Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Talk:Hacking index"

From NetSec
Jump to: navigation, search
(MySql 5 Enumeration)
(Facebook)
 
(49 intermediate revisions by 3 users not shown)
Line 7: Line 7:
 
* [[alphanumeric x86_64 data manipulation]]
 
* [[alphanumeric x86_64 data manipulation]]
 
* [[converting x86_64 shellcode to alphanumeric shellcode]]
 
* [[converting x86_64 shellcode to alphanumeric shellcode]]
 
==Bitwise math==
 
* [[bit shift]]
 
* [[logical shift]]
 
* [[circular shift]]
 
* [[two's complement]]
 
* [[bit rotation]]
 
* [[rotation with carry]]
 
 
== coldfusion ==
 
Coldfusion hacking
 
    1 Injection
 
        1.1 Adobe ColdFusion
 
            1.1.1 Remote File Disclosure of Password Hashes
 
            1.1.2 Issues
 
            1.1.3 Logging In
 
            1.1.4 Writing Shell to File
 
            1.1.5 Issues
 
        1.2 Railo
 
    2 Privilege Escalation
 
    3 Patching
 
    4 Resources
 
  
 
Computer Forensics
 
Computer Forensics
Line 47: Line 25:
 
     2 European Cyberlaw
 
     2 European Cyberlaw
 
         2.1 Definititons of Cybercrime as per the Budapest Convention
 
         2.1 Definititons of Cybercrime as per the Budapest Convention
 
 
 
 
== dns ==
 
* [[dns basics]] [[DNS#DNS Basics]]
 
* [[dns records]] [[DNS#Records]]
 
* [[mx record]] [[DNS#MX Record]]
 
* [[cname record]] [[DNS#CNAME Record]]
 
* [[dname record]] [[DNS#DNAME Record]]
 
* [[dns a record]] [[DNS#A Record]]
 
* [[dns server]] [[DNS#DNS Server Software]]
 
* [[dns programs]] [[DNS#DNS Utilities]]
 
 
== Facebook ==
 
    1 Overview
 
    2 History
 
    3 FQL
 
    4 Content Forgery
 
        4.1 Screenshots & Video
 
        4.2 CIDR
 
            4.2.1 Websense
 
            4.2.2 Facebook
 
        4.3 Proof of Concept
 
 
==Jynx Rootkit/2.0==
 
* [[jynx rootkit]]
 
* [[jynx features]]
 
* [[jynx contents]]
 
* [[jynx rootkit configuration]]
 
* [[jynx magic string]]
 
* [[jynx magic uid]]
 
* [[jynx magic gid]]
 
* [[jynx reality path]]
 
* [[jynx config file]]
 
* [[jynx multi factor authentication]]
 
* [[jynx authentication]]
 
* [[jynx access control]]
 
* [[jynx libc_path]]
 
* [[jynx libc]]
 
* [[jynx env_variable]]
 
* [[jynx env variable]]
 
* [[jynx environmental variable]]
 
* [[jynx rootkit download]]
 
* [[jynx download install]]
 
* [[jynx rootkit install]]
 
* [[jynx rootkit usage]]
 
* [[using jynx rootkit]]
 
 
==Lfi autopwn.pl==
 
 
*[[what lfi autopwn does]]
 
*[[features of lfi autopwn]]
 
*[[how to use lfi autopwn]]
 
 
==MySql 5 Enumeration==
 
* [[automatic sql injection]] [[MySql 5 Enumeration#Info]]
 
* [[mysql injection program]] [[MySql 5 Enumeration#Source]]
 
* [[sql injection script]] [[MySql 5 Enumeration#Description]]
 
  
 
==Network Recon==
 
==Network Recon==
Line 115: Line 34:
 
     6 Tools
 
     6 Tools
  
==Null-free shellcode==
 
* [[convert assembly to shellcode]]
 
* [[remove null bytes from shellcode]]
 
* [[shellcode arguments not working]]
 
* [[testing shellcode]]
 
 
==Port Knocking==
 
* [[port knocking introduction]]
 
* [[port knocking sequences]]
 
* [[port knocking example]]
 
 
== sql orientation ==
 
SQL orientation
 
 
* [[navigate a sql database]]
 
* [[navigate a mysql database]]
 
* [[navigate a postgresql database]]
 
* [[basic sql queries]]
 
* [[sql select query]]
 
* [[sql update query]]
 
* [[sql insert query]]
 
* [[sql delete query]]
 
 
== sql injection ==
 
 
* [[cause of sql injection]]
 
* [[mysql injection database map]]
 
* [[postgresql injection database map]]
 
* [[mssql injection database map]]
 
* [[sql injection information_schema]]
 
* [[prevent sql injection]]
 
* [[basic sql injection]]
 
* [[bypass sql injection filter]]
 
* [[sql injection without quotes]]
 
* [[sql injection without whitespace]]
 
* [[sql injection without tags]]
 
* [[sql injection without commas]]
 
* [[automating sql injection]]
 
* [[union select injection]]
 
* [[limit clause injection]]
 
* [[error based sql injection]]
 
* [[blind sql injection with boolean enumeration]]
 
* [[blind sql injection version fingerprint]]
 
* [[sql injection filter evading version fingerprint]]
 
* [[sql injection with regular expressions]]
 
* [[sql injection timing attack with boolean enumeration]]
 
* [[mysql injection timing attack with boolean enumeration]]
 
* [[postgresql injection timing attack with boolean enumeration]]
 
* [[sql injection byte extraction]]
 
* [[sql injection precomputation]]
 
* [[sql injection time based byte extraction]]
 
* [[privilege escalation using sql injection]]]
 
* [[sql injection cheat sheets]]
 
* [[sql injection test cheat sheet]]
 
* [[mysql injection cheat sheet]]
 
* [[postgresql injection cheat sheet]]
 
* [[mssql injection cheat sheet]]
 
* [[patch sql injection]]
 
 
== Out of Order Code Execution ==
 
* [[out of order execution]]
 
* [[out of order shellcode]]
 
* [[breakpoint detection using out of order execution]]
 
  
 
== Social Engineering ==  
 
== Social Engineering ==  
Line 201: Line 57:
 
     2 Real Life Example of Subnetting
 
     2 Real Life Example of Subnetting
  
Virtual machines
+
== Virtual machines ==
 
     1 Subsystems
 
     1 Subsystems
 
         1.1 Hardware Virtualization
 
         1.1 Hardware Virtualization
Line 209: Line 65:
 
     3 Creating Vulnerable VMs for Penetration Testing
 
     3 Creating Vulnerable VMs for Penetration Testing
  
Kolkata
+
== API ==
    1 Description
+
        1.1 Dependencies
+
        1.2 Usage
+
    2 Source
+
    3 Signature Bundles
+
        3.1 Wordpress
+
        3.2 Joomla
+
        3.3 MediaWiki
+
 
+
API
+
 
     1 API technologies
 
     1 API technologies
 
         1.1 The Web
 
         1.1 The Web
Line 266: Line 112:
 
         6.4 DNS Leaks
 
         6.4 DNS Leaks
  
Assembly
+
==Assembly==
 +
{{info|<center>Wait for this page to be completed before adding indeces.</center>}}
 
     1 Introduction
 
     1 Introduction
 
     2 Binary
 
     2 Binary
Line 280: Line 127:
 
         6.6 Control flow operators
 
         6.6 Control flow operators
 
         6.7 Taking it further
 
         6.7 Taking it further
 
==Bleeding Life==
 
* [[bleeding life exploits]] [[Bleeding Life#Exploits]]
 
* [[bleeding life features]] [[Bleeding Life#Features]]
 
* [[java bleeding life]] [[Bleeding Life#Java]]
 
* [[adobe bleeding life]] [[Bleeding Life#Adobe]]
 
* [[bleeding life statistics]] [[Bleeding Life#Statistics]]
 
* [[bleeding life requirements]] [[Bleeding Life#Server Requirements]]
 
* [[bleeding life download]] [[Bleeding Life#Download]]
 
* [[bleeding life configuration]] [[Bleeding Life#Installation & Configuration]]
 
* [[install bleeding life]] [[Bleeding Life#Installation & Configuration]]
 
  
 
==Buffer Overflows==
 
==Buffer Overflows==
Line 305: Line 141:
 
* [[disable execstack]]
 
* [[disable execstack]]
 
* [[return address for buffer overflow]]
 
* [[return address for buffer overflow]]
 
+
* [[32 bit shellcode analysis]]
        5.5 Debugging
+
* [[64 bit shellcode analysis]]
            5.5.1 Shellcode analysis
+
* [[find eip for buffer overflow]]
                5.5.1.1 On x86
+
* [[find rip for buffer overflow]]
                5.5.1.2 On x86-64
+
* [[x86 buffer overflow exploit]]
            5.5.2 Finding the return address
+
* [[64 bit buffer overflow exploit]]
                5.5.2.1 On x86
+
                5.5.2.2 On x86-64
+
        5.6 Exploitation
+
            5.6.1 On x86
+
            5.6.2 On x86-64
+
  
 
==C==
 
==C==
 +
{{info|<center>Wait for this page to be completed before adding any indeces for it.</center>}}
 
     1 Overview
 
     1 Overview
 
         1.1 Basic Formatting
 
         1.1 Basic Formatting
Line 328: Line 160:
 
         1.6 Example Program
 
         1.6 Example Program
  
==Cookies==
+
== DDoS Attack ==
* [[setting a cookie]]  
+
{{info|The three way hand shake information should be placed into the [[TCP/IP]] page, which should merely be linked from the ddos attack page.}}
* [[setting cookies direct http programming]]
+
* [[setting cookies with php (server side)]]
+
* [[setting cookies with javascript (client side)]]
+
* [[accessing a cookie]]
+
* [[accessing a cookie with direct http programming (server side)]]
+
* [[accessing a cookie with php]]
+
* [[accessing a cookie with javascript]]
+
* [[deleting a cookie]]
+
* [[deleting a cookie with direct http programming]]
+
* [[deleting a cookie with php]]
+
* [[deleting a cookie with javascript]]
+
* [[cookie flags]]
+
* [[cookie secure flags]]
+
* [[cookie httponly flags]]
+
* [[cookie path flags]]
+
* [[cookie domain flags]]
+
* [[cookie attacks]]
+
* [[stealing cookies through xss]]
+
* [[steal cookies]]
+
 
+
==Cryptography==
+
* [[type of encryption]]
+
* [[salting]]
+
* [[history of cryptography]]
+
* [[break encryption]]
+
* [[encryption tools]]
+
* [[encryption algorithms]]
+
* [[linux encryption tools]]
+
* [[windows encryption tools]]
+
* [[cryptographic ciphers]]
+
* [[cryptographic digests]]
+
* [[encryption modes]]
+
 
+
DDoS Attack
+
 
     1 Three way handshake and Connect State
 
     1 Three way handshake and Connect State
 
     2 TCP Attacks
 
     2 TCP Attacks
Line 377: Line 175:
 
         4.1 ICMP Smurf
 
         4.1 ICMP Smurf
 
         4.2 ICMP Redirect
 
         4.2 ICMP Redirect
 
==File Inclusion==
 
* [[remote file inclusion]]
 
* [[local file inclusion]]
 
 
==IPtables==
 
* [[iptables example]]
 
* [[iptables modules]]
 
  
 
==LUA==
 
==LUA==
Line 398: Line 188:
 
         4.2 Declaring, and populating a Table
 
         4.2 Declaring, and populating a Table
 
         4.3 Indexing Tables
 
         4.3 Indexing Tables
 
==MySQL==
 
* [[how to setup mysql]]
 
* [[install mysql]]
 
* [[list of mysql commands]]
 
* [[backup a mysql database]]
 
* [[restore a mysql database]]
 
 
==NGINX==
 
* [[nginx basic features]] [[NGINX#Basic_HTTP_Features]]
 
* [[nginx additional features]] [[NGINX#Additional_HTTP_Features]]
 
* [[nginx mail proxy]] [[NGINX#Mail_Proxy_Server_Features]]
 
* [[nginx architecture]] [[NGINX#Architecture_and_Scalability]]
 
* [[nginx scalability]] [[NGINX#Architecture_and_Scalability]]
 
* [[nginx configuration]] [[NGINX#Nginx_Configuration_Directives]]
 
* [[nginx error_log]] [[NGINX#error_log]]
 
* [[nginx disable error logging]] [[NGINX#Disabling_error_logging]]
 
* [[nginx access_log]] [[NGINX#access_log]]
 
* [[nginx proxy_pass]] [[NGINX#proxy_pass]]
 
* [[nginx root]] [[NGINX#root]]
 
* [[nginx location]] [[NGINX#Location_Block]]
 
* [[nginx case-insensitive location]] [[NGINX#Case-Insensitive]]
 
* [[nginx case-sensitive location]] [[NGINX#Case-Sensitive]]
 
* [[nginx regex]] [[NGINX#Regex_Matching]]
 
* [[nginx virtualhost]] [[NGINX#VirtualHost_Equivalents]]
 
* [[nginx configuration]] [[NGINX#Main_Configuration]]
 
* [[nginx logs]] [[NGINX#Log_Format]]
 
* [[nginx log format]] [[NGINX#Log_Format]]
 
* [[nginx timeout]] [[NGINX#Timeouts]]
 
* [[nginx socket settings]] [[NGINX#Socket_settings]]
 
* [[nginx character encoding]] [[NGINX#Character_Encoding]]
 
* [[nginx security]] [[NGINX#Security]]
 
* [[nginx performance]] [[NGINX#Performance]]
 
* [[nginx gzip]] [[NGINX#GZIP_Compression]]
 
* [[nginx compression]] [[NGINX#GZIP_Compression]]
 
* [[nginx output]] [[NGINX#Output_Buffering]]
 
* [[nginx buffering]] [[NGINX#Output_Buffering]]
 
* [[nginx directoryindex]] [[NGINX#DirectoryIndex Equivalent]]
 
* [[nginx upstream]] [[NGINX#Upstream_Example]]
 
* [[nginx cloudflare]] [[NGINX#NGINX_&_CloudFlare]]
 
* [[nginx httprealipmodule]] [[NGINX#HttpRealIpModule]]
 
* [[nginx troubleshooting]] [[NGINX#Troubleshooting]]
 
* [[nginx xml]] [[NGINX#.xml_ISE_500]]
 
* [[nginx ise 500]] [[NGINX#.xml_ISE_500]]
 
* [[nginx status]] [[NGINX#Status_Page]]
 
* [[nginx status page details]] [[NGINX#Status_Page_Details]]
 
* [[nginx stub variables]] [[NGINX#Status_Stub_Variables]]
 
* [[nginx reverse proxy]] [[NGINX#Reverse_Proxy_&_Load_Balancer]]
 
* [[nginx load balancer]] [[NGINX#Reverse_Proxy_&_Load_Balancer]]
 
* [[nginx limitzone]] [[NGINX#LimitZone_(DoS_Prevention)]]
 
* [[nginx dos prevention]] [[NGINX#LimitZone_(DoS_Prevention)]]
 
* [[nginx apache rewrites]] [[NGINX#Apache_Rewrites_to_NGINX_Rewrites]]
 
* [[nginx spawnfcgi]] [[NGINX#SpawnFCGI_Script]]
 
* [[nginx script]] [[NGINX#SpawnFCGI_Script]]
 
  
 
==Nmap==
 
==Nmap==
Line 461: Line 197:
 
     6 Script Scanning
 
     6 Script Scanning
 
     7 Conclusion
 
     7 Conclusion
 
==Perl==
 
    1 Basics
 
        1.1 Development Environment
 
            1.1.1 Linux & Unix
 
            1.1.2 Windows
 
            1.1.3 CPAN
 
        1.2 Your first program
 
            1.2.1 Code
 
            1.2.2 Analysis
 
        1.3 Variables & Data Types
 
            1.3.1 Scalars
 
            1.3.2 Arrays
 
                1.3.2.1 Helper Functions
 
                    1.3.2.1.1 join()
 
                    1.3.2.1.2 split()
 
                    1.3.2.1.3 push()
 
                    1.3.2.1.4 pop()
 
                    1.3.2.1.5 unshift()
 
                    1.3.2.1.6 shift()
 
            1.3.3 Hashes
 
                1.3.3.1 Introduction
 
                1.3.3.2 Helper Functions
 
                    1.3.3.2.1 each()
 
                    1.3.3.2.2 keys
 
            1.3.4 References
 
                1.3.4.1 Hash References
 
                1.3.4.2 Callback References
 
            1.3.5 Casting
 
        1.4 Boolean Logic
 
            1.4.1 Operators
 
                1.4.1.1 Mathematical
 
                1.4.1.2 Regular Expression
 
            1.4.2 Statements
 
                1.4.2.1 if
 
                1.4.2.2 unless
 
                1.4.2.3 AND an OR
 
                1.4.2.4 switch
 
                1.4.2.5 Golfing
 
            1.4.3 Helper Natives
 
                1.4.3.1 exists
 
                1.4.3.2 defined
 
                1.4.3.3 undef
 
            1.4.4 Bitwise Manipulations
 
                1.4.4.1 AND
 
                1.4.4.2 NOT
 
                1.4.4.3 OR
 
                1.4.4.4 XOR
 
                1.4.4.5 Bit Shifting
 
                1.4.4.6 Bit Rotation
 
        1.5 Loops
 
            1.5.1 While
 
            1.5.2 Until
 
            1.5.3 For
 
            1.5.4 Foreach
 
        1.6 User Input
 
            1.6.1 Command Line Arguments
 
                1.6.1.1 Getopt::Std
 
                    1.6.1.1.1 Code
 
                    1.6.1.1.2 Analysis
 
                1.6.1.2 Getopt::Long
 
                    1.6.1.2.1 Code
 
                    1.6.1.2.2 Analysis
 
            1.6.2 STDIN (Standard Input)
 
        1.7 User-Defined Functions
 
    2 Application configurations, logging, & Network Services
 
        2.1 Throughput
 
            2.1.1 Download
 
            2.1.2 Usage
 
                2.1.2.1 Config.pm
 
                2.1.2.2 Log.pm
 
                2.1.2.3 Server.pm
 
 
*[[Installing perl on windows‎]]
 
*[[Perl development‎]]
 
  
 
==Routing==
 
==Routing==
Line 542: Line 203:
 
     3 Back to Subnetting
 
     3 Back to Subnetting
 
     4 Extras
 
     4 Extras
 
==SMTP==
 
* [[smtp protocol]] [[SMTP#What is SMTP]]
 
* [[programs that use smtp]] [[SMTP#Applications that use SMTP]]
 
 
==SQL Backdoor==
 
* [[procedural dynamic sql]]
 
* [[sql event procedure]]
 
* [[phpbb3 sql backdoor]]
 
* [[wordpress sql backdoor]]
 
* [[install sql backdoor]]
 
* [[prevent sql backdoor]]
 
  
 
==Tor==
 
==Tor==
Line 574: Line 223:
 
         3.3 Whitelisting using PCRE
 
         3.3 Whitelisting using PCRE
  
==Vanguard==
+
== Zombies ==
* [[vanguard description]]
+
* [[vanguard features]]
+
* [[vanguard limitations]]
+
* [[using vanguard]]
+
* [[install vanguard]]
+
* [[configuring vanguard modules]]
+
* [[download vanguard]]
+
 
+
==Whois==
+
* [[whois how-to]]
+
* [[whois server selection]]
+
* [[advanced whois]]
+
* [[whois example]]
+
 
+
==XSS==
+
* [[test for xss]]
+
* [[xss exploit]]
+
 
+
Zombies
+
 
     1 Definition
 
     1 Definition
 
     2 Exploitation
 
     2 Exploitation
Line 600: Line 230:
 
     5 Evolution
 
     5 Evolution
  
BGP
+
== BGP ==
 
     1 Lesson 1
 
     1 Lesson 1
 
         1.1 Network Discovery with BGP
 
         1.1 Network Discovery with BGP
Line 609: Line 239:
 
             2.1.3 3.0 - RIP
 
             2.1.3 3.0 - RIP
  
Bcrypt
+
== Bcrypt ==
 
     1 Lesson
 
     1 Lesson
 
     2 1.0 - Introduction
 
     2 1.0 - Introduction
Line 615: Line 245:
 
     4 3.0 - General Talk
 
     4 3.0 - General Talk
 
     5 4.0 - Further Reading
 
     5 4.0 - Further Reading
 
==CPP==
 
* [[c++ basics]] [[CPP#Syntax]]
 
* [[c++ include]]
 
* [[c++ main]]
 
* [[c++ variable]]
 
* [[c++ data type]]
 
* [[c++ math]]
 
* [[c++ operators]]
 
* [[c++ if]]
 
* [[c++ else]]
 
* [[c++ functions]]
 
* [[c++ loop]]
 
* [[c++ classes]]
 
* [[hello world in c++]]
 
* [[c++ functions example]]]
 
* [[c++ classes example]]
 
* [[c++ ide]]
 
 
==Command Injection==
 
* [[test for command injection]]
 
* [[command injection vulnerability]]
 
* [[command injection exploit]]
 
* [[command injection with perl]]
 
* [[command injection on unix]]
 
 
==Dmcrypt==
 
* [[dmcrypt basics]] [[dmcrypt#Getting Started]]
 
* [[dmcrypt encryption]] [[dmcrypt#Encryption Ciphers and Algorithms]]
 
* [[dmcrypt hash]] [[dmcrypt#Hashing Algorithms]]
 
* [[dmcrypt cipher]] [[dmcrypt#Ciphers]]
 
* [[dmcrypt block device]] [[dmcrypt#Setting Up a Block Device]]
 
* [[dmcrypt partition]] [[dmcrypt#Creating a Partition]]
 
* [[dmcrypt loopback]] [[dmcrypt#Encrypting the Flat File]]
 
* [[dmcrypt and lvm]] [[dmcrypt#LVM and the Device Mapper]]
 
* [[dmcrypt service]] [[dmcrypt#Starting and Stopping the Service]]
 
  
 
==Forensic chain of custody==
 
==Forensic chain of custody==
Line 702: Line 296:
  
 
==Linux Assembly==
 
==Linux Assembly==
 +
{{info|<center>Wait until this page is completed before creating any indeces for it.</center>}}
 
     1 32 bit syscall table
 
     1 32 bit syscall table
 
         1.1 Introduction
 
         1.1 Introduction
Line 709: Line 304:
 
     2 64 bit syscall table
 
     2 64 bit syscall table
 
         2.1 Example: Assembly for setuid(0); execve('/bin/sh',0,0); exit(0);
 
         2.1 Example: Assembly for setuid(0); execve('/bin/sh',0,0); exit(0);
 
==MySQL Troubleshooting==
 
* [[mysql innodb disabled]] [[MySQL Troubleshooting#InnoDB Disabled]]
 
* [[mysql locked tables]] [[MySQL Troubleshooting#Locked Tables]]
 
* [[mysql does not start after upgrade]] [[MySQL Troubleshooting#Post-Upgrade - MySQL does not start]]
 
* [[mysql datadir migration]] [[MySQL Troubleshooting#MySQL Datadir Migration]]
 
* [[mysql database repair]] [[MySQL Troubleshooting#Database Repair]]
 
* [[troubleshoot mysql innodb threads]] [[MySQL Troubleshooting#InnoDB Thread Issues]]
 
* [[mysql slow query log]] [[MySQL Troubleshooting#Slow Query Log]]
 
* [[mysql optimization]] [[MySQL Troubleshooting#Optimization Scripts]]
 
* [[mysql tuner]] [[MySQL Troubleshooting#MySQL Tuner]]
 
* [[downgrade mysql]] [[MySQL Troubleshooting#Downgrading MySQL]]
 
* [[upgrade mysql]] [[MySQL Troubleshooting#Upgrading MySQL]]
 
* [[mysql configuration]] [[MySQL Troubleshooting#Premade Configs]]
 
  
 
==Physical Security==
 
==Physical Security==
Line 729: Line 310:
 
         2.1 Prevention
 
         2.1 Prevention
 
         2.2 Attack Vectors
 
         2.2 Attack Vectors
 
==Polymorphic==
 
* [[polymorphic ruby example]]
 
* [[polymorphic python example]]
 
* [[polymorphic code technique]]
 
 
==Python==
 
* [[python strengths and weaknesses]]
 
* [[python installation]]
 
* [[basic python applications]]
 
* [[python operators]]
 
* [[defining variables in python]]
 
* [[print and simple input and output in python]]
 
* [[commenting in python]]
 
* [[python modules]]
 
* [[installing python modules]]
 
* [[using module functions within python]]
 
* [[python variable operations]]
 
* [[python list operations]]
 
* [[advanced list operations in python]]
 
* [[python append function]]
 
* [[python insert function]]
 
* [[python index list function]]
 
* [[python string operations]]
 
* [[python strip function]]
 
* [[python split function]]
 
* [[python find function]]
 
* [[python typecasting]]
 
* [[python loop statements]]
 
* [[python if loops]]
 
* [[python if loop]]
 
* [[python if else loop]]
 
* [[python if else if loop]]
 
* [[python while loop]]
 
* [[python for loop]]
 
* [[python functions]]
 
* [[python classes]]
 
* [[python file handle]]
 
* [[opening file python]]
 
* [[python read file]]
 
* [[python readline file function]]
 
* [[python readlines file function]]
 
* [[python socket programming]]
 
* [[python create socket]]
 
* [[python connect socket]]
 
* [[bind socket python]]
 
* [[python binding socket]]
 
* [[python socket listen]]
 
* [[python accept socket]]
 
* [[python send receive socket programming]]
 
* [[python socket data encoding ]]
 
* [[python send receive data socket programming]]
 
* [[python sockets with ssl]]
 
* [[python ctypes]]
 
* [[loading shared object python ctypes]]
 
* [[call function from shared ctypes object in python]]
 
* [[python ctypes readlines function]]
 
  
 
==RoR Patching==
 
==RoR Patching==
Line 800: Line 324:
 
         2.3 Example Rule
 
         2.3 Example Rule
  
==Static ARP Configuration==
+
== traceroute ==
* [[reading arp tables]] [[Static ARP configuration#Reading your ARP Tables]]
+
{{info|before this part is done, traceroute and tcp traceroute '''must be combined''', its the same thing with a different three letter acronym before it!}}
* [[prevent arp poisoning]] [[Static ARP configuration#Prevention]]
+
* [[arp bonding]] [[Static ARP configuration#Bonding]]
+
 
+
 
TCP Traceroute
 
TCP Traceroute
 
     1 Overview
 
     1 Overview
Line 819: Line 340:
 
     5 Options for Traceroute
 
     5 Options for Traceroute
  
Wireless Security
+
== Wireless Security ==
 +
{{info|This page needs to be completed and updated before it is seo'd.}}
 
     1 Basics
 
     1 Basics
 
     2 Wired Equivalent Privacy (WEP)
 
     2 Wired Equivalent Privacy (WEP)
Line 828: Line 350:
 
--[[User:Hatter|Hatter]] 03:23, 21 May 2012 (MSK)
 
--[[User:Hatter|Hatter]] 03:23, 21 May 2012 (MSK)
  
== web exploitation ==
+
== bitwise math ==
* [[language vulnerable to web exploit]]
+
 
* [[web exploit type]]
+
 
* [[web attack vector]]
+
*[[introduction to binary]]
* [[web fingerprint]]
+
*[[binary addition]]
* [[web exploit tools]]
+
*[[bitwise operators]]
* [[web exploitation tools]]
+
*[[binary to hexadecimal]]
 +
*[[not]]
 +
*[[and]]
 +
*[[and rules]]
 +
*[[and properties]]
 +
*[[and logic table]]
 +
*[[bitwise and example]]
 +
*[[xor]]
 +
*[[xor logic table]]
 +
*[[xor rules]]
 +
*[[bitwise xor example]]
 +
*[[xor properties]]
 +
*[[or]]
 +
*[[or rules]]
 +
*[[or properties]]
 +
*[[or example]]
 +
*[[or logic table]]
 +
*[[bit shifts and bit rotations]]
 +
*[[logical shift]]
 +
*[[bitwise math exercises]]
 +
*[[bit rotations]]
 +
*[[circular shifts]]
 +
*[[hexadecimal signed numbers]]
 +
*[[integer overflows]]
 +
*[[two's complement]]
 +
*[[rotation with carry]]

Latest revision as of 05:42, 27 June 2012

intermediate shellcode stuff

most of this stuff goes to the Category:Indexing .

Computer Forensics

   1 Cybercrime
       1.1 Investigation
       1.2 Preserving the evidence
       1.3 Where to find evidence
           1.3.1 Hardwarewise
           1.3.2 Softwarewise
   2 Forensic Imaging
       2.1 HardDisk Imaging

Cyberlaw

   1 Australian Cyberlaw
       1.1 Acts Applying to Cybercrime in Australia
       1.2 Cybercrime Act 2001 Offences
       1.3 Case Study: First Cybercrime Conviction in Australia
   2 European Cyberlaw
       2.1 Definititons of Cybercrime as per the Budapest Convention

Network Recon

   1 IP Addressing
   2 Subnet Masks
   3 Ports
   4 Routing
   5 Theory
   6 Tools


Social Engineering

   1 Methods
       1.1 Email
       1.2 Telephone
       1.3 Examples
       1.4 Lesson 1
           1.4.1 - Preface by Wikipedia
           1.4.2 - Outline of Social Engineering
           1.4.3 - Analysing and Creating Milestones
           1.4.4 - Mantras for Social Engineering
           1.4.5 - Example
           1.4.6 - Other Uses
       1.5 Lesson 2 - Politeness
           1.5.1 - Introduction
           1.5.2 - Things To Keep in Mind
           1.5.3 - Putting Social Engineering to Work
           1.5.4 - Protecting Yourself From Social Engineering

Subnetting

   1 General Subnetting
   2 Real Life Example of Subnetting

Virtual machines

   1 Subsystems
       1.1 Hardware Virtualization
       1.2 Host Machine
       1.3 Guest Machine
   2 Virtualization Tools
   3 Creating Vulnerable VMs for Penetration Testing

API

   1 API technologies
       1.1 The Web
           1.1.1 Web services
           1.1.2 Remote Procedure Calls
       1.2 General software
           1.2.1 Software Libraries
           1.2.2 COM objects (Windows)

Anonymity

   1 General Services
       1.1 Virtual Private Servers
       1.2 Virtual Private Networks
       1.3 SSH Tunneling
           1.3.1 Basic Example of SSH Tunneling
       1.4 Shell Accounts
       1.5 FTP / Telnet
   2 Web-Browsing
       2.1 General
           2.1.1 Best Practices
       2.2 Firefox
           2.2.1 Recommended Extensions
       2.3 TODO
   3 Email Privacy
       3.1 PGP / GNUPG Encryption
       3.2 Anonymous Remailers
       3.3 Throw-away Accounts
   4 IM & Chat
       4.1 Instant Messaging
           4.1.1 Pidgin
               4.1.1.1 Using OTR
           4.1.2 TorChat
           4.1.3 TorPM
           4.1.4 ICQ
       4.2 Chat
           4.2.1 IRC
               4.2.1.1 Using OTR
           4.2.2 SILC
               4.2.2.1 Key based authentication
           4.2.3 Utilising IRC Bouncers
   5 Files & Hard-Disk Encryption
   6 Possible Downfalls
       6.1 Network Performance
       6.2 Personal Information
       6.3 IP Leaks
       6.4 DNS Leaks

Assembly

c3el4.png
Wait for this page to be completed before adding indeces.
   1 Introduction
   2 Binary
   3 Number handling
   4 Data storage
   5 Memory Addressing
   6 Instructions
       6.1 Syntaxes
       6.2 Data manipulation basic primitives
       6.3 Basic arithmetic
       6.4 Bitwise mathematics operators
       6.5 Shifts and rotations
       6.6 Control flow operators
       6.7 Taking it further

Buffer Overflows

C

c3el4.png
Wait for this page to be completed before adding any indeces for it.
   1 Overview
       1.1 Basic Formatting
           1.1.1 Includes
           1.1.2 The main() Function
       1.2 Variables
       1.3 Loops
       1.4 If/Else
       1.5 Compilation
       1.6 Example Program

DDoS Attack

c3el4.png The three way hand shake information should be placed into the TCP/IP page, which should merely be linked from the ddos attack page.
   1 Three way handshake and Connect State
   2 TCP Attacks
       2.1 Synflood
           2.1.1 Spoofed Synflood
           2.1.2 Dealing with Synfloods
       2.2 Advanced Attacks
           2.2.1 Optimistic ACK Floods
           2.2.2 Duplicate ACK Spoofing
   3 UDP Attacks
       3.1 Dealing with UDP floods
   4 ICMP Attacks
       4.1 ICMP Smurf
       4.2 ICMP Redirect

LUA

   1 Comments
   2 Variables
  • variable types in lua
       2.1 Global Variables vs Local Variables
   3 Functions
  • list of functions used by lua
  4 Tables
  • using tables in lua
       4.1 Declaring an empty Table
       4.2 Declaring, and populating a Table
       4.3 Indexing Tables

Nmap

   1 Correct Usage
   2 Scan Types
   3 Options
   4 Evasion Techniques
   5 Target Specification
   6 Script Scanning
   7 Conclusion

Routing

   1 Subnetting Schemes
   2 Real World Examples
   3 Back to Subnetting
   4 Extras

Tor

   1 How It Works
   2 Common Pitfalls
   3 Getting Tor and Extra Uses
       3.1 Proxychains and Tor-Resolve
   4 Hidden services
   5 External Links

Unsafe String Replacement

   3 Defense
       3.1 PHP
       3.2 PCRE
       3.3 Whitelisting using PCRE

Zombies

   1 Definition
   2 Exploitation
   3 Types of Attacks
   4 Staying Safe
   5 Evolution

BGP

   1 Lesson 1
       1.1 Network Discovery with BGP
   2 Lesson 2
       2.1 ASN/BGP/RIP
           2.1.1 1.0 - Introduction
           2.1.2 2.0 - Example
           2.1.3 3.0 - RIP

Bcrypt

   1 Lesson
   2 1.0 - Introduction
   3 2.0 - Running bcrypt
   4 3.0 - General Talk
   5 4.0 - Further Reading

Forensic chain of custody

   1 Forensic Chain of Custody
       1.1 Acquisition
       1.2 Witnesses and Documentation
       1.3 Active Memory Snapshots

Gentoo

   1 Virtual Machine Setup
   2 Hard Drive Setup
   3 Base installation and Configuration
   4 CHROOT
   5 Installing Software
   6 Encrypted Home Dir
   7 Kernel
   8 Final Configurations
   9 Bootloader
   10 X Server
   11 BASH
       11.1 Part 1: Reading files
       11.2 Part 2: Navigation
       11.3 Other useful commands
       11.4 Directing output
   12 Screen
   13 Services
   14 Network Services
   15 Debugging Services
   16 Permissions and Security Basics
   17 Getting Help
   18 Troubleshooting

Irssi Tutorial

   1 Getting Irssi
       1.1 Debian/Ubuntu
       1.2 Gentoo
       1.3 Slackware
       1.4 Frugalware
       1.5 Solaris
       1.6 Arch Linux
   2 Connecting to the IRC
   3 Sample config file
   4 References

Jynx Rootkit/1.0

   1 Jynx
       1.1 Introduction
       1.2 Configuration & Features
       1.3 Exercise & Installation
       1.4 Usage

Linux Assembly

c3el4.png
Wait until this page is completed before creating any indeces for it.
   1 32 bit syscall table
       1.1 Introduction
       1.2 Unlinked System Calls for 32bit systems
       1.3 Linked System Calls for 32bit systems
       1.4 Other Code Comparisons
   2 64 bit syscall table
       2.1 Example: Assembly for setuid(0); execve('/bin/sh',0,0); exit(0);

Physical Security

   1 Overview
   2 Execution
       2.1 Prevention
       2.2 Attack Vectors

RoR Patching

   1 RoR Patching
       1.1 Vulnerabilities
       1.2 XSS
       1.3 Params Injection & Mass Assignment Abuse

Snort

   1 Basic Packet Sniffing Utilities
   2 Rules
       2.1 Rule Headers
       2.2 Rule Option Section
       2.3 Example Rule

traceroute

c3el4.png before this part is done, traceroute and tcp traceroute must be combined, its the same thing with a different three letter acronym before it!

TCP Traceroute

   1 Overview
       1.1 vs. UDP/ICMP
       1.2 What you can do
           1.2.1 Windows
           1.2.2 Linux

Traceroute

   1 Performing a Traceroute
   2 Example of Tracert
   3 Options for Tracert
   4 Example of Traceroute
   5 Options for Traceroute

Wireless Security

c3el4.png This page needs to be completed and updated before it is seo'd.
   1 Basics
   2 Wired Equivalent Privacy (WEP)
   3 Wi-Fi Protected Access (WPA / WPA2-PSK)
   4 Tools
   5 Reaver

--Hatter 03:23, 21 May 2012 (MSK)

bitwise math