Encrypting and decrypting files using OpenSSL

If you need to just encrypt file without additional tool on Linux box, you can use OpenSSL for this task. It may help you sent sensitive information trough unsecure channels.

You can use varios encryption algorithms ( I'm using AES 128 in this example): 

root@vo:~# cat test.txt
test test test
root@vo:~# openssl enc -aes-128-cbc -in test.txt -out test.txt.enc 
enter aes-128-cbc encryption password: 
Verifying - enter aes-128-cbc encryption password: 
root@vo:~# rm test.txt

 And after use "-d" option for decrypting:

root@vo:~# openssl enc -d -aes-128-cbc -in test.txt.enc -out test.txt 
enter aes-128-cbc decryption password: 
root@vo:~# cat test.txt 
test test test 

 And thats all :)

shell script: generate usernames from information found

Almost in every penetration test auditor encounter some of this information - company worker names and e-mail addresses. And after use them to launch Brute-Force or other attacks. Of course this information needs to be somehow translated to valid username format

Here is my basic script, which generates "usernames" from text file, that contains user data in following formats:

1) Name Surname

2) Surname Name

3) username@domain

4) name.surname@domain

It generates usernames using this formats:

1) first letter of name + surname

2) first letter of surname + name

3) last letter of username + rest of username

4) rest of username + first letter of username

5) All of this trimmed to 8 characters

I have plan to add to this script functionality to add number at the end of username like ajons01 or ajons1, ehich are used when there are two workers with same letter combination.

Syntaxis for this script is:

 ./create_username.sh input.txt output.txt

And here is link to this script:

https://docs.google.com/file/d/0Byb0uBS7ecMzTGhmUTJERVJsc00/edit?usp=sharing

Here sample output from how it works:

Wireshark: Packet capture file - leave only headers

There is times, when you need to send packet capture files to "some support" but you are unsure if they contains sensitive information. If you are happy to send them just packet headers (in some cases you cannot do this, if problem is at application level), there is command line
tool which go with wireshark which can help you:

editcap -s 52  infile.cap outfile.cap

What it does: it chos everything after 52 bytes from packet. 52 bytes is enough to capture L2/L3/L4 headers.

After this operation packets in file will be like this:

And at the end you will see - Packet size limited during capture.

This method is usefull when debugging communication problems, which is not related to Application layer.

You can check additional options of editcap, using editcap -h:

Change grub default system to windows

Easy way: Change OS detection order in grub.

Rename /etc/grub.d/30_os-prober to 09_os-prober

And thats all. Windows 8 is now first in boot order. :)

Get access to local Windows machine using Kali linux

Almost all versions of windows password is saved in SAM file. This file is usually located under /Windows/System32/config. On your system it may look something like this: /media/hda1/Windows/System32/config. Below is the screenshot.

Type command chntpw -l SAM and it will list out all the usernames that are contained on the Windows system.

The command gives us a list of usernames on the system. When we have the username we want to modify and we simply run the command chntpw -u “username” SAM

In the example below we typed: chntpw -u “Administrator” SAM and we get the following menu:

We now have the option of clearing the password, changing the password, or promoting the user to administrator. Changing the password does not always work on Windows 7 systems, so it is recommended to clear the password. Therefore you will be able to log in with a blank password. You can also promote the user to a local administrator as well.

Pasted from: http://kali4hackers.blogspot.com/2013/07/how-to-reset-windows-password-with-kali.html