Tonight I was working on creating some some listeners that run automatically on boot in Ubuntu. Not only should they run automatically but there should be scripts to start, stop, and watch the status of the listeners for incoming traffic. I also decided to add the items to the Ubuntu Applications menu and thought it would be neat if when the menu item was selected that it automatically launched a terminal window and ran the command automatically. Turns out that doing exactly that is really easy as explained below.
It is very common when obtaining wireless network handshakes to end up with a huge capture(.cap or .pcap typically) file. Previously purehate wrote this article on filtering out SSID specific EAPOL packets from a capture file but if you wanted to keep any and all packets related to a specific SSID including data packets, beacon frames, etc. the below tshark command will accomplish that. This is very similar to the previous article but will provide more data for the user and still slim down a capture file if you had packets from multiple SSID’s.
Installing SSLScan on OSX is documented numerous other places as well but you may not find the answer immediately when searching via the error output during an attempted install. Below is the output from attempting to install SSLScan on OSX without using the ports version of OpenSSL. Follow the directions below to get SSLScan working on OSX Lion.
While working on a PHP script on a CentOS Linux server that runs from crontab I ran into an issue where PHP was bogging the server down because of memory use. The script has a lot of output that is not necessary to store though when using the exec function within the PHP script it was storing the unneeded output to an away which I believe was causing the memory usage problem. At first I thought I simply needed to modify the memory_limit setting within php.ini however that was not the true issue at hand. Below I describe two items to look at modifying if you run into a similar issue.
Recently I needed to find out information about a Juniper router password which is stored as a hash in the router configuration. The tricky part is while the password hash is technically a MD5 hash it is modified to make it unique and make it harder to crack. Luckily there is a way to crack the hash using JTR (John The Ripper) though it will require that you also have the username associated to the password as the username is used as part of the salt for the hash. Below there is first information on how to crack Juniper hashes which are the same as Netscreen hashes followed by more information about the hash itself.