This page has many many cheat sheet about network , protocol, packet and etc.
If you want to download all with one click. Get it here.
Source: http://packetlife.net/library/cheat-sheets/
Tuesday, 31 May 2011
Monday, 30 May 2011
Change user-agent whatever you want
Sometimes I want to test some restrict path of my lab websites with user-agent authentication and I want a tool to make me easy to switch any user-agent of any devices in my firefox. My solution is install User-Agent Switcher and import the list of user-agent from xml file. The instruction is here.
1. Install firefox4 from http://www.mozilla.com/en-US/firefox/fx/
2. Install User-Agent Switch
1. Install firefox4 from http://www.mozilla.com/en-US/firefox/fx/
2. Install User-Agent Switch
Adding customize search box on my site.
Now, I try to add customize search box for search content in my blog on the side bar. And when I try to search with keyword "metasploit". I got this
Now, what do you want to see in my blog? try by yourselves.
PS. I extend the width of blog and I think you will like it.
Now, what do you want to see in my blog? try by yourselves.
PS. I extend the width of blog and I think you will like it.
Sunday, 29 May 2011
Howto:Generate PHP Shell with Metasploit
Someday I want to use php shell to testing my lab. But when I find in the google, it says "This site is dangerous." and I don't want to infected virus or any malicious activity. I forgot that Metasploit can make php shell too (PHP Command Shell, Bind TCP). This post will show the steps of howto create php shell with Metasploit.
1. Exactly,first go to the Msfconsole.
$ msfconsole
2. Use the
1. Exactly,first go to the Msfconsole.
$ msfconsole
2. Use the
Howto: Try to use Metasploit with WMAP Plugin
WMAP is a general purpose web application scanning framework for Metasploit 3. The architecture is simple and its simplicity is what makes it powerful. It's a different approach compared to other open source alternatives and commercial scanners, as WMAP is not build around any browser or spider for data capture and manipulation
1. First go to Metasploit Console
$ msfconsole
2. Use mysql
1. First go to Metasploit Console
$ msfconsole
2. Use mysql
Javascript Password Strength Meter
What makes a strong password? This quick and dirty password strength meter is meant to help users learn how to create stronger passwords. Because it's written in Javascript the password is never sent over the network. Feel free to audit the code and recommend some better regular expressions, weightings, or bug fixes by submitting a comment.
Tips for strong passwords:
Make your password 8
Tips for strong passwords:
Make your password 8
Howto: Fix "Invalid Driver Specified" of Armitage on Backtrack 5
After I try to use Armitage in Backtrack 5 Gnome 64 Bit. It's say "Invalid Driver Specified". I try to search how to fix this error and I get this instruction.
1. apt-get install rubygems
2. gem install mysql
3. gem update
Now, try to run Armitage again. The error is gone.
1. apt-get install rubygems
2. gem install mysql
3. gem update
Now, try to run Armitage again. The error is gone.
Cross-site scripting vulnerability in TweetDeck’s ChromeDeck
Chrome TweetDeck, the browser-based version of the Tweetdeck Twitter client, has been found to be suffering from a cross-site scripting vulnerability (XSS). It was discovered that the Chrome TweetDeck application, also known as ChromeDeck, would execute scripts placed within