Download videos from securitytube.net
It was a Sunday morning `n i was at home. I had to get on a train back to the hostel at noon; a lot of pending work undone, i had to download those videos from www.securitytube.net pronto.
I usually download videos put up on youtube using www.keepvid.com ; its a really good site which gets the job done – nice and easy.
However, videos from securitytube could`nt be downloaded this way; so here are a couple of ways to do it(thnkx to Anirudh and ideamonk)
Method 1 :
———
Viewing the source of the page in which the video is being played, and searching for “.mp4″ gets you the actual location of the video. All you have to do is use a download manager to download from that location. I use firefox, and i used the download manager which came with the addon named “DownThemAll!” for this purpose.
Method 2 :
———
In case you are using linux, then the videos get buffered into the /tmp directory. Mostly, they`ll begin with the name “Flash” to be followed by a few other numbers and characters. Just copy them to a different location AFTER the video finishes buffering.
Hope this helps!!! 
Buffer overflows; the way i see it
Towards the beginning of this month, i was part of a team that had taken part in the CIPHER 5 capture the flag competition; due to lack of experience and preparation we had failed to fare well in it; we came out 22nd out of 32 worldwide.
However, buffer overflows was a topic i did not manage to cover fully during the preps for the competition; so i continued my work on it even after the it. My work is mainly on the Linux distro named DVL – Damn Vulnerable Linux(you mite wanna google it out if you have`nt heard of it); its a linux distro based on backtrack which has got vulnerable apps of many various kinds which are excellent for practice. It was referred to me by Marcus J. Carey, a security auditor who has helped me in numerous occasions.
Now, i don`t pretend to be an expert on buffer overflows; i`d rate myself intermediate. However, i`ll mention a few guidelines you could follow which might help you at exploiting overflows. SO, here are the references(please let me know if there are better ones)
1. Try reading `bout buffer overflows on wikipedia.
2. Video tutorials on “Assembly programming in Linux” which`ll explain the basics of memory management and assembly programming on an Intel x86 system by Vivek Ramachandran.(1-7 is enough). Neat work.
3.Video tutorials on “Exploiting buffer overflows” by Vivek Ramachandran(1-5). Neat again(but a bit slow).
4.Try reading “Smashing the Stack” ; an excellent article by aleph1 which was published in the Phrack magazine.
Now, once you are done with all that you could try out DVL(i used DVL 1.4); i`d suggest you go through the challenges in the -
/dvl/exploitmes_package_04/
directory before going through the others. After going through all the above tutorials the challenges in that directory should be a breeze.;-) However, if you still find trouble there are a nicely written tut`s in that directory itself. I strongly advice you not to go through them in the beginning.
So what am i upto now? Well, i`ll let you know when i`m done with that…
P.S. if you wanna know how to download videos from www.securitytube.net , read this.
RPC DCOM exploit….
i tried out the RPC DCOM exploit last day. my test environment was set up using two virtual machines; one running bt3 and the other running an XP with service pack 1. the two VM`s were put on a NAT configuration which meant that it both of them would behave as though connected via a LAN cable.
the test wasn`t much; all i had to do was compile and execute the source code indicating the target OS and the target IP and WHOALLAH!!!
my XP machine in VMware…
backtrack running on VMware…
i run the exploit; get myself a shell!!
check out more about RPC DCOM exploits on this article by Mati Aharoni HERE.
hackthissite.org
the first webpage based hacking site i`ve worked on; and certainly among the best. this one offers you sections which test your skills on a variety of levels like….
um… on second thought, i think its best that you check out the site for yourself, without me playing spoiler…
i`ve finished all of the basic and javascript missions, few realistic,extbasic and logic missions and fewer application missions. have`nt touched the stego or the Irc missions(oopsi! gotta set straight!!!)
Ettercap…. WOW!!!
i think the name “ettercap” SUCKS.
but that would`nt stop me from using it, would it?
Last day, i read about ARP spoofing and find out that it can be done the hard way by using just a packet sniffer like wireshark. on googling i find “ettercap”; an exceptionally great piece of work which can perform ARP spoofing, DHCP spoofing and much more….
Its got amazing plugins built into it which can range in functionality from finding out if an ARP poisoning attack was successful, to launching a DoS attack on another system in the network…
This is DEFINITELY a tool you must try out; click here to download Ettercap for linux and here to download Ettercap for Windows. `NJOI!!! 
AND OH!!! ALMOST FORGOT… when you run ettercap; it`d better be with root privileges.
enumeration using nslookup …
Interaction with a DNS server can be done by using programs like dig,nslookup etc.
nslookup is a very useful tool which can be used for forwarding dns requests to and from a dns server.
I have chosen to use “checkpoint.com” as the site on which commands like nslookup can be used upon. The choice of site is based on no malicious intent. (more…)
enumeration using “whois” ….
whois is a TCP service, a tool and a database. Whois databases contain information about nameservers, registrars, and contact information. It can be used to perform different kinds of forward and reverse lookups; both of which will be explained in this article. (more…)
enumeration using netcraft …
Another online resource for information gathering is the website http://www.netcraft.com
Netcraft is an internet monitoring company which monitors uptimes and providing server OS detection. It can be used to find out information about websevers, the operating systems they use, web server version etc. Try it out, you`ll be surprised at the amount of information they provide…
You could get a better idea of the company by simply googling it or reading about it on Wikipedia.
enumeration using google….?
Google is undoubtedly the most popular search engine around. much importance is to be laid on the way in which you utilize this resource as this is often overlooked. the method by which you can make clever search queries to get information on company servers, contact numbers, files and services on a particular server and much much more is referred to as Google hacking. (more…)
an intro to the coolest linux distro EVER….
one fine day i decide to take my work a little bit more seriously; and i google “security distro`s”. i come across a slackware variant known as “backtrack”. on further reading i get to know that it`s currently rated #1 among security distro`s and that it was created from two pre-existing distro`s named “WHAX” and “Auditor”.
i did something which any guy my age would do.
i downloaded the live CD image of the distro; burned a CD and booted it up. i had no idea what was in store for me. it offered various boot options and i chose to use the KDE 3.5 interface which it offered. on further snooping around, i found that the number of tools in backtrack3 topped 150.
it was overwhelming.
then i did something not many guys my age would be crazy enough to attempt alone.
i started working on the tools one-by-one. being just 19 years old and having only the very basic idea of networking and OS architecture; i set off. it was`nt easy as my foundations were weak; in most of the cases i just did not have one. the first tool i came across was netcat. now, i`ve decided to release tutorials on the tools i`ve mastered. they`re no shortcut. but they`ll help you on what exactly to learn; thus helping you use these tools in a faster and more efficient manner than i did(hopefully ). these tutorials assume you have a basic idea on networking and OS`s like linux and its variants.
the tutorials`ll be put up soon enough…
