sudo iptables -P INPUT DROP sudo iptables -P FORWARD DROP sudo iptables -P OUTPUT DROP
That's all! You've got a SUPER SECURED SYSTEM! :)
If you don't know what are you doing, learn it! :)
Thursday, July 31, 2014
Extreme secured system in 3 lines with iptables ;)
If you want to secure your system as hard as possible, type this in terminal:
That's all! You've got a SUPER SECURED SYSTEM! :)
If you don't know what are you doing, learn it! :)
That's all! You've got a SUPER SECURED SYSTEM! :)
If you don't know what are you doing, learn it! :)
IPSET. Creating white-list for apt-get updates.
Today we've learned about IPSET, an extension for iptables firewall.
The homework was to write a script on python, that will do:
1. Find out all apt-get sources.
2. Get IP's from domain names
3. Create/Update IPSET set.
It is too painful to do it in python. I've done it in bash:
It is only 21 lines. Will see how much code will be in python, next lesson...
It's a little larger, but also not too big. Only ~35 lines.
Do you know a better way to communicate with shell CLI on Python?
The homework was to write a script on python, that will do:
1. Find out all apt-get sources.
2. Get IP's from domain names
3. Create/Update IPSET set.
It is too painful to do it in python. I've done it in bash:
#!/bin/bash
name="apt-white" #change it for your needs
function makeset(){
check=$(sudo ipset list $name |grep -o $name)
if [[ ! "$check" == "$name" ]]
then
sudo ipset create $name iphash
append_set
else
append_set
fi
}
function append_set(){
ipset flush $name
ip_list=$(for line in $(echo "$(grep -Ril "http" /etc/apt/ |xargs cat)" |grep http|cut -d":" -f2|cut -d'/' -f3 |sort -u |grep '.'); do host $line;done |grep 'has address' | rev |cut -d' ' -f1 |rev |sort -u)
for line in $ip_list; do
ipset -A $name $line
done
exit 0
}
makeset
It is only 21 lines. Will see how much code will be in python, next lesson...
UPDATE:
At today's lesson, everyone wrote a script on Python. Here's my:#!/usr/bin/env python
from subprocess import Popen,PIPE
from urlparse import urlparse
import sys,re,os
import socket
# Name your SET & Global variables
name = 'apt-white'
srv_list = []
srv_ip = []
# Search in '/etc/apt/' directory for files that includes 'http'
p = Popen('grep -Ril http /etc/apt/'.split(' '),stdout=PIPE)
file_list = p.stdout.read().split()
# Look inside every file in list and extract every domain-name into list(srv_list)
for one_file in file_list:
with open(one_file,'r') as f:
for line in f.readlines():
line = line.lower()
line = re.findall(r'(https?://\S+)', line)
if line:
parsed = urlparse(line[0])
srv_list.append(parsed.hostname)
# Make DNS lookup for every domain-name in set(srv_list), and return list of IP's in list(srv_ip), IGNORING IPv6 addresses (':' not in string)
for srv in set(srv_list):
srv_ip += list(set([i[-1][0] for i in socket.getaddrinfo(srv, 80) if not ':' in i[-1][0]]))
# Checking if your SET already exists
command = 'ipset list '+name
p = Popen(command.split(' '),stdout=PIPE)
check = p.stdout.read()
# If not, creating a new one
if not name in check:
print 'Creating new SET %s' % name
os.system('ipset create '+name+' iphash')
# If yes, flushing all data in your SET
else:
print 'Flushing all data in %s' % name
os.system('ipset flush '+name)
# Appending to the SET all IP addresses we found
for i in set(srv_ip):
os.system('ipset -A '+name+' '+i)
print '\ndone.'
# Profit! :)
It's a little larger, but also not too big. Only ~35 lines.
Do you know a better way to communicate with shell CLI on Python?
Wednesday, July 30, 2014
Python Multiprocessing global variables
In the beginning, i want to say sorry, if this article will be "messy"...
One day i've noticed, that threading module in python does not working as should be.
Some times it was much slower than in sequential process. Then i learned about GIL (Global Interpreter Lock).
My teacher advised me to use Multiprocessing module.
Fine. It is very simple, just copy/replace:
threading >> multiprocessing
Thread >> Process
That's all! It will work. But how?
In 'Threading' module, threads have shared memory, Threads can manipulate global variables of main thread, instead of multiprocessing module, that runs another subprocess in memory and it does not have shared memory like threading.
For example:
In Threading Example, 'somefunc()' will append to the global 'mylist' variable, instead of Multiprocessing will be empty as it was before.
Solution for this issue came Manager objects of Multiprocessing module.
In one hand, this will help, but in another you will get headache. Because, if you add for example KeyboardInterrupt (^C) support, you will get nothing. Manager object will be empty. OK. Maybe my knowledge is not so good, but i've found another solution to manage variables: Callback function.
But before that, let's add some process control. I want to control how many processes running simultaneously:
Now, will add the Callback function:
Every process will return some data to main process, then will be called callback function, that will manipulate with the data.
For me, callback function is much more easy for use and understand...
Next time will try to tell about successful implementation of KeyboardInterrupt ^C into multiprocessing script. It's another issue.
One day i've noticed, that threading module in python does not working as should be.
Some times it was much slower than in sequential process. Then i learned about GIL (Global Interpreter Lock).
My teacher advised me to use Multiprocessing module.
Fine. It is very simple, just copy/replace:
threading >> multiprocessing
Thread >> Process
That's all! It will work. But how?
In 'Threading' module, threads have shared memory, Threads can manipulate global variables of main thread, instead of multiprocessing module, that runs another subprocess in memory and it does not have shared memory like threading.
For example:
#Threading Example
from threading import Thread
#defining a global variable
mylist = []
def somefunc(a):
global mylist
mylist.append(a)
def main()
for i in range(100):
t = Thread(target=somefunc,args=(i,))
t.start()
t.join()
| #Multiprocessing Example
from multiprocessing import Process
#defining a global variable
mylist = []
def somefunc(a):
global mylist
mylist.append(a)
def main()
for i in range(100):
t = Process(target=somefunc,args=(i,))
t.start()
t.join()
|
Solution for this issue came Manager objects of Multiprocessing module.
from multiprocessing import Process,Manager
mylist = Manager.list()
def somefunc(a):
mylist.append(a)
def main()
for i in range(100):
t = Process(target=somefunc,args=(i,))
t.start()
t.join()
In one hand, this will help, but in another you will get headache. Because, if you add for example KeyboardInterrupt (^C) support, you will get nothing. Manager object will be empty. OK. Maybe my knowledge is not so good, but i've found another solution to manage variables: Callback function.
But before that, let's add some process control. I want to control how many processes running simultaneously:
from multiprocessing import Pool,cpu_count,active_children
mylist = Manager.list()
def somefunc(a):
mylist.append(a)
def main()
#creating pool of worker processes, for 4 Cores will be 40 processes.
pool = Pool(processes=cpu_count()*10)
for i in range(100):
#start processes asynchronous, without waiting until process ends.
pool.apply_async(somefunc, (i,))
pool.close()
#waiting for results of ALL processes
while len(active_children()) > 1:
sleep(0.5)
pool.join()
In this example, there will be no more than 40 processes running at the same time.Now, will add the Callback function:
from multiprocessing import Pool,cpu_count,active_children
mylist = []
def somefunc(a):
a += 1
return a
def main()
def cb(data):
if data:
global mylist
mylist.append(data)
pool = Pool(processes=cpu_count()*10)
for i in range(100):
pool.apply_async(somefunc, (i,), callback=cb)
pool.close()
while len(active_children()) > 1:
sleep(0.5)
pool.join()
Every process will return some data to main process, then will be called callback function, that will manipulate with the data.
For me, callback function is much more easy for use and understand...
Next time will try to tell about successful implementation of KeyboardInterrupt ^C into multiprocessing script. It's another issue.
Monday, July 28, 2014
Wireshark/tshark startup error popup.
 |
Lua: Error during loading: [string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled |
If you get this error when you start up wireshark, it means that you trying to run it with root privileges. It may be dangerous.
If you are using lua scripting with Tshark/Wireshark, then it is strongly recommended to change your system to be able to do capturing and analysis without root privileges. Tshark just protects you from running a script (with endless possibilities to mess up your system if programmed badly) with root privileges.
If not, you can just ignore this error message.
To make this error disappear permanently, you should patch this file on line 29:
'disable_lua = false' change it to 'disable_lua = true'
If not, you can just ignore this error message.
To make this error disappear permanently, you should patch this file on line 29:
'disable_lua = false' change it to 'disable_lua = true'
nano /usr/share/wireshark/init.lua
-- Set disable_lua to true to disable Lua support.
disable_lua = true
UPD:
Someone asked me how to run wireshark without root, here's the solution:
sudo addgroup -system wireshark sudo chown root:wireshark /usr/bin/dumpcap sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap sudo usermod -a -G wireshark YOUR_USER_NAME
There is nothing new under the sun ...mainly
I just had an idea, to write in python script that will disconnect every client on Wifi except of me :)
Started to code, got some challenges, google, solutions.. and BOOM. There is nothing new under the sun.
Started to code, got some challenges, google, solutions.. and BOOM. There is nothing new under the sun.
How to kick everyone around you off wifi with Python
coded byDummy way to "hack" your neighbour's WIFI
When i've just started my study at CSI course, lot of students were so excited of one program called 'wifite'.
There are too many tools for cracking wifi passwords. It's one of them.
That day, when i came home, i immediately found that wifite.
It is written in python, and VERY EASY to use. Just start, choose your target, and press start :)
Interesting, that about 4 years before, i've wrote my own script in bash that does almost the same things :(
I've tried this, and felt like a script kiddie.
What you will need:
1. Wifi network card (USB), most of internal laptop's nics are not supported to inject packets.
2. Install dependencies:
In couple of hours you will get access to WPA encrypted neighbour's AP.
But there was a good thing too. We learned python on the lessons, and i've looked inside the 'wifite' script, there was a lot of useful stuff!
Let's see:
There are too many tools for cracking wifi passwords. It's one of them.
That day, when i came home, i immediately found that wifite.
It is written in python, and VERY EASY to use. Just start, choose your target, and press start :)
Interesting, that about 4 years before, i've wrote my own script in bash that does almost the same things :(
I've tried this, and felt like a script kiddie.
What you will need:
1. Wifi network card (USB), most of internal laptop's nics are not supported to inject packets.
2. Install dependencies:
aircrack-ngIf you want to try and have troubles with installation, use google.
python-tk
reaver
macchanger
pyrit
In couple of hours you will get access to WPA encrypted neighbour's AP.
But there was a good thing too. We learned python on the lessons, and i've looked inside the 'wifite' script, there was a lot of useful stuff!
Let's see:
$wifite
NUM ESSID CH ENCR POWER WPS? CLIENT
--- -------------------- -- ---- ----- ---- ------
1 CoolNet 11 WPA2 66db wps
2 HenP 11 WPA2 45db wps
3 CIPI 13 WPA2 43db wps
4 CoolNet2 9 WPA2 40db wps
5 Virus 11 WPA2 36db wps
6 fani 11 WPA2 35db wps
7 bbb1950 11 WPA2 33db wps
8 035031801 11 WPA2 30db wps
9 netbox-8845 11 WPA2 29db wps
10 Salon 11 WPA2 29db no
11 Yeuda 11 WEP 29db wps
12 niray 11 WPA2 29db wps
13 Jacob 11 WEP 29db no
14 Shmueli_Leon 11 WPA2 28db wps
15 gross_zeev 2.4 11 WPA2 27db no
[+] select target numbers (1-15) separated by commas, or 'all': 1
[+] 1 target selected.
[0:00:00] initializing WPS PIN attack on CoolNet (F8:1A:67:C8:AB:1E)
[0:22:47] WPS attack, 357/404 success/ttl, 94.50% complete (3 sec/att)
[+] PIN found: 76663919
[+] WPA key found: testpassword
[0:08:20] starting wpa handshake capture on "CoolNet"
[0:00:00] unable to capture handshake in timesent
[+] 2 attacks completed:
[+] 0/2 WPA attacks succeeded
found CoolNet's WPA key: "testpassword", WPS PIN: 76663919
[+] quitting
At this time, cracking WPA2 password with WPS PIN attack took 22 minutes. But another try may take 5 hours. Really it does not matter, we have the time.
Why people spend money on things they don't need???
Really, i don't understand.
I study now on awesome Cyber Security Intelligence course, there are so much interesting things..
But there also some people that will never use these techniques.
Worth of this course is about $6000, and what the hell these people sitting in the class, don't understand anything, slowing down the material, and ADMIT, that they will NEVER work in this specialization.
Sorry, but it's fu**ing $6000! Think first and then do something...
Sorry about this :)
I study now on awesome Cyber Security Intelligence course, there are so much interesting things..
But there also some people that will never use these techniques.
Worth of this course is about $6000, and what the hell these people sitting in the class, don't understand anything, slowing down the material, and ADMIT, that they will NEVER work in this specialization.
Sorry, but it's fu**ing $6000! Think first and then do something...
Sorry about this :)
How to get HTTP HEAD request with Python and Bash.
How to get HTTP HEAD request with Python, and get results? Easy.
$python
>>>import requests
>>>r = requests.get('http://google.com')
>>>r.headers
{'alternate-protocol': '80:quic', 'x-xss-protection': '1; mode=block', 'transfer-e
ncoding': 'chunked', 'set-cookie': 'PREF=ID=1f15ab14c12505e8: FF=0:TM=1406501237:L
M=1406501237:S=hHSSoJtgc9dO1MXE; expires=Tue, 26-Jul-2016 22:47:17 GMT; path=/; do
main=.google.co.il, NID=67=D8CbgklOsbelB5ei756y3rTdBBrqAxVON2vpQRxDql2tsw3rq0ANQlc
ndJ8aQ37it9U6ofhaO5xx6wuQOqSX0tHp2QlNREjkwIWtFiXhy_s5L2GLXNKYjE0pkQCs9Fph; expires
=Mon, 26-Jan-2015 22:47:17 GMT; path=/; domain=.google.co.il; HttpOnly', 'expires'
: '-1', 'server': 'gws', 'cache-control': 'private, max-age=0', 'date': 'Sun, 27 J
ul 2014 22:47:17 GMT', 'p3p': 'CP="This is not a P3P policy! See http://www.google
.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."', 'con
tent-type': 'text/html; charset=windows-1255', 'x-frame-options': 'SAMEORIGIN'}
Results depends on parameters you use (follow redirects etc..)
As you can see, type of 'r.headers' is dictionary, so, you can get every value you want by key.
>>>r.headers['server'] 'gws'More info: Python Requests: HTTP for Humans
How to get HTTP HEAD with Bash?
$curl --head google.com HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=UTF-8 Location: http://www.google.co.il/?gfe_rd=cr&ei=2YLVU76XNOTa8gf49YGYCw Content-Length: 261 Date: Sun, 27 Jul 2014 22:53:13 GMT Server: GFE/2.0 Alternate-Protocol: 80:quic
More info: 'man curl'
Two ways of setting Multiple IP Addresses on one interface.
I want to talk about secondary IP addresses on interface in Ubuntu.
Threre is two ways of assigning multiple IP addresses on one interface.
Most of people use the first one:
Save and restart network service.
You can create up-to 254 aliases on one interface (eth0:X)
As you can see, in 'ifconfig' output, there is no addresses without label. Only one labeled 'eth0:0'
Want more?
Get it. it's free:
Linux Advanced Routing & Traffic Control HOWTO
Threre is two ways of assigning multiple IP addresses on one interface.
Most of people use the first one:
First method of setting multiple IP Addresses on interface:
With root privileges, edit /etc/network/interfaces:
auto eth0
iface eth0 inet static
address 172.16.100.1
netmask 255.255.0.0
gateway 172.16.0.1
dns-nameservers 8.8.8.8
auto eth0:0
iface eth0:0 inet static
address 172.16.100.2
netmask 255.255.0.0
auto eth0:1
iface eth0:1 inet static
address 172.16.100.3
netmask 255.255.0.0
Save and restart network service.
You can create up-to 254 aliases on one interface (eth0:X)
The second way to set multiple IP Addresses is to use IP command:
$ip addr add 172.16.100.1/16 dev eth0 $ip addr add 172.16.100.2/16 dev eth0 $ip addr add 172.16.100.3/16 dev eth0 $ip addr add 172.16.100.4/16 dev eth0 label eth0:0 #you can label it 'label eth0:0' $ip addr show dev eth0 2: eth0:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 28:d2:44:33:d8:a3 brd ff:ff:ff:ff:ff:ff inet 172.16.1.204/16 brd 172.16.255.255 scope global eth0 << this is the primary IP Address valid_lft forever preferred_lft forever inet 172.16.100.1/16 scope global secondary eth0 << this is secondary valid_lft forever preferred_lft forever inet 172.16.100.2/16 scope global secondary eth0 valid_lft forever preferred_lft forever inet 172.16.100.3/16 scope global secondary eth0 valid_lft forever preferred_lft forever inet 172.16.100.4/16 scope global secondary eth0:0 << this with label 'eth0:0' valid_lft forever preferred_lft forever inet6 fe80::2ad2:44ff:fe33:a459/64 scope link valid_lft forever preferred_lft forever
As you can see, in 'ifconfig' output, there is no addresses without label. Only one labeled 'eth0:0'
$ifconfig
eth0 Link encap:Ethernet HWaddr 28:d2:44:33:a4:59
inet addr:172.16.1.204 Bcast:172.16.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48726 errors:0 dropped:0 overruns:0 frame:0
TX packets:30127 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:40392826 (40.3 MB) TX bytes:4955907 (4.9 MB)
eth0:0 Link encap:Ethernet HWaddr 28:d2:44:33:a4:59 << only labelled is shown.
inet addr:172.16.100.4 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Want more?
Get it. it's free:
Linux Advanced Routing & Traffic Control HOWTO
Thursday, July 24, 2014
How to generate phone number list in one line?
Sometimes need to generate some numbers, like phone numbers.
And it should to be done quickly!
One line phone numbers generator in bash:
And it should to be done quickly!
One line phone numbers generator in bash:
$ echo -e "\n"054{0..9}{0..9}{0..9}{0..9}{0..9}{0..9}{0..9} > phones.txt
$ cat phones.txt |head
0540000000
0540000001
0540000002
0540000003
0540000004
0540000005
0540000006
0540000007
0540000008
$ cat phones.txt |tail
0549999990
0549999991
0549999992
0549999993
0549999994
0549999995
0549999996
0549999997
0549999998
0549999999
Tinc VPN Setup script (BASH)
In Cyber Security Intelligence Couse, one of the first topics in networking was Tinc VPN.
I coded a little script that will setup your encrypted VPN connection.
Tinc is very useful when you need to set up a VPN quickly.
It is a easy to use, and user friendly :)
I coded a little script that will setup your encrypted VPN connection.
Tinc is very useful when you need to set up a VPN quickly.
It is a easy to use, and user friendly :)
#!/bin/bash
# Tinc VPN Setup script.
# Be sure, that your system is accessible from outside your LAN. Otherwise it's waste of time :)
# By Alexander Korznikov.
#there are text coloring variables
bldred='\e[1;31m' # Red
bldgrn='\e[1;32m' # Green
bldylw='\e[1;33m' # Yellow
txtrst='\e[0m' # Text Reset
function usage()
{
echo ""
echo ""
echo -e "$txtcyn Be sure you've installed tinc previously, by$txtgrn apt-get install tinc$txtrst"
echo ""
echo -e "$bldred Please note, this stupid script will not check your input!! Check it twice!"
echo ""
echo -e "$txtwht By the way, you can view the source and get some useful stuff from it :) $txtrst"
echo ""
echo -e "$bldgrn Usage: sudo $0 install$txtrst"
echo ""
echo -e "$txtwht\t by Alexander Korznikov, @CSI-7$txtrst"
}
function install()
{
echo ""
echo -e "Enter your$bldgrn VPN Name$txtrst (default: myvpn) \c"
read myvpn
if [[ $myvpn != "myvpn" ]]
then
echo ""
echo -e "Your VPN Name: \"$bldgrn$myvpn$txtrst\""
myvpn=$myvpn
else
myvpn="myvpn"
echo ""
echo -e "Your VPN Name: \"$bldgrn$myvpn$txtrst\""
fi
mkdir -p /etc/tinc/$myvpn/hosts
tincconf="/etc/tinc/$myvpn/tinc.conf"
echo ""
echo -e "Enter your host name: \c"
read name
echo "Name = $name" > $tincconf
echo ""
echo "Setting AddressFamily to ipv4..."
echo "AddressFamily = ipv4" >> $tincconf
echo ""
echo "Setting Interface to \"tun0\"..."
echo ""
echo "Interface = tun0" >> $tincconf
# this checks if you using tinc in internet or local network
echo ""
echo -e "Do you setup your VPN on$bldgrn WAN$txtrst or$bldgrn LAN$txtrst network? [wan/lan] \c"
read answer
if [[ $answer == "wan" ]]
then
wget getmyipaddress.org -O ./inetip.txt -o /dev/null
myip=`cat inetip.txt |grep 'Your IP Address' | cut -d":" -f2 | sed -e 's, ,,g' |cut -d "<" -f1`
#rm inetip.txt
elif [[ $answer == "lan" ]]
then
myip=`ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`
else
echo "Incorrect answer...exiting!"
echo ""
echo "Cleanup..."
sleep 1
rm -r /etc/tinc/$myvpn
exit 0
fi
echo -e "For debug.. your IP Address is $bldgrn"$myip"$txtrst..."
echo ""
echo "Address = $myip" > /etc/tinc/$myvpn/hosts/$name
echo -e "Enter your$bldgrn VPN IP address$txtrst [ex. 5.0.0.22]: \c"
read vpnip
echo "Subnet = $vpnip/32" >> /etc/tinc/$myvpn/hosts/$name
echo ""
#checking if you already have private key for $myvpn
echo "Removing all previously generated keys for $myvpn..."
sleep 1
echo ""
if [ -e /etc/tinc/$myvpn/rsa_key.priv ]
then
rm /etc/tinc/$myvpn/rsa_key.priv
fi
echo ""
echo "Now, we'll generate public/private keys..."
echo ""
echo -e "Press Enter to continue... \c"
read blabla
tincd -n $myvpn -K4096
echo "Creating start-up script..."
sleep 1 #it's just for fun ;)
echo ""
echo "!#/bin/bash" > /etc/tinc/$myvpn/tinc-up
echo "ifconfig \$INTERFACE $vpnip netmask 255.255.255.0" >> /etc/tinc/$myvpn/tinc-up
chmod +x /etc/tinc/$myvpn/tinc-up
echo "Creating shutdown script..."
sleep 1
echo "!#/bin/bash" > /etc/tinc/$myvpn/tinc-down
echo "ifconfig \$INTERFACE down" >> /etc/tinc/$myvpn/tinc-down
chmod +x /etc/tinc/$myvpn/tinc-down
echo ""
echo -e "Enter the name you want to connect to [ex. john]: \c"
read connectto
echo "ConnectTo = $connectto" >> $tincconf
echo ""
echo ""
echo -e "Now, exchange public keys, and run $bldgrn\"tincd -n $myvpn\"$txtrst"
echo ""
if [[ $answer == "wan" ]]
then
echo -e "$bldred Be sure, if your system is accessible from outside.$txtrst"
echo ""
fi
nautilus /etc/tinc/$myvpn/hosts
echo "Good luck."
echo ""
}
if [[ $1 = "install" ]]
then
install
else
usage
fi
Creating dictionary from a Twitter account.
Hi there.
Today will write a simple code in python that will scrape unique words from a Twitter account. For creating a targeted dictionary.
First of all, will find some twitter account:
Next, we need to find out, which field we need to get (with inspect tool):
You can see 'class' named 'ProfileTweet-text js-tweet-text u-dir'. That is what we need.
Let's start coding python:
Today will write a simple code in python that will scrape unique words from a Twitter account. For creating a targeted dictionary.
First of all, will find some twitter account:
Next, we need to find out, which field we need to get (with inspect tool):
You can see 'class' named 'ProfileTweet-text js-tweet-text u-dir'. That is what we need.
Let's start coding python:
import requests
from bs4 import BeautifulSoup
r = requests.get('https://twitter.com/CelebWorshipLdr')
soup = BeautifulSoup(r.content) #raw html data
The URL is loaded, and passed to BeautifulSoup.
Creating the dictionary:
a = []
for i in soup.find_all('p',{'class':'ProfileTweet-text js-tweet-text u-dir'}):
a += i.text.encode('ascii','ignore').split()
a = set(a)
print a
$ set(['sometimes,', 'saying', 'all', 'ever.', 'background', 'Mumford.'...etc])
That's all. Thank you.
Monday, July 14, 2014
HOTBOX or FiberBOX Wifi Access in Israel
I live in Israel, and work at HOT CATV Company, that provide Internet services.
The prime modem/router that you can get from this company -- "Hotbox DOCSIS 3.0 Cable Modem/Wireless Router", manufactured by SAGEMCOM.
There is new one "FiberBOX" also, that have the same issue explained at bottom.
By Default, WiFi ESSID: HOTBOX-1234 (1234 is last four characters of CM-MAC of the box)
And the password is CM-MAC address.
Lets see all SAGEM MACs:
http://www.adminsubnet.com/mac-address-finder/sagem
As we already know from the ESSID, '1234' are the last four characters of cm-mac, and we know the starting six characters of Vendor ID, we can bruteforce it pretty fast.
For example:
Your neighbour has HOTBOX or Fiberbox (only difference in ESSID: Fiber-1234), with default ESSID 'HOTBOX-1DE4' ok?
We know the starting Vendor ID's (for example):
So, make a simple bash script that will capture 'handshake', then create a dictionary with all possible MACs, and bruteforce that 'handshake' with pyrit (for example).
I promise, it will not take more than 10 seconds to crack the handshake.
Maybe i will post a script in next posts.
The prime modem/router that you can get from this company -- "Hotbox DOCSIS 3.0 Cable Modem/Wireless Router", manufactured by SAGEMCOM.There is new one "FiberBOX" also, that have the same issue explained at bottom.
By Default, WiFi ESSID: HOTBOX-1234 (1234 is last four characters of CM-MAC of the box)
And the password is CM-MAC address.
Lets see all SAGEM MACs:
http://www.adminsubnet.com/mac-address-finder/sagem
As we already know from the ESSID, '1234' are the last four characters of cm-mac, and we know the starting six characters of Vendor ID, we can bruteforce it pretty fast.
For example:
Your neighbour has HOTBOX or Fiberbox (only difference in ESSID: Fiber-1234), with default ESSID 'HOTBOX-1DE4' ok?
We know the starting Vendor ID's (for example):
18622cThe last thing that we need to know its 7'th and 8'th character.
2c3996
2ce412
348aae
3c81d8
4c17eb
681590
6c2e85
7c034c
7c03d8
00789e
90013b
94fef4
c0ac54
c0d044
c8cd72
cc33bb
d86ce9
e8be81
e8f1b0
f08261
So, make a simple bash script that will capture 'handshake', then create a dictionary with all possible MACs, and bruteforce that 'handshake' with pyrit (for example).
I promise, it will not take more than 10 seconds to crack the handshake.
Maybe i will post a script in next posts.
Ok, let's start!
Finally, i've decided to post something.. There is so many, thoughts in my mind.
Ok. I'm Alexander Korznikov, study at CSI course. (Cyber Security Intelligence).
For now, 1/3 of the course is passed.. and i'll try to uncover some topics in next posts.
Hope it will be useful :)
Ok. I'm Alexander Korznikov, study at CSI course. (Cyber Security Intelligence).
For now, 1/3 of the course is passed.. and i'll try to uncover some topics in next posts.
Hope it will be useful :)
Subscribe to:
Comments (Atom)