Posts Tagged ‘linux’

Python: How to Install and Update pip on Ubuntu

Surprisingly, pip doesn’t come pre-installed on Python 2 or 3 in Ubuntu (as of v 14.04). This could be untrue in some flavors of the distro, but mine is pretty inclusive and yet no pip.

To install it:

$ sudo apt-get install python-pip python-dev build-essential
$ sudo pip install –upgrade pip
$ sudo pip install –upgrade virtualenv

tux

White & Black box Debuggers, Intelligent Debugging, and Dynamic Analysis

Debugging is a common task for data scientists, programmers, and security experts alike. In good ole RStudio we have a nice, simple built-in white-box debugger. For many analysis-oriented coders, the basic debugging functionality of an IDE like RStudio is all they know and it may be a surprise that debugging is a bigger, much sexier, topic. Below I define and describe key topics in debugging and dynamic analysis, as well as provide links to the most cutting edge free debuggers I use.

Dynamic Analysis: Runtime tracing of a process, usually performed using a debugger. Dynamic Analysis is critical for exploit development, fuzzer assistance, and malware inspection.

Debugger: a program that is used to test and troubleshoot other programs.Intelligent Debugger: a scriptable debugger that supports extended features such as call hooking, such as Immunity Debugger and PyDbg.

White Box Debugger: Debuggers built into IDEs and other dev platforms, which enable developers to trace through source code with a high degree of control, as to aide in the troubleshooting of functions and other code breakages.
Black Box Debugger: Used by bug hunters and reverse engineers, black box debuggers operate on compiled programs when the source code is not available and the only information is available in a disassembled format. There are two broad subclasses of black box debuggers, which are user mode (i.e. ring 3) and kernel mode (i.e. ring 0).
User mode black box debugger: a processor mode under which your applications run, usually with the least amount of privilege (e.g. double clicking PuTTY.exe launches a user-mode process).
Kernel mode black box debugger: a processor mode where the core of the OS runs using the highest amount of privilege (e.g. capturing packets with a network adapter that is in passive mode).
User-mode Debuggers Commonly used among Reverse Engineers
WinDbg by Microsoft
OllyDbg by Oleh Yuschuk, a F.O.S.S. debugger
GNU Debugger (gdb), a F.O.S.S. Linux debugger by the community
Script_Debugger

Linux: How to Install and Configure a Seedbox

#rTorrent for Transferring Free and Open Source files only!
 
mkdir ~/install
mkdir /var/www/files
mkdir /var/www/watch
mkdir /var/www/.temp
chown -R www-data:www-data /var/www
 
apt-get update
apt-get -y upgrade
apt-get -y install apache2 apache2-utils autoconf build-essential ca-certificates comerr-dev libapache2-mod-php5 libcloog-ppl-dev libcppunit-dev libcurl3 libcurl4-openssl-dev libncurses5-dev ncurses-base ncurses-term libterm-readline-gnu-perl libsigc++-2.0-dev libssl-dev libtool libxml2-dev ntp openssl patch libperl-dev php5 php5-cli php5-dev php5-fpm php5-curl php5-geoip php5-mcrypt php5-xmlrpc pkg-config python-scgi dtach ssl-cert subversion zlib1g-dev pkg-config unzip htop irssi curl cfv nano unrar-free mediainfo libapache2-mod-scgi
ln -s /etc/apache2/mods-available/scgi.load /etc/apache2/mods-enabled/scgi.load
 
cd ~/install
svn checkout http://svn.code.sf.net/p/xmlrpc-c/code/stable xmlrpc-c
cd xmlrpc-c
./configure --disable-cplusplus
make
make install
 
cd ~/install
wget http://libtorrent.rakshasa.no/downloads/libtorrent-0.13.2.tar.gz
tar xvf libtorrent-0.13.2.tar.gz
cd libtorrent-0.13.2
./autogen.sh
./configure
make
make install
 
cd ~/install
wget http://libtorrent.rakshasa.no/downloads/libtorrent-0.13.2.tar.gz
tar xvf libtorrent-0.13.2.tar.gz
cd libtorrent-0.13.2
./autogen.sh
./configure
make
make install
 
nano ~/.rtorrent.rc
#PASTE THE FOLLOWING
 
# Configuration file created for www.filesharingguides.com for single user rutorrent seedbox
# Maximum and minimum number of peers to connect to per torrent.
# min_peers = 25
max_peers = 100
# Same as above but for seeding completed torrents (-1 = same as downloading)
min_peers_seed = -1
max_peers_seed = -1
# Maximum number of simultanious uploads per torrent.
max_uploads = 100
# Global upload and download rate in KiB. "0" for unlimited.
download_rate = 0
upload_rate = 0
# Default directory to save the downloaded torrents.
directory = /var/www/files
# Default session directory. Make sure you don't run multiple instance
# of rtorrent using the same session directory. Perhaps using a
# relative path?
session = /var/www/.temp
# Watch a directory for new torrents, and stop those that have been
# deleted.
schedule = watch_directory,5,5,load_start=/var/www/watch/*.torrent
schedule = untied_directory,5,5,stop_untied=
# Close torrents when diskspace is low.
schedule = low_diskspace,5,60,close_low_diskspace=100M
# The ip address reported to the tracker.
#ip = 127.0.0.1
#ip = rakshasa.no
# The ip address the listening socket and outgoing connections is
# bound to.
#bind = 127.0.0.1
#bind = rakshasa.no
# Port range to use for listening.
port_range = 6890-6999
# Start opening ports at a random position within the port range.
#port_random = no
# Check hash for finished torrents. Might be usefull until the bug is
# fixed that causes lack of diskspace not to be properly reported.
#check_hash = no
# Set whetever the client should try to connect to UDP trackers.
#use_udp_trackers = yes
# Alternative calls to bind and ip that should handle dynamic ip's.
#schedule = ip_tick,0,1800,ip=rakshasa
#schedule = bind_tick,0,1800,bind=rakshasa
# Encryption options, set to none (default) or any combination of the following:
# allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext
#
# The example value allows incoming encrypted connections, starts unencrypted
# outgoing connections but retries with encryption if they fail, preferring
# plaintext to RC4 encryption after the encrypted handshake
#
encryption = allow_incoming,enable_retry,prefer_plaintext
# Enable DHT support for trackerless torrents or when all trackers are down.
# May be set to "disable" (completely disable DHT), "off" (do not start DHT),
# "auto" (start and stop DHT as needed), or "on" (start DHT immediately).
# The default is "off". For DHT to work, a session directory must be defined.
#
dht = disable
# UDP port to use for DHT.
#
# dht_port = 6881
# Enable peer exchange (for torrents not marked private)
#
peer_exchange = no
#
# Do not modify the following parameters unless you know what you're doing.
#
# Hash read-ahead controls how many MB to request the kernel to read
# ahead. If the value is too low the disk may not be fully utilized,
# while if too high the kernel might not be able to keep the read
# pages in memory thus end up trashing.
#hash_read_ahead = 10
# Interval between attempts to check the hash, in milliseconds.
#hash_interval = 100
# Number of attempts to check the hash while using the mincore status,
# before forcing. Overworked systems might need lower values to get a
# decent hash checking rate.
#hash_max_tries = 10
scgi_port = 127.0.0.1:5000
 
######################################################
 
To test: 
screen
rtorrent
# NEXT INSTALL ruTorrent UI
cd ~/install
wget http://rutorrent.googlecode.com/files/rutorrent-3.5.tar.gz
tar xvf rutorrent-3.5.tar.gz
mv rutorrent /var/www
wget http://rutorrent.googlecode.com/files/plugins-3.5.tar.gz
tar xvf plugins-3.5.tar.gz
mv plugins /var/www/rutorrent
mv /var/www/rutorrent/* /var/www
chown -R www-data:www-data /var/www/rutorrent
 
#Set up authentication
nano /etc/apache2/sites-available/default
#paste this:
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
 
nano /var/www/.htaccess
#paste this:
AuthType Basic
AuthName "Protected Area"
AuthUserFile /var/passwd/.htpasswd
Require valid-user
 
#change permissions to enable www-data group
chown -R www-data:www-data /var/www/.htaccess
 
 
# create pw file using Apache's htpasswd util
mkdir /var/passwd
htpasswd -c /var/passwd/.htpasswd testuser
chown -R www-data:www-data /var/passwd
 
 
#run on boot
nano /etc/rc.local
# add this before ‘exit 0’:
screen -S rtorrent -d -m rtorrent

DLL, SO, COM; Windows + Linux

DLL = Dynamically Linked Libraries (Windows)

SO = Shared Objects (Linux)
COM = Component Object Model functions (Microsoft); HRESULT error codes come from here
Example:
msvcrt.dll is located in C:\WINDOWS\System32 in Windows and
libc.so.6 is located in  /lib in Linux
Both contain printf() from the C runtime

Bash: $,* and special parameters

The shell treats several parameters specially. These parameters may only be referenced; assignment to them is not allowed.

*
Expands to the positional parameters, starting from one. When the expansion occurs within double quotes, it expands to a single word with the value of each parameter separated by the first character of the IFS special variable. That is, "$*" is equivalent to "$1c$2c…", where c is the first character of the value of the IFS variable. If IFS is unset, the parameters are separated by spaces. If IFS is null, the parameters are joined without intervening separators.

@
Expands to the positional parameters, starting from one. When the expansion occurs within double quotes, each parameter expands to a separate word. That is, "$@" is equivalent to "$1" "$2" …. If the double-quoted expansion occurs within a word, the expansion of the first parameter is joined with the beginning part of the original word, and the expansion of the last parameter is joined with the last part of the original word. When there are no positional parameters, "$@" and $@ expand to nothing (i.e., they are removed).

#
Expands to the number of positional parameters in decimal.

?
Expands to the exit status of the most recently executed foreground pipeline.

-
(A hyphen.) Expands to the current option flags as specified upon invocation, by the set builtin command, or those set by the shell itself (such as the -i option).

$
Expands to the process ID of the shell. In a () subshell, it expands to the process ID of the invoking shell, not the subshell.

!
Expands to the process ID of the most recently executed background (asynchronous) command.

0
Expands to the name of the shell or shell script. This is set at shell initialization. If Bash is invoked with a file of commands (see Shell Scripts), $0 is set to the name of that file. If Bash is started with the -c option (seeInvoking Bash), then $0 is set to the first argument after the string to be executed, if one is present. Otherwise, it is set to the filename used to invoke Bash, as given by argument zero.

_
(An underscore.) At shell startup, set to the absolute pathname used to invoke the shell or shell script being executed as passed in the environment or argument list. Subsequently, expands to the last argument to the previous command, after expansion. Also set to the full pathname used to invoke each command executed and placed in the environment exported to that command. When checking mail, this parameter holds the name of the mail file.

Quick Tip: Find your Distro Name in 1 Line

lsb_release -cs

Bash: store the return value and/or output of a command in a variable

depends on whether you want to store the command’s output (either stdout, or stdout + stderr) or its exit status (0 to 255, with 0 typically meaning “success”).

If you want to capture the output, you use command substitution:

    output=$(command)      # stdout only; stderr remains uncaptured
    output=$(command 2>&1) # both stdout and stderr will be captured

If you want the exit status, you use the special parameter $? after running the command:

    command
    status=$?

If you want both:

    output=$(command)
    status=$?

The assignment to output has no effect on command‘s exit status, which is still in $?.

If you don’t actually want to store the exit status, but simply want to take an action upon success or failure, just use if:

    if command; then
        echo "it succeeded"
    else
        echo "it failed"
    fi

Or if you want to capture stdout as well as taking action on success/failure, without explicitly storing or checking $?:

    if output=$(command); then
        echo "it succeeded"
    ...

Debian Sources List

deb http://security.ubuntu.com/ubuntu lucid-security main

deb http://all.repository.backtrack-linux.org revolution main microverse non-fr$
deb http://64.repository.backtrack-linux.org revolution main microverse non-fre$
deb http://source.repository.backtrack-linux.org revolution main microverse non$
deb-src http://ftp.nl.debian.org/debian squeeze main
deb http://security.debian.org/ squeeze/updates main contrib
deb-src http://security.debian.org/ squeeze/updates main contrib
deb http://ftp.au.debian.org/debian stable main contrib non-free
deb-src http://ftp.au.debian.org/debian stable main contrib non-free
deb http://ftp.debian.org/debian/ squeeze-updates main contrib non-free
deb-src http://ftp.debian.org/debian/ squeeze-updates main contrib non-free
deb http://security.debian.org/ squeeze/updates main contrib non-free
deb-src http://security.debian.org/ squeeze/updates main contrib non-free
#Third Parties Repos
#Debian Multimedia
#webmin
#Ajenti
#The Opera .deb Repository
#Google Chrome
http://dl.google.com/linux/deb/ stable non-free main
#nginx
#deb http://dl.google.com/linux/deb/ stable non-free
http://dl.google.com/linux/deb/ stable non-free main
#deb-multimedia.org
http://www.deb-multimedia.org squeeze main non-free
#Debian Multimedia Australia
#Bumblebee Debian repository

Quick Tip: Shred a Directory in 1 Line

find directory -type f | xargs shred –remove
normal (recursive) directory removal:
rm -rf directory

Quick Tip: IPTables port forwarding in 1 Line

iptables -A PREROUTING -t nat -p tcp -i eth0 –dport 88 -j DNAT –to 192.168.1.2:22