Advertisements

Blog Archives

#MacOsX : Web Hacking with Burp Suite

This is a legendary tool developed by the author of The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws (2nd edition).

Unfortunately there is no native Mac Os X version but Corsaire packed one. Since they updated the site, the link to download it provided in the aforementioned book is broken, so I will provide a new working one of the recently released version 1.5 1.6 of Burp Suite Free.
All rights reserved to Corsair and Portswigger.

The version at this link
DOWNLOAD HERE
is now outdated (it also requires JDK 6, which is no longer supported).
A free binary version for Mac OS has been made available:
Burp Suite Free Edition

See also here for a [much less powerful] alternative.

Advertisements

#MacOsX : Show Remote Disks

There are Macs without disk drives. You can access CD/DVDs from another Mac over the network allowing remote disk.

This option allows you to always see remote drives within Finder:

defaults write com.apple.finder EnableODiskBrowsing -boolean YES

killall Finder

#MacOSX : Make your Mac a Wireless Network Bridge

Sometimes you need to extend wireless field; you can do it transforming your Mac as a Wireless Network Bridge.

Why  your Mac? Maybe a new shining Mac Book Pro? Well, let’s say your city has been hit by a big earthquake, so you had to leave your house, but your wireless network still works. Mobile Network won’t  work due to excessive overhead but you can still access internet to contact your friends and family. Sharing your internet connection give this chance also to many other people (this has been happened to me recently).

First you need a Switch or a Router or a Wireless Access Point and Ethernet cables.

Then:

  • Connect your mac to your wireless network
  • Connect Switch / Router / Wireless Access Point to Mac Ethernet port
  • Go to System Preferences -> Sharing
  • Check Internet Sharing
    • Share your connection from: Wi-Fi
    • To computers using: Ethernet and Bluetooth PAN
  • Let DHCP enabled

NOTE: this way you can connect to internet while you can maintain a secure distance from damaged buildings.

#MacOSX : IP Scanner Pro, Network Scanning for Dummies

You are accustomed to incomprehensible command line tools???

Finally I have the right solution: IP Scanner Pro

It’s all about friendlyness!!! You can ping, wake up, insert into whitelist, etc all the devices found with just one click.

I will show you just an image, you don’t need anything else! 😉

NOTE: I have hidden MAC address.

#MacOSX [*NIX]: MAC Address Spoofing

MAC Address is a unique identifier of 48 bits assigned to network interfaces.

This Address is unique in the world, so it does identify you, everywhere.

From a Security & Privacy perspective this is not good at all!!!

How to modify it:

  1. Open Terminal app.
  2. Type:
    sudo ifconfig [en0-en1] ether [MAC Address]

    • where you can choose en0 for wired ethernet interface or en1 for airport interface
    • MAC Address is something like FF:FF:FF:FF:FF:FF
      where there are 6 groups of 2 exadecimal symbols separated by colons (:)
  3. Insert your Administrator password.
  4. Go to Network System Preferences, select active interface and push Advanced… button.
  5. In TCP/IP tab click on Renew DHCP Lease button.
  6. You should now see your new MAC Address in Hardware tab.

NOTE: you can set Configure: Manually in Hardware tab to manually set MAC Address and avoid using Terminal.

NOTE2: if you do not renew DHCP Lease you may loose network connectivity.

NOTE3: if you have set MAC Address through Terminal it will be restored to it own default after reboot or shutdown.

NOTE4: some Hotels or private Acces Point use MAC Filtering to prevent abuse of their network. The changing of MAC Address allow you circumviate this kind of restrictions (see MAC Spoofing). This is NOT legitimate, so if you are not an evil user and you need emergency network access, try to set your MAC Address to FF:FF:FF:FF:FF:FF (could not work of course). This way System Administrator will readily understand what is going on. 😉

%d bloggers like this: