GCC is a compiler system produced by the GNU Project supporting various programming languages.
GCC support C, C++, Fortran, Java, Ada and others.
Syntax : gcc [options] file
Options :
-v : Display the programs invoked by the compiler
-E : Preprocess only; do not compile, assemble or link
-S : Compile only; do not assemble or link
-c : Compile and assemble, but do not link
-o file : Place the output into file
-pie : Create a position independent executable
-shared : Create a shared library
Ex : gcc plot.c -o plot
./plot <- run
For more informations type : gcc --help or gcc --target-help
If you have a problem or you need some explanations just write under this post!
Saturday, March 30, 2013
Friday, March 29, 2013
Ps - process control
Ps return a snapshot of the current processes.
Pay attention 'cause ps -a is distinct from ps a
This version of ps accepts several kinds of options:
-UNIX options, which may be grouped and must be preceded by a dash.
-BSD options, which may be grouped and must not be used with a dash.
-GNU long options, which are preceded by two dashes.
Syntax : ps [options]
Options :
-A : Select all processes
-a : Select all processes except both session leaders and processes not associated with a terminal
-d : Select all processes except session leaders
g : Really all, even session leaders
-N : Select all processes except those that fulfill the specified conditions
T : Select all processes associated with this terminal
r : Restrict the selection to only running processes
-C cmdlist : Select by command name
-G grouplist : Select by real group ID or name
-g grouplist : Select by session OR by effective group name
-p pidlist : Select by process ID
--ppid pidlist : Select by parent process ID
-s sessionlist : Select by session ID
-t ttylist : Select by tty
-U userlist : Select by real user ID or name
-u userlist : Select by effective user ID or name
-c : Show different scheduler information for the -l option
-f : Do full-format listing
-F : Extra full format
-j : Jobs format
-l : Long format
-M : Add a column of security data
s : Display signal format
u : Display user-oriented format
v : Display virtual memory format
X : Register format
--columns n : Set screen width
--lines n : Set screen height
--cumulative : Include some dead child process data
e : Show the environment after the command
f : ASCII art process hierarchy
h : No header
-H : Show process hierarchy
--headers : Repeat header lines
-n namelist : Set namelist file
Examples :
ps -e : see every process
ps -ef : see every processes with full format listing
ps -U hackforlulz : see every processes running as hackforlulz user (real)
ps -p 666 : see process with pid = 666
ps -p 666 -H : see process with pid = 666 and the hierarchy
For more informations about ps type : man ps
If you have a problem or you need some explanations just write under this post!
Pay attention 'cause ps -a is distinct from ps a
This version of ps accepts several kinds of options:
-UNIX options, which may be grouped and must be preceded by a dash.
-BSD options, which may be grouped and must not be used with a dash.
-GNU long options, which are preceded by two dashes.
Syntax : ps [options]
Options :
-A : Select all processes
-a : Select all processes except both session leaders and processes not associated with a terminal
-d : Select all processes except session leaders
g : Really all, even session leaders
-N : Select all processes except those that fulfill the specified conditions
T : Select all processes associated with this terminal
r : Restrict the selection to only running processes
-C cmdlist : Select by command name
-G grouplist : Select by real group ID or name
-g grouplist : Select by session OR by effective group name
-p pidlist : Select by process ID
--ppid pidlist : Select by parent process ID
-s sessionlist : Select by session ID
-t ttylist : Select by tty
-U userlist : Select by real user ID or name
-u userlist : Select by effective user ID or name
-c : Show different scheduler information for the -l option
-f : Do full-format listing
-F : Extra full format
-j : Jobs format
-l : Long format
-M : Add a column of security data
s : Display signal format
u : Display user-oriented format
v : Display virtual memory format
X : Register format
--columns n : Set screen width
--lines n : Set screen height
--cumulative : Include some dead child process data
e : Show the environment after the command
f : ASCII art process hierarchy
h : No header
-H : Show process hierarchy
--headers : Repeat header lines
-n namelist : Set namelist file
Examples :
ps -e : see every process
ps -ef : see every processes with full format listing
ps -U hackforlulz : see every processes running as hackforlulz user (real)
ps -p 666 : see process with pid = 666
ps -p 666 -H : see process with pid = 666 and the hierarchy
For more informations about ps type : man ps
If you have a problem or you need some explanations just write under this post!
Wednesday, March 27, 2013
Dmesg
Dmesg is used to examine or control the kernel ring buffer.
Syntax : dmesg [options]
-C : clear the kernel ring buffer
-c : read and clear all messages
-D : disable printing messages to console
-d : show time delta between printed messages
-e : show local time and time delta in readable format
-E : enable printing messages to console
-F file : use the file instead of the kernel log buffer
-f list : restrict output to defined facilities
-k : display kernel messages
-l list : restrict output to defined levels
-n level : set level of messages printed to console
-r : print the raw message buffer
-S : force to use syslog(2) rather than /dev/kmsg
-s size : buffer size to query the kernel ring buffer
-T : show human readable timestamp
-t : don't print messages timestamp
-u : display userspace messages
-x : decode facility and level to readable string
For more informations type : dmesg -h
If you have a problem or you need some explanations just write under this post!
Syntax : dmesg [options]
-C : clear the kernel ring buffer
-c : read and clear all messages
-D : disable printing messages to console
-d : show time delta between printed messages
-e : show local time and time delta in readable format
-E : enable printing messages to console
-F file : use the file instead of the kernel log buffer
-f list : restrict output to defined facilities
-k : display kernel messages
-l list : restrict output to defined levels
-n level : set level of messages printed to console
-r : print the raw message buffer
-S : force to use syslog(2) rather than /dev/kmsg
-s size : buffer size to query the kernel ring buffer
-T : show human readable timestamp
-t : don't print messages timestamp
-u : display userspace messages
-x : decode facility and level to readable string
For more informations type : dmesg -h
If you have a problem or you need some explanations just write under this post!
Tuesday, March 26, 2013
Wordpress Bruteforce
Wordpressbf is a python tool for login wordpress bruteforce.
You can download wordpressbf from here
Syntax : ./wordpressbf.py site user wordlist [options]
Options :
-p host:port : proxy
-v : verbose mode
ex : ./wordpressbf.py http://wordpress-site/wp-login.php HackForLulz /home/hackforlulz/wordlist
If you have a problem or you need some explanations just write under this post!
You can download wordpressbf from here
Syntax : ./wordpressbf.py site user wordlist [options]
Options :
-p host:port : proxy
-v : verbose mode
ex : ./wordpressbf.py http://wordpress-site/wp-login.php HackForLulz /home/hackforlulz/wordlist
If you have a problem or you need some explanations just write under this post!
Monday, March 25, 2013
Sunday, March 24, 2013
Uname - Linux
Uname is a tools for kernel and system informations.
Syntax : uname [option]
Options:
-a : all informations
-s : kernel name
-n : network node hostname
-r : kernel relase
-v : kernel version
-m : machine hardware name
-p : processor type
-i : hardware platform
-o : operating system
For help : uname --help
If you have a problem or you need some explanations just write under this post!
Syntax : uname [option]
Options:
-a : all informations
-s : kernel name
-n : network node hostname
-r : kernel relase
-v : kernel version
-m : machine hardware name
-p : processor type
-i : hardware platform
-o : operating system
For help : uname --help
If you have a problem or you need some explanations just write under this post!
XMPP (Jabber)
XMPP (Extensible Messaging and Presence Protocol) is a communications protocol for message-oriented middleware based on XML.
The protocol was originally named Jabber.
Jabber.org is the original IM service based on XMPP, an open standard for instant messaging.
Click here to register jabber.org
Download a xmpp client like pidgin.
Accounts/manage account/ADD <- add account on pidgin.
Pidgin support a lot of protocol you must use xmpp.
examples : hackforlulz@jabber.org
Username : hackforlulz
Domain : jabber.org
Pidgin-otr is a plugin for pidgin that allows you to have private conversations over instant messaging by providing:
- No one else can read your instant messages.
- You are assured the correspondent is who you think it is.
The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
- If you lose control of your private keys, no previous conversation is compromised.
Add hackforlulz to your account -> hackforlulz@jabber.org
If you have a problem or you need some explanations just write under this post!
The protocol was originally named Jabber.
Jabber.org is the original IM service based on XMPP, an open standard for instant messaging.
Click here to register jabber.org
Download a xmpp client like pidgin.
Accounts/manage account/ADD <- add account on pidgin.
Pidgin support a lot of protocol you must use xmpp.
examples : hackforlulz@jabber.org
Username : hackforlulz
Domain : jabber.org
Pidgin-otr is a plugin for pidgin that allows you to have private conversations over instant messaging by providing:
- No one else can read your instant messages.
- You are assured the correspondent is who you think it is.
The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
- If you lose control of your private keys, no previous conversation is compromised.
Add hackforlulz to your account -> hackforlulz@jabber.org
If you have a problem or you need some explanations just write under this post!
Saturday, March 23, 2013
IRC - Internet relay chat
Internet Relay Chat (IRC) is a protocol for live interactive Internet text messaging (chat)
It is mainly designed for group communication in discussion forums, called channels, but also allows one-to-one communication via private message as well as chat and data transfer, including file sharing.
An irc example is : irc.autistici.org/6667 (irc.autustici.org <- address, 6667 <- port).
There are a lot of client like hexchat, irrsi, weechat and others.
There are commands about nickserv, chanserv, botserv, memoserv.
Type :
/msg nickserv help -> more informations about nickserv
/msg chanserv help -> more informations about chanserv
/msg botserv help -> more informations about botserv
/msg memoserv help -> more informations about memoserv
There are a lot of mode for nickserv and chanserv.
/mode + mode -> set mode
/mode - mode -> remove mode
For a list of irc mode use Google. (Remember, Google is your friend, maybe).
/kick -> kick user from a chan
/ban -> ban a nick or host from a chan
Join hack forlulz's irc on irc.autistici.org/6667 chan #HackForLulz or join from webchat here.
If you have a problem or you need some explanations just write under this post!
It is mainly designed for group communication in discussion forums, called channels, but also allows one-to-one communication via private message as well as chat and data transfer, including file sharing.
An irc example is : irc.autistici.org/6667 (irc.autustici.org <- address, 6667 <- port).
There are a lot of client like hexchat, irrsi, weechat and others.
There are commands about nickserv, chanserv, botserv, memoserv.
Type :
/msg nickserv help -> more informations about nickserv
/msg chanserv help -> more informations about chanserv
/msg botserv help -> more informations about botserv
/msg memoserv help -> more informations about memoserv
There are a lot of mode for nickserv and chanserv.
/mode + mode -> set mode
/mode - mode -> remove mode
For a list of irc mode use Google. (Remember, Google is your friend, maybe).
/kick -> kick user from a chan
/ban -> ban a nick or host from a chan
Join hack forlulz's irc on irc.autistici.org/6667 chan #HackForLulz or join from webchat here.
If you have a problem or you need some explanations just write under this post!
Friday, March 22, 2013
Crunch - wordlist generator
Crunch can create a wordlist based on criteria you specify. The outout from crunch can be sent to the screen, file, or to another program.
You can find crunch here
Syntax : crunch min max charset [options] (default charset : abcdefghijklmopqrstuvwxyz)
Options :
-b : maximum bytes to write to output file. depending on the blocksize files may be some bytes smaller than specified but never bigger
-c : numbers of lines to write to output file, only works if "-o START"
-d : specify -d [n][@,%^] to suppress generation of strings with more than [n] adjacent duplicates from the given character set
-f : path to a file containing a list of character sets (example -f charset.lst)
-l : literal characters to use in -t @,%^
-o : allows you to specify the file to write the output to
-p : prints permutations without repeating characters
-r : resume a previous session
-s : allows you to specify the starting string
-t [FIXED]@,%^ : allows you to specify a pattern
Example: crunch 3 4 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234456789 -o /home/hackforlulz/outputfile
Min = 3
Max = 3
Characters = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234456789
Output = /home/hackforlulz/outputfile
If you have a problem or you need some explanations just write under this post!
You can find crunch here
Syntax : crunch min max charset [options] (default charset : abcdefghijklmopqrstuvwxyz)
Options :
-b : maximum bytes to write to output file. depending on the blocksize files may be some bytes smaller than specified but never bigger
-c : numbers of lines to write to output file, only works if "-o START"
-d : specify -d [n][@,%^] to suppress generation of strings with more than [n] adjacent duplicates from the given character set
-f : path to a file containing a list of character sets (example -f charset.lst)
-l : literal characters to use in -t @,%^
-o : allows you to specify the file to write the output to
-p : prints permutations without repeating characters
-r : resume a previous session
-s : allows you to specify the starting string
-t [FIXED]@,%^ : allows you to specify a pattern
Example: crunch 3 4 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234456789 -o /home/hackforlulz/outputfile
Min = 3
Max = 3
Characters = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234456789
Output = /home/hackforlulz/outputfile
If you have a problem or you need some explanations just write under this post!
Wednesday, March 20, 2013
Guide to Python [ITA]
Tuesday, March 19, 2013
OpenVpn
OpenVPN is an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities.
It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls.
It was written by James Yonan and is published under the GNU General Public License (GPL).
OpenVPN uses the OpenSSL library to provide encryption of both the data and control channels.
It lets OpenSSL do all the encryption and authentication work, allowing OpenVPN to use all the ciphers available in the OpenSSL package.
It can also use the HMAC packet authentication feature to add an additional layer of security to the connection (referred to as an "HMAC Firewall" by the creator).
It can also use hardware acceleration to get better encryption performance.
You can find openvpn here
You can create a VPN with openvpn by network manager.
To start OpenVpn type : openvpn --config file.conf
For more information about OpenVpn type : openvpn --help
If you have a problem or you need some explanations just write under this post!
It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls.
It was written by James Yonan and is published under the GNU General Public License (GPL).
OpenVPN uses the OpenSSL library to provide encryption of both the data and control channels.
It lets OpenSSL do all the encryption and authentication work, allowing OpenVPN to use all the ciphers available in the OpenSSL package.
It can also use the HMAC packet authentication feature to add an additional layer of security to the connection (referred to as an "HMAC Firewall" by the creator).
It can also use hardware acceleration to get better encryption performance.
You can find openvpn here
You can create a VPN with openvpn by network manager.
To start OpenVpn type : openvpn --config file.conf
For more information about OpenVpn type : openvpn --help
If you have a problem or you need some explanations just write under this post!
Sunday, March 17, 2013
youtube-viewer
Youtube-viewer is a command line utility for viewing youtube-videos in MPlayer (so you must have MPlayer on your system).
You can find youtube-viewer here
Type youtube-viewer to start the program.
Now you can search the videos that you want see.
:login : will prompt you for login
:logout : will delete the authentication key
:q : quit
:course=ID : list lectures from a courseID
:courses=ID : list courses of lectures from a categoryID
:playlist=ID : list videos from a playlistID
For more informations type :h after start youtube-viewer or type youtube-viewer -h
If you have a problem or you need some explanations just write under this post!
You can find youtube-viewer here
Type youtube-viewer to start the program.
Now you can search the videos that you want see.
:login : will prompt you for login
:logout : will delete the authentication key
:q : quit
:course=ID : list lectures from a courseID
:courses=ID : list courses of lectures from a categoryID
:playlist=ID : list videos from a playlistID
For more informations type :h after start youtube-viewer or type youtube-viewer -h
If you have a problem or you need some explanations just write under this post!
Saturday, March 16, 2013
Airolib - Aircrack-ng
Airolib-ng is an aircrack-ng suite tool designed to store and manage essid and password lists, compute their Pairwise Master Keys (PMKs) and use them in WPA/WPA2 cracking.
The program uses the lightweight SQLite3 database as the storage mechanism which is available on most platforms.
WPA/WPA2 cracking involves calculating the pairwise master key, from which the private transient key (PTK) is derived.
First of all we must create a database.
Create file (for example plot.txt) with a list of password (you can find on google a lo of txt dictionary).
Create a file (for example essid.txt) with essid of wirless network you want crack.
DB is the database we want create.
airolib-ng DB --import essid essid.txt
airloin-ng DB --import passwd plot.txt
Now you can clean invalide key with command :
airloib-ng DB --clean all Now you can start to calculate PKM :
airolib-ng DB --batch Syntax : airolib-ng database operation [options]
Operations :
--stats : Output information about the database.
--sql sql : Execute specified SQL statement.
--clean [all] : Clean the database from old junk. 'all' will also reduce filesize if possible and run an integrity check.
--batch : Start batch-processing all combinations of ESSIDs and passwords.
--verify [all] : Verify a set of randomly chosen PMKs. If 'all' is given, all invalid PMK will be deleted.
--import [essid|passwd] file : Import a text file as a list of ESSIDs or passwords.
For more informations type airolib-ng or click here
If you have a problem or you need some explanations just write under this post!
The program uses the lightweight SQLite3 database as the storage mechanism which is available on most platforms.
WPA/WPA2 cracking involves calculating the pairwise master key, from which the private transient key (PTK) is derived.
First of all we must create a database.
Create file (for example plot.txt) with a list of password (you can find on google a lo of txt dictionary).
Create a file (for example essid.txt) with essid of wirless network you want crack.
DB is the database we want create.
airolib-ng DB --import essid essid.txt
airloin-ng DB --import passwd plot.txt
Now you can clean invalide key with command :
airloib-ng DB --clean all Now you can start to calculate PKM :
airolib-ng DB --batch Syntax : airolib-ng database operation [options]
Operations :
--stats : Output information about the database.
--sql sql : Execute specified SQL statement.
--clean [all] : Clean the database from old junk. 'all' will also reduce filesize if possible and run an integrity check.
--batch : Start batch-processing all combinations of ESSIDs and passwords.
--verify [all] : Verify a set of randomly chosen PMKs. If 'all' is given, all invalid PMK will be deleted.
--import [essid|passwd] file : Import a text file as a list of ESSIDs or passwords.
For more informations type airolib-ng or click here
If you have a problem or you need some explanations just write under this post!
Friday, March 15, 2013
Monday, March 11, 2013
Lynx - Text browser
Lynx is a text browser for the World Wide Web.
Lynx 2.8.7 runs on Un*x, MacOS, VMS, Windows 95/98/NT.
You can find the lastest version of lynx here
After start lynx you can:
? or h : help
o : options
p : print (save to a local file, mail the file, print to the screen, print out on a printer
m : main screen
g : go
q : quit
If you have a problem or you need some explanations just write under this post!
Lynx 2.8.7 runs on Un*x, MacOS, VMS, Windows 95/98/NT.
You can find the lastest version of lynx here
After start lynx you can:
? or h : help
o : options
p : print (save to a local file, mail the file, print to the screen, print out on a printer
m : main screen
g : go
q : quit
If you have a problem or you need some explanations just write under this post!
Friday, March 8, 2013
ritX - Reverse IP Lookup Tool
RitX is a Reverse IP Lookup Tool that will allows you to use an IP address or domain name to identify all currently domains hosted on a server using multiple services and various techniques.
This is the list of services that RitX support:
-Ewhois.com
-Pagesinventory.com
-Viewdns.info
-Yougetsignal.com
-Myiptest.com
-Ip-adress.com
-DNStrails.com
-My-ip-neighbors.com
-Domainsbyip.com
-Bing.com
-Whois.WebHosting.info
-Robtex.com
-Tools.web-max.ca
-Sameip.org
Ritx is written in perl, you can find ritx here
Sytax : perl RitX.pl [OPTIONS]
Options :
-t target: Server hostname or IP
-c : Check extracted domains that are in the same IP address to eleminate cached/old records
-o file: Save results to a file (default IP.txt)
--threads=thread: Maximum number of concurrent IP checks (default 1)
ex : perl ritx.pl -t www.site.com -o /home/hackforlulz/output --threads=5
If you have a problem or you need some explanations just write under this post!
This is the list of services that RitX support:
-Ewhois.com
-Pagesinventory.com
-Viewdns.info
-Yougetsignal.com
-Myiptest.com
-Ip-adress.com
-DNStrails.com
-My-ip-neighbors.com
-Domainsbyip.com
-Bing.com
-Whois.WebHosting.info
-Robtex.com
-Tools.web-max.ca
-Sameip.org
Ritx is written in perl, you can find ritx here
Sytax : perl RitX.pl [OPTIONS]
Options :
-t target: Server hostname or IP
-c : Check extracted domains that are in the same IP address to eleminate cached/old records
-o file: Save results to a file (default IP.txt)
--threads=thread: Maximum number of concurrent IP checks (default 1)
ex : perl ritx.pl -t www.site.com -o /home/hackforlulz/output --threads=5
If you have a problem or you need some explanations just write under this post!
Wednesday, March 6, 2013
Torchat - Instant messenger
TorChat is a peer to peer instant messenger written in python with a completely decentralized design, built on top of Tor's location hidden services, giving you extremely strong anonymity while being very easy to use without the need to install or configure anything.
All TorChat traffic is encrypted end-to-end.
You can find torchat here
For run type : python torchat.py
Torchat need python 2.x and doesn't work with python 3.x
If you have a problem or you need some explanations just write under this post!
All TorChat traffic is encrypted end-to-end.
You can find torchat here
For run type : python torchat.py
Torchat need python 2.x and doesn't work with python 3.x
If you have a problem or you need some explanations just write under this post!
Tuesday, March 5, 2013
John The Ripper - Password cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS.
It's primary purpose is to detect weak Unix passwords.
Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
You can download john the ripper from here
Syntax : john [options] [password-files]
--config=FILE : use FILE instead of john.conf
--wordlist[=FILE] --stdin wordlist mode, read words from FILE or stdin
--pipe like --stdin, but bulk reads, and allows rules
--encoding=NAME : input data is non-ascii (eg. UTF-8, ISO-8859-1). For a full list of NAME use --list=encodings
--rules[=SECTION] : enable word mangling rules for wordlist modes
--stdout[=LENGTH] : just output candidate passwords (cut at LENGTH)
--make-charset=FILE : make a charset file. It will be overwritten
--show[=LEFT] : show cracked passwords (if =LEFT, then uncracked)
--test[=TIME] : run tests and benchmarks for TIME seconds each
--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) only
--format=NAME : force hash type NAME: afs bf bfegg bsdi crc32 crypt des django dmd5 dominosec dragonfly3-32 dragonfly3-64 dragonfly4-32 dragonfly4-64 drupal7 dummy dynamic_n epi episerver gost hdaa hmac-md5 hmac-sha1 hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512 hmailserver ipb2 keepass keychain krb4 krb5 lm lotus5 md4-gen md5 md5ns mediawiki mscash mscash2 mschapv2 mskrb5 mssql mssql05 mysql mysql-sha1 nethalflm netlm netlmv2 netntlm netntlmv2 nsldap nt nt2 odf office oracle oracle11 osc pdf phpass phps pix-md5 pkzip po pwsafe racf rar raw-md4 raw-md5 raw-md5u raw-sha raw-sha1 raw-sha1-linkedin raw-sha1-ng raw-sha224 raw-sha256 raw-sha384 raw-sha512 salted-sha1 sapb sapg sha1-gen sha256crypt sha512crypt sip ssh sybasease trip vnc wbb3 wpapsk xsha xsha512 zip
--save-memory=LEVEL : enable memory saving, at LEVEL 1..3
--nolog : disables creation and writing to john.log file
--max-run-time=N : gracefully exit after this many seconds
--plugin=NAME[,..] : load this (these) dynamic plugin(s)
For more information type : john
If you have a problem or you need some explanations just write under this post!
It's primary purpose is to detect weak Unix passwords.
Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
You can download john the ripper from here
Syntax : john [options] [password-files]
--config=FILE : use FILE instead of john.conf
--wordlist[=FILE] --stdin wordlist mode, read words from FILE or stdin
--pipe like --stdin, but bulk reads, and allows rules
--encoding=NAME : input data is non-ascii (eg. UTF-8, ISO-8859-1). For a full list of NAME use --list=encodings
--rules[=SECTION] : enable word mangling rules for wordlist modes
--stdout[=LENGTH] : just output candidate passwords (cut at LENGTH)
--make-charset=FILE : make a charset file. It will be overwritten
--show[=LEFT] : show cracked passwords (if =LEFT, then uncracked)
--test[=TIME] : run tests and benchmarks for TIME seconds each
--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) only
--format=NAME : force hash type NAME: afs bf bfegg bsdi crc32 crypt des django dmd5 dominosec dragonfly3-32 dragonfly3-64 dragonfly4-32 dragonfly4-64 drupal7 dummy dynamic_n epi episerver gost hdaa hmac-md5 hmac-sha1 hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512 hmailserver ipb2 keepass keychain krb4 krb5 lm lotus5 md4-gen md5 md5ns mediawiki mscash mscash2 mschapv2 mskrb5 mssql mssql05 mysql mysql-sha1 nethalflm netlm netlmv2 netntlm netntlmv2 nsldap nt nt2 odf office oracle oracle11 osc pdf phpass phps pix-md5 pkzip po pwsafe racf rar raw-md4 raw-md5 raw-md5u raw-sha raw-sha1 raw-sha1-linkedin raw-sha1-ng raw-sha224 raw-sha256 raw-sha384 raw-sha512 salted-sha1 sapb sapg sha1-gen sha256crypt sha512crypt sip ssh sybasease trip vnc wbb3 wpapsk xsha xsha512 zip
--save-memory=LEVEL : enable memory saving, at LEVEL 1..3
--nolog : disables creation and writing to john.log file
--max-run-time=N : gracefully exit after this many seconds
--plugin=NAME[,..] : load this (these) dynamic plugin(s)
For more information type : john
If you have a problem or you need some explanations just write under this post!
Monday, March 4, 2013
SQID - Sql injection digger
SQL injection digger is a cscript, written in runy, that looks for SQL injections and common errors in web sites.
Current version can perform the following operations:
-Look for SQL injections and common errors in web site URLs found by performing a google search.
-Look for SQL injections and common errors in a given URL or a file with URLs.
-Look for SQL injections and common errors in links from a web page.
-Crawl a web site/web page and do the above.
Syntax : ./sqid.rb [options]
-u site: check this URL
-p site: Check this page.
-c site: Crawl website WEBSITE and check. Specfify as http[s]://WESITE:[PORT] (port default =80)
-a: Accept cookies from the webite or page (default = no)
-R: Set referer in the HTTP header.
-B: Use crendtials as basic auth for the website. Specfify as user:password.
-t: Use TRIGGER for detecting SQL injections/errors (default = ')
-T seconds: Timeout for response in seconds. (default = 10)
-U: User Agent in the HTTP Header. Default is SQID/0.3.
-P: User HTTP proxy PROXY for operations. (proxy:port)
-A: Use crendtials CRENDENTIALS for the proxy.Specfify as user:password.
-v: Run verbosely
Exampe:
./sqid.rb -u "www.site.com/home.php?id=5 If you have a problem or you need some explanations just write under this post!
Current version can perform the following operations:
-Look for SQL injections and common errors in web site URLs found by performing a google search.
-Look for SQL injections and common errors in a given URL or a file with URLs.
-Look for SQL injections and common errors in links from a web page.
-Crawl a web site/web page and do the above.
Syntax : ./sqid.rb [options]
-u site: check this URL
-p site: Check this page.
-c site: Crawl website WEBSITE and check. Specfify as http[s]://WESITE:[PORT] (port default =80)
-a: Accept cookies from the webite or page (default = no)
-R: Set referer in the HTTP header.
-B: Use crendtials as basic auth for the website. Specfify as user:password.
-t: Use TRIGGER for detecting SQL injections/errors (default = ')
-T seconds: Timeout for response in seconds. (default = 10)
-U: User Agent in the HTTP Header. Default is SQID/0.3.
-P: User HTTP proxy PROXY for operations. (proxy:port)
-A: Use crendtials CRENDENTIALS for the proxy.Specfify as user:password.
-v: Run verbosely
Exampe:
./sqid.rb -u "www.site.com/home.php?id=5 If you have a problem or you need some explanations just write under this post!
Friday, March 1, 2013
Killapache
Killapache is a perl script for apache exploitation.
You can find killapache.pl here.
It sends multiple GET requests with dozens of “Byte Ranges” that will eat up server’s memory. Byte Range helps browswer or downloading applications to download required parts of file. This helps reduce bandwidth usage.
While this script sends dozen of unsorted components in request header to cause apache server to malfunction.
It works on Linux. We need perl (in more distro is pre-installed).
Now we open synaptic and install : libyaml-perl , libyaml-libyaml-perl and libparallel-forkmanager-perl
For start the script : perl killapache.pl www.sito.it forks
For number of forks i reccomend to use 50 forks
If you have a problem or you need some explanations just write under this post!
You can find killapache.pl here.
It sends multiple GET requests with dozens of “Byte Ranges” that will eat up server’s memory. Byte Range helps browswer or downloading applications to download required parts of file. This helps reduce bandwidth usage.
While this script sends dozen of unsorted components in request header to cause apache server to malfunction.
It works on Linux. We need perl (in more distro is pre-installed).
Now we open synaptic and install : libyaml-perl , libyaml-libyaml-perl and libparallel-forkmanager-perl
For start the script : perl killapache.pl www.sito.it forks
For number of forks i reccomend to use 50 forks
If you have a problem or you need some explanations just write under this post!
Subscribe to:
Posts (Atom)