Sunday, July 14, 2013

Raspberry Pwn (PenTesting with Raspberry Pi)

Raspberry Pwn (released by Pwnie Express) is turn your Raspberry Pi into a full-featured security penetration testing and auditing platform.

It is fully open-source and includes the following testing tools:
SET Fasttrack kismet aircrack-ng nmap dsniff netcat nikto xprobe scapy wireshark tcpdump ettercap hping3 medusa macchanger nbtscan john ptunnel p0f ngrep tcpflow openvpn iodine httptunnel cryptcat sipsak yersinia smbclient sslsniff tcptraceroute pbnj netdiscover netmask udptunnel dnstracer sslscan medusa ipcalc dnswalk socat onesixtyone tinyproxy dmitry fcrackzip ssldump fping ike-scan gpsd darkstat swaks arping tcpreplay sipcrack proxychains proxytunnel siege sqlmap wapiti skipfish w3af

Here's how I setup it up:
pi@raspberrypi ~ mkdir work && cd work 
pi@raspberrypi ~/work/sudo apt-get install git 
pi@raspberrypi ~/work $ git clone https://github.com/pwnieexpress/Raspberry-Pwn.git 
pi@raspberrypi ~/work/Raspberry-Pwn $ sudo ./INSTALL_raspberry_pwn.sh
Installing Raspberry Pwn

Later I'll post more articles on how the things work. Enjoy!

Saturday, July 13, 2013

Full ROM Backup on Unknown Tablet

This is a quick way to perform full ROM backup on tablets. Since those are unknown brand, I have no idea how to "root" them and perform full backup as usual.

Here's how to perform the full ROM backup and restoration on 2 identical (same brand) tablets. (Model M716D running JB 4.0.1)

[ To Backup ]
Start your tablet
Connect the USB cable to tablet
Start command prompt/shell prompt
adb shell
root@android#/ stop zygote [ this one stops android ]
root@android#/ busybox tar -cvf /mnt/sdcard/full_backup.tar /data/*
root@android#/ reboot

[ To Restore ]
Start your tablet
Connect the USB cable to tablet
Start command prompt/shell prompt
adb shell
root@android#/ stop zygote [ this one stops android ]
root@android#/ rm -r /data/*
root@android#/ cd /data/
root@android#/ busybox tar -xvf /mnt/sdcard/full_backup.tar
root@android#/ reboot

[ My Experiment ]

  • Make full backup on tablet-1.
  • Before reboot, I quit the shell and make a copy to my computer.
  1. exit
  2. adb pull /mnt/sdcard/full_backup.tar
  3. ren full_backup.tar full_backup1.tar
  4. adb shell reboot
  • After reboot, I start to install games from Play Store.
  • Then I try the method above to restore the tablet-1 back to original (first boot assistant). [ success ]
  • Make full backup on tablet-2. [ just in case ]
  • After reboot, I start to install games from Play Store to tablet-2.
  • Before the restore tablet-2, I copy tablet-1's full_backup1.tar to tablet2.
  1. adb push full_backup1.tar /mnt/sdcard/
  • Then I try the method above to restore the tablet-2 back to original (first boot assistant) using the tablet-1 backup file. [ success ]

Bypass Windows Login

Heard of Kon-Boot?

It is an application which will silently bypass the authentication process of Windows based operating systems. Without overwriting your old password! Easy to use and excellent for tech repairs, data recovery and security audits.

Currently, Kon-boot supports following operating systems:

  • Microsoft Windows XP 32Bit/64Bit (all versions since SP2) 
  • Microsoft Windows Server 2003 32Bit/64Bit (all versions) 
  • Microsoft Windows Server 2008 32Bit/64Bit (all versions) 
  • Microsoft Windows Vista 32Bit/64Bit (all versions) 
  • Microsoft Windows 7 32Bit/64Bit (all versions including EFI) 
  • Microsoft Windows 8 32Bit/64Bit (all versions including EFI, local authorization only) 


Friday, July 12, 2013

My Respberry Pi Starts

 (Model B) BCM2835 700MHz ARM1176JZF-S CPU, 512MB RAM, 8GB SD card, and 10Mbps