Tr3x: August 2016

Thursday, 11 August 2016

HOW TO HACK INTO UBUNTU

PREREQUISITES:-

The user name used in the computer
A basic knowledge of English (Yeah that's it!!!!)

STEPS:

Switch on the computer. Press either Shift or Escape to get to the grub shell.(It depends on the computer and varies as per the model and on the fact that if you have dual booted or not)
Once you get the grub menu. Click on the Advanced Ubuntu Settings in the menu.
In the Advanced Settings Menu you will see lot of options such as normal boot, recovery mode with various versions. Click on the recovery mode option.
After It reads all the File Systems for errors. It shows a menu where llot of options like resume noormal boot are displayed. Click on the one saying Root shell access.
You will get a shell. Now type " ls /home"
Type passwd username (substitute username with username in the computer)
you will get a command to input your new UNIX password. Type it in. confirm the password.
Once it says password changed successfully. type Reboot .
Enter into the system using the new password.

ISSUES

If after typing the password you get a message saying password not authenicted just type in " mount -rw -o remount / "
and lo behold you get permissions to write in the drive.

Monday, 8 August 2016

PYTHON MODULE :- REGULAR EXPRESSIONS MODULE

IMPORTING THE MODULE

import re

ABOUT THE MODULE

It provides regular expressions matching that provided in Perl . It is used to perform actions on stings mainly. Certain special characters are offered new meanings in this module

THE split() FUNCTION
it is used to split strings with multiple delimiters unlike the usual split function.
SYNTAX:-
result=re.split(<delimiters> ,<>,<>,<buffer>,maxsplit=0,flags=0)
REPORT:-
The split() has the ability to split strings at points where it finds patterns (delimiters).It stores the result in form of a list.
for removing all characters other than alphanumeric, the METACHARACTER \w is used .

>>> re.split(r'[^\w]', 'toto"t"o/t!')
['toto', 't', 'o', 't', '']

SOME EXAMPLES

>>> re.split('\W+', 'Words, words, words.')
['Words', 'words', 'words', '']
>>> re.split('(\W+)', 'Words, words, words.')
['Words', ', ', 'words', ', ', 'words', '.', '']
>>> re.split('\W+', 'Words, words, words.', 1)
['Words', 'words, words.']
>>> re.split('[a-f]+', '0a3B9', flags=re.IGNORECASE)
['0', '3', '9']

Sunday, 7 August 2016

FORMAT STRINGS

NOTES:-

ASCII string to control representation of variable
Variadic functions:- accept variable no of arguments

printf()
fprintf()

format specifiers are given to format the output

%s,%d,%x are all common format specifiers

THEORY : When a variadic function accepts only one input buffer, we supply the buffer with a format specifier which makes it look above it inthe stack for the arguments needed this causes the program to print information it never meant to print , which in a sense is a kind of error which can be exploited.
Numbers can also be give before the specifier to format the no of bytes of the output like

%5s
%10d

Direct parameter access

These can be used to access the reuired parameter directly.
syntax :: %5$d

Using Direct parameter access requires the use of python mostly

Using Python for printing the fifth address in the stack python -c 'print "AAAA.%5$x"'| ./filename
Using Python for program with command line arguments ./filename $( python -c 'print "AAAA.%5$x"')

Friday, 5 August 2016

How to SSH between two computers

step 1: install openssh severs and library using the command
   sudo apt-get install openssh-server openssh-client

step 2: start an ssh server
     sudo systemctl start ssh #this is for ubuntu 16.04
    sudo service ssh start #other linux systems

SETTING UP THE SERVER (optional)

step 3: back up the config file in the ssh folder {~/etc/ssh}
    sudo cp /etc/ssh/sshd_config{,.bak}

step 4:open this an editor
sudo nano /etc/ssh/sshd_config
   leave most of the things in this file. Certain things that can be done using this file is :

changing the port used for connection
check on the public and private keys
change the time for which u can log in