Reseña: Jules Y Koridwen - Saga U4

Advertisement

Yannis, Stéphane, Jules y Koridwen tienen entre 15 y 18 años. Sobrevivieron al virus U4, que ha acabado con el 90% de la población mundial. No se conocen entre sí, pero se dirigen a la misma reunión.

4 Novelas
.
4 Autores
.
4 Protagonistas

VOS ELEGÍS POR CUÁL COMENZAR


¡Muchas gracias Catapulta por los ejemplares!


Jules vive aisalado en su departamento en el bulevar Saint-Michel, en París No ha sabido nada de sus padres (de viaje en Hong Kong cuando la epidemia comenzó a extenderse). La vista desde su ventana es espeluznante, sabe que no va a sobrevivir mucho más si se queda allí encerrado. Para enfrentar su salida al exterior decide convertirse en su avatar, un intrépido guerrero. Su única esperanza: la reunión anunciada por el gamemaster de WOT.


Cuando vi que Catapulta sacaba un nuevo sello editorial #Yosoy y las novedades eran estos libros distópicos, me llamó mucho la atención. La distopía es un género que me gusta mucho pero hace tiempo que no lo leí y fue interesante volver a encontrarme con él. Es un tipo de lectura entretenida y que te mantiene despierto en todo momento porque la acción nunca falta.

Esta saga, como dije antes, se puede leer por separado. Esto me resultó de lo más interesante y creo que es la primera saga que conozco que sea de esta manera:  que se pueda empezar por cualquier libro y todos sean, de alguna manera, autoconclusivos. 

Este primer libro de Jules lo definiría con la palabra: acción. Es un libro donde el autor no pierde el tiempo con descripciones o párrafos vacíos. Hay una acción atrás de otra y su protagonista, un chico de 15 años, lleva la historia al hombro de una manera muy activa. Aunque no conecté 100% con Jules debo decir que me gustó ese lado tierno que tiene el personaje cuando demuestra su total humanidad e interés en los demás. Para complementarlo hay un personaje secundario que endulza la historia: Alicia. 

Es un libro que no te da respiro porque pasa una cosa tras otra, pero también hay tiempo para reflexionar y pensar en el siguiente paso. Un buen libro para comenzar la saga con un final acorde al resto de la trama. 


"Con los otros Expertos, seremos invencibles. Porque cuando juego me siento bien, soy fuerte, tengo ideas, existo, soy reconocido y reconocible: soy Spider Snake, el mercenario respetado, temido y rebelde. Y Khronos nos propuso modificar el curso del tiempo, prevenir el Mal, porque somos los combatientes más fuertes. Eso no tiene nada de loco, nada de aberrante, nada de anormal. Al contrario, tiene lógica, todo cierra".




Koridwen es la última sobreviviente de una aldea en Bretaña. Ella ha visto sucumbir a los pocos habitantes de esa zona y los ha enterrado. Antes de morir su madre le confió un sobre que le había dejado su abuela para que lo abra el día de su decimoquinto cumpleaños. Esta carta menciona un largo viaje y mundos paralelos, su mensaje es tan extraño e inquietante como el que recibió del gamemaster de Warriors of Time. Por eso decide ir a la reunión de expertos de WOT en París.


Dejé para segunda lectura el libro que tiene a la chica por protagonista porque tenía el presentimiento de que me iba a gustar más y así fue. Aunque el anterior, el de Jules, me gustó, este me dió aquellas cosas que me faltaron quizá en el otro libro. En este caso conocemos a Koridwen, una adolescente que ha sufrido pero no por eso es menos fuerte. Sabe lo que tiene que hacer y actúa en consecuencia. 

Desde el inicio, aunque es más lento que el resto de la trama, conecté más con la protagonista. Además en este libro sentí un poco más de calma en la narración, cosa que en el anterior libro me faltó. Me gusta la narración activa y que no decae, pero también necesito pausas y momentos de reflexión que en este caso si hubo. 

El final de este te deja bastante anonadado pero preguntándote qué le puede pasar al resto de los personajes. Sin duda se trata de historias que se pueden leer por separado sin ningún problema.



Related word

18 Useful Websites for Hackers 2018

Advertisement
  • Hack Forums: Emphasis on white hat, with categories for hacking, coding and computer security.
  • Hackaday: A hardware hack every day.
  • SecTools.Org: List of 75 security tools based on a 2003 vote by hackers.
  • Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
  • Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
  • KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
  • NFOHump: Offers up-to-date .NFO files and reviews on the latest pirate software releases.
  • Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
  • Phrack Magazine: Digital hacking magazine.
  • Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
  • Black Hat: The Black Hat Briefings have become the biggest and the most important security conference series in the world by sticking to our core value: serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment.
  • Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
  • Offensive Security Training: Developers of Kali Linux and Exploit DB, and the creators of the Metasploit Unleashed and Penetration Testing with Kali Linux course.
  • DEFCON: Information about the largest annual hacker convention in the US, including past speeches, video, archives, and updates on the next upcoming show as well as links and other details.
  • SecurityFocus: Provides security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
  • Makezine: Magazine that celebrates your right to tweak, hack, and bend any technology to your own will.
  • The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
  • HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.

RMIScout - Wordlist And Bruteforce Strategies To Enumerate Java RMI Functions And Exploit RMI Parameter Unmarshalling Vulnerabilities

Advertisement

RMIScout performs wordlist and bruteforce attacks against exposed Java RMI interfaces to safely guess method signatures without invocation.
On misconfigured servers, any known RMI signature using non-primitive types (e.g., java.lang.String), can be exploited by replacing the object with a serialized payload. This is a fairly common misconfiguration (e.g., VMWare vSphere Data Protection + vRealize Operations Manager, Pivotal tc Server and Gemfire, Apache Karaf + Cassandra) as highlighted in An Trinh's 2019 Blackhat EU talk.
RMIScout integrates with ysoserial and GadgetProbe to perform deserialization attacks against services incorrectly configuring process-wide serialization filters (JEP 290).


Motivation
I wanted a tool to do the following tasks:
  1. Provide wordlist and text-based bruteforce strategies instead of bruteforcing a 64-bit method hash.
  2. Identify RMI methods without invoking them.
  3. Provide a simple way to exploit the known issue of unsafe RMI parameter unmarshalling and integrate with ysoserial or payloads implementing ysoserial.payloads.ObjectPayload.
  4. Integrate GadgetProbe to identify remote classes to help identify relevant software and construct gadget chains.
To start off your search, the included lists/prototypes.txt wordlist is a deduplicated wordlist from 15,000 RMI prototypes found in OSS projects across GitHub. Feel free to submit a PR to include more :)

How it works
To identify but not execute RMI functions, RMIScout uses low-level RMI network functions and dynamic class generation to send RMI invocations with deliberately mismatched types to trigger remote exceptions. All parameters are substituted for a dynamically generated serializable class with a 255-character name assumed to not exist in the remote class path. For example:
Remote Interface:
void login(String user, String password)
RMIScout will invoke:
login((String) new QQkzkn3..255 chars..(), (String) new QQkzkn3..255 chars..())
If the class is present this will result in a remote java.rmi.UnmarshalException cased by the ClassNotFoundException or argument unmarshalling error without invoking the underlying method.
Read a full technical writeup here.

Usage
# Perform wordlist-attack against remote RMI service using wordlist of function prototypes
./rmiscout.sh wordlist -i prototypes.txt <host> <port>

# Bruteforce using method wordlist and other options
./rmiscout.sh bruteforce -i lists/methods.txt -r void,boolean,long -p String,int -l 1,4 <host> <port>

# Swap object-derived types with the specified ysoserial payload and payload parameter
./rmiscout.sh exploit -s 'void vulnSignature(java.lang.String a, int b)' -p ysoserial.payloads.URLDNS -c "http://examplesubdomain.burpcollaborator.net" -n registryName <host> <port>

# Use GadgetProbe and a known signature to bruteforce classes on the remote classpath
./rmiscout.sh probe -s 'void vulnSignature(java.lang.String a, int b)' -i ../GadgetProbe/wordlists/maven_popular.list -d "examplesubdomain.burpcollaborato r.net" -n registryName <host> <port>

Building and Running
Use the included rmiscout.sh script to automatically build the project and as a convenient wrapper around java -jar syntax:
./rmiscout.sh wordlist -i prototypes.txt <host> <port>
Alternatively, build the project manually and use traditional java -jar syntax:
# Manually build JAR
./gradlew shadowJar

java -jar build/libs/rmiscout-1.0-SNAPSHOT-all.jar wordlist -i prototypes.txt <host> <port>

Try It out
Run the demo RMI server. Try out the included demo/wordlist.txt.
cd demo
./start.sh

Author
Twitter: @BumbleSec
GitHub: the-bumble




via KitPloit

Related word


Kali Linux VM Installation And Setup

Advertisement

Preface

From time to time I realize that certain tasks that are trivial for me are not necessarily easy for others, especially if they are just getting started with IT security stuff.

As I am going to be a Facilitator at SANS Munich 2015 on SEC 401, plus we have a few people at work who are just dipping their toe into the wonderful world of Kali Linux, it seemed like a good opportunity to make a short getting started / installation guide on the Kali VMWare VMs that you can download and quickly get started.

On top of that, when I check the statistics of the blog, I always see that the most popular posts are the detailed howtos and tutorials and I assume that it is because there is a need for this kind of posts too, so here it goes! :)


Step -1: Check in your BIOS/UEFI if virtualization is enabled

We are going to use virtualization, so it would be nice to enable it, right?

In BIOS/UEFI menus this is somewhere around "Security" and/or "Virtualization" and it is something like "Intel (R) Virtualization Technology" and "Intel (R) VT-d Feature" that needs to be set to "Enabled".


Step 0: Install VMWare Player or VMWare Workstation

The Kali Linux VMs are VMWare-based, so you need to install VMWare Player (free), VMWare Workstation (paid) or VMWare Fusion (paid, for OS-X).

The more desirable choice is to use VMWare Workstation or VMWare Fusion, as they have a Snapshot feature, while with VMWare Player, you are forced to take a full copy in order to have a sort of rollback feature.


Step 1: Download Kali VM

We need to download the Kali VMs from the "Custom Kali Images" download site, where you can find a 64 bit (amd64) and a 32 bit PAE (i686) too.

There are also Torrent files for the images and based on experience, using Torrent is much more faster and reliable than the HTTP download, so if you can, use that!

Once you have downloaded the VMs, do not forget to check their SHA1 hash!!! On Linux, you can simply use the sha1sum command at a terminal. For Windows, you can use something like the MD5 & SHA Checksum Utility.


Step 2: Change Kali VM default root password

The Kali VM comes with a preset root password, which is "toor" (without the quotes), therefore, it has to be changed.

Here is how you do it:
root@kali:~# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully


Step 3: Change Kali VM default SSH keys

The Kali VM also comes with SSH preinstalled, so we need to change the SSH keys to avoid SSH MiTM attacks.
Here is how you do it:
root@kali:~# cd /etc/ssh/
root@kali:/etc/ssh# mkdir default_kali_keys
root@kali:/etc/ssh# mv ssh_host_* default_kali_keys/
root@kali:/etc/ssh# dpkg-reconfigure openssh-server
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
insserv: warning: current start runlevel(s) (empty) of script `ssh' overrides LSB defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (2 3 4 5) of script `ssh' overrides LSB defaults (empty).

Now we can check if the keys are really changed:

root@kali:/etc/ssh# md5sum /etc/ssh/*key*
md5sum: /etc/ssh/default_kali_keys: Is a directory
6abe210732068fa7ca95854c3078dba5 /etc/ssh/ssh_host_dsa_key
1b5f3c1a1b5c48cc3cce31b116e8b6f8 /etc/ssh/ssh_host_dsa_key.pub
8f0f60855e5ab8cac8103d64faab090f /etc/ssh/ssh_host_ecdsa_key
aace49ae9236815c9a1672f8ecb2b1e2 /etc/ssh/ssh_host_ecdsa_key.pub
cf861a9f743fb4584ab246024465ddf1 /etc/ssh/ssh_host_rsa_key
d5d65d8ad023a6cb1418ae05007bc6d3 /etc/ssh/ssh_host_rsa_key.pub
root@kali:/etc/ssh# md5sum /etc/ssh/default_kali_keys/*key*
c8d5b82320a4ddde59d0e2b6d9aad42a /etc/ssh/default_kali_keys/ssh_host_dsa_key
6b12ddecd463677cde8097e23d0f219a /etc/ssh/default_kali_keys/ssh_host_dsa_key.pub
fecf056571a3dfbf3635fc2c50bf23c5 /etc/ssh/default_kali_keys/ssh_host_ecdsa_key
e44b7c50635de42e89b3297414f5047d /etc/ssh/default_kali_keys/ssh_host_ecdsa_key.pub
e9e0267484e020878e00a9360b77d845 /etc/ssh/default_kali_keys/ssh_host_rsa_key
ceee93d7bbc9f9b9706e18f23d4e81f1 /etc/ssh/default_kali_keys/ssh_host_rsa_key.pub

Step 4: Update Kali VM

Next you need to update your Kali VM so that everything is patched.

Here is how you do it:

root@kali:~# apt-get update
Get 1 http://http.kali.org kali Release.gpg [836 B]
Get:2 http://security.kali.org kali/updates Release.gpg [836 B]
********************************* SNIP *********************************
Fetched 16.7 MB in 14s (1,190 kB/s)
Reading package lists... Done
root@kali:~# apt-get upgrade
eading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
********************************* SNIP *********************************
The following packages will be upgraded:
********************************* SNIP *********************************
241 upgraded, 0 newly installed, 0 to remove and 16 not upgraded.
Need to get 740 MB of archives.
After this operation, 130 MB disk space will be freed.
Do you want to continue [Y/n]? Y
Get:1 http://security.kali.org/kali-security/ kali/updates/main libc6-i386 amd64 2.13-38+deb7u7 [4,044 kB]
Get:2 http://http.kali.org/kali/ kali/main base-files amd64 1:1.1.0 [77.5 kB]
********************************* SNIP *********************************
root@kali:~#


Step 5: Create a Snapshot/Copy the VM

Once you are done with all the above, you can make a Snapshot in case of VMWare Workstation or copy the files of the VM in case of VMWare Player, so that you can roll back to this clean stat in case you misconfigure something.

Hope this was helpful. Happy hacking!


More info

LEGALITY OF ETHICAL HACKING

Advertisement
Why ethical hacking?
Legality of Ehical Hacking
 
Ethical hacking is legal if the hacker abides by the rules stipulated in above section on the definition of ethical hacking.

Ethical hacking is not legal for black hat hackers.They gain unauthorized access over a computer system or networks for money extortion.

Related news


  1. Pentest Meaning
  2. Pentest Stages
  3. Pentest Ubuntu
  4. Hacking Images
  5. Pentestgeek
  6. Hacker Kevin Mitnick
  7. Pentest Methodology
  8. Pentest Windows 7
  9. Hacking Names
  10. Pentest Report Generator
  11. Hacking Programs
  12. Pentest Dns Server
  13. Pentest Windows 7
  14. Hacking Meaning
  15. Pentest Lab Setup
  16. Pentest Partners
  17. Hacker Typer

DEFINATION OF HACKING

Advertisement
DEFINATION OF HACKING

Hacking is an attempt to exploit a  computer system vulnerabilities or a private network inside a computer to gain unauthorized acess.
Hacking is identifying and exploiting weakness in computer system and/ or computer networks for finding the vulnerability and loopholes.
Related articles

DOS (Denial Of Service) Attack Tutorial Ping Of Death ;DDOS

Advertisement

What is DoS Attack?

DOS is an attack used to deny legitimate users access to a resource such as accessing a website, network, emails, etc. or making it extremely slow. DoS is the acronym for Denial oService. This type of attack is usually implemented by hitting the target resource such as a web server with too many requests at the same time. This results in the server failing to respond to all the requests. The effect of this can either be crashing the servers or slowing them down.


Cutting off some business from the internet can lead to significant loss of business or money. The internet and computer networks power a lot of businesses. Some organizations such as payment gateways, e-commerce sites entirely depend on the internet to do business.

In this tutorial, we will introduce you to what denial of service attack is, how it is performed and how you can protect against such attacks.

Topics covered in this tutorial

Types of Dos Attacks

There are two types of Dos attacks namely;

  • DoS– this type of attack is performed by a single host
  • Distributed DoS– this type of attack is performed by a number of compromised machines that all target the same victim. It floods the network with data packets.

Ultimate guide to DoS(Denial of Service) Attacks

How DoS attacks work

Let's look at how DoS attacks are performed and the techniques used. We will look at five common types of attacks.

Ping of Death

The ping command is usually used to test the availability of a network resource. It works by sending small data packets to the network resource. The ping of death takes advantage of this and sends data packets above the maximum limit (65,536 bytes) that TCP/IP allows. TCP/IP fragmentation breaks the packets into small chunks that are sent to the server. Since the sent data packages are larger than what the server can handle, the server can freeze, reboot, or crash.

Smurf

This type of attack uses large amounts of Internet Control Message Protocol (ICMP) ping traffic target at an Internet Broadcast Address. The reply IP address is spoofed to that of the intended victim. All the replies are sent to the victim instead of the IP used for the pings. Since a single Internet Broadcast Address can support a maximum of 255 hosts, a smurf attack amplifies a single ping 255 times.  The effect of this is slowing down the network to a point where it is impossible to use it.

Buffer overflow

A buffer is a temporal storage location in RAM that is used to hold data so that the CPU can manipulate it before writing it back to the disc. Buffers have a size limit. This type of attack loads the buffer with more data that it can hold. This causes the buffer to overflow and corrupt the data it holds. An example of a buffer overflow is sending emails with file names that have 256 characters.

Teardrop

This type of attack uses larger data packets. TCP/IP breaks them into fragments that are assembled on the receiving host. The attacker manipulates the packets as they are sent so that they overlap each other. This can cause the intended victim to crash as it tries to re-assemble the packets.

SYN attack

SYN is a short form for Synchronize. This type of attack takes advantage of the three-way handshake to establish communication using TCP. SYN attack works by flooding the victim with incomplete SYN messages. This causes the victim machine to allocate memory resources that are never used and deny access to legitimate users.

DoS attack tools

The following are some of the tools that can be used to perform DoS attacks.

  • Nemesy– this tool can be used to generate random packets. It works on windows. This tool can be downloaded from http://packetstormsecurity.com/files/25599/nemesy13.zip.html . Due to the nature of the program, if you have an antivirus, it will most likely be detected as a virus.
  • Land and LaTierra– this tool can be used for IP spoofing and opening TCP connections
  • Blast– this tool can be downloaded from http://www.opencomm.co.uk/products/blast/features.php
  • Panther- this tool can be used to flood a victim's network with UDP packets.
  • Botnets– these are multitudes of compromised computers on the Internet that can be used to perform a distributed denial of service attack.

DoS Protection: Prevent an attack

An organization can adopt the following policy to protect itself against Denial of Service attacks.

  • Attacks such as SYN flooding take advantage of bugs in the operating system. Installing security patches can help reduce the chances of such attacks.
  • Intrusion detection systems can also be used to identify and even stop illegal activities
  • Firewalls can be used to stop simple DoS attacks by blocking all traffic coming from an attacker by identifying his IP.
  • Routers can be configured via the Access Control List to limit access to the network and drop suspected illegal traffic.

Hacking Activity: Ping of Death

We will assume you are using Windows for this exercise. We will also assume that you have at least two computers that are on the same network. DOS attacks are illegal on networks that you are not authorized to do so. This is why you will need to setup your own network for this exercise.

Open the command prompt on the target computer

Enter the command ipconfig. You will get results similar to the ones shown below

Ultimate guide to DoS(Denial of Service) Attacks

For this example, we are using Mobile Broadband connection details. Take note of the IP address. Note: for this example to be more effective, and you must use a LAN network.

 Switch to the computer that you want to use for the attack and open the command prompt

We will ping our victim computer with infinite data packets of 65500

Enter the following command

ping 10.128.131.108 –t |65500

HERE,

  • "ping" sends the data packets to the victim
  • "10.128.131.108" is the IP address of the victim
  • "-t" means the data packets should be sent until the program is stopped
  • "-l" specifies the data load to be sent to the victim

You will get results similar to the ones shown below

Ultimate guide to DoS(Denial of Service) Attacks

Flooding the target computer with data packets doesn't have much effect on the victim. In order for the attack to be more effective, you should attack the target computer with pings from more than one computer.

The above attack can be used to attacker routers, web servers etc.

If you want to see the effects of the attack on the target computer, you can open the task manager and view the network activities.

  • Right click on the taskbar
  • Select start task manager
  • Click on the network tab
  • You will get results similar to the following

Ultimate guide to DoS(Denial of Service) Attacks

If the attack is successful, you should be able to see increased network activities.

 

Hacking Activity: Launch a DOS attack

In this practical scenario, we are going to use Nemesy to generate data packets and flood the target computer, router or server.

As stated above, Nemesy will be detected as an illegal program by your anti-virus. You will have to disable the anti-virus for this exercise.

Ultimate guide to DoS(Denial of Service) Attacks

Enter the target IP address, in this example; we have used the target IP we used in the above example.

HERE,

  • 0 as the number of packets means infinity. You can set it to the desired number if you do not want to send, infinity data packets
  • The size field specifies the data bytes to be sent and the delay specifies the time interval in milliseconds.

 

Click on send button

You should be able to see the following results

Ultimate guide to DoS(Denial of Service) Attacks

The title bar will show you the number of packets sent

Click on halt button to stop the program from sending data packets.

You can monitor the task manager of the target computer to see the network activities.

Summary

  • A denial of service attack's intent is to deny legitimate users access to a resource such as a network, server etc.
  • There are two types of attacks, denial of service and distributed denial of service.
  • A denial of service attack can be carried out using SYN Flooding, Ping of Death, Teardrop, Smurf or buffer overflow
  • Security patches for operating systems, router configuration, firewalls and intrusion detection systems can be used to protect against denial of service attacks.
@EVERYTHING NT

Continue reading


  1. Hacking Site
  2. Pentest Wiki
  3. Pentest Vs Red Team
  4. Pentest Usb
  5. Pentest Security
  6. Pentest Uk
  7. Pentest Meaning
  8. Hacker0Ne
  9. Hacking The System

URLCrazy - Generate And Test Domain Typos And Variations To Detect And Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

Advertisement

URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage.
Homepage: https://www.morningstarsecurity.com/research/urlcrazy

Use Cases
  • Detect typo squatters profiting from typos on your domain name
  • Protect your brand by registering popular typos
  • Identify typo domain names that will receive traffic intended for another domain
  • Conduct phishing attacks during a penetration test

Features
  • Generates 15 types of domain variants
  • Knows over 8000 common misspellings
  • Supports bit flipping attacks
  • Multiple keyboard layouts (qwerty, azerty, qwertz, dvorak)
  • Checks if a domain variant is valid
  • Test if domain variants are in use
  • Estimate popularity of a domain variant

Installation

Install from a package manager
If you are using Kali Linux, Ubuntu or Debian use:
$ sudo apt install urlcrazy

Install latest release
Visit https://github.com/urbanadventurer/urlcrazy/releases

Install current development version
Be aware the latest development version may not be stable.
$ git clone https://github.com/urbanadventurer/urlcrazy.git

Install Ruby
URLCrazy has been tested with Ruby versions 2.4 and 2.6.
If you are using Ubuntu or Debian use:
$ sudo apt install ruby

Install Bundler
Bundler provides dependecy management for Ruby projects
$ gem install bundler

Install Dependencies
$ bundle install
Alternatively, if you don't want to install bundler, the following command will install the gem dependencies.
$ gem install json colorize async async-dns async-http

Usage


Simple Usage
With default options, URLCrazy will check over 2000 typo variants for google.com.
$ urlcrazy google.com


With popularity estimate
$ urlcrazy -p domain.com

Commandline Usage
Usage: ./urlcrazy [options] domain

Options
-k, --keyboard=LAYOUT Options are: qwerty, azerty, qwertz, dvorak (default: qwerty)
-p, --popularity Check domain popularity with Google
-r, --no-resolve Do not resolve DNS
-i, --show-invalid Show invalid domain names
-f, --format=TYPE Human readable or CSV (default: human readable)
-o, --output=FILE Output file
-n, --nocolor Disable colour
-h, --help This help
-v, --version Print version information. This version is 0.7

Types of Domain Variations Supported

Character Omission
These typos are created by leaving out a letter of the domain name, one letter at a time. For example, www.goole.com and www.gogle.com

Character Repeat
These typos are created by repeating a letter of the domain name. For example, www.ggoogle.com and www.gooogle.com

Adjacent Character Swap
These typos are created by swapping the order of adjacent letters in the domain name. For example, www.googel.com and www.ogogle.com

Adjacent Character Replacement
These typos are created by replacing each letter of the domain name with letters to the immediate left and right on the keyboard. For example, www.googke.com and www.goohle.com

Double Character Replacement
These typos are created by replacing identical, consecutive letters of the domain name with letters to the immediate left and right on the keyboard. For example, www.gppgle.com and www.giigle.com

Adjacent Character Insertion
These typos are created by inserting letters to the immediate left and right on the keyboard of each letter. For example, www.googhle.com and www.goopgle.com

Missing Dot
These typos are created by omitting a dot from the domainname. For example, wwwgoogle.com and www.googlecom

Strip Dashes
These typos are created by omitting a dash from the domainname. For example, www.domain-name.com becomes www.domainname.com

Singular or Pluralise
These typos are created by making a singular domain plural and vice versa. For example, www.google.com becomes www.googles.com and www.games.co.nz becomes www.game.co.nz

Common Misspellings
Over 8000 common misspellings from Wikipedia. For example, www.youtube.com becomes www.youtub.com and www.abseil.com becomes www.absail.com

Vowel Swapping
Swap vowels within the domain name except for the first letter. For example, www.google.com becomes www.gaagle.com.

Homophones
Over 450 sets of words that sound the same when spoken. For example, www.base.com becomes www.bass.com.

Bit Flipping
Each letter in a domain name is an 8bit character. The character is substituted with the set of valid characters that can be made after a single bit flip. For example, facebook.com becomes bacebook.com, dacebook.com, faaebook.com,fabebook.com,facabook.com, etc.

Homoglyphs
One or more characters that look similar to another character but are different are called homogylphs. An example is that the lower case l looks similar to the numeral one, e.g. l vs 1. For example, google.com becomes goog1e.com.

Wrong Top Level Domain
For example, www.trademe.co.nz becomes www.trademe.co.nz and www.google.com becomes www.google.org Uses the 19 most common top level domains.

Wrong Second Level Domain
Uses an alternate, valid second level domain for the top level domain. For example, www.trademe.co.nz becomes www.trademe.ac.nz and www.trademe.iwi.nz

Supported Keyboard Layouts
Keyboard layouts supported are:
  • QWERTY
  • AZERTY
  • QWERTZ
  • DVORAK

Is the domain valid?
URLCrazy has a database of valid top level and second level domains. This information has been compiled from Wikipedia and domain registrars. We know whether a domain is valid by checking if it matches top level and second level domains. For example, www.trademe.co.bz is a valid domain in Belize which allows any second level domain registrations but www.trademe.xo.nz isn't because xo.nz isn't an allowed second level domain in New Zealand.

Popularity Estimate
URLCrazy pioneered the technique of estimating the relative popularity of a typo from search engine results data. By measuring how many times a typo appears in webpages, we can estimate how popular that typo will be made when users type in a URL.
The inherent limitation of this technique, is that a typo for one domain, can be a legitimate domain in its own right. For example, googles.com is a typo of google.com but it also a legitimate domain.
For example, consider the following typos for google.com.
Count.Typo
25424gogle.com
24031googel.com
22490gooogle.com
19172googles.com
19148goole.com
18855googl.com
17842ggoogle.com

Known Issues

Macos File Descriptor Limit
If DNS resolution fails under Macos it could be due to the small default file descriptor limit.
To display the current file descriptor limit use:
$ ulimit -a
To increase the file descriptor limit use:
$ ulimit -n 10000

URLCrazy Appearances

Kali Linux
URLCrazy was a default tool in BackTrack 5, and later Kali Linux. https://tools.kali.org/information-gathering/urlcrazy

The Browser Hacker's Handbook
Authored by Wade Alcorn, Christian Frichot, and Michele Orru.
URLCrazy is included in Chapter 2 of this seminal work on the topic.

PTES Technical Guidelines
Penetration Testing Execution Standard (PTES) is a standard designed to provide a common language and scope for performing penetration testing (i.e. Security evaluations). URLCrazy is included in the Tools Required section.
http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines

Network Security Toolkit
Network Security Toolkit is a bootable Linux distribution designed to provide easy access to best-of-breed Open Source Network Security Applications. https://www.networksecuritytoolkit.org/

See Also
URLCrazy was first published in 2009, and for many years was the most advanced opensource tool for studying typosquatting. Since then multiple other tools have been developed by the infosec community.

DNSTwist
DNSTwist is developed by Marcin Ulikowski and first published in 2015. DNSTwist had a significant feature overlap with URLCrazy at the time, and introduced many new features.
Language: Python
https://github.com/elceef/dnstwist

URLInsane
URLInsane was developed by Rangertaha in 2018 and claims to match the features of URLCrazy and DNSTwist.
Language: Go
https://github.com/cybint/urlinsane

DomainFuzz
DomainFuzz was developed by monkeym4sterin 2017. Language: Node.JS
https://github.com/monkeym4ster/DomainFuzz

Authors and Acknowledgement
  • Authored by Andrew Horton (urbanadventurer).
  • Thanks to Ruby on Rails for Inflector which allows plural and singular permutations.
  • Thanks to Wikipedia for the set of common misspellings, homophones, and homoglyphs.
  • Thanks to software77.net for their IP to country database

Community
If you have any questions, comments or concerns regarding URLCrazy, please consult the documentation prior to contacting one of the developers. Your feedback is always welcome.




via KitPloitRelated posts
  1. Pentest Windows
  2. Pentest Environment
  3. Hacker On Computer
  4. Hacking Language
  5. Pentest Blog
  6. Pentestbox
  7. Pentest Windows
  8. Pentest Reporting Tool
  9. Pentest Lab Setup
  10. Pentest Android App

Networking | Routing And Switching | Tutorial 2 | 2018

Advertisement

Welcome to my 2nd tutorial of the series of networking. In this video I've briefly described peer to peer network (P2P). Moreover, you'll see how to make a peer to peer network? How it's working? How we can intercept traffic over the network by using Wireshark? and many more. Wireshark tool is integrated with eNSP so it'll be installed automatically when you install the eNSP. On the other hand, you can install the Wireshark for your personal use from its website.

What is Peer to Peer (P2P) network? 

As when devices are connected with each other for the sake of communication that'll be known as a Network. Now what is peer to peer network? In P2P network each and every device is behaving like a server and a client as well. Moreover They are directly connected with each other in such a way that they can send and received data to other devices at the same time and there is no need of any central server in between them.

There is a question that mostly comes up into our minds that  Is it possible to capture data from the network? So the answer is yes. We can easily captured data from the network with the help of tools that have been created for network troubleshooting, so whenever there will be some issues happening to the network so we fixed that issues with the help of tools. Most usable tool for data capturing that every network analyst used named Wireshark but there are so many other tools available over the internet like SmartSniff, Ethereal, Colasoft Capsa Network Analyze, URL Helper, SoftX HTTP Debugger and many more.

What is Wireshark?

Wireshark is an open source network analyzer or sniffer used to capture packets from the network and tries to display the brief information about the packets. It is also used for software and communication protocol development. Moreover, Wireshark is the best tool to intercept the traffic over the network.