28 May 2013

PHPJackal on Action

Maybe, this is your Server?? Check your security about your Server.
Webshelling with PHPJackal
I have been entered into this Server, i use PHPJackal for webshelling this Server. Contacting the Administrator of this Server? Maybe, if there's an agreement between me and he/she about the Server. Don't think about how secure we are, but thinking how un-secure we are?
"I am for aiming!"

27 May 2013

Indonesian Dark Wordlist

Indonesian Dark Wordlist adalah proyek baru dari Unlisted Developer yang menghasilkan kumpulan kata (wordlist) berbasiskan pada Kamus Besar Bahasa Indonesia (KBBI) untuk berbagai keperluan, misalnya teknik bruteforce atau aircracking. Kami masih melihat proyek-proyek sebelumnya masih tidak jelas kelanjutan proyeknya dalam membuat Wordlist, maka dari itulah kami membuat proyek ini sebagai jembatan kepada teman-teman lain yang membutuhkan wordlist yang lengkap tanpa harus bersusah-susah meng-generate.
Mengingat proyek ini masih dalam tahap awal, maka banyak sekali kelemahan-kelamahan yang ada, sehingga kami mengharapkan kritik dan saran yang membangun, supaya kami bisa berbenah dalam setiap tambahan waktu. Selain itu, kami juga masih membuka peluang kepada teman-teman yang ingin bergabung dalam proyek ini, silahkan menghubungi saya via email atau tinggalkan komentar pada tulisan ini. Tidak ada syarat ketentuan khusus, hanya syarat umum yaitu bisa mengoperasikan komputer (mengerti linux lebih diutamakan) dan memiliki koneksi internet.
Harapan besar kami dari proyek ini adalah bisa menghasilkan wordlist dari kosa kata yang ada dalam Kamus Besar Bahasa Indonesia, sehingga akan memberikan peluang yang lebih besar kepada user kami, untuk menggunakan wordlist ini dengan kata akhir "sukses". Kecenderungan pemakaian bahasa regional atau nasional membuat peluang wordlist pada proyek ini nantinya memiliki nilai yang besar. Sehingga bisa dijadikan acuan dalam pengembangan wordlist-wordlist lain dengan memanfaatkan sumber daya kami.
Untuk sementara kami menggunakan GitHub untuk melakukan pengembangan sekaligus dokumentasi proyek. Beranda GitHub proyek ini ada di https://github.com/h3rucutu/indonesian-dark-wordlist.
Bagaimana untuk mengkloning proyek ini pada komputer lokal? Gunakan perintah di bawah ini.
root@kali:~# git clone https://github.com/h3rucutu/indonesian-dark-wordlist indonesian-dark-wordlist
Selamat menikmati dan mari berkontribusi.
"i am for aiming!"

26 May 2013

Share Connection eth0 on Kali

When i was still using Backtrack as pentest Operating System on my netbook, i need to configure everything about networking, include sharing connection over eth0 interface. I must type on the terminal to set up the interface, then set the IP and netmask, etc. After setting the interface connection, i also must to configure  iptables to forwarding the internet connection from the other interface into eth0, and the last step i must turn on forwarding rule. It's really fun, although need several step to do it. But, when i am using Kali Linux, i realize that the step which can i do on backtrack doesn't running on Kali Linux. After learn several option about networking on Kali, finally i can share connection over eth0 on Kali Linux.
Okay, the first assume that we must have connected internet (not using eth0). Next, when your connection are ready, you can right click on the networking icon, select Edit Connection.
Edit Connection
When the window "Networking Connection" appear, click Wired tab, and select Wired Connection, then click Edit.
Network Connection
Configure Wired Connection on IPv4 tab, set the method is "Shared to the other computers", don't forget to checklist Connect automatically, see figure below. Save the configuration within click Save.
Wired Connection
Now, your computer are ready for sharing connection over eth0 interface on Kali Linux. You can share with plug-in the UTP cable on your computer and the other computer, and DHCP Server will give the IP Address automatically for the other computer which you have shared internet connection. Let's share!
"i am for aiming!"

25 May 2013

Why Unlisted Developer Repo?

Unlisted Developer is the first of my project on Kali Linux development, we focused on Kali Linux Repository on Indonesia. We offer several advantages about Kali Linux Repository, we don't just mirroring the main Repository of Kali Linux, but we have different management for this Repository. Okay, i'll write down several advantages, why we are better than the other Mirror Repository of Kali Linux.

1. All In One
As we know, the default repository of Kali Linux is divided into three section, this is main, contrib and non-free. Main is the main repository which contain the core repository. Contrib is the repository for contribution. And Non-Free is the non-free repository. On the upper level, there are more kind of repository, for example security.
It's too complicated, because we must add every repository source which provide each feature. On our repository, you just add one repository source and you will get all of the repository feature, include security, update original tools, extra tools. You won't get the disadvantages of the experimental update, because we will testing all of the update before we packaging and add into our repository.

2. Easy Inspection
When you're ready to be a part of developer, maybe you interest about how we manage the package in our repository. We are open for newbie developer. So, we have commit to make our system of managing package easy to inspection.
We make this repository different with Debian structure, but not totally different. We believe that our structure easier to learn than Debian structure.

3. Small Space
We are still focus on i386 architecture, but on the future we will accommodate all of the architecture, include armhf (raspberry pi). By doing that, we need smaller space than mirroring method. Because we are packaging, not only mirroring. So we can save upto 90% space of the mirroring method space.

4. Reduce Bandwidth
Because we have using small space, we reduce bandwidth too. It's make our bandwidth on the server saving.

5. Open Project
This Project is open, you can contribute and join with us as developer. As unlisted developer, we learn together and develop for the better repository for Indonesian Network.
For more information, click http://herupranoto.web.ugm.ac.id.

"i am for aiming!"

05 May 2013

Fixing Flash Plugin Chrome

Installing Google Chrome is the best way to benefit from surfing on internet. Yes, Google Chrome is the most lightweight browser. As a linux user, we know that there're two type of that browser, Google Chrome and Chromium. Chromium is the opensource version of Chrome, and Google Chrome is the proprietary version. When you installed Chromium, you can't installed plugins where available on the Chrome Store, but on Google Chrome it can be. But, there's a problem on Kali Linux, when you installed the latest version of Google Chrome. It's because the newest version of Plugins Flash Player which included on the Google Chrome was not compatible or not stable yet. That version is 11.7 r700.
Okay, here i will tell you to fix it. Maybe you want to install Google Chrome at first (read Installing Google Chrome). Before it, you must be installing Hexedit, because on Kali Linux, Hexedit wasn't installed by default (read Installing Hexedit on Kali Linux). After that, on Google Chrome open the new tab and type "chrome://plugins".
You'll see several plugins which installed on Google Chrome. When you have installed Flash Player Plugin for Iceweasel like this post, you will found that Google Chrome was listed two Plugin of Flash Player, the first is the default from Google Chrome (11.7 r700), the second is Flash Player Plugin for Iceweasel (11.2 r202).
On my PC which installed Kali Linux, the 11.2 r202 version is more stable than 11.7 r700. I don't know about it, when i use the 11.7 r700 version to open video from Youtube, Google Chrome lacking everytime. But when i use the 11.2 r202, Google Chrome was playing the video normally. So, based on my experiment i choose 11.2 r202 version.
To activating just one Flash Player Plugin for Google Chrome, open the plugins of Google Chrome at "chrome://plugins".
You can click details on the right side in the window.
After that, you will see two Flash Player Plugin listed, disable the 11.7 r700 version.
Flash Plugins Google Chrome
Now, your Google Chrome just use one Flash Player Plugin.
"i am for aiming!"

03 May 2013

Installing Privoxy beside Tor

Privoxy is tools for configuring proxy on your system. It's needed for anonymous concepts. So, your identity when you using internet keeping from the other person who want to determine what your activity. Usually, i using Privoxy with Tor. Tor is providing the bouncing method with international network, and privoxy will forward it into your local machine with HTTP method. So, if you just use Tor, you can't connect to your local network. Then after you installed Privoxy beside Tor, you will be connected into your local network.
Let's begin. The first assume, you running on Kali Linux and you have an installed Tor in your system (see how to install Tor). If you have the default repository of Kali Linux, you need to add the Debian or Kali Main repository (in this tutorial i will use Debian Main repository), open the sources.list.
root@h3:~# vim /etc/apt/sources.list
Add the new source of the repository below, save and exit.
deb http://kambing.ui.ac.id/debian wheezy main
Running update and install Privoxy.
root@h3:~# apt-get update && apt-get install privoxy
After Privoxy installed, remove the Debian Main repository from your sources.list (it's to keep your system for damage condition).
Before configuring Privoxy, backup the default configuration Privoxy fist.
root@h3:~# cp /etc/privoxy/config /etc/privoxy/config.bak
Open the configuration file of Privoxy.
root@h3:~# vim /etc/privoxy/config
Find listen-address on the Access Control and Security Section. Change
listen-address localhost:8118
Next, find forward socks4 and socks5 on the Forwarding Section. Un-comment the row below.
forward-socks5 /
forward 192.168.*.*/ .
forward 10.*.*.*/ .
forward 127.*.*.*/ .
forward localhost/
See the forward socks5, the port must be same with the port of Tor you're setup, here i running Tor on port 9150 (see how to running Tor on static port). Alternatively, if you confusing about it, you can download the config file here. Then replace the old config with the config file which you have downloaded.
For collaborating Privoxy with Tor, open the directory of Tor. Edit start-tor-browser with your favourite text editor.
root@h3:~# vim start-tor-browser
Add the command on the first and second row of this file with command to running Privoxy, so Privoxy will automatically running when you're running Tor.
/etc/init.d/privoxy stop
/etc/init.d/privoxy start
Go to the end of that file, add the command to stopping Privoxy, it will stopping Privoxy when you're stopping Tor.
/etc/init.d/privoxy stop
Save and exit. Now, go to the Network Configuration, i'm using Iceweasel. Set up the proxies of Iceweasel below.
Configuring Proxy of Iceweasel
Now, go to the address bar. Type http://check.torproject.org, when the color of image is green, your Tor is worked.
Tor Worked
Then go to http://config.privoxy.org, when the Privoxy Information opened, your Privoxy is worked too.
Privoxy Worked
Finally Privoxy and Tor is working together perfectly.
"i am for aiming!"

02 May 2013

Modifying Kali Linux Interface

GNOME is still running on Kali Linux, but the interface of GNOME on Kali Linux is different with GNOME on Backtrack. On Backtrack we can modify it very easy as adding panel, changing the button layout of window manager, etc. As a Backtrack user, i always remember what the desktop environment on Backtrack, and maybe need more time to adapt with the new desktop environment on Kali Linux.
But, to still keeping you so that you don't need time to adapt, you can modify the interface of Kali Linux. So you can enjoy the new environment of Kali Linux without afraid about your habit before using Kali Linux. One of more the differences between Backtrack and Kali Linux is the button layout at window manager. At Backtrack, you will found that the button layout located at the left, but at Kali Linux, it will be send back to right. Don't be afraid, let we send back (again) the button layout of window manager to the left.
You can use dconf (looks like gconf-editor) to modify it. Run dconf from Applications >> System Tools >> dconf Editor.
Running dconf
Open the org >> gnome >> desktop >> wm >> preferences.
dconf Editor
On the button-layout, change the configuration value with.
modify button layout
When you change the configuration value, the button layout will move to left immediately. Now, you don't need to adapt about the button layout of window manager on Kali Linux.
"i am for aiming!"

01 May 2013

Installing Hexedit on Kali Linux

Hexedit, is tool to edit the hex file. Hex file may contain a binary package which can be execute, after it has been compiled from the source code. Remembering on the last Backtrack, this tool still packaged with about over 300 another tools which ready to doing pentest action. But when i have installed Kali Linux, i did not see that tool again. Although there is another tool like GVim, but i more like Hexedit than another tool. Because Hexedit is lightweight. So we don't need a big resource to using that tool.
Okay, because i did not found Hexedit on Kali Linux, i will installed it from the Kali or Debian repository. It the best way to installed Hexedit on Kali Linux.
First, you need to open the source of your repository at /etc/apt directory.
root@h3:~# leafpad /etc/apt/sources.list
Second, add the new source of Kali repository (see recommended repository for Kali Linux), save and exit.
deb http://mirror.nus.edu.sg/kali/kali kali main
Third, you can running update of apt and install hexedit package.
root@h3:~# apt-get update && apt-get install hexedit
After that you can remove the new source which have you added into list of repository source. Do update again, and now you can using Hexedit on your Kali Linux.
Maybe it helpful when you want to installing Google Chrome (see Installing Google Chrome), to changing the code in order to Google Chrome can running at root permission level.
"i am for aiming!"