Monday, June 27, 2016

Fedora 24, Vibrancy-Kali Linux Icon



You can get Vibrancy-Kali icons to Fedora 24 Gnome 3.20.2.
Run Kali Linux in Gnome Box or VM and Copy the Folder Vibrancy-Kali from /usr/share/icons/ to USB Stick.

Copy The folder Vibrancy-Kali from USB to User Folder ~/.local/share/icons/

Now Install Tweak Tool :
dnf install gnome-tweak-tool
or Run : 
gsettings set org.gnome.desktop.interface icon-theme 'Vibrancy-Kali'


To Install Arc-theme follow this :

Thanks..


What's Cookies?

A cookie is a small piece of data sent by a website to your browser. It helps the website to remember information about your visit, like your country and other settings. That can make your next visit easier and the site more useful to you.
We use cookies on some (but not all) pages to deliver personalized content or to tailor our information offerings or responses according to the way you use the site, and/or your current context on the site. We do not use cookies to gather or transmit any personally identifiable information about you.

Advanced SSH Tutorial


Generate a new stronger key :
$~: sudo ssh-keygen -b 4096
If it asks you to overwrite existing key, answer “yes”.
create the keys dir:

$~: sudo mkdir ~/.ssh/keys
In our setup we have one folder for each server, but you could just store all the keys in one folder, it makes no difference.
Generate new keys for each server you want to connect to Server1 :

$~: sudo ssh-keygen -b 4096 -C "server1"
Change the location of where the key is saved.
Enter file in which to save the key (~/.ssh/id_rsa): ~/.ssh/keys/server1
check that the keys where generated.
$~: ls ~/.ssh/keys
Create a config file for the ssh hosts and add :
$~: sudo nano /home/testuser/.ssh/config
# server1
Host server1
Hostname 192.168.1.113
User user1
IdentityFile ~/.ssh/keys/server1
Change permissions of the keys dir
$~: sudo chmod -R 600 ~/.ssh/keys/
Connect to the remote server
Now you’re all set to connect to the remote server, but as we have done the setup with keys, there are just a few more things we have to configure on the remote server. But for now, at least the aliases should work. To login you simply just type

$~: ssh server1
you will have to type user1 password the first time, we need to copy server1.pub contant to server1 in authorized_keys file, in my PC :
$~: cat ~/.ssh/keys/server1.pub
Connect to your remote server1 and type the user1 password.
$~: ssh server1
open the authorized_keys file and copy the contant of server1.pub
$~: vi ~/.ssh/authorized_keys
Paste the content from step 11 to server1 authorized_keys. To insert, press [SHIFT+i] to exit and save press [ESC] and type [:wq!], Exit remote server and test you new config.
$~: exit
Try connect to server1, this time will not ask for password.
If this works without having to enter a password you can go ahead with next step, if it doesn’t work – fix the issue first. Next step will lock you out of your system if the key is wrong.

$~: vi /etc/ssh/sshd_config
Don’t allow passwords, look for this row.
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no
This will disallow to login with password, and only accept keys for better security.
save and exit.

Docker, My Simple Tutorial

Install Docker Engine on Fedora Linux is simple just type :
$ dnf install docker
Download Images from Canonical it's small size, just "50MB" :
https://partner-images.canonical.com/core/xenial/current/
or From Fedora :
https://getfedora.org/en/cloud/download/docker.html
Import the Ububtu Image to Docker :
$ cat ubuntu-xenial-core-cloudimg-amd64-root.tar.gz | docker import - ubuntu/16.04
Import the Fedora Image to Docker :
docker load -i Fedora-Docker-Base-24-1.2.x86_64.tar.xz
Check Docker Images:
$ docker images
Run Impoerted Image with Specifice name :
$ docker run --name=server0 -it ubuntu/16.04 /bin/bash
Add what you want to the container with "apt-get" and type exit.
Check the container :

$ docker ps -a
Now we must Save the changes to Image :
$ docker commit -m "Added Apache2,PHP" -a "MiBellil" server0 ubuntu/16.04:v2
(((or)))
$ docker commit server0 ubuntu/16.04:v2
Check Docker Images :
$ docker images
To run/attach/stop the Container type :
$ docker start server0
$ docker attach server0
$ docker stop server0
Read Log Data in the Container :
$ docker logs server0
Run the Image in Background :
$ docker run -itd ubuntu/16.04 /bin/bash
One liner to stop / remove all of Docker containers:
$ docker stop $(docker ps -a -q)
$ docker rm $(docker ps -a -q)
The container can use as much memory as it needs. The memory reservation setting ensures the container doesn’t consume too much memory for long time, because every memory reclaim shrinks the container’s consumption to the reservation.

By default, kernel kills processes in a container if an out-of-memory (OOM) error occurs. To change this behaviour, use the --oom-kill-disable option. Only disable the OOM killer on containers where you have also set the -m/--memory option. If the -m flag is not set, this can result in the host running out of memory and require killing the host’s system processes to free memory.
The following example limits the memory to 100M and disables the OOM killer for this container:
$ docker run -it -m 100M --oom-kill-disable ubuntu:14.04 /bin/bash
The following example, illustrates a dangerous way to use the flag:
$ docker run -it --oom-kill-disable ubuntu:14.04 /bin/bash
The container has unlimited memory which can cause the host to run out memory and require killing system processes to free memory.

Difference between save and export
A Docker image can be saved to a tarball and loaded back again. This will preserve the history of the image.
# save the image to a tarball
docker save <IMAGE NAME> > /home/save.tar
# load it back
docker load < /home/save.tar

A Docker container can be exported to a tarball and imported back again. This willnot preserve the history of the container.
# export the container to a tarball
docker export <CONTAINER ID> > /home/export.tar
# import it back
cat /home/export.tar | docker import - some-name:latest

Thursday, June 23, 2016

Network Monitor (Simple Commands)

I Use netstat command :
watch -n1 'netstat -nut | grep "ESTABLISHED"'
and sometimes i use ss commad  :
watch -t -n1 -x ss -tp
at the end check this folder by using cat :
cat /proc/net/

Wednesday, June 22, 2016

Lesson Never Get It (C)

IRC Channel :

<Sebastian> The * is significant. I have told you this before.
<Sebastian> MiB: What is sizeof (char)? What is sizeof "Command"? From the answer to these two questions, can you say that "Command" is a char?
<MiB> Sebastian, wow is it sizeof ?? thing
<Sebastian> MiB: Argument 2 needs to be something like "Command", which is not an int, not a char... It is something else.
<Sebastian> ,cc sizeof (char)
<candide> Sebastian: no output: sizeof(char) = 1
<MiB> Sebastian, okay not "int" not "char"
<Sebastian> MiB: { sizeof "Command" }
<candide> MiB: no output: sizeof "Command" = 8
<Sebastian> The error message tells you something about 'char *'... Let's see if that might work?
<Sebastian> MiB: { char *cmd = "Command"; sizeof cmd }
<candide> MiB: no output: sizeof cmd = 8; cmd = 0x4020c4 "Command"
<Sebastian> MiB: { char *cmd = "A different sized command"; sizeof cmd /* Coincidentally, the size was the same this time. Be careful with that one. Don't say you weren't warned. */ }
<candide> MiB: no output: cmd = 0x4020b0 "A different sized command" 

Thursday, June 9, 2016

Zombie Scanning

It is possible to identify the  open ports on a target system without ever  giving that system any indication that you interacted with it. This extremely stealthy form of scanning is referred to as zombie scanning and can only be performed if another system exists on the network that has low network activity and incremental IPID sequencing.

Sunday, June 5, 2016

SSH Password-less Login - Using Key Authentication

You can login to a remote Linux server without entering password, using ssh-keygen and ssh-copy-id as explained in this article.

ssh-keygen creates the public and private keys. ssh-copy-id copies the local-host’s public key to the remote-host’s authorized_keys file. ssh-copy-id also assigns proper permission to the remote-host’s home, ~/.ssh, and ~/.ssh/authorized_keys.

Create public and private keys using ssh-key-gen on local-host.

$~: sudo ssh-keygen -b 4096

Copy the public key to remote-host using ssh-copy-id.

$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host

Done..

Alternative IP Configurations


To make a secondary ip address (so that we can reach another network for example) we need to make an alias interface.
ifconfig eth0:0 10.10.10.5 netmask 255.255.255.0 broadcast 10.10.10.255
That's it.

To get rid of it.
ifconfig eth0:0 down

Saturday, June 4, 2016

Terminal with Powerline



By default, the shell plugin gives you plenty of helpful data:

  • Login name
  • Local time
  • Current working directory or path. The path is condensed automatically when it grows longer than the terminal width.
  • The number of active background jobs
  • The hostname, when you connect via SSH to a remote system where powerline is installed
This saves you a lot of twiddling with your shell environment and complex scripting! To install the utility, open a terminal and run this command:
sudo dnf install powerline
The rest of these instructions assume you’re using Fedora’s standard bash shell. If you’re using a different shell, check out the documentation for tips.
Next, configure your bash shell to use powerline by default. Add the following snippet to your ~/.bashrc file:
if [ -f `which powerline-daemon` ]; then           powerline-daemon -q           POWERLINE_BASH_CONTINUATION=1           POWERLINE_BASH_SELECT=1           . /usr/share/powerline/bash/powerline.sh fi
Done.


Note : Source

Back To DOS "Norton Commander"

Norton Commander

Norton Commander for Linux just install :
mc.i686 : User-friendly text console file manager and visual shell

In Fedora just run :
dnf install mc



Friday, June 3, 2016

Copy/Backup SD CARD IMAGE and watch progress (very nice alternative to dd)

Here we'll guide you through some copy/backup techniques for your Raspberry Pi system.
Install dc3dd in Fedora 22/23/24 use :
dnf install dc3dd

Install dc3dd on Debian 8 (Jessie) :
sudo apt-get update
sudo apt-get install dc3dd
Run df -h to see what devices are currently mounted.
To Copy the Image to SD CARD run :

dc3dd if=2016-05-27-raspbian-jessie.img of="memoryCard"
To Backup the SD CARD To a File run :
dc3dd of="memoryCard" if=2016-05-27-raspbian-jessie.img
dc3dd in Action :

root@kali:~# dc3dd
dc3dd 7.1.614 started at 2016-06-03 21:48:01 +0200
compiled options:
command line: dc3dd
sector size: 512 bytes (assumed)35 bytes (35) copied (??%), 6.31331 s, 0 K/s
input results for file `stdin':
     0 sectors + 35 bytes in
output results for file `stdout':
     0 sectors + 35 bytes out
dc3dd completed at 2016-06-03 21:48:08 +0200

UTF8 encoded PHP strlen()

I want to share something seriously important for newbies or beginners of PHP who plays with strings of UTF8 encoded characters or the languages like: Arabic, Persian, Pashto, Dari, Chinese (simplified), Chinese (traditional), Japanese, Vietnamese, Urdu, Macedonian, Lithuanian, and etc.
As the manual says: "strlen() returns the number of bytes rather than the number of characters in a string.", so if you want to get the number of characters in a string of UTF8 so use mb_strlen() instead of strlen().

Example:

<?php
// the Arabic (Hello) string below is: 59 bytes and 32 characters
$utf8 = "السلام علیکم ورحمة الله وبرکاته!";

var_export( strlen($utf8) ); // 59
echo "<br>";
var_export( mb_strlen($utf8, 'utf8') ); // 32
?>

Python Mechanize Cheat Sheet


A very useful python module for navigating through web forms is Mechanize.
In a previous post I wrote about "Browsing in Python with Mechanize".
Today I found this excellent cheat sheet on scraperwiki that I would like to share.
Create a browser object and give it some optional settings.
import mechanize
br = mechanize.Browser()
br.set_all_readonly(False) # allow everything to be written to
br.set_handle_robots(False) # ignore robots
br.set_handle_refresh(False) # can sometimes hang without this
br.addheaders = # [('User-agent', 'Firefox')]
Open a webpage and inspect its contents
response = br.open(url)
print response.read() # the text of the page
response1 = br.response() # get the response again
print response1.read() # can apply lxml.html.fromstring()
Using formsList the forms that are in the page
for form in br.forms():
  print "Form name:", form.name
  print form
To go on the mechanize browser object must have a form selected
br.select_form("form1") # works when form has a name
br.form = list(br.forms())[0] # use when form is unnamed
Using Controls
Iterate through the controls in the form.
for control in br.form.controls:
  print control
  print "type=%s, name=%s value=%s" % (control.type, control.name,br[control.name])
Controls can be found by name
control = br.form.find_control("controlname")
Having a select control tells you what values can be selected
if control.type == "select": # means it's class ClientForm.SelectControl
  for item in control.items:
    print " name=%s values=%s" % (item.name, str([label.text for label in item.get_labels()]))
Because 'Select' type controls can have multiple selections, they must be set with a list, even if it is one element.
print control.value
print control # selected value is starred
control.value = ["ItemName"]
print controlbr[control.name] = ["ItemName"] # equivalent and more normal
Text controls can be set as a string
if control.type == "text": # means it's class ClientForm.TextControl
  control.value = "stuff here"
br["controlname"] = "stuff here" # equivalent
Controls can be set to readonly and disabled.
control.readonly = False
control.disabled = True
OR disable all of them like so
for control in br.form.controls:
 if control.type == "submit": control.disabled = True
Submit the formWhen your form is complete you can submit
response = br.submit()
print response.read()
br.back() # go back
Finding LinksFollowing links in mechanize is a hassle because you need the have the link object.
Sometimes it is easier to get them all and find the link you want from the text.

for link in br.links():
 print link.text, link.url
Follow link and click links is the same as submit and click
request = br.click_link(link)
response = br.follow_link(link)
print response.geturl()
I hope that you got more understanding of the Mechanize module in Python.

Browsing in Python with Mechanize

Browsing with Mechanize

The mechanize module in Python is similar to perl WWW:Mechanize.
It gives you a browser like object to interact with web pages.
Here is an example on how to use it in a program.
import mechanize
br = mechanize.Browser()
br.open("http://www.example.com/")
# Follow second link with element text matching regular expression
response1 = br.follow_link(text_regex=r"cheeses*shop", nr=1)
assert br.viewing_html()
print br.title()
print response1.geturl()
print response1.info()  # headers
print response1.read()  # body
To get the response code from a website, you can the response.code
from mechanize import Browser
browser = Browser()
response = browser.open('http://www.google.com')
print response.code
Get all forms from a website
import mechanize
br = mechanize.Browser()
br.open("http://www.google.com/")
for f in br.forms():
    print f
I found this post at http://stockrt.github.com that very accurate describes how
to emulate a browser in Python using mechanize.
Browsing with Python (written of Drew Stephens)
#!/usr/bin/python
import re
from mechanize import Browser
br = Browser()
# Ignore robots.txt
br.set_handle_robots( False )
# Google demands a user-agent that isn't a robot
br.addheaders = [('User-agent', 'Firefox')]
# Retrieve the Google home page, saving the response
br.open( "http://google.com" )
# Select the search box and search for 'foo'
br.select_form( 'f' )
br.form[ 'q' ] = 'foo'
# Get the search results
br.submit()
# Find the link to foofighters.com; why did we run a search?
resp = None
for link in br.links():
    siteMatch = re.compile( 'www.foofighters.com' ).search( link.url )
    if siteMatch:
        resp = br.follow_link( link )
        break
Print the site
content = resp.get_data()
print content
The script above is split up to make it easier to read

Useful PHP Functions and Features You Need to Know



Functions with Arbitrary Number of Arguments

let's see how we can build a function that accepts any number of arguments. This time we are going to utilize func_get_args():
use $args = func_get_args(); inside the function.

Using Glob() to Find Files

Think of it like a more capable version of the scandir() function. It can let you search for files by using patterns.
// get all php files
$files = glob('*.php');
print_r($files);
/* output looks like:
Array
(
[0] => phptest.php
[1] => pi.php
[2] => post_output.php
[3] => test.php
)
*/

Memory Usage Information

can use the memory_get_usage() function, and to get the highest amount of memory used at any point, we can use the memory_get_peak_usage() function.

CPU Usage Information

For this, we are going to utilize the getrusage() function. Keep in mind that this is not available on Windows platforms.
print_r(getrusage());
That may look a bit cryptic unless you already have a system administration background. Here is the explanation of each value (you don't need to memorize these):
ru_oublock: block output operations
ru_inblock: block input operations
ru_msgsnd: messages sent
ru_msgrcv: messages received
ru_maxrss: maximum resident set size
ru_ixrss: integral shared memory size
ru_idrss: integral unshared data size
ru_minflt: page reclaims
ru_majflt: page faults
ru_nsignals: signals received
ru_nvcsw: voluntary context switches
ru_nivcsw: involuntary context switches
ru_nswap: swaps
ru_utime.tv_usec: user time used (microseconds)
ru_utime.tv_sec: user time used (seconds)
ru_stime.tv_usec: system time used (microseconds)
ru_stime.tv_sec: system time used (seconds)

Magic Constants

PHP provides useful magic constants for fetching the current line number (__LINE__), file path (__FILE__), directory path (__DIR__), function name (__FUNCTION__), class name (__CLASS__), method name (__METHOD__) and namespace (__NAMESPACE__).

Generating Unique ID's

There may be situations where you need to generate a unique string. I have seen many people use themd5() function for this, even though it's not exactly meant for this purpose:
// generate unique string
echo md5(time() . mt_rand(1,1000000));
There is actually a PHP function named uniqid() that is meant to be used for this.
echo uniqid('bar_',true);
/* prints bar_4bd67da367b650.43684647*/

Compressing Strings

When talking about compression, we usually think about files, such as ZIP archives. It is possible to compress long strings in PHP, without involving any archive files.

In the following example we are going to utilize the gzcompress() and gzuncompress() functions.

// gzcompress a string
$compressed = gzcompress('Compress me', 9);
echo $compressed."<br />";
// gzuncompress a string
$uncompressed = gzuncompress($compressed);
echo $uncompressed."<br />";
?>



Wednesday, June 1, 2016

Browse Offline with Google Chrome and Mozilla Firefox


How to browse offline with Firefox

Click on Firefox's menu, select "Developer", and we will find the Work Offline option.


How to browse offline with Chrome

we need to click on the language bar and type:
chrome://flags/#show-saved-copy
We set it as "Enable: Primary", and click on the "Relaunch Now".

My (Secret & Mystery) Message

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

hQEMAzdqikpE8dcCAQf7BnxjSNA4hF5lv6UvPsTtH0ozUrtGvtTYhhU5xvwddsEQ
ru5CULKCmQYOFwTGf4ypDo2WIuWWtnt2a4vTpZLjkaR3t+H8qUBfrM755uNgCaQE
HXwBAcIOIfFCWGShRmaTuRaI52Bd4fJmRbOBVZZm0Li2Kq0FFEVCqFMTidddqjjT
mXTprm1kDJmMUNza1wv44Nzo8vRuH14QjzVCSm4E08Xf2PjmG3T1xO/qdhszch5w
8KjZUOZOeI4CfGwcKp48wQaT/V12XxSYu6Wc/HxgvWcM/aQhUExGcjRPhb7OtYoT
xUiHTvmhoOypicc9HNz+VOudL9R+WC/UsM1+ocsrvdLBKQGdMdoaKpOguoBm7GoP
ORCpABBdotmuuBdXDfU7LL1TzY6ZEg+fYW+Bg88ryHsu3Sk32KALcpApoQ7xqG1B
PgLUyGdtZjdOM8cA5qNJoqEZ2HwPOpI2/BD3vz+NdgwTVMq3xXXAM5tVCbHP4t4X
RDVs65ljl51UUdLtpxbI4jW2UwOG/je7yhzIPeBkuj7hZQZn+I5xNk5wMZsFH0lp
WgVdtrE7Z22ckEwt4ZkikYHdxfEfn68HW6PqVLGaIVeNM2iHjqA6mllbSCvIkt47
5dVv2NtX3TKO4VNBKGOpsbwJiBZ+NHKH6qLLLjYiBqCXd9a0hV3i3iBjjXwbnczF
bQjFVwG00/KF08ojNVhsPQG9oYX9E1bpxDsmHGaSURwDt2pbkGYZiLI78cv83/8w
jeaXkHwPeWAecQrNlm4BYzXFccT5eoE5ldtbnT+UHhNpKiar0la4T04Gsp+1cUdy
HKCIPEVWe2ChJNH+pIXs/kFRuvwVjLcToOmna0xnN3ytGNWREhr+Uj/lvA9k6O2f
+/Skf4yG7Lq2pSdMtKEqpVaDkrri6bY0KY5yt5iK+b3cIbh4XDJ+ukMQX+E3r4a2
i8vROdm5cLXBxSBh1///+Nf4PpGmB5NroDPhbi+oYCMtp7qcAYR+sJfHPg==
=OvNx
-----END PGP MESSAGE-----