Information Security

Backtrack 4: Information Gathering: Route: Lanmap – Passively map a network

Lanmap is one of those tools I never really used until now. Its actually very cool. Lanmap sits quietly on a network and builds a picture of what it sees and outputs it in svg,png or gif format. I let it run on a test network far a hour or so and was impressed with the output. The only drawback is that it doesn’t “see” through switches so it can only do the private subnet the computer is physically on.

Information Security

Backtrack 4: Information Gathering: Search Engine: Goorecon – Find emails and subdomains using Google

During the Information Gathering section of a pentest, we are interested in finding out the various sub-domains of our target domain. In the past few tutorials we queried DNS servers using zone transfer requests or trying to retrieve entries using a dictionary & brute-forcing attacks. Another technique to figure out sub-domains is to query google and check if it has found any sub-domains during it’s web mining exercise on the target. Goorecon can do this. Goorecon was written by Carlos (Darkoperator) Perez.

Technology Errors

How To mv Files With A Dash: mv: invalid option — 1, Try mv –help for more information

Recently I was moving files from one directory to another on a CentOS 5.4 server and ran into an issue. When attempting to move every single file in the directory I received an error which is noted below. It took me a couple minutes but I figured out by trial and error that the issue was related to files starting with a “-“(dash) because the mv command thought that I was attempting to use a switch. The resolution is easy using “./”. Look at the below examples for more information about the error and how it was resolved.