-->
Labs

Infinite monkeys coding my brain’s synapse ;-)

Install BackTrack 4 Pre Final INTO Microsoft Windows

3
Posted by admin on 8 January, 2010 – 7:21 pm
Filed under labs
Tagged as , , ,

First the important warning: The procedure below have not been tested on Windows Vista nor Windows 7 by me. So don't come back asking for support on those scenarios. Working solutions and fixes to whatever problem are welcome, of course :)

We will learn how to install BackTrack 4 Pre Final inside a Windows XP Installation without partitioning or disturbing it in any way, and take advantage of its native boot loader to boot BT. This is usefull if you don't have a 4Gb thumbdrive, dvd drive, or your computer just can't boot from USB media whatever reason.

I know, you find this very odd. I mean, is there anyone with a thumbdrive smaller than 4Gb, or without a good friend with one to borrow? Well I have many friends to borrow one, but I just wanted to find an alternative way of installing BackTrack. This is -plus the fact that I actually lack of a >4Gb thumdrive- how I got to this article searching the remote-exploit forums. All credits for the below procedure belong to the guys on that post.

 

Now get into our bussiness.

   Read more... (745 words, 0 images, estimated 2:59 mins reading time)

This is a preview of Install BackTrack 4 Pre Final INTO Microsoft Windows. Read the full post (745 words, 0 images, estimated 2:59 mins reading time)

Hell’s Library, Bypassing Transparent Proxy Using Apache

0
Posted by admin on 4 September, 2009 – 5:47 pm
Filed under labs
Tagged as , , , , , , ,

 

A feature of Apache Web Server allows anyone to establish an SSH connection through the boundaries of any enterprise network. This is done completly stealthy and undetectably, fooling firewalls, proxyes, and any other enterprise network filtering wildlife. As a matter of fact, virtually any protocol might be tunnelized this way -except, of course, for IPoAC ;-) . But I will take the example of SSH since it opens a very interesting, wide-spectrum, vector to further analisys.

Quite esoteric, ah? This is how all this black magic work

It is simple, most proxyes will allow outgoing HTTP trafic to any website. Proxys want the users to surf the web. That is their purpose to exist. And that is what we will expliot. But most of the proxyes will only let their users through the paths they know safe (or whatever filtering their administrators may have set). In the best scenario, the proxy will not allow one particular HTTP method called CONNECT. This method is the one used for SSL/TLS protocol. It establishes a tunneled connection between the client and a remote server, through the proxy server. Since it is used by SSL/TLS, some proxys will let the CONNECT method free to certain sites, and most probably only on port 443. This, plus some L7 filtering and maybe some DPI, describes the most secure environment one might ever find inside any enterprise network. On the other hand we have lazy-administrated proxys that will allow you do whatever you want. If this last is your scenario, don’t waste your time reading any further, go use it for some SSH simple tunneling ;-)  Read more... (1786 words, 4 images, estimated 7:09 mins reading time)

This is a preview of Hell’s Library, Bypassing Transparent Proxy Using Apache. Read the full post (1786 words, 4 images, estimated 7:09 mins reading time)

Hell’s Gourmet PHP Comments Script Canape

0
Posted by admin on 26 August, 2009 – 12:14 am
Filed under labs
Tagged as , , , , ,

 

Very well, this a pretty small comments script (as its Canape part of the name makes evident) and is my first actual PHP code editing and understanding project. It came out as a funny add-on to a small static page I published just as a joke for a friend of mine, a couple of days ago. I have to admit it was funny…to code it and to use it!

You can see here the page I was talking about, if intrigued, as an example of its functionality (MeLL need some paper bags :p).

The engine:

<?php
session_start();
if (isset($_POST['message'])) {
    if (isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token']) {
        $message = htmlentities($_POST['message']);
        $message2 = htmlentities($_POST['message2']);
        $fp = fopen('messages.txt', 'a'); // This is the file where comments wil be stored. Should be writable.
        fwrite($fp, "<p><strong>".date("d-m-Y H:i:s")."</strong><br /><b>$message</b><br/>$message2</p>");
        fclose($fp);
    }
}
$token = md5(uniqid(rand(), true));
$_SESSION['token'] = $token;
?>

We use a simple plain text file in stead of a database. Of course the file messages.txt must exist and be writeable by the webserver. This code MUST be placed above you HTML code. You can customize the way the comments will be displayed by editing the html tags that are hardcoded on the fwite function.  Read more... (396 words, 0 images, estimated 1:35 mins reading time)

This is a preview of Hell’s Gourmet PHP Comments Script Canape. Read the full post (396 words, 0 images, estimated 1:35 mins reading time)

Solución: Universal Share Downloader en GNU/Linux

0
Posted by admin on 11 June, 2009 – 4:48 pm
Filed under labs
Tagged as , , , , , , ,

 

Imagino que todos conocen este bonito software que desarrolla un ruso que se hace llamar Dimoniusis, que encima tiene su web en ruso (que es comprensible, dado que es ruso el muchacho).

También muchos de ustedes deben conocer otros programas similares como el JDownloader o el Tucan. O a lo mejor incluso piensen que utilizar sitios de descarga directa es muy "leecher" y que sería más cómodo y noble usar eDonkey o BitTorrent.

Pero los cierto es que este programa es bien simple. Para ejecutar en GNU/Linux lo único que se necesita es Wine (el traductor del API de Microsoft Windows) y un sistema de ventanas como Xorg (en esta guía será XVFB, ya vamos a ver por qué).

El objetivo de esta guía es lograr un sistema base basado en Ubuntu Server 9.04 para ejecutar el USDownloader y administrarlo mediante su interfaz web.

Nota: Si bien esta guía se basa en la instalación de un sistema GNU/Linux como es Ubuntu Server, esto mismo podría funcionar para otros sistemas como BSD, OSX, y Solaris. Solo que la instalación de los paquetes, las configuraciones, y el cómo se ejecutan podría requerir que se haga de otra manera. No voy a responder comentarios pidiendo ayuda fuera de la plataforma explicada ya que no lo he probado.  Read more... (2269 words, 0 images, estimated 9:05 mins reading time)

This is a preview of Solución: Universal Share Downloader en GNU/Linux. Read the full post (2269 words, 0 images, estimated 9:05 mins reading time)