Saturday, May 26, 2018

#pentest find passphrase on encrypted ssh private key

root@kali:/home/userx/.ssh# ssh2john id_rsa > id_rsa.jtr-hash

root@kali:/home/userx/.ssh# john id_rsa.jtr-hash
Using default input encoding: UTF-8
Loaded 1 password hash (SSH [RSA/DSA 32/32])
Press 'q' or Ctrl-C to abort, almost any other key for status
starwars         (id_rsa)
1g 0:00:00:00 DONE 2/3 (2018-05-26 22:00) 7.692g/s 96461p/s 96461c/s 96461C/s starwars
Use the "--show" option to display all of the cracked passwords reliably
Session completed

root@kali:/home/aokan/.ssh# john --show id_rsa.jtr-hash 
id_rsa:starwars

1 password hash cracked, 0 left

Thursday, May 3, 2018

Penetration Tester's Subdomain Enumeration Guide

https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6

Tuesday, May 1, 2018

curl Command Resume Broken Download

curl -C - url
OR
curl -L -O -C - url
OR
curl -L -o 'filename-here' -C - url

Kali Linux 2018.2 Release

Kali Linux - 2018.2 (Released 2018-04-30) View Issues ] 
=========================================
0004675[Tool Upgrade] Bloodhound v1.5.1 (sbrun) - resolved.
0004658[Kali Package Bug] Dradis fails to run (sbrun) - resolved.
0004656[Kali Package Bug] jsql injection not working even update new version - resolved.
0004608[Tool Upgrade] OWASP JoomScan Project update (sbrun) - resolved.
0004570[Kali Package Bug] Gnome NetworkManager OpenVPN immediately disconnecting (rhertzog) - resolved.
0004607[Kali Package Improvement] Make msfdb more verbose (g0tmi1k) - resolved.
0004632[Kali Package Improvement] Update Usage Examples of wpscan (g0tmi1k) - resolved.
0002329[New Tool Requests] Ropper v1.10.10 - Display info about files in different formats & find gadgets to build ROPs chains (sbrun) - resolved.
0004626[Tool Upgrade] Update ExploitDB-Papers (g0tmi1k) - resolved.
0004627[Tool Upgrade] Update ExploitDB-Bin-Sploits (g0tmi1k) - resolved.
0004325[Tool Upgrade] hashcat v4.0.0 available (sbrun) - resolved.
0004619[Tool Upgrade] Update SecLists v1.3 (g0tmi1k) - resolved.
0004554[Kali Package Improvement] Add Kali.Training to Firefox Bookmark (sbrun) - resolved.
0004606[Kali Package Improvement] Make openvas-* more verbose (g0tmi1k) - resolved.
0004603[Kali Package Improvement] Make beef-xss start/stop more verbose & menu updates (g0tmi1k) - resolved.
0004605[Kali Package Improvement] Make xplico start/stop more verbose & menu updates (g0tmi1k) - resolved.
0004604[Kali Package Improvement] Make dradis start/stop more verbose & menu updates (g0tmi1k) - resolved.
0004600[Tool Upgrade] burpsuite 1.7.32 available (sbrun) - resolved.
0004602[Kali Package Bug] inetsim pem key file is owned by root user - resolved.
0004560[Kali Package Bug] PROBLEM WITH INSTALLING XPLICO ON KALI LINUX (sbrun) - resolved.
0004532[Kali Package Bug] btscanner crashes with the "b" (brute force scan) option (sbrun) - resolved.
0004505[Kali Package Bug] arachni doesn't run with using sudo anymore - resolved.
0004542[General Bug] Kali desktop theme background doesn't work for 2560x1600 resolutions (sbrun) - resolved.
0004470[Tool Upgrade] Upgrade Burpsuite to 1.7.30 (sbrun) - resolved.
0004486[Tool Upgrade] reaver v1.6.4 released (muts) - resolved.
0004500[Tool Upgrade] pixiewps v1.4.2 released (sbrun) - resolved.
0004437[Kali Package Improvement] Responder - Add ./Tools/* into $PATH (sbrun) - resolved.
0000175[Kali Package Improvement] metasploit framework's pattern_create and offset (Add to $PATH) (g0tmi1k) - resolved.

[28 issues]

Kali Linux - 2018.1 (Released 2018-02-06) View Issues ] 
=========================================

Released 06 Feb 2018
https://www.kali.org/news/kali-linux-2018-1-release

0004384[General Bug] Sound / Audio issues. (sbrun) - resolved.
0004488[General Bug] Gnome Shell crash when you plug an USB device (rhertzog) - resolved.
0004499[New Tool Requests] Add ExploitDB-Bin-Sploit (Binary Exploits) (g0tmi1k) - resolved.
0004498[New Tool Requests] Add ExploitDB-Papers (g0tmi1k) - resolved.
0004469[Kali Package Bug] Remove skype4py once osrfamework no longer needs it (sbrun) - resolved.
0004459[General Bug] nm-applet segfaults when conneting to a VPN provider - resolved.
0004484[Tool Upgrade] Update dbeaver to 4.3.2 (sbrun) - resolved.
0004467[Kali Package Bug] Metasploit not starting (sbrun) - resolved.
0004476[Kali Package Bug] linux-headers package missing for i386 (it's there for amd64) - resolved.
0004454[Kali Package Bug] sparta fails to start because of qt4 (sbrun) - resolved.
0004463[General Bug] mitmproxy does not start (sbrun) - resolved.
0004460[Tool Upgrade] realtek-rtl88xxau-dkms needs upgrade (sbrun) - resolved.
0004359[Tool Upgrade] Update seclists Package to Latest Checkout (dookie) - resolved.
0004126[Kali Package Bug] Enum4Linux throws errors for users enumeration and Password Policy Information - resolved.
0004331[Kali Package Bug] Wifite should depend on net-tools (sbrun) - resolved.
0004432[General Bug] /usr/bin/geoip missing *.yml files (sbrun) - resolved.
0004422[General Bug] alfa awus036ach driver issue (sbrun) - resolved.
0003821[Kali Package Bug] polenum-0.2 inaccurately reports time values associated with password policies - resolved.
0003665[Kali Package Bug] Polenum not compatible with current python-impacket package included in Kali repos - resolved.
0004385[Tool Upgrade] pixiewps v1.4 released (sbrun) - resolved.
0000338[New Tool Requests] Add Airgraph-ng v2.0.1 - See the graphs Aircrack-ng creates (sbrun) - resolved.
0004360[Tool Upgrade] Update SSF (Secure Socket Funneling) to v3.0.0 (sbrun) - resolved.
0004371[Tool Upgrade] ZAP 2.7.0 is available (sbrun) - resolved.
0004376[General Bug] netboot fails when retrieving libc6-udev (rhertzog) - closed.
0004368[Kali Package Bug] Imporint glib (libc6-udeb) breaks current PXE install (rhertzog) - closed.