Nginx is an open source fast performing web server and is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption”. Nginx has two versions one of which is open source while other (Nginx Plus) is available with paid support. I have used the open version for all my testing. Instead of writing multiple posts I have combined all that I have learned in this long post.
Offensive Security has several good certifications and most of them are top-notch which will make you go crazy and presents challenges at every step. Out of the box thinking is what their certifications are all about. They also have a certification for pen testing wireless networks called Offensive Security Wireless Professional (OSWP).
By Default at least on Mac OS X Snow Leopard, OpenSSL is not configured to use the trusted root certificates. In order to get that working we can follow up instructions from this blog. However, the Gandi root/intermediate certificate thats being used by XChat Azure by default is not being added to Keychain Access of Mac OS X. If we try to enable SSL on XChat Azure it will fail with
Connection failed. Error: certificate not trusted.? (27) error message.
Its been a while since I worked on this but I have made some progress in last few days. I have added the SYN scan functionality and also added couple of lines of code to reduce the output on the terminal when the programme is executed. I will explain those at the end of this post.
In this script I have defined 2 functions “synscan” and “synscan2”to provide ability to specify port range as well as specific ports to be scanned.
There are several ways to authenticate Linux servers against Microsoft Active Directory such as Samba/Winbind, Centrify, etc. During my research I came across another tool called Power Broker Identity Service (PBIS) by Beyond Trust. Beyond Trust took over a company previously known as Likewise Open and rebranded it as PBIS Open. They have released Enterprise and Community edition of PBIS. I am using Open Source edition for active directory bridging.
Scapy is a very powerful API that can be used to “easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery” and more can be read here. I have decided to put all together with the help of Python and create a program that can be used to enumerate any network.
This will obviously require some time so I have planned to complete the project in phases. In this initial commit I have created couple of modules that will do the ICMP ping and ARP ping.
This script is very generic and can be used anywhere to send an authenticated email. The email is also secure because it creates a
STARTTLS session making sure no one can snoop in (except NSA I guess). Also it has a logging capability which logs errors and exceptions in
/var/log/syslog but then the script has to be executed with root privileges. Obviously this can be changed and logging can be enabled in any other file if running as a root in not an option. Script is pretty much self explanatory but feel free to ask if you have any questions.
I have written scripts that can download files from regular FTP (unencrypted) sites using BASH and/or Python. This always left me wondering how would I do same thing if it was a SFTP (FTP via SSH) site. Since recently I bought couple of VPS (virtual private servers) so decided to set my own SFTP server and give this a shot. After lots of researching and reading I was able to download successfully from a SFTP site. I used Python’s Paramiko module to connect to server and retrieve files.
I have uploaded it to my github and sharing here as well. Feel free to modify and share it. Please let me know if something is not clear and I will be happy to assist.
There are number of blog posts about the Offensive Security Certified Professional (OSCP) challenge but why I am writing another one? Because I had many sleepless nights, completed the daunting 24 hour challenge and above all
I TRIED HARDER. I earned it!
Following is the script that can be used to upload a file to a secure ftp (SFTP) when there is a limitation of sharing ssh keys and it is okay to pass the password in the script. With above in mind additional package SSHPASS needs to be installed. SSHPASS is in the Fedora repo however it can be installed on CentOS 5.x x86_64:
1 2 3
Once everything is OK following script can be used: