Woah!! incredible, truly awesome piece of art work indeed!
http://gryf.feathers.net/
Sunday, June 24, 2007
Wednesday, June 20, 2007
VMware's vmmon is broken under Ubuntu Feisty (7.04)
You can install the VMware Workstation on Ubuntu Feisty Fawn (7.04) like this:
rplantado@rexubuntu:~/Installers/vmware-distrib$ sudo ./vmware-config.pl
Then, just follow the wizard and accept the default values. But along with the installation process, it halted with the following error when compiling the vmmon module:
What is the location of the directory of C header files that match your running
kernel? [/usr/src/linux-headers-2.6.20-16-386/include]
Extracting the sources of the vmmon module.
Building the vmmon module.
Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-config4/vmmon-only'
make -C /usr/src/linux-headers-2.6.20-16-386/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.20-16-386'
CC [M] /tmp/vmware-config4/vmmon-only/linux/driver.o
In file included from /tmp/vmware-config4/vmmon-only/linux/driver.c:80:
/tmp/vmware-config4/vmmon-only/./include/compat_kernel.h:21: error: expected declaration specifiers or ‘...’ before ‘compat_exit’
/tmp/vmware-config4/vmmon-only/./include/compat_kernel.h:21: error: expected declaration specifiers or ‘...’ before ‘exit_code’
/tmp/vmware-config4/vmmon-only/./include/compat_kernel.h:21: warning: type defaults to ‘int’ in declaration of ‘_syscall1’
make[2]: *** [/tmp/vmware-config4/vmmon-only/linux/driver.o] Error 1
make[1]: *** [_module_/tmp/vmware-config4/vmmon-only] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.20-16-386'
make: *** [vmmon.ko] Error 2
make: Leaving directory `/tmp/vmware-config4/vmmon-only'
Unable to build the vmmon module.
For more information on how to troubleshoot module-related problems, please
visit our Web site at "http://www.vmware.com/download/modules/modules.html" and
"http://www.vmware.com/support/reference/linux/prebuilt_modules_linux.html".
Execution aborted.
Solution: Edit compat_kernel.h in vmmon.tar:
Steps:
Go to the vmmon folder:
rplantado@rexubuntu:~/cd /usr/lib/modules/source/
Create backup copy of vmmon.tar:
rplantado@rexubuntu:/usr/lib/modules/source/$ cp vmmon.tar vmmon.tar.backup
Extract the tar file to its folder vmmon-only:rplantado@rexubuntu:/usr/lib/modules/source/$ tar -xvf vmmon.tar
Open the include file compat_kernel.h:
rplantado@rexubuntu:/usr/lib/modules/source/$ vim vmmon-only/include/compat_kernel.h
Search and comment out the line:static inline _syscall1(int, compat_exit, int, exit_code);
So it should look like:
/* static inline _syscall1(int, compat_exit, int, exit_code); */
Put back the files into vmmon.tar again:
rplantado@rexubuntu:/usr/lib/modules/source/$ chmod 755 vmmon.tar
rplantado@rexubuntu:/usr/lib/modules/source/$ tar -cvf vmmon.tar vmmon-only
Then repeat the installation process and it should be smooth now..
rplantado@rexubuntu:~/Installers/vmware-distrib$ sudo ./vmware-config.pl
:
:
Building the vmnet module.
Using 2.6.x kernel build system.
make: Entering directory `/tmp/vmware-config5/vmnet-only'
make -C /usr/src/linux-headers-2.6.20-16-386/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.20-16-386'
CC [M] /tmp/vmware-config5/vmnet-only/driver.o
CC [M] /tmp/vmware-config5/vmnet-only/hub.o
CC [M] /tmp/vmware-config5/vmnet-only/userif.o
CC [M] /tmp/vmware-config5/vmnet-only/netif.o
CC [M] /tmp/vmware-config5/vmnet-only/bridge.o
CC [M] /tmp/vmware-config5/vmnet-only/procfs.o
CC [M] /tmp/vmware-config5/vmnet-only/smac_compat.o
SHIPPED /tmp/vmware-config5/vmnet-only/smac_linux.x386.o
LD [M] /tmp/vmware-config5/vmnet-only/vmnet.o
Building modules, stage 2.
MODPOST 1 modules
WARNING: could not find /tmp/vmware-config5/vmnet-only/.smac_linux.x386.o.cmd for /tmp/vmware-config5/vmnet-only/smac_linux.x386.o
CC /tmp/vmware-config5/vmnet-only/vmnet.mod.o
LD [M] /tmp/vmware-config5/vmnet-only/vmnet.ko
make[1]: Leaving directory `/usr/src/linux-headers-2.6.20-16-386'
cp -f vmnet.ko ./../vmnet.o
make: Leaving directory `/tmp/vmware-config5/vmnet-only'
The module loads perfectly in the running kernel.
Starting VMware services:
Virtual machine monitor done
Virtual ethernet done
Bridged networking on /dev/vmnet0 done
Host-only networking on /dev/vmnet1 (background) done
Host-only networking on /dev/vmnet8 (background) done
NAT service on /dev/vmnet8 done
The configuration of VMware Workstation 5.5.4 build-44386 for Linux for this
running kernel completed successfully.
You can now run VMware Workstation by invoking the following command:
"/usr/bin/vmware".
Enjoy,
--the VMware team
Tuesday, June 19, 2007
Monday, May 28, 2007
Hot!! ti-98 titanium virus!! Hot!!
Piotr Bania created the world's first ti-98 Titanium virus!
Take note, its an EPO virus.
Here's the link: http://piotrbania.com/all/ti89/
For educational purposes only!!
Cheers!
Take note, its an EPO virus.
Here's the link: http://piotrbania.com/all/ti89/
For educational purposes only!!
Cheers!
Saturday, May 19, 2007
Are you pretty?
----------------Girls---------------
-----------are like apples-----------
-------on trees. The best ones------
-----are at the top of the tree.------
---The boys dont want to reach----
--for the good ones because they---
-r afraid of falling and getting hurt.-
-Instead, they get the rotten apples-
from the ground that arent as good,
but easy. So the apples up top think
something wrong with them when in
-reality they're amazing. They just--
---have to wait for the right boy to-
---- come along, the one who's-----
----------- brave enough to--------
---------------climb all------------
---------------the way------------
---------------to the top-- --------
-----------are like apples-----------
-------on trees. The best ones------
-----are at the top of the tree.------
---The boys dont want to reach----
--for the good ones because they---
-r afraid of falling and getting hurt.-
-Instead, they get the rotten apples-
from the ground that arent as good,
but easy. So the apples up top think
something wrong with them when in
-reality they're amazing. They just--
---have to wait for the right boy to-
---- come along, the one who's-----
----------- brave enough to--------
---------------climb all------------
---------------the way------------
---------------to the top-- --------
Wednesday, April 25, 2007
[Tip 0.3] ln: do you like it soft or hard?
ln is a linux command to create a symbolic link to a file. The link could be hard or soft.
Hard Link:
- create another file (or entry to directory file) that reference to the same inode number (or disk block/s).
- attributes/permissions are carried out when the file has been changed/removed
- apply for files only (not directory)
- can not span hard drives (ie. hard link in /dev/hda/ that points to a file from /dev/hdb)
Example:
How to create a hard link 'tlink' that points to test (must be file only, NOT directory):
rex@rexubuntu:~$ ln test tlink
How to create another hard link 'tlink'2 that points to test (must be file only, NOT directory):
rex@rexubuntu:~$ ln test tlink2
How to identify hard links? Issue the command below and check for the same inode numbers:
rex@rexubuntu:~$ ls -il
8437999 -rw-r--r-- 2 rex rex 0 2007-04-25 15:02 test
8437999 -rw-r--r-- 2 rex rex 0 2007-04-25 15:02 tlink
8437999 -rw-r--r-- 2 rex rex 0 2007-04-25 15:02 tlink2
Having the same inode numbers means that the files: test, tlink and tlink2 are three files pointing to the same inode/s or disk blocks. Just think of them as 2 copies of test.
Soft Link:
- analogous to Windows shortcut file. It contains the path of the target file, and when the target file has been removed/deleted, the soft link is broken.
- file that contains the path of another file
Example:
How to create a soft symbolic link named 'slink' that points to file 'test' (could be a file or directory):
rex@rexubuntu:~$ ln -s test slink
rex@rexubuntu:~$ ls -il
8438031 lrwxrwxrwx 1 rex rex 4 2007-04-25 15:18 slink -> test
Note: test file should be existing
How to display soft links? Symlinks end with @ when you use the command:
$ ls -F
slink@
or
$ ls -l
lrwxrwxrwx 1 rex rex 4 2007-04-25 15:18 slink -> test
What if..a malicious software (malware) creates multiple (random) hard links to itself to avoid being completely deleted from the system. How would you completely clean the infection? Ok, lets say you were able to spot the file and terminate the process and delete the file. Then the next morning, you see another instance/copy of the malware. You suspect that there could be more other copies of itself that are still lurking in your system. So in order to remove all the copied files of the malware in your system you gotta be able to find all of its copies. So the next question would be: how would you know all of its instances or copies when you got one of its hard links or copies manually?
Well, first lets define inode. inode is the data structure that stores information about a file in Unix file system. Its number uniquely identifies the file. Its a basic building block of the file. So a file must have atleast one inode that also contains info about the data, permission,etc of the file. A file contains the (a) data and (b) filename parts. The data part is associated with inode structure and the filename is associated to name of the file and the inode number.
How to identify all hard links pointing to the same inode? There's no single command that would do this. It requires a little scripting and filtering. So its your choice. But basically, you have to search from the root directory and checking their inode number with the inode you identified as your input. I've found a simple solution from googling and it worked:
Another approach is:
How to remove a link:
$ rm <linkname>
Remember that in *NIX world, everything is a file or directory. So rm would work.
Hard Link:
- create another file (or entry to directory file) that reference to the same inode number (or disk block/s).
- attributes/permissions are carried out when the file has been changed/removed
- apply for files only (not directory)
- can not span hard drives (ie. hard link in /dev/hda/ that points to a file from /dev/hdb)
Example:
How to create a hard link 'tlink' that points to test (must be file only, NOT directory):
rex@rexubuntu:~$ ln test tlink
How to create another hard link 'tlink'2 that points to test (must be file only, NOT directory):
rex@rexubuntu:~$ ln test tlink2
How to identify hard links? Issue the command below and check for the same inode numbers:
rex@rexubuntu:~$ ls -il
8437999 -rw-r--r-- 2 rex rex 0 2007-04-25 15:02 test
8437999 -rw-r--r-- 2 rex rex 0 2007-04-25 15:02 tlink
8437999 -rw-r--r-- 2 rex rex 0 2007-04-25 15:02 tlink2
Having the same inode numbers means that the files: test, tlink and tlink2 are three files pointing to the same inode/s or disk blocks. Just think of them as 2 copies of test.
Soft Link:
- analogous to Windows shortcut file. It contains the path of the target file, and when the target file has been removed/deleted, the soft link is broken.
- file that contains the path of another file
Example:
How to create a soft symbolic link named 'slink' that points to file 'test' (could be a file or directory):
rex@rexubuntu:~$ ln -s test slink
rex@rexubuntu:~$ ls -il
8438031 lrwxrwxrwx 1 rex rex 4 2007-04-25 15:18 slink -> test
Note: test file should be existing
How to display soft links? Symlinks end with @ when you use the command:
$ ls -F
slink@
or
$ ls -l
lrwxrwxrwx 1 rex rex 4 2007-04-25 15:18 slink -> test
What if..a malicious software (malware) creates multiple (random) hard links to itself to avoid being completely deleted from the system. How would you completely clean the infection? Ok, lets say you were able to spot the file and terminate the process and delete the file. Then the next morning, you see another instance/copy of the malware. You suspect that there could be more other copies of itself that are still lurking in your system. So in order to remove all the copied files of the malware in your system you gotta be able to find all of its copies. So the next question would be: how would you know all of its instances or copies when you got one of its hard links or copies manually?
Well, first lets define inode. inode is the data structure that stores information about a file in Unix file system. Its number uniquely identifies the file. Its a basic building block of the file. So a file must have atleast one inode that also contains info about the data, permission,etc of the file. A file contains the (a) data and (b) filename parts. The data part is associated with inode structure and the filename is associated to name of the file and the inode number.
How to identify all hard links pointing to the same inode? There's no single command that would do this. It requires a little scripting and filtering. So its your choice. But basically, you have to search from the root directory and checking their inode number with the inode you identified as your input. I've found a simple solution from googling and it worked:
find <location> -samefile foobarwhere foobar is a found link(whether original or not) and <location> is where you want to search. (ie. / to get all of them).
Another approach is:
find <location> -inum nnnnnnwhere nnnnnn is the inode number of the known file that you established with "ls -li".
How to remove a link:
$ rm <linkname>
Remember that in *NIX world, everything is a file or directory. So rm would work.
Friday, April 20, 2007
Thursday, April 19, 2007
Linux here is everywhere
My company doesnt love Windows, or maybe they just love free software thats why they dont use Windows that much. Its evident with the desktop and application they're using. I think 90% are using non-windows systems here. Meaning time for me to learn and migrate to *nix desktop too! Its kind of hard for someone using the Windows systems for more than 6 years. Have to re-learn how to install, rebuild from source, vi/vim editor, setup/install/upgrade via command shell, remote access using ssh, forget about Visual Studio and use GEdit/KDevelop/etc instead, and many more things. Its cool, but it takes a little time..hehe!
But I wanna try Gentoo..of the most powerful and yet trickiest distros on earth!
But I wanna try Gentoo..of the most powerful and yet trickiest distros on earth!
Ubuntu 7.04 (Fiesty Fawn) released!
Yes, today is the scheduled released of the much awaited Fiesty Fawn!
More info below:
http://www.debianadmin.com/ubuntu-704-feisty-fawn-release-dates.html
http://distrowatch.com/?newsid=04178
Now, its time to update my Ubuntu 6.10 (Edgy Eft) to Fiesty Fawn!!
Note: Ubuntu requires an incremental upgrade. If you're using Ubuntu 5.10, upgrade to 6.10 first before you can go to 7.04.
But its as easy as running the System->Administration->Package Manager. It should prompt you to install any available updates including upgrades.
If not, you can manually click the Check update button to check and get the updates! If you click the Install Updates button, it first will install some application updates. Clicking the Upgrade button will start the upgrade process. Then the release note is displayed. Click Upgrade button and you're on your way to upgrade your Edgy to Fiesty.
You'll be asked for the password since its a system-wide change.
Then it will prepare the distribution upgrade before prompting to proceed the real upgrade.
Depends on your internet speed, the upgrade could take hours or even days to complete. After the upgrade you can check if it indeed has been upgraded. Some of ways to check your Ubuntu version are like:
cat /etc/issue
or
lsb_release -a
or
cat /etc/lsb_release
That's how you upgrade using the GUI. Smooth. :)
If you're a CLI guru, then you can upgade using apt-get command (not advisable). If you want some pain in the ass, try it the hard way, check how here or there .
So whats up with this upgrade foo??!
Shuttleworth said “the main themes for development in this release will be improvements to hardware support in the laptop, desktop and high-end server market, and an aggressive adoption of emerging desktop technologies.”Ubuntu’s Feisty release will put the spotlight on multimedia enablement and desktop effects. We expect this to be a very gratifying release for both users and developers”.
More info below:
http://www.debianadmin.com/ubuntu-704-feisty-fawn-release-dates.html
http://distrowatch.com/?newsid=04178
Now, its time to update my Ubuntu 6.10 (Edgy Eft) to Fiesty Fawn!!
Note: Ubuntu requires an incremental upgrade. If you're using Ubuntu 5.10, upgrade to 6.10 first before you can go to 7.04.
But its as easy as running the System->Administration->Package Manager. It should prompt you to install any available updates including upgrades.
If not, you can manually click the Check update button to check and get the updates! If you click the Install Updates button, it first will install some application updates. Clicking the Upgrade button will start the upgrade process. Then the release note is displayed. Click Upgrade button and you're on your way to upgrade your Edgy to Fiesty.
You'll be asked for the password since its a system-wide change.
Then it will prepare the distribution upgrade before prompting to proceed the real upgrade.
Depends on your internet speed, the upgrade could take hours or even days to complete. After the upgrade you can check if it indeed has been upgraded. Some of ways to check your Ubuntu version are like:cat /etc/issue
or
lsb_release -a
or
cat /etc/lsb_release
That's how you upgrade using the GUI. Smooth. :)
If you're a CLI guru, then you can upgade using apt-get command (not advisable). If you want some pain in the ass, try it the hard way, check how here or there .
So whats up with this upgrade foo??!
Shuttleworth said “the main themes for development in this release will be improvements to hardware support in the laptop, desktop and high-end server market, and an aggressive adoption of emerging desktop technologies.”Ubuntu’s Feisty release will put the spotlight on multimedia enablement and desktop effects. We expect this to be a very gratifying release for both users and developers”.
“Edgy has been a wild ride, with some remarkable achievements (nothing like re-inventing and substantially improving on init!). Feisty will be a little more focused on features that are very visible to end-users,”
Tip 0.2: /usr/include/net/bpf.h header doesnt exist
BPF (Berkeley Packet Filter) is not supported by default by non-BSD systems, (ie. Ubuntu and other Linux).
So whenever you'll code something (especially libpcap -based ones) on these platforms, all you can do is to install libpcap library because it has the compatible header file bpf.h. Just copy the
Solution:
1. Install the libpcap library
Download the latest libpcap from here and extract to your own folder.
Note: Read the INSTALL.txt for instruction:
a) ./configure
By default, there is no flex/bison installed, so use the Synaptic Manager (easier way) to get and install flex/bison. They're required in building the libpcap.
Or by using the apt-get:
b) make
c) make install
2. copy the file:
3. you can now build your libpcap progy.
Note: If this is the first time you would compile/build libpcap or any C/C++ program in Ubuntu, you probably need to setup/install most of the needed stuff in development, like include files, compiler,etc. Heres how:
Install Linux source:
Install Linux headers:
Install C/C++ builder:
Install Kernel source:
You can also install your favorite IDE, like GEdit,KDevelop, or the old school vi/vim.
Cheers!
So whenever you'll code something (especially libpcap -based ones) on these platforms, all you can do is to install libpcap library because it has the compatible header file bpf.h. Just copy the
Solution:
1. Install the libpcap library
Download the latest libpcap from here and extract to your own folder.
Note: Read the INSTALL.txt for instruction:
a) ./configure
By default, there is no flex/bison installed, so use the Synaptic Manager (easier way) to get and install flex/bison. They're required in building the libpcap.
Or by using the apt-get:
sudo apt-get install flex
sudo apt-get install bison
b) make
c) make install
2. copy the file:
cp /usr/include/pcap-bpf.h /usr/include/net/bpf.h
Change the path accordingly if needed.3. you can now build your libpcap progy.
Note: If this is the first time you would compile/build libpcap or any C/C++ program in Ubuntu, you probably need to setup/install most of the needed stuff in development, like include files, compiler,etc. Heres how:
Install Linux source:
~$ sudo apt-get install linux-tree
Install Linux headers:
~$ sudo apt-get install linux-headers-'uname -r'
Install C/C++ builder:
~$ sudo apt-get install build-essential
Install Kernel source:
~$ sudo apt-get install linux-source
You can also install your favorite IDE, like GEdit,KDevelop, or the old school vi/vim.
Cheers!
Saturday, April 07, 2007
Canada - a new destination!
Im here at last! New page of another chapter in my life..Hopefully, I would like it here and stay for good. The place looks very nice and exciting.
Zandro and Gilou picked me up from the Vancouver airport going to Rodel's house at New Westminster, BC, where I would be staying temporarily. After unloading all my luggages, we headed to Thai's restaurant near the office place to lunch. Then, Gilou left us and I asked help from bud Zandro to pick some grocery enough for the weekend. Then I went home (Rodel's flat) and fixed my internet connection to check mails and contact my family and friends in the Philippines.
I've watched the LA Lakers and SuperSonics game at 7:30PM, while eating my left over from Thai's restaurant when my eyes started to fall. I even cant remember if I was able to finish the game lolz! So I went up, with my eyes about to give up, I rested my exhausted body and drained eyes.
I woke up around 3AM and felt a little bit hungry. My body clock is still adjusting, and I couldnt sleep after the snacks. So I just surfed the net and started blogging. Its now 6:30 AM and I want to go back to bed to rest again =) Bye for now and see you around!
Zandro and Gilou picked me up from the Vancouver airport going to Rodel's house at New Westminster, BC, where I would be staying temporarily. After unloading all my luggages, we headed to Thai's restaurant near the office place to lunch. Then, Gilou left us and I asked help from bud Zandro to pick some grocery enough for the weekend. Then I went home (Rodel's flat) and fixed my internet connection to check mails and contact my family and friends in the Philippines.
I've watched the LA Lakers and SuperSonics game at 7:30PM, while eating my left over from Thai's restaurant when my eyes started to fall. I even cant remember if I was able to finish the game lolz! So I went up, with my eyes about to give up, I rested my exhausted body and drained eyes.
I woke up around 3AM and felt a little bit hungry. My body clock is still adjusting, and I couldnt sleep after the snacks. So I just surfed the net and started blogging. Its now 6:30 AM and I want to go back to bed to rest again =) Bye for now and see you around!
Friday, March 23, 2007
Saturday, March 03, 2007
Im back!!
I've been in hiatus for a long while..
A crucial decision making in my career (duh meron ba?? =)) made me step back for a while.
It seems a turning point came into my life..need to sit down and take a deep breath, then relax.
But in the end, I'm still lucky, coz everything in me now has some reasons towards a better path.
So lets continue sailing going to the Blue Ocean... ;-)
A crucial decision making in my career (duh meron ba?? =)) made me step back for a while.
It seems a turning point came into my life..need to sit down and take a deep breath, then relax.
But in the end, I'm still lucky, coz everything in me now has some reasons towards a better path.
So lets continue sailing going to the Blue Ocean... ;-)
Thursday, December 07, 2006
Tip 0.1: Wanna see the MFC source code?
You can see the source code of MFC (Microsoft Foundation Class library) by opening the file MFC.BSC in Visual Studio IDE. Simple isn't it? :)
eEye 0day tracking
another useful initiative from eEye : http://research.eeye.com/html/alerts/zeroday/index.html
Tuesday, November 14, 2006
Microsoft acquired Firefox!
Microsoft's IE (Internet Exploder) and Mozilla's Firefox are two major next-gen browsers today.
They even almost have released their new versions at the same time a couple of weeks ago, when Microsoft unveiled its IE7 while Mozilla released its Firefox 2, with each bundled with new security aware anti-phising feature, ease of use with their tabbed browsing, RSS Reading, etc.
Internet users were so excited about the development and they wanted to try them right away, which will win the competition. Reports showed that Firefox whipped IE (as always) based on the number of downloads after one week of the release. One comparison about the two browers performance was posted here.
Now..what do you think will happen if the two great browsers merge their technologies? Or shall I say, if Microsoft will acquire the Firefox? Introducing....MS Firefox 2007! :)
Well, actually they already did. Check this out! LOLs
Three interesting features are:
- msfirefox mail beta :-)
- TakeOver Technology ;-)
- AKobe Phlash ;-)
Wednesday, November 08, 2006
time to laugh..
after working, its time to relax..and laugh out loud wehehehe :)
aside from youtube, theres video.google.com, and metacafe
aside from youtube, theres video.google.com, and metacafe
Friday, November 03, 2006
Its Snow Time!!
Yaho!! Its raining snow na! =)
Ganun pag dka sanay makakita ng snow hehehe manol!
Webapplist.com
Some nice web applications like
- pdf conversion
- sending large files
- word processor
- online virus scanning etc.
Take a look at this site.
Wednesday, November 01, 2006
Fuzzers – The ultimate list
This is a list of programs or websites that offer fuzzing tools:
(L)ibrary (E)xploit API - lxapi - A collection of python scripts for fuzzing
Mangle - A fuzzer for generating odd HTML tags, it will also autolaunch a browser. Mangle found the infamous IFRAME IE bug.
SPIKE - A collection of many fuzzers from Immunity. Used to find the recent remote RDP kernel DoS against a firewalled XP SP2, and many others.
PROTOS WAP - A fuzzer from the PROTOS project for fuzzing WAP.
PROTOS HTTP-reply - Another fuzzer from the PROTOS dudes for attack HTTP responses, useful for broswer vulns.
PROTOS LDAP - For fuzzing LDAP, not as successful as the others from the PROTOS project
PROTOS SNMP - Classic SNMP fuzzer, found a vuln in almost every networking gear available at the time (2002).
PROTOS SIP - For fuzzing all those new VOIP SIP devices you see everywhere.
PROTOS ISAKMP - For attacking IPSec implementations
RIOT & faultmon - For attacking plain text protocols (Telnet, HTTP, SMTP). Used by Riley Hassell when he worked at eEye to discover the IIS .printer overflow and included in The Shellcoder's Handbook.
SPIKE Proxy - A semi-functional web fuzzer from the guys at Immunity that brought you the original SPIKE
Tag Brute Forcer - Awesome fuzzer from Drew Copley at eEye for attacking all of those custom ActiveX applications. Used to find a bunch of nasty IE bugs, including some really hard to reach heap overflows.
FileFuzz - A file format fuzzer for PE (Windows) binaries from iDefense. Has a pretty GUI. I've recently used it to find bugs in Word.
SPIKEFile - Another file format fuzzer for attacking ELF (Linux) binaries from iDefense. Based off of SPIKE listed above.
notSPIKFile - A ELF fuzzer closely related to FileFuzz, instead of using SPIKE as a starting point.
Screaming Cobra - Name makes the fuzzer sound better than it really is, but is good for finding CGI bugs. Also, its a perl scrpt so easy to modify or extend.
WebFuzzer - A fuzzer for (guess what?) web app vulns. Just as good as some of the cheap commercial web fuzzers.
eFuzz - A generic TCP/IP protocol fuzzer. Easy to use, but maybe not as full featured as some others on this list.
Peach Fuzzer - A great fuzzer written by Michael Eddington. Peach Fuzzer is more of a framework for building fuzzers.
Fuzz - The ORIGINAL fuzzer developed by Dr. Barton Miller at my Alma Matter, the University of Wisconsin-Madison in 1990. Go badgers!
Fuzzball2 is a little fuzzer for TCP and IP options. It sends a bunch of more or less bogus packets to the host of your choice.
Fuzzer version 1.1 is a multi protocol fuzzing tool written in Python. It can be used to find new SQL injection, format string, buffer overflow, directory traversal, and other vulnerabilities. Written with portability in mind.
Scratch is an advanced protocol destroyer ("fuzzer") which can routinely find a wide variety of vulnerabilities from a simple packet. scratch does complex parsing of binary files to determine what to fuzz with what data. scratch also comes with a framework for fuzzing binary protocols such as SSL and SMB.
>Some websites/links:
http://software.tripbit.net/mistress/
http://www.cirt.dk/tools/fuzzer/fuzzer.txt
http://metasploit.blogspot.com/2006/03/browser-fuzzing-for-fun-and-profit.html
http://www.digitaldwarf.be
http://antiparser.sourceforge.net/
WSFuzzer - claims to test SOAP based web services.
www.musecurity.com
http://www.secdev.org/projects/scapy/
>ActiveX/COM fuzzers:
AXFuzz A tool from Shane Hird for "fuzzing" the IDispatch interface of the components, as well as any IDispatch interfaces returned from the methods, by calling every method with garbage values, or overly long BSTRs.
COMRaider David Zimmer of iDefense has released this tool designed to fuzz COM Object Interfaces. COMRaider includes:
- capability to easily enumerate safe for scripting objects
- ability to scan for COM objects by path, filename, or guid
- integrated type library viewer
- integrated debugger to monitor exceptions, close windows,log api
- external vbs script allows you to easily edit fuzzer permutations
- built in webserver to test exploits on the fly
- distributed auditing mode to allow entire teams to work together
- ability to upload crash files to central server for group analysis
- automation tools allowing you to easily fuzz multiple libraries
- individual classes, or specific functions.
You can watch a video tour of COMRaider in http://labs.idefense.com/doDownload.php?downloadID=24
Hamachi A community-developed utility for verifying browser integrity, written by H D Moore and Aviv Raff. Hamachi will look for common DHTML implementation flaws by specifying common "bad" values for method arguments and property values. Hamachi has found flaws in Firefox 1.0.7, Mozilla 1.7, Konqueror 3.5.1, Opera 8.5, Safari, and Internet Explorer!.
Original text taken from: http://www.infosecinstitute.com/blog/2005/12/fuzzers-ultimate-list.html
------
Update:
AxMan - http://metasploit.com/users/hdm/tools/axman/
(L)ibrary (E)xploit API - lxapi - A collection of python scripts for fuzzing
Mangle - A fuzzer for generating odd HTML tags, it will also autolaunch a browser. Mangle found the infamous IFRAME IE bug.
SPIKE - A collection of many fuzzers from Immunity. Used to find the recent remote RDP kernel DoS against a firewalled XP SP2, and many others.
PROTOS WAP - A fuzzer from the PROTOS project for fuzzing WAP.
PROTOS HTTP-reply - Another fuzzer from the PROTOS dudes for attack HTTP responses, useful for broswer vulns.
PROTOS LDAP - For fuzzing LDAP, not as successful as the others from the PROTOS project
PROTOS SNMP - Classic SNMP fuzzer, found a vuln in almost every networking gear available at the time (2002).
PROTOS SIP - For fuzzing all those new VOIP SIP devices you see everywhere.
PROTOS ISAKMP - For attacking IPSec implementations
RIOT & faultmon - For attacking plain text protocols (Telnet, HTTP, SMTP). Used by Riley Hassell when he worked at eEye to discover the IIS .printer overflow and included in The Shellcoder's Handbook.
SPIKE Proxy - A semi-functional web fuzzer from the guys at Immunity that brought you the original SPIKE
Tag Brute Forcer - Awesome fuzzer from Drew Copley at eEye for attacking all of those custom ActiveX applications. Used to find a bunch of nasty IE bugs, including some really hard to reach heap overflows.
FileFuzz - A file format fuzzer for PE (Windows) binaries from iDefense. Has a pretty GUI. I've recently used it to find bugs in Word.
SPIKEFile - Another file format fuzzer for attacking ELF (Linux) binaries from iDefense. Based off of SPIKE listed above.
notSPIKFile - A ELF fuzzer closely related to FileFuzz, instead of using SPIKE as a starting point.
Screaming Cobra - Name makes the fuzzer sound better than it really is, but is good for finding CGI bugs. Also, its a perl scrpt so easy to modify or extend.
WebFuzzer - A fuzzer for (guess what?) web app vulns. Just as good as some of the cheap commercial web fuzzers.
eFuzz - A generic TCP/IP protocol fuzzer. Easy to use, but maybe not as full featured as some others on this list.
Peach Fuzzer - A great fuzzer written by Michael Eddington. Peach Fuzzer is more of a framework for building fuzzers.
Fuzz - The ORIGINAL fuzzer developed by Dr. Barton Miller at my Alma Matter, the University of Wisconsin-Madison in 1990. Go badgers!
Fuzzball2 is a little fuzzer for TCP and IP options. It sends a bunch of more or less bogus packets to the host of your choice.
Fuzzer version 1.1 is a multi protocol fuzzing tool written in Python. It can be used to find new SQL injection, format string, buffer overflow, directory traversal, and other vulnerabilities. Written with portability in mind.
Scratch is an advanced protocol destroyer ("fuzzer") which can routinely find a wide variety of vulnerabilities from a simple packet. scratch does complex parsing of binary files to determine what to fuzz with what data. scratch also comes with a framework for fuzzing binary protocols such as SSL and SMB.
>Some websites/links:
http://software.tripbit.net/mistress/
http://www.cirt.dk/tools/fuzzer/fuzzer.txt
http://metasploit.blogspot.com/2006/03/browser-fuzzing-for-fun-and-profit.html
http://www.digitaldwarf.be
http://antiparser.sourceforge.net/
WSFuzzer - claims to test SOAP based web services.
www.musecurity.com
http://www.secdev.org/projects/scapy/
>ActiveX/COM fuzzers:
AXFuzz A tool from Shane Hird for "fuzzing" the IDispatch interface of the components, as well as any IDispatch interfaces returned from the methods, by calling every method with garbage values, or overly long BSTRs.
COMRaider David Zimmer of iDefense has released this tool designed to fuzz COM Object Interfaces. COMRaider includes:
- capability to easily enumerate safe for scripting objects
- ability to scan for COM objects by path, filename, or guid
- integrated type library viewer
- integrated debugger to monitor exceptions, close windows,log api
- external vbs script allows you to easily edit fuzzer permutations
- built in webserver to test exploits on the fly
- distributed auditing mode to allow entire teams to work together
- ability to upload crash files to central server for group analysis
- automation tools allowing you to easily fuzz multiple libraries
- individual classes, or specific functions.
You can watch a video tour of COMRaider in http://labs.idefense.com/doDownload.php?downloadID=24
Hamachi A community-developed utility for verifying browser integrity, written by H D Moore and Aviv Raff. Hamachi will look for common DHTML implementation flaws by specifying common "bad" values for method arguments and property values. Hamachi has found flaws in Firefox 1.0.7, Mozilla 1.7, Konqueror 3.5.1, Opera 8.5, Safari, and Internet Explorer!.
Original text taken from: http://www.infosecinstitute.com/blog/2005/12/fuzzers-ultimate-list.html
------
Update:
AxMan - http://metasploit.com/users/hdm/tools/axman/
Subscribe to:
Comments (Atom)
Posts
