Category Archives: Security

Linux Disk Encryption with LUKS

today we going to make an encrypted disk partition

list prepare our partition

I have a new disk in  /dev/sdb

I will create a partition 100 on it with fdisk

Continue reading

RPM integrity and scripts

Yum repository comes with gpg  and md5 support to verify the validity of the package

You can list installed gpg keys in your system via

It will show the unique id for the installed keys in your  system

gpg-pubkey-e8562897-459f07a4
gpg-pubkey-217521f6-45e8a532

To list all information related to a key
rpm -qi pgp-key-unique-id

 

It will show version, vendor  and much more useful for debugging
To verify a package against the  installed keys

U can use parameter  k with rpm

Continue reading

nmap cheat sheet

nmap scan sheet cheat 😀

Host Discovery

arp scan

Stealth Scan

 

Idle Scan

 

Version Scan

Continue reading

port forward & pivoting with meterpreter

Let’s assume u attacked machine with 2 nic cards

our IP is 10.0.0.5

first, one ip is 10.0.0.10 that you reach it from

and in ifconfig shows, the machine has a different  IP 10.0.2.30

you can scan the network 10.0.2.x via meterpreter

arp_scan

we can connect to the RDP server of the machine 10.0.2.30

via adding a route from out local port 9389 to the machine 10.0.2.30:3389

Continue reading

MetaSploit Payload to Executable EXE

Continue reading

bruteforce ftp files and folders

sometimes if the listing not working we need to brute force files and folders

here is a simple python script to brute-force folders

FTP brute force files

note this script will try to download files in your dictionary attack

so recommend to run it inside tmp folder

 

SMASH THE STACK LEVEL6

Smash The Stack  Level 6

this app take 2 argument

1 – username

2- password

it takes it then say hi

also, it checks ur env language

and change the msg

let’s make some love with gdb

btw without change ur language, it will not overwrite the EIP

Continue reading

Get Environment Variable memory Address

some time u put the shellcode inside  the environment and u will need the address of it to build ur payload

here is a simple C code to get the address

 

 

Duplicate File Finder By MD5SUM

Hello

this is a simple script to find the duplicated files by md5sum

so if u have 2 files with the same content  but with different   names, u still can catch them

Continue reading

TrueCrypt Password bruteforce

hello, guys, this  script will simply mount the container

with the password form the given password list