Linux file system hierarchy v2.0

Linux file system hierarchy v2.0 - small - blackMORE Ops

What is a file in Linux? What is file system in Linux? Where are all the configuration files? Where do I keep my downloaded applications? Is there really a filesystem standard structure in Linux? Well, the above image explains Linux file system hierarchy in a very simple and non-complex way. It's very useful when you're looking for a configuration file or a binary file. I've added some explanation and examples below, but that's TL;DR.

Read More »

How to get Public IP from Linux Terminal?

How to get Public IP from Linux Terminal - blackMORE Ops

Public addresses are assigned by InterNIC and consist of class-based network IDs or blocks of CIDR-based addresses (called CIDR blocks) that are guaranteed to be globally unique to the Internet. When the public addresses are assigned, routes are programmed into the routers of the Internet so that traffic to the assigned public addresses can reach their locations. Traffic to destination public addresses are reachable on the Internet. For example, when an organization is assigned a CIDR block in the form of a network ID and subnet mask, that [network ID, subnet mask] pair also exists as a route in the routers of the Internet. IP packets destined to an address within the CIDR block are routed to the proper destination. In this post I will show several ways to find your public IP address from Linux terminal. This though seems like a waste for normal users, but when you are in a terminal of a headless Linux server(i.e. no GUI or you're connected as a user with minimal tools). Either way, being able to get public IP from Linux terminal can be useful in many cases or it could be one of those things that might just come in handy someday.

Read More »

DoS website using slowhttptest in Kali Linux – slowloris, slow HTTP POST and slow Read attack in one tool

Attack website using slowhttptest - slowloris, slow HTTP POST and slow Read attack in one tool - blackMORE Ops - 1

SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks. It works on majority of Linux platforms, OSX and Cygwin - a Unix-like environment and command-line interface for Microsoft Windows. It implements most common low-bandwidth Application Layer DoS attacks, such as slowloris, Slow HTTP POST, Slow Read attack (based on TCP persist timer exploit) by draining concurrent connections pool, as well as Apache Range Header attack by causing very significant memory and CPU usage on the server. Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. If the server keeps too many resources busy, this creates a denial of service. This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server. Slow Read DoS attack aims the same resources as slowloris and slow POST, but instead of prolonging the request, it sends legitimate HTTP request and reads the response slowly.

Read More »

Skype bug crashes Windows, iOS and Android versions of Skype application

Skype bug crashes Windows, iOS and Android versions of Skype application - blackMORE Ops

A recent Skype bug discovered by VentureBeat can crash Skype in Windows, iOS and Android versions. All it takes is sending or receiving http://: in a message. It crashes the Windows app if you're the sender and completely kills it if it's the one receiving that string of characters. However, the iOS and the Android apps are only affected when they're the recipient, and Skype for Mac seems to be immune from the issue.

Read More »

Router Hack – How to hack ADSL router using NMAP

Remote Router Hack - Hack ADSL router using NMAP - blackMORE Ops - 1

Asynchronous digital subscriber line (DSL or ADSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connectivity to the Internet, which is often called DSL or ADSL broadband. In this guide I will show you show you how to scan IP range for connected ADSL or DSL modem routers and find DSL ADSL router hack remotely. This guide applies to Windows, Linux or Mac, so it doesn’t matter what’s your Operating system is, you can try the same steps from all these operating systems. The term DSL or ADSL modem is technically used to describe a modem which connects to a single computer, through a USB port or is installed in a computer PCI slot. The more common DSL or ADSL router which combines the function of a DSL or ADSL modem and a home router, is a standalone device which can be connected to multiple computers through multiple Ethernet ports or an integral wireless access point. Also called a residential gateway, a DSL or ADSL router usually manages the connection and sharing of the DSL or ADSL service in a home or small office network.

Read More »

How to create a Bot Net legally? Put that in your ToS, that’s how!

How to create a Bot Net legally - blackMORE Ops

This is a #rant post, TL'DR. In summary, you can just create a Chrome, Firefox, iOS, Android extension/plugin/app for free, let it grow bigger overtime and then just sell idle users bandwidth to Bot Net for profit. And you just put that somewhere in your looong ToS that everyone just presses "I Agree, get it over with and let me use the service already".

Read More »

DoS website in Kali Linux using GoldenEye

DoS website in Kali Linux using GoldenEye - blackMORE Ops

This tool was designed smartly so that any server would think there are all different users trying to browse from a single IP(maybe a Proxy IP from a large organization?) with different browser (Firefox, Chrome, MSIE, Safari etc.), different Operating Systems (Mac, Linux, Windows etc.) and they even arrived via different referrer. Well, maybe the requested URL was incorrect, but a normal Web Server would either allow it, redirect it to an error page with all while the connection being left open (i.e. Apache worker/socket). A standard web server usually allows X number of concurrent users from the same IP, and with that many open connection/used socket, this type of attack puts a heavy pressure on the server and any subsequent users gets an error (HTTP 503 or similar). So the attacker with a few random proxy/VPN, can exhaust server resources quickly.

Read More »