RSS

Monthly Archives: April 2017

Install Gnuplot

Basics of  how to install gnuplot and draw a basic graph with

-title

-x and y axis labelled

-legends

-giving color to the line

– drawing multi-lined graph

Installation

On ubuntu 14.04

1. $ sudo apt-get update

2. $sudo apt-get install gnuplot

3. $sudo apt-get install gnuplot-x11

Run gnuplot

$gnuplot

Draw a simple graph. Eg. A .txt file with two columns. First column having x-axis values. Second column having y-axis values.

$ plot ‘<filename.txt>’ with line

Few settings

Few of the following setting can be done to provide title, x-axis and y-axis labelling and to provide legends. once you have typed $gnuplot on your terminal and got a gnu prompt do the following according to your need.

set title “Title goes here” font “,14” textcolor rgbcolor “someColor”
set timefmt “%y/%m/%d”
set xlabel “time”
set ylabel “sales”
set pointsize 1
Now plot the graph. Say the file name is plot.dat. Type the following command.
>plot “plot.dat” using 1:2 with lines
to draw more then one graph in one plot do the following
>plot ‘<path to file1>’ with lines, ‘<path to second file2>’ with lines
That’s about it for now!
 
Leave a comment

Posted by on April 8, 2017 in Uncategorized

 

Spoofing DNS packets using raw sockets:

The environment needed to let the code do its job is something which I am going to discuss in the following section. The following steps are just for testing purpose. C code for packet sniffing and spoofing can be found at my github repository or any online site or yeah code it out 🙂 (You have ample online help)

For sniffing and spoofing packets of another system:

Install a virtual box or VMware. Set up two VM on this. I have installed Ubuntu 14.04 on both the VMs.

Run the VMware from host in root mode to allow certain permissions as following:

$ sudo vmware

Let us call our two VMs as Alice and Bob. Here Alice will play the role of server which will sniff all the packets in its network in promiscuous mode and then spoof them. Bob will act as the victim machine.

Go to Alice machine. Change Alice in promiscuous mode by running the following command on terminal

$ sudo ip link set eth0 promisc on

Check if it is in promiscuous mode by typing following command:

1. $netstat -i

output:
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 3687 0 0 0 2924 0 0 0 BMPRU
lo 65536 0 849 0 0 0 849 0 0 0 LRU

I have italicised and made letter ‘P’ bold in “BMPRU” to show that promiscuous mode is on. So now Alice can see all the traffic travelling through the virtual switch.

Now, just run the packet sniffing and spoofing code on Alice.

$gcc <filename> <actual-IP-searched> <spoofed-IP> or

$gcc <filename> <all[all-the-website-searched]> <spoofed-IP [all-website-search-will-result-in-this-IP]>

$./a.out

Switch to victim machine named Bob. Open a browser and google for some site. Hopefully if the code running at Alice is correct, the search done at Bob wont get you the correct webpage. Instead it will redirect it to a website Alice wants (if the code at Alice works that way.).

In case it takes way to long to load the redirected webpage which Alice’s code is intending to redirect to on Bob machine do following steps to check if the packet spoofing was successful:

1. Open terminal on Bob machine.

2. Type command $dig <the-website-searched>

3. If the I.P address Alice’s code is trying to redirect to is found towards the end of the result of the above command then that means packet spoofing has happened just that the browser is unable to load that particular site.

Done!

 
Leave a comment

Posted by on April 7, 2017 in Uncategorized