Skip to content
Oct 15 / Mike

TelegramNZB

I am working on a Telegram bot to manage Couchpotato, SickRage, SAB+ and more.

Current working features are:

  • Adding a TV series to SickRage
  • Adding a movie to CouchPotato
  • Restarting the services
  • Pausing/Resuming SAB+
  • Download status and notifications

As soon as I’ve polished it I will add a link to the github repo.

Of course, I do not condone piracy in any way shape or form. I just like tinkering with APIs.

Feb 15 / Mike

Simple HTM5 game using gamesalad

I made a simple game using gamesalad, it’s pretty fun and quite challenging ūüėÄ

Jan 2 / Mike

NetflowDB VM released!!

NetflowDB screeny

 

Here is the latest version of NetflowDB in shiny 32Bit VM form!!

 

We had a few teething issues as far as creating a funky installer went so we decided to roll it into a VM in the meantime.

It is built on Ubuntu Server 32Bit and requires 1gb of ram and 40GB free space (this can be reduced if you like by resizing the vmdk)

We have tested it on VMware Fusion and Virtualbox and it seems to run fine.

 

The product is still in beta so I wouldn’t recommend relying on it too heavily until you have had a play with it.. but that being said, it’s working pretty nicely!!

 

There are lots more features we are working on so check here for updates!!

 

MD5: 86b4985ad7ba93e56a7f5e1430c8e8b6

Download Link: BROKE!!

Usage:

Run the VM and point a netflow exporter at port 9999 on the box!!

alternatively you can allow the vm to listen in promiscuous mode on interface 1 and connect it via a span port on your router (it has a netflow exporter built in too!)

then hit it up with your favourite browser (as long as it’s as good as google chrome!!) wait 5 minutes (to allow it to netflow all the things) and then click the refresh buttons at the top right of the page!! (the blacklist one takes around 2 minutes to update and only needs doing every few hours or so)

You will now be able to play with your nf data!! oooooooo!!!!

A video will be uploaded soon which explains how to get the data into Maltego for even more network forensics fun!!

 

This will probably help too:

u: netflowdb

p: netflowdb

Change them!!

If you wish to use the WHOIS lookup, tor list, and blacklist update feature you will need to allow it access to the interwebs.. also, I urge you to try and break it!! there are a few bugs which we know about but as far as we can see, there is nothing which presents a security risk.

We also recommend that you configure SSL, the libraries are all there however we didn’t create certs for the release version as we are firm believers in doing that sort of stuff yourself but if you get stuck then comment below and we will help.

 

NOTE: It takes around 6 minutes for the netflow data to start to propagate, if after this time you do not have any data delete the contents of /var/www/netflowdb/tmp/ (not sure what went wrong but we’re working on a fix)

 

– Mike

Sep 23 / Mike

SauceWalk-0.2a Released Today!!! (Update… it’s now rev. 0.2b)

This tool will allow you to populate your proxy (burp/acunetix/paros etc) with a full list of files and directories as found on your web server including all includes etc.

The idea is that you either point it at a local copy of the given site or a remote php script (asp/jsp versions to follow) and it will enumerate all files and folders. Once this action is complete it will make web requests to each file and folder via your given proxy.

This tool is especially handy when testing against common open source platforms (Joomla for example).

This tool was born out of the necessity to have full exposure of a remote site rather than just the files visible when using a traditional spider/crawler.

 

Usage

Obtain a copy of the source (i.e. from the vendor site) and unpack it into a directory or upload the remote agent to your server.
1, Launch proxy eg Burp/Acunetix

2, run walk.exe

3, follow the instructions!!

note: if you have access to the site you can use the remote agent to dynamically obtain a current list of files and folders.. simply upload saucewalk.php to your server and when prompted enter the full URL including “k” parameter (asp/jsp versions to¬†follow) it is a good idea to change the key to something unique to you!!

if you experience issues please let me know via the comments section.

example:

http://www.mysitetobetested.com/saucewalk.php?k=13371337133713371337

 

Version 1.0 (multi-platform Open Source) to be released soon with full python source code provided via sourceforge and google code (once I’m happy with the functionality)

 

————————————————————————————————————————-

FIXED PHP ERROR

SHA256: 3be7006f1fcb4dbd19d13ab571b58deb5e4b968ded3fb85d5502f8cdc02f4c77
SHA1: f392485b49adf6959aebb9c81b99cfce084a307d
MD5: a85b6fa3fb13f3119e89631a3ecdd662
File size: 4.0 MB ( 4190359 bytes )
File name: SauceWalk-0.2b.zip
File type: ZIP

0.2b –¬†Virus Total Report

————————————————————————————————————————-

SHA256: 8c3d2a277f47d37a07ff1e1690d8cd1bf826b81d90a93853ada4bc941193dc78
SHA1: 7d20223cf2e829fafd08f773cab8f18156d3162b
MD5: d91f9f63a894ac8a5740538f9b779bdd
File size: 4.0 MB ( 4190315 bytes )
File name: SauceWalk-0.2a.zip
File type: ZIP

0.2a –¬†Virus Total Report

————————————————————————————————————————-

 

Also Available here: https://sourceforge.net/projects/saucewalk/

 

WORD OF WARNING!!!!! – AS WITH ANY SECURITY TOOL.. THIS COULD BREAK YOUR SITE IF NOT USED CORRECTLY (especially if you have an active admin session at the time)