Jamesdotcom

James Woolleys Blog

ARP Cache Poisoning with Scapy

Posted by James under Infosec

Scapy is a very powerful tool that allows you to manipulate a large amount of network packets. You can read more about it at http://www.secdev.org/projects/scapy/. I have been playing around with it and will show how to go about sending a modified ARP packet. First off you need to install scapy. If your using Backtrack you will find it is allready intalled and ready to use. If your using a diffrent distro of linux a simple “apt-get install scapy” will suffice.

To start with you will want to create the ARP packet. typing “h=ARP()” will assign the h to the arp packet you create. “h.show()” will show you the variables inside the ARP packet you can change.

There are two variables that you are going to want to change. Thease are  PSRC and PDST. To change them you need to input the following. “h.psrc=("192.168.1.254")” (The IP for the Gateway) and “h.pdst=("192.168.1.73")” (The IP for the client).

Typing h.show() again will show you the new settings for the packet.

Now you have created the packet you need to send it. to do this simply type send(h).

By going to the machine you sent the packet to you can open up Wireshark and see the ARP packet successfully working.

You can also send a ping to an IP address that would normally use the gateway IP. In this example I pinged Google and captured the packets on the machine I sent the ARP packet from. As you can see in the screenshot below instead of going to the gateway to Google it went to me.

I’m going to be using Scapy alot more as its an excellent tool so expect to see some more posts about Scapy on here in the future. There is also a great video by John Strand on youtube that explains the basics on Scapy.

Steganography

Posted by James under Infosec

I decided to write a blog post on Steganography. I’m researching about this as I go along and figured why not document what i find on my blog for others to see.

Steganography is the art of hiding information inside something. For example you can hide a string of text inside an Image and it will be very hard to find unless your specifically looking for it. The difference between steganography and cryptography is that in cryptography its obvious you are looking at encrypted data. with steganography at first glance its not very obvious at all.

There are countless amount of tools that you can use but the one I will be using for this first post is called Steghide. I’m going to be using it on Ubuntu. The first thing you want to do is obviously install Steghide.

apt-get install steghide

I then ran the command:

steghide --embed -ef /home/james/Desktop/test.txt -cf /home/james/Pictures/stegbmp.bmp -p pass

This command embeds test.txt inside the stegbmp.bmp image and assigns the password “pass” to access the text file.

Below are the stegbmp.bmp image files. the one on the left contains the test.txt text file and the one on the right contains nothing.

Image containing test.txt File containing no extra files

As you can see both images have kept their original file size of 29.35 kB (30054 bytes). even though a 16 byte text file has been added. This is because it uses a method of storing a file called Least significant bit insertion (LSB). This is where the test.txt file bits are written in a part of the image file where the data is not of any or little importance. Therefore it does not alter the way the image looks. Obviously if I added a large file inside the image it would increase the file size.

To extract the txt file from the image i used the following command:

steghide --extract -sf /home/james/Desktop/stegbmp.bmp -xf yes.txt

What this does is copies the test.txt file that is inside the image and saves it as yes.txt inside the current directory.

In my next post I will be looking into some more tools involving steganography and also steganalysis, the art of detecting hidden information using steganography.

All Done!

Posted by James under MAME Arcade Machine

The Arcade machine is now completly done. If you have any questions you would like to ask me about the project please Email me at james@jamesdotcom.com. Here are some pictures of the final build.

P1050681 P1050682

The New Screen

Posted by James under MAME Arcade Machine

This is what the new screen looks like inside the cabinate.

monitor 2

The Marquee

Posted by James under MAME Arcade Machine

The marquee is now ready. just balanced on the edge of the cabinate for now till we fix the light inside.

marquee 1

Artwork

Posted by James under MAME Arcade Machine

Just started doing the artwork on the side of the cabinate.

paint1 paint2

Door Added

Posted by James under MAME Arcade Machine

The door at the front of the cabinet has now been added that allows access to the computer.

p1030904

I also attached a Perspex sheet with a black border for the monitor cover. When the monitor is aligned properly inside you will only see the screen and nothing else of the monitor.

p1030905

The front and back panels are now in place. As you can see in the 2 pictures below we have a gap at the bottom that will be the door for access to the computer.

p1030890 p1030891 p1030894

The Shelving

Posted by James under MAME Arcade Machine

The 3 shelves have now been made to hold the Computer, Monitor and the Xarcade controller. I screwed the shelves onto the 2 side panels of the arcade machine and will putty over the screw holes once all the front and back panels are in place.

arcade1 arcade2 arcade3

Cutting the Wood

Posted by James under MAME Arcade Machine

I have just finished cutting the two side panels of the arcade machine. All thats needed now is the back panels and a small door on the front that you can open to turn the machine on. I also need 2 shelves in the cabinet. one for the monitor to sit on and the other for the computer.

wood
Subscribe to Jamesdotcom