“MAC Address Scrambling“- By name itself we can understand, instead of using burned-in address, the machines uses random MAC address every time. The machines changes MAC address regularly to improve security. MAC address is 48 bit hexadecimal digit which is burned in every electronic device has capability of “connectivity” such as mobile devices, smart TV, PC, etc. “Apple” added this feature to iPhones from iOS8 to protect user’s privacy.
So, how static MAC address causes some security issues? First thing caught in my mind is this
According to Edward Snowden, the National Security Agency has a system that tracks the movements of everyone in a city by monitoring the MAC addresses of their electronic devices. As a result of users being trackable by their devices’ MAC addresses, Apple has started using random MAC addresses in their iOS line of devices while scanning for networks.If random MAC addresses are not used, researchers have confirmed that it is possible to link a real identity to a particular wireless MAC address.
Continue reading “MAC Address Scrambling in Linux”
*A blog post that I’m actively collecting “Linux pseudo files and cheat sheets”
cat /sys/devices/system/cpu/cpu*/cpufreq/scaling_cur_freq – Real time speed of the CPU(ability to adjust their speed to help in saving on battery/power usage)
/proc/cpuinfo | grep MHz – The absolute (max) CPU speed
/proc/sys/net/ipv4/* – Refer kernel.org docs
/proc/net/tcp6 – Refer kernel.org doc for more info
Special Device Files:
/dev/null– Discards all data written to it but reports that the write operation succeeded[Read man]
/dev/full – Returns the error code ENOSPC (meaning “No space left on device”) on writing[Read man]
/dev/random – Special file that serves as a blocking pseudorandom number generator. It allows access to environmental noise collected from device drivers and other sources.(Block until additional environmental noise is gathered)[Read man]
/dev/urandom – Without block [Read man]
/dev/zero – Provides as many null characters as are read from it [Read More]
/var/lock/ – Store lock files, which are simply files used to indicate that a certain resource (a database, a file, a device) is in use and should not be accessed by another process. Aptitude, for example, locks its database when a package manager is running.
/var/run – Used to store .pid files, which contain the process id of a running program. This is commonly used in services or other programs that need to make their process id’s available to other processes.
lscpu – Display CPU architecture information
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 40 | head -n 1 – Generates 40 characters long random string.
mtr – mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.
1. Install virtual box in kali linux 2016 (kali-rolling)
Below are the dependency packages for virtual-box in in kali linux
libpng12 (Download .dep package, and install with command
dpkg -i package_name)
libvpx1 (Download .dep package, and install with command
dpkg -i package_name)
apt-get install libssl1.0.0)
Now goto virtual-box’s download page, download dep package for Debian 7 (“Wheezy”) version and then install the .deb package with
dpkg -i package_name
*Below links I found useful, collected from various sites.
- How to recover lost Python source code if it’s still resident in-memory
- Android Internals [PDF] by Jonathan Levin: Talked about Linux vs Android, File system, Partitions, Boot, Backup & recovery, Init, Daemons
- USG is a firewall for your USB ports, protecting your computer from BadUSB
- CHIPSEC A framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI)
- Cpython Internals: Codewalk through the Python interpreter source codes [Youtube Playlist]: Talked about Opcodes, Frames, Function calls, PyObjets, Python Datatypes, Iterators, Generators, Clases, etc
- Dive in to BPF: A list of reading materials for BPF
- Run Levels & How to make init scripts
- Simple BFP implementation in Python
- Problem Solving with Algorithms and Data Structures using Python [BOOK] By Brad Miller and David Ranum, Luther College: Talked about Basic Data Structures, Recursions, Sorting & Searching, Tree Algorithms and Graphs Algorithms
- Natural Language Processing with Python [BOOK] by Steven Bird, Ewan Klein, and Edward Loper: Talked about Processing Raw Text, Writing Structure Programs, Categorizing and Tagging words, Classify Text, Extract Info, Analyzing Sentences, Basic Grammars, Linguistic Data, etc
- Capturing Wireless LAN Packets on Ubuntu with tcpdump and Kismet
- BPF Compiler Collection [Github Repo] A toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples
- An Introduction to Linux Permissions
htop explained visually with screenshot
- How to Make a Computer Operating System
- Python for Android
- DNS Queue – A Parallelised DNS Prober
- Python Cheat Sheets
- Where Am I[Git Repo] Uses WiFi signals and machine learning (sklearn’s RandomForest) to predict where you are. Even works for small distances like 2-10 meters.
- Explain Shell
- Infinite possibilities with the Scapy Module
VIM while playing
- BASH Cheat Sheet
- VirusTotal – VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
- Python Anti-Patterns – Best Python Coding Practices
- How Linux CPU Usage Time and Percentage is calculated
- Linux Memory Managment Frequently Asked Questions
- Live Hacking Attack Map
- Python Plays: Grand Theft Auto V – By sentdex : Self Driving Car, Neural Network Training Data for self-driving, Balancing self-driving training data ,etc
- Pythonic Data Structures and Algorithms
- Removing Your PDF Metadata & Protecting PDF Files
- https://ngrok.com/ – Secure tunnels to localhost
- Tool for in-depth analysis of USB HID devices communication
- An Illustrated Guide to the Kaminsky DNS Vulnerability
- Spear Phishing 101
- What is
sticky bit in Linux?
- Set up your own malware analysis lab with VirtualBox, INetSim and Burp
- Step by step Metasploit walkthrough
- Linux Bridge – how it works
- SSH Check
- Shutit – An automation tool that models a user’s actions on a terminal.
- Phishing With a Rogue Wi-Fi Access Point
- Fuzzing proprietary protocols with Scapy, radamsa and a handful of PCAPs
- WiFi-Pumpkin[Github Repo] Framework for Rogue Wi-Fi Access Point Attack
- https://stackhackr.barkly.com/ – Creating your own malware in 5 minutes or less.
- Writing a Simple Operating System — from Scratch [PDF]
- A collective list of free JSON APIs for use in web development
- Learn Regular Expression in Easy Way
- fast DDoS analyzer with sflow/netflow/mirror
- Metadata: a hacker’s best friend
- A Python Package for creating backdoors!
- malware-traffic-analysis.net – A source for pcap files and malware samples
- 30 interesting commands for the Linux shell
- How security flaws work: The buffer overflow
- From SQL Injection to Shell
- Realmode Assembly – Writing bootable stuff
- Hardware Hacking & Circuitry: Part 2: Amount of electricity, Resistance, Power, AC/DC
- Understanding and generating the hash stored in /etc/shadow