Tuesday, November 2, 2010

Configure Cisco Router

Well this is going to be a two part hack. I configured a cisco switch for 3 diffrent VlAN's I'll be using 2 of the VLAN's please look at the config for any questions this is on a Catalyst 3500 XL switch.

Continue with configuration dialog? [yes/no]:
% Please answer 'yes' or 'no'.
Continue with configuration dialog? [yes/no]:
% Please answer 'yes' or 'no'.
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started.


Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int
% Incomplete command.

Switch(config)#
Switch(config)#interface ?
FastEthernet FastEthernet IEEE 802.3
GigabitEthernet GigabitEthernet IEEE 802.3z
Multilink Multilink-group interface
Port-channel Ethernet Channel of interfaces
VLAN Switch VLAN Virtual Interface
Virtual-TokenRing Virtual TokenRing

Switch(config)#interface
% Incomplete command.

Switch(config)#interface Fast
Switch(config)#interface FastEthernet0/1
Switch(config-if)#?
Interface configuration commands:
arp Set arp type (arpa, probe, snap) or timeout
bandwidth Set bandwidth informational parameter
carrier-delay Specify delay for interface transitions
cdp CDP interface subcommands
custom-queue-list Assign a custom queue list to an interface
default Set a command to its defaults
delay Specify interface throughput delay
description Interface specific description
duplex Configure duplex operation.
exit Exit from interface configuration mode
fair-queue Enable Fai
help Description of the interactive help system
hold-queue Set hold queue depth
keepalive Enable keepalive
load-interval Specify interval for load calculation for an
interface
logging Configure logging for interface
loopback Configure internal loopback on an interface
mac-address Manually set interface MAC address
max-reserved-bandwidth Maximum Reservable Bandwidth on an
media-type Interface media type
mtu Set the interface Maximum Transmission Unit
(MTU)
mvr MVR per port configuration
negotiation Select Autonegotiation mode
no Negate a command or set its defaults
port Perform switch port configuration
power power configuration
priority-group Assign a priority group to an interface
random-detect Enable Weighted Random Ea
Interface
rmon Configure Remote Monitoring on an interface
service-policy Configure QoS Service Policy
shutdown Shutdown the selected interface
snmp Modify SNMP interface parameters
spanning-tree Spanning Tree Subsystem
speed Configure speed operation.
switchport Set switching mode characteristics
timeout Define timeout values for this interface
transmit-interface Assign a transmit interface to a
receive-only
interface
tx-queue-limit Configure card level transmit queue limit
udld Configure UDLD enabled or disabled and
ignore global
UDLD setting

Switch(config-if)#^Z
Switch#
00:13:29: %SYS-5-CONFIG_I: Configured from console by consoleshow vtp
status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 254
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xBF 0x86 0x94 0x45 0xFC 0xDF 0xB5
0x70
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- ---------
--------------------------
1 default active Fa0/1, Fa0/2, Fa0/3,
Fa0/4,
Fa0/5, Fa0/6, Fa0/7,
Fa0/8,
Fa0/9, Fa0/10, Fa0/11,
Fa0/12,
Fa0/13, Fa0/14,
Fa0/15, Fa0/16,
Fa0/17, Fa0/18,
Fa0/19, Fa0/20,
Fa0/21, Fa0/22,
Fa0/23, Fa0/24,

1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode
Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- --------
------ ------
1 enet 100001 1500 - - - - - 1002
1003
1002 fddi 101002 1500 - - - - - 1
1003
1003 tr 101003 1500 1005 0 - - srb 1
1002
1004 fdnet 101004 1500 - - 1 ibm - 0
0
1005 trnet 101005 1500 - - 1 ibm - 0
0
Switch#vlan database
Switch(vlan)#vtp server
Device mode already VTP SERVER.
Switch(vlan)#vlan 2 name test
VLAN 2 added:
Name: test
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --
1 default active Fa0/1, Fa0/2, Fa0/3,
Fa0/4,
Fa0/5, Fa0/6, Fa0/7,
Fa0/8,
Fa0/9, Fa0/10, Fa0/11,
Fa0/12,
Fa0/13, Fa0/14,
Fa0/15, Fa0/16,
Fa0/17, Fa0/18,
Fa0/19, Fa0/20,
Fa0/21, Fa0/22,
Fa0/23, Fa0/24,

2 test active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode
Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- --------
------ ------
1 enet 100001 1500 - - - - - 1002
1003
2 enet 100002 1500 - - - -
1002 fddi 101002 1500 - - - - - 1
1003
1003 tr 101003 1500 1005 0 - - srb 1
1002
1004 fdnet 101004 1500 - - 1 ibm - 0
0
1005 trnet 101005 1500 - - 1 ibm - 0
0
Switch#vlan database
Switch(vlan)#vtp server
Device mode already VTP SERVER.
Switch(vlan)#vlan 3 name test2
VLAN 3 added:
Name: test2
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int vlan2
Switch(config-subif)#management
Switch(config-subif)#
Switch#
00:19:43: %SYS-5-CONFIG_I: Configured from console by consoleconfig t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int fa
Switch(config)#int fastEthernet 0/5
Switch(config-if)#switchport access vlan2
^
% Invalid input detected at '^' marker.

Switch(config-if)#switchport access vlan 2
Switch(confi
Switch(config)#inter
Switch(config)#interface fast
Switch(config)#interface fastEthernet 0/6
Switch(config-if)#switchport access vlan 2
Switch(config-if)#exit
Switch(config)#interface fastEthernet 0/7
Switch(config-if)#switchport access vlan 2
Switch(config-if)#exit
Switch(config)#interface fastEthernet 0/10
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#interface fastEthernet 0/11
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#interface fastEther
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#end
Switch#write
00:23:15: %SYS-5-CONFIG_I: Configured from console by console memorey
^
% Invalid input detected at '^' marker.

Switch#write memory
Building configuration...
[OK]
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4,
Fa0/8, Fa0/9, Fa0/13, Fa0/14,
Fa0/15, Fa0/16, Fa0/17, Fa0/18,
Fa0/19, Fa0/20, Fa0/21, Fa0/22,
Fa0/23, Fa0/24, Gi0/1, Gi0/2
2 test active Fa0/5, Fa0/6, Fa0/7
3 test2 active Fa0/10, Fa0/11, Fa0/12
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
Switch#

Remote shares



I came across this googling for exploits and It's really good for Recon. It uses port 139. So you need to find the Netbios name of the target computer, Microsoft makes this very easy. Once you find a target with 139 open issue the following command.

$nmblookup -A 12.***.58.154

The -A switch signifys a remote host. You will get some out put among the lines of.

Looking up status of 12.***.58.154
BROOKS <00> - M
ARROWSIGN <00> - M
BROOKS <20> - M
ARROWSIGN <1e> - M

MAC Address = 00-C0-A8-83-19-5D

So now we have a Netbios name "BROOKS" So to follow this up we are going to do the following command.

$smbclient -LBROOKS -I 12.***.58.154
Password:
Domain=[ARROWSIGN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

Sharename Type Comment
--------- ---- -------
IPC$ IPC Remote IPC
SharedDocs Disk
print$ Disk Printer Drivers
ADMIN$ Disk Remote Admin
C$ Disk Default share
Domain=[ARROWSIGN] OS=[Windows 5.1] Server=[Windows 2000 LAN Manager]

Server Comment
--------- -------

Workgroup Master
--------- -------

I just hit return for the password and it shows a list of shares on that machine, c$ is my favorite share thats why I posted this example you can have access to the whole C:\ Drive with the c$ share you can set a payload to startup on logon etc..

Like I said before I just use this technique for information gathering for a future attach. I'll show you another example of some information you can get from this.

$ smbclient -LWEBSERVER -I 12.***.54.11
Password:
Anonymous login successful
Domain=[LORETTO] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]

Sharename Type Comment
--------- ---- -------
Error returning browse list: NT_STATUS_ACCESS_DENIED
Anonymous login successful
Domain=[LORETTO] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]

Server Comment
--------- -------
ARAMIREZ
BUFFY Buffy Computer
BUSINESSSERVER
CHOFFMAN2
CHOFFMANN Cindy Hoffmann
CPELL
CSANTOYO
DESTINEYELELAB1
DESTINEYELEMLAB
DMUNOZ
ELEMPRINCIPAL IBM 2003_25
ELEMRECEP IBM2003_#29
ELEM_LIBRARY
EMATA
FAMNET
FESERVER
IPORTILLO
KIMPELL2 Dianne Kimpell
LMIRANDA
LORETTO2
LORETTO2A
MATA
NNIETO Teacher Computer
PHERRERA2 Patty Herrera
POLIVAS Patso Olivas
PRYHERD Teacher Computer
PS-55DAE6
RECORDS
RENRIQUEZ
SASI
SPACE
SVR-APP02
SVR-PDC
TEC2
WEBSERVER

Workgroup Master
--------- -------
101 TEACHER101
LORETTO SVR-PDC
WORKGROUP SPAREIBM

This tells you pretty much all the computers on the network, It tells you the domain and other trusted domains and It can also tell you the DC or GC server, very useful information gathering, it's essentially a map of someones LAN.

Enjoy
-Sumit-

Installing Android on HTC Touch


Interested in Android but think you need to buy a new phone to try it out? Actually, your Windows Mobile phone may already have the capability of running Android. Today we show you how and the type of phone you’ll need.
sshot-2010-07-07-[22-09-07]
Installing Android
To run Android you will need a microSD card that is not SDHC (typically a card less than 2GB) and a supported Windows Mobile phone (see below). You can check your microSD card compatibility by looking at the card to see if it shows the “HC” label.
The microSD card will need to be formatted in FAT32. Plug the microSD card into the computer and right click on it and choose format.
Note: Formatting a microSD drive will erase everything on that drive. Make sure you have any important files backed up before you format it.
Now that the microSD card is formatted, the first step to installing Android is finding the right Android port for your phone (see below). You will need to find the port that works on your phone as well as the version of Android you want to run. Versions start at 1.0 but typically you will find ports for version 1.6 or 2.1.
Once you have found the right port for your phone and Android version you want to use, extract the files to a folder using 7-zip.
After the files have extracted there should be a folder called “andboot”. Go into the andboot folder and there will be another folder called “startup config” or “startup”. Open this folder and you will need to find the right startup.txt file for your phone. Inside each folder will be a single “startup.txt” file. Copy the file for your phone model to the root of the andboot folder. This file will tell Android what type of hardware you have, how big your screen is, how much RAM your phone has etc. so it is very important to choose the right file. If you are confused on what these phone names are please read below on finding your phone model.
Once you have moved the correct startup.txt file to the andboot folder, copy the entire andboot folder to the root of your newly formatted microSD card.
Plug the microSD card back in the phone and open the file browser on your phone and browse to the memory card. Make sure the phone is plugged into power before the next few steps because on some phones running on battery may cause the phone to hang.
Open the andboot folder and run haret.exe. If the right startup.txt file is in the root of the andboot folder you should be able to click “Run” and you will get a quick loading screen while haret turns off Windows Mobile and starts up Android.
You should get some scrolling text and probably a nice Android logo while the phone boots up the first time.
Note: The first boot is going to take a considerably longer time than subsequent boots. and you may need to calibrate your screen during the boot process so make sure you keep an eye on it.
Once the basic Linux settings are done your new “Android” phone will boot to a welcome screen so you can walk through the rest of the settings like setting up your email account.
Tip: If you are running Android on a phone that does not have an active data plan but does have wifi, you can get around the startup screen by tapping on the welcome screen in this order: top left corner, top right corner, bottom right corner, bottom left corner then tap the Android logo. You can then enable wifi and join a network and set up your gmail account manually.
It is usually recommended that you leave your phone alone while it syncs your information for at least 10 minutes. Once the initial syncing is done the phone should start running faster and you can play around with installing apps. If you don’t wait for the phone to fully sync you may have problems with apps crashing prematurely and a force close dialog popping up.
Change any settings and install any apps you want, they will be saved to your memory card and ready on next boot. All phones that run Android from the microSD card will automatically boot Windows Mobile when the phone restarts. To run Android again, just open the file browser and run haret.exe again.
Android Ports
There are a few different Android ports for Windows Mobile devices and each one supports a different family of device; each family of device has a varying amount of hardware support. Most phones will support the touch screen, hardware buttons, cell phone radio, and data connection, but some ports may not support bluetooth, GPS, or power management. This is not a complete list of Android ports available, but it should cover the most popular Windows Mobile phones.
Almost all Android development on Windows Mobile phones started with the development on theHTC Touch (also known as the HTC Vogue and the Verizon xv6900). The HTC Touch has 100% of the hardware features working and even some features that were not available in official Windows Mobile ROMs. One of the main differences between Android for the Touch and Android for every other phone is the Touch allows for Android to be flashed to the phone’s ROM (NAND memory). This was a big break through for Android development and has increased battery life and speed greatly. Running Android on the Touch can be done following the steps above but it is recommended to run Android by flashing the phones NAND memory. To learn how to do that, start at the Android Touch FAQ thread at XDA-Developers.
Android ports for the HTC Touch can also be used on the following phones with varying success.
  • HTC Nike (Neon)
  • HTC Polaris (Touch Cruise)
  • HTC Kaiser (TyTN II)
  • HTC Titan (Mogul, xv6800)
Note: HTC phones all have proper names that come from HTC and in many cases each carrier will give the phone its own branding and rename the phone to something else. For example, the HTC Titan was called the Mogul on Sprint and the xv6800 on Verizon. To find the Android port for your phone, start by finding the proper HTC name of your device. Start on HTC’s site to discover your device’s official name.
XDAndroid supports the most popular touch screen HTC Windows Mobile phones and if you bought a touch screen HTC Windows Mobile phone within the past year, most likely this port will support your phone. XDAndroid runs directly from the phones microSD memory card on the following phones:
  • Touch Pro (Fuze, RAPH, RAPH800, RAPH500)
  • Touch Diamond (DIAMOND, DIAM500)
  • Touch HD (BLACKSTONE)
  • GSM Touch Pro2 (TILT2,RHODIUM, RHOD400, RHOD500)
  • GSM Touch Diamond2 (TOPAZ)
Andromnia is an Android port for Samsung devices. Currently this port is in the pre-alpha stages and things like the headset speaker does not work. But if you want to test it out it supports the following phones:
  • Samsung i900 (GSM, supported worldwide)
  • Samsung i910 (CDMA, used by Verizon in the US)
  • Samsung i780 (Mirage)
  • Samsung i907 (AT&T Epix)
Wing Linux isn’t as quickly developed as XDAndroid but should get the job done if your phone isn’t supported by any other port. Wing Linux supports the following phones to varying degrees:
  • HTC Artemis
  • HTC Elf, HTC Elfin
  • HTC Excalibur, T-Mobile Dash
  • HTC Gene, HTC P3400
  • HTC Herald, T-Mobile Wing
  • HTC Opal, HTC Touch Viva
  • HTC Pharos
  • HTC Prophet
  • HTC Startrek
  • HTC Wizard
  • Asus P320, Galaxi Mini
You may also want to look at threads for the following phones to check the status of Android on these phones.
Extra links
If you still can’t find what you are looking for I recommend checking out these links for more information.

How to surf web anonymously with TOR



We all many times use proxies for staying anonymous on internet. Lets quickly check out , what we are actually doing
while using proxies. We first connect to a proxy server which brings resources requested by us from the web server.

    
Thus a proxy server hides our identity by acting as an intermediary between us and the web server that we are accessing. Suppose we break into a server using a proxy server thinking that we are anonymous. But what if owner of web server starts enquiring about the clients connecting to it using the proxy server  and it is possible that owners of proxy server might  reveal our identity. This means we cant actually rely on proxy servers for being anonymous online. Here comes the concept of THE ONION ROUTING (TOR) into picture. By using this , the client traffic is supposed to be passed from three different servers or nodes before reaching to actual web server. It may randomly take any path through any three nodes.

Lets consider it has taken path shown by green arrows. Now

* Node 1 knows only actual origin(client) but not actual destinantion(web server).
*Node 5 neither knows actual origin nor actual destinantion.
*Node 9 knows actual destination but not actual origin.

Thus no one exactly knows which client is accessing which web server. So it is highly anonymous.

Installing and Using TOR.

Step 1. Download the TOR client from the given link and run the setup .
   
http://www.ziddu.com/download/12331095/vidalia-bundle-0.2.1.26-0.2.10-1.exe.html

Note: You need to install a Mozilla firefox add on which is included in package you have downloaded to use Tor.





                                          
Step 2. Open the 'Vidalia Control Panel' from the task bar and Click on 'Start Tor'.

                         
Step3. Now open Mozilla Firefox browser, single click on red highlighted 'Tor Disabled' on right corner of browser and it will turn to green highlighted 'Tor Enabled'.

Now just log on to 'www.whatismyip.com' and you will see your new public IP address that will keep changing after an interval of time according to the path randomly taken by web traffic through three different nodes.