Search my Blog

Tags

Browse Past Posts

Browse by Topic

♥ Special ♥

Blogroll

Frequently Visited Sites

News, Geek & Security

www.flickr.com
This is a Flickr badge showing public photos and videos from Bruce Westbrook. Make your own badge here.

My Hosting Provider

My most excellent hosting provider since 2002...9 years and counting!

This is not the image you are looking for.

Notes

This is just my page to keep some quick notes about various things:

LINUX
Linux Commands
Linux Services

nmap scan, no pinging (P0), verbose (v), determine OS (A), do it fast (T4)
[quickcode:noclick]nmap -P0 -v -A -T4 [ip_address] /-iL [file_with_IP_addresses][/quickcode]

Simple ping sweep
[quickcode:noclick]nmap -sP [ip_address][/quickcode]

Shows listening programs & port numbers
[quickcode:noclick]netstat -luntp [/quickcode]

List with packet counts for rules (v) & numeric ports instead of names (n)
[quickcode:noclick]iptables -vnL[/quickcode]

Clear packet counts
[quickcode:noclick]iptables -Z

List the NAT/Mangle table
[quickcode:noclick]iptables -T nat -vnL

DNS zone transfer:
[quickcode:noclick]dig DOMAIN_NAME AXFR
** or **
dig @DNS_SERVERr DOMAIN_NAME AXFR

BIND version:
[quickcode:noclick]dig @DNS_SERVER txt chaos version.bind

DNS Start of Authority record:
[quickcode:noclick]dig @DNS_SERVER DOMAIN_NAME soa

WINDOWS
To hunt down a process that’s listening, run netstat -nao to find the port and PID you’re interested in, then run tasklist to correlate the PID to the executable (in Linux you can do this all in one command — “netstat -l -v –numericports” — but in Windows it takes two.
[quickcode:noclick]netstat -nao
tasklist[/quickcode]

For a complete batch file to run in intervals, see my posting here…

Remote Desktop to the “console” session (only good on W2k3 or later):
[quickcode:noclick]mstsc /console /v:SERVER

WORDPRESS
Good WordPress tutorials, including adding quicktag toolbar buttons
http://www.tamba2.org.uk/wordpress/

Hydra
Hydra password cracking:

  1. Download Hydra for Win32 from: http://www.thc.org/thc-hydra/
  2. Extract the zip file
  3. Get a dictionary list to try first. Go to http://prdownloads.sourceforge.net/cracklib/cracklib-words.gz?download
  4. Unzip the cracklib wordlist into your hydra directory
  5. Open a Command Prompt
  6. Navigate to the hydra extracted directory

Example syntax:
[quickcode:noclick]hydra -l admin -P cracklib-words -m “http://192.168.1.1″ 192.168.1.1 https-head
hydra -S -s 10443 -l admin -P cracklib-words -m “https://endian:10443/cgi-bin/index.cgi” endian https-head

FireStats icon Powered by FireStats