Playing with the cat (in the command line)
The name of cat utility is derived from its function to concatenate files, so nothing about kittens, i’m sorry!
Cover image courtesy of Ivo The Cat
Continue…The name of cat utility is derived from its function to concatenate files, so nothing about kittens, i’m sorry!
Cover image courtesy of Ivo The Cat
Continue…Keyloggers are often used by malicious softwares to steal sensitive data and login credentials.
During a malware analysis process is useful to know how a keylogger works.
Pyinstaller is a program that packages Python programs into stand-alone executables, under the most used OSs (Windows, Linux, Mac OS X, FreeBSD, Solaris and AIX).
Initially Pyinstaller had a beta feature that allows the cross-compilation of a windows executable under Linux.
However, due the instability of the feature, it has been removed since version 1.5.
This article has been written almost a year ago: in this months a lot of updates and bugfixes has been rolled up on hook.io infrastructure.
So it’s quite possible that the code snippets related to hook.io do not work correctly.
I will update the article with correct code, when i have time! 🙂
In this tutorial, i want to explain how to create a simple “Echo BOT” on Telegram using the WebHook feature and a microservice hosted on Hook.io.
Telegram currently support two ways of processing bot updates, getUpdates and setWebhook. getUpdates is a pull mechanism, setWebhook is push.
The main advantages of using a Webhook over getUpdates is pretty clear: as soon as an update arrives, it will delivered to your microservice for processing.
Microservices are small, independent processes that communicate with each other to form complex applications which utilize language-agnostic APIs.
These services are small building blocks, highly decoupled and focused on doing a small task, facilitating a modular approach to system-building
In this tutorial I suggest to use Hook.io.
This service provides an infrastructure that let you deploy HTTP microservices effortlessly: basically you can script HTTP requests without deploying an entire web stack.
On hook.io, microservices are represented by a single function matched to a single unique URL.
Let’s try to create this bot! (in 3 simple steps) 🙂
In order to register a bot with Telegram, you first need to create a personal Telegram account. Visit web.telegram.org and enter your phone number. Telegram will send you a text message and you can then create an account by following the instructions on the screen.
Once you have a Telegram account, you can register a new Telegram Bot by using BotFather.
Visit t.me/botfather and start a conversation with the “Telegram’s bot that creates other bots“.
To create a new bot, send the following command to Bot Father:
/newbot
You should get a reply instantly that asks you to choose a name for your Bot, so you can send the choosen name as chat message to BotFather.
BotFather will now ask you to pick a username for your Bot. This username has to end in bot, and be globally unique.
Now BotFather will send you a “Congratulations” message, which will include a token.
Take note of the token! 🙂
First, register an account on Hook.io (or use your GitHub account) and login.
Then create a new hook simply visiting the Create Hook section and choosing a name for your service:
On the Hook Source panel you can choose your programming language and you can provide here the code that will be executed when webhook will be triggered:
Now choose “Python” and write your code! 🙂
In other tutorial, i’ve find a simple pyhon code for an Echo Bot, like this:
import requests message=Hook['params']['message']['text'] chatID=Hook['params']['message']['chat']['id'] URL='https://api.telegram.org/bot<TOKEN>/sendMessage' req=requests.get(URL,verify=False,data={'chat_id':chatID,'text':message})
(where <TOKEN> is the API token send by BotFather)
The code simply retrieve the data from the webhook sended by telegram platform (the “Hook” object) and extract message and chatId of the sender.
Then create a request to Telegram API in order to send a message to the sender with the same text of original message.
However, in this code there is a tricky bug: in the webhook mode, Telegram servers send updates continuosly until receives an “200 Ok” response from the webhook page.
So, with this code, the microservice don’t send any response to the telegram platform, that continue to invoke the webhook page.
The result is a ‘bot loop’: your bot continuosly reply with the same message.
To solve this problem we need to write a code a little more complex, but with the ability to send a “200 Ok” response to Telegram servers, like this:
https://gist.github.com/andreafortuna/a39b24e62650a780267eceff2805b4c0
Now, the last step…
We have to tell the bot to use the newly created microservice.
To make this step, you can call, using cUrl or your browser, this link:
https://api.telegram.org/bot<TOKEN>/setWebhook?url=https://hook.io/<hook-user>/<hook-name>
where:
Once the URL is launched, if it’s okay, you’ll read something like this:
{"ok": true, "result": true, "description": "Webhook was set"}
And now the bot works correctly, without any loop:
Now have fun with your ‘Parrot BOT’!
SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities.
It uses known dorks in order to find vulnerable URLs.
pip install bs4 termcolor google
git clone https://github.com/Hadesy2k/sqliv.git
sudo python2 setup.py -i
python sqliv.py --help
usage: sqliv.py [-h] [-d D] [-e E] [-p P] [-t T] [-r]
optional arguments:
-h, --help show this help message and exit
-d D SQL injection dork
-e E search engine [Google only for now]
-p P number of websites to look for in search engine
-t T scan target website
-r reverse domain
1. Multiple domain scanning with SQLi dork
python sqliv.py -d <SQLI DORK> -e <SEARCH ENGINE>
python sqliv.py -d "inurl:index.php?id=" -e google
2. Targetted scanning
python sqliv.py -t <URL>
python sqliv.py -t www.example.com
python sqliv.py -t www.example.com/index.php?id=1
3. Reverse domain and scanning
python sqliv.py -t <URL> -r
CS Suite is tool for auditing the security posture of the AWS infrastructure, using current open source tools capabilities.
Do you know Wifite?Â
It’s a great wifi auditing tool, designed for use with pentesting distributions of Linux, such as Kali Linux, Pentoo, BackBox and any Linux distributions with wireless drivers patched for injection (so the script appears to also operate with Ubuntu 11/10, Debian 6, and Fedora 16).
The developer, Derv82, has recently released a new version of the tool, Wifite 2, designed entirely for the latest version of Kali Rolling release, with the support for the latest versions of Aircrack-ng suite, wash, reaver, tshark and cowpatty.
The new tool maintains the same interface and command line argument of the previous, but introduces a lot of changes:
So, the updated feature list is:
--pixie
)--reaver
)--no-reaver
)pyrit
, tshark
, cowpatty
, and aircrack-ng
-5
option)--cracked
command).-c <channel>
option)--crack
command)As usual, installation is very simple:
git clone https://github.com/derv82/wifite2.git
cd wifite2
./Wifite.py
https://github.com/derv82/wifite2
https://github.com/derv82/wifite2
https://github.com/derv82/wifite2
https://github.com/derv82/wifite2
https://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf
Gist.github.com is a great service provided by GitHub, useful to share code snippets.
You can share single files, parts of files, or full applications: every gist is a Git repository, which means that it can be forked and cloned.
I’ve developed this simple python script useful to share sourcecode on gist from command line:
https://gist.github.com/andreafortuna/bc5405026c933ff390134fec941fc9fc
Pretty simple!
For example, to publish the gist embed in this post, i’ve used this command:
python gist.py ./gist.py [GitHub Username] [GitHub Password]