Thursday, 30 June 2016

Red Hat Satellite [Introduction]


Red Hat satellite is an open source system management tool , that can manage the Product life-cycle environment in production.

It allows administrators to directly deploy resources or content in the product life cycle Stage eg: Development,QA etc

Red Hat Satellite is based on upstream project TheForeman and katello. It also consists of puppet for config management, pulp is responsible for content storage and management.

So , in brief ,we could say that Red Hat satellite is life cycle management tool , with provisioning capabilities and integrated config management.

To this day , Satellite 6.1.9 is the major release, with beta 6.2

Satellite also encompasses some useful plugins which are helpful in Hosts management , and auditing some of the plugins are :

  • OSCAP - The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines. We maintain great flexibility and interoperability, reducing costs of performing security audits.
  • Discovery Plugin -The satellite is not only capable of provisioning hosts , but can also discover the hosts directly from the specified subnet and later provision them. (Also capable of Bulk Provision)
  • foreman_templates- When the provisioning is done , we can pre-defined , what the satellite should do next with those provisioned hosts, this can be written in the form of scripts and stored as Provisioning templates , where we can handle the settings while doing provisioning , this provides flexibility, to customize provisioning according to need.  
  • Katello - katello is another open source project , which helps in content management. It helps to provide hosts content and mimic the traditional environment path (Dev → QE → Stage → Production)
  • Remode Code Execution- This features lets user , run commands on to the hosts diresclty , currently it it uses ssh to do so , but the plan is to add more communication providers. Communication goes through the smart proxy so Foreman does not have to have direct access to the target host and can scale to control many hosts. A command can be customized similarly to provisioning templates.
There are some of many features , that are used very often and makes this tool different from the traditional bunch.

The another feature that interesting is The Provisioning part : 

Red Hat Satellite supports all major Providers except Azure (soon to change), the provisioning on these resources is automatically done via Satellite ,and with similar settings and users don't have to provide , provider specific settings. Satellite creates a extra layer of abstraction between the user and providers. 
These providers are considered as Compute resources in satellite.

Once the computer resource of any type is added , user has to go to new host page and specifiy the compute resource to deploy host and this would be similar for all providers.

Red Hat Satellite is still gaining it's pace and continuously growing by the hour , it is slowly changing the  traditional approaches for life cycle Management and content management.

Friday, 6 May 2016

SQL Injection

What is Sql Injection:

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.

This guide is For Educational purposes Only.Please don't Misuse It

Step-by-Step tutorial for SQL Injection

Receive SMS Online Without Cell Phone

In This Tutorial we are gonna fix the activation problems That we come across while authenticating or completing surveys , There is a solution to receive sms Online , There is a websites that provides you with cell phone number and the text sms are received on the number online on website .
Just Pick up a number from the website.
Can do this multiple TimesUsage Unlimited Times

No Need to register
Number selection choices
Just visit this link , wait for few seconds and skip ads

Saturday, 17 August 2013

Getting meterpreter session over MITM Attack [Tut]

Hello , i wanna share an interesting technique By which we would get a meterpreter Session Over a MITM in a very easy way.

1. Ubuntu [Recommended Kali]
2. Subterfuge [Download Here]
3. Armitage/Metasploit

Now We are familiar with armitage and ubuntu.

What is Subterfuge?

Subterfuge is an automated Man In The Middle Attack Framework. Subterfuge is a web based tools that can run smoothly using ur localhost system without installing webserver (it is included in the installation software). It is a simple but devastatingly effective credential-harvesting program, which exploits vulnerabilities in the inherently trusting Address Resolution Protocol.

Host Machine = windows 7 
Victim Machine = Windows xp 
Exploit Machine = Kali 

Thursday, 20 June 2013

Mp3 Tagger [Get Lyrics of songs Hindi/English] -Custom Coded

This Software lets you find Lyrics Of the songs that you have on Your PC and where-ever on the web

  • Display scrolling lyrics, you can follow along with the artist and catch every word.
  • Automatically search and download lyrics.
  • Huge lyrics database, and it is expanding every day.
  • No need To register 
  • Easy to setup and install
  • User Friendly , simple user-interface 

Yet to come :
  • I will add features to save lyrics 
  • The software will work offline 
Any suggestions are welcome , Report Bugs To me .

Tuesday, 4 June 2013

Extarct Windows System Password [mimikatz]

How you will feel if you get your windows operating system password in plain text.Is it possible?Yes,we can do it
1) Download this file from any one of the following link.
 2) Extract it to a new folder,then navigate to this path "mimikatz_trunk-->alpha-->win32 or x64" (Choose your bit)

[Image: m8vzl.png]

Monday, 3 June 2013

Get IP Address Effective Methods 4+

In this tutorial we're going to have a look at how you can gain someone's IP address.

What can I do with someones IP address?

Most people trace people's IP addresses to (D)DoS them. You will need to fill out the persons IP address to do so. Another reason can be that you want to make a complete DoX (Documentation) of a person, or maybe you just want to do a whois search on the IP. There are plenty of things you can do with gaining someones persons IP address.

The URL method:

This is the most easy way to do in a normal situation but it will require some social engineering. You will need to send your victim a link to a website which will then log the IP address of the person who visited that particular link and send hes IP address to you. When the victim visits the link it will turn into a 404 page (there are multiple websites that offer this service, the one we are going to use will result into a 404). This way it's less likely he'll be suspicious. After the link was clicked you will be send the IP address of your victim via mail (again, varies by website).