Linux Çorbası: Haziran 2017

15 Haziran 2017 Perşembe

LD_PRELOAD

Giriş

Açıklaması şöyle. Eğer uygulama binary dosyasında setcap yapılmışsa LD_PRELOAD çalışmayabilir

... OP's binary has privilege features added to it: capabilities. This switchs ld.so(8) into secure-execution mode which by default disables most dynamic-linker related environment variables, including LD_PRELOAD and LD_DEBUG.

Örnek
Şöyle yaparız. Burada kendim libsystem.so kütüphanesini yazıyorum. Amaç system() çağrısını kesip gelen parametrenin değerini değiştirmek

#define _GNU_SOURCE
#include <dlfcn.h>
#include <string>
#include <iostream>

typedef int (*orig_system_type)(const char *command);

extern "C" int system(const char *command)
{
    std::string new_cmd = std::string("set -f;") + command;
    // next line is for debuggin only
    std::cout << new_cmd << std::endl;

    orig_system_type orig_system;
    orig_system = (orig_system_type)dlsym(RTLD_NEXT,"system");
    return orig_system(new_cmd.c_str());
}

Derlemek için şöyle yaparız.

g++ -shared -fPIC -ldl -o libsystem.so system.cpp

Çalıştırmak için şöyle yaparız.

$ LD_PRELOAD=/path/to/libsystem.so ./myprogram

Örnek

Şöyle yaparız. Burada setlocal çağrısını kesiyoruz

# cc -shared -fPIC -xc - <<<
  'char *setlocale(int c, const char *l){ errx(1, "not today"); }' -o /usr/lib64/liblo.so
# chmod 4755 /usr/lib64/liblo.so

Şöyle yaparız

$ LD_PRELOAD=liblo.so su -
su: not today

13 Haziran 2017 Salı

Aircrack Suite

Kurulum
Şöyle yaparız

sudo apt-get install aircrack-ng

airodump-ng komutu
Şöyle yaparız.

airodump-ng wlan0mon

check seçeneği
Şöyle yaparız.

sudo airmon-ng check kill

start seçeneği
Şöyle yaparız. Monitor Mod = On yapar.

sudo airmon-ng start wlan1

wifite komutu
Şöyle yaparız

sudo apt-get install wifite

-cracked seçeneği
Şöyle yaparız

wifite -cracked

10 Haziran 2017 Cumartesi

dumpcap

-f seçeneği
Açıklaması şöyle

-f

Set the capture filter expression.

The entire filter expression must be specified as a single argument (which means that if it contains spaces, it must be quoted).

This option can occur multiple times. If used before the first occurrence of the -i option, it sets the default capture filter expression. If used after an -i option, it sets the capture filter expression for the interface specified by the last -i option occurring before this option. If the capture filter expression is not set specifically, the default capture filter expression is used if provided.

Şöyle yaparız.

dumpcap -i wlp2s0 -b filesize:100000 -w capture.pcapng -a duration:18000
  -f `wlan addr1 d4:be:d9:5b:a6:45'

1 Haziran 2017 Perşembe

ntpd

-g seçeneği

Açıklaması şöyle

-g

Normally, ntpd exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that, ntpd will exit with a message to the system log. This option can be used with the -q and -x options. See the tinker command for other options.

Örnek

Şöyle yaparız

ntpd -g -x -q pool.ntp.org

ntp.conf Dosyası
Giriş
Bu dosyanın yolu /etc/ntp.conf şeklinde.

Örnek - client

Şöyle yaparız

driftfile /var/lib/ntp/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

server 192.168.0.51

restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Needed for adding pool entries
restrict source notrap nomodify noquery

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
disable auth
broadcastclient

minpoll Alanı
Açıklaması şöyle

minpoll minpoll
maxpoll maxpoll
    These options specify the minimum and maximum poll intervals for NTP 
    messages, in seconds as a power of two. The maximum poll interval 
    defaults to 10 (1024 s), but can be increased by the maxpoll option to 
    an upper limit of 17 (36 h). The minimum poll interval defaults to 6 (64 s), 
    but can be decreased by the minpoll option to a lower limit of 3 (8 s).