Aug
26
2008
While playing some games in the net asked by riverdell … the question need me to decode the base64 … after blurr for a while and asking my buddy how to decode the base64 then he wrote me this . Thanks so much to him for his tutorial .. and i owe him teh tarik …
Here are sample from nsm-console running on Hardy :
nsm> decode base64 ‘VldwSk5Gb3lVa2hQUjJSclRUSlJlbFJITlU5TlIwNTBWbTE0YTFJelVqSlpNakF4WWtkT2NFNVlWbUZYUmtZeVYycEtTbG95U25SUFZFNU5Xbm93T1QwOT09′
Decoding base64 –> ascii…
Output ([]‘s added to show beginning and end):
[VWpJNFoyUkhPR2RrTTJRelRHNU9NR050Vm14a1IzUjJZMjAxYkdOcE5YVmFXRkYyV2pKSloySnRPVE5NWnowOT09==]
nsm> decode base64 ‘VWpJNFoyUkhPR2RrTTJRelRHNU9NR050Vm14a1IzUjJZMjAxYkdOcE5YVmFXRkYyV2pKSloySnRPVE5NWnowOT09==’
Decoding base64 –> ascii…
Output ([]‘s added to show beginning and end):
[UjI4Z2RHOGdkM2QzTG5OMGNtVmxkR3R2Y201bGNpNXVaWFF2WjJJZ2JtOTNMZz09==]
nsm> decode base64 ‘UjI4Z2RHOGdkM2QzTG5OMGNtVmxkR3R2Y201bGNpNXVaWFF2WjJJZ2JtOTNMZz09==’
Decoding base64 –> ascii…
Output ([]‘s added to show beginning and end):
[R28gdG8gd3d3LnN0cmVldGtvcm5lci5uZXQvZ2Igbm93Lg==]
nsm> decode base64 ‘R28gdG8gd3d3LnN0cmVldGtvcm5lci5uZXQvZ2Igbm93Lg==’
Decoding base64 –> ascii…
Output ([]‘s added to show beginning and end):
[Go to www.streetkorner.net/gb now.]
I do need to further study in HeX in other to make it as such a useful tools .. thanks to rawpacket team
1 comment | tags: HeX, Nsm-Console, Ubuntu | posted in HeX, Ubuntu
Apr
4
2008
Now days .. have u all wonder what is the other ways that info can leak out from ya organization/company/etc ? IMHO Instant Messenger(IM) is one of it. Previously my CEO have asking me, did someone can know/read/monitor what is he doing with the IM? i said yes it is .. then im asking about the company policies? is it staff’s are allow to IM? “Yes, let they use the IM .. no need to block/prevent the staff using it …” thats was the answer …
so thanks to the great job to dakrone because he just release his new code called “Yahsnarf” after releasing the “AIMsnarf” previously.
With his code/project, maybe it help sys admin, security & network analyst work more easier. Here are some of description about Yahsnarf taken from his post:
Yahsnarf requires Ruby, ruby-pcap and bit-struct (Thanks Matasano for introducing me to bit-struct, made this script take about 1/4rd the time to write)
I’m also currently working on an NSM-Console module for Yahsnarf.
This script is a little different than Aimsnarf, mostly because Aimsnarf was the first program I ever wrote in Ruby, so it tended to be just a little rusty, without the best design practices. For one, Yahsnarf is way smaller than Aimsnarf (70 lines to around 150), and Yahsnarf follows an object-oriented design. Enough of that, here’s what you can expect to see:
shell> sudo ./yahsnarf.rb -i en1
Use '-h' to display usage
Capture/Decoding...
buddy1 --> buddy2: This is a test of yahsnarf
buddy2 --> buddy1: A test this is of yahsnarf; it's awesome!
buddy1 --> buddy2: thanks for the help 
You can also use ./yahsnarf.rb -r <pcapfile> to read and extract from a network capture file.
Pretty simple eh? Replace buddy1 and buddy2 with the screen names of the conversationalists. There are a few issues I’m still working out, like usernames not always showing up (they could for the most part). Also, this obviously does not work on encrypted messages (OTR or otherwise), so if you value your privacy, use encryption.
Remember, don’t ever say anything over IM that you wouldn’t mind the world knowing, you never know who could be listening in
You guys may try/download the Yahsnarf here
3 comments | tags: AIMsnarf, IM, Pcap, Yahsnarf | posted in FreeBSD, HeX, Network, Security
