MAC Address Scrambling in Linux

MAC Address Scrambling“- By name itself we can understand, instead of using burned-in address, the machines uses random MAC address every time. The machines changes MAC address regularly to improve security.  MAC address is 48 bit hexadecimal digit which is burned in every electronic device has capability of “connectivity” such as mobile devices, smart TV, PC, etc. “Apple” added this feature to iPhones from iOS8 to protect user’s privacy.

So, how static MAC address causes some security issues?  First thing caught in my mind is this

According to Edward Snowden, the National Security Agency has a system that tracks the movements of everyone in a city by monitoring the MAC addresses of their electronic devices. As a result of users being trackable by their devices’ MAC addresses, Apple has started using random MAC addresses in their iOS line of devices while scanning for networks.If random MAC addresses are not used, researchers have confirmed that it is possible to link a real identity to a particular wireless MAC address.

-Wikipedia

Continue reading “MAC Address Scrambling in Linux”

Linux, Python and other useful resource links

*Below links I found useful, collected from various sites.

    1. How to recover lost Python source code if it’s still resident in-memory
    2. Android Internals [PDF]  by Jonathan Levin: Talked about Linux vs Android, File system, Partitions, Boot, Backup & recovery, Init, Daemons
    3. USG is a firewall for your USB ports, protecting your computer from BadUSB
    4. CHIPSEC  A framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI)
    5. Cpython Internals: Codewalk through the Python interpreter source codes [Youtube Playlist]: Talked about Opcodes, Frames, Function calls, PyObjets, Python Datatypes, Iterators, Generators, Clases, etc
    6. Dive in to BPF: A list of reading materials for BPF
    7. Run Levels & How to make init scripts
    8. Simple BFP implementation in Python
    9. Problem Solving with Algorithms and Data Structures using Python [BOOK] By Brad Miller and David Ranum, Luther College: Talked about Basic Data Structures, Recursions, Sorting & Searching, Tree Algorithms and Graphs Algorithms
    10. Natural Language Processing with Python [BOOK] by Steven Bird, Ewan Klein, and Edward Loper: Talked about Processing Raw Text, Writing Structure Programs, Categorizing and Tagging words, Classify Text, Extract Info, Analyzing Sentences, Basic Grammars, Linguistic Data, etc
    11. Capturing Wireless LAN Packets on Ubuntu with tcpdump and Kismet
    12. BPF Compiler Collection [Github Repo] A toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples
    13. An Introduction to Linux Permissions
    14. htop explained visually with screenshot
    15. How to Make a Computer Operating System
    16. Python for Android
    17. DNS Queue – A Parallelised DNS Prober
    18. Python Cheat Sheets
    19. Where Am I[Git Repo] Uses WiFi signals and machine learning (sklearn’s RandomForest) to predict where you are. Even works for small distances like 2-10 meters.
    20. Explain Shell
    21. Infinite possibilities with the Scapy Module
    22. Learn VIM while playing
    23. BASH Cheat Sheet
    24. VirusTotalVirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.  
    25. Python Anti-Patterns – Best Python Coding Practices
    26. How Linux CPU Usage Time and Percentage is calculated
    27. Linux Memory Managment Frequently Asked Questions
    28. Live Hacking Attack Map
    29. Python Plays: Grand Theft Auto VBy sentdex : Self Driving Car, Neural Network Training Data for self-driving, Balancing self-driving training data ,etc
    30. https://pythonprogramming.net/
    31. Pythonic Data Structures and Algorithms
    32. Removing Your PDF Metadata & Protecting PDF Files
    33. https://ngrok.com/ – Secure tunnels to localhost
    34. Tool for in-depth analysis of USB HID devices communication
    35. An Illustrated Guide to the Kaminsky DNS Vulnerability
    36. Spear Phishing 101
    37. What is setiud, setgid and sticky bit in Linux?
    38. Set up your own malware analysis lab with VirtualBox, INetSim and Burp
    39. Step by step Metasploit walkthrough
    40. Linux Bridge – how it works
    41. SSH Check
    42. Shutit – An automation tool that models a user’s actions on a terminal.
    43. Phishing With a Rogue Wi-Fi Access Point
    44. Fuzzing proprietary protocols with Scapy, radamsa and a handful of PCAPs
    45. WiFi-Pumpkin[Github Repo] Framework for Rogue Wi-Fi Access Point Attack
    46. https://stackhackr.barkly.com/ – Creating your own malware in 5 minutes or less.
    47. Writing a Simple Operating System — from Scratch [PDF]

How to create HTTPS proxy in apache

Some times you might need https to securely send data to an API(Or access website), but the API might not officially support https or it could be some other reasons will  stick to HTTP which is insecure. I also encountered similar situation, I used TSDB to store time series date, but the TSDB supports only http , but not https. So, I decided to put a HTTPS proxy in front of original API. Since I don’t have much knowledge on apache, after a long Internet search, I finally found the solution and I just want to share

The Scenario

Scenario

Continue reading “How to create HTTPS proxy in apache”

GNU screen commands(Cheat Sheet)

GNU Screen is a terminal multiplexer, a software application that can be used to multiplex several virtual consoles, allowing a user to access multiple separate login sessions inside a single terminal window, or detach and reattach sessions from a terminal. It is useful for dealing with multiple programs from a command line interface, and for separating programs from the session of the Unix shell that started the program, particularly so a remote process continues running even when the user is disconnected. [more]

-Wikipedia

  • sudo apt-get install screen -y

Continue reading “GNU screen commands(Cheat Sheet)”

Automated Wifi De-authentication attack

A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point.

Wikipedia

As you can see, this type of attack is pretty powerful and difficult  to detect who is attacking. There are some tools for this attack like “aircrack-ng”(You can check the commands here).

So, basically the concept is the attacker broadcasts a wifi management “De-authentication” frame to victim’s to tell deauthenticate. It is like, “Hey client! can you please deauthenticate and authenticate”.  Then the client will reconnect to AP(Access Point). These type of frames are supposed to send by valid “AP” to its clients, but the attacker can mimic these frames and broadcasts in the network.

Continue reading “Automated Wifi De-authentication attack”

Install Python 3.5 in Ubuntu 14

Before installing Python 3.5, it is recommended to install build dependencies.So, run the following commands

sudo apt-get install build-essential checkinstall
sudo apt-get install libreadline-gplv2-dev libncursesw5-dev libssl-dev libsqlite3-dev tk-dev libgdbm-dev libc6-dev libbz2-dev

Now download the python 3.5 tar ball

wget https://www.python.org/ftp/python/3.5.0/Python-3.5.0.tgz

Extract and install Continue reading “Install Python 3.5 in Ubuntu 14”

Port Mirroring with iptables

I have tested in Ubuntu 14 (I don’t know about other distros). As you know, sometimes port mirroring is useful for monitoring the network traffic for intrusion detection system,Passive probing, etc. Basically, it sends a copy of packet to destination which was received on the interface(depends on your configuration). And again depends on your need, you can use Netflow also.

Continue reading “Port Mirroring with iptables”