Jump to content

Recommended Posts

Posted (edited)

Soo I randomly clicked this bookmark I have not posted here in ages ..

last time I posted 'updates' was ... well even more random !!

http://forums.hak5.org/index.php?showtopic=13504&st=0&p=135278&hl=operat0r_001&fromsearch=1entry135278

ohh and my .htaccess is even more 1337 now .. I basically 301 redirect 404's back to the remote host IE .. you end up hacking yourself :)

http://rmccurdy.com/scripts/htaccess


RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/?.*$ http://%{REMOTE_ADDR}/$1 [R=301,L]

here some more updates. Back to 2009 last time I posted!

---

orig rmccurdy.com news ..

ohh and mimikatz "Tool To Recover Cleartext Passwords From Lsass" yes no more cracking hashes !


04/24/2012 - Client_Enumeration_Java_Adobe_Reader_flash.zip Client side HTML/Java code to enumerate Java, Adobe Reader and Flash Versions

04/24/2012 - Openvas in Ubuntu

echo 'GSA_HTTP_ONLY=1' >> /etc/default/greenbone-security-assistant

/etc/init.d/greenbone-security-assistant
[ "$GSA_HTTP_ONLY" ] && [ "$GSA_HTTP_ONLY" = 1 ] && DAEMONOPTS="$DAEMONOPTS --http-only"
remove src from sources list along with matching the /etc/lsb-release ver too

add-apt-repository "deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_11.XX/ ./"

grep -ia open /etc/apt/sources.list deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_11.04/ ./ #deb-src http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_11.04/ ./

if you still have issues just run 'killall gsad;sleep 5;gsad --http-only --listen=127.0.0.1 -p 9392

04/18/2012 - update_nmap_oracle_sids_userpass.exe

# sid enum using nmap and metasploits sid.txt 1307 sids in ~8 seconds
nmap -n --script=oracle-sid-brute -p 1521-1560 192.168.1.141

# try 1255 user/pass
# requires valid SID  ( defualt is XE )
# Performed 1245 guesses in 3 seconds, average tps: 415
nmap --script oracle-brute -p  1521-1560 --script-args oracle-brute.sid=XE  -n 192.168.1.141

# oracle shell using OAT Oracle Audit Tool
ose.bat -s 192.168.1.141 -u SYS -p CHANGE_ON_INSTALL -d XE -t Windows

04/17/2012 - Metasploit with Oracle !
-------------------------------------------------------------------------------------
following :http://www.metasploit.com/redmine/projects/framework/wiki/OracleUsage
2:10 PM 4/17/2012
-------------------------------------------------------------------------------------
# Remove ruby using apt or synaptic etc ..
apt-get remove ruby

# update and install 1.9.1 dev
apt-get update
apt-get install ruby1.9.1-dev -y

mkdir /opt
mkdir /opt/oracle

# copy zips to /opt/oracle
cp *.zip /opt/oracle
cd /opt/oracle

unzip basic-10.2.0.5.0-linux.zip
unzip sdk-10.2.0.5.0-linux.zip
unzip sqlplus-10.2.0.5.0-linux.zip


cd instantclient_10_2/
ln -s libclntsh.so.10.1 libclntsh.so

# add this to ~/.bashrc and also type it in current shell

export PATH=$PATH:/opt/oracle/instantclient_10_2
export SQLPATH=/opt/oracle/instantclient_10_2
export TNS_ADMIN=/opt/oracle/instantclient_10_2
export LD_LIBRARY_PATH=/opt/oracle/instantclient_10_2
export ORACLE_HOME=/opt/oracle/instantclient_10_2

# wget http://rubyforge.org/frs/download.php/65896/ruby-oci8-2.0.3.tar.gz

tar xvzf ruby-oci8-2.0.3.tar.gz
cd ruby-oci8-2.0.3/
LD_LIBRARY_PATH=/opt/oracle/instantclient_10_2/
export LD_LIBRARY_PATH
make
make install



# download msf .run bin installer
# I had to edit the  /pentest/exploits/framework/.svn/entries and add www. to the file so you could run svn update

cd /pentest/exploits/framework/
svn update

# run MSFconsole from /pentest/exploits/framework/ not the init scipt this will allow for use of YOUR env and not the static one for MSF binary
cd /pentest/exploits/framework/
./msfconsole

#from msfconsole install ruby-oci8 gem
gem install ruby-oci8


If you still get the missing OCI error it is all ruby the oracle client loads after


# oracle_login needs nmap > 5.50 !

wget http://nmap.org/dist/nmap-5.51.tgz
tar -xvf nmap-5.51.tgzm
cd nmap-5.51
./configure
make
make install



ln -s /usr/local/bin/nmap /usr/bin/nmap


--------------- msf stuff ---------

# as always you can spool log.log to save logfile or use screen -L


# brutes ~576 sids will eat targets file
use auxiliary/scanner/oracle/sid_brute
set RHOSTS file://home/rmccurdy/oracle
run
back


# This module attempts to authenticate 568 line USERPASS_FILE list
# requires SID
use auxiliary/scanner/oracle/oracle_login
set RPORTS 1521
set RHOSTS file://home/rmccurdy/oracle
set SID XE
run
back


# needs oci !!!
# This module uses a ~598 line list of well known default authentication credentials to discover easily guessed accounts.
use auxiliary/admin/oracle/oracle_login
set RHOSTS file://home/rmccurdy/oracle
set RPORTS 1521
run
back


# needs oci !!!
# needs full login/password/sid audits database and or user
# https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/oracle/oraenum.rb

use auxiliary/admin/oracle/oraenum
set RHOST 127.0.0.1
set DBPASS TIGER
set DBUSER SCOTT
set SID ORCL
run
back



04/17/2012 - Configuring the Scrollback Buffer

By default, the scrollback buffer only keeps the last 100 lines of text, which is not enough for my typical interaction with Screen. I’ve found a setting of 5000 lines to be more than adequate for my usage. The number of scrollback lines can be configured in your $HOME/.screenrc file, by adding the following line:

defscrollback 5000

04/16/2012 - Block Facebook with Adblock Plus! :

Make new custom filter and add these three filters:

||facebook.com$domain=~www.facebook.com
||facebook.net$domain=~www.facebook.com
||fbcdn.net$domain=~www.facebook.com

04/13/2012 - cygwin_portable.zip

* NESSUS_PARSE.BAT ( parse Nessus .nessus XML files to CSV )
* NMAP.BAT ( scans top 20 ports from targets file and then does full scan/automatic parse to CSV )
* NMAP_PARSE.BAT ( parse NMAP xml scans from -oA output )
* FIND_ROUTERS.bat ( automated search for routers to find other networks on 192. , 172. and 10. when you have no scope or want to find other networks/hosts in a LAN 'in development' )
* WEBDUMP in /bin (This script will quickly download a large number of websites first page then remove duplicates to find potential targets for attack http://rmccurdy.com/scripts/web_dump.sh )
* Bash_Shell.bat (PERL RUBY and PYTHON support in a Cygwin Bash Shell )

Here is the download link ( tested in XP and WIN7 )

https://dl.dropbox.com/s/hwp8uqfdm7lxavb/cygwin_portable.zip?dl=1

04/12/2012 - masspwdumper.exe

This is a pack/script to run a suite of password/cached credentials utility. You get anything from saved internet cookies to plain text passwords to network/local resources !





* DISABLE UAC FIREWALL AND AV for best results

* YOU NEED TO HAVE GUI FOR MPR Multi Password Recover.exe,Password Recovery Bundle.exe and sometimes some of the carrot.exe options /ieco /ff   



INCLUDES:



* mimikatz ( DUMP CLEAR TEXT PASSWORDS ! )

* MPR Multi Password Recover.exe  ( GUI tool )

* Password Recovery Bundle.exe ( GUI tool )

* fgdump.exe ( Dump password hash )

* carrot.exe ( Suite of tools most of them are nirsoft.net )



https://dl.dropbox.com/sh/llw7unn0hlptigj/aC5YSuyosX/masspwdumper.exe?dl=1

04/10/2012 - News

[Tool update] - Gason: sqlmap plugin for burpsuite proxy
http://code.google.com/p/gason/

CIntruder: Cracking captcha from url
http://www.youtube.com/watch?v=0UoVV3Oxq8g


Free malware scanning and blacklist monitoring for websites
http://siteinspector.comodo.com/

01/17/2012 - UPDATED: proxycheck.sh

01/17/2012 - UPDATED: feeds.rmccurdy.com
# sonofsamy.wordpress.com
# exploit-db.com
# securinfos.info
# vupen.com
# professionalsecuritytesters.org
# info
# securitytracker.com
# news.securitytracker.com
# taosecurity.blogspot.com
# gossamer-threads.com
# net-security.org
# kb.cert.org
# cert.org
# milw0rm.com
# seclists.org
# us-cert.gov
# f-secure.com
# securityvulns.com
# osvdb.org
# securityfocus.com
# wordpress.com
# blogspot.com
# twitter.com

12/30/2011 - I.m bringing sexy back !! well .. 1989 ... After Dark screensaver Flying Toasters After Dark screensaver Flying Toasters.exe No midi thank god !!! bit wonkey you can look at the install.bat and .reg files. for some reason it needs full R/W to its HKLM install path in the registry. Tested on XP and WIN7 !

12/15/2011 - Disable Metasploit / Enable Metasploit in windows.
# disable stop script
net stop "Metasploit Pro Service"
net stop "Metasploit Thin Service"
net stop metasploitPostgreSQL
sc config metasploitProSvc   start= disabled
sc config metasploitThin  start= disabled
sc config metasploitPostgreSQL  start= disabled



# enable start script
sc config metasploitProSvc   start= auto
sc config metasploitThin  start= auto
sc config metasploitPostgreSQL  start= auto
net start "Metasploit Pro Service"
net start "Metasploit Thin Service"
net start metasploitPostgreSQL

11/01/2011 - UDDATED Proxycheck.sh good.txt is updated weekly over 5K proxies tested ~500 HTTP

06/23/2011 - Here are some MSF/SET and NMAP notes for brute force (for MSF for M$ ),VNC bypass and Airbase :


## MSF

 auxiliary/scanner/smb/pipe_auditor                                           normal     SMB Session Pipe Auditor
   auxiliary/scanner/smb/pipe_dcerpc_auditor                                    normal     SMB Session Pipe DCERPC Auditor
   auxiliary/scanner/smb/smb2                                                   normal     SMB 2.0 Protocol Detection
   auxiliary/scanner/smb/smb_enumshares                                         normal     SMB Share Enumeration
   auxiliary/scanner/smb/smb_enumusers                                          normal     SMB User Enumeration (SAM EnumUsers)
   auxiliary/scanner/smb/smb_enumusers_domain                                   normal     SMB Domain User Enumeration
   auxiliary/scanner/smb/smb_login                                              normal     SMB Login Check Scanner
   auxiliary/scanner/smb/smb_lookupsid                                          normal     SMB Local User Enumeration (LookupSid)


# vnc bypass oneliner
nmap -sV -sC -iL c:\temp\vnc.txt -p 5900

# ssh logins
use auxiliary/scanner/ssh/ssh_login
set RHOSTS 127.0.0.1
set USER_FILE "C:/wordlist/password_small.txt"
set RHOSTS_FILE "C:/wordlist/targests.txt"
run

back

use auxiliary/gather/dns_enum
set DOMAIN domain.com
run


#smb
set RHOSTS 10.21.1.37  
use auxiliary/scanner/smb/smb_login

set RHOSTS 127.0.0.1

set USER_FILE "C:/wordlist/users.txt"
set PASS_FILE "C:/wordlist/2.txt"
set VERBOSE false
set THREADS 16
run

# http

use auxiliary/scanner/http/http_login
set AUTH_URI /folder?dcPath=ha-datacenter
set RHOSTS 127.0.0.1 127.0.0.1 127.0.0.1
set VERBOSE true
run




back

# telnet
use auxiliary/scanner/telnet/telnet_login
set RHOSTS 127.0.0.1,49,50

set PASS_FILE "C:/wordlist/password_small.txt"
set THREADS 254
run



back


# mssql
use auxiliary/scanner/mssql/mssql_login
set RHOSTS 127.0.0.1
set PASS_FILE "C:/wordlist/password_small.txt"
set USERNAME sa
set VERBOSE false
run


back



#ftp
use auxiliary/scanner/ftp/ftp_login
set RHOSTS  127.0.0.1
set PASS_FILE "C:/wordlist/password_small.txt"
run



#snmp
use auxiliary/scanner/snmp/snmp_login
set RHOSTS  127.0.0.1
set PASS_FILE "C:/wordlist/snmp_default_pass.txt"
set VERBOSE false

run


## SET


https://docs.google.com/document/d/11QDLxgCxc2mBEOe8gEPTooQ1zD_KvzuuThRCMLKeE80/edit?hl=en_US

08/10/2011 - Updated iKAT . Interactive Kiosk Attack Tool http://console.rmccurdy.com

06/23/2011 - Information Leakage

FOCA . Document meta-data retrieval and analysis, domain enumeration
Maltego . Transform/processing engine for correlation and linking objects
Creepy . Geo-location information gatherer http://ilektrojohn.github.com/creepy
Shodan . Web server search engine
Metagoofil . Document meta-data command-line tool
Wikto . web server vulnerability and folder enumeration
Bespoke scripts . contact me offline for some quick and dirty bash scripts which automate some tasks
u = Number of usernames enumerated
nf = Number of network folders enumerated
e = Number of email addresses
vs = Number of vulnerable internal software versions
wv = Number of known vulnerabilities in version of web server
ev = Number of vulnerabilities in version of mail server
gg = Number of Google Groups postings
r = Number of robots.txt entries
Exposure = u+nf+e+vs+wv+ev+gg+r / 9
RSA = (3+3+2+2+1+1+4+1)/8 = 17/9 = 2
Problem with such calculations is lack of account for context Un disclosed source
06/23/2011 -


Nice technique for opening cmd:
1) Open MSPaint and change image attributes to: Width=6 and Height=1 pixels.
2) Set pixels values to (from left to right):
1st: R: 10, G: 0, B: 0
2nd: R: 13, G: 10, B: 13
3rd: R: 100, G: 109, B: 99
4th: R: 120, G: 101, B: 46
5th: R: 0, G: 0, B: 101
6th: R: 0, G: 0, B: 0
3) Save it as 24-bit Bitmap (*.bmp;*.dib)
4) Change it's extension from bmp to bat and run.
Source:
http://www.digitalwhisper.co.il/0x26/ 06/02/2011 - theHarvester.py email Harvester


https://github.com/laramies/theHarvester


./theharvester.py -d microsoft.com -l 50 -b google
./theharvester.py -d microsoft.com -l 50 -b bing
./theharvester.py -d microsoft.com -l 50 -b pgp
./theharvester.py -d microsoft.com -l 50 -b linkedin
./theharvester.py -d microsoft.com -l 50 -b google-profiles
./theharvester.py -d microsoft.com -l 50 -b exalead

05/18/2011 - Malware Analysis

Also been messing with Malware Analysis tools. Let me know if you want any more info on these. Still a total noob doing crackmes.



·         Portable IDA Pro with IDAPython/stealth plug-in

·         Portable Reflector a Class browser and analysis tool for  .NET >=4 Decompile  

·         malware_analyser 3.0

·         yara exe with sigs ( needs more work.. )

·         DeFixed_Edition_v2 ( olly / ton plug-in etc )





http://www.openrce.org/downloads/

http://tuts4you.com

http://crackmes.de  





http://www.youtube.com/watch?v=zvWc-XsBKrA

http://www.youtube.com/watch?v=jIaImASmto4

http://blip.tv/carolinacon/yara-and-python-the-malware-detection-dynamic-duo-mjg-michael-goffin-5123342



http://www.pentestit.com/2011/03/08/cuckoo-malware-analysis-sandbox/

http://www.pentestit.com/2011/04/20/update-malware-analyzer-v30/

http://www.pentestit.com/2011/03/23/update-yara-v15/

http://www.malwareanalyser.com/home/






As a free service:
* Norman SandBox (http://www.norman.com/security_center/security_tools/)
* Anubis (http://anubis.iseclab.org)
* CWSandbox (http://www.mwanalysis.org/)
* ThreatExpert (http://www.threatexpert.com)
* Comodo Camas (http://camas.comodo.com)
* MalBox (http://malbox.xjtu.edu.cn)

Commercial products:
* Norman SandBox (http://www.norman.com/products/sandbox_malware_analyzers/en)
* GFI Sandbox (http://www.sunbeltsoftware.com/Malware-Research-Analysis-Tools/Sunbelt-CWSandbox/)
* Joe Sandbox (http://www.joesecurity.com)
* ThreatExpert ?

Freeware:
* Buster's Sandbox Analyzer (http://bsa.isoftware.nl)

Open Source:
* Cuckoo Sandbox (http://www.cuckoobox.org)
* Truman Sandbox (http://www.secureworks.com/research/tools/truman/)
* ZeroWine (http://sourceforge.net/projects/zerowine/)
* ZeroWine Tryouts (http://zerowine-tryout.sourceforge.net/)

04/26/2011 - Updated Yahoo movies feed movies.html
04/12/2011 - Yay mod_bw

BandwidthModule On
ForceBandWidthModule On
LargeFileLimit * 1000 10000
MaxConnection all 3



03/28/2011 - Sick of setting file associations ? this is what I use on my portable apps ! acc.bat.txt

03/06/2011 - Portable virtual windows !?!? http://fcportables.blogspot.com/2011/01/portable-microxp-2011.html  using QEMU to load ISO files http://milky.manishsinha.net/2008/07/10/using-qemu-on-windows/  

03/1/2011 - Updating flash in firefox the right way.... http://www.varesano.net/blog/fabio/installing%20flash%20player%20plugin%20firefox%20without%20having%20administrator%20access%20or%20premissions
also neat is http://ninite.com


02/28/2011 - Normal cygwin/ruby/perl 400megs 22K files .. Cameyo packaged 121 megs Portable Cygwin http://db.tt/qp2nKi5 Run the EXE and wait a long time if you still have errors wait close and reopen contains ruby/perl/make/c++/automake/screen


02/28/2011 - Go away bots .. I have no PHP here .. RewriteCond %{QUERY_STRING} ^.*\&.*$ [NC]


02/26/2011 - Fixed my Hacker Safe logo

02/26/2011 - Proxbrute Proxmark3 Brute force RFID http://www.proxmark.org/forum/topic/713/proxbrute/

02/23/2011 - Updated yahoo pipe for comics http://comics.rmccurdy.com


01/21/2011 - Updated http://feeds.rmccurdy.com



twitter.com
blogspot.com
wordpress.com
securityfocus.com
osvdb.org
securityvulns.com
f-secure.com
us-cert.gov
seclists.org
milw0rm.com
cert.org
kb.cert.org
net-security.org
gossamer-threads.com
taosecurity.blogspot.com
news.securitytracker.com
securitytracker.com
professionalsecuritytesters.org
vupen.com
securinfos.info
exploit-db.com
rmccurdy.com
sonofsamy.wordpress.com

01/21/2011 - john 1337 speak worlist gen:



The default john.conf includes some rules like that, enabled for "single crack" mode only by default. You may copy the lines between these two comments:
# The following 3l33t rules are based on original Crack's dicts.rules
l/asa4[:c]
l/ese3[:c]
l/lsl1[:c]
l/oso0[:c]
l/sss$[:c]
...
l/asa4/ese3/lsl1/oso0/sss$[:c]
# Now to the prefix stuff...
into the [List.Rules:Wordlist] section to have them enabled for wordlist mode as well. usage: john -w=wordlist --stdout --rules


11/13/2010 - FLoP's fpg false positive generator for IDS:
Static BIN for BT4 : FPG.zip
Fpg: http://www.geschke-online.de/doc/c2398.html
Fpg src : http://www.geschke-online.de/FLoP/src/FLoP-1.6.1.tar.gz

11/10/2010 - Full Update Guide - Fender/1.2 32A (myTouch 3G 1.2 / Fender LE (3.5mm jack) version) I can't bring myself to mod it yet but I did get root with Universal Androot 1.6.2 beta 5 apk temp root for the current T-mobile build
10/05/2010 - RS links are all dead and gave up on yahoo pipes regex is hit or miss for 3 weeks ... movies.html

10/02/2010 - lighttpd FTW :
# limit max connections per ip and limit bandwidth
server.kbytes-per-second = 10
evasive.max-conns-per-ip = 2
connection.kbytes-per-second = 10

09/13/2010 -
Sipdroid / sip.sipdiscount.com

\+*1*(.*),1\1
08/01/2010 -

Creative Loafing:
week http://rmccurdy.com/scripts/clatl.com.html
weekend http://rmccurdy.com/scripts/clatl.com_ss.html
Atlanta Events Calendar - Search Upcoming Events in Atlanta:
http://feed43.com/atlantanetrmccurdydotcom.xml
Atlanta Motor Speedway | Events
http://feed43.com/atlantamotor_rmccurdydotcom.xml
Atlanta, GA Events and Attractions by Citysearch
http://feed43.com/citysearch_rmccurdydotcom.xml
funny farm comedy club
http://feed43.com/funnyfarmcomedyclubatlanta.xml
The Punchline - Atlanta's premier comedy club!
http://feed43.com/thepunchlineatlanta.xml


07/14/2010 - Tutorial WIM image files wimfltr.sys Windows Image File Filter Driver command line install

I have an H drive ( using junction to link C:\users\internet\Documents\my dropbox to h:\ ) I wanted to easily update files that triggerd AV so I zipped them up. I update the zip often and was testing for other options and this is what I tried.

* h:\junction.exe -s "C:\users\internet\Documents\my dropbox" h: this is howto change location of dropbox sync :)


* google for the drivers ImageX_x86

* install the driver
rundll32 syssetup,SetupInfObjectInstallAction DefaultInstall 128 .\ImageX_x86\wimfltr.inf

* create an image of a DRIVE ( cannot be mapped drive OR junction 'ln for windows' )
.\ImageX_x86\imagex.exe /capture d:\ c:\twf.wim "WIM Compress" /compress maximum

* umount image
.\ImageX_x86\imagex.exe /unmount /commit c:\cygwin

* mount image
.\ImageX_x86\imagex.exe /mountrw .\cygwin.wim 1 c:\mount


* even with 'maximum' compresstion images are larger then the source files in most cases... ???
* 80meg zip of Cygwin ~300 unzipped becomes 600 WIM file ???
* requires admin rights to install drivers but still beats zipping and unzipping items that trigger AV
reference: http://technet.microsoft.com/en-us/library/cc749447%28WS.10%29.aspx

06/12/2010 - low on disk space android G1 find / -name traces.txt -exec rm -Rf {} \; something kept crashing while I was AFK and caused this traces.txt file to get huGe
06/05/2010 - *lix/windows full disk encryption 'part crypt' on the cheap !
06/03/2010 - http://comics.rmccurdy.com huge mashup of comics! http://pipes.yahoo.com/pipes/pipe.run?_id=ccd5e025249a09a9358ede1d3e238eab&_render=rss
05/30/2010 - yahoo new dvd A or B after 2009 > nzbindex.nl search
05/27/2010 - Android stream ripper http://www.greencode.me/imusic apk: http://tinyurl.com/imusic1
04/30/2010 - QuranReciter http://www.ShaPlus.com Friend was asking about the software so justa re-visit


04/29/2010 - Dropbox portable any path without "my dropbox" in M$ ... DropboxDataWrapper DropboxPath FAILSAUSE

Requirements:

* Administrator ( possibly for dropbox advanced options )
* NTFS on the host computer !
* BACKUP BEFORE YOU DO ANYTHING !!!

Setup:

* Download DROPBOX
Recommended using the potable dropbox ICE because it has (UsbGuard (0.5.3) - Prevents Data Loss by killing DropBox.exe if you accidentally unplug your usb drive (included)
DropBox Portable ICE 0.5.3 -SuPPoRT aLL DRoPBoX VeRSioNs | Updated : 11-04-2010

http://dl.dropbox.com/u/5313411/Portable%20DropBox%20ICE%200.5.3.3%20%2B%20DropBox%200.8.32.rar

* Download Junction v1.05 from sysinternals “symbolic links, where a directory serves as a symbolic link to another directory on the computer.”
* Start dropbox
* Get the link to your dropbox folder path
* Create the sym link to whatever path you like example
rd /q/s "C:\Documents and Settings\internet\My Documents\My Dropbox"
Junction.exe "C:\Documents and Settings\internet\My Documents\My Dropbox" h:\

To delete a sym link use this command:
Junction.exe -d "C:\Documents and Settings\internet\My Documents\My Dropbox"

NOTES: there is a time tradeoff the dropbox.cache folder get queried a LOT and other I/O is sent to the target I would say for 16K files ~2gigs it took ~20-30min where as if it was just a read from the flash disk it would be under 10min

04/26/2010 - ROUTER DIED server was down for about 5hrs today if anybody but bots noticed ...
04/23/2010 - Metasploit meterpreter cheat sheet reference.html All the meterpreter commands I could find / create
04/19/2010 - sprint login script curl .php.txtSprint login script using php / curl
04/16/2010 - UDDATED http://feeds.rmccurdy.com
04/15/2010 - UDDATED Proxycheck.sh good.txt is updated weekly
04/14/2010 - konika script users scan to email for 353 and 350.sh.txtbash/curl script to parse XLS contact list and add it to konika 353 and 350 printers :)
04/14/2010 - movamp.zip Portable AMP Portable apache / php / phpmyadmin / MySQL only 10megs ! change the httpd.conf paths and wala !
03/30/2010 - FIXED Yahoo rotten tomatoes newzbin nzb DVD sabnzbd downloader
03/01/2010 - To set up Yahoo E-Mail in Android:

log-in to your yahoo mail
go to Options, then Account, followed by “Add or edit an account”
select “Account Information” on the left
on the " Preferred Content," change it to Yahoo Asia

   1. Make sure Wi-Fi is turned off
   2. Press the E-Mail icon (the default Android E-Mail application)
   3. Enter your Yahoo E-Mail address and password
   4. Press “Manual Setup” in the lower left hand corner
   5. For “Incoming Server Settings” set the IMAP server to “imap.mail.yahoo.com” and the Port to 143
   6. For “Outgoing Server Settings” set the SMTP Server to “smtp.mobile.mail.yahoo.com” and the Port to 587
   7. Check “Require sign-in” and press Next
   8. Select how often your phone will check for Email, and choose default options
   9. Give the account a name and set your display name for outgoing messages


02/23/2010 - Yahoo rotten tomatoes newzbin nzb DVD sabnzbd downloader Rss feed of 'good' movies to aim at SABnzbd
02/18/2010 - quickbaksmali.zip

* requires java ! in %PATH% !
* just place the java_ee_sdk-5 folder to make it portable !
* put the APKS files in the folder APKS
* you (can) edit the job2.bat with your keytool/key info etc ..


* run the baksmali.bat
* make your changes etc
* run the smali.bat

you should see the updated \META-INF folder in the 'new' apk
and the classes.dex should be new.

02/18/2010 - NMAP FOR ANDROID CROSS COMPILE ARM
02/18/2010 - chsh: entry inconsistent or change shell in FreeBSD `vipw;chsh -s /bin/PATHTOSHELL` vipw != vi /etc/passwd ...
02/04/2010 - Updated LFI.txt http://ha.ckers.org/weird/rfi-locations.dat
01/07/2010 - Full Update Guide - G1/Dream Firmware to CyanogenMod - CyanogenMod Wiki

01/07/2010 - MYTHTV ON UBUNTU 9.10 1TB RAID1

12/08/2009 - Portable Metasploit 3.4-dev svn r7752 Portable_Metasploit_3.4-dev_svn_r7752.exe

12/01/2009 - FreeBSD rtld Lets Local Users Gain Root Privileges http://rmccurdy.com/scripts/downloaded/localroot/freebsd/ binary for 7.2

11/30/2009 - HD on the Mythbox ! Thank you Kimball !

* Panasonic TC - P50X1 - 50" plasma panel - 720p
* VGA compatible controller: nVidia Corporation NV40 [GeForce 6800 GT] (rev a1)
* Intel(R) Pentium(R) 4 CPU 3.00GHz
* WinTV-PVR-500 MC-Kit Tuner
* MemTotal: 512572 kB


11/20/2009 - android busybox nmap G1 android port scanner ...sort of
The busybox I have on my phone does not have pscan here is one to download:
* keep it the same name and COPY to /data/local/bin
cp /sdcard/busybox /data/local/bin/
chmod 775 /data/local/bin/busybox
pscan.sh 192.168.0
http://rmccurdy.com/stuff/G1/busybox
http://rmccurdy.com/stuff/G1/pscan.sh
more android stuff : http://delicious.com/operat0r/android
* this is by no means NMAP ! still waiting for a nmap for android



11/12/2009 - UPDATED/FIXED feeds.rmccurdy.com - 30 feeds ( to be added secunia.com if I can )
http://www.securityfocus.com/rss/vulnerabilities.xml
http://seclists.org/rss/bugtraq.rss
http://seclists.org/rss/fulldisclosure.rss
http://seclists.org/rss/pen-test.rss
http://seclists.org/rss/incidents.rss
http://seclists.org/rss/dailydave.rss
http://seclists.org/rss/webappsec.rss
http://seclists.org/rss/vulnwatch.rss
http://feeds.feedburner.com/HelpNetSecurity
http://www.us-cert.gov/channels/alerts.rdf
http://www.us-cert.gov/channels/techalerts.rdf
http://www.kb.cert.org/vuls/atomfeed?OpenView&start=1&count=30
http://milw0rm.com/rss.php
http://www.net-security.org/dl/bck/vuln.rss
http://news.securitytracker.com/server/affiliate?61D319BD39309004
http://feeds.feedburner.com/darknethackers
http://feeds.feedburner.com/schneier/fulltext
http://www.professionalsecuritytesters.org/backend.php
http://www.f-secure.com/weblog/weblog.rss
http://www.gossamer-threads.com/lists/fulldisc/full-disclosure.xml
http://feeds.feedburner.com/Vitalsecurity-org
http://taosecurity.blogspot.com/feeds/posts/default
http://securityvulns.com/informer/rss.asp
http://www.vupen.com/exploits.xml
http://osvdb.org/feed/vulnerabilities/latest.rss
http://rmccurdy.com/scripts/vupen-security.rss
http://rmccurdy.com/scripts/vupen-linux.rss
http://feeds.feedburner.com/SansInstituteAtRiskAll?format=xml
http://feedity.com/rss.aspx/ath-cx/UldUWlFU
http://www.securinfos.info/english/security-advisories-alerts/security-advisories.xml




11/11/2009 - ettercap + echo www.google.com A 75.131.195.228 > etter.dns = easy rickroll
11/11/2009 - FIXED limit max number of connections in apache ${fwcmd} add 10 allow tcp from any to any 80 out via dc0 limit dst-addr 2 ( I had issues with huge number of FIN_WAIT_2 )
11/11/2009 - Server boot drive (80gig) failed clean 7.2 freebsd install !
11/11/2009 - UPDATED SNORTUPDATE.sh script fixed some of syntax errors etc ..
10/03/2009 - UPDATED the nikto_v20 and nikto_v10 files takes a webinspect > privoxy log and downloads latest nikto and combines with urls.txt a RFI list I update and converts them all to nikto 2 and nikto 1 db formats.. to be used with w3af,nikto and wikto etc .. 16339 lines 1.6 megs
09/26/2009 - G1 T-mobile Root
08/26/2009 - FIXED quickvnc.exe Fixed now only looks for established connection running winvnc.exe to fix strange issues not showing the remote host ...
08/26/2009 - FIXED OEM.EXE overwrites system and system32 ini and bmp files OEMLOGO.BMP and OEMINFO.INI
08/21/2009 - UPDATED http://tw.rmccurdy.com Script to ripp any army in MTW2 can be adapted to use in MTW/RTW etc ..
07/24/2009 - DONATE http://www.ihackcharities.org

Edited by operat0r_001

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...