||||Hacking Europe

So I was roughing through some tcpdump output looking at dns requests, when it dawned on me … “Hey, this would be hella easier if I could sort through all this in Wireshark!” But this box I was on had no gui, and I didn’t want to increase attack vectors on the machine by installing a xserver etc. So I figured there had to be a way to do this with ssh forwarding. … So I did some google’ing and learned about file descriptors and how tcpdump can output raw tcp to stdout. Wireshark can read in this as a interface aswell. Since I’m lazy, I wanted to do this from my Windows 7 Dev box, it was a requirement to install cygwin with an xserver on it. I don’t think win32 Wireshark can read in named pipes.

Here it is, … from my xterm bash shell on my windows 7 box with cgywin … ssh -X user@mylinxbox.withxserve

Then ssh root@boxIwant.ToSniff “tcpdump -i eth0 -w -” | wireshark -k -i –

This pops up wireshark using stdout from the ssh’d tcpdump session. You can do all your various filters in wonderful wireshark bliss.

Happy Sniffing …

ps. Thanks to Napkins for helping me from over analyzing.

Hackers are notoriously lazy … and by watching Operation Swordfish, we also know that real hackers drink wine. I’ve been into wine for good while now, and have been watching Gary V’s Thunder Show since about ep. #103-108. Today I will admit, I am no longer a lurker. Check out http://tv.winelibrary.com it’s pretty awesome. Also to get right into how awesome Gary V is, check him out on Conan … http://tv.winelibrary.com/gary-vaynerchuk-on-late-night-with-conan-obrien/

Gary V actually eats dirt to stress the point of expanding your palate! http://tv.winelibrary.com/2006/12/15/how-to-get-your-wine-palate-trained-episode-148/ … personally my favorite episode.

p.s. winexe = awesome … psexec for Linux!

So I was Shmoocon 2010 … it was pretty fun. Got snowed in by the worst DC snowstorm in 100 years ( global warming my ass ) and got to spend some time with some cool people.

My favorite talk was VMware guest stealing. However Ron over at skullsecurity.org has already released a NMap script for detecting this. http://www.skullsecurity.org/blog/?p=436

Check it out!

So I got my hands on a Alfa Wireless-N 500mW and decided to play around with some wireless foo … I’m impressed with the new Alfa. It’s got built-in support Backtrack and it’s capable of monitor mode and packet injection.

Also I wanted to share this really simple clean guide on airodump-ng, aireplay-ng, and aircrack-ng.

http://ryanunderdown.com/linux/cracking-wep-using-backtrack.php

He makes cracking wireless so simple I think my mom could do it. ( She recently asked me if she should place a CD in the tray shiny side up or down! )

I’m sure there are a billion ways to do this better but in the mean time, here it is. BarCrawl, the pastebin crawler/dumper!

Feel free to send me your thoughts or improvements.

barcrawlv1.py

keep hacking!

http://twitter.com/str0ke

He appears to be tweeting so … I think thats the last time I’m going to http://bl4cksecurity.blogspot.com

http://bl4cksecurity.blogspot.com/2009/11/str0ke-milworms-funeral-is-this-friday.html Is reporting that str0ke from milw0rm has passed away. Although it would explain his absence, I think we need to see some more official sources.

So I was recently on PaulDotCom’s Episode 173 and it was a good experience. I was a little nervous the first part, then got interrupted by Security Justice and did a bit better when I was talking about BarCrawl. In anycase I’m still working on BarCrawl and I’ll release it soon in the next week or so.

However on a different note, have you seen the updates on Milworm … or the lack there of? The last exploit was posted in September.

keep hacking

So we’ve all heard about the pastebin Hotmail password leak … This might come as a surprise to some, but people have been using pastebin for all sorts of craziness. My friends over at Pastebinfail.com have been documenting some of the more wilder posts. Everything from base64 encoded jpegs of owl’s to botnet command and control. I’ve been toying with a python script that crawls pastebin’s Recent Posts and pops out various posts of interests. Right now it’s pretty basic, but I need it to send the data in various mediums. Using gmail was pretty stupid on my part. Google temporarily banned my account for sending myself more then 700 messages in the 24 hr. limit. But in anycase after it gets a little bit more mature I’ll release it.

I’m also scheduled to go on the PaulDotCom Podcast on the 29th of this month. I’m sure pastebin will come up.

anyways, keep hacking

ftp

Information Gathering seems to really be at the front of the list from recent talks and conferences. So I guess everyone has their own way or method when it comes to pen-testing. But I would almost guarantee that information gathering is one of the first things you do. There are a ton of tools out there starting to automate this, link relevant data together and in general make this task faster and more fruitful. Chris Gate’s talk at BruCon is pretty solid and has a great over view of open source tools.

Pick a mirror and his talk is labeled “Open-Source-Information-Gathering_Chris-Gates.ogg”
Brucon Videos
And the presentation is at
Brucon Presentations

Some of my personal favorites:
Robtex.com
And
Serversniff.net

Anyways I’m still toying with the site and trying to figure out what my goals are. But for now, keep hacking