Musings of a linux geek.

Fix homebrew / metasploit with ruby 2.0 on OS X

If like me you use the Metasploit Framework (MSF) under OS X using homebrew, you have undoubtably had the issue with the latest release of ruby 2.0. Once I had upgraded to the latest version of ruby I ran the usual brew cleanup command which removed my ruby193 formula and on launching MSF I was greetedd with a bunch of errors. D’oh.

It turns out there are some issues with MSF and ruby 2.0 require(). Here is a solution that worked for me to revert back to ruby 1.9.3

Download the ruby193 formula from here and copy the file to /usr/local/Library/Forumla
Run: brew install ruby193
Finally run: brew link —overwrite ruby193

If you run ruby -v you should see you are running version 1.9.3p392. Thats it. The brew link command has updated all the symlinks for the binaries, you are ready to go.

13. March 2013 by Matt
Categories: apple, Tutorial | Tags: hack, hacking, homebrew, mac, mac os x, metasploit, osx, ruby, terminal | Comments Off

OS X Packet Forwarding

Wow, first post of 2013.

Here is a quick python script I put together to enable/disable packet forwarding in OS X. To be used in conjunction with arp spoofing etc.

#!/usr/bin/python

import subprocess as subp
import sys, os

isroot = os.getuid()

if isroot == 0:
	try:
		mode = sys.argv[1]
		
		if mode == "-enable":
			print "[+] Enabling Packet forwarding"
			subp.Popen("sysctl -w net.inet.ip.forwarding=1 > /dev/null 2>&1", shell=True).wait()
		elif mode == "-disable":
			print "[+] Disabling Packet forwarding"
			subp.Popen("sysctl -w net.inet.ip.forwarding=0 > /dev/null 2>&1", shell=True).wait()
	
	except IndexError:
		print "\n[+] Usage: enable_packet_forwarding -enable / -disable\n"
else:
	print "[!] Run as root (sudo)"

#!/usr/bin/python

import subprocess as subp

import sys, os

isroot = os.getuid()

if isroot == 0:

try:

mode = sys.argv[1]

if mode == "-enable":

print "[+] Enabling Packet forwarding"

subp.Popen("sysctl -w net.inet.ip.forwarding=1 > /dev/null 2>&1", shell=True).wait()

elif mode == "-disable":

print "[+] Disabling Packet forwarding"

subp.Popen("sysctl -w net.inet.ip.forwarding=0 > /dev/null 2>&1", shell=True).wait()

except IndexError:

print "\n[+] Usage: enable_packet_forwarding -enable / -disable\n"

else:

print "[!] Run as root (sudo)"

19. February 2013 by Matt
Categories: apple, Hacking, Programming, Python | Tags: apple, arp, arp cache, arp spoof, hacking, mac, OS X, osx, programming, python, spoof, spoofing | Leave a comment

Installing Tor & Proxychains in OS X

In a previous post I talked about using proxychains with tor on a linux system. Today I will give you a quick lesson on getting the same setup running under OS X.

First of all you need to head over the Mac AppStore and install the latest version of XCODE. This is as simple as doing a search and clicking the install button. Once XCODE is installed, you need to open the application and goto the preferences window. Under the download tab there is the option to install command line tools, install this and then quit XCODE.

Next we need to install homebrew. As the homebrew team put it; “Homebrew installs the stuff you need that Apple didn’t”. Homebrew is pretty much apt-get for OS X. To get homebrew installed fire up a terminal and enter:

ruby -e "$(curl -fsSkL raw.github.com/mxcl/homebrew/go)"

1	ruby -e "$(curl -fsSkL raw.github.com/mxcl/homebrew/go)"

Now that homebrew is downloaded, compiled and installed you need to run the following command make sure the homebrew binary path takes precedent over OS X:

sudo echo "setenv PATH /usr/local/bin:/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin" >> /etc/launchd.conf

1	sudo echo "setenv PATH /usr/local/bin:/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin" >> /etc/launchd.conf

When you have set your path you will need to reboot for the changes to take effect. After the reboot, run the following command to configure and start using homebrew:

brew doctor

1	brew doctor

You should now be raring to brew. To install tor simply run the command:

brew install tor

1	brew install tor

Homebrew will now download, configure, build & install tor. Once this is complete we need to get proxychains. To download the homebrew proxychains formula, run the following command:

git clone git://gist.github.com/3792521.git proxychains

1	git clone git://gist.github.com/3792521.git proxychains

When the download is complet, change into the new proxychains directory and rename the single ruby (.rb) file to proxychains.rb. Now copy the proxychains.rb file to /usr/local/Library/formula. You are no ready to install proxychains:

brew install --HEAD proxychains

1	brew install --HEAD proxychains

As with tor, this command will download build & install proxychains.

And thats it! You now have homebrew, proxychains and tor installed on your mac.

18. November 2012 by Matt
Categories: apple, Hacking, internet, linux, Tutorial | Tags: anonymous, apple, mac, osx, proxy, proxychains, tor, xcode | 3 comments

Debian backports

Debian is my personal favourite Linux distribution. I have used it for many years. I have tried other flavours but I always end up back where I started.

I like to run the most stable releases on my machines, currently Debian 6 squeeze. The only problem with using stable builds of Debian is they tend to be less up-to-date than other distributions such as mint or ubuntu. This can make supporting new devices such as solid state drives a pain in the ass.

Fortunately there is Debian backports. Backports are recompiled packages from testing and unstable in a stable environment so that they will run without new libraries on a Debian stable distribution. This means we can get packages such as the latest backport kernel (currently 3.2) with out compromising the stability of our system.

Setting up backports is very easy. Create a new file in /etc/apt/sources.list.d/ called backports.list. Then run the following command as root:

echo "deb http://backports.debian.org/debian-backports squeeze-backports main" &gt; /etc/apt/sources.list.d/backports.list

1	echo "deb http://backports.debian.org/debian-backports squeeze-backports main" > /etc/apt/sources.list.d/backports.list

Then run apt-get update to refresh your package list. Now we have access to the backport repos and can begin installing some up-to-date applications. For example, here is the command I would use to upgrade my system to the latest kernel:

apt-get install -t squeeze-backports linux-image-3.2.0-0.bpo.2-amd64

1	apt-get install -t squeeze-backports linux-image-3.2.0-0.bpo.2-amd64

Notice I use install -t squeeze backports package, this is because all backports are disabled by default so you need to prefix the above command to tell apt you want to install from backports.

Thats pretty much all I have for you, if you would like more information on Debian backports and a list of available packagaes you can visit the website here.

15. August 2012 by Matt
Categories: linux, Tutorial | Tags: backports, debian, kernel, linux, root | Leave a comment

Staying anonymous with tor & proxychains

I am going to give you a quick demo on getting tor installed along with proxychains to route network based applications through the tor network.

This is aimed at debian based systems but the code can be used over any linux distro, just switch out the package manger code for your own distro.

Firstly we need to download and install proxychains and some required dependencies for compiling and installing tor.

sudo apt-get install libssl0.9.8 libssl-dev libevent-dev proxychains

1	sudo apt-get install libssl0.9.8 libssl-dev libevent-dev proxychains

Next we need to download and unpack tor.

wget https://www.torproject.org/dist/tor-0.2.2.37.tar.gz -O /tmp/tor-0.2.2.37.tar.gz
tar zxvf /tmp/tor-0.2.2.37.tar.gz -C /tmp

1 2	wget https://www.torproject.org/dist/tor-0.2.2.37.tar.gz -O /tmp/tor-0.2.2.37.tar.gz tar zxvf /tmp/tor-0.2.2.37.tar.gz -C /tmp

Now we are ready for compiling. Change to your unpacked tor directory and run the following commands:

./configure && make
sudo make install

1 2	./configure && make sudo make install

After a few minutes you should be back at your bash prompt following a successful install of tor. Now we just need to check the /etc/proxychains.conf file to make sure it reads socks4 127.0.0.1 9050 at the end of the file. This line enables you to route applications anonymously through the tor network.

We are all set. To start tor open a terminal and simply enter tor and hit return, this will initiate the connection to the tor network. Open up a new terminal tab and use proxychains to route any network application. For example:

proxychains nmap -PN -T5 google.com

1	proxychains nmap -PN -T5 google.com

Here is a little bash script to automate downloading and installing tor: http://pastebin.com/X4ubkrbe

06. August 2012 by Matt
Categories: internet, linux, Tutorial | Tags: anon, anonymous, internet, linux, proxy, proxychains, tor | Leave a comment

← Older posts

Site admin

My tweets
- @KeataKaylee negatory :-) will be good fun. How are you? 5 days ago
- @KeataKaylee Not long now. Looking forward to seeing you all next week :) been too long! http://t.co/u2npgulWlh 5 days ago
- #GoogleIO keynote will be starting soon. Fingers crossed for some android goodness. 1 week ago
- @tuxserv Gtalk bot is operational. Can respond to system commands and is location aware. http://t.co/yMmh969prN 2 weeks ago
- Waiting for #Left4Dead2 to download on my linux box. Taking an age. Averaging 500 bytes/sec!! 3 weeks ago
Tags
anonymous apple arp cache bash command line debian download hack hacker hacking idevice infosec internet iOS ios 5 ipad iphone jailbreak linux mac metasploit osx password poisoning program programming proxy proxychains python root sabnzb scanner script server shell sickbeard terminal tor twitter ubuntu unix usenet video web windows

Search this site!

Follow me:

Fix homebrew / metasploit with ruby 2.0 on OS X

OS X Packet Forwarding

Installing Tor & Proxychains in OS X

Debian backports

Staying anonymous with tor & proxychains

Site admin

My tweets