Mobile Dial-Up in Back Track 5.

Installed BackTrack5 codename "Revolution" and was a bit frustrated when didn't found wvdial pre-installed in there.
As most of people around me use dial-up connections to use Internet. So searched for a solution and found that "pon,poff and plog" scripts can be used to control PPP connections (pre-installed in BackTrack5).

NOTE--- The method is explained below. Comments are in Green color and commands and the files content that is to be added are in Red color.

Step 1

Plug the Data Cable in Phone n see if it is recognized by the kernel.

root@bt:~#tail /var/log/messages

should result something like this

localhost kernel: [4295346.417000] usb 1-1: new full speed USB device using ohci_hcd and address3
localhost kernel: [4295348.125000] cdc_acm 1-1:1.8: ttyACM0: USB ACM device
localhost kernel: [4295348.133000] usbcore: registered new driver cdc_acm
localhost kernel: [4295348.133000] drivers/usb/class/cdc-acm.c: v0.23:USB Abstract Control Model driver for USB modems and ISDN adapters <---says that uses cdc-acm driver & that OS sees this device at /dev/ttyACM0


Step 2

Configure Ubuntu(bt5) to communicate with my phone.

Need to have ppp , it comes pre-installed in bt5 [ root@bt:~#apt-get install ppp]

Now , I need to create a configuration file that will tell BT5 , how to communicate with the phone

root@bt:~# nano /etc/ppp/peers/mobile

debug

noauth

connect "/usr/sbin/chat -v -f /etc/chatscripts/mobile"

usepeerdns

/dev/ttyACM0 115200 <--Need to use the device modem is recognized as (step1)

defaultroute

crtscts

lcp-echo-failure 0

My OS will send some commands to my phone to tell it to connect to the internet.These commands are stored in the chat script,and are sent when i try to connect.

root@bt:~#nano /etc/chatscripts/mobile

TIMEOUT 35

ECHO ON

ABORT '\nBUSY\r'

ABORT '\nERROR\r'

ABORT '\nNO ANSWER\r'

ABORT '\nNO CARRIER\r'

ABORT '\nNO DIALTONE\r'

ABORT '\nRINGING\r\n\r\nRINGING\r'

'' \rAT

OK 'AT+CGDCONT=1,"IP","INTERNET"'

OK ATD*99***1#

CONNECT ""

If I can connect in my phone without the PC,then this should work. If not then the likely points if the failure are the
'AT+CGDCONT=1,"IP","INTERNET"'

"INTERNET" in above line is the Access Point Name...Get it From the Phone.


Step 3

Ready to connect

To dial use

root@bt:~#pon mobile

To disconnect

root@bt:~# poff mobile

Note---Whatever connection are communicated between the Phone N OS can be seen @ /var/log/syslog

root@bt:~#tail -f /var/log/syslog

to view the messages "live" on the Terminal

Omegle Spy Bot !

NOT ILLEGAL BECAUSE OMEGLE DOESN'T HAVE A TERMS OF SERVICE - From the Creator of the Tool

Few days back came across an awesome Java executable name "Omegle Spy Bot". Credit goes to the creator of this app and can be found here under the download section.

You need Java installed on your system to run this app, works fine in Windows too.
For Linux users issue following on terminal

Code:

dex@desktop :~$ sudo java -jar OmegeleSpy.jar

The GUI of this app is pretty explanatory.
Start by clicking on "Start new conversation"
 Here's a snapshot.

Then they start their normal conversation you can watch the conversation.
Send message to either one from another one. Disconnect a user and impersonate him...Check it out ! Fun !

Using Google's Open DNS servers !

It's better to use Google's Open DNS server rather than one provided with your ISP.

There's a minor thing to take notice of in this method to work, as most of Linux users know for setting up DNS Server to use one needs to edit /etc/resolv.conf file.

so do this

code:

dex@desktop :~$ sudo gedit /etc/resolv.conf

nameserver 8.8.8.8
nameserver 8.8.4.4

dex@desktop :~$ chattr +i /etc/resolv.conf

Note :: Used  chattr command here to give file resolv.conf  immutable file attribute so that next time you reboot or restart your networking interface(s) your DNS servers will not be reset by the system to use the settings given by the DHCP server.

When you want to change again the file resolv.conf, first issue the following command to remove the immutable file attribute first before editing resolv.conf .

code:

dex@desktop :~$ sudo chattr -i /etc/resolv.conf

Someone suggested to me that Open DNS is better in terms of latency. So can also use as per need these DNS too :

 208.67.222.222
 208.67.220.220

Google Dork for Security Cameras !!

Use this Google Search Terms or Google Dorks to find several unattended Security Cams.

Note :: Use for fun only , do not stalk others !!


inurl:ViewerFrame?Mode=
intitle:Axis 2400 video server
inurl:/view.shtml
intitle:Live View / - AXIS
inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:live view intitle:axis
intitle:liveapplet
allintitle:Network Camera NetworkCamera
intitle:axis intitle:video server
intitle:liveapplet inurl:LvAppl
intitle:EvoCam inurl:webcam.html
intitle:Live NetSnap Cam-Server feed
intitle:Live View / - AXIS
intitle:Live View / - AXIS 206M
intitle:Live View / - AXIS 206W
intitle:Live View / - AXIS 210?
inurl:indexFrame.shtml Axis
inurl:MultiCameraFrame?Mode=Motion
intitle:start inurl:cgistart
intitle:WJ-NT104 Main Page
intext:MOBOTIX M1? intext:Open Menu
intext:MOBOTIX M10? intext:Open Menu
intext:MOBOTIX D10? intext:Open Menu
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:sony network camera snc-p1?
intitle:sony network camera snc-m1?
site:.viewnetcam.com -www.viewnetcam.com
intitle:Toshiba Network Camera user login
intitle:netcam live image
intitle:i-Catcher Console - Web Monitor
inurl:”ViewerFrame?Mode=
intitle:Axis 2400 video server
inurl:/view.shtml
intitle:”Live View / - AXIS” | inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / - AXIS”
intitle:”Live View / - AXIS 206M”
intitle:”Live View / - AXIS 206W”
intitle:”Live View / - AXIS 210″
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?Mode=Motion”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1″ intext:”Open Menu”
intext:”MOBOTIX M10″ intext:”Open Menu”
intext:”MOBOTIX D10″ intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1″
intitle:”sony network camera snc-m1″
site:.viewnetcam.com -www.viewnetcam.com
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console - Web Monitor”

Online VNC , SSH and Remote Desktop Scanner !

Today, I came across these awesome Online tools to search for VNC, RDP & SSH ports open in an IP address range  !! Do check them out !!

Note :: These tools doesn't Brute force, simply checks if the service ports are open.

Online VNC Scanner
This scans the VNC and gives you the IP address in Green.

Online Remote Desktop Scanner
This scans the Remote Desktop / RDP and gives you the IP address in Green.

Online SSH Scanner
This scans the SSH and gives you the IP address in Green.

BackTrack5 Released !!

This new revision has been built from scratch, and boasts several major improvements over all previous releases.Based on Ubuntu Lucid LTS. Kernel 2.6.38, patched with all relevant wireless injection patches. Fully open source and GPL compliant. BackTrack 5 comes in several flavors and architectures.

BackTrack5 Codename "Revolution" this time comes with GNOME Desktop Environment for the first time. There is a whole lot of architectures to chose from e.g arm, x86, x86_64 and also there is a choice between Virtual Image and ISO download. I am particularly excited about the GNOME Environment x86 architecture, going to try it soon.

Grab Yourself a Copy at --->> http://www.backtrack-linux.org/downloads/

Ping Sweeping in BackTrack !!!

While many of us use "Nmap" to ping sweep a network, there is also "fping" and "nbtscan" which when combined can give pretty fast result. There are many better ways to ping sweep this is just one way to do it.

Using fping is easy just refer the man page. Following is an example

CODE
# fping -a -g 10.18.1.0/24 2>/dev/null
10.18.1.66
10.18.1.77

This usage gives all the live host. For querying Netbios service to get the names of the Windows machine on your network use :

CODE
# nbtscan  10.18.1.1-254
Doing NBT name scan for addresses from 10.18.1.1-254

IP address       NetBIOS Name     Server    User             MAC address      
------------------------------------------------------------------------------
10.18.1.66       AAA-PC          <server>  <unknown>        00:1e:ce:90:ab:8c

Many other ways to do ping-sweep a network with minimum packet generation e.g using "Scapy" or just go with Nmap.

NOTE :: These are not expert views. on contrary these are something a newbie is  picking up.