How to avoid IDS/Firewall Blocks your IP during Web Penetration Testing

This is very common during the Penetration testing, since we send an unexpected/payload request toward the servers, the subject web server may pick our IP address and sometimes they block our address. There are many ways such as TOR, VPN (Free/Commercial). Personally, I don’t like to setup the VPN or TOR, since there are other applications that running against the target which I prefer to run on normal network to avoid any slow connections due to VPNs. Although sometimes Spiders and Fuzzers may also alert servers and consequently they block my IP address. In addition, prefer to not send all my laptop traffic through the VPN and Proxies into the network. There are many personal data and application running on my Pentest machine as well.

Please keep in mind that, the only reason I recommend them is to easily change your IP to easily bypass firewall/IDS restriction during penetration testing progress. So you don’t need to call Admin to unblock your IP, or provide a new IP for you. Obviously I don’t have any personal account on my FireFox/Chrome to protect myself about data leakage and privacy issues.

Note: A hacker has none of the aforementioned ability to request Server administrator to unblock him, right? 🙂 Act Real.

I usually use the following two VPNs for  Firefox/Chrome adds-on during Web Penetration Testing.

Firefox:ZenMate Security, Privacy & Unblock VPN

This is an Adds-on that you can easily install and ready to go on the FireFox/Chrome browser to change your IP constantly whenever it is required. Although in free version you may only use four country’s IPs (Romania,Hong Kong, Germany and USA), in premium version you may use IP address of other countries as well. but I think these four are enough in this context.

1

Chrome: DOTVPN:

DotVPN is a Chrome based Adds-on extension that works perfectly. just install on your chrome browser and create a username/password and go for bug hunting.

2

so next time, if your connection become so slow to access to the target website, or they blocked  your access, just use these VPNs and you may change your IP easily time to time.

There are some other free VPNs such as Hotspot Shield VPN, ProxMate, Hola Unblocker, CyberGhost VPN, AWB Proxy, AutoProxy, which I use the DotVPN and ZenMate to change my IP on demand.

Invitation Letter for OWASP Meetup Q3 2015

this is an open invitation for those who are keen in Information Security Meetups. we are conducting OWASP Talk in UniKL University. everybody are welcome to participate and attend in OWASP Meetup Q3 2015.

OWASP Meetup Q3 2015 Inivtation

Contact me for more information

How to Add or Custom Linux Terminal banner

Have you ever considered how you can add a banner to your terminal to have a more customized Linux? Many of the time I saw in many people Linux terminal that they have a title or they have their name in their terminal just like the following image:

Capture

To do so, you may install figlet, with the following command:

Apt-get install figlet

You may find more info about the figlet from http://linux.die.net/man/6/figlet. So once you have installed the figlet, you need to go to your root directory you can see the .bashrc file (if your show hidden files option is already checked). Or you can use the terminal directly:

leafpad /root/.bashrc

Then open it with your text editor and bottom of the file in the last line you may add your text as:

Figlet “your name” –c

c switch set it in the center.

Save the file and open your terminal and enjoy your new terminal.

You may use other alternative tools with different options as well. For more info check the mewbies.com

Android Hacking and Pentesting

Today we have discussed about

Basic Android OS security mechanism,

Basic malware definition

Attacking Android platform with

Malware, Remote access, File is stealing and Social Engeering attack is methods have been done discussing in the class.

Attacking the Android:

Installing Kali Linux on android to perform attacks

Installing Dsploit for running attack with android (MITM, XSS, traffic sniffing…. Etc.)

 

you can find the presentation on my slideshare home page as well.

 

 

 

 

Winzip password Cracking

It happens to many of us that we zip some files with passwords, but after a long time we might forget the chosen password, it happened  to me recently, I decided to write about a hand on simple tutorial on how to crack zip password protected  file. Mostly I prefer an online web tool such as  online pdf cracker due to high speed  in cracking, unfortunately I couldn’t find any online unzip cracker, so I tried  to find desktop tool, preferably free one.  “frackzip” is the tool, I am using to crack the zip file. It uses brute force attack, written in assembly language, and it is a free application, which you can find it Kali and BackTrack.

frackzip switches are as follow:

h help

-b brute force
-D dictionary Attack
-B benchmark
-c charset characterset
-V validate
-p init-password string
-l length min-max
-u use-unzip
-m method num
-2 modulo r/m

fcrackzip -u -v -b -p aaaa zipfolder.zip

If you don’t know the length of the password -p option will increase the speed  of password cracking.  in addition , your computer CPU and RAM  are very important in speed  of cracking.

 

Password cracking is one the common steps in Penetration testing to find if the web application or network have been configured properly or not.