Tuesday, November 5, 2013

Cool Script for Taking Screenshots in OSX Where You can Specify the Path and Name of File!

#!/bin/bash
usage() {
  echo "$0 <path>"
}
if [[ $1 != "" ]]; then
  screencapture -i $1
else
  usage
fi


Save this as screenshot_osx.sh and make it executable:

chmod 755 screenshot_osx.sh

To run it from Terminal simply do:

./screenshot_osx.sh /path/to/your/screenshot.png

A cross will be displayed to select what you want to capture...click, drag, snapshot, and enjoy!

Cheers 

Thursday, October 17, 2013

Brute Forcing a 32 Character Luks Password by Sequentially Iterating through a 32 Character Hex String

Just an example of iterating through a 32 character hex string.  As an example we're brute-forcing a Luks encryption password where the password is known to be a 128 bit hex string (good luck).

From irb, we find our largest number:

> "ffffffffffffffffffffffffffffffff".to_i(16)
 => 340282366920938463463374607431768211455 


Now we iterate, pad, and pass the value to luks:

(0..340282366920938463463374607431768211455).each do |num| 
  pass = sprintf("%032x", num)
  print "Passing #{pass}..."
  `echo -ne "#{pass}\r\n" | cryptsetup -q luksOpen /dev/sdb1 secureUSB`
end


Passing 00000000000000000000000000000000...No key available with this passphrase.
Passing 00000000000000000000000000000001...No key available with this passphrase.
Passing 00000000000000000000000000000002...No key available with this passphrase.
Passing 00000000000000000000000000000003...No key available with this passphrase.
Passing 00000000000000000000000000000004...No key available with this passphrase.
Passing 00000000000000000000000000000005...No key available with this passphrase.
Passing 00000000000000000000000000000006...No key available with this passphrase.
Passing 00000000000000000000000000000007...No key available with this passphrase.
Passing 00000000000000000000000000000008...No key available with this passphrase.
Passing 00000000000000000000000000000009...No key available with this passphrase.
Passing 0000000000000000000000000000000a...No key available with this passphrase.
Passing 0000000000000000000000000000000b...No key available with this passphrase.
Passing 0000000000000000000000000000000c...No key available with this passphrase.
Passing 0000000000000000000000000000000d...No key available with this passphrase.
Passing 0000000000000000000000000000000e...No key available with this passphrase.
Passing 0000000000000000000000000000000f...No key available with this passphrase.
Passing 00000000000000000000000000000010...No key available with this passphrase.
Passing 00000000000000000000000000000011...No key available with this passphrase.
Passing 00000000000000000000000000000012...No key available with this passphrase.
Passing 00000000000000000000000000000013...No key available with this passphrase.
Passing 00000000000000000000000000000014...No key available with this passphrase.
Passing 00000000000000000000000000000015...No key available with this passphrase.
Passing 00000000000000000000000000000016...No key available with this passphrase.
Passing 00000000000000000000000000000017...No key available with this passphrase.
Passing 00000000000000000000000000000018...No key available with this passphrase.
Passing 00000000000000000000000000000019...No key available with this passphrase.
Passing 0000000000000000000000000000001a...No key available with this passphrase.

Be sure to reference the appropriate Luks block device (e.g. /dev/sdc1).

Cheers!

Friday, November 23, 2012

Simple Script to Update All of Your Ubuntu Machines Securely Over SSH from One Central Location

First configure certificate-based authentication with no password on the server that will manage the updates for the rest of your hosts:

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/<YOURUSERNAME>/.ssh/id_rsa): <ENTER>
Enter passphrase (empty for no passphrase): <ENTER>
Enter same passphrase again: <ENTER>
Your identification has been saved in /home/<YOURUSERNAME>/.ssh/id_rsa.
Your public key has been saved in /home/<YOURUSERNAME>/.ssh/id_rsa.pub.
The key fingerprint is:
82:ef:d2:3a:b3:5f:9d:bc:41:ac:10:42:8f:a3:24:02 <YOURUSERNAME>@<THE_UPDATE_SERVER>
The key's randomart image is:
+--[ RSA 2048]----+
|    E.. .        |
|       o o       |
|      . = o      |
|       + + . .   |
|      o S .   o  |
|     .  .  . = . |
|     ...    o =  |
|    . . +  .   o |
|     .. .=.   .  |
+-----------------+

This will generate ~/.ssh/id_rsa.pub - copy the contents of this file into ~/.ssh/authorized_keys on every host you'd like to update (~/.ssh/authorized_keys should be the home folder of the user that will be used to ssh into the host that will obtain an update).

Once you can ssh into each host from the server without entering a password, create the file /usr/local/etc/update_da_boxen.config on the update server:

$ sudo touch /usr/local/etc/update_da_boxen.config

Next include one username@host_to_update entry on each line within /usr/local/etc/update_da_boxen.config:

johndoe@firsthosttoupdate
jackie@seconfdhosttoupdate
janedee@thirdhosttoupdate

Save your changes and ensure the file is only readable by root:

chmod 600 /usr/local/etc/update_da_boxen.config && chown root:root /usr/local/etc/update_da_boxen.config

Next create /usr/local/scripts/update_da_boxen.rb:

#!/usr/bin/env ruby
target_user_at_hosts_file = '/usr/local/etc/update_da_boxen.config'
File.read(target_user_at_hosts_file).each_line do |l|
  user_at_host = l.strip.chomp
  system("ssh #{user_at_host} 'sudo apt-get update'")
  system("ssh #{user_at_host} 'sudo apt-get upgrade --assume-yes'")
  system("ssh #{user_at_host} 'sudo apt-get dist-upgrade --assume-yes'")
end

Save your changes and make /usr/local/scripts/update_da_boxen.rb executable:

$ sudo chmod 700 /usr/local/scripts/update_da_boxen.rb && sudo chown root:root /usr/local/scripts/update_da_boxen.rb

To ensure the example script above works, your remote SSH user must be added as a sudoer on the client host that will be included in the update pool:

# visudo

If you don't want to have to type a password to obtain sudo authorization, enter the following:

<YOURUSERNAME> ALL=(ALL:ALL) NOPASSWD:ALL

Replace <YOURUSERNAME> with the SSH user of the host that will be updated.

Cheers! 

Thursday, November 22, 2012

Install the Latest Oracle Java JDK in Ubuntu with Ruby


#!/usr/bin/env ruby
# Download Files at: http://www.oracle.com/technetwork/java/javase/downloads/java-se-jdk-7-download-432154.html
if ARGV[0].nil?
  puts "Usage #{$0} <path of downloaded oracle tgz file>"
else
  update_file = ARGV[0]
  if File.extname(update_file) == ".tgz" || File.basename(update_file)[-6..-1] == "tar.gz"
    java_root = `tar -tzf #{update_file}`.split("\/")[0]
    update_root = "/usr/lib/jvm"
    system("tar -xzvf #{update_file}") unless Dir.exists?("#{update_root}/#{java_root}")
    first_time_installing_java = false
    unless Dir.exists?("/usr/lib/jvm") 
      `mkdir /usr/lib/jvm`
      first_time_installing_java = true
    end
    `mv #{java_root} #{update_root}` unless Dir.exists?("#{update_root}/#{java_root}")
    if first_time_installing_java
      system("update-alternatives --install '/usr/bin/java' 'java' '#{update_root}/#{java_root}/bin/java' 1")
      system("update-alternatives --install '/usr/bin/javac' 'javac' '#{update_root}/#{java_root}/bin/javac' 1")
      system("update-alternatives --install '/usr/bin/javaws' 'javaws' '#{update_root}/#{java_root}/bin/javaws' 1")
    else
      system("update-alternatives --config java")
      system("update-alternatives --config javac")
      system("update-alternatives --config javaws")
    end
    print "Populate Username that Will Use the Mozilla Firefox Java Plugin: "
    username = STDIN.gets.chomp
    if username != "root"
      mozilla_java_plugin_dir = "/home/#{username}"
    else
      mozilla_java_plugin_dir = "/root/.mozilla/plugins"
    end
    puts "MOZILLA PLUGIN HOME DIR = #{mozilla_java_plugin_dir}/libnpjp2.so"
    `mkdir #{mozilla_java_plugin_dir}` unless Dir.exists?(mozilla_java_plugin_dir)
    `ln -sf #{update_root}/#{java_root}/jre/lib/amd64/libnpjp2.so #{mozilla_java_plugin_dir}`
    `ln -sf #{update_root}/#{java_root}`
  else
    puts "ERROR!!! This script only support .tgz or tar.gz Oracle Java files..."
    exit
  end
end

Friday, August 31, 2012

Installing the "curb" Ruby Gem in Windows



Download the Ruby DevKit and Extract into C:\Devkit:
https://github.com/downloads/oneclick/rubyinstaller/DevKit-tdm-32-4.5.2-20111229-1559-sfx.exe

Type the following command from a command prompt:
cd \Devkit
devkitvars.bat

Download this file and extract it into C:\Windows\Sytem32:
http://curl.haxx.se/gknw.net/7.27.0/dist-w32/curl-7.27.0-rtmp-ssh2-ssl-sspi-zlib-idn-static-bin-w32.zip

Download this file and extract it into C:\
http://curl.haxx.se/gknw.net/7.27.0/dist-w32/curl-7.27.0-devel-mingw32.zip

Finally, from the same command prompt, run the following command:
gem install curb -- --with-curl-lib=C:\curl-7.27.0-devel-mingw32\bin --with-curl-include=C:\curl-7.27.0-devel-mingw32\include

Friday, August 10, 2012

Wild Kill...Yeee-Haaah!!!

#!/bin/bash
ps -ef | grep $1 | awk '{print $2}' | while read pid; do kill -15 $pid; done

Save the script as wildkill.sh, make it executable:

chmod 755 wildkill.sh

and run it like this:

./wildkill.sh firefox

This will kill any process that contains the name firefox...be sure you know what you're killing because this script can be wild!

Yeee-Haaah!


Tuesday, July 17, 2012

haxor_android: streamlining monotonous mobile preparation prior to a security engagement



Periodic element class for security engagements on Android devices...requires the Anroid SDK. This package also requires a rooted device.
Create your own rendition of this class based on the README at: https://github.com/ninp0/kore_kit/tree/master/lib/kore_kit/telecom/mobile/android
Please note: You'll need to download and unzip extraxt dex2jar separately. Once extracted, create a symlink/shortcut to dex2jar.sh/dex2jar.bat (depending on your OS) CALLED "dex2jar" (NO EXTENSION) and place it in your PATH.

Cheers!