Monday 13 February 2012

Different options for updating your Linux Distribution (apt-get)

For some people it is not straightforward what each command does when they update their Linux Distribution. This brief blog post provides some information on the different commands being used for updating a distribution using the apt-get command.  

apt-get update
update downloads the package lists from the repositories and "updates" them to get 
   information on the newest versions of packages and their dependencies (for all 
   repositories and PPAs). It is used to re-synchronize the package index files 
   from their sources from the location(s) specified in /etc/apt/sources.list. An update
   should always be performed before any upgrade.

apt-get upgrade
upgrade is used to install the newest versions of all packages currently installed on the 
   system from the sources enumerated in /etc/apt/sources.list. Packages currently 
   installed with new versions available are retrieved and upgraded; under no

   circumstances are currently installed packages removed, or packages not already 
   installed retrieved and installed. New versions of currently installed packages that
   cannot be upgraded without changing the install status of another package will be left
   at their current version. An update must be performed first so that apt-get knows that
   new versions of packages are available.

apt-get dist-upgrade
dist-upgrade in addition to performing the function of upgrade, also intelligently
   handles changing dependencies with new versions of packages; apt-get has a "smart"
   conflict resolution system, and it will attempt to upgrade the most important packages
   at the expense of less important ones if necessary. So, dist-upgrade command may remove
   some packages. The /etc/apt/sources.list file contains a list of locations from which
   to retrieve desired package files. See also apt_preferences(5) for a mechanism for 
   overriding the general settings for individual packages.

apt-get full-upgrade
full-upgrade performs the function of upgrade but may also remove installed packages if
   that is required in order to resolve a package conflict.







Monday 16 January 2012

Guerilla activists hack Bank of America ATMs all over San Francisco

They turned them into “Automated Truth Machines.” (Now they’re exponentially more useful than the totally useless Wells Fargo ATMs in the Mission.) Hacking! Rainforest Action Network explains how it was done.

[1] http://www.missionmission.org/2012/01/13/guerilla-activists-hack-bank-of-america-atms-all-over-san-francisco/

DEFT - Computer Forensics Live CD

DEFT Linux 7 RC1

..a very stable DEFT Linux 7 release [1], solving all problems responsible for postponing the release date for RC1. We performed several tests on different computer platforms: laptops, servers and desktop PCs. Our main focus was based on Lenovo, DELL, ASUS, Acer, Apple, IBM laptops, IBM and DELL servers as well as Acer, Lenovo and Dell desktop PCs. We tested everything both booting as a live CD and installing the distro on the test machine: compatibility tests suceded with excellent results.

From this year DEFT 7 will also add more support to mobile forensics: we added several tools that allow you to analyze files and databases used in new generation smartphones (Android and iPhone). From the next release there will be a section completely dedicated to Cyber Intelligence.

[1] http://www.deftlinux.net/

Arachni: Web Application Security Scanner Framework

Arachni Web Application Security Scanner [1], is a Free/Open Source project, the code is released under the GNU General Public License, version 2 and you are free to use it as you see fit. On the January the 12th of 2012 the software Arachni is moving away from GPLv2 and towards Apache License v2.0. This is due to several license reasons [2].


[1] http://arachni-scanner.com/overview
[2] http://trainofthought.segfault.gr/2012/01/12/arachni-is-moving-away-from-gplv2-and-towards-apache-license-v2-0/

Sunday 26 June 2011

Metasploit - How to log the output of what you are doing

Yes, I admit it, I also was one of the people scrolling up and down to find the information I was looking for in a module's output, or copying the whole stdout to a file in order to make my life a bit easier. As of revision r13028 [1] the console now supports the spool command.
(To access the new command, use the msfupdate command on Linux (or just "svn update") or the Metasploit Update link on Windows)


No more hassle, you can use the spool command to log all the stdout to a file automatically! So, while in metasploit, you can type:


spool on


or


spool /root/msfoutput.txt


and anything you do will be logged in that file (all output will always append).




If you want to stop this just type:


spool off




As a quick tip, you can either check the contents of the log file by using the 'cat' command or follow the stream as it is being generated by using the 'tail -f' command


Hope you find this helpful as I did! :D







[1] https://community.rapid7.com/community/metasploit/blog/2011/06/25/metasploit-framework-console-output-spooling