Ramblings of a NetSec addict
This really is a trivial code snippet, but as with most scripts it comes in handy because it simplifies even a basic task further. Save this to a simple filename like ‘hex2file’ and place it in your /usr/bin directory. Whenever you need to write out hex characters directly to a file use the following syntax.
hex2file 4142434445 > hexfile.bin |
hex2file 4142434445 > hexfile.bin
Recently I undertook a challenge that needed attempt a brute force login on an application. I quickly wrote up a brute forcing script that took advantage of threads to increase the rate of attempts. This application is not usable ‘as is’ because of course you’ll need to modify and enter your own IP address and login syntax. Otherwise it should be useful as a template to threadify any tasks you wish to complete.
The logic of the script is to read in a list of username and password values, then push the usernames onto a queue. Each username (handled by an individual thread) goes through and tests each of the passwords in the list against the application. If the text that appears in a failed login appears it will print the failed message, otherwise it will print login successful.
[Read more…]
There are a ton of certification’s in the information security space. While some certifications are ‘good’ and some are ‘bad’, often it’s more a case of different certs for different purposes. If you want to tick a box on a resume you go for CEH, if you want to focus on the theoretical side you go for CISSP, if your boss is paying you go for SANS, and if you want to learn you go for Offensive Security. Okay okay, perhaps that’s a little harsh on the others but in my opinion Offensive Security offers by far the best value for money certifications on the market today.
[Read more…]
This peach pit makes the assumption that the FTP communication follows the sequence:
‘Receive Banner’ > ‘Send Anonymous Login’ > ‘Receive OK, Request Password’ > ‘Send Password’ > ‘Receive OK’ > ‘Send Command’ > ‘Receive Response’
In order to run this pit you can use the command below, but I’ve also created a python wrapper (below) which can be used to sequentially call peach with different commands to fuzz. This helps automate the process further.
peach -DCOMMAND=###Command to Fuzz### ftp_command_fuzz.xml |
peach -DCOMMAND=###Command to Fuzz### ftp_command_fuzz.xml
Often in the info world you’ll run into plenty of Base64 encoded strings. A typical giveaway is the trailing = or == in many cases.
Tool
base64
Basic Syntax
base64 -i <file> base64 -di <file> |
base64 -i <file> base64 -di <file>