HOWTO theharvester on Ubuntu Desktop 12 04 LTS

The objective of theharvester is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.



This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their organization.



Step 1 :



sudo apt-get install subversion



sudo -sH

cd /opt

svn checkout http://theharvester.googlecode.com/svn/trunk/ theharvester

cd /opt/theharvester



Step 2 :



To run it.



sudo -sH

cd /opt/theharvester

python theharvester.py -d microsoft.com -l 500 -b google



Thats all! See you.

Read More..

HOWTO nVidia CUDA 4 0 RC on Ubuntu 11 04 Server

If you have nVidia display card that have several CUDAs on it, you will interested in this tutorial. This time, I would like to show you how to install CUDA 4.0 RC on Ubuntu 11.04 Server.



You will experience a faster server after the installation of CUDA 4.0.



This HOWTO does not require to install X.



Step 1 :



Add the CUDA 4.0 PPA.

sudo add-apt-repository ppa:aaron-haviland/cuda-4.0



Step 2 :



sudo apt-get update

sudo apt-get upgrade



64-bit :

sudo apt-get install nvidia-cuda-gdb nvidia-cuda-toolkit nvidia-compute-profiler libnpp4 nvidia-cuda-doc libcudart4 libcublas4 libcufft4 libcusparse4 libcurand4 nvidia-current nvidia-opencl-dev nvidia-current-dev nvidia-cuda-dev opencl-headers



32-bit :

sudo apt-get install nvidia-cuda-gdb nvidia-cuda-toolkit nvidia-compute-profiler lib32npp4 nvidia-cuda-doc lib32cudart4 lib32cublas4 lib32cufft4 lib32cusparse4 lib32curand4 nvidia-current nvidia-opencl-dev nvidia-current-dev nvidia-cuda-dev opencl-headers



Step 3 :



sudo nano /etc/init.d/nvidia_cuda



Append the following lines.



============= Copy from here ================

#!/bin/bash



PATH=/sbin:/bin:/usr/bin:$PATH



/sbin/modprobe nvidia



if [ "$?" -eq 0 ]; then



   # Count the number of NVIDIA controllers found.

   N3D=`/usr/bin/lspci | grep -i NVIDIA | grep "3D controller" | wc -l`

   NVGA=`/usr/bin/lspci | grep -i NVIDIA | grep "VGA compatible controller" | wc -l`



   N=`expr $N3D + $NVGA - 1`

   for i in `seq 0 $N`; do

      /bin/mknod -m 666 /dev/nvidia$i c 195 $i;

   done



   /bin/mknod -m 666 /dev/nvidiactl c 195 255



else

   exit 1

fi



=========== Copy to here =================



Step 4 :



sudo chmod +x /etc/init.d/nvidia_cuda

sudo update-rc.d nvidia_cuda defaults



Step 5 :



Reboot your system.



Remarks



I do not have nVidia display cards server in hand at the moment, I am not sure the captioned startup script working properly or not.



Thats all! See you.

Read More..

HOWTO Logwatch for Hiawatha on Ubuntu 9 04 Server

Logwatch reads your log files and alert you about the unusual log entries. It is working perfect for Apache. However, the log directory of Hiawatha is different from Apache. You should do something else on logwatch in order to make it to read Hiawatha log files.



Step 0 :



Install logwatch.



sudo apt-get update

sudo apt-get upgrade

sudo apt-get install logwatch



Step 1 :



Make changes to the logwatch configure file in order to tell her to send you a email report.



sudo nano /usr/share/logwatch/default.conf/logwatch.conf



Change the settings of the following lines.



Output = mail

Format = html

MailTo = samiux@gmail.com



Step 2 :



You should also change the setting at the daily cron job.



sudo nano /etc/cron.daily/00logwatch



Make the entry like this.



/usr/sbin/logwatch --mailto samiux@gmail.com



Step 3 :



Make logwatch to read Hiawatha log files.



sudo nano /usr/share/logwatch/default.conf/logfiles/http.conf



Add the following lines on the appropriate sections.



LogFile = hiawatha/*access.log

LogFile = hiawatha/*access.log.1

LogFile = hiawatha/*error.log

LogFile = hiawatha/*error.log.1

LogFile = hiawatha/*system.log

LogFile = hiawatha/*system.log.1

LogFile = hiawatha/*garbage.log

LogFile = hiawatha/*garbage.log.1

LogFile = hiawatha/*php-fcgi.log

LogFile = hiawatha/*php-fcgi.log.1



Archive = hiawatha/*access.log.*.gz

Archive = hiawatha/*error.log.*.gz

Archive = hiawatha/*system.log.*.gz

Archive = hiawatha/*garbage.log.*.gz

Archive = hiawatha/*php-fcgi.log.*.gz



See also (Hiawatha 6.17.1 installation) :

Samiuxs Blog

or

Almost Secure and Perfect Ubuntu Server



Thats all. See you!

Read More..

HOWTO Sqlmap on Ubuntu Desktop 12 04 LTS

Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.



Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems.



Full support for six SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query, stacked queries and out-of-band.



Step 1 :



sudo -sH

cd /opt



apt-get install git

git clone git://github.com/sqlmapproject/sqlmap.git



Step 2 :



To run it.



sudo -sH

cd /opt

python sqlmap.py



Thats all! See you.

Read More..

HOWTO Ubuntu 9 10 for OpenVPN

To make your Ubuntu 9.10 box to connect to OpenVPN server is very easy.



sudo apt-get update

sudo apt-get install network-manager-openvpn

sudo /etc/init.d/network-manager restart



Now, you can configure the Network Manager for any OpenVPN server.





Thats all. See you!

Read More..

First thing to do after installing Ubuntu 12 10 protect your privacy!

Protect your privacy!

By default Ubuntu 12.10 will record all your keystrokes / search terms when using the Unity Dash and send it to their servers and other third parties.

Personally I think this really sucks.

There can be no doubt that they anticipated many users will remain oblivious to this change / practice,  such users will therefore have their privacy compromised.

Even if it is out of their own ignorance, ie because these users did not read the manual, where privacy is concerned there needs to be solid boundaries.

Canonical Ltd relying on a unless you opt out style Legal Notice (see below) is just not good enough.

Searching in the dash -

Legal notice This search function is provided to you by Canonical Group Limited (Canonical). This legal notice applies to searching in the dash and incorporates the terms of Canonicals legal notice (and privacy policy).

Collection and use of data

When you enter a search term into the dash Ubuntu will search your Ubuntu computer and will record the search terms locally.

Unless you have opted out (see the “Online Search” section below), we will also send your keystrokes as a search term to productsearch.ubuntu.com and selected third parties so that we may complement your search results with online search results from such third parties including: Facebook, Twitter, BBC and Amazon. Canonical and these selected third parties will collect your search terms and use them to provide you with search results while using Ubuntu.

By searching in the dash you consent to:

the collection and use of your search terms and IP address in this way; and

the storage of your search terms and IP address by Canonical and such selected third parties (if applicable).

Canonical will only use your search terms and IP address in accordance with this legal notice and our privacy policy. Please see our privacy policy for further information about how Canonical protects your personal information. For information on how our selected third parties may use your information, please see their privacy policies.

Online Search

You may restrict your dash so that we don’t send searches to third parties and you dont receive online search results. To do this go to the Privacy panel and toggle the ‘Include online search results’ option to off. The Privacy panel can be found in your System Settings or via a dash search. For a current list of our selected third parties, please see www.ubuntu.com/privacypolicy/thirdparties.

Changes

Although most changes are likely to be minor, Canonical may change this legal notice from time to time, and at Canonicals sole discretion. Please check this page from time to time for any changes to this legal notice as we will not be able to notify you directly.

How to contact us

Please submit any questions or comments about searching in the dash or this legal notice by contacting us at the following address: Canonical Group Ltd, 5th Floor, Blue Fin Building, 110 Southwark Street, London, England, SE1 0SU.

Those that for whatever reason remain unaware of this change / practice, the legal notice serves to protect Canonical Ltd, allowing them to legally exploit such users.

Ask yourself, why does Canonical Ltd choose to collect data by default?

Answer, because they know the vast majority, if not all users would never optionally choose to submit data that may potentially compromise their privacy.

The "unless you opt out" approach never goes down well with anyone, it is a commercial practice that causes nothing but headaches and controversy, Verizon anyone??

If you would like to opt out and prevent Ubuntu 12.10 collecting / sending your data to Canonical Ltd and their partners, run the Privacy application and change the settings.

 

As stated in the Ubuntu 12.10 Legal Notice, turn off the setting, "Include online search results"

Well played Canonical Ltd!

Read More..