dwb

Installed new theme.

yep. You need to adjust your config file – I did it this way.
Edit > settings
work your way down to fonts. through each section (log, body, menu, outline) change the font to deja vu sans
Below is an example of my @font body text font

body_text_font_family = deja vu sans
body_text_font_size = 12
body_text_font_slant = none
body_text_font_weight = normal

save the changes
then close and re-open leo

If you noticed, some Microsoft True Type fonts (such as Arial & Times New Roman) are not installed in Linux. If you’re used to looking at webpages in Arial (or whatever) like I am, serif is a little different. Here is the procedure that worked for me:
Code:

wget -c http://easylinux.info/uploads/msttco…3-4.noarch.rpm

Downloads fonts in RPM package
Code:

rpm2tgz msttcorefonts-1.3-4.noarch.rpm

Converts RPM to TGZ
Code:

tgz2lzm msttcorefonts-1.3-4.noarch.tgz msttcorefonts-1.3-4.noarch.lzm

Converts TGZ to LZM
Code:

lzm2dir msttcorefonts-1.3-4.noarch.lzm /

Installs to directory.

Reboot! Your fonts are now installed. Firefox/Edit/Preferences/Content/Fonts & Colors to change the default.

Want to get a list of all the ip addresses as well as aliases assigned within a domain? You can grab that information if the DNS server allows zone transfers. The zone transfer is the method a secondary DNS server uses to update its information from the primary DNS server. DNS servers within a domain are organized using a master-slave method where the slaves get updated DNS information from the master DNS. One should configure the master DNS server to allow zone transfers only from secondary (slave) DNS servers but this is often not implemented.

You do not have to have DNS to request a zone transfer. You can issue a zone transfer request using the nslookup client which is a standard part of unix, NT, Windows 2000 and XP. To dump the DNS records from your current domain, lets says, its wayne.net:

Type nslookup at the commandline (NT example). This starts nslookup in interactive mode. It will respond with the name and ip address of your default DNS server:

Default Server: dns01.wayne.net
Address: 10.10.10.1
>

To get a list of commands available, type set all. For the more important set options:

set d2 : puts nslookup in debug mode, so you can examine query and response packets between the resolver and server
set domain= : tells the resolver which domain name to append to queries not FQDN
set timeout= : for slow links
set type= : which type of records to search for ( A, PTR, SRV, or ALL)

You can get help at the nslookup command prompt by typing:

> help

To dump all available records, assuming zone transfers are enabled, issue the following commands:

> set type=any
> ls -d wayne.net > dns.wayne.net
> exit

The ls -d wayne.net command requested all records for the domain be dumped in a file named “dns.wayne.net”. Open up dns.wayne.net and see what goodies you can find. If dns1 is not authoritative for the domain, you can change which DNS server you wish to dump records using the command:

> server 10.10.10.2

Default Server: dns02.wayne.net
Address: 10.10.10.2 >

If successful, the dump file will have lines such as:

> ls -d wayne.net
[dns1.wayne.net]
wayne.net. SOA dns04.wayne.net wayne.dns04.wayne.net. (3301 10800 3600 604800 86400)
wayne.net. NS dns04.wayne.net
wayne.net. NS dns02.wayne.net
wayne.net. NS dns01.wayne.net
wayne.net. NS dns05.wayne.net
wayne.net. MX 10 email.wayne.net
rsmithpc TXT “smith, robert payments 214-389-xxxx”

rsmithpc A 10.10.10.21
wmaplespc TXT “Waynes PC”

wmaplespc A 10.10.10.10
wayne CNAME wmaplespc.wayne.net

You can see from the bits above, that there are multiple dns servers, that there is a email pop3 server, what my ip address is, …

Lots of goodies particularly if the DNS admins put in “good” comments. Might be useful info for social engineering if the comments include phone numbers.

The ls -d command, emulates a zone transfer. You can also get a listing by using the ls -t to get a list of the members of a domain.

Source: http://193.95.233.106/index.php?page=netcat

NETCAT
- is a simple Unix utility which reads and writes data across network connections, using TCP or UDP
- it can make almost any kind of connection (that\’s why it is a useful network debugging tool)

1) BASIC USE OF NETCAT
1.1) Simple file transfer
- let\’s start 2 copies of netcat on the same machine locally: nc -l -p 1111
- with l switch netcat is in listen mode (netcat will sit and listen for TCP connections on port 1111 and print any data it receives)
- in another window we start netcat like: nc 127.0.0.1 1111 (this will connect to host 127.0.0.1 on port 1111)
- we are now able to have two full way data transmission

- with netcat we might pipe \’|\’ data to and from netcat, as well as using the redirection (\’<\',\'>\’,\’<<\',\'>>\’)

- let\’s say we wanted to simply transmit a plaintext file
- in first window start netcat as: nc -l -p 1111 > outputfile
- this will only redirect all text received into outputfile
- on second machine start netcat as: cat infile | nc 127.0.0.1 1111 -q 10
- the \’-q 10\’ will quit after EOF (otherwise netcat will hang waiting for more input for cat and we will have to terminate it manually)
- parameter 10 causes is to quit after 10 seconds anyway

2) TAR
- let\’s combine tar and netcat together and transmit file across network

- first side: tar cvzfp – /path/directory | nc -w 3 127.0.0.1 1234
- The tar statement before the pipe tar’s and compresses (using gzip) every file within that directory, before printing its output to stdout (The screen). It is then caught by the pipe, and piped to nc which in this example, connects to 127.0.0.1 on port 1234 and sends it the data which would normally hit the screen. The –w 3 switch causes nc to allow for a 3 second timeout (In the event of a temporary disconnection or similar).
- second side: nc -l -p 1234 | tar xvfpz –
- his will listen on port 1234 for a connection, and will pass any data received to tar. Using the option ‘v’ we can print out filenames to screen.

3) UDP
- netcat also supports UDP
- just use -u switch

4) SIMPLE SOCKET REPLY
- With what we have learned so far, we are easily able to get netcat to listen in on a socket, and pump out any data we wish when it receives a connection.
- first: echo “Leave me alone” | netcat –l –p 1234 –w 10
- What we are doing here, is listening in on port 1234 with a wait time of 10 seconds. If/when we receive a connection, pipe the results of echo “Leave me alone” to netcat. The –w 10 is necessary, as otherwise any connection made in will remain open forever. We can also optionally add a –v in to the netcat command line which will give us verbose information, i.e. who is connecting.
- Every time a connection times out (either with the –w 10 command line switch, or because a connection has been made and then closed), netcat will exit. As this is not what we want, we put the command line within a standard BASH: while CONDITION; do STATEMENT; done clause, which when the condition is set to true will run forever.
first: while true; do echo \”Leave me alone\” | netcat -l -p 1234 –w10; done

5) nc –e
- We have already discussed the basics of redirection with netcat. Netcat has a –e switch which we can use to execute a program on connection. There are a couple of viable and legitimate uses for this, i.e. running as nc –e –v … called by the inetd wrapper, which we can use to view traffic and information on users connecting to wrapped daemons, however the most common use which we will explore here is using it to redirect to and from /bin/bash or similar shell, for both good and bad.
- One method could be this: nc -v -e \’/bin/bash\’ -l -p 1234 -t
- and a simple ‘telnet localhost 1234’ in another window: telnet 127.0.0.1 1234

6) Scanning
- The scanning features of netcat can be used against yours or your friend’s networks to get useful information about which hosts have certain ports open. You can also send a precompiled data file to each. For example: echo EXIT | nc -w 1 127.0.0.1 20-250 500-600 5990-7000
- Will scan 127.0.0.1 on ports 20-250, 500-600 and 5990-7000. Every port that it finds is open, it will pipe the output of echo “EXIT” being the word “EXIT” to that port.

- And now with UDP scanning: nc -v -w 1 127.0.0.1 –u 20-250 500-600 5990-7000 (-v was to put netcat into verbose mode, and –u was telling netcat to fall into UDP mode.)

7) Spoofing
- “Your TCP spoofing possibilities are mostly limited to destinations you can source-route to while locally bound to your phony address. Many sites block source-routed packets these days for precisely this reason. If your kernel does oddball things when sending source-routed packets, try moving the pointer around with -G. You may also have to fiddle with the routing on your own machine before you start receiving packets back. Warning: some machines still send out traffic using the source address of the outbound interface, regardless of your binding, especially in the case of localhost. Check first. If you can open a connection but then get no data back from it, the target host is probably killing the IP options on its end [this is an option inside TCP wrappers and several other packages], which happens after the 3-way handshake is completed. If you send some data and observe the \”send-q\” side of \”netstat\” for that connection increasing but never getting sent, that\’s another symptom. Beware: if Sendmail 8.7.x detects a source-routed SMTP connection, it extracts the hop list and sticks it in the Received: header!”
- Spoofing is a useful technique, as is source routing.
Source routing is almost obsolete now, and the majority of routers filter out source routed packets. Source routing in a nutshell is basically setting the route that the packet will take at the source, and storing that information along with the packet. Normally, each router makes its own mind up as to where a packet will get routed, and follows its predefined routing tables. If we have access to all routers between our device and the target device (which can be one machine if you’re talking about your local LAN server), then we are able to modify the routing entries on those devices, bind a phoney address to our machine and source route packets to the intended destination.
- Spoofing is where we modify the source address of a packet so that the recipient believes it came from a different address. There are two problems with this;
——> A number of clever ISP routers will drop packets with incorrect source addresses.
——> If the destination host does get to receive your spoofed packet, it will send data back to the spoofed address (instead of ours). This does have a number of uses however in the example of ICMP ping flooding a host and spoofing the source address to Microsoft.com (as a theoretical example).

Simple Response Service
command: echo -e \”GET http://www.google.com HTTP/1.0nn\” | nc –w 5 www.google.com 80
- We make a connection to google.com on port 80 (Web server port), and put in an HTTP request for http://www.google.com.
- At this point, we are presented with the HTML spurted out by the web server. We can pipe this to “| less” or similar or even our favourite HTML interpreter.
- Take a look at this example, and you will see what we have done here. In one instance we have created an HTML file ‘webfrontend’ and we now pipe that HTML to any incoming connection to netcat on port 1111. We then make a connection on the larger window, using lynx http://127.0.0.1:1111 and we have made ourselves a tiny http server, possibly could be used as a holding page server or something similar.

eleanor@localhost ~ $ cat test

Welcome to my webserver:)

eleanor@localhost ~ $ cat test | nc -v -l -p 1234
listening on [any] 1234 …

- and now you connect to that server.

9) Advanced Proxying
- Now we\’ll set up a server netcat to listen on port 1111. We\’ll also set up a client netcat to talk to the real web server on port 81. By getting them to pass all data they receive to each other, together they form a proxy; something that sits in the middle of a network connection. Here are the commands we use:

mknod backpipe p
nc -l -p 1111 0backpipe

- Because bash pipes only carry data in one direction, we need to provide a way to carry the responses as well. We can create a pipe on the local filesystem to carry the data in the backwards direction with the mknod command; this only needs to be run once.
- Requests coming into the proxy from the client arrive at the first nc, listening on port 1111. They get handed off to the \”tee\” command, which logs them to the inflow file, then continue on to the second nc command which hands them off to the real web server. When a response comes back from the server, it arrives back at the second nc command, gets logged in the second tee command to the outflow file, and then gets pushed into the backpipe pipe on the local filesystem. Since the first netcat is listening to that pipe, these responses get handed to that first netcat, which then dutifully gives them back to the original client. While the above example is for watching tcp streams going to and from a web server, the above technique is useful for watching any tcp connection. In fact, since nc also works with udp packets – something telnet can\’t do – it should be possible to even set up udp proxies this way.

10) Unauthorized Proxying
- Assume you’re an administrator of a Linux router. Using the methods above, as well as your iptables software, you can proxy a users outgoing connection through your nc proxy. Using iptables with the –j DNAT target and the –j REDIRECT target, you can transparently proxy outgoing connections through to any other ports you want, and what better to use than your nc proxy?

11) Cryptcat
- Cryptcat can be found at: http://sourceforge.net/projects/cryptcat/ and is the ultimate companion for Netcat. It includes a lightweight version of Netcat, featuring encrypted transport properties. (Just for those superbly paranoid!)

12) Command Cheat Sheet

nc –l –p [port] will create a simple listening tcp port. Add –u to put into UDP mode.
nc –e [program] To redirect stdin/stdout from program.
nc –w [timeout] To set a timeout before netcat automatically quits. (Used within a loop usually)
program | nc To pipe output of program to netcat
nc | program To pipe output of netcat to program
nc –h Help sheet
nc –v To put into verbose mode, or use –v –v to put into ultra-verbose mode!
nc –g or nc –G Source routing flags
nc –t Use telnet negotiation (If connecting to a telnetd or acting as a telnetd for telnet clients).
nc –o [file] Hex dump traffic to file
nc –z No I/O (Used for scanning ports)

How to install SBD netcat clone for unix

is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-CBC-128 + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features.

Only TCP/IP communication is supported. Source code and binaries are distributed under the GNU General Public License.

sbd can be used for any number of network-related things, for example.:
Secure file transfer
Remote administration
Simple (but secure) peer-to-peer chat
Pen-test tool (crypto avoids NIDS detection and telnet-style traffic recording)

To compile sbd under a Unix-like operating system you need gcc and relevant
development tools. For Linux, FreeBSD, NetBSD, OpenBSD (and possibly others),
type:
make unix

What’s New in This Release:
# if sbd is setuid (chmod 4755 or 6755), sbd will do setuid(geteuid()) on Unix-like operating systems. feature added to offer root shells during pen-tests.
# the host, port and command to execute (-e option) specified on the command line are wiped with spaces in order to hide them from the process list on Unix-like operating systems (e.g. “ps auxww”, “ps -Af”, e.g.). the -k option was wiped with stars (*) before, but now it’s all wiped with spaces (0×20) instead.
tags unix like like operating wiped with operating systems with spaces

http://securityforest.com/wiki/index.php/Main_Page

To output a file from console in linux:

Example: echo Hello this is Deeznuts > hello.txt

he easiest way to install RPM is to use Slackware’s native package manager.

You must be root to install RPM.

installpkg /home/dave/rpm-2.4.12-1.i386.tar.gz

Of course, replace the /home/dave with the correct path for the filename.

(NOTE!) If that fails, simply untar the file with these commands:

cd / ; tar zxvpf /home/dave/rpm-2.4.12-1.i386.tar.gz

Next, you have to create a directory called “rpm” under the /var/lib tree.

mkdir /var/lib/rpm

Now type ‘rpm –initdb’ to initialize the rpm database.

If everything has gone correctly up to this point, you will have a rpm-capable system! Test it out by grabbing any rpm file and installing it with ‘rpm -Uvh filename.rpm’

4.

Mounting the Share

To mount an smbfs share from a Linux workstation at the command line, you can use either the smbmount command or use mount -t smbfs. Both command will work the same. When you use mount -t smbfs, the mount program actually passes the command over to smbmount for execution. Throughout this document I’ll use smbmount instead of mount -t smbfs.

An example would look like this:

smbmount //servername/sharename /mountdirectory -o username=mywindowsusername,password=mywindowspassword

The mount equivelant is:

mount -t smbfs //servername/sharename /mountdirectory -o username=mywindowsusername,password=mywindowspassword

//servername/sharename refers to the name of the Windows computer and the name of the share.

/mountdirectory refers to the directory you use as the mount point on the Linux workstation. It can be any directory as long as the user executing the command has rights to it.

Whether you need to supply a username and password depends on what type of security you have on the Windows share. If you have a share created with no password on it, you shouldn’t need to provide a username and password. If the share happens to be on a Windows NT server that is part of a domain, you would need to provide a domain login name and password.
Making the Mount Permanent

smbmount does not make the mount permanent. If the Linux workstation is rebooted, you will have to mount the share again. To make the mount occur each time you start the Linux workstation, you can put an entry in your /etc/fstab file. An example file would look like this:

LABEL=/ / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
LABEL=/home /home ext3 defaults 1 2
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
/dev/hda3 swap swap defaults 0 0
/dev/cdrom /mnt/cdrom iso9660 noauto,owner,kudzu,ro 0 0
/dev/hdd4 /mnt/zip100.0 auto noauto,owner,kudzu 0 0
/dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0
//servername/sharename /mountdirectory smbfs username=windowsuserename,password=windowspassword 0 0

The last line in the file is the line that will mount the Windows share. You would add a line similar to that in your /etc/fstab file for each share you want to mount. Once again the username and password are only needed if the Windows share is set up to require them. If a username and password are not required, you may just replace them with the word defaults.

An important thing to remember is that there is no space between the comma and the word password. If you put a space there, it won’t work.

If you have a share name with spaces for example

//myWindowsMachine/share name

then the proper way to escape the spaces in the /etc/fstab would be with \040
so you would put

//myWindowsMachine/share\040/name