Get the script

Screenshot

Backtrack5 Update Script

Source: backtrack-linux.org

Backtrack5 Update Script Info
App Name	Backtrack5 Update Script
License	free
Type	code
App URL
More Info	link

For applications that are assessed at the end of every release cycle (version change), from this graph, one can visualize the trend of vulnerability detection. Here severity scale – Critical, High, Medium & Low (Info) is also displayed in the graph.

We will have a look at 2 charting APIs to achieve this – Google Charts and Highcharts

Using Google Charts

By using Google Charts API, we try to embed the following chart on our SharePoint site. Once the code is embedded, user can hover over the data points to get its value and other information.

There are various obvious reasons for choosing a chart API over a static image inserted into the site.

1. Its easy to update. Just need to change the values in the embed code.
2. Less cluttered. As you can see, values of the data points are not displayed in the chart. If anyone needs to know the value, he/she just has to hover over any column.
3. This can later be programmed to update itself from the data available in any SharePoint list.

Steps

1. Add a ‘Content Editor Web part’ by clicking ‘Add a Web Part’ option.

2. Now access the ‘Source Editor’ via ‘edit – Modify Shared Web Part’.

3. Paste the following code on to the source editor. Replace the ‘data required’ block to match with your data table.

4. You can use this google spreadsheet to convert tabular data to google charts API mark up - http://goo.gl/ALbIc.

5. Insert the data generated in column ‘H’ on to the Google Chart code.

Few Points

1. If you need to change the severity scale to something other than C, H, M, L then modify it on ‘var rowData’ and the match the number of data values appropriately.
2. Change chart dimensions, color and other properties in draw() options.

Using Highcharts

High charts is yet another popular charting solution. Unlike, Google charts, we don’t have to modify the embed code to update the graph values. In the following example, we use a feature in highcharts that extracts value from HTML table that is displayed on the same page. So we just need to update the data in the HTML table using the SharePoint Rich Text Editor and graphs are automatically updated.

Steps

First, we need to download Highcharts API and extract it to our local directory. Then upload ‘highchart.js‘ to your SharePoint site (I copied to ‘Shared Documents‘, you can upload it anywhere you want). Note the relative URL of that js file.

1. Add 2 content editor webparts. One webpart holds embed code for Chart and other for data table

2. Chart webpart – Access source code editor and paste the following code. Replace the highcharts.js URL with previously copied SharePoint URL. (It will be something like /Shared%20Documents/hc/highcharts.js)

3. Datatable webpart – Access source code editor and paste the following code.

4. Updating the data – Click on Modify Shared Web part and access the Rich Text Editor. Now, any one can modify the values from the table without messing up the embed code markup.

When the SharePoint page that contains the chart code loads, highchart.js file will be initialized and values in the HTML table below (identified by the table id – ‘datatable’) are extracted and displayed on the graph. Similar to Google charts, we can hover over any of the columns to view the value of data point.

Few Points

1. Chart dimensions can be modified by changing the attributes of ‘container‘ div in Chart Web part source.
2. Match the value of table id with the value in document.getElementById. Default is ‘datatable‘
3. Change the severity levels in datatable by deleting or adding columns on Rich text editor. Your scale might be H, M, L so delete ‘Critical’ column.
4. Change the title and other options in Highcharts code if necessary. Refer to highchart documentation

There are various other solutions which involves access to SharePoint designer or to be able to upload third-party web parts on the SharePoint server. If you want a simple front-end solution, this works the best.

Highcharts Info
App Name	Highcharts
License	free
Type	code
App URL
More Info	link

This is not made to encourage piracy/plagiarism in any case.

How To

1. Extract batch file and lib folder to C:\apk2java\ (or any folder that doesnt have space in its path)

2. Backup the target app’s apk from phone to PC via ASTRO Browser (check this post for details)

3. Keep the target apk in the root folder where batch file is present

4. Run ‘apk2java.bat target.apk’ in cmd

c:\apk2java>apk2java.bat target.apk

5. Result : java and resource files available in ‘src’

Note: This batch just automates the sequence in which various tools are initiated and does not handle any error events. You will have to go through the cmd verbose to figure out the problem.

Note 2: ‘lib’ folder contains apk-tool files (apk-tool.jar, aapt.exe), jad.exe, 7zip (7za.exe), dex2jar files (all other jars).  If required, update each of those tools by replacing it with latest copy from links mentioned below.

Requirements

• Windows (but can be ported to *NIX)
• JRE 1.6 (Java Runtime Environment)

Tools in lib

• Dex2jar – Converts Android dex format to jar (link)
• JAD – Java Decompiler CLI (link)
• 7Zip – Unarchival  (link)
• apk-tool – Extracts resources from apk (link)
• aapt – Android Asset Packaging Tool (link)
• aapt commands (link)

apk2java Info
App Name	apk2java
License	free
Type	code
App URL
More Info	link

Download .apk file from market

1. Search in market for the app you want to decompile and install it on your phone.
2. Install Astro File Manager from market (link). Open Astro > Tools > Application Manager/Backup and select the application to backup on to the SD card .
3. Mount phone as USB drive and access '\backups\apps\' folder to find the apk of target app (lets call it targetapp.apk) . Copy it to your local drive.

Decomiling apk to Dex format

1. Download Dex2Jar (link) (Android runs applications which are in Dalvik Executable (.dex) format).
2. Run the command to convert apk to jar

dex2jar targetapp.apk file(./dex2jar targetapp.apk on terminal)

File ‘targetapp.apk.dex2jar.jar’ is created

Viewing/Decompiling the Jar files to Java

Method 1 : Use JavaDecompiler (JD)

1. Open ‘targetapp.apk.dex2jar.jar’ with jd-gui (link)
2. File > Save All Sources to sava the class files in jar to java files.

Method 2: JAD

1. Extract contents of jar file on to a folder named src. Use and unarchival utility like 7zip
2. Keep ‘src’ folder in the same directory where JAD and targetapp jar is present
3. Open JAD in cmd and execute the following command
4. jad -o -r -sjava -dsrc src/**/*.class (./jad on terminal)

Now src will contain decompiled Java files ready for manual code review.

Tools Used

1. Sample app – RemoteDroid (Opensource – link)
2. Astro File Manager (Android Market – link)
3. Dex2Jar (link)
4. jd-gui (link)
5. JAD (link)

Dex2Jar Info
App Name	Dex2Jar
License	free
Type	portable code
App URL
More Info	link

Root Your G2

1. Install Terminal Emulator and a file manager (such as Astro File Manager) from the Market.
2. Extract the contents of the zip file (Download from XDA site / here) to the SD card (this will create a directory called root_files on the card). When done, make sure you unmount your SD card from your computer if you had mounted it as a storage device to transfer the files.
3. Enable Unknown Sources (under Settings->Applications) and USB Debugging (under Settings->Applications->Development).
4. Using your file manager, navigate to the root_files directory on your SD card and select “com.modaco.visionaryplus.r14.apk” to install the Visionary app.
5. Start the Visionary app and click on “Temproot now.” Leave all other settings unchecked.
6. Start the Terminal app and type the following commands (the $ and # symbols represent the command prompt and should not be typed):

Select Temproot now in Visionary

Temp Root in progress via Visionary Plus

Perm Root commands

Perm Root execution in progress

You will see multiple messages scroll by as the programs run. Once you are returned to the prompt in terminal, you will have permanent root (S-OFF), as well as subsidy unlock and SuperCID.

Steps to Backup Installed Apps + Data to SD card (using Titanium Backup)

1. Install Titanium Backup from Market (free version would do the job, though it will take only one version of backup).
2. Make sure the latest / good version of BusyBox is installed (hit the “Problems” button lower right in Titanium home screen)
3. Un-check “Auto-sync TB settings” under Preferences
4. Only Run “Backup all user apps” under ‘Batch’.
5. Titanium takes a backup of app and user data to SDCard.

Batch backup

Steps to Backup Stock ROM to SD card (Using Clockworkmod Recovery)

1. Install ROM Manager from Market (free version)
2. Open ROM Manager and select ‘Flash ClockworkMod Recovery’. Confirm the phone model and wait until flash operation is complete.
3. Now ‘Select Reboot to Recovery Option’.
4. In Recovery console, scroll to ‘backup/restore’ (Trackpad button to scroll and select, Power button to go back) and then select ‘backup’ to initiate stock ROM backup process. (It will take 5-10 mins).
5. Once the backup is complete you will be redirected back to recovery console.
6. (Optional: copy Titanium backup folder & Clockworkmod backup folder form the SDCard root folder to your PC, just in case)

Flashing Clockworkmod Recovery

Rom Manager Requesting for SuperUser access

Recovery Console

Backup in Progress

Backup Complete

Install Custom ROM – Cyanogenmod 7 based on Gingerbread

1. Download the latest Cyanogenmod ROM zip file for G2 from here.
2. Download Google Apps bundle from here. Its recommended to keep the zip on the root of SDCard.
3. Copy the zip file to Sdcard root directory. Unmount Sdcard from computer.
4. On your phone recovery console select wipe data/factory reset, wipe cache partition and Advanced > ‘Wipe Dalvik cache’. (Ensure that this step is complete before proceeding ahead).
5. Now select the option ‘install zip from sdcard’ and choose cyanogenmod 7 zip that was copied earlier.

Wipe Cache, data ans Select Cyanogen zip from sdcard

Cyanogen Boot Screen

G2 with Honeycomb Theme

Install Google Apps

1. In recovery console select ‘install zip from sdcard’ and choose the google apps zip file. Reboot the device.

Note: Now Cyanogenmod bootloader will be displayed. It might take one or two minutes to boot to the new OS. My phone started looping through the boot screen and the home screen. If that happens reboot your device once or twice.

Restore Backed-up Apps + Data via Titanium Backup

1. Install Titanium Backup from Market.
2. After opening Titanium, selectively restore apps from the “Restore all apps with data” (these will only be user apps per 3. above) by selecting this batch operation and un-checking the apps I do not want to restore via Titanium prior to running the batch operation (by default all apps will be selected). You can also select here to restore just the app, app + data, or just data.

Restore Apps and Data

Content extracted from

• xda-developers (link), g2hacks (link1, link2), addictivetips (link1, link2)

CyanogenMod 7 Info
App Name	CyanogenMod 7
License	free
Type	code
App URL
More Info	link

Features

• Ability to upload 2 versions of the files to be compared
• Code can even be pasted to the text boxes for comparison
• Automatic Wordwrap

Checkout Diffchecker

DiffChecker Info
App Name	DiffChecker
License	free
Type	online
App URL
More Info	link

Update: Jarlsberg is now Gruyere

This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you’ll get a chance to do some real penetration testing, actually exploiting a real application. Specifically, you’ll learn the following:

• How an application can be attacked using common web security vulnerabilities, like cross-site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF).
• How to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.

Documentation Here

Some Exploit Screenshots

Information Disclosure – Read the contents of the database off of a running server by exploiting a configuration vulnerability.

Debug Dump Page URL – http://google-gruyere.appspot.com/457262944951/dump.jtl

The id changes based on your session.

Reflected XSS

Alert Dialog box which indicates the presence of Cross Site Scripting Vulnerability present in Jarlsberg

Stored XSS alert

Features

Jarlsberg includes a number of special features and technologies which add attack surface.

• HTML in Snippets: Users can include a limited subset of HTML in their snippets.
• File upload: Users can upload files to the server, e.g., to include pictures in their snippets.
• Web administration: System administrators can manage the system using a web interface.
• New accounts: Users can create their own accounts.
• Template language: Jarlsberg Template Language(JTL) is a new language that makes writing web pages easy as the templates connect directly to the database. Documentation for JTL can be found in gruyere/jtl.py.
• AJAX: Jarlsberg uses AJAX to implement refresh on the home and snippets page. You should ignore the AJAX parts of Jarlsberg except for the challenges that specifically tell you to focus on AJAX.

Vulnerabilities In Gruyere

• Cross-Site Scripting (XSS)
  • File Upload XSS
  • Reflected XSS
  • Stored XSS
  • Stored XSS via HTML Attribute
  • Stored XSS via AJAX
  • Reflected XSS via AJAX
• Client-State Manipulation
  • Elevation of Privilege
  • Cookie Manipulation
• Cross-Site Request Forgery (XSRF)
• Cross Site Script Inclusion (XSSI)
• Path Traversal
  • Information disclosure via path traversal
  • Data tampering via path traversal
• Denial of Service
  • DoS – Quit the Server
  • DoS – Overloading the Server
• Code Execution
• Information disclosure
• AJAX vulnerabilities
  • DoS via AJAX
  • Phishing via AJAX
• Buffer Overflow and Integer Overflow
• SQL Injection

Explore hosted version of Jarlsberg and start uncovering the vulnerabilities

Gruyere Hosted Version

Gruyere (Previously Jarlsberg) Info
App Name	Gruyere (Previously Jarlsberg)
License	free
Type	online code
App URL
More Info	link

Description of Project in Authors Terms,

This project is an attempt to create a well maintained, informative and categorized cheat sheet to highlight HTML5 as well as other client side and related security issues and ways to avoid them. The project is meant to target web developers as well as security researchers and especially browser vendors since many of the problems we found are based on faulty or quirky implementations. Focus is on completeness, comprehensibility and timeliness as well as continuity – benefits many other related cheat sheets don’t exactly provide.

Time to this site if are a developer or security analyst.

HTML5 CheatSheet

HTML5 CheatSheet Info
App Name	HTML5 CheatSheet
License	free
Type	online
App URL
More Info	link

Download and extract SyntaxHighlighter scripts to your PC (Check the download link at the bottom of the post). Now access the SharePoint site and create a folder structure as shown in the below screenshot (i.e. to create ‘scripts’, ‘src’ and ‘styles’ folders inside syntax folder which is present in ‘Shared Documents’). Now upload the syntax highlighter files to appropriate folders.

Upload Scripts Folder Structure

Step 2

Access the page where you want syntax highlighter to be enabled and go the ‘Edit Mode’.  Add ‘Content Editor Web Part’ to the page. This Web Part will contain the scripts that provides reference to the syntax highlighter code uploaded in SharePoint server.

Add Content Editor Webpart

Step 3

View the Web Part options by clicking on the ‘Modify Shared Web Part’ menu. Click on the ‘Source Editor’ and enter the scripts to call syntax highlighter.

Select Source Editor

<LINK href="/sites/Shared Documents/syntax/styles/shCore.css" type=text/css rel=stylesheet>
<LINK href="/sites/Shared Documents/syntax/styles/shThemeDefault.css" type=text/css rel=stylesheet>
<SCRIPT src="/sites/Shared Documents/syntax/scripts/shCore.js" type=text/javascript></SCRIPT>
<SCRIPT src="/sites/Shared Documents/syntax/scripts/shBrushJScript.js" type=text/javascript></SCRIPT>
<SCRIPT type=text/javascript>
    SyntaxHighlighter.config.clipboardSwf = '/sites/Shared Documents/syntax/scripts/clipboard.swf';
    SyntaxHighlighter.all();
</SCRIPT>

Note: Change the paths in the script if you have uploaded the syntaxhighlighter code in a different location

Step 4

Hide this Web Part by checking the ‘Hidden’ option.

Hide Layout

Step 5

Add 2nd Content Editor Web Part. This Web Part will contain the code which you want to highlight. Use the Source Editor and paste the code there.

Step 6

Wrap your code with the syntax highlighter wrapper codes, change the language value as per your code. Click Ok to view the syntax highlighted code

<pre class="brush: js">

Syntax Highlighter Info
App Name	Syntax Highlighter
License	free
Type	code
App URL
More Info	link

HTML Comparison Chart

Quick Install

1
2
3
4
5
6

<?php
    require_once '/path/to/htmlpurifier/library/HTMLPurifier.auto.php';
 
    $purifier = new HTMLPurifier();
    $clean_html = $purifier->purify($dirty_html);
?>

View Before-After XSS Filtering

View Demo: HTML Purifier

Download HTML Purfier : (More Info at: http://htmlpurifier.org/)