Pi-Holed

Standard

Very recent i felt one of my virtual machine is infected by a malware and i was thinking about restoring it to a clean snapshot but then i thought lets find other ways to identify and block these type of attacks. There were few more issue i wanted to resolve on my network which includes blocking of advertisements on the pages i visit, blocking all malicious IOC over network etc, one of the game BattleField 4 which i play on PS4 wasn’t able to connect to online gaming due to blocking of DNS at ISP etc.

 

Started doing my research where i found discovered “Pi-Hole”, Basically Pi Hole is a network wide Advertisement blocking solution (DNS Server) which can be installed on virtual machine or on your own hardware e.g RaspberryPI 3 in my case.

Continue reading

Windows Privilege Escalation

Standard

Windows privilege escalation exploits are used for elevation of privilege locally and runs arbitrary code in kernel mode. In other words, when you have a web backdoor shell on your target server which doesn’t have administrative privileges you would require a exploit to get admin account.

During my many penetration testing experience, at times i am able to upload web backdoor shell, however my goal is to get Administrator level privileges . When ever i upload a web shell, the second file i upload is a Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems. This can be downloaded from https://github.com/pentestmonkey/windows-privesc-check .

audit

Continue reading

PassGen – Generate Wordlist & Crack WPA/WPA2

Standard

I recently came across a python script which creates random characters like CRUNCH and cracking a WPA / WPA2 cap file.

This script can be found at  https://github.com/blmvxer/passgen/  provide a good GPU and you wont need a wordlist anymore.Screenshot from 2015-07-29 00:40:08

Screenshot from 2015-07-29 00:40:37

 

Furthermore a custom list can be generated , Please see the example below

./crunch 8 8 -f /usr/share/crunch/charset.lst numeric -t ‘[email protected]’@@@@ -l [email protected]

Realtek Software Defined Radio Ninja

Standard

I have recently become a huge fan of SDR, taking a 12$ USB dongle which is intended to receive FM and TV channels into a whole new world of listening to open frequencies , un-encrypted wireless handsets or ATC.

After getting into SDR in my learning phase i managed to listen to different frequencies and perfecting them making customized antennas using things i find at home.

Continue reading