WIKISECURE BLOGS

Folks,
Here is a sample script which can be used to fetch remote BIND DNS Version by crafting your own DNS structured packets. Currently, this script is not a stable release. As sometimes it hangs while the code doesn’t fetch the response from the server. I am using pdb module to figure out why its happening like so. But I will fix it very soon. BTW, this happens while the target DNS Server doesn’t respond to the bind version query. Apart from that I have some other (TODO) enhancements in the pipeline. Eventually, I will add the enhancements and will make a stable release. I want to make this script a full proof DNS fingerprinting tool (even though there are other third-party tools available in web). Read more…

Folks,
If you have ever configured ISC BIND DNS in your machines locally and the application is not replying you with the required DNS response then this post is for you. This post will tell how to do a basic troubleshoot if you face such issues. Some couple of days back, I was in need to check DNS version so I crafted my own packet to fetch the installed BIND DNS version (in one of my vmware) but I was coming across with an error that the remote DNS Server is refusing my connection even though my crafted packet was legitimate and was not based on any hack attempts. You can just write a simple program in python (or any programming language) to send the DNS request and fetch the DNS version but make sure that the socket object you are creating is based on UDP as DNS works in UDP. Read more…

Folks,
If you come across with any RAR Files and you are not able to exact the target file then unrar command is the right choice for you as tar command doesn’t support extracting RAR Archives. The installation is quite straight forward for both Ubuntu/RPM Based operating systems. If apt-get or yum is supported in your system and your apt-get/yum is able to connect to the Internet and fetch the contents for you (as in old versions of Redhat/Core yum won’t work, even though you can manually fix the repos search paths by editing the conf files) then you can follow these steps to get started. Read more…

Pals,
If you are capturing some packets across your network and if you want to find a specific pattern from the huge list of packets then you can make use of the the available wireshark filter “tcp matches”. It can save a bunch of your time as it will directly take you to your desired place within a short period of time. Below is an example of how you can find “.exe\x20″ from the packets lists
Read more…

Folks,
As you must be knowing that OpenVAS Community has released a new version for OpenVAS 3.x and they have come up with some many additional features this time i.e. GSA, openvas-administrator and openvas-manager. They are some of the useful features that you should give it a try! And at the same time we can also observe that this time their packages are kinda different as well. I will be telling you on how you can install OpenVAS in Ubuntu 9.10 as I was very happy that when I got OpenVAS installed in Ubuntu latest build! Read more…

Dear Folks,
I have seen in some places that some Fedora Core users are facing lots of installation issues while installing Wireshark Tool. I will tell you an easy method on how you can install Wireshark without messing up with anything.

Read more…

As we know recently, there had been a hype about SMB v2 protocol vulnerability which was causing BSOD in the vulnerable system. This vulnerability exists in srv2.sys which was not able to handle a higher/lower PID value in the SMB_Negotiate protocol field (2 Bytes). The vulnerability can be successfully exploited by the poc provided by Laurent Gaffié (Found this bug in 3 seconds with his simple hand made fuzzer). And after successful exploitation it will cause a remote BSOD in the affected SMB v2 enabled Operating System thus causing a hard reboot in the machine.
Read more…