Monday, February 28, 2011

10 Things to do immediately after installing Ubuntu or XUbuntu 2011

1. Install Google Chrome

To install Google Chrome you can go to http://www.google.com/chrome and click Download Google Chrome Button and follow the downloading procedure.

or

Applications -> Ubuntu Software Center and Search for "Google Chrome" and you will get Google Chromium Web Browser as search result. Click "Install" to automatically get installed.

2. Install VLC

VLC player is the most downloaded and most distributions supported Video and Audio Player. And VLC supports many video and audio formats.

To download and install, open the terminal and write:

sudo apt-get install vlc

If terminal ask for a password type the root password. 
Note: When you write you will not see the password. 

3. Adobe Flash Player

To view most web pages online you must install Adobe Flash Player. Google Chrome has it's own Adobe Flash Player and you don't need to install Adobe Flash Player if you only use Google Chrome. But for Mozilla Firefox and other browsers you must install Adobe Flash Player.


To install, type in termianl:


sudo apt-get install flashplugin-nonfree

4. Install MPlayer.


Yet, another advanced but very simple video and audio player.


sudo apt-get install mplayer

and

sudo apt-get install w32codecs libdvdcss2

5.  Installing Unrar


sudo apt-get -y install unrar 

Friday, February 25, 2011

Django Basic Note

To create an application within a project, run the following command:

$ python manage.py startapp <app-name>

After writing a data model, the following command should be run to create the corresponding tables in the database:

$ python manage.py syncdb

To view the SQL queries generated by Django, issue the following command:

$ python manage.py sql <app-name>

Data models provide a variety of methods to interact with the database engine:

The objects.get method retrieves an object by a unique field
The objects.all method retrieves a list of all objects
The save method saves an object into the database
The delete method deletes an object from the database

To generate a Page not found (404) error, raise an exception of type Http404.




Thursday, February 17, 2011

Creating the main page view

A view in Django terminology is a regular Python function that responds to a page request by generating the corresponding page. To write our first Django view for the main page, we first need to create a Django application inside our project. You can think of an application as a container for views and data models. To create it, issue the following command within our django_working_directory folder:

$ python manage.py startapp <app_name>


After running this command, Django will create a folder named <app_name> inside the project folder with these three files:

• __init__.py: This file tells Python that <app_name> is a Python package
• views.py: This file will contain our views
• models.py: This file will contain our data models



Small Note On DJango

Django can be downloaded from the official Django website at
http://www.djangoproject.com/. Given that it is written in Python,
the same package works on all major operating systems.

To start a new Django project, issue the following command:
$ django-admin.py startproject <project-name>

To edit database information, edit settings.py of <project-name> folder.

To create database tables, issue the following command:
$ python manage.py syncdb


To start the development server, issue the following command:
$ python manage.py runserver


Django project settings are stored in the settings.py file. This file is a
regular Python source file that can be edited using any source code editor.
To change a variable, simply assign the desired value to it.

Wednesday, February 16, 2011

Installing Django on UNIX/Linux and Mac OS X

Installation instructions for all UNIX and Linux systems are the same. You need to run the following commands in the directory where the Django-x.xx.tar.gz archive is located. These commands will extract the archive and install Django for you:

$ tar xfz Django-x.xx.tar.gz
$ cd Django-x.xx
$ sudo python setup.py install

or in Debian Distributions,

$ sudo apt-get install python-django

You can test your installation by running this command:

$ django-admin.py --version

Wednesday, February 9, 2011

Ubuntu File User Access - PHP Programming

/var should stay chmod 755 and root:root. There is no reason to change /var.

For /var/www try:

chown -R myusername:www-data /var/www
chmod -R 755 /var/www
Make sure you keep this permissions when you create files. And you will probaby need to change some files to 775 on those that need to be written by apache2.

Important: Note that doing it this way, anybody who has access to your user account can modify the websites files.

Tuesday, February 8, 2011

.:Python Encryption and Storage:. | .:A Guide:.

Contents

  • Introduction
  • Encrypting
  • Storage
  • Making a *.pyc file
  • Single *.exe file
  • Closing
This is a guide to how to encrypt, or disguise, your text so people cannot read it, ways you can store information from a program for future use; and how to make your Python a single *.exe file.

There are many ways to hide data,

    * Encrypt the coding
    * Convert to a Python compiled file (*.pyc)
    * Convert to an *.exe file

Encrypting

The first is with the bz2 module. It comes native with Python, so you will not need any extra libraries. First you need to import it.
import bz2

Now, I will create a variable, and its contents will be the text I want to encrypt,

import bz2
x = raw_input("Enter Text To Encrypt:  ")

Now anything you enter in the raw_input will be stored in the local variable 'x'. The next bit of code does all the work. It encrypts your data and stores it into a variable.

import bz2
x = raw_input("Enter Text To Encrypt:  ")
y = bz2.compress(x)
That is it. Now the variable 'x' is encrypted and stored in the variable 'y'.

Here is an example. I will run this program and type 'Password' to be stored in the variable 'x'.




Now, you just need to make the text readable again. Use this code to decrypt it:

import bz2
x = raw_input("Enter Text To Encrypt:  ")
y = bz2.compress(x)
z= bz2.decompress(y)


Very simple. 4 Lines, and it can still be condensed if you need it to be!

There is one flaw in using this method, it is easily identified, as the encrypted text always begins with 'BZ'. Therefore, I have another method you can use.

This method works in quite the same way. You have to:

    * Import the module
    * Declare a variable that you want encrypted
    * Encrypt it

Here is the code for the second method:

import base64
x = raw_input("Enter Text To Encrypt:  ")
base64.b64encode(x)

Again, just 3 lines to encrypt it. Here is an example of how this one works:




As you can see, the text is not readable at all! Now to get it back to your text:
import base64
x = raw_input("Enter Text To Encrypt:  ")
y = base64.b64encode(x)
z = base64.b64decode(y)

4 lines. Very Very simple. If you do not just want to use 1, you CAN use both!

import base64, bz2
x = raw_input("Enter Text To Encrypt:  ")
y = base64.b64encode(x)
z = bz2.compress(x)
Now you can have a bit more security if you do not want your code released.


Storage


Many of you want to store information (or variables) from one program so another can use it later on. Well, the Pickle Module is great for that. It stores data in a way that only the Pickle Module can read. Pickle is great, but a faster version was created, cPickle. They work the same way, except that cPickle is fast. This module contains a faster reimplementation of the pickle module.

Here is how to load it:




import cPickle as pickle
If that does not work, you will have to use the native Pickle.





import pickle

Next, assign the text you want stored as a variable.

import cPickle as pickle
x = raw_input("Text you want stored:  ")


The next part may be a bit more complex than what you have read so far in this tutorial, so let me explain it,
    * The addition to the code above (see below) creates a new file, with the extension of *.p
    * It takes the variable 'x' and stores it in the file specified. If the file does not exist, it will be created in the current directory (unless specified otherwise).
    * The "w" means write. It will delete all contents of the *.p file specified and replace it with the information stored in variable 'x'. If you want to append data, use an "a" instead of "w".

import cPickle as pickle
x = raw_input("Text you want stored:  ")
pickle.dump(x, open("stored.p", "w"))
When you run this code, you will see the file 'stored.p' appear in the current directory. You will not be able to open it, it is used for pickle.
To read the information stored in the file, use the following code:
import cPickle as pickle
x = raw_input("Text you want stored:  ")
pickle.dump(x, open("stored.p", "w"))
y = pickle.load(open("stored.p"))
Note** I stored the loaded *.p file as 'y'.
This method is a great storage method. It is fast, and the *.p files cannot be read without pickle. It can also help to protect your code.
Making a *.pyc file
Many of you fear that if you leave your program as a *.py file, the source will be ripped, without credits. Well, another safety precaution is making it a *.pyc file. Automatically, a *.py file is created a a *.pyc the first time it is called upon (or imported).
So to create a *.pyc file, make a new file, and import the according *.py file you want converted to *.pyc.
Example:
I have a file, myCode.py, that I want as a *.pyc file. So I create a new file and type:
Save that file in the same directory as the *.py file you want converted.
Run it, and the program will now also be in *.pyc form!
Note** For those worried, you will still have the *.py file.
Also, you will have to delete the *.pyc everytime you want to update the *.py. You have to delete the *.pyc, close Python COMPLETELY. Then run it again with the updated features and it will make a new *.pyc. You will have to do this every time you update your program. Otherwise you will be like "I just fixed that! Why is it still doing the same thing?!" Single *.exe file ..............Tutorial on this available soon!

Monday, February 7, 2011

Executable Python Programs

$ chmod a+x helloworld.py
$ ./helloworld.py
Hello World
First, we have to give the program executable permission using the chmod command then run the source program.
The chmod command is used here to change the mode of the file by giving execute permission to all users of the system. Then, we execute the program directly by specifying the location of the source file. We use the ./ to indicate that the program is located in the current directory.

Sunday, February 6, 2011

Install tor in Ubuntu

Do not use the packages in Ubuntu's universe. They are unmaintained and out of date. That means you'll be missing stability and security fixes.

You'll need to set up our package repository before you can fetch Tor. First, you need to figure out the name of your distribution. A quick command to run is lsb_release -c. Here's a quick mapping:

Ubuntu 10.10 is "maverick"
Ubuntu 10.04 or Trisquel 4.0 is "lucid"
Ubuntu 9.10 or Trisquel 3.5 is "karmic"
Ubuntu 9.04 is "jaunty"
Ubuntu 8.10 is "intrepid"
Ubuntu 8.04 is "hardy"
Debian Etch is "etch"
Debian Lenny is "lenny"

Then add this line to your /etc/apt/sources.list file:
deb http://deb.torproject.org/torproject.org <DISTRIBUTION> main
where you put the codename of your distribution (i.e. etch, lenny, sid, maverick, lucid, karmic, jaunty, intrepid, hardy or whatever it is) in place of <DISTRIBUTION>.
Then add the gpg key used to sign the packages by running the following commands at your command prompt:

gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

Now refresh your sources and install Tor by running the following commands (as root) at your command prompt:

apt-get update
apt-get install tor tor-geoipdb

To start:
make sure the tor and privoxy services have been started

sudo /etc/init.d/tor start
sudo /etc/init.d/privoxy start

Then start vidalia.....

Saturday, February 5, 2011

How to distribute your RAT/Trojan or Keylogger.

Mass Distribution
# Merge the server with another server put this up somewhere advertise for it.
# Create an iso with autorun.
# Create some cd's with autorun and leave them in random places.

Single Target 
You have a single target. Whether it be a cheating ex or a friend that screwed you or just some asshole you want revenge. Here's some interesting ways to go about this.
  • Send a binded exe that does something they want it to do. If they don't trust you infect a friend and a friend's friend etc until you have someone's msn aim yahoo or email that you can send it through that they'll accept.
  • Once again create an autorun cd give it to them have someone give it to them label it as their favorite band or maybe a movie they wanna see get creative. 
  • This is by far my funniest idea. Buy one of those shitty ipods or mp3 players off ebay the ones that are broken. Send it to them with an "installation cd" with your trojan on it. Trust me they'll fall for it.  

Making Undetectable Trojans By Ghosty

1. Encryptors/Compressors
You would think this should be the easiest way to UD (Undetect) a Trojan...but alas, it is not. The problem is simply this, most people use the same Trojans and Packers so often that Anti-Virus software knows pretty much all the signatures. They either use Ardamax Keylogger, Optix Pro, Beast, ProRat etc. for Trojans. For Packers they use UPX, PECompress, AsPack, Mophine etc. Again, none of these combinations work because all the signatures have been flagged. The best way this option will work is to find lesser known Packers and Trojans to work with.

Try a Google search for Executable Packers. Get a few that you have not heard of before or that have a decent rating. If it is not freeware, I am sure there will be a Crack for it. For Trojans, three good resources are VXChaos, LeetUpload or VX Heaven. Remember to pick the ones that are not well known and try to mix and match those Trojans and Packers.

2. Byte Adders:
This technique allows you to add junk bytes to your Trojan as to confuse Anti-Virus software. It does this by moving the code around inside the executable as the bytes are being added. This means that the signature will not be in the place the Anti-Virus expects it to be. A good tool for this would be StealthTools v2.0 by Gobo.

3.3. Hex Editing:
This is much more complicated and takes a lot more practice to get right. The idea here is to find the signature that Anti-Virus software has flagged inside of your Trojan and change it by adding a different byte, or changing the Offset to one of its other equivalents.The three things you will need here is a File Splitter, Hex Editor and a Anti-Virus Offset Finder. The File Splitter will cut your executable into smaller files (preferably 1 byte per file). You then use your Hex Editor on the file that holds the signature and change that signature. Or, you can keep the file complete and use your AV Offset Finder to find the Offsets automatically and just change the signatures found with your Hex Editor.

Step One: Place your Trojan Server in a folder.

Step Two: Split your Server with your File Splitter into 1 byte per file. This may make a lot of files in your folder (depending on how large the Server is), but it is worth it because you will know that only one or two of those files has the signature that is flagged and all the rest are clean.

Step Three: Scan your folder with your Anti-Virus software and make note of which files it says are infected. Those will be the ones you edit.

Step Four: Open up each infected file with your Hex Editor and change the Offset. There is no fool proof way of doing this, you will have to experiment. Since this will be a 1 byte file, there will not be much you need to change. Just change one character or byte at a time and then save your progress. Re-scan to see if it worked. If it did not, go back and try again.

Step Five: Once you feel that you have found all signatures and changed them, Rejoin your files with your File Splitter and test your Server to see if it works. Remember that too much Editing will make your Server useless so be careful.

(Optional) Step Six: Another good way is to use a Anti-Virus Offset Finder that will find the correct Offset automatically so you do not have to search for them or split your Server. Get AV Devil 2.1 to find the Offsets (password is: to0l-base).

You have to remember that different AV software use different signatures, so scan with as many as you can.

4. Source:
The very best way to make an undetectable Trojan has always been to make your own. I know it may seem like a daunting task to do, but it could be simpler then you think. Here I will give a few options on how to do this. The reason why you would want to make your own Trojan is the fact that each time it is compiled, it is given a new signature. Changing just a single string in the Source code can make it undetectable.

Option 1: Free Trojan Source Code.

Finding free Trojan source code is not hard. Again, going to places like VXChaos or Planet Source Code can yield a plethora of really good and lesser known Trojan code. Pick what Programming Language you like and look for examples. Not much needs to be changed to makes these undetectable. A simple recompile will sometimes do the trick.

Option 2: Decompiling.

Some may call this "Stealing" source code. I like to call it "Borrowing". The first thing you need to know is what language your Trojan is in. Lets say your Trojan was Optix Pro, your programming language would be Delphi. A good Delphi Decompiler would be DeDe. Decompile Optix Pro with DeDe then recompile it with a Delphi compiler and viola! Just change a few strings around within the source and you should have a undetectable Optix Pro.

Another way would be to open your Trojan with a Debugger or Disassembler. Copy down the ASM code and then recompile it in a ASM compiler. That maybe a bit more tricky, but the idea is the same. Try to convert the executable into pure ASM as best you can. There are many free Debuggers/Disassemblers, Google for them.

A word of warning, if you do find your own way of making a Trojan undetectable, DO NOT disclose it. You will find your Trojan detected in a very short amount of time. What I have taught here are just the basics of Trojan UDing. It will be up to you to use this knowledge and make it work. Also, DO NOT use any online virus scans to see if your Trojan has been detected. Your signature will be captured and sent to AV companies.

Well I hope this tutorial helped you out in some small way. Just one of the examples above could make an undetectable Trojan, or you may need to mix and match them. Try what you can, don't be afraid to experiment, and good luck!

VXChaos:
http://vxchaos.official.ws/

LeetUpload:
http://www.leetupload.com

VX Heaven:
http://vx.netlux.org

StealthTools v2.0:
http://www.hackerscenter.com/ (search for them)

AV Devil 2.1:
http://www.leetupload.com/dbindex2/index.php?dir=Win32/Crypters%20and%20Packers/&file=AV%20Devil%202.rar

Planet Source Code:
http://www.planet-source-code.com/

DeDe:
http://www.woodmann.com/crackz/Tools.html

Hide files in a jpg

Set up:
1. Must have a .zip or .rar compressor.

Steps:
1. Save the picture of choice to your desktop.
2. Make a new .rar or .zip folder on your desktop.
3. Add the files you want to hide into the .zip or .rar
4. Click start menu, run, cmd.
5. In Command Prompt type cd "desktop" with the quotation marks.
6. Now type in copy /b picturename.jpg + foldername.rar outputfilename.jpg
( If you use .zip then: copy /b picturename.jpg + foldername.zip outputfilename.jpg)
7. Now there should be the outputed file name with a .jpg extension on the desktop.
( Do not close Command Prompt just yet )
8. Double click it to open the picture and check it out.
9. When your done looking, and want to view the hidden files
Type: ren outputfilename.jpg outputfilename.rar or zip

How To Become A Hacker by Eric Steven Raymond

Read from here...Click here..

Friday, February 4, 2011

Turning a Hostname into an IP Address

#!/usr/bin/env python
#Get the IP Address

import socket
hostname = 'maps.google.com'
addr = socket.gethostbyname(hostname)
print 'The address of ', hostname, 'is', addr

Install VirtualEnv in Ubuntu

Once virtualenv is installed, you have the power to create any number of small, self-contained “virtual Python environments” where packages can be installed,
un-installed, and experimented with without contaminating your system-wide Python. When a particular project or experiment is over, you simply remove its virtual environment directory, and your system is clean. In this case, we want to create a virtual environment in which to test the googlemaps package. If you
have never installed virtualenv on your system before, visit this URL to download and install it:

http://pypi.python.org/pypi/virtualenv

Once you have virtualenv installed, you can create a new environment like this (on Windows, the directory containing the Python binary in the virtual environment will be named “Scripts” instead):

$ virtualenv --no-site-packages gmapenv
$ cd gmapenv
$ ls
bin/ include/ lib/
$ . bin/activate
$ python -c 'import googlemaps'
Traceback (most recent call last):
File "<string>", line 1, in <module>
ImportError: No module named googlemaps

As you can see, the googlemaps package is not yet available! To install it, use the pip command that is inside your virtualenv and that is now on your path thanks to the activate command that you ran:

$ pip install googlemaps
Downloading/unpacking googlemaps
Downloading googlemaps-1.0.2.tar.gz (60Kb): 60Kb downloaded
Running setup.py egg_info for package googlemaps
Installing collected packages: googlemaps
Running setup.py install for googlemaps
Successfully installed googlemaps
Cleaning up...

The python binary inside the virtualenv will now have the googlemaps package available:

$ python -c 'import googlemaps'

Now that you have the googlemaps package installed, you should be able to run the simple program named search1.py.

#!/usr/bin/env python
# Fetching a Longitude and Latitudefrom googlemaps import GoogleMaps
address = '207 N. Defiance St, Archbold, OH'
print GoogleMaps().address_to_latlng(address)
Running it at the command line, you should see a result like this:
$ python search1.py

(41.5228242, -84.3063479)



Credits goes to Foundations of Python Network Programming(Apress)

Wednesday, February 2, 2011

Short-notes for Linux

Exit GUI and start up again command line CTRL-ALT-BACKSPACE
Shift to command line CTRL-ALT-F1
Shift back to GUI CTRL-ALT-F7
Terminal window and enter the shutdown, halt, or reboot command, halt will log out and shut down your system.
Use CTRL-ALT-F7 to access the first session and CTRL-ALT-F8 for the second session.
To end your session, issue the logout or exit command. This returns you to the login prompt, and Linux waits for another user to log in.
Shut down the system $ shutdown -h now
Reboot CTRL+DEL+ALT
To create a link, hold both the CTRL and SHIFT keys while dragging the icon to the location where you want the link.
The startx command starts the GNOME desktop by default.
Terminal --- $ command-name options arguments
The ls command displays a listing of files in your directory.
CTRL-U erases the whole line and enables you to start over again at the prompt.