Monday, July 27, 2009

WEP Hacking Tools


AirSnort is a wireless LAN (WLAN) tool which cracks encryption keys on 802.11 WEP networks. AirSnort operates by passively monitoring transmissions and computing the WEP encryption key when enough packets have been gathered.


bsd-airtools is a package that provides a complete toolset for wireless 802.11 auditing. Namely, it currently contains a bsd-based Wired Equivalent Privacy (WEP) cracking application, called dweputils (as well as kernel patches for NetBSD, OpenBSD, and FreeBSD). It also contains a curses based ap detection application similar to netstumbler (dstumbler) that can be used to detect wireless access points and connected nodes, view signal to noise graphs, and interactively scroll through scanned ap's and view statistics for each. It also includes a couple other tools to provide a complete toolset for making use of all 14 of the prism2 debug modes as well as do basic analysis of the hardware-based link-layer protocols provided by prism2's monitor debug mode.


WEPCrack is a tool that cracks 802.11 WEP encryption keys by exploiting the weaknesses of RC4 key scheduling.

WAP Attack

WepAttack is a WLAN open source Linux tool for breaking 802.11 Wired Equivalent Privacy (WEP) keys. This tool is based on an active dictionary attacl that tests millions of words to find the right key. Only one packet is required to start an attack on WEP.


WEPWedgie is a toolkit for determining 802.11 WEP keystreams and injecting traffic with known keystreams. The toolkit also includes logic for firewall rule mapping, pingscanning, and portscanning via the injection channel and a cellular modem.

Friday, July 24, 2009

Beginner's Introduction to Perl

Welcome to Perl.

Perl is the Swiss Army chainsaw of scripting languages: powerful and adaptable. It was first developed by Larry Wall, a linguist working as a systems administrator for NASA in the late 1980s, as a way to make report processing easier. Since then, it has moved into a large number of roles: automating system administration, acting as glue between different computer systems; and, of course, being one of the most popular languages for CGI programming on the Web.

Why did Perl become so popular when the Web came along? Two reasons: First, most of what is being done on the Web happens with text, and is best done with a language that's designed for text processing. More importantly, Perl was appreciably better than the alternatives at the time when people needed something to use. C is complex and can produce security problems (especially with untrusted data), Tcl can be awkward and Python didn't really have a foothold.

It also didn't hurt that Perl is a friendly language. It plays well with your personal programming style. The Perl slogan is ``There's more than one way to do it,'' and that lends itself well to large and small problems alike.

In this first part of our series, you'll learn a few basics about Perl and see a small sample program.

A Word About Operating Systems

In this series, I'm going to assume that you're using a Unix system and that your Perl interpreter is located at /usr/local/bin/perl. It's OK if you're running Windows; most Perl code is platform-independent.

Your First Perl Program

Take the following text and put it into a file called

print "Hi there!\n";

(Traditionally, first programs are supposed to say Hello world!, but I'm an iconoclast.)

Now, run it with your Perl interpreter. From a command line, go to the directory with this file and type perl You should see:

     Hi there!

The \n indicates the ``newline'' character; without it, Perl doesn't skip to a new line of text on its own.

Functions and Statements

Perl has a rich library of functions. They're the verbs of Perl, the commands that the interpreter runs. You can see a list of all the built-in functions on the perlfunc main page. Almost all functions can be given a list of parameters, which are separated by commas.

The print function is one of the most frequently used parts of Perl. You use it to display things on the screen or to send information to a file (which we'll discuss in the next article). It takes a list of things to output as its parameters.

   print "This is a single statement.";
print "Look, ", "a ", "list!";

A Perl program consists of statements, each of which ends with a semicolon. Statements don't need to be on separate lines; there may be multiple statements on one line or a single statement can be split across multiple lines.

    print "This is "; print "two statements.\n"; print "But this ",
"is only one statement.\n";

Numbers, Strings and Quotes

There are two basic data types in Perl: numbers and strings.

Numbers are easy; we've all dealt with them. The only thing you need to know is that you never insert commas or spaces into numbers in Perl. always write 10000, not 10,000 or 10 000.

Strings are a bit more complex. A string is a collection of characters in either single or double quotes:

   'This is a test.'
"Hi there!\n"

The difference between single quotes and double quotes is that single quotes mean that their contents should be taken literally, while double quotes mean that their contents should be interpreted. For example, the character sequence \n is a newline character when it appears in a string with double quotes, but is literally the two characters, backslash and n, when it appears in single quotes.

    print "This string\nshows up on two lines.";
print 'This string \n shows up on only one.';

(Two other useful backslash sequences are \t to insert a tab character, and \\ to insert a backslash into a double-quoted string.)


If functions are Perl's verbs, then variables are its nouns. Perl has three types of variables: scalars, arrays and hashes. Think of them as ``things,'' ``lists,'' and ``dictionaries.'' In Perl, all variable names are a punctuation character, a letter or underscore, and one or more alphanumeric characters or underscores.

Scalars are single things. This might be a number or a string. The name of a scalar begins with a dollar sign, such as $i or $abacus. You assign a value to a scalar by telling Perl what it equals, like so:

    $i = 5;
$pie_flavor = 'apple';
$constitution1776 = "We the People, etc.";

You don't need to specify whether a scalar is a number or a string. It doesn't matter, because when Perl needs to treat a scalar as a string, it does; when it needs to treat it as a number, it does. The conversion happens automatically. (This is different from many other languages, where strings and numbers are two separate data types.)

If you use a double-quoted string, Perl will insert the value of any scalar variables you name in the string. This is often used to fill in strings on the fly:

    $apple_count = 5;
$count_report = "There are $apple_count apples.";
print "The report is: $count_report\n";

The final output from this code is The report is: There are 5 apples..

Numbers in Perl can be manipulated with the usual mathematical operations: addition, multiplication, division and subtraction. (Multiplication and division are indicated in Perl with the * and / symbols, by the way.)

    $a = 5;
$b = $a + 10; # $b is now equal to 15.
$c = $b * 10; # $c is now equal to 150.
$a = $a - 1; # $a is now 4, and algebra teachers are cringing.

You can also use special operators like ++, --, +=, -=, /= and *=. These manipulate a scalar's value without needing two elements in an equation. Some people like them, some don't. I like the fact that they can make code clearer.

   $a = 5;
$a++; # $a is now 6; we added 1 to it.
$a += 10; # Now it's 16; we added 10.
$a /= 2; # And divided it by 2, so it's 8.

Strings in Perl don't have quite as much flexibility. About the only basic operator that you can use on strings is concatenation, which is a $10 way of saying ``put together.'' The concatenation operator is the period. Concatenation and addition are two different things:

   $a = "8";    # Note the quotes.  $a is a string.
$b = $a + "1"; # "1" is a string too.
$c = $a . "1"; # But $b and $c have different values!

Remember that Perl converts strings to numbers transparently whenever it's needed, so to get the value of $b, the Perl interpreter converted the two strings "8" and "1" to numbers, then added them. The value of $b is the number 9. However, $c used concatenation, so its value is the string "81".

Just remember, the plus sign adds numbers and the period puts strings together.

Arrays are lists of scalars. Array names begin with @. You define arrays by listing their contents in parentheses, separated by commas:

    @lotto_numbers = (1, 2, 3, 4, 5, 6);  # Hey, it could happen.
@months = ("July", "August", "September");

The contents of an array are indexed beginning with 0. (Why not 1? Because. It's a computer thing.) To retrieve the elements of an array, you replace the @ sign with a $ sign, and follow that with the index position of the element you want. (It begins with a dollar sign because you're getting a scalar value.) You can also modify it in place, just like any other scalar.

    @months = ("July", "August", "September");
print $months[0]; # This prints "July".
$months[2] = "Smarch"; # We just renamed September!

If an array doesn't exist, by the way, you'll create it when you try to assign a value to one of its elements.

    $winter_months[0] = "December";  # This implicitly creates @winter_months.

Arrays always return their contents in the same order; if you go through @months from beginning to end, no matter how many times you do it, you'll get back July, August and September in that order. If you want to find the length of an array, use the value $#array_name. This is one less than the number of elements in the array. If the array just doesn't exist or is empty, $#array_name is -1. If you want to resize an array, just change the value of $#array_name.

    @months = ("July", "August", "September");
print $#months; # This prints 2.
$a1 = $#autumn_months; # We don't have an @autumn_months, so this is -1.
$#months = 0; # Now @months only contains "July".

Hashes are called ``dictionaries'' in some programming languages, and that's what they are: a term and a definition, or in more correct language a key and a value. Each key in a hash has one and only one corresponding value. The name of a hash begins with a percentage sign, like %parents. You define hashes by comma-separated pairs of key and value, like so:

    %days_in_month = ( "July" => 31, "August" => 31, "September" => 30 );

You can fetch any value from a hash by referring to $hashname{key}, or modify it in place just like any other scalar.

    print $days_in_month{"September"}; # 30, of course.
$days_in_month{"February"} = 29; # It's a leap year.

If you want to see what keys are in a hash, you can use the keys function with the name of the hash. This returns a list containing all of the keys in the hash. The list isn't always in the same order, though; while we could count on @months to always return July, August, September in that order, keys %days_in_summer might return them in any order whatsoever.

    @month_list = keys %days_in_summer;
# @month_list is now ('July', 'September', 'August') !

The three types of variables have three separate namespaces. That means that $abacus and @abacus are two different variables, and $abacus[0] (the first element of @abacus) is not the same as $abacus{0} (the value in abacus that has the key 0).


Notice that in some of the code samples from the previous section, I've used code comments. These are useful for explaining what a particular piece of code does, and vital for any piece of code you plan to modify, enhance, fix, or just look at again. (That is to say, comments are vital for all code.)

Anything in a line of Perl code that follows a # sign is a comment. (Except, of course, if the # sign appears in a string.)

   print "Hello world!\n";  # That's more like it.
# This entire line is a comment.


Almost every time you write a program, you'll need to use a loop. Loops allow you run a particular piece of code over and over again. This is part of a general concept in programming called flow control.

Perl has several different functions that are useful for flow control, the most basic of which is for. When you use the for function, you specify a variable that will be used for the loop index, and a list of values to loop over. Inside a pair of curly brackets, you put any code you want to run during the loop:

     for $i (1, 2, 3, 4, 5) {
print "$i\n";

This loop prints the numbers 1 through 5, each on a separate line.

A handy shortcut for defining loops is using .. to specify a range of numbers. You can write (1, 2, 3, 4, 5) as (1 .. 5). You can also use arrays and scalars in your loop list. Try this code and see what happens:

    @one_to_ten = (1 .. 10);
$top_limit = 25;
for $i (@one_to_ten, 15, 20 .. $top_limit) {
print "$i\n";

The items in your loop list don't have to be numbers; you can use strings just as easily. If the hash %month_has contains names of months and the number of days in each month, you can use the keys function to step through them.

    for $i (keys %month_has) {
print "$i has $month_has{$i} days.\n";
    for $marx ('Groucho', 'Harpo', 'Zeppo', 'Karl') {

print "$marx is my favorite Marx brother.\n";

The Miracle of Compound Interest

You now know enough about Perl - variables, print, and for() - to write a small, useful program. Everyone loves money, so the first sample program is a compound-interest calculator. It will print a (somewhat) nicely formatted table showing the value of an investment over a number of years. (You can see the program at

The single most complex line in the program is this one:

    $interest = int (($apr / 100) * $nest_egg * 100) / 100;

$apr / 100 is the interest rate, and ($apr / 100) * $nest_egg is the amount of interest earned in one year. This line uses the int() function, which returns the integer value of a scalar (its value after any fractional part has been stripped off). We use int() here because when you multiply, for example, 10925 by 9.25%, the result is 1010.5625, which we must round off to 1010.56. To do this, we multiply by 100, yielding 101056.25, use int() to throw away the leftover fraction, yielding 101056, and then divide by 100 again, so that the final result is 1010.56. Try stepping through this statement yourself to see just how we end up with the correct result, rounded to cents.

Simple Perl Programme

Perl Tutorial: A basic program

Here is the basic perl program that we'll use to get started.

# Program to do the obvious
print 'Hello world.'; # Print a message
Each of the parts will be discussed in turn.

The first line

Every perl program starts off with this as its very first line:
although this may vary from system to system. This line tells the machine what to do with the file when it is executed (ie it tells it to run the file through Perl).

Comments and statements

Comments can be inserted into a program with the # symbol, and anything from the # to the end of the line is ignored (with the exception of the first line). The only way to stretch comments over several lines is to use a # on each line.

Everything else is a Perl statement which must end with a semicolon, like the last line above.

Simple printing

The print function outputs some information. In the above case it prints out the the literal string Hello world. and of course the statement ends with a semicolon.

You may find the above program produces an slightly unexpected result. So the next thing to do is to run it.

Perl Functions

* abs - absolute value function
* accept - accept an incoming socket connect
* alarm - schedule a SIGALRM
* atan2 - arctangent of Y/X in the range -PI to PI
* bind - binds an address to a socket
* binmode - prepare binary files for I/O
* bless - create an object
* caller - get context of the current subroutine call
* chdir - change your current working directory
* chmod - changes the permissions on a list of files
* chomp - remove a trailing record separator from a string
* chop - remove the last character from a string
* chown - change the owership on a list of files
* chr - get character this number represents
* chroot - make directory new root for path lookups
* close - close file (or pipe or socket) handle
* closedir - close directory handle
* connect - connect to a remote socket
* continue - optional trailing block in a while or foreach
* cos - cosine function
* crypt - one-way passwd-style encryption
* dbmclose - breaks binding on a tied dbm file
* dbmopen - create binding on a tied dbm file
* defined - test whether a value, variable, or function is defined or not
* delete - deletes a value from a hash
* die - raise an exception or bail out
* do - turn a BLOCK into a TERM
* dump - create an immediate core dump
* each - retrieve the next key/value pair from a hash
* endgrent - be done using group file
* endhostent - be done using hosts file
* endnetent - be done using networks file
* endprotoent - be done using protocols file
* endpwent - be done using passwd file
* endservent - be done using services file
* eof - test a filehandle for its end
* eval - catch exceptions or compile and run code
* exec - abandon this program to run another
* exists - test whether a hash key is present
* exit - terminate this program
* exp - raise I to a power
* fcntl - file control system call
* fileno - return file descriptor from filehandle
* flock - lock an entire file with an advisory lock
* fork - create a new process just like this one
* format - declare a picture format with use by the write() function
* formline - internal function used for formats
* getc - get the next character from the filehandle
* getgrent - get next group record
* getgrgid - get group record given group user ID
* getgrnam - get group record given group name
* gethostbyaddr - get host record given its address
* gethostbyname - get host record given name
* gethostent - get next hosts record
* getlogin - return who logged in at this tty
* getnetbyaddr - get network record given its address
* getnetbyname - get networks record given name
* getnetent - get next networks record
* getpeername - find the other end of a socket connection
* getpgrp - get process group
* getppid - get parent process ID
* getpriority - get current nice value
* getprotobyname - get protocol record given name
* getprotobynumber - get protocol record numeric protocol
* getprotoent - get next protocols record
* getpwent - get next passwd record
* getpwnam - get passwd record given user login name
* getpwuid - get passwd record given user ID
* getservbyname - get services record given its name
* getservbyport - get services record given numeric port
* getservent - get next services record
* getsockname - retrieve the sockaddr for a given socket
* getsockopt - get socket options on a given socket
* glob - expand filenames using wildcards
* gmtime - convert UNIX time into record or string using Greenwich time format.
* goto - create spaghetti code
* grep - locate elements in a list test true against a given criterion
* hex - convert a string to a hexadecimal number
* import - patch a module's namespace into your own
* index - find a substring within a string
* int - get the integer portion of a number
* ioctl - system-dependent device control system call
* join - join a list into a string using a separator
* keys - retrieve list of indices from a hash
* kill - send a signal to a process or process group
* last - exit a block prematurely
* lc - return lower-case version of a string
* lcfirst - return a string with just the next letter in lower case
* length - return the number of bytes in a string
* link - create a hard link in the filesytem
* listen - register your socket as a server
* local - create a temporary value for a global variable (dynamic scoping)
* localtime - convert UNIX time into record or string using local time
* lock - get a thread lock on a variable, subroutine, or method
* log - retrieve the natural logarithm for a number
* lstat - stat a symbolic link
* m - match a string with a regular expression pattern
* map - apply a change to a list to get back a new list with the changes
* mkdir - create a directory
* msgctl - SysV IPC message control operations
* msgget - get SysV IPC message queue
* msgrcv - receive a SysV IPC message from a message queue
* msgsnd - send a SysV IPC message to a message queue
* my - declare and assign a local variable (lexical scoping)
* next - iterate a block prematurely
* no - unimport some module symbols or semantics at compile time
* oct - convert a string to an octal number
* open - open a file, pipe, or descriptor
* opendir - open a directory
* ord - find a character's numeric representation
* our - declare and assign a package variable (lexical scoping)
* pack - convert a list into a binary representation
* package - declare a separate global namespace
* pipe - open a pair of connected filehandles
* pop - remove the last element from an array and return it
* pos - find or set the offset for the last/next m//g search
* print - output a list to a filehandle
* printf - output a formatted list to a filehandle
* prototype - get the prototype (if any) of a subroutine
* push - append one or more elements to an array
* q - singly quote a string
* qq - doubly quote a string
* qr - Compile pattern
* quotemeta - quote regular expression magic characters
* qw - quote a list of words
* qx - backquote quote a string
* rand - retrieve the next pseudorandom number
* read - fixed-length buffered input from a filehandle
* readdir - get a directory from a directory handle
* readline - fetch a record from a file
* readlink - determine where a symbolic link is pointing
* readpipe - execute a system command and collect standard output
* recv - receive a message over a Socket
* redo - start this loop iteration over again
* ref - find out the type of thing being referenced
* rename - change a filename
* require - load in external functions from a library at runtime
* reset - clear all variables of a given name
* return - get out of a function early
* reverse - flip a string or a list
* rewinddir - reset directory handle
* rindex - right-to-left substring search
* rmdir - remove a directory
* s - replace a pattern with a string
* scalar - force a scalar context
* seek - reposition file pointer for random-access I/O
* seekdir - reposition directory pointer
* select - reset default output or do I/O multiplexing
* semctl - SysV semaphore control operations
* semget - get set of SysV semaphores
* semop - SysV semaphore operations
* send - send a message over a socket
* setgrent - prepare group file for use
* sethostent - prepare hosts file for use
* setnetent - prepare networks file for use
* setpgrp - set the process group of a process
* setpriority - set a process's nice value
* setprotoent - prepare protocols file for use
* setpwent - prepare passwd file for use
* setservent - prepare services file for use
* setsockopt - set some socket options
* shift - remove the first element of an array, and return it
* shmctl - SysV shared memory operations
* shmget - get SysV shared memory segment identifier
* shmread - read SysV shared memory
* shmwrite - write SysV shared memory
* shutdown - close down just half of a socket connection
* sin - return the sine of a number
* sleep - block for some number of seconds
* socket - create a socket
* socketpair - create a pair of sockets
* sort - sort a list of values
* splice - add or remove elements anywhere in an array
* split - split up a string using a regexp delimiter
* sprintf - formatted print into a string
* sqrt - square root function
* srand - seed the random number generator
* stat - get a file's status information
* study - optimize input data for repeated searches
* sub - declare a subroutine, possibly anonymously
* substr - get or alter a portion of a stirng
* symlink - create a symbolic link to a file
* syscall - execute an arbitrary system call
* sysopen - open a file, pipe, or descriptor
* sysread - fixed-length unbuffered input from a filehandle
* sysseek - position I/O pointer on handle used with sysread and syswrite
* system - run a separate program
* syswrite - fixed-length unbuffered output to a filehandle
* tell - get current seekpointer on a filehandle
* telldir - get current seekpointer on a directory handle
* tie - bind a variable to an object class
* tied - get a reference to the object underlying a tied variable
* time - return number of seconds since 1970
* times - return elapsed time for self and child processes
* tr - transliterate a string
* truncate - shorten a file
* uc - return upper-case version of a string
* ucfirst - return a string with just the next letter in upper case
* umask - set file creation mode mask
* undef - remove a variable or function definition
* unlink - remove one link to a file
* unpack - convert binary structure into normal perl variables
* unshift - prepend more elements to the beginning of a list
* untie - break a tie binding to a variable
* use - load in a module at compile time
* utime - set a file's last access and modify times
* values - return a list of the values in a hash
* vec - test or set particular bits in a string
* wait - wait for any child process to die
* waitpid - wait for a particular child process to die
* wantarray - get void vs scalar vs list context of current subroutine call
* warn - print debugging info
* write - print a picture record
* -X - a file test (-r, -x, etc)
* y - transliterate a string<

Linux Firewalls: Attack Detection and Response

Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

Author: Michael Rash
Paperback: 336 pages
Publisher: No Starch Press (September 15, 2007)
Language: English
ISBN-10: 1593271417
ISBN-13: 978-1593271411
Format: pdf

System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.
Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.
Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:
Passive network authentication and OS fingerprinting
iptables log analysis and policies
Application layer attack detection with the iptables string match extension
Building an iptables ruleset that emulates a Snort ruleset
Port knocking vs. Single Packet Authorization (SPA)
Tools for visualizing iptables logs
Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables-along with psad and fwsnort-to detect and even prevent compromises.


Cleaero Theme for Windows Vista

Cleaero Theme for Windows Vista
RAR | 5,9 MB

For Windows Vista ONLY
Blue Orb with white flag - Blue progress bars - Auto-hidden black FolderBand
Softer shadows - Smaller grippers - Clear Taskbar, Start Menu & window borders
Clear maximized TitleBar with black text & Enhanced white glow = Cleaero

The zip file contains 4 versions: The default version (auto-hidden FolderBand),
one with FolderBand, a version without FolderBand and a Medium Taskbar version.

Modified minimize/maximize/close buttons
Enhanced white glow for better readability
Modified hidden FolderBand Highlight
Modified Start Orb (more blue)
Added Medium Taskbar version
Added version without FolderBand
Added version with normal FolderBand


SL Cops

1. A single Cop, CANNOT stop you on the road !
(it's prohibited and you are not suppose to Stop either !)

2. A single cop CANNOT seize your driving license !

3. Only a 'traffic control' cop has the authority to request
anything MORE than your NIC when you are behind wheels.

4. A single traffic cop NEVER can press charges against you.

5. That's why you always find 'two' cops together

6. Police is a peace controlling force. NOT AN ARMED FORCE !!!
They are prohibited by LAW to carry anything more than a BATON !
(but due to the prevailing WAR, they are issued Guns by a supreme
court ruling,till the war ENDS)

7. So, if a Cop pulls a gun on you, YOU CAN sue him !!!

8. If a COP claims that you are drunk, you have the FULL right
to ask for a 'balloon test', if they DO NOT HAVE it in
their possession on the time of your request, you can GO.

9. Only Traffic Cops have the RIGHT to stop any moving
vehicle. (that's why you find at least 1 normal cop in
every checkpoint even though they are manned by Army)

PREMISES without a court Order. You have the
FULLEST right ASK for it, if they try to enter and also
DENY their entrance if you 'feel' like it.

11. A traffic cop CANNOT seize your driving license UNTIL he
fully states the crime you have committed and the relating
penal code violation. If he is unsuccessful in stating
them, you can go free

12. If a traffic cop seizes your license by force and ask you
to come to the police station to collect it. DO NOT GO !
Lodge a complain directly to Police commission or the
'Provincial IGP', YOU can get the cop SACKED for his
misconduct and unruly behaviour.

13. (for girls), If a COP asks for your Identifications and
(if you think he's doing it on purpose to harass you)

you CAN deny his request. He
cannot arrest you ! you have the RIGHT to request for a
Female Police officer.

14. (for Girls) If you are asked to be Body checked, it's your
right to get it done by a female cop. If they don't have
one in present, DENY their action.