Fork me on GitHub





четвъртък, 22 декември 2016 г.

неделя, 11 декември 2016 г.

Fldbg, a Pykd script to debug FlashPlayer




New "grub.cfg" for ID=kali VERSION="2016.2"





Fix the grub2 after the last update in Kali LInux!
NOTE: The red part of code must be removed, but you have to do this manually in your grub.cfg file =).
This is because the kernel Linux 4.6.0 is not using anymore from Kali Linux
Have fun with nu11secur1ty =)


EXAMPLE:



 #  
 # DO NOT EDIT THIS FILE  
 #  
 # It is automatically generated by grub-mkconfig using templates  
 # from /etc/grub.d and settings from /etc/default/grub  
 #  
 ### BEGIN /etc/grub.d/00_header ###  
 if [ -s $prefix/grubenv ]; then  
  set have_grubenv=true  
  load_env  
 fi  
 if [ "${next_entry}" ] ; then  
   set default="${next_entry}"  
   set next_entry=  
   save_env next_entry  
   set boot_once=true  
 else  
   set default="0"  
 fi  
 if [ x"${feature_menuentry_id}" = xy ]; then  
  menuentry_id_option="--id"  
 else  
  menuentry_id_option=""  
 fi  
 export menuentry_id_option  
 if [ "${prev_saved_entry}" ]; then  
  set saved_entry="${prev_saved_entry}"  
  save_env saved_entry  
  set prev_saved_entry=  
  save_env prev_saved_entry  
  set boot_once=true  
 fi  
 function savedefault {  
  if [ -z "${boot_once}" ]; then  
   saved_entry="${chosen}"  
   save_env saved_entry  
  fi  
 }  
 function load_video {  
  if [ x$feature_all_video_module = xy ]; then  
   insmod all_video  
  else  
   insmod efi_gop  
   insmod efi_uga  
   insmod ieee1275_fb  
   insmod vbe  
   insmod vga  
   insmod video_bochs  
   insmod video_cirrus  
  fi  
 }  
 if [ x$feature_default_font_path = xy ] ; then  
   font=unicode  
 else  
 insmod part_msdos  
 insmod lvm  
 insmod ext2  
 set root='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC'  
 if [ x$feature_platform_search_hint = xy ]; then  
  search --no-floppy --fs-uuid --set=root --hint='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC' 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
 else  
  search --no-floppy --fs-uuid --set=root 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
 fi  
   font="/usr/share/grub/unicode.pf2"  
 fi  
 if loadfont $font ; then  
  set gfxmode=auto  
  load_video  
  insmod gfxterm  
  set locale_dir=$prefix/locale  
  set lang=en_US  
  insmod gettext  
 fi  
 terminal_output gfxterm  
 if [ "${recordfail}" = 1 ] ; then  
  set timeout=30  
 else  
  if [ x$feature_timeout_style = xy ] ; then  
   set timeout_style=menu  
   set timeout=5  
  # Fallback normal timeout code in case the timeout_style feature is  
  # unavailable.  
  else  
   set timeout=5  
  fi  
 fi  
 ### END /etc/grub.d/00_header ###  
 ### BEGIN /etc/grub.d/05_debian_theme ###  
 insmod part_msdos  
 insmod lvm  
 insmod ext2  
 set root='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC'  
 if [ x$feature_platform_search_hint = xy ]; then  
  search --no-floppy --fs-uuid --set=root --hint='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC' 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
 else  
  search --no-floppy --fs-uuid --set=root 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
 fi  
 insmod png  
 if background_image /usr/share/images/desktop-base/kali-grub.png; then  
  set color_normal=white/black  
  set color_highlight=black/white  
 else  
  set menu_color_normal=cyan/blue  
  set menu_color_highlight=white/blue  
 fi  
 ### END /etc/grub.d/05_debian_theme ###  
 ### BEGIN /etc/grub.d/10_linux ###  
 function gfxmode {  
      set gfxpayload="${1}"  
 }  
 set linux_gfx_mode=  
 export linux_gfx_mode  
 menuentry 'Kali GNU/Linux' --class kali --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-65386b67-89ff-4ffc-ac9a-f21a1880c71a' {  
      load_video  
      insmod gzio  
      if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi  
      insmod part_msdos  
      insmod lvm  
      insmod ext2  
      set root='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC'  
      if [ x$feature_platform_search_hint = xy ]; then  
       search --no-floppy --fs-uuid --set=root --hint='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC' 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
      else  
       search --no-floppy --fs-uuid --set=root 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
      fi  
      echo     'Loading Linux 4.8.0-kali1-amd64 ...'  
      linux     /boot/vmlinuz-4.8.0-kali1-amd64 root=/dev/mapper/vg_nu11secur1ty_kali-lv_root_kali ro initrd=/install/gtk/initrd.gz quiet  
      echo     'Loading initial ramdisk ...'  
      initrd     /boot/initrd.img-4.8.0-kali1-amd64  
 }  
 submenu 'Advanced options for Kali GNU/Linux' $menuentry_id_option 'gnulinux-advanced-65386b67-89ff-4ffc-ac9a-f21a1880c71a' {  
      menuentry 'Kali GNU/Linux, with Linux 4.8.0-kali1-amd64' --class kali --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-4.8.0-kali1-amd64-advanced-65386b67-89ff-4ffc-ac9a-f21a1880c71a' {  
           load_video  
           insmod gzio  
           if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi  
           insmod part_msdos  
           insmod lvm  
           insmod ext2  
           set root='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC'  
           if [ x$feature_platform_search_hint = xy ]; then  
            search --no-floppy --fs-uuid --set=root --hint='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC' 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           else  
            search --no-floppy --fs-uuid --set=root 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           fi  
           echo     'Loading Linux 4.8.0-kali1-amd64 ...'  
           linux     /boot/vmlinuz-4.8.0-kali1-amd64 root=/dev/mapper/vg_nu11secur1ty_kali-lv_root_kali ro initrd=/install/gtk/initrd.gz quiet  
           echo     'Loading initial ramdisk ...'  
           initrd     /boot/initrd.img-4.8.0-kali1-amd64  
      }  
      menuentry 'Kali GNU/Linux, with Linux 4.8.0-kali1-amd64 (recovery mode)' --class kali --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-4.8.0-kali1-amd64-recovery-65386b67-89ff-4ffc-ac9a-f21a1880c71a' {  
           load_video  
           insmod gzio  
           if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi  
           insmod part_msdos  
           insmod lvm  
           insmod ext2  
           set root='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC'  
           if [ x$feature_platform_search_hint = xy ]; then  
            search --no-floppy --fs-uuid --set=root --hint='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC' 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           else  
            search --no-floppy --fs-uuid --set=root 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           fi  
           echo     'Loading Linux 4.8.0-kali1-amd64 ...'  
           linux     /boot/vmlinuz-4.8.0-kali1-amd64 root=/dev/mapper/vg_nu11secur1ty_kali-lv_root_kali ro single initrd=/install/gtk/initrd.gz  
           echo     'Loading initial ramdisk ...'  
           initrd     /boot/initrd.img-4.8.0-kali1-amd64  
      } 

 
menuentry 'Kali GNU/Linux, with Linux 4.6.0-kali1-amd64' --class kali --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-4.6.0-kali1-amd64-advanced-65386b67-89ff-4ffc-ac9a-f21a1880c71a' {  
           load_video  
           insmod gzio  
           if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi  
           insmod part_msdos  
           insmod lvm  
           insmod ext2  
           set root='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC'  
           if [ x$feature_platform_search_hint = xy ]; then  
            search --no-floppy --fs-uuid --set=root --hint='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC' 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           else  
            search --no-floppy --fs-uuid --set=root 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           fi  
           echo     'Loading Linux 4.6.0-kali1-amd64 ...'  
           linux     /boot/vmlinuz-4.6.0-kali1-amd64 root=/dev/mapper/vg_nu11secur1ty_kali-lv_root_kali ro initrd=/install/gtk/initrd.gz quiet  
           echo     'Loading initial ramdisk ...'  
           initrd     /boot/initrd.img-4.6.0-kali1-amd64  
      }  
      menuentry 'Kali GNU/Linux, with Linux 4.6.0-kali1-amd64 (recovery mode)' --class kali --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-4.6.0-kali1-amd64-recovery-65386b67-89ff-4ffc-ac9a-f21a1880c71a' {  
           load_video  
           insmod gzio  
           if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi  
           insmod part_msdos  
           insmod lvm  
           insmod ext2  
           set root='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC'  
           if [ x$feature_platform_search_hint = xy ]; then  
            search --no-floppy --fs-uuid --set=root --hint='lvmid/5DoFVj-0rG5-NzM1-DOPh-lqJI-CcVw-976rEI/D7pgPs-6Z4D-nO5W-C411-SNeF-rsol-jCLatC' 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           else  
            search --no-floppy --fs-uuid --set=root 65386b67-89ff-4ffc-ac9a-f21a1880c71a  
           fi  
           echo     'Loading Linux 4.6.0-kali1-amd64 ...'  
           linux     /boot/vmlinuz-4.6.0-kali1-amd64 root=/dev/mapper/vg_nu11secur1ty_kali-lv_root_kali ro single initrd=/install/gtk/initrd.gz  
           echo     'Loading initial ramdisk ...'  
           initrd     /boot/initrd.img-4.6.0-kali1-amd64

      }  

 }  
 ### END /etc/grub.d/10_linux ###  
 ### BEGIN /etc/grub.d/20_linux_xen ###  
 ### END /etc/grub.d/20_linux_xen ###  
 ### BEGIN /etc/grub.d/30_os-prober ###  
 ### YOUR OTHER OS MUST BE HERE: =)  
 ### END /etc/grub.d/30_os-prober ###  
 ### BEGIN /etc/grub.d/30_uefi-firmware ###  
 ### END /etc/grub.d/30_uefi-firmware ###  
 ### BEGIN /etc/grub.d/40_custom ###  
 # This file provides an easy way to add custom menu entries. Simply type the  
 # menu entries you want to add after this comment. Be careful not to change  
 # the 'exec tail' line above.  
 ### END /etc/grub.d/40_custom ###  
 ### BEGIN /etc/grub.d/41_custom ###  
 if [ -f ${config_directory}/custom.cfg ]; then  
  source ${config_directory}/custom.cfg  
 elif [ -z "${config_directory}" -a -f $prefix/custom.cfg ]; then  
  source $prefix/custom.cfg;  
 fi  
 ### END /etc/grub.d/41_custom ###  

четвъртък, 24 ноември 2016 г.

Limits Connections Per IP




How do I restrict the number of connections used by a single IP address to my server for port 80 and 25 using iptables? You need to use the connlimit modules which allows you to restrict the number of parallel TCP connections to a server per client IP address (or address block).
This is useful to protect your server or vps box against flooding, spamming or content scraping. Syntax

The syntax is as follows:

 /sbin/iptables -A INPUT -p tcp --syn --dport $port -m connlimit --connlimit-above N -j REJECT --reject-with tcp-reset  
 # save the changes see iptables-save man page, the following is redhat and friends specific command  
 service iptables save  


Example: Limit SSH Connections Per IP / Host

Only allow 3 ssg connections per client host:
 /sbin/iptables -A INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 3 -j REJECT  
 # save the changes see iptables-save man page, the following is redhat and friends specific command  
 service iptables save  


Example: Limit HTTP Connections Per IP / Host

Only allow 20 http connections per IP (MaxClients is set to 60 in httpd.conf):
 WARNING! Please note that large proxy servers may legitimately create a large number of connections to your server. You can skip those ips using ! syntax  


 /sbin/iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 -j REJECT --reject-with tcp-reset  
 # save the changes see iptables-save man page, the following is redhat and friends specific command  
 service iptables save  


Skip proxy server IP 1.2.3.4 from this kind of limitations:
 /sbin/iptables -A INPUT -p tcp --syn --dport 80 -d ! 1.2.3.4 -m connlimit --connlimit-above 20 -j REJECT --reject-with tcp-reset  


Example: Class C Limitations

In this example, limit the parallel http requests to 20 per class C sized network (24 bit netmask)
 /sbin/iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 --connlimit-mask 24 -j REJECT --reject-with tcp-reset  
 # save the changes see iptables-save man page  
 service iptables save  


Example: Limit Connections Per Second

The following example will drop incoming connections if IP make more than 10 connection attempts to port 80 within 100 seconds (add rules to your iptables shell script)
 #!/bin/bash  
 IPT=/sbin/iptables   
 # Max connection in seconds  
 SECONDS=100  
 # Max connections per IP  
 BLOCKCOUNT=10  
 # ....  
 # ..  
 # default action can be DROP or REJECT  
 DACTION="DROP"  
 $IPT -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set  
 $IPT -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds ${SECONDS} --hitcount ${BLOCKCOUNT} -j ${DACTION}  
 # ....  
 # ..  


How Do I Test My Firewall Working?
Use the following shell script to connect to your web server hosted at 202.1.2.3:

 #!/bin/bash  
 ip="202.1.2.3"  
 port="80"  
 for i in {1..100}   
 do  
  # do nothing just connect and exit  
  echo "exit" | nc ${ip} ${port};  
 done  


сряда, 23 ноември 2016 г.

Compile and install kernel on CentOs 6.8





How to
 1. yum groupinstall "Development Tools"  
   yum install ncurses-devel  
 2. Download kernel 4.1.1 to /usr/src/  
 3. cd /usr/src/  
 4. tar -Jxvf linux-4.1.1.tar.xz  
 5. cd /usr/src/linux-4.1.1....  
 6. make help       - RECOMMENDED: if you want to see what you can you do!  
 7. make mrproper     - Cleaning and check dependencies  
 8. make menuconfig    - WARNING: This is for advanced users! Make your own setup if you want, and follow the menu to save and exit!  
 9. make bzImage      - compile the bzImage kernel  
 10. make modules     - compile the modules  
 11. make modules_install - install of already compiled modules  
 12. make install     - install of all dependencies to already compiled kernel   
NOTE: You have to modify your grub conf if you use dual boot, and then you can use your new kernel!