I was reading some documents on Mac Os X forensic, and I was searching how to get back the Bookmark.plist from safari to parse it and read it easily. I knew that this file is located in the following folder : ~Library/Safary/Bookmarks.plist I was thinking that “plist” files where always XML documents and tried with python to [...]
Tagged forensic, osx, plist, plutil, SecurityToday I was playing with some forensic challenges and I got surprised by one of them. We had to analyse an image. My first guess was to use some steganography tools, but after an hour, I decided to move on and to research how to hide data on Mac OS X (because the challenge specified that [...]
Tagged attributes, challenge, extended, forensic, python, xattrLevel four : level4@leviathan:/wargame$ ./level4 Enter the password> lol bzzzzzzzzap. WRONG level4@leviathan:/wargame$ It looks like the second challenge, but, let’s have a closer look to the inside : (gdb) disassemble main Dump of assembler code for function main: 0×08048523 : lea 0×4(%esp),%ecx 0×08048527 : and $0xfffffff0,%esp 0x0804852a : pushl 0xfffffffc(%ecx) 0x0804852d : push %ebp 0x0804852e [...]
Tagged hack, intruded, leviathan, SecurityLet’s connect to the server : ssh level3@leviathan.intruded.net -p 10101 ************************************************* * Welcome to Intruded.net Wargame Server * * * * * You are playing “Leviathan” * * * Most levels can be found in /wargame * * * Login: level1:leviathan * * * Support: irc.intruded.net #wargames * * * * * * ! Server [...]
Tagged hacking, intruded, leviathan, Security, wargameNow that we succeeded the first level, let’s go for the second one. Once connected to the second level you see this : ssh level2@leviathan.intruded.net -p 10101 ************************************************* * Welcome to Intruded.net Wargame Server * * * * * You are playing “Leviathan” * * * Most levels can be found in /wargame * * [...]
Tagged gdb, intruded, leviathan, ltrace, Security, wargameToday I tried the Intruded Leviathan wargame. This resolves the first challenge : open a terminal type “ssh level1@leviathan.intruded.net -p 10101″ type the password leviathan Connect to the remote web server : ************************************************* * Welcome to Intruded.net Wargame Server * * * * * You are playing “Leviathan” * * * Most levels can [...]
Tagged hack, intruded, leviathan, SecurityYesterday we where still working on some attacks on our bench test and we tried some exploits on IP phones that we found on the internet. Most of them where making DOS or DDOS on the phones, this means that the phones were basically freezing. Then we made some modification to a C UDP flooder [...]
Tagged 3825, 3845, 7940, c, cisco, ddos, ephone, flood, hack, Security, udp.c, voipTo know who’s connected on your computer use the following commands : Commands : who : show the connected users : Linux/Mac last : show last connexion (passed ) : Linux / Mac lastb : show last connexion (failed) : Linux These files may also contain clues : /etc/passwd : local users /etc/group : local [...]
Tagged connexion, groups, Linux, mac, Networking, Security, user, whoThis trick might help you to share files with Python in two lines : Inside a folder type the following command : $ python -m SimpleHTTPServer The following line should appear : Serving HTTP on 0.0.0.0 port 8000 … And that’s it, you have a simple HTTP server running on your computer sharing your current [...]
This solution applies if you want to receive an e-mail when one connects to your server via SSH. open a command line and type in : vim ./.bashrc at the end of the file add the following command : # Email Notification on ssh connexion echo ‘NOTIFICATION – SSH acces in USERNAME on `hostname` the:’ [...]
Tagged connection, e-mail, ssh