything about a computer system or network
and pushing the system to its highest possible level of performance through clever programming. Hackers do not necessarily engage in unauthorized computer access (Cracking) or other illegal activities. In the press and popular usage, hackers are often equated with computer criminals, to the consternation of hackers and those with some knowledge of the computers history " page 166
From my Websters New World 10th edition Computer dictionary
The untouched definition
"Traditionally, a computer enthusiast who enjoys learning everything about a computer system or network
and pushing the system to its highest possible level of performance through clever programming. Hackers do not necessarily engage in unauthorized computer access (Cracking) or other illegal activities. In the press and popular usage, hackers are often equated with computer criminals, to the consternation of hackers and those with some knowledge of the computers history " page 166
Updating
I also would like everyone to know that I will be updating this as much as possible, and subjects will include response to current events, Exploits, C Security engineering(when I get there), Biblical response to new Security Technologies, and Philosophy of Hacking(The definition has been broken down and miss-interpreted for the last 15 years)
C language as first
I still believe C is the best first programing language to learn first, although its intimidating at first. It all boils down to the medium for which you want to learn from. I recommend "Absolute beginners guide to C". It gives you a stronge undestanding of basic functions and operators which solidify the backbone of Programming; plus it makes all other languages look simplified and easy to learn. Just pick up the medium, Grind it out.
Subscribe to:
Posts (Atom)