We have talked about SlowHTTPTest in detailed here, 2 days ago Shekyan released a new version, below is summary of change log.

SlowHTTPTest 1.4 release notes:

• Added man pages as doc support
• Some bug fixes
• and now it can handle 64000 concurrent connections  OpsS!!

You can read our previous post in detail that would help you, how to compile and use it.

Download and install SlowHTTPTest latest version :

wget http://slowhttptest.googlecode.com/files/slowhttptest-1.4.tar.gz
tar -zxvf slowhttptest-1.4.tar.gz

cd slowhttptest-1.4
./configure
make
make install

Video Tutorial – How to use SlowHTTPTest?

ANTI - Android Network Toolkit – Anti is collection of network exploration tools that help you penetrate your network right away from your android phone. ANTI useful application is developed by ZImperium LTD and they say ‘ ANTI – Penetration Made easy ‘.

ANTI.apk application is divided into two parts;

• Application
• Extendable plugins

How to install ANTI APK on android phone?
I’m not sure APK is available on Android Market but you can follow below tutorial to get it installed.

This application works only on ROOTED android phones

1. Download from http://www.zimperium.com/Anti.apk using your phone browser.
2. Go to Downloads
3. Click on ANTI.Apk, authorize and install it.

How to use ANTI – Android Network Toolkit?
When you run ANTI, it will connect to your Wifi AP and create map for your network. You can select a device and scan for different services.

ZImperium offered Basic version as FREE with following limited features :

• Scanning
• OS Detection*
• Traceroute
• Port Connect
• WIFI Monitor
• HTTP Server

If you purchased paid version which categorized as Silver, Gold and Platinum you will get access to below features :

• Man-in-the-middle
• Remote Exploits
• Plugins
• Support
• Exploit Credits (For Report or Attack)

To read more about licensing, visit ZImperium LTD web.

HookWorm Stealth is an old PHP Backdoor just like c99Shell created by Justin Klein Keane as Proof of concept.

HookWorm Stealth provides less features than c99Shell but it’s activity can’t be track easily like c99Shell. it uses Cookies to leave no TRACE in Web server access log.

HookWorm Stealth PHP Backdoor Features :

• Find .htaccess
• Find open ports on remote system
• Search for writable files or directories
• and many more.

Download HookWorm Stealth from  http://www.madirish.net/sites/default/files/hookworm.php.tar.gz

When you get access of remote web server SHELL, the access log of web server will throw /index.php 200 OK status code that’s a normal good HTTP request.

To read further about HookWorm Stealth, go to the author blog

Today i extracted one archive which contained .bin and .cue files and i was unable to play them with VLC Media Player, after doing google found it is archive similar to .iso. I convert it to ISO using bchunk utility and mount it as loop back device and .

bchunk – Free utility use to convert .bin, .cue files to .iso

1. Install bchunk

On ubuntu/backtrack Linux;
aptitude install bchunk

On RHEL/CentOS Linux;
yum install bchunk

2. Convert .bin .cue to iso using bchunk

bchunk iron-lycp5etg.bin iron-lycp5etg.cue iron-lycp5etg.iso

Note : .bin file will always have .cue file in same directory plus iron-lycp5etg is a sample file.

Output :

Reading the CUE file:
Track 1: MODE1/2352 01 00:00:00
Writing tracks:

1: iron-lycp5etg01.iso 472/472 MB [********************] 100

3. Mount iron-lycp5etg01.iso

mkdir /mnt/iso
mount -o loop iron-lycp5etg01.iso /mnt/iso

Now you can find all video files under /mnt/iso/

cd /mnt/iso/
vlc filename.mov

If you have any question or suggestion, feel free to comment.

TeamViewer 6 or 7.0.9300 beta version can be run as root easily on backtrack or any Linux distribution including Ubuntu / CentOS 6 / RedHat by modifying the wrapper file which is instructed to not execute Team Viewer products as root.

When you run Teamviewer7 from console, you will get this error;

root@hackersgarage:~/Downloads# teamviewer7
TeamViewer: 7.0.9300
Profile: /root (root)
Desktop:
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 10.04.2 LTS
Release: 10.04
Codename: lucid

Error: TeamViewer must not be executed as root!

How to install Team Viewer 7 beta on backtrack5 RC1 linux?

wget http://www.teamviewer.com/download/version_7x/teamviewer_linux.deb
dpkg -i teamviewer_linux.deb

For RPM based distro CentOS/RHEL
wget http://www.teamviewer.com/download/version_7x/teamviewer_linux.rpm
rpm -ivh teamviewer_linux.rpm

Warning : Running application as root is not recommended.

FIX Team Viewer7 to run as ROOT by running below SED command :

sed -i 's/die \"T/echo \"T/g' /opt/teamviewer/teamviewer/7/bin/wrapper

DONE! Now Go to Application –> Internet –> Team Viewer 7

Find is a Linux command use for searching a file or files in a directory hierarchy. It is help full to search for a file or directory based on name, size, type and access/modified time etc and as well as can execute command on results.

Basic Syntax for Find command :

find (name/size/type/access or modified date) ..argument ..argument

Search for file ending .conf
find /etc/ -name *.conf

Search for directories ending with *conf
find /etc/ -type d -name *conf

Search for files ending with .doc and accessed in last 24 hours(or 1 day)
find /home/xyzuser/ -name *.doc -atime -1

Find files modified by minutes
Syntax : find /path/ -mmin

Find files 10 minutes ago
find /etc/ -mmin -10

Find files more then 10 minutes ago
find /etc/ -mmin +10

Find files modified between 10 to 20 minutes ago
find /etc/ -mmin +10 -mmin -20

Find files modified in past 2 days(48 hours)
find /etc/ -mtime -2

Search for files owned by xyz user
find /etc/ -type f -user xyz

Search for directories and change permission to 755
find /home/xyz.com/public_html/ -type d -exec chmod -v 755 {} \;

These are find command example used by every admin most frequently.

For further reading do
man find or man 1 find

dig – Domain Information Groper is a light weight Linux utility for querying DNS records. It is widely used to diagnose DNS servers, troubleshoot DNS servers, purge DNS Cache using external DNS server and dozen of great features it provides.

Here i am sharing quick cheat sheet of dig – DNS Lookup utility that every System/Network administrator should have print out at their desk.

In our examples, 8.8.8.8 is a Google Public DNS Server that can be use in /etc/resolv.conf

Why to use Google Public DNS ?

If you have a DNS record with high ttl e.g 3600 seconds, your local DNS server may not purge the old record from the cache. So better you use Google public DNS server to resolve it most recent update record.

You may also be interested to read about namebench – DNS benchmarking utility from Google

To set google public dns as default resolver, run below command;

NOTE : This will override your resolv.conf

echo “nameserver 8.8.8.8” > /etc/resolv.conf

Lookup different DNS records type using ‘dig’ :

Sample usage :

dig @dns-server example.com record-type

dig @8.8.8.8 hackersgarage.com A

Simple lookup :
dig hackersgarage.com

Lookup Name Servers
dig @8.8.8.8 hackersgarage.com NS

Lookup using external DNS Server.
dig @8.8.8.8 hackersgarage.com

Lookup MX record
dig @8.8.8.8 hackersgarage.com MX

Lookup CNAME record
dig @8.8.8.8 hackersgarage.com CNAME

Look TXT record (e.g will it will return SPF records, google verification methods)
dig @8.8.8.8 hackersgarage.com TXT

Linus Torvalds, the man who created Linux Kernel is well known for his funny, creative and constructive quotes. Here are the few quotes I liked.

We all know Linux is great … it does infinite loops in 5 seconds.

The only limiting factor of the Linux operating system is its user.

If Microsoft ever does applications for Linux, it means I’ve won.

A computer is like air conditioning: it becomes useless when you open Windows.

Standards are paper. I use paper to wipe my butt every day. That’s how much that paper is worth.

Friends don’t let friends use [gcc] “-W”.

Those that can, do. Those that can’t, complain.

Talk is cheap. Show me the code.

Software is like sex; it’s better when it’s free.

If you have heard latest quote in any conference or read about it – we can add it to this list. submit comment form.

FBPwn – known in community commonly as Facebook Profile dumper have released latest version last week FBPwn Beta – 0.1.7 We have already talked about it in detail. We have also shoot FBPwn video tutorial can be viewed here

In this release there are some bug fixes, it doesn’t contain new features.

Issues fixed :

• getting authenticated profile’s ID while logging in
• Friend list dumping feature.
• Adding victim’s friends.
• Profile cloning
• Image dumper

Download FBPwn Beta – 0.1.7 from

http://fbpwn.googlecode.com/files/FBPwn-beta-0.1.7.zip

BackTrack 5 Linux is world most popular penetration testing distribution it is compiled purely with Penetration testing tools. TakeScreenshot is popular image capturing application available under all Linux distribution but isn’t available under BackTrack 5.

TakeScreenShot is still available in repository in gnome-utils package, you can follow below guideline.

How to install TakeScreenShot on BackTrack 5 ?

aptitude install gnome-utils

To access application;

Applications -> Accessories -> Take Screen Shot