You could simply change your Ethernet card’s mac and IP address, but that can cause other issues, such as DOS-ing the real system due to IP and MAC conflicts on the network.

What I am looking for is a tool, something like proxychains, where I could use it to specify a fake (spoofed) IP address and/or MAC then command to run. Basically a tool that wraps all communication that some other command/tool issues.

SPOOF -ip=<ip> -mac=<mac> <command>

SPOOF -ip=10.1.1.10 -mac=00:11:22:33:44:55 telnet 10.1.1.11
SPOOF -ip=10.1.1.10 -mac=00:11:22:33:44:55 nessus -D

Any thoughts? Is there a tool already like this?

• bugtraq
• cve
• nvd
• exploit-db
• osvdb
• metasploit
• the assessment tool used (nessus, nmap, nexpose, etc…)

Why do there have to be so many sites? I know that osvdb does a fairly good job of collecting a lot of the data, but it is not always up to date on the latest vulnerabilities. If I had to pick one site to use it would probably be osvdb at this point.

However I propose that a “Master Site” be created that aggregates data from all of the sources stated above (as well as possibly others) into one searchable site that cross references all of the other sources and provides data gathered/scrapped from the other sources as well as links to the original sources. Sort of a “Google” search engine for vulnerabilities and exploits.

Thoughts? Comments?

Well, we know the “md5sum” command works fine on a single file or for an entire directory. How about we write a short perl script to recurse every directory & subdirectory from a given starting point issuing the “md5sum” command on any files it encounters…

#!/usr/bin/perl

$startDir = $ARGV[0];

if ($startDir =~ /^$/) {
        $startDir = ".";
}

printDir($startDir);

sub printDir {
        my $baseDir = $_[0];

        if ($baseDir !~ /.*\/$/) {
                $baseDir = $baseDir . "/";
        }

        my @files = glob($baseDir . "*");

        foreach $file (@files) {
                if (-f $file) {
                        `md5sum $file >> /tmp/md5`;
                } else {
                        printDir($file);
                }
        }
}

Well, that does work and did not take too long to write, but we could have done it much simpler…

How about we let a system tool build a list of all files (and recurse subdirectories) then we use that file as an input file for md5sum…

find . > files.md5
md5sum -c files.md5

Okay, so that works as well and is much shorter than the script. But I think we can do it in one line…

find . ! -type d -print0 | xargs -0 md5sum

There we go, that works nicely.

Can you do better? let me know.

Just as that has always been as good rule to help guide you safely through life, there are also simple rules to help protect you and you home computer while surfing the internet.

By following a few simple guidelines as well as a few precautions you should be safe from the vast majority of dangerous threats you will encounter on the internet.

Precautions: (Safety measures)

• Use a host-based firewall. On Windows, the built-in firewall works fine.
• Use a anti-virus detection application. On Windows, the free Microsoft Security Essentials application works fine.
• Enable automatic download and installation of operating system patches and updates.
• When possible, try to update all of your other programs (firefox, adobe, etc…) to the latest stable versions.

Internet Guidelines:

• Do not go to suspicious websites. (i.e. such as URLs from China “.cn” and Russia “.ru”. Nothing against the countries themselves, but a lot of malicious activities originate from those internet domains.)
• If the website says that you need to install special software in order to view the site, do not do it. Unless it is adobe or java, it is a safe bet that it is a malicious program that they want you to install. Even if it is adobe or java, you should go to the products website to download and install the program instead of following a link on the webpage.
• Practice safe information handling:
  • Do not post anything to the internet (Facebook, chat, IM, Myspace, Linkedin, blog, etc…) that you do not want to be viewed by everyone. Once something is on the internet, it is there forever and eventually will be viewable by anyone.
  • Do not provide your password(s) to anyone. No valid customer support will require you to provide them your password. They already have it.
  • For each internet/website account you have (email, Facebook, banking, etc…) use a different password. This makes it much more difficult for someone to get your banking information if they happen to get you Facebook password.
• Practice safe email handling. It is best if you…
  • Do not open (or preview) emails from people you do not know.
  • Do not click on any link contained within an email. You must use the link due to something such as an activation code, retype the link into a new web browser window.
  • Do not open any document (.pdf, .doc, .xls, etc…) attached to an email. It can be a malicious document that could install dangerous software onto you system.
  • Do not respond to spam or scams. If you receive an offer in an email, and it sounds too good to be true, it probably is!!!
  • Do not email personal information (SSNs, credit card numbers, etc…).

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported.  SSLScan is designed to be easy, lean and fast.  The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.

SSLScan is a very useful tool to quickly determine the cipher suites support by one or more websites.  Below is a screenshot of the output of the command:

# sslscan –no-failed <target>.net:443

Download it from here, or if you are running from Debian or Ubuntu, you can simply issue the command:

# apt-get install sslscan

Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.

What does that mean?

It means that Maltego is a commercial($) tool, that when provided a person’s name, email address, website, etc…, can quickly search for and identify related information from numerous sources on the Internet.

Maltego is particularly useful in scoping for a penetration test or social engineering engagement.  Using Maltego one can enumerate employee names, email addresses, phone numbers, postions, as well as alternate websites, dns entries, and so on.

Maltego comes with a number of built-in transforms.  A transform is a module which Maltego uses to perform a particular information search.  A varied collection of user created transforms can also be found and integrated with Maltego.

or goto Google and type:

inurl:(service|authors|administrators|users) ext:pwd “# -FrontPage-”

I plan on posting:

• security news that I find of interest
• new tool/script written by me
• security tool, script, or application reviews
• interesting 1-liners (or short/simple scripts) that I find

Hope you all enjoy.