Feeds:
Posts
Comments

In this tutorial, I will show you how to send email via gmail server using openssl. Before you can use telnet to do it. But since Google implement TLS-encrypted connection, you can’t do that anymore unless you upgrade your telnet with ssl capability.

OpenSSL version that I use is OpenSSL 1.0.1f 6 Jan 2014. You can check your version using command openssl version -a.
darklinux@darklinux:~$ openssl version -a OpenSSL 1.0.1f 6 Jan 2014 built on: Thu Jun 11 15:26:18 UTC 2015 platform: debian-i386 options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) blowfish(idx) compiler: cc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector –param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,–noexecstack -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: “/usr/lib/ssl” darklinux@darklinux:~$

Before we start, I will give you a prove that we can’t use telnet to connect to gmail server.
darklinux@darklinux:~$ telnet smtp.gmail.com 587
Trying 74.125.200.108…
Connected to gmail-smtp-msa.l.google.com.
Escape character is ‘^]’.
220 smtp.gmail.com ESMTP p8sm40810771pfi.34 – gsmtp
helo
250 smtp.gmail.com at your service
mail from: <taufanlinux@gmail.com>
530 5.7.0 Must issue a STARTTLS command first. p8sm40810771pfi.34 – gsmtp

darklinux@darklinux:~$ telnet smtp.gmail.com 465
Trying 74.125.68.108…
Connected to gmail-smtp-msa.l.google.com.
Escape character is ‘^]’.
helo
#####FConnection closed by foreign host.
darklinux@darklinux:~$
Continue Reading »

Desclimer:
In this tutorial, I will show you to hack Ms-windows xp. It’s for training purpose only. I’m not responsible for any misused. You will learn about, grap a screenshot of the interactive desktop target, check list running processes, capturing key strokes and get contents of SAM database.

There 2 exploit modules that I will use, ms08_067_netapi and reverse_tcp.

The ms08_067_netapi exploits a parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service. This module is capable of bypassing NX on some operating systems and service packs.

This exploit can be used also for MS windows 2000 universal and MS Windows 2003 universal, SP1 and SP2.

The reverse_tcp will inject the meterpreter server DLL via the Reflective Dll Injection payload (staged). Connect back to the attacker.

————————————————————————————————Name: MS08-067 Microsoft Server Service Relative Path Stack Corruption
Module: exploit/windows/smb/ms08_067_netapi
Platform: Windows
Privileged: Yes
License: Metasploit Framework License (BSD)
Rank: Great
Disclosed: 2008-10-28
———————————————————————————————–Name: Windows Meterpreter (Reflective Injection), Reverse TCP Stager
Module: payload/windows/meterpreter/reverse_tcp
Platform: Windows
Arch: x86
Needs Admin: No
Total size: 281
Rank: Normal

———————————————————————————————–
Continue Reading »

The purpose of this tutorial is for education only.
Before I start, I will explain about what is fake access point?

Access Point (AP) is a networking device that allows wireless devices to connect to a wired networking using WIFI.
Fake access point is a virtual access point that is created using an application but it acts like real access point. It is converted from our wireless device into access point. You can set a password, essid and channel on it.

What tools I need?
The tool is airbase-ng. It’s part of aircrack-ng package. So, you need to download the aircrack-ng first. Make sure you are connected to the Internet. Open your linux terminal and type:
$ sudo apt-get install aircrack-ng
Continue Reading »

Metasploit Framework (MSF) is a free open source penetration testing solution developed by open source community and rapid7. You can download Metasploit from http://www.metasploit.com. You can use Metasploit to collect the information and scanning the system vunerability.

Metasploit offers a GUI version and command line version.

After you download the metasploit installer, you can register your name. Make sure you get the metasploit license key first to activate the metasploit, otherwise you can’t run the application.

After all complete, now we can start the installation.
Copy the metasploit installer to /opt directory.
Set the file to be executeable using chmod.
$ sudo chmod +x metasploit-latest-linux-installer.run <enter>
then type $ sudo ./metasploit-latest-linux-installer.run <enter> to run the installer.
metasploit01
Continue Reading »

Why we still need to learn about how to create floppy disk image?
Floppy disk is only used in the old PC but we still need it for simulation in virtual machine. May be you want to collect old applications that run in old MS-DOS, learn about how old viruses work, install first generation linux, etc.. etc so you still need this image.

I will show how to create floppy image in Linux 14.04 LTS.

Step 1. Create directory in /media
Open your linux terminal, type $cd /media. Type $sudo mkdir floppy. to create the floppy directory.

————————————————————-
darklinux@darklinux:~$ cd /media
darklinux@darklinux:/media$ ls -l
total 4
drwxr-x—+ 4 root root 4096 Jan 2 15:23 darklinux
darklinux@darklinux:/media
$ sudo mkdir floppy
[sudo] password for darklinux:
darklinux@darklinux:/media$ ls -l
total 8
drwxr-x—+ 4 root root 4096 Jan 2 15:23 darklinux
drwxr-xr-x 2 root root 4096 Jan 2 15:49 floppy
darklinux@darklinux:/media$

————————————————————-

Step 2. Create floppy disk image.
Open another linux terminal or go back to home directory.
Type $ mkfs.msdos -C myfloppy.img 1440 to create the floppy image.
-myfloppy.img is the image file
-1440 is floppy size (1.44 MB)

Type $ sudo mount -o loop myfloppy.img /media/floppy/ to mount the image with the floppy directory.
Continue Reading »

Now let’s try to write simple code.
Open your Arduino IDE and type the codes below. I will not explain about the coding in this article yet. Just try it first.
This code will tell arduino to turn on and turn off the led light on arduino board or supply 5 volt to pin 13 every 1 second continuously.

———————————————————————————-
/* Program: Hello Word!!
   Code by: Taufan     */

const int pinLED = 13; // set pinLED as integer (number) with value13
void setup() {
pinMode(pinLED, OUTPUT); //set pin number 13 as Output.
}

void loop() {
digitalWrite(pinLED, HIGH); //supply voltage 5 volt via pin 13
delay(1000); //delay (keep turn on) for 1000 milli second (1 second).
digitalWrite(pinLED, LOW); //turn off the voltage at pin 13.
delay(1000); // keep turn off for 1 second
//repeat again.. (loop)
}
———————————————————————————-
After you type the codes, you verify it first or upload it to arduino board to run the program.
To verify the program, just click the ‘verify button’ with sign ‘‘. Verify mean, it only check if there is any error codes.
arduino_05
Continue Reading »

Before we start, I will explain a bit about few terminologies that you should know first.

Since Arduino is a type of a micro-controller, so what is Micro-Controller?
Micro-controller is a small computer on single integrated circuit board containing a processor core, memory and programmable input/output peripherals. Processor is the brain that do the process for all instructions given from the programmer. Memory is the temporary place to keep all instructions before processed by the processor. And programmable input/ouput mean that we can program Arduino to do something and change it with new program in the future.

What is the benefit using Arduino?
You can program arduino to control anything. From the simple one, light on an LED light to more complicated one. You can use it to monitor the temperature, wind speed, home automation (Music, TV, Fan, Pump, Lamps, water plant), check gas leaking, motion sensor, light sensor, heart beat sensor, robot etc. etc..
The limitation from the implementation arduino is your idea.

What you should know if you want to use Arduino?
You have to know at least basic C programming language and basic function of electronics like transistor, resistor, diode, relay, AC power and DC power. Because basically arduino is only supply and receive electric DC current through its pins, digital and analog. Just simple like that.

What are the types of Arduino?
First generation of manufactured Arduino is NG (new generation). NG used the Atmega8 chip running at 16MHz, 6K memory and run at 19200 baud. The next version was Diecimila with Atmega168 chip, 16MHz, 16 kilo byte (K) memory but still still run at 19200 baud.

In 2009 Duemilanove was released with Atmega328, 32K memory and run at 57600 baud. There is a good thing in this version. The power supply can be switched from USB to DC. Finally Arduino can be stand alone.

All of the above version use 2KB bootloader and FTDI (FT232RL) chip to control the USB interface. FT232RL is royalty free driver but it is only act as USB port. You can can’t use it with keyboard, mouse, MIDI etc.

In 2010, we got Uno. Uno in Italian mean ‘One’. It’s named to mark the upcoming release of Arduino 1.0. The Uno and version 1.0 will be the reference versions or Arduino. Uno still use Atmega328 but has smaller bootloader (521bytes) mean that you get another additional 1.5K free extra flash memory for programming. It also has atmega8u2 chip to replace FT232RL which allows various type USB interface. Now it runs at 115K baud. You can upload your codes in 3 seconds.

Arduino Uno board (front side)
ArduinoUnoFront

Arduino Uno board (back side)
ArduinoUnoBack
Continue Reading »

Follow

Get every new post delivered to your Inbox.

Join 83 other followers