Category Archives: Hacking & Forensics

Connect to Onion IRC with Tails OS

Onion IRC is a education channel under #opNewBlood for Information Security education. The online course is available via IRC channel only on TOR which takes awhile to setup. Luckily we have a ready to use system Tails OS which can help us to on the IRC channel in a minute.

https://twitter.com/onionirc

Tails OS is a packaged Linux that aims at preserving your privacy and anonymity. You can download the ISO here.

https://tails.boum.org/

I use Virtual Box to build a VM, boot from the ISO image and then start connect to the IRC channel with Pidgin.

VirtualBox_KaliLinux_23_05_2016_16_02_14

VirtualBox_KaliLinux_23_05_2016_16_02_58

PS. My firewall doesn’t allow spoofing MAC Address, I cannot spoof it here.

Open Pidgin

VirtualBox_KaliLinux_23_05_2016_16_08_38

VirtualBox_KaliLinux_23_05_2016_16_18_44

onionirchubx5363.onion:6667

Type /list to list a list of chatrooms

#school4lulz , #main and #learninghub are popular channels.

VirtualBox_KaliLinux_23_05_2016_16_21_35

You are done!

WebGoat – A Security Tutorial

WebGoat is a project by OWASP that uses as lessons for developers to understand common security loop hole.

There is two ways of running that. The first one is simply downloading the bundled WAR file, and it can be run with this command

java -jar webgoat-container-7.0.1-war-exec.jar

The other way is checking out the source code, and run with your favorite IDE. In my case I use IntelliJ

Basically the folder structure is as followed.

WebGoatWS
- WebGoat
- - webgoat-container 
- WebGoat-Lessons

Both WebGoat and WebGoat-Lessons are git repository. They require Maven to run. To run it locally, We need to download the WebGoat and WebGoat-Lessons.

mkdir WebGoatWS
cd WebGoatWS
git clone https://github.com/WebGoat/WebGoat.git
git clone https://github.com/WebGoat/WebGoat-Lessons.git

And then create a Workspace in IntelliJ in WebGoatWS level.

After that, we have to create three maven profile. The equivalent in command line is as followed

cd WebGoat 
mvn install
cd WebGoat-Lessons 
mvn install

After compiling both projects, we need to copy the lessons JARs from WebGoat-Lessons to WebGoat

cp WebGoat-Lesson/target/plugins/*.jar WebGoat/webgoat-container/src/main/webapp/plugin_lessons/

Finally, the app can be started with the following command.

cd WebGoat/webgoat-container
mvn tomcat7:run-war

We can access the App with http://localhost:8080/WebGoat/

DNS Resolve over TOR

DNS leak is quite a significant issue to complete anonymous yourself on TOR.

The idea is simple, since TOR doesn’t support UDP, if you are attacking a machine over TOR, you are running the risk that you query the DNS with your real IP while attacking the machine over TOR. A simple time base mapping between the DNS and your server log can identify your real IP. It is really so risky.

Luckily TOR has a Tor-resolve comes to secure.

http://linux.die.net/man/1/tor-resolve

We need to add the following lines in /etc/tor/torrc

DNSPort 53
AutomapHostsOnResolve 1

Next, we have to config the Linux to use 127.0.0.1 port 53 as the DNS Server instead of the one applied by DHCP in /etc/resolv.conf

nameserver localhost

Set the Firefox to use this DNS instead of the client default one

open about:config set network.proxy.socks_remote_dns to true.

Computer and Hacking Forensics By cybrary.it

I have recently found a good forensics tutorial online. It is provided by a startup focusing on security and hacking related tutorial. The course link is here

The course is good in the sense that it covers the current US law and some common utilities for a forensics beginner.

It has 15 chapters altogether, the title is as followed. I try to put down the software it describes as well for my own reference later on.

  1. Module 1 – Modern Forensics
  2. Module 2 – Investigative Process

  3. Module 3 – Searching and Seizing
  4. Module 4 – Digital Evidence
  5. Module 5 – First Responder

    • chkdisk: Windows Program to fix HDD problem, usually uses as chkdisk /f
    • Hex Workshop: Hex editors $89.95
  6. Module 6 – Computer Forensics Labs

    • FileMerlin: File Converters for different format. $95
    • FileViewer: A quick viewer for MANY file format, it is FREE
    • Paraben P2 Explorer: Tools for mounting drive and extract information, FREE for limited functions
  7. Module 7 – Hard Disks and File Systems

  8. Module 8 – Windows Forensics

    • Kdirstat / WinDirStat: Tools to visualize disk usage
    • PSLoggedOn: Windows tools to determine logon on remote computers
    • Regedit & Regedt32: Windows Tool to view and edit registry
    • Total Commander: Classic multi-windows multi-function file explorer
  9. Module 9 – Data Acquisition

    • Autospy Sleuthkit: Comprehensive forensic tools
    • DiskExplorer: Direct disk editor
    • FTK Imager: Extract memory, even after the program is closed
    • ListDLLs: ListDLLs is a utility that reports the DLLs loaded into processes
    • PMDump: PMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process.
    • PromiscDetect: PromiscDetect checks if your network adapter(s) is running in promiscuous mode
    • Runtime Disk Explorer NTFS: Low level FS Scanner and Tool kit
  10. Module 10 – Recovering and Deleting Files

  11. Module 11 – Access Data

    • Access Data FTK: Integrated tools for 1st level computer scanning to locate suspicious files
  12. Module 12 – Image Files
  13. Module 13 – Steganography

    • Mp3Stegz: Tools to encrypt something inside a MP3 files without change the sound and filesize
    • QuickStego: Hide message in a Picture
    • XnView: Quick Image viewer
  14. Module 14 – Application Password Checkers

    • Cain & Abel: Comprehensive vulunbility scanner and password crackers
    • PasswordPro: A Password Manager, FREE
    • SAM Inside: Windows credential crackers
    • Ophcrack: Open source tools to crack Windows Password, with LiveCD version
  15. Module 15 – Log Capturing and Event Correlation