2016-11-11

Build own Premium Link Generator (rapidleech)

build own PLG

install LAMP on php5. after

install suhosin php extension

$ sudo su
# perl locale error bypass
$ locale-gen ja_JP.UTF-8 && dpkg-reconfigure locales
$ apt install php5-dev
$ wget https://download.suhosin.org/suhosin-0.9.38.tar.gz
$ tar xvf suhosin-0.9.38.tar.gz
$ phpize
$ ./configure
$ make && make install
$ echo 'extension=suhosin.so' > /etc/php5/mods-available/suhosin.ini
$ cd /etc/php5/apache/conf.d/
$ ln -s ../../mods-available/suhosin.ini 20-suhosin.ini
$ cd /etc/php5/cli/conf.d/
$ ln -s ../../mods-available/suhosin.ini 20-suhosin.ini
$ php --ini

install rapidleech

$ cd /var/www/html
$ sudo apt install git
$ git clone https://github.com/Th3-822/rapidleech.git
$ chown -R www-data:www-data *

open browser

http://yourip_here/rapidleech/

configure

2016-11-10

first osx install

will update.

$ /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
$ brew update
$ brew install zsh git curl 
$ which zsh
$ chsh coffee0101

# Changing user information for coffee0101.
# Use "passwd" to change the password.
##
# Open Directory: /Local/Default
##
Shell: /bin/zsh
Full Name: coffee0101
Office Location:
Office Phone:
Home Phone:

# install oh-my-zsh
$ sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
$ brew install tmux tor torsocks
$ brew tap caskroom/cask
$ brew cask install phpstorm webstorm virtualbox vagrant veracrypt
$ brew install acrogenesis/macchanger/macchanger
$ macchanger -r en0

The pentest framework install ubuntu

$ vagrant box add ubuntu15 https://github.com/kraksoft/vagrant-box-ubuntu/releases/download/15.04/ubuntu-15.04-amd64.box
$ vagrant box list
ubuntu15 (virtualbox, 0)
$ mkdir -p vm/ubuntu15/ && cd vm/ubuntu15/
$ vagrant init ubuntu15 
$ vagrant up <- 1 error but recommend to bypass
$ vagrant ssh
> sudo su
> apt update && apt upgrade -y && apt dist-upgrade -y && apt autoremove -y
> apt install git build-essential -y
> git clone https://github.com/trustedsec/ptf.git && cd ptf
> ./ptf
ptf> use modules/install_update_all
[*] You are about to install/update everything. Proceed? [yes/no]:yes

2016-11-09

deleting access log

oWned after story

Your access log was stored.
Need delete. main mission delete ip.

This example hijacked authorized_keys.

$ w
 25:61:61 up 99999999999 days,  26:61,  1 user,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root    pts/0    37.59.14.201     26:61    0.00s  0.00s  0.00s sshd: root
$ find /var/log -type f | xargs grep '37.59.14.201'
/var/log/syslog:John  32 26:61:61 hostname sshd[99999]: ***************** from 37.48.80.101 port 99999 ssh2
Binary file /var/log/wtmp matches
Binary file /var/log/lastlog matches

delete this. vim can find wtmp ^G first code.

$ vim /var/log/wtmp
^G^@^@^@^@^@^@pts/0^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ts/0root^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@37.48.80.101^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^C^Q^@^@^@^@P^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@

something delete

$ rm -f /var/log/lastlog
$ touch /var/log/lastlog

might stop syslog. if reaccess, do not this.

sed -i -e '/37.48.80.101/d' /var/log/syslog

edit log

$ vim .bash_history
$ vim .zsh_history

rm something info

$ rm -f ~/.viminfo
$ rm -f ~/.mysql_history

this might clear up command history

history -c

complete. your server is owned.

2016-11-08

Using ExifTool check image.

Using ExifTool check image metadata

wget http://owl.phy.queensu.ca/\~phil/exiftool/Image-ExifTool-10.31.tar.gz
tar xzf Image-ExifTool-10.31.tar.gz
cd Image-ExifTool-10.31
perl Makefile.PL
make
wget https://i.imgur.com/LVWFDbk.png
./exiftool LVWFDbk.png
ExifTool Version Number         : 10.31
File Name                       : LVWFDbk.png
Directory                       : .
File Size                       : 9.8 kB
File Modification Date/Time     : 2016:04:18 22:57:24+09:00
File Access Date/Time           : 2016:11:04 13:13:51+09:00
File Inode Change Date/Time     : 2016:11:04 13:13:51+09:00
File Permissions                : rw-r--r--
File Type                       : PNG
File Type Extension             : png
MIME Type                       : image/png
Image Width                     : 1221
Image Height                    : 492
Bit Depth                       : 8
Color Type                      : RGB
Compression                     : Deflate/Inflate
Filter                          : Adaptive
Interlace                       : Noninterlaced
SRGB Rendering                  : Perceptual
Gamma                           : 2.2
Pixels Per Unit X               : 3779
Pixels Per Unit Y               : 3779
Pixel Units                     : meters
Image Size                      : 1221x492
Megapixels                      : 0.601

other image

https://i.imgur.com/7i0glK2.jpg
https://i.imgur.com/pHJqhzx.jpg
https://i.imgur.com/vBHSej2.jpg

happy analyzing!!

2016-11-07

build own search engine (install searx)

Build own search engine

Because need to scraping google result.
Many search provider block tor.

So, build own search engine and scraping.

But install work may hard. so auto install provider.

yunohost

yunohost will automates the installation of a personal web server.
need Debian 7.x or 8.x 64bits get some vps.

install yunohost

sudo apt-get install git
git clone https://github.com/YunoHost/install_script /tmp/install_script
# default admin login need root password
sudo passwd root
cd /tmp/install_script && sudo ./install_yunohost

Let's encrypt

> Install custom app
https://github.com/alexAubin/letsencrypt_ynh

after install searx!
If using scraping public uri.

scraping basic

searx support export json.

search: "+ext:php +intext:mysql +intext:error"
https://urhostname/searx/?q=%2Bext%3Aphp%20%2Bintext%3Amysql%20%2Bintext%3Aerror&categories=general

# get json
https://urhostname/searx/
POST:q=%2Bext%3Aphp+%2Bintext%3Amysql+%2Bintext%3Aerror&format=json&category_general=1&pageno=1

# json from curl
curl --data "q=%2Bext%3Aphp+%2Bintext%3Amysql+%2Bintext%3Aerror&format=json&category_general=1&pageno=1" https://urhostname/searx/

# working on get parameter
https://urhostname/searx/?q=%2Bext%3Aphp%20%2Bintext%3Amysql%20%2Bintext%3Aerror&categories=general&format=json

ok!!

2016-11-06

DO NOT SCAN LIST of CIDR format

# Army Information Systems Center
6.0.0.0/8
# Defense Information Systems Agency, VA
7.0.0.0/8
# DoD Intel Information Systems, Defense Intelligence Agency, Washington DC
11.0.0.0/8
# US Defense Information Systems Agency
21.0.0.0/8
# Defense Information Systems Agency
22.0.0.0/8
# ?
24.198.0.0/16
# Royal Signals and Radar Establishment, UK
25.0.0.0/8
# Defense Information Systems Agency
26.0.0.0/8
29.0.0.0/8
30.0.0.0/8
# Joint Tactical Command
49.0.0.0/8
50.0.0.0/8
# Army National Guard Bureau
55.0.0.0/8
# Israel
62.0.0.0/8
# ?
64.70.0.0/16
64.224.0.0/16
64.225.0.0/16
64.226.0.0/16
# Army Yuma Proving Ground
128.37.0.0/16
# Naval Surface Warfare Center
128.38.0.0/16
#  Defence Research Establishment-Ottawa
128.43.0.0/16
# Army Communications Electronics Command
128.47.0.0/16
# Naval Ocean Systems Center
128.49.0.0/16
# Department of Defense
128.50.0.0/16
128.51.0.0/16
# U.S. Naval Academy
128.56.0.0/16
# Naval Research Laboratory
128.60.0.0/16
# Army Ballistics Research Laboratory
128.63.0.0/16
# Army Communications Electronics Command
128.80.0.0/16
# Defence Evaluation and Research Agency
128.98.0.0/16
# NASA
128.102.0.0/16
128.149.0.0/16
128.154.0.0/16
128.155.0.0/16
128.156.0.0/16
128.157.0.0/16
128.158.0.0/16
128.159.0.0/16
#  Naval Research Laboratory
128.160.0.0/16
# NASA
128.161.0.0 /16
128.183.0.0/16
# Army Belvoir Reasearch and Development Cente
128.190.0.0/16
# 50th Space Wing
128.202.0.0/16
# MacDill Air Force Base
128.216.0.0/16
# NASA Kennedy Space Center
128.217.0.0/16
# U.S. Air Force Academy
128.236.0.0/16
# Strategic Defense Initiative Organization
129.23.0.0/16
# United States Military Academy
129.29.0.0/16
# NASA Marshall Space Flight Center
129.50.0.0/16
# Patrick Air Force Base
129.51.0.0/16
# Wright-Patterson Air Force Base
129.52.0.0/16
# 66SPTG-SCB
129.53.0.0/16
# Vandenberg Air Force Base, CA
129.54.0.0/16
# Air Force Institute of Technology
129.92.0.0/16
# NASA Ames Research Center
129.99.0.0/16
# Naval Weapons Center
129.131.0.0/16
# Army Armament Research Development and Engineering Center
129.139.0.0/16
# 85 MISSION SUPPORT SQUADRON/SCSN
129.141.0.0/16
# NASA
129.163.0.0/16
129.164.0.0/16
129.165.0.0/16
129.166.0.0/16
129.167.0.0/16
129.168.0.0/16
# Naval Underwater Systems Center
129.190.0.0/16
# Air Force Flight Test Center
129.198.0.0/16
# Army Ballistics Research Laboratory
129.209.0.0/16
# U.S. Army Corps of Engineers
129.229.0.0/16
# United States Air Force Academy
129.251.0.0/16
# Airbase USA
131.3.0.0/16
131.6.0.0/16
131.10.0.0/16
131.17.0.0/16
131.21.0.0/16
131.22.0.0/16
131.24.0.0/16
131.25.0.0/16
131.27.0.0/16
131.30.0.0/16
131.32.0.0/16
131.35.0.0/16
# Yokota Air Base
131.36.0.0/16
# Airbase USA
131.37.0.0/16
131.38.0.0/16
131.39.0.0/16
131.40.0.0/16
131.44.0.0/16
131.46.0.0/16
131.47.0.0/16
131.50.0.0/16
131.52.0.0/16
131.54.0.0/16
131.56.0.0/16
131.58.0.0/16
131.59.0.0/16
131.61.0.0/16
131.62.0.0/16
131.71.0.0/16
131.74.0.0/16
131.84.0.0/16
131.92.0.0/16
131.105.0.0/16
131.110.0.0/16
131.120.0.0/16
131.121.0.0/16
131.122.0.0/16
131.176.0.0/16
131.182.0.0/16
131.250.0.0/16
# Airfoce 
132.3.0.0/16
132.5.0.0/16
132.6.0.0/16
132.7.0.0/16
132.9.0.0/16
132.10.0.0/16
132.11.0.0/16
132.12.0.0/16
132.13.0.0/16
132.14.0.0/16
132.15.0.0/16
132.16.0.0/16
132.17.0.0/16
132.18.0.0/16
132.19.0.0/16
132.20.0.0/16
132.21.0.0/16
132.22.0.0/16
132.24.0.0/16
132.25.0.0/16
132.27.0.0/16
132.28.0.0/16
132.30.0.0/16
132.31.0.0/16
132.33.0.0/16
132.34.0.0/16
132.35.0.0/16
132.37.0.0/16
132.38.0.0/16
132.39.0.0/16
132.40.0.0/16
132.42.0.0/16
132.43.0.0/16
132.45.0.0/16
132.46.0.0/16
132.48.0.0/16
132.49.0.0/16
132.50.0.0/16
132.52.0.0/16
132.54.0.0/16
132.55.0.0/16
132.56.0.0/16
132.57.0.0/16
132.58.0.0/16
132.59.0.0/16
132.60.0.0/16
132.61.0.0/16
132.62.0.0/16
132.79.0.0/16
132.80.0.0/16
132.82.0.0/16
132.86.0.0/16
132.87.0.0/16
132.94.0.0/16
132.95.0.0/16
132.95.0.0/16
132.104.0.0/16
132.105.0.0/16
132.109.0.0/16
132.110.0.0/16
132.114.0.0/16
132.117.0.0/16
132.118.0.0/16
132.122.0.0/16
132.133.0.0/16
132.134.0.0/16
132.159.0.0/16
132.193.0.0/16
132.250.0.0/16
# AirFoce + Navy + Pentagon + military company(Include Boeing) + Signal Command
134.5.0.0/16
134.11.0.0/16
134.12.0.0/16
134.51.0.0/16
134.52.0.0/16
134.78.0.0/16
134.80.0.0/16
134.118.0.0/16
134.131.0.0/16
134.136.0.0/16
134.164.0.0/16
134.165.0.0/16
134.194.0.0/16
134.205.0.0/16
134.207.0.0/16
134.229.0.0/16
134.230.0.0/16
134.232.0.0/16
134.233.0.0/16
134.234.0.0/16
134.235.0.0/16
134.240.0.0/16
136.149.0.0/16
# Army Inteligence + Commander Signal
136.178.0.0/16
136.188.0.0/16
136.189.0.0/16
136.190.0.0/16
136.191.0.0/16
136.192.0.0/16
136.193.0.0/16
136.194.0.0/16
136.195.0.0/16
136.196.0.0/16
136.197.0.0/16
136.207.0.0/16
136.208.0.0/16
136.209.0.0/16
136.210.0.0/16
136.212.0.0/16
136.213.0.0/16
136.214.0.0/16
136.215.0.0/16
136.216.0.0/16
136.217.0.0/16
136.218.0.0/16
136.219.0.0/16
136.220.0.0/16
136.221.0.0/16
136.222.0.0/16
# DOD Command Operation + Military Labo
137.1.0.0/16
137.2.0.0/16
137.3.0.0/16
137.4.0.0/16
137.5.0.0/16
137.6.0.0/16
137.11.0.0/16
137.12.0.0/16
137.17.0.0/16
137.24.0.0/16
137.29.0.0/16
137.67.0.0/16
137.94.0.0/16
137.95.0.0/16
137.126.0.0/16
137.127.0.0/16
137.128.0.0/16
137.130.0.0/16
137.209.0.0/16
137.210.0.0/16
137.211.0.0/16
137.212.0.0/16
137.231.0.0/16
137.232.0.0/16
137.233.0.0/16
137.234.0.0/16
137.235.0.0/16
137.240.0.0/16
137.241.0.0/16
137.242.0.0/16
137.243.0.0/16
137.244.0.0/16
137.245.0.0/16
137.246.0.0/16
# NCTC + Navy + Signal Command
138.13.0.0/16
138.27.0.0/16
138.50.0.0/16
138.65.0.0/16
138.76.0.0/16
138.109.0.0/16
138.115.0.0/16
138.135.0.0/16
138.136.0.0/16
138.137.0.0/16
138.139.0.0/16
138.140.0.0/16
138.141.0.0/16
138.142.0.0/16
138.143.0.0/16
138.144.0.0/16
138.145.0.0/16
138.146.0.0/16
138.147.0.0/16
138.148.0.0/16
138.149.0.0/16
138.150.0.0/16
138.151.0.0/16
138.152.0.0/16
# Yokosuka Naval Base
138.153.0.0/16
# NCTC + Navy + Signal Command
138.154.0.0/16
138.155.0.0/16
138.156.0.0/16
138.157.0.0/16
138.158.0.0/16
138.159.0.0/16
138.160.0.0/16
138.161.0.0/16
138.162.0.0/16
138.163.0.0/16
138.164.0.0/16
138.165.0.0/16
138.166.0.0/16
138.167.0.0/16
138.168.0.0/16
138.169.0.0/16
138.170.0.0/16
138.171.0.0/16
138.172.0.0/16
138.173.0.0/16
138.174.0.0/16
138.175.0.0/16
138.176.0.0/16
138.177.0.0/16
138.178.0.0/16
138.179.0.0/16
138.180.0.0/16
138.181.0.0/16
138.182.0.0/16
138.183.0.0/16
138.184.0.0/16
138.193.0.0/16
# Tactical Fighter + Electronic Combat !?
139.31.0.0/16
139.32.0.0/16
139.33.0.0/16
139.34.0.0/16
139.35.0.0/16
139.36.0.0/16
139.37.0.0/16
139.38.0.0/16
139.39.0.0/16
139.40.0.0/16
139.41.0.0/16
139.42.0.0/16
139.43.0.0/16
139.124.0.0/16
139.142.0.0/16
# Defense Information Systems Agency
140.0.0.0/8
# Headquarters, USAISC
143.45.0.0/16
143.46.0.0/16
143.68.0.0/16
143.69.0.0/16
143.70.0.0/16
143.71.0.0/16
143.72.0.0/16
143.73.0.0/16
143.74.0.0/16
143.75.0.0/16
143.76.0.0/16
143.77.0.0/16
143.78.0.0/16
143.79.0.0/16
143.80.0.0/16
143.81.0.0/16
143.82.0.0/16
143.84.0.0/16
143.85.0.0/16
143.86.0.0/16
143.87.0.0/16
143.232.0.0/16
# military Infomation center
144.99.0.0/16
144.109.0.0/16
144.143.0.0/16
144.144.0.0/16
144.146.0.0/16
144.147.0.0/16
144.170.0.0/16
144.192.0.0/16
144.233.0.0/16
144.234.0.0/16
144.235.0.0/16
144.236.0.0/16
144.237.0.0/16
144.238.0.0/16
144.239.0.0/16
144.240.0.0/16
144.241.0.0/16
144.242.0.0/16
144.252.0.0/16
# NASA + military
146.17.0.0/16
146.80.0.0/16
146.98.0.0/16
146.154.0.0/16
146.165.0.0/16
# army
147.35.0.0/16
147.36.0.0/16
147.37.0.0/16
147.38.0.0/16
147.39.0.0/16
147.40.0.0/16
147.42.0.0/16
147.103.0.0/16
147.104.0.0/16
147.159.0.0/16
147.168.0.0/16
147.169.0.0/16
147.198.0.0/16
147.199.0.0/16
147.238.0.0/16
147.239.0.0/16
147.240.0.0/16
147.242.0.0/16
147.248.0.0/16
147.254.0.0/16
# NASA, Stennis Space Center
148.114.0.0/16
# Army + NASA + military develop
150.113.0.0/16
150.114.0.0/16
150.125.0.0/16
150.133.0.0/16
150.144.0.0/16
150.149.0.0/16
150.157.0.0/16
150.184.0.0/16
150.190.0.0/16
150.196.0.0/16
152.82.0.0/16
152.151.0.0/16
152.152.0.0/16
152.154.0.0/16
152.229.0.0/16
153.21.0.0/16
153.22.0.0/16
153.23.0.0/16
153.24.0.0/16
153.25.0.0/16
153.26.0.0/16
153.27.0.0/16
153.28.0.0/16
153.29.0.0/16
153.30.0.0/16
153.31.0.0/16
155.5.0.0/16
155.6.0.0/16
155.7.0.0/16
155.8.0.0/16
155.9.0.0/16
155.74.0.0/16
155.75.0.0/16
155.76.0.0/16
155.77.0.0/16
155.78.0.0/16
155.79.0.0/16
155.80.0.0/16
155.81.0.0/16
155.82.0.0/16
155.83.0.0/16
155.84.0.0/16
155.85.0.0/16
155.86.0.0/16
155.87.0.0/16
155.88.0.0/16
155.96.0.0/16
155.149.0.0/16
155.155.0.0/16
155.178.0.0/16
155.213.0.0/16
155.214.0.0/16
155.215.0.0/16
155.216.0.0/16
155.217.0.0/16
155.218.0.0/16
155.219.0.0/16
155.220.0.0/16
155.221.0.0/16
156.9.0.0/16
157.150.0.0/16
157.153.0.0/16
157.202.0.0/16
157.217.0.0/16
158.1.0.0/16
158.2.0.0/16
158.3.0.0/16
158.4.0.0/16
158.5.0.0/16
158.6.0.0/16
158.7.0.0/16
158.8.0.0/16
158.9.0.0/16
158.10.0.0/16
158.11.0.0/16
158.12.0.0/16
158.13.0.0/16
158.14.0.0/16
158.15.0.0/16
158.16.0.0/16
158.17.0.0/16
158.18.0.0/16
158.19.0.0/16
158.20.0.0/16
158.235.0.0/16
158.243.0.0/16
158.244.0.0/16
158.245.0.0/16
158.246.0.0/16
159.120.0.0/16
160.132.0.0/16
160.135.0.0/16
160.138.0.0/16
160.139.0.0/16
160.140.0/16
160.143.0.0/16
160.145.0.0/16
160.146.0.0/16
160.150.0.0/16
161.124.0.0/16
162.32.0.0/16
162.45.0.0/16
162.46.0.0/16
163.205.0.0/16
163.206.0.0/16
164.45.0.0/16
164.49.0.0/16
164.158.0.0/16
164.217.0.0/16
164.218.0.0/16
164.219.0.0/16
164.220.0.0/16
164.221.0.0/16
164.223.0.0/16
164.224.0.0/16
164.225.0.0/16
164.226.0.0/16
164.227.0.0/16
164.228.0.0/16
164.229.0.0/16
164.230.0.0/16
164.231.0.0/16
164.232.0.0/16
167.44.0.0/16
168.68.0.0/16
168.85.0.0/16
168.102.0.0/16
169.252.0.0/16
169.253.0.0/16
194.0.0.0/8
# Various – Do not scan
195.10.0.0/16
199.121.0.0/16
# Australia
203.59.0.0/16
# IPC Japan(米軍回線 !?)
# IPC (エレクトロニクス標準化団体)
#204.34.0.0
#204.34.1.0
#204.34.2.0
#204.34.3.0
#204.34.4.0
#204.34.5.0
#204.34.6.0
#204.34.7.0
#204.34.8.0
#204.34.9.0
#204.34.10.0
#204.34.11.0
#204.34.12.0
#204.34.13.0
#204.34.14.0
#204.34.15.0
# DOD
204.34.0.0/16
204.35.0.0/16
204.36.0.0/16
204.36.0.0/16
# navy
205.0.0.0/8
# SPAWAR
205.96.0.0/16
205.97.0.0/16
205.98.0.0/16
205.99.0.0/16
205.100.0.0/16
205.101.0.0/16
205.102.0.0/16
205.103.0.0/16
# FBI Firewall
# Sprint/United Telephone of Florida
207.30.0.0/16
# bank or something (FBI Firewall)
207.60.0.0/16
207.61.0.0/16
207.120.0.0/16
# ?
208.240.0.0/16
# Interland
209.35.0.0/16
# UK ?
212.56.107.0/24
# Israel
212.143.0.0/16
212.149.0.0/16
212.159.0.2
212.159.1.1
212.159.1.4
212.159.1.5
212.159.0.2
212.159.1.1
212.159.1.4
212.159.1.5
212.159.33.56
212.159.40.211
212.159.41.173
212.179.0.0/16
212.208.0.0/16
213.8.0.0/16
216.25.0.0/16
216.94.0.0/16
216.247.0.0/16
216.248.0.0/16
217.6.0.0/16

Importing from

www.hacking-tutorial.com

2016-11-05

build attacker vps

build attack vps without kali linux

many many pentester suggest Kali Linux.
many vps provider not support kali.
But The Pentester Framework can do things.

Install

$ aptitude install git
$ git clone https://github.com/trustedsec/ptf.git && cd ptf
$ ./ptf
ptf> search install
ptf> use modules/install_update_all
[*] You are about to install/update everything. Proceed? [yes/no]:yes

Install some application require y/n

$ msfconsole
$ sqlmap
$ nikto

working nicely.