'script' Category

• NSM-Console version 0.4 release

  January 16, 2008

  Well, it has barely been any length of time and there’s already a new release of NSM-Console, there are so many features that I’ve been coding like crazy to get them all done. First, let’s start with the downloading: http://writequit.org/projects/nsm-console/files/nsm-console-0.4.tar.gz And, for anyone interested, here’s a rundown of the most notable new features: Additional encoding/decoding […]

  posted in framework, hex, monitoring, monkey, network, nsm, nsm console, packet, ruby, script, security, tcpick, tcptrace by Lee

• NSM-Console version 0.3 release

  January 8, 2008

  Yep, I’ve just been cranking out code lately, so I am proud to present the 0.3 release of nsm-console! You can download NSM-Console here: http://writequit.org/projects/nsm-console/files/nsm-console-0.3.tar.gz This release was focused a bit more on usability, features and bugfixes rather than the addition of new modules, however, there were still a couple that were added. Since this […]

  posted in argus, console, decode, development, encode, fl0p, framework, hex, iploc, lgpl, monitoring, network, nsm, nsm console, opensource, ruby, script, security by Lee

• Development version of nsm-console (0.3-DEVEL)

  January 1, 2008

  I just pushed out a newer development version of nsm-console out to navi.eight7.org, here are some of the new features: Snort module with community rules self-contained snort module will all the community rules and configuration file, this’ll generate alerts into a file after reading the pcap file. I wasn’t sure whether to use community or […]

  posted in automation, development, hex, logfile, nsm, nsm console, programming, ruby, script, snort by Lee

• NSM-console version 0.2 release

  December 21, 2007

  I found out there is internet here, so I’m finally able to post some code changes I was working on while on the airplane. Firstly, download the files here. The static page for nsm-console is here. I finally got around to releasing the next version of the nsm-console. This version incorporates a large amount of […]

  posted in automation, framework, freebsd, hacking, hex, network, networking, nsm, nsm console, pcap, ruby, script, security by Lee

• A completely useless but fun-to-write program for checking webpage existence

  December 14, 2007

  Code: #!/usr/bin/env ruby def fisher_yates_shuffle(a) (a.size-1).downto(1) { |i| j = rand(i+1) a[i], a[j] = a[j], a[i] if i != j } end lines = File.open(‘/usr/share/dict/words’).collect fisher_yates_shuffle(lines) lines.each { |word| puts “trying #{word.chomp}…” system(“wget -q #{ARGV[0]}/#{word.chomp}.html”) system(“wget -q #{ARGV[0]}/#{word.chomp}.htm”) system(“wget -q #{ARGV[0]}/#{word.chomp}.php”) sleep(1) } (The “sleep(1)” is so you don’t kill the server with traffic, remove […]

  posted in fun, ruby, script, web server, wget by Lee

• Network traffic IP Location aggregator (iploc)

  December 14, 2007

  Have you ever been looking through your pcap files (or live captures) and wondered where all the traffic was coming from (or going to)? I have! Well, I’ve written a small (< 150 lines) script to aggregate all of the packet source addresses into a neatly separated CSV (comma-separated values) file. It includes <ip address>,<country>,<city […]

  posted in csv, ip, iploc, location, locator, network, pcap, ruby, script, traffic, visualization by Lee

• NSM Console projected module list

  November 28, 2007

  Here’s a list of all the planned modules and completed (struck-out) modules for nsm-console: (if a module is struck out, it’s because I’ve finished making a module for it, it isn’t necessarily in the tarball for download) aimsnarf ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent) tcpxtract tcpflow chaosreader bro-IDS snort tcpdstat capinfos tshark argus ragator racount rahosts hash (md5 & […]

  posted in aimsnarf, argus, bro-ids, capinfos, chaosreader, console, flowtag, flowtime, harimau, hash, honeysnap, md5, module, ngrep, nsm, p0f, ra, racount, ragator, rahosts, ruby, script, sha256, snort, tcpdstat, tcpflow, tcpxtract, tshark by Lee

• NSM Console – A framework for running things

  November 27, 2007

  Well, I’ve been hard at work for the last couple of days working on a (hopefully) useful tool for aiding in NSM file analysis (for pcap files, live analysis doesn’t work). Behold! I present NSM-Console! (read more about it here, watch a screencast here) Download the framework here. Keep in mind this framework only includes […]

  posted in aimsnarf, console, framework, hex, module, nsm, pcap, plugin, ruby, script, security by Lee

• aimsnarf version 0.11 released

  November 12, 2007

  Yea yea, I know, it’s only been a few hours since the first release. Well, here’s the new release with a couple of major todos taken care of: Download the script here. Read about aimsnarf in the previous post about it. Changes in this version: Trillian is now supported, as well as AOL’s AIM client. […]

  posted in dsniff, hacking, linux, mac, monitoring, pcap, programming, ruby, script, security, sniffing, tcpdump, wireshark by Lee

• Introducing ‘aimsnarf.rb’ => A simple AIM sniffing tool written in Ruby

  November 12, 2007

  [UPDATE 11/13/07] : version 0.11 released Firstly, download the script here. aimsnarf.rb is a small (~200 lines) Ruby script that I’ve written to sniff and dump AOL IM messages to STDOUT. I wrote this an as alternative to aimsniff, because I really dislike having to install aimsniff and all of it’s dependancies when all I […]

  posted in bsd, dsniff, linux, monitoring, pcap, ruby, script, security, sniffing, tcpdump, unix by Lee