Monday, November 18, 2013

Copying SAM and SYSTEM hives (Or locked files) from a running system by directly dumping sectors.

My Kali installation did not have a copy of fgdump.exe, therefore while googling to download fgdump utility for a friend who is currently doing PWB from offensive security,  I stumbled upon a post which mentioned about dumping the sectors occupied by a file in order to copy a locked file from file system.

Thanks to my fat fingers.

http://www.codeproject.com/Articles/32169/FDump-Dumping-File-Sectors-Directly-from-Disk-usin

One needs to have administrative privileges on system in order to achieve this but using this, the local SAM and SYSTEM hive can be copied from a running system without a need to reboot the system using linux bootable cd to free file locks.

The author Armen Hakobyan explains the implementation nicely with all the source codes listed. The list also holds a precompiled binary for 32 bit OS which is compatible with windows 7 as a demo project. 64 bit version can be compiled from sources.

Fdump-demo.exe binary in action.



FDUMP in Action.




Sunday, March 17, 2013

Installing Teamviewer 8 on Kali 64bit (Debian)

Installing Teamviewer 64bit on Kali OS.

While I was trying to install Teamviewer on my 64 bit Kali OS install,I ran into some missing dependencies. One of them was a i386 package, which cannot be installed on 64 bit unless multiple architecture support is enabled in your Install.
For this we first allow i386 to be installed as a multiarch.

root@kali:/home/dhakkan/Downloads# dpkg --add-architecture i386

Now we need to update our repositories.


root@kali:/home/dhakkan/Downloads# apt-get update

Now we can deploy i386 packages on 64 bit as multiarch

Now time to install the package.

dhakkan@kali:~/Downloads$ sudo dpkg -i teamviewer_linux_x64.deb

You will get errors for unmet dependency which can be installed by using following command

dhakkan@kali:~/Downloads$ sudo apt-get install -f

and it should be good to go.

Thursday, February 28, 2013

Double Query Injections: Writeup

DOUBLE QUERY SQL INJECTIONS OR SUBQUERY SQL INJECTIONS

Continuing from my last writeup, discussing about the basics of SQL INJECTIONS, its classifications, and how to approach them during a pen test, in this article I have tried to cover the concepts of double query injections. What they are and how they work behind the scene for MYSQL database.

You can follow up the article at infosec institute site at following link http://resources.infosecinstitute.com/double-query-injections-demystified/

Less-5 and Less-6 are discussed in this writeup.

the first part of the series can be accessed at http://resources.infosecinstitute.com/sql-injections-introduction/

more writeups to follow......

Monday, January 7, 2013

Error Based injections: Writeup

SQL INJECTIONS: AN INTRODUCTION


Each one of us has a different way to learn and understand technical concepts. Therefore I thought of
adding text writeups for my SQLi LABS series to go along with the videos.

you can follow up the article on infosec intitute site at the following link. http://resources.infosecinstitute.com/sql-injections-introduction/

This covers theory of SQL injections, different types and  the basics of error based sql injections. Less-1, Less-2, Less-3 and Less-4 are discussed in the writeup.

more writeups to follow up.