August, 2015

  • 4 August

    How to disable IPv6 in Linux?

    How to disable IPv6 in Linux - blackMORE Ops - 1 300px

    The entire world is moving towards IPv6, although it’s happening too slowly. IPv6 is necessary to replace IPv4 — we’re running out of IPv4 addresses and IPv6 is the solution. In that context, the last method of setting preferences (Without disabling IPv6 - setting IPv4 as preferred over IPv6) is better. There’s a good chance you don’t actually need IPv6 on your network — unless you rely on Windows Homegroup or similar features — so it may not be particularly harmful to remove if if you know what you’re doing. However, you won’t see a speed improvement from clinging to IPv4 unless there are serious problems with your Internet service provider’s network or your home network. The moral is, if you notice that IPv6 needs fixing, fix it today rather than postponing until tomorrow. We live in the early days of mass deployment of IPv6, and we need to work together to untangle the implementation quirks that arise. The list of fixes above represents only a small sampling of potential issues. You can always seek help Online at any number of reputable IPv6 discussion forums. Use network misbehavior as an opportunity to learn about and improve the state of IPv6 internetworking and resist any temptations to disable the protocol.

    Read More »

July, 2015

  • 30 July

    Complete solution for online privacy with own private OpenSSH, OpenVPN and VNC server

    Complete solution for online privacy with own private OpenSSH, OpenVPN and VNC server - blackMORE Ops

    While there are publicly available VPN and SSH servers available – some free and some not – on the Internet, anyone who has tried to use them has discovered that they are not as reliable as they had hoped them to be: Difficulty in connecting, and very poor performance are common. Many people feel that the servers should not maintain logs; something that is difficult to find without paying a monthly or annual fee -- which, if you think about it, takes away your anonymity because now they have a record of their sales transaction. The best possible solution for this situation is to set up a private SSH and VPN server on your home network and use them when you are out on the road or overseas: You won't have logs to worry about, it is always available and totally exclusive to you; which means that your performance should be outstanding! And, all of your traffic transverses an encrypted channel which makes it virtually immune to hacking and prying eyes.

    Read More »
  • 30 July

    Issues with setoolkit or Social-Engineer Toolkit (SET)

    Query: Issues with setoolkit or Social-Engineer Toolkit (SET)

    Following query was sent to me by Nathan about some issues with setoolkit. Fri, Jul 24, 2015 at 1:40 PM Name: Nathan Comment: I need help with setoolkit. Specifically phishing and site cloning. I did everything I should have, it works on my LAN. but when I send the link ...

    Read More »
  • 15 July

    Download Hacking Team Database from torrent using magnet link

    Download Hacking Team Database from torrent using magnet link - blackMORE Ops 400px

    On July 5, 2015, the Twitter account of the Italian security company Hacking Team was compromised by an unknown individual who published an announcement of a data breach against Hacking Team's computer systems. The initial message read, "Since we have nothing to hide, we're publishing all our e-mails, files, and source code …" and provided links to over 400 gigabytes of data, including alleged internal e-mails, invoices, and source code; which were leaked via BitTorrent and Mega. An announcement of the data breach, including a link to the bittorrent seed, was retweeted by WikiLeaks and by many others through social media. The leaked data revealed a zero-day cross-platform Flash exploit (CVE number CVE-2015-5119). The dump included a demo of this exploit by opening Calculator from a test webpage. Adobe patched the hole on July 8, 2015. Another vulnerability involving Adobe was revealed in the dumps, which took advantage of a buffer overflow attack on an Adobe Open Type Manager DLL included with Microsoft Windows. The DLL is run in kernel mode, so the attack could perform privilege escalation to bypass the sandbox. This post contains a torrent/magnet link to download Hacking Team database. It also contains another link to download selective files in case you don't want to download whole of 400gb Hacking Team Database from torrent.

    Read More »
  • 10 July

    Use different wallpapers on multiple monitors in Linux

    Using different wallpapers on multiple monitors in Linux - blackMORE Ops -9

    I have a dual-monitor setup and I am trying to use use different wallpapers on multiple monitors in Linux. What I want is simply to have a different background on each of the two monitors. Most of the solutions I Googled were about Ubuntu and about virtual desktops (aka workspaces). I only use one workspace, but two monitors, i.e. my laptop and a monitor attached via VGA cable. As you can see from the screen-shot below, I finally managed to find a good solution to use different wallpapers on multiple monitors in Linux (well it seems to be working for an unlimited number of Monitors)

    Read More »

June, 2015

  • 18 June

    Linux file system hierarchy v2.0

    Linux file system hierarchy v2.0 - small - blackMORE Ops

    What is a file in Linux? What is file system in Linux? Where are all the configuration files? Where do I keep my downloaded applications? Is there really a filesystem standard structure in Linux? Well, the above image explains Linux file system hierarchy in a very simple and non-complex way. It's very useful when you're looking for a configuration file or a binary file. I've added some explanation and examples below, but that's TL;DR.

    Read More »
  • 14 June

    How to get Public IP from Linux Terminal?

    How to get Public IP from Linux Terminal - blackMORE Ops

    Public addresses are assigned by InterNIC and consist of class-based network IDs or blocks of CIDR-based addresses (called CIDR blocks) that are guaranteed to be globally unique to the Internet. When the public addresses are assigned, routes are programmed into the routers of the Internet so that traffic to the assigned public addresses can reach their locations. Traffic to destination public addresses are reachable on the Internet. For example, when an organization is assigned a CIDR block in the form of a network ID and subnet mask, that [network ID, subnet mask] pair also exists as a route in the routers of the Internet. IP packets destined to an address within the CIDR block are routed to the proper destination. In this post I will show several ways to find your public IP address from Linux terminal. This though seems like a waste for normal users, but when you are in a terminal of a headless Linux server(i.e. no GUI or you're connected as a user with minimal tools). Either way, being able to get public IP from Linux terminal can be useful in many cases or it could be one of those things that might just come in handy someday.

    Read More »
  • 7 June

    DoS website using slowhttptest in Kali Linux – slowloris, slow HTTP POST and slow Read attack in one tool

    Attack website using slowhttptest - slowloris, slow HTTP POST and slow Read attack in one tool - blackMORE Ops - 1

    SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks. It works on majority of Linux platforms, OSX and Cygwin - a Unix-like environment and command-line interface for Microsoft Windows. It implements most common low-bandwidth Application Layer DoS attacks, such as slowloris, Slow HTTP POST, Slow Read attack (based on TCP persist timer exploit) by draining concurrent connections pool, as well as Apache Range Header attack by causing very significant memory and CPU usage on the server. Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. If the server keeps too many resources busy, this creates a denial of service. This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server. Slow Read DoS attack aims the same resources as slowloris and slow POST, but instead of prolonging the request, it sends legitimate HTTP request and reads the response slowly.

    Read More »
  • 4 June

    Skype bug crashes Windows, iOS and Android versions of Skype application

    Skype bug crashes Windows, iOS and Android versions of Skype application - blackMORE Ops

    A recent Skype bug discovered by VentureBeat can crash Skype in Windows, iOS and Android versions. All it takes is sending or receiving http://: in a message. It crashes the Windows app if you're the sender and completely kills it if it's the one receiving that string of characters. However, the iOS and the Android apps are only affected when they're the recipient, and Skype for Mac seems to be immune from the issue.

    Read More »
  • 2 June

    Router Hack – How to hack ADSL router using NMAP

    Remote Router Hack - Hack ADSL router using NMAP - blackMORE Ops - 1

    Asynchronous digital subscriber line (DSL or ADSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connectivity to the Internet, which is often called DSL or ADSL broadband. In this guide I will show you show you how to scan IP range for connected ADSL or DSL modem routers and find DSL ADSL router hack remotely. This guide applies to Windows, Linux or Mac, so it doesn’t matter what’s your Operating system is, you can try the same steps from all these operating systems. The term DSL or ADSL modem is technically used to describe a modem which connects to a single computer, through a USB port or is installed in a computer PCI slot. The more common DSL or ADSL router which combines the function of a DSL or ADSL modem and a home router, is a standalone device which can be connected to multiple computers through multiple Ethernet ports or an integral wireless access point. Also called a residential gateway, a DSL or ADSL router usually manages the connection and sharing of the DSL or ADSL service in a home or small office network.

    Read More »
  • 1 June

    How to create a Bot Net legally? Put that in your ToS, that’s how!

    How to create a Bot Net legally - blackMORE Ops

    This is a #rant post, TL'DR. In summary, you can just create a Chrome, Firefox, iOS, Android extension/plugin/app for free, let it grow bigger overtime and then just sell idle users bandwidth to Bot Net for profit. And you just put that somewhere in your looong ToS that everyone just presses "I Agree, get it over with and let me use the service already".

    Read More »

May, 2015

  • 18 May

    DoS website in Kali Linux using GoldenEye

    DoS website in Kali Linux using GoldenEye - blackMORE Ops

    This tool was designed smartly so that any server would think there are all different users trying to browse from a single IP(maybe a Proxy IP from a large organization?) with different browser (Firefox, Chrome, MSIE, Safari etc.), different Operating Systems (Mac, Linux, Windows etc.) and they even arrived via different referrer. Well, maybe the requested URL was incorrect, but a normal Web Server would either allow it, redirect it to an error page with all while the connection being left open (i.e. Apache worker/socket). A standard web server usually allows X number of concurrent users from the same IP, and with that many open connection/used socket, this type of attack puts a heavy pressure on the server and any subsequent users gets an error (HTTP 503 or similar). So the attacker with a few random proxy/VPN, can exhaust server resources quickly.

    Read More »
  • 12 May

    Generating self-signed x509 certificate with 2048-bit key and sign with sha256 hash using OpenSSL

    Generating self-signed x509 certificate with 2048-bit key and sha256 hash using OpenSSL - blackMORE Ops - Featured Image

    With Google, Microsoft and every major technological giants sunsetting sha-1 due to it’s vulnerability, sha256 is the new standard. It seems to be an issue almost all Infrastructure Administrators are facing right now. Those who are using managed PKI console, it’s very easy and straight forward and the signing authority such a Symantec/Verisign or GoDaddy will take care of the signature hash. Users just select if they want to use sha1, sha256 and so on. But for those who have a test infrastructure where you are using self signed SSL/TLS certificate, they need to generate and or replace all their existing certificates with self-signed x509 certificate with 2048-bit key and sign with sha256 hash using OpenSSL. Generating a 2048-bit public key x509 certificate with sha256 digest algorithm is not very tough. But OpenSSL help menu can be confusing. This post would help anyone who had to walk that path of upgrading sha1 or issuing a new self-signed x509 certificate with 2048-bit key and sign with sha256 hash.

    Read More »
  • 7 May

    Encrypting and decrypting files with password in Linux

    Encrypting Decrypting files with password in Linux - blackMORE Ops - 3

    Sometimes you need to send a file containing sensitive information across to someone over internet and you started thinking, "Gee, I've got some pretty sensitive information in the file. How can I send it securely?" There are many ways to send encrypted files. A good way for encrypting files is using a long password with GPG or GNU Privacy Guard (GnuPG or GPG) tool. GnuPG does have real life usage and in many cases it was used in both legal and illegal activities. I won't go in to discuss about the legality of the usage, but if you are ever in the need of sending and transferring a file that requires encryption, then GnuPG or GPG is definitely a worthy tool to consider for encrypting files in Linux, Unix, Windows or any known platforms.

    Read More »
  • 6 May

    Three effective solutions for Google Analytics Referral spam

    Three effective solutions for Google Analytics Referral spam - blackMORE Ops - 5

    I opened my Analytics account yesterday cause I saw 25% traffic increase from Facebook, Twitter and many random sources and 83% increase on the root ("/") of the server. Well, 25% is nothing, it can happen due to a post going viral. But this wasn't the case this time as 83% increase was specific to the root ("/") of the server It seems, our 'beloved' 'Vitaly Popov' has started a new stream of referral spam. He's got more crafty as I predicted in my original post. He's now actually using Facebook, Twitter as referrals including some new domains.

    Read More »