- Merge or Encrypt / Decrypt PDF files using pdftk

Pdftk is a simple command line tool for doing everyday things with PDF documents. Use it to merge PDF documents, split PDF pages into a new document, decrypt input as necessary (password required), encrypt output as desired, fill PDF forms with FDF data and/or flatten forms, apply a background watermark, report on PDF metrics, update PDF metadata, attach files to PDF pages or the PDF document, unpack PDF attachments, burst a PDF document into single pages, decompress and re-compress page streams, and repair corrupted PDF files (where possible).

Installation:
Ubuntu user can install pdftk using following command: sudo apt-get install pdftk

Using pdftk:
Once installed, we can merge pdf files using following command:
pdftk 1.pdf  2.pdf  3.pdf cat output 123.pdf
Encrypt a PDF using 128-Bit Strength (the Default) and Withhold All Permissions (the Default)
pdftk mydoc.pdf output mydoc.128.pdf owner_pw foopass
Decrypt a PDF
pdftk secured.pdf input_pw foopass output unsecured.pdf






source:http://linuxpoison.blogspot.com/2010/07/135781677514681.html

- How to Lock / UnLock (Enable / Disable) Linux User Account

Before you remove an account from a system, is a good idea lock it for one week to make sure that no one use it.

To lock, you can use the follow command:
# passwd -l username (where username is the login id).
This option is used to lock the specified account and it is available to root only. The locking is performed by rendering the encrypted password into an invalid string (by prefixing the encrypted string with an !).

After that, if someone try to loginusing this account, the system will return:
# su - username
This account is currently not available.

To Unlock the same account
Following command re-enables an account by changing the password back to its previous value i.e. to value before using -l option.
# passwd -u username
This removes the '!' in front of the encrypted password






source:http://linuxpoison.blogspot.com/2010/07/13578167751651.html

- How to get Technical and Tag information about a video or audio file - MediaInfo

MediaInfo supplies technical and tag information about a video or audio file.
It is free software (free of charge and free access to source code: GPL or LGPL licence)

With MediaInfo you can easily get the following information:
  * General: title, author, director, album, track number, date, duration...
  * Video: codec, aspect, fps, bitrate...
  * Audio: codec, sample rate, channels, language, bitrate...
  * Text: language of subtitle
  * Chapters: number of chapters, list of chapters

Following are the Video/Audio format supported by Mediainfo:
Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB)...
(Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...)
Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF...
Subtitles: SRT, SSA, ASS, SAMI...

Installation:
Ubuntu users can install it from the MediaInfo PPA:
sudo add-apt-repository ppa:shiki/mediainfo
sudo apt-get update
sudo apt-get install mediainfo
OpenSuSe:
OpenSuSe user can install MediaInfo - here







source:http://linuxpoison.blogspot.com/2010/07/135781677516987.html

- CentOS is now the most popular Linux distribution on web servers

CentOS is a well known Linux distribution with a strong focus on server machines rather than on desktop PCs. For the first time, CentOS is now leading the Linux distribution statistics on web servers with almost 30% of all Linux servers.

Source: here






source:http://linuxpoison.blogspot.com/2010/07/135781677517985.html

- How to Enable / Disable Modules into Apache on Linux

Apache is a modular server. This implies that only the most basic functionality is included in the core server. Extended features are available through modules which can be loaded into Apache. By default, a base set of modules is included in the server at compile-time. If the server is compiled to use dynamically loaded modules, then modules can be compiled separately, and added at any time using the LoadModule directive.

The module are available in the /etc/apache2/mods-available directory. You can use the a2enmod command to enable a module. You can use the a2dismod command to disable a module. Once you enable the module, the module will be available in the the /etc/apache2/mods-enabled directory.

Example:
To enable ssl module, use following command:
sudo a2enmod ssl
To enable suexec module, use following command:
sudo a2enmod suexec
When you’re finished enabling the modules that you want, you’ll need to perform a “force-reload” of Apache using following command: sudo service apache2 restart

Note: Above commands (a2enmod  and a2dismod) will work with any Linux distribution and not only limited to Ubuntu.






source:http://linuxpoison.blogspot.com/2010/07/135781677513931.html

- Open Source Web Application Security Assessment Tool - Andiparos

Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc.

The advantage of Andiparos is mainly the support of Client Certificates on Smartcards. Moreover it has several small interface enhancements, making the life easier for penetration testers...

Features:
  * Smartcard support
  * History Filter (URLs)
  * Tag requests in history
  * other small enhancements...

Installation and Using  Andiparo:
Download Andiparos from here
Untar the package into some directory and start the application using command: javaw -jar andiparos.jar

This will start the andiparos on port 8080 (default), now you need to configure your browser to point to port 8080 and start browsing the application using the browser and all the activity (url) will get capture by andiparos, as you can see the image below.


After this you can scan through the requests using application option (Analyse > Scan all) and can generate the report for this scan using option (Report > last scan report)






source:http://linuxpoison.blogspot.com/2010/07/13578167754968.html

- Large Text File (logs) viewer - Rowscope

Rowscope is a file viewer for large text files. It can read files larger than 1 GB. It is very fast (a few seconds to examine a 1GB file) and it never blocks.

The idea back Rowscope is that a person cannot read the whole file when it is so large; a person can only read some parts of the file, possibly the ones that contain the information he is looking for.
For example when somebody reads the log file produced by an application, he will probably look for a specific error or for the lines produced in a specific period of the day.

With Rowscope the user:
Localizes the part or parts of the file that he wants to read, using search strings or regular expressions.
Then he can expand one of the rows he has found, which means that he makes Rowscope display the rows immediately before or after that row.

The main features of Rowscope are the following:
  * It never blocks the GUI. The user is able to write text and click buttons when Rowscope is loading a file.
  * It does not monopolize the CPU. There are moments in which Rowscope uses some CPU, but it never blocks the other applications.
  * It does not use a large amount of memory. It uses some MBytes of memory, but it never becomes a problem for the operating system or the other applications.
  * It is always able to stop. It is always possible to stop or close Rowscope, also when it is loading/analyzing a file.

Installation:
you need to have java installed in-order to use Rowcopy

wget http://sourceforge.net/projects/rowscope/files/1.0/rowscope_1_0_linux_gtk_32.jar/download
java -jar rowscope_1_0_linux_gtk_32.jar

Above command will install the Rowscope into your home directory








source:http://linuxpoison.blogspot.com/2010/07/135781677515325.html

- Malware Analysis Linux OS - REMnux

REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu

REMnux isn't a fancy distribution that was built from scratch... In simple terms, it's a virtual machine that runs Ubuntu and has various useful malware tools set up on it.

REMnux is also useful for analyzing web-based malware, such as malicious JavaScript, Java programs, and Flash files. It also has tools for analyzing malicious documents, such as Microsoft Office and Adobe PDF files, and utilities for reversing malware through memory forensics. In these cases, malware may be loaded onto REMnux and analyzed directly on the REMnux system without requiring other systems to be present in the lab.

Malware Analysis Tools Set Up On REMnux
  * Analyzing Flash malware: swftools, flasm, flare
  * Analyzing IRC bots: IRC server (Inspire IRCd) and client (Irssi). To launch the IRC server, type "ircd start"; to shut it down "ircd stop". To launch the IRC client, type "irc".
  * Network-monitoring and interactions: Wireshark, Honeyd, INetSim, fakedns and fakesmtp scripts, NetCat
  * JavaScript deobfuscation: Firefox with Firebug, NoScript and JavaScript Deobfuscator extensions, Rhino debugger, two versions of patched SpiderMonkey, Windows Script Decoder, Jsunpack-n
  * Interacting with web malware in the lab: TinyHTTPd, Paros proxy
  * Analyzing shellcode: gdb, objdump, Radare (hex editor+disassembler), shellcode2exe
  * Dealing with protected executables: upx, packerid, bytehist, xorsearch, TRiD
  * Malicious PDF analysis: Didier's PDF tools, Origami framework, Jsunpack-n, pdftk
  * Memory forensics: Volatility Framework and malware-related plugins
  * Miscellaneous: unzip, strings, ssdeep, feh image viewer, SciTE text editor, OpenSSH server

Downloading REMnux
You can download the REMnux distribution as a VMware virtual machine, which is encapsulated in a zip archive file. The file's MD5 hash is dc28330411acafc6b7f595a11e8b7ea4.






source:http://linuxpoison.blogspot.com/2010/07/135781677518436.html

- How to enable MP3, MPEG-4, AVI, DiVX, etc. in OpenSuse 11.3 Linux

Why doesn’t OpenSuSe support MP3 ‘out of the box’?

OpenSuSe cannot include support for MP3 or DVD video playback or recording. MP3 formats are patented, and the patent holders have not provided the necessary licenses. OpenSuSe also excludes other multimedia software due to patent, copyright, or license restrictions, such as Adobe Flash Player and RealNetworks RealPlayer.

That doesn’t mean you can’t play .mp3 files in OpenSuSe , it just takes a bit of work (not much).

Follow these instructions to get mp3 and other multimedia support on your OpenSuSe 11.3.

Use "1-click" installer to install all the required Codecs pack
If you are using KDE - Download and run (execute) this
If you are using Gnome - Download and execute this
To enable DVD playback - Download and execute this
This will enable you to have:
  Flash
  Java
  Latest Amarok (with MP3 Support) for KDE, or Helix-Banshee for GNOME users
  Encrypted DVD (libdvdcss)
  Extra XINE Codecs, for DivX/Xvid etc. (libxine1)
  K3b with MP3 Support (k3b-codecs)
  Win 32 Codecs (w32codec-all)

Multimedia Players:
Mplayer - Download and run this file.
VLC Player - Download and run this file.

And after successful installation you should be able to play any media files.






source:http://linuxpoison.blogspot.com/2010/07/135781677511424.html

- IDS/IPS/WAF Evasion & Flooding Tool - Inundator

Inundator is a multi-threaded, queue-driven, IDS evasion tool. Its purpose is to anonymously flood intrusion detection systems (specifically Snort) with traffic designed to trigger false positives via a SOCKS proxy in order to obfuscate a real attack.

The general idea is one would launch inundator prior to starting an attack, allow it to run during the attack, and continue to run it a while longer after you’ve accomplished the attack. The goal, of course, is to generate an overwhelming number of false positives so that your real attack is essentially buried within the other alerts, minimizing the chance of your attack being detected. It could also be used to ruin an IDS analyst’s day, or keep an organization’s infosec department busy for a while.

Other Example Scenarios:
  * Before, during, and after a real attack to bury any potential alerts among a flood of false positives.
  * Seriously mess with an IDS analyst and keep an InfoSec department busy for days investigating false positives.
  * Test the effectiveness of an intrusion detection or prevention system. Less alerts means a better product; more alerts means a horrible product.

USE THIS TOOL FOR LEGAL PURPOSES ONLY!

Downloading and installing Inundator:
The preferred method of installation for all other .deb-based distributions is via software repository. This is by far the best and simplest way of installing Inundator and its dependencies.

Add repository to /etc/apt/sources.list:
deb http://inundator.sourceforge.net/repo/ all/
Next, download and install our GPG key:
wget http://inundator.sourceforge.net/inundator.asc
apt-key add inundator.asc
Then you can automatically pull in Inundator and all its dependencies:
aptitude update
aptitude install inundator






source:http://linuxpoison.blogspot.com/2010/07/13578167751503.html

- Detection & Exploitation Of SQL Injection Flaws - Safe3 SQL Injector

SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.

The following script shows a simple SQL injection. The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user:
var username;
username = Request.form ("username");
var sql = "select * from OrdersTable where username = '" + username + "'";
The user is prompted to enter the name. If he enters nikesh, the query assembled by the script looks similar to the following:
SELECT * FROM OrdersTable WHERE username = 'nikesh'
However, assume that the user enters the following:
nikesh'; drop table usersTable--
In this case, the following query is assembled by the script:
SELECT * FROM OrdersTable WHERE username = 'nikesh';drop table usersTable--'
The semicolon (;) denotes the end of one query and the start of another. The double hyphen (--) indicates that the rest of the current line is a comment and should be ignored.

If the modified code is syntactically correct, it will be executed by the server. When SQL Server processes this statement, SQL Server will first select all records in OrdersTable where username is nikesh. Then, SQL Server will drop usersTable.

USE THIS TOOL FOR LEGAL PURPOSES ONLY!

Safe3 SQL Injector is one of the most powerful penetration testing tool that automates the process of detecting and exploiting SQL injection flaws (as shown above) and taking over of back-end database servers.

Safe3 SQL Injector Features:
  * Full support for GET/Post/Cookie Injection;
  * Full support for HTTP Basic, Digest, NTLM and Certificate authentications
  * Full support for MySQL, Oracle, PostgreSQL,MSSQL,ACESS,DB2,Sybase,Sqlite
  * Full support for Error/Union/Blind/Force SQL injection
  * Support for file acess,command execute,ip domain reverse,web path guess,md5 crack,etc.
  * Super bypass WAF 

You can download Safe3 SQL Injector here: Safe3SI.6.2.rar







source:http://linuxpoison.blogspot.com/2010/07/13578167751460.html

- Hostnames and Virtual Hosts Discovery tool - Hostmap

It is said that if you know your enemies and know yourself, you will not be imperiled in a hundred battles; if you do not know your enemies but do know yourself, you will win one and lose one; if you do not know your enemies nor yourself, you will be imperiled in every single battle.
- Sun Tzu, The Art of War
As Sun Tzu said, you have to know your enemy. During an hacking engagement, like a penetration test, you need to retrieve as much information as possible from your target in order to be successful.

Hostmap helps you using several techniques to enumerate all the hostnames and configured virtual hosts associated with an IP address.

In the real world an IP address can be registered in a DNS server with multiple host names, because it can have some aliases or hosting a bunch of websites.
Example: 
IP address 1.2.3.4 can have following entries in the DNS configuration file

www.foo.com CNAME foo.com
foo.com A 1.2.3.4
mail.foo.com A 1.2.3.4
goo.com A 1.2.3.4

An user or a penetration tester,that needs to test the security of the IP address 1.2.3.4 machine needs ti know all his host names.

Here the purpose of the hostmap is to discover all the registered DNS hostname or virtual names inorder to get the better knowledge of the target machine.


USE THIS TOOL FOR LEGAL PURPOSES ONLY!

The major features of Hostmap are:
  * DNS names and virtual hosts enumeration
  * Multiple discovery techniques
  * Results correlation, aggregation and normalization
  * Multithreaded and event based engine
  * Platform independent

Installation:
Download hostmap from here
Untar the package and type following command to start host-name discoveries: 
ruby hostmap.rb -t 192.168.1.1 and you should see something similar to ....









source:http://linuxpoison.blogspot.com/2010/07/135781677515284.html

- Check for security configuration issue on software - YASAT

YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool.
YASAT goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut)
Second goal is to document each test with maximum information and links to official documentation.

YASAT does many tests for checking security configuration issue or others good practice.
Don't forget that YASAT is not the only audit tool, You can also use tiger, lynis, sectool, nessus, openvas, Debian's checksecurity, etc... for checking your systems

Installation and Configuration:
Dependencies: sed, cut, grep. YASAT will use also openssl for some tests.
Latest version can be found at http://yasat.sourceforge.net
Simply untar the yasat tarball: tar xvzf yasat1.tar.gz
Change directory to yasat directory: cd yasat
and type ./yasat.sh -s to start system configuration check using YASAT









source:http://linuxpoison.blogspot.com/2010/07/135781677512911.html
Subscribe to: Posts (Atom)

Labels

Web Search Gmail Google Docs Mobile YouTube Google Maps Google Chrome User interface Tips iGoogle Social Google Reader Traffic Making Devices cpp programming Ads Image Search Google Calendar tips dan trik Google Video Google Translate web programming Picasa Web Albums Blogger Google News Google Earth Yahoo Android Google Talk Google Plus Greasemonkey Security software download info Firefox extensions Google Toolbar Software OneBox Google Apps Google Suggest SEO Traffic tips Book Search API Acquisitions InOut Visualization Web Design Method for Getting Ultimate Traffic Webmasters Google Desktop How to Blogging Music Nostalgia orkut Google Chrome OS Google Contacts Google Notebook SQL programming Google Local Make Money Windows Live GDrive Google Gears April Fools Day Google Analytics Google Co-op visual basic Knowledge java programming Google Checkout Google Instant Google Bookmarks Google Phone Google Trends Web History mp3 download Easter Egg Google Profiles Blog Search Google Buzz Google Services Site Map for Ur Site game download games trick Google Pack Spam cerita hidup Picasa Product's Marketing Universal Search FeedBurner Google Groups Month in review Twitter Traffic AJAX Search Google Dictionary Google Sites Google Update Page Creator Game Google Finance Google Goggles Google Music file download Annoyances Froogle Google Base Google Latitude Google Voice Google Wave Google Health Google Scholar PlusBox SearchMash teknologi unik video download windows Facebook Traffic Social Media Marketing Yahoo Pipes Google Play Google Promos Google TV SketchUp WEB Domain WWW World Wide Service chord Improve Adsence Earning jurnalistik sistem operasi AdWords Traffic App Designing Tips and Tricks WEB Hosting linux How to Get Hosting Linux Kernel WEB Errors Writing Content award business communication ubuntu unik