Monday, August 15, 2016

Install Skype and Facebook Message Plugin for Ubuntu

In windows, easy to install Facebook App, Skype App. But on Ubuntu, i need one app for 2 services. So i choose pidgin.
1. Install Facebook plugin:
We use purple-facebook:
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/home:/jgeboski/xUbuntu_$(lsb_release -rs)/ /' >> /etc/apt/sources.list.d/jgeboski.list"
cd /tmp && wget  http://download.opensuse.org/repositories/home:/jgeboski/xUbuntu_$(lsb_release -rs)/Release.key
sudo apt-key add - < Release.key
sudo apt-get update
sudo apt-get install purple-facebook
Add your facebook account in Manager Account.
2. Install Skype plugin:
We use skypeweb:
sudo apt-get install libpurple-dev libjson-glib-dev cmake gcc
git clone git://github.com/EionRobb/skype4pidgin.git
cd skype4pidgin/skypeweb
mkdir build
cd build
cmake ..
cpack
sudo dpkg -i skypeweb-1.1.0-Linux.deb

Add your skype account in Manager Account.

----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.

Saturday, July 23, 2016

Use marco to Anti-CSRF token in Burpsuite

When i am reading one paper about Burpsuite trick, this talk about: Burpsuite marco, and we can use it to anti-csrf token.
I tried it with this demo: http://www.businessinfo.co.uk/labs/csrf_defend/form_token_demo_stage2.php
First request to get token in htlm (formtoken), and post request (request 2) use it to check.
Now, we need use marco to automatic get token, add to post data.
Make sure 2 request and response in http proxy, and intercept is off
Go to project options (version > 1.7) or options (<=1.6, i not sure). I used pro version. Chose Session tab. In session handing rules, add new rule:
Type your rule name, like Anti CSRF Rule for xx.com. In rule action, choose Add, with "run post-request marco" type. You can see Action handing editor.

Add new marcos by click add, new marco editor and marco recorder windows open

Now, in marco recorder you must choose 2 request. request 1 is request get token, and request 2 is action request use token (choose by select it). 

Click OK, 2 request will be send to Marco Editor:

You can re-order 2 request, before request is top (number 1), and after request is bottom (number 2). In many case, burpsuite can auto analyze to extract parameter. We can manual extract by use: Configure item.
Click request 1, and click Configure item. In config marco item for.... click add. Now we can instructor for burpsuite extract exactly value in html code. And we can assign name for it (form_token):

Click ok, and go to, we can see form_token in custom parameter. Click Ok to return Marco editor. 
Select request 2, and click configure item. In parameter handling, formtoken select Deriver from pior response, and select response 1
Ok to return Marco editor. You can test marco. Ok to return Session handling editor. you can select: Update only following parameter, and choose your parameter.
Make sure click on the final request in marco. Click OK to return Session handling rule editor
Click to scope tab, make sure click on Tool scope you need (Extender, Intruder, Repeater ...). In url scope you can click on all url, or enter specific url

Ok to return Project option, we can see new Session handling rule and maro
Now you can use this macro in your tool. To monitor, debug it you can open session trace. 

You can use it for intruder (run your payload), or repeater.
But it is marco only, so you can only select in prior response. If need extract, and need calculate bla bla, this trick can not used. I think we need program new extender to solve it
Note: If you need run marco before run main request (like login), you must choose "Run marco" when add rule action.


----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.




Monday, June 27, 2016

Automount partition in Ubuntu with fstab

Before use Ubuntu, i installed windows OS. I had 2 partitions in nfts, its not auto mount, only mount when i click in local disk icon.
So i need auto load it, to run many application in this partitions.
First, i need find ssid of partition in: /dev/disk/by-uuid.
Then, edit /etc/fstab. Add:
 UUID=327E4E257E4DE1E9 /mnt/sdb1/ ntfs   rw,auto,users,exec,nls=utf8,umask=003,gid=46,uid=1000 0 0
UUID=38D822D9D82294E2   /mnt/sdb2/      ntfs    rw,auto,users,exec,nls=utf8,umask=003,gid=46,uid=1000   0       0

Whit UUID i founded, and uid is id of my user.
To add this location to menu bar, use "Bookmark this location" of Gnome.

----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.

Friday, June 24, 2016

Some experience while working with ElasticSearch, Angular

In this week, i join one project need program web portal. My hobby is Python so i chose Flask, Angular JS. I`m using bootstrap to make css template.
My DB is ElasticSearch. I don`t use http request to make query ES, i used python-es lib.
So, when use ES, i have some problems.
1. Sort in ES:
            data = self.es.search(index=self.indexName, doc_type=self.docType,
                                  body={"query": {
                                      "filtered": {
                                          "query": {
                                              "bool": {
                                                  "must": mustDict,
                                              },
                                          }
                                      }
                                  },
                                      "size": size, "from": from_, "sort": {"timestamp":{"order":"desc"}}
                                  },
                                  )
2. AND/OR operator: use bool.
AND like must. I created must list.
3. To make Restful API, i used flask_restful and integrated with my flask. Coding like web MVC. Blueprint to route and create controller, then render HTML. In client, call restful api to get data. Very simple.
4. Angular JS re-render:
I used start-angular theme, and it have table responsive. All data in
tag. And it will be filled by Angular JS. But table responsive must render after Angular render. So i found one trick use directive and setTimeout:

    function reFormatTable() {
        $('#dataTables-example').DataTable({
            responsive: true
        });
    }
    var app = angular.module('myApp', [])
            .directive('myRepeatDirective', function () {
                return function (scope, element, attrs) {
                };
            }).directive('myMainDirective', function () {
                return function (scope, element, attrs) {
                    setTimeout(reFormatTable, 1000);
                };
            });
5. Call angular function in template:
I like program in angular template, so i need angular function. To map:
        $scope.isObject = angular.isObject;
        $scope.isString = angular.isString;
        $scope.isDefined = angular.isDefined;
In HTML: ng-if = "isObject(object)"
6. Find string in field:
When searching, i need find string in one field. I tried with regex, * character but not success. Finally, i found wildcard:
mustDict.append({"wildcard" : { "site" : { "value" : "*{0}*".format(sitename), "boost" : 2.0 }}})
Search in site field, with value have string sitename. I added to mustDict.
----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.

Monday, June 6, 2016

Popup interactive in Selenimum

When develop AWATT tool, i got this problem: after click, pop up alert windows show and must confirm (accept, dismiss) to continue.
You can not use selector of selenium to control it. This is  solution:

from selenium import webdriver
import time
url = "http://www.javascripter.net/faq/alert.htm"
driver = webdriver.Firefox()
driver.get(url)
element = driver.find_element_by_xpath("//input[@type='button']")
element.click()
alert = driver.switch_to_alert()
time.sleep(2)
alert.accept()
# alert.dismiss()

----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.

File Upload with Selenium

Yesterday, my brother asked me: "How to automatic upload a file with Selenium". Today, i had free time to solve it.
Try this code. I used python blinding:
from selenium import webdriver
url = "https://encodable.com/uploaddemo/"
driver = webdriver.Firefox()
driver.get(url)
element = driver.find_element_by_id("uploadname1")
element.send_keys("/home/habachnam/a.txt")
----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.

Wednesday, February 24, 2016

Install Metasploit Ubuntu quick way

Install Metasploit in Ubuntu:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
  chmod 755 msfinstall && \
  ./msfinstall

Now, u can use apt-get update to update metasploit

----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.