Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Tutorial - Sed and Awk From Pen Testers Perspective Share/Save - My123World.Com!

  1. #11
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    And that's appreciable mayjune.
    The bottom line is, Garage is a family where sometimes we have differences in thoughts and we do argue over that but there is no place for arrogance or ego. And that helps keeping the environment clean and makes it a nice place to stay.

    Rgds
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  2. #12
    Network Security Administrator Hackuin's Avatar
    Join Date
    Apr 2011
    Location
    10011001 10011001
    Posts
    104
    For a serious shell scripting/Linux System/Network Administrators, I recommend to learn "Expect".

    Expect is actually a program controller. Especially for inter-active programs. I mean, where some "X" program needs interaction with user/some other program, etc.,

    For Example:
    I have post a reply about MD5 trend, which you could find --> [ Here ]
    However, I used ruby for the example out there out for a quick, reply.
    Let us use the bash script to encrypt [ which is actually not possible with the tool we use authpasswd(authpasswd tool is used to encrypt a string with different encryptions like, MD5, SHA1 etc.,) ] below is how we use authpasswd to encrypt a word.



    As you could see, when we use "authpasswd md5raw", it prompt us for a word to type so that it could encrypt in a md5raw, it prompts again, so that we have to type the same word again.

    So, if you use a shell script, it is not possible for you to pass that value/word to the script.

    If you use, say
    Code:
    #!/bin/bash
    authpasswd md5raw
    .....
    somecode what ever
    .....
    #EOF
    once the script runs, it just stops after executing the "authpasswd md5raw" and wait for a user interaction, and will not continue until and unless user do something. For our brute forcing, we don't think we could type all value every time and all do we? So basically its the limit of bash scripting. Here comes the beauty of "expect".

    Here is a expect code:
    Code:
    #!/usr/bin/expect
    
    set __myValue cool
    
    	spawn authpasswd md5raw
    	 	expect "password:"
    	send "$__myValue\r"
    		expect "password:"
    	send "$__myValue\r"
    
    expect eof
    Below is the image, you just need to run the script and our value( in our case "cool", is passed to the program(authpasswd) as if a human is typing a word twice, total automation.



    Another example:
    We know we can get header information of a page let say "insecure.org", we could use "Netcat"( nc ) to connect on port 80, like:
    Code:
    Linux~$nc -v insecure.org 80
    and our netcat connects to server to port 80 and waits for our interaction, Can you pass the value to get headers(i.e., "HEAD / HTTP/1.0" and hitting enter key twice) with bash script? No. you cannot. If you use bash script after connecting to "insecure.org" with netcat it just waits for user-interaction, like for typing the HEAD / HTTP/1.0" and hitting enter key twice.
    With expect, you you could over come this by,
    Code:
    #!/usr/bin/expect
    
    set __myValue "HEAD / HTTP/1.0\r\r"
    
    	spawn nc -v insecure.org 80
    	 	expect "open"
    	send "$__myValue\r\r"
    	
    expect eof


    Expect help Network/System Administrator of Linux Server very very efficiently. And it very very easy to learn.

    _Hackuin.
    Last edited by Hackuin; 05-24-2011 at 02:18 AM. Reason: Typos

  3. #13
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    That's quite interesting and useful Hackuin and surely covering up for bash. TFS

    BTW for the following I've a work around:
    and our netcat connects to server to port 80 and waits for our interaction, Can you pass the value to get headers(i.e., "HEAD / HTTP/1.0" and hitting enter key twice) with bash script? No. you cannot.
    To automate the whole procedure of finding banner or checking other HTTP methods like TRACE / TRACK etc.:

    For Linux platform (Tested on BackTrack 3):

    You need two text files; iplist.txt and header.txt.
    Iplist.txt would contain the list of IP address, one IP per line.
    Header.txt would contain your HTTP commands.

    E.g. content of iplist.txt file would be like:
    192.168.1.1
    192.168.1.2
    192.168.1.3

    Content of header.txt file:
    E.g. if you want to do banner grabbing then the content of your header.txt file would be:
    HEAD / HTTP/1.0 (press two returns)

    If you want to do trace, the content would be:
    TRACE / HTTP/1.0 (press single return)
    HOST:anything (press single return)
    X-HEADER:anything (press return twice)

    Similarly for OPTIONS and TRACK.


    Command to be executed:
    # for f in `cat iplist.txt`;do nc –q 2 –w 2 –v $f 80 < header.txt; done;
    It will automate the whole procedure.

    : -q 2 : To terminate the connection if opposite side listener is infact netcat rather than a web server.
    : -w 2: To timeout the connection (2 seconds, change it according to the requirement)

    Now instead of typing a long command on console you can make a shell script for it. Make a blank shell script and name it netcat.sh. Edit it and put the following lines into it:

    for f in `cat iplist.txt`;do
    nc –q 2 –w 2 –v $f 80 < header.txt
    done
    Execute the script running following command

    # ./netcat.sh

    Now depending on the content of “header.txt” file, output will be displayed on the console.



    For Windows Platform (Tested on XP):

    Do exactly the same i.e. make iplist.txt and header.txt file. Only command will differ:

    C:\> for /f %1 in (iplist.txt) do nc –vv –w2 %1 80 < header.txt
    Note: -q option is not present in windows version of netcat.

    Obviously your iplist.txt and header.txt needs to reside in the current directory where you are executing the command, or specify absolute/relative path for these files.


    Rgds
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  4. #14
    InfoSec Consultant the_empty's Avatar
    Join Date
    Jul 2010
    Location
    the blue no-where
    Posts
    155
    Blog Entries
    2
    Information is overflowing here..... awesome shares by everyone.... special thanks to mayjune for his simple yet cover it all explanation..

    I would love to tryout "expect". seems that it will be very helpful for my future work.

    Thanks and regards to all
    the_empty

    P.S. : What can work as a fuel for the flame thrower neo....
    ACCESS is GOD

  5. #15
    @the_empty
    Nitrogen+Petrol works as fuel for flamethrower (For a real flamethrower that is LoL)

    Normally people beging with Fullishness/stubbornness/Script Kiddies/Know it all Attitude fuels the flamethrower.

    Flamethrower is on hold since, we are now senior members with responsibility. :-D
    But sometime it gets out of control you know what I mean
    Orkut id: neo1981
    Blog: infosec-neo.blogspot.com
    Nothing is Impossible*


    *Conditions Apply

  6. #16
    Network Security Administrator Hackuin's Avatar
    Join Date
    Apr 2011
    Location
    10011001 10011001
    Posts
    104
    @b0nd:
    Yep, there always a work around, file descriptors are bit of handy like,


    my post was pointing towards people who are learning bash script, for system administrations. :]

  7. #17
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Quote Originally Posted by Hackuin View Post
    @b0nd:
    Yep, there always a work around, file descriptors are bit of handy like,

    my post was pointing towards people who are learning bash script, for system administrations. :]
    And I fall under the first category
    Thanks for the file descriptor way of doing it.
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •