"Death awaits you all with nasty, big, pointy teeth." --
Tim
Big, pointy teeth...
This site serves to host the results of a wide array of interests in
security. Contents will touch on penetration testing, incident
response, reverse engineering and general musings. The latter can be
found on my company's blog
(which is in Swedish).
Updates
2011-01-10 Added the
vsftpd on OpenBSD HOWTO.
2010-07-21 Updated version of
An OpenBSD reference sheet,
ksh.kshrc.local.txt and
the new tool vhostid that is of assistance
when trying to identify which (virtual) host names that are related
to a web server. Also, The Reference
Sheet have gotten to a point where it's starting to be useful.
2010-02-17 Updated version of
An OpenBSD reference sheet,
elfsplit,
ksh.kshrc.local.txt.
2010-02-13 Updated version of mnap,
updated version of mresolve.
2010-02-04 Updated bashrc.txt.
2010-01-23 Added permtree,
syslog-merge,
Murphys onda tvilling
and an update section. :-)
Software
Before you download any of the software below there are three things
you should know. (1) All software is licensed under the
ISC license,
the FSF considers it to be compatible
with the GPL. (2) These tools are primarily meant for my own use
and I don't care much about version numbers so you'll have to settle
for the RCS revision numbers mostly. Also, some of the tools I write
are reimplementations of old ones and I'm aware that there are
hundreds of Perl, C and (nowadays) .NET programs that solve the
same set of problems. (3) All the tools are meant to run under Linux
but should be pretty portable.
If you have questions or suggestions you can reach me at stef at
bigpointyteeth dot se.
Discovery
-
domainchk (sh) -
Gather some general information on a domain from DNS.
-
mnap (bash) -
Small harness script that helps out when scanning large networks with
nmap.
-
mresolve (python) -
Forward and reverse DNS resolver with simple interface, nice output
and threads.
-
neighbours (python) -
Virtual host enumeration with the help of
Live Search. Not very fast but with
a usable interface. It's not working anymore due to Microsoft's changes in Bing.
The site www.robtex.com is much more usable anyway.
Also, check out vhostid which is related.
-
permtree (bash) -
Generate permutations of file and directory tree of a wwwroot.
-
sitered (python) -
Find new host names under a common domain through site reduction on
Live Search. (Same as for neighbours, won't parse Bing's results.)
-
vhostid (sh) -
A quite crude and simplistic (but helpful) tool to identify which
vhosts are connected to a web server for which you only have the IP
address for. A common problem when port scanning for web servers.
Check the sample vhostid output.
Reverse engineering
-
elfsplit (bash) -
Split an ELF binary across the sections into separate files. Kind of
an ugly hack really.
-
elfsummary (sh) -
Use GNU binutils
to output file- and section headers, disassemblies and hexdumps from
an ELF binary.
Post-exploitation
-
bindshell.c -
Classic forking bind shell for Linux.
-
reverseshell.c -
Classic reverse shell for Linux.
-
rootshell.c -
Local setuid root shell for Linux.
-
webshell.php.gz -
A simple, subtle web shell in PHP that uses POST request instead
of GET to decrease the value of the logs.
-
debugtrick (python) -
Script to facilitate transfer of binary data across an alpha-numeric
connection to a Windows box so that it can be assembled with
DEBUG.EXE.
Incident response
-
syslog-merge (sh) -
Merge two or more syslog output files in chronological order.
Miscellaneous
-
magick-0.9.tar.gz (bash) -
Helper script for ImageMagick
that does dropshadows, thumbnails, HTML indexing, rounded corners and more.
It is slightly buggy, so beware.
-
proxtest (bash) -
Test proxy lists for anonymity and sort them according to speed.
Light-weight and nice but pretty slow.
-
lfsr (python) -
Python class for a linear feedback shift register, created for a
cryptology course
in school.
-
deldupes (python) -
Find duplicates (files with matching MD5 hashes) in a directory and
optionally delete all except one of the duplicates.
-
hextrainer (python) -
Exercise your hexadecimal arithmetic skills on the command line.
Kind of cute.
Dictionaries
Documents
-
vsftpd on OpenBSD HOWTO (html) -
A short guide on how to install and configure vsftpd on OpenBSD.
-
The reference sheet (pdf) -
This is some kind of body of knowledge, it contains a variety of useful
and useless things mostly related to UNIX-like systems and their
administration. It's not finished and will probably never be. It could
have a nicer layout though, something like
UNIX TOOLBOX for example. Don't trust everything in it and please let
me know if you find any errors. Enjoy!
-
An OpenBSD reference sheet (pdf) -
This is a one-page reference sheet for administrative work in
OpenBSD. It covers user management, packages, ports, networking, patching
and some other topics.
-
Murphys onda tvilling (pdf) -
An essay (in Swedish) accompanying my talk at Sundsvall 42 in 2009.
Configurations
These are the configuration files that I've grown used to. They
are of course centered on my own needs but I wanted them online so
that I can reach them at all times. However, I've commented
them extensively so that they are easy to understand and steal
ideas from.
Bookmarks
Promotion
-
IT-säkerhet enligt High Performance Systems
is my ("professional") blog (it's in Swedish).
-
wmii is a small, dynamic
window manager for X11.
-
moc is a beautiful curses-based media
player with a client-server architecture.
-
Raggle is a cool curses-based RSS reader
that works nicely over SSH.
-
HT is a nice little hex editor
for executables. Very potent.
-
regex-markup can colourize
and mangle any input with the help of regular expressions. Very sweet.
-
Gertrud Båge har butik och
ateljé på Österlånggatan i Gamla Stan. Arbetar med
lergods, stengods, raku och terra sigillata.
-
Prezi is a wicked-cool Web 2.0-style
alternative to Powerpoint.
-
Doodle is an excellent way for a group of
people to agree on a time for a meeting.
-
You might want to check this out as well.
Tools
-
www.telia.se -
Identify the phone brand and model of a Telia customer.
-
Sök operatör -
Identify the operator of a phone number.
-
FileAdvisor - Identify files by their hash.
-
robtex - A superior DNS information tool.
-
DNSCheck - The DNS checking tool of .se, tremendously useful when troubleshooting DNS.
-
MX Toolbox - A very good tool to check mail blacklists.
$Id: index.html,v 1.89 2011/01/10 08:29:32 stef Exp $
Copyright (c) 2009-2010, Stefan Pettersson