Distortion To Static

The life, times and ramblings of MasterCJ

rscan v0.2 - autoconfig edition@ 07/10/09 01:41 pm

While I was on the way home from 2600 (the afternoon of the day after, heh) on the bus, I decided to add a couple of features to rscan. One of which is that it now automatically tries to figure out its network settings as much as it can. You can still give it hints though, as is shown in the new shiny help output (another new feature) below.

You can get this fabulous new version at http://mastercj.net/software/rscan/0.2/rscan.pl.

Happy hacking!

rscan v0.2 - autoconfig edition

Usage:
./rscan.pl [arguments] [ip range(s), files, port(s)]

Arguments:

Switch | Description | Example
-if | interface to use | -if=eth0
-ip | src ip to use | -ip=192.168.1.1
-mask | netmask of interface | -mask=255.255.255.0
-log | logfile | -log=packetz.txt
-rate | packets/second to send | -rate=100

Examples:

Scan ports 80, 81, 82 and 8080 on 192.168.*.* with eth0 from ip 192.168.1.1:
./rscan.pl -if=eth0 -ip=192.168.1.1 192.168.*.* 80 81 82 8080
OR
./rscan.pl -if=eth0 -ip=192.168.1.1 192.168.*.* 80-82 8080

Scan port 80 on 192.168.5.* and 192.168.2.* from the first available interface, using whatever ip and netmask it has:
./rscan.pl 192.168.5.* 192.168.2.* 80

Scan port 21 and 22 on 192.168.2.5-192.168.2.50
./rscan.pl 192.168.2.5-192.168.2.50 21 22

Scan port 80, 81, 82 and 8080 on all the ips/ranges in "ips.txt"
./rscan.pl ips.txt 80-82 8080
NOTE: The file containing ips/ranges must have one ip/range on each line.

permalink 0 comments (show)

Phantom finished!@ 06/10/09 10:07 pm

We, over at Nekomimi Fansubs, finished subbing the series "Phantom ~Requiem for the Phantom~" (anidb entry). The ending was a bit meh in my opinion, just a step above the "It was all a dream!" style ending. Anyway, you can get all the releases by checking out http://nekosubs.com/wordpress/tag/phantom/ and navigating through the pages OR by visiting #nekosubs on rizon and issuing an "@find phantom" OR by grabbing them directly from http://mg.nekosubs.com/.

I'd recommend watching the series as it's quite good overall. You'll like it if you enjoyed Noir.

permalink 0 comments (show)

listleecher v0.1@ 04/10/09 01:07 pm

HTTP index... indexer? Basically it does a recursive listing of those http "index of x" directories. It uses the same directory parsing code as dirshell.

Example usage and output:

mcj@shinobi:~/hax/listleecher$ ./listleecher.pl http://mastercj.net/software/
http://mastercj.net/software/dirshell/
http://mastercj.net/software/dirshell/README
http://mastercj.net/software/dirshell/dirshell.tar.gz
http://mastercj.net/software/listleecher/
http://mastercj.net/software/listleecher/listleecher.pl
http://mastercj.net/software/logtrix/
http://mastercj.net/software/logtrix/logtrix.pl
http://mastercj.net/software/rscan/
http://mastercj.net/software/rscan/rawip.patch
http://mastercj.net/software/rscan/rscan.pl

You can also pass a filename to it with a list of urls for it to spider (eg: ./listleecher urls.txt). I guess usually you'd redirect the output to a file so you can grep through it later on.

Download: http://mastercj.net/software/listleecher/

permalink 0 comments (show)

logtrix@ 30/09/09 04:10 pm

<[FAP]MasterCJ> haha
<[FAP]MasterCJ> imagine this
<[FAP]MasterCJ> matrix simulator that tails log files
[snip]
<[FAP]MasterCJ> ok i'm making that
<[FAP]MasterCJ> going to have it follow an apache log file
[snip]
<Geckom> CJ: make it so you can load any log
<[FAP]MasterCJ> Geckom: yeah
[snip]
<[FAP]MasterCJ> this log tailling thing is kind of silly
<[FAP]MasterCJ> like, it works
<[FAP]MasterCJ> but it's impossible to read
<[HAX]Luke> rofl
<[FAP]MasterCJ> http://i33.tinypic.com/302xb82.png
<[HAX]Luke> CJ: ROFL

And that's that. http://mastercj.net/software/logtrix/logtrix.pl.

Requirements: The perl Curses module.

permalink 1 comment (show)

Net::RawIP patch@ 28/09/09 07:38 pm

While I was testing rscan, I was getting a lot of crashes with a message that said "sendto() at (my path)/Net/RawIP.pm". After some digging, I found where the error was coming from and it appears to be that Net::RawIP dies whenever there's an error sending a packet. This, I assume, is to stop apps running after the file descriptor it's using to write packets to goes invalid, but as I don't think that can even really happen with a raw socket, it's probably not that big a deal. If a raw socket filehandle does go invalid, you've probably got some serious configuration or hardware problems that you should be dealing with anyway.

My patch technically breaks part of Net::RawIP, but for my uses it broke it just right. You can either read on, or just grab the patch here. You can apply it by navigating to the directory where you've downloaded the Net::RawIP source to and running "patch -i ~/rawip.patch" (replacing ~ with wherever you've downloaded it to). Following the patch, make it as usual. Here's what you'll want to see (boring parts removed):

mcj@akizuki:~/rawip$ wget http://search.cpan.org/CPAN/authors/id/S/SA/SAPER/Net-RawIP-0.25.tar.gz
[snip]
2009-09-28 19:31:29 (487 KB/s) - `Net-RawIP-0.25.tar.gz' saved [43474/43474]

mcj@akizuki:~/rawip$ wget http://mastercj.net/software/rscan/rawip.patch
[snip]
2009-09-28 19:31:40 (34.3 MB/s) - `rawip.patch' saved [472/472]

mcj@akizuki:~/rawip$ tar xf Net-RawIP-0.25.tar.gz
mcj@akizuki:~/rawip$ cd Net-RawIP-0.25
mcj@akizuki:~/rawip/Net-RawIP-0.25$ patch -i ../rawip.patch
patching file util.c
mcj@akizuki:~/rawip/Net-RawIP-0.25$ perl Makefile.PL
[snip]
Checking if your kit is complete...
Looks good
Writing Makefile for Net::RawIP
mcj@akizuki:~/rawip/Net-RawIP-0.25$ make
cp lib/Net/RawIP/iphdr.pm blib/lib/Net/RawIP/iphdr.pm
cp lib/Net/RawIP/udphdr.pm blib/lib/Net/RawIP/udphdr.pm
cp lib/Net/RawIP/icmphdr.pm blib/lib/Net/RawIP/icmphdr.pm
cp lib/Net/RawIP/generichdr.pm blib/lib/Net/RawIP/generichdr.pm
cp RawIP/libpcap.pod blib/lib/Net/RawIP/libpcap.pod
cp lib/Net/RawIP.pm blib/lib/Net/RawIP.pm
AutoSplitting blib/lib/Net/RawIP.pm (blib/lib/auto/Net/RawIP)
cp lib/Net/RawIP/opt.pm blib/lib/Net/RawIP/opt.pm
cp lib/Net/RawIP/ethhdr.pm blib/lib/Net/RawIP/ethhdr.pm
cp lib/Net/RawIP/tcphdr.pm blib/lib/Net/RawIP/tcphdr.pm
/usr/bin/perl /usr/share/perl/5.10/ExtUtils/xsubpp -typemap /usr/share/perl/5.10/ExtUtils/typemap -typemap typemap RawIP.xs > RawIP.xsc && mv RawIP.xsc RawIP.c
cc -c -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g -DVERSION=\"0.25\" -DXS_VERSION=\"0.25\" -fPIC "-I/usr/lib/perl/5.10/CORE" -D_LINUX_ -D_ETH_ -D_IFLIST_ -D_GLIBC_ RawIP.c
cc -c -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g -DVERSION=\"0.25\" -DXS_VERSION=\"0.25\" -fPIC "-I/usr/lib/perl/5.10/CORE" -D_LINUX_ -D_ETH_ -D_IFLIST_ -D_GLIBC_ util.c
cc -c -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g -DVERSION=\"0.25\" -DXS_VERSION=\"0.25\" -fPIC "-I/usr/lib/perl/5.10/CORE" -D_LINUX_ -D_ETH_ -D_IFLIST_ -D_GLIBC_ eth.c
cc -c -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g -DVERSION=\"0.25\" -DXS_VERSION=\"0.25\" -fPIC "-I/usr/lib/perl/5.10/CORE" -D_LINUX_ -D_ETH_ -D_IFLIST_ -D_GLIBC_ ifaddrlist.c
Running Mkbootstrap for Net::RawIP ()
chmod 644 RawIP.bs
rm -f blib/arch/auto/Net/RawIP/RawIP.so
cc -shared -O2 -g -L/usr/local/lib RawIP.o util.o eth.o ifaddrlist.o -o blib/arch/auto/Net/RawIP/RawIP.so \
-lpcap \

chmod 755 blib/arch/auto/Net/RawIP/RawIP.so
cp RawIP.bs blib/arch/auto/Net/RawIP/RawIP.bs
chmod 644 blib/arch/auto/Net/RawIP/RawIP.bs
Manifying blib/man3/Net::RawIP.3pm
Manifying blib/man3/Net::RawIP::libpcap.3pm
mcj@akizuki:~/rawip/Net-RawIP-0.25$ sudo make install
Files found in blib/arch: installing files in blib/lib into architecture dependent library tree
Installing /usr/local/lib/perl/5.10.0/auto/Net/RawIP/RawIP.so
Writing /usr/local/lib/perl/5.10.0/auto/Net/RawIP/.packlist
Appending installation info to /usr/local/lib/perl/5.10.0/perllocal.pod
mcj@akizuki:~/rawip/Net-RawIP-0.25$

permalink 0 comments (show)

rscan v0.1@ 26/09/09 09:28 pm

This time it's an IP scanner. Small, quick and easy to use. Also unstable. It requires NetPacket, Net::RawIP and Net::Pcap. A recent version of each is probably a good idea.

It's based on an idea I've wanted to try for a long time; here's how it works:

> Two threads total
> One thread sends SYN/PSH packets
> One thread collects and logs ACKs
> That's it

I'm having success with it, it does around 11 thousand hosts per second for me. It's kind of unstable and really really untested, but it's fun to use in any case. Check it out if you feel like it.

http://mastercj.net/software/rscan/0.1/rscan.pl

UPDATE: See http://mastercj.net/blog/e/6/Net::RawIP_patch/ if you're getting "sendto()" crashes.

permalink 0 comments (show)

Page: 1 2 3 4 5 6