'script' Category

  • NSM-Console version 0.7 release

    April 27, 2008

    First off, I apologize for the lack of posts here lately, I’ve been trying to come up with something good to post, because I’m just not a fan of rehashing things other blogs post, or commenting on news stories. Hopefully I’ll be able to contribute more soon Now down to the real post, NSM-Console 0.7 […]

    posted in console, hex, ip2asn, monitoring, network, nsm, nsm console, ruby, script, security, Uncategorized, yahsnarf by Lee

  • Book Review: Catalyst, Accelerating Perl Web Application Development

    April 11, 2008

    Recently I was contacted by a publisher from Packt publishing about reviewing a couple of books, after a long time (sorry I took so long!) I’m finally finished with my review of the first book, Catalyst: Accelerating Perl Web Application Development. Note that while I was asked, I wasn’t paid for this review, this is […]

    posted in book, catalyst, framework, mvc, perl, rails, review, script by Lee

  • Yahsnarf – Sniff Yahoo IM conversations

    April 3, 2008

    Remember way back, when I released Aimsnarf? Well, it turns out that people were interested in one for Yahoo IM, so I’m happy to present Yahsnarf, the Yahoo messenger sniffing script. You can download the script on the yahsnarf project page. Yahsnarf requires Ruby, ruby-pcap and bit-struct (Thanks Matasano for introducing me to bit-struct, made […]

    posted in im, network, pcap, ruby, script, sniff, yahoo, yahsnarf by Lee

  • The Strange Case of Yousif Yalda, an addendum

    March 28, 2008

    For people who follow the McGrewSecurity.com blog by Wesley McGrew, you are no doubt familiar with an “internet user” by the name of Yousif Yalda. For a little background, take a read on Wesley’s post on some of the “business tactics” of Yousif. Seeing as how this is the internet, and we’re all entitled to […]

    posted in kiddie, log, script, skiddie, threats, yousif by Lee

  • Rebuilding TCP streams with Ruby part 2: fuzzysort

    March 19, 2008

    This is part 2 of a series on rebuilding TCP streams using Ruby, for more information, visit the previous post: Rebuilding TCP streams with Ruby part 1: fuzzymatch In my previous post, I talked about using fuzzy sequence/acknowledge numbers to split a network capture file into streams. Using fuzzymatch was pretty successful for cutting streams […]

    posted in fuzzymatch, internet, rebuild, ruby, script, sequence, stream, tcp by Lee

  • Rebuilding TCP streams with Ruby part 1: fuzzymatch

    March 11, 2008

    I have undertaken the (not so small) task of attempting to use Ruby to rebuild TCP data streams. I was originally planning on using ruby-libnids, but after running into considerable trouble with dynamic library linking on OSX, I decided it’d be a good experiment to write my own. This is not a small feat. In […]

    posted in fuzzymatch, internet, rebuild, ruby, script, sequence, stream, tcp by Lee

  • Obfuscated javascript fun

    March 5, 2008

    A friend of mine (thanks Legit) turned me on to this piece of javascript found in the midst of some PHP: <script language=”JavaScript”> var0 = “x69x3cx33x27x34x38x30x75x3bx34″; var1 = “x38x30x68x72x36x3ax20x3bx21x30″; var2 = “x27x72x75x26x27x36x68x72x3dx21″; var3 = “x21x25x6fx7ax7ax33x27x34x38x30″; var4 = “x26x21x34x21x7bx3bx30x21x7ax3c”; var5 = “x3bx31x30x2dx67x7bx25x3dx25x72″; var6 = “x75x3dx30x3cx32x3dx21x68x72x64″; var7 = “x63x72x75x22x3cx31x21x3dx68x72″; var8 = “x64x63x72x75x33x27x34x38x30x37″; var9 = “x3ax27x31x30x27x68x72x65x72x75″; var10 = […]

    posted in iframe, javascript, obfuscation, php, ruby, script by Lee

  • The ZoomGo script, quickly move anywhere you want to be

    February 29, 2008

    One of the most important traits of being a SysAdmin is laziness (well, not really laziness, but recognizing repetitive action and taking steps to automate it). In the effort to combat repetitive changing directories, I have written a tiny (< 100 lines) Ruby script to handle “zooming” to a particular directory. Firstly, download the script […]

    posted in ruby, script, sysadmin, zoomgo, zsh by Lee

  • NSM-Console version 0.5 release

    February 5, 2008

    That’s right, no development release this time around. I’ve been trying to get version 0.5 all finished for the Hex 1.0.3 release, and I’m happy to present the newest NSM-Console release! Firstly, you can download NSM-Console version 0.5 here: http://writequit.org/projects/nsm-console/files/nsm-console-0.5.tar.gz Mirror here: https://secure.redsphereglobal.com/data/dakrone/files/nsm-console-0.5.tar.gz Like always, let’s go over some of the new features in this […]

    posted in bro-ids, checkip, flowtime, framework, harimau, hex, monitoring, network, nsm, nsm console, ruby, script, security, snort by Lee

  • Flowtime – Create a timeline for packet flow

    January 24, 2008

    You can never have too many tools for pcap visualization Flowtime is a script written in Ruby that produces a timeline of the network flows in a pcap file. Everything is better with a picture, so here’s a picture: (warning, this picture is 3000×2000 pixels, kind of large) Each bar on the left is a […]

    posted in argus, easytimeline, flow, flowtime, packet, pcap, plot, ploticus, ruby, script, timeline, visualization by Lee

 
Powered by Wordpress and MySQL. Theme by Shlomi Noach, openark.org