This time on the show, automating interactive tasks in Linux, preventing your browser sessions from being tracked, graphical command line disk usage utilities, and pushing hex over TCP with Echo. All that and more this time on Hak5!

Download HD Download MP4

Empty instead of Expect

Empties Source Forge page at empty.sf.net describes the utility as one that provides an interface to execute and interact with processes under pseudo-terminal sessions. This is pretty cool because you can use it to program shell scripts which communicate with interactive programs like telnet, ftp or ssh.

And while TCL/Expect does the same thing, empty may be a better choice because it can be invoked directly from the shell, it doesn't require TCL, perl, python or any other language, it's super small and simple and has already been ported to most *nix flavors.

Installation is pretty simple, either download the source from empties website, untar it and ""make all install clean"", or grab it from your repo. In ubuntu that's apt-get install empty-expect

The cool thing about the way it works is that everything is based on files.

empty -f -i input.fifo -o output.fifo -p empty.pid -L empty.log ssh
root@localhost
empty -w -i output.fifo -o input.fifo continue 'yn'
empty -w -i output.fifo -o input.fifo assword 'lamepasswordn'
empty -w -i output.fifo -o input.fifo root@ 'topn'

Disconnect.me

With all the privacy issues we've been hearing about lately, (Facebook's always strange updates; Google's new policy, etc), it almost seems impossible to keep your private data private!

We always hear about those problems we face with third party advertisers, cookies, and social search results, but it seems like everyone gets all up in arms about it, but almost no one goes on the defense and stops it from happening. Sure, people like you and me know how to disable cookies and we've deleted our cache's and search results in Google but we still have to teach the masses how to do it as well.

We still have a friend in the world who cares by the name of Disconnect, a company that was founded by a couple of ex-Googlers, Brian Kennish and Austin Chau, with Casey Oppenheim.

So what are they doing? Well, Disconnect is working on making your private data private again by disabling sharing with third parties and soon customizing your ability to share with whom you want.

How does it work? Disconnect is a small add-on for your browser (for me, Chrome) that you can find in your browser's webstore. Disconnect works in the background, seemlessly blocking the collection of your searches, sites visited, etc from Google, Twitter, Facebook, Digg, and Yahoo. It'll even let you depersonalize searches on Google and Yahoo by blocking cookies while you're still logged in.

You can unblock services too, just by clicking on the icon, in case you want to play a game on facebook that requires it or you have trouble getting to certain services when they're blocked. They've been having some bugs with Google accounts not working right when blocked, but so far I haven't had any problems myself. But this extension does peak my interest as well as suspicions. Does it really block cookies and private data sharing? According to their privacy policy it does.

Hex over TCP with Echo and Netcat

Ever needed to send some hex in TCP form over to a port on an IP?
Well, you can do that with Echo and Netcat.

echo -n -e ""x01x18x03"" | nc 10.73.31.1
80

The -n supresses outputting the trailing newline. The -e enables the interpretation of backslash escapes -- allowing us to send hex codes.

This can be pretty useful if, say, you reverse engineered your friends alarm system by doing a little packet capture and analysis and found that the entry system relies on a series of vendor hard-coded 3 bit packets. Security folks, it's not just for the WOPR folks.

Disconnecting TCP sessions with Ngrep

While Disconnect.me is pretty slick, and open source to boot, Darren prefers to use as few browser extensions as possible, and to that end demonstrates a command line trick for performing a similar function.

ngrep -q -d any 'facebook.com' -K 10

Of course the regular expression can be expanded to include more domains and probably prettied up for performance. The important bit here is that the -K option will kill TCP connections matching the expression.

If you're into Hak5 you'll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!

Whether you're a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let's not forget to mention that you can follow us on Twitter and Facebook, Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at HakShop.com. If you have any questions or suggestions please feel free to contact us at feedback@hak5.org.

Youtube Description (No HTML):

This time on the show, automating interactive tasks in Linux, preventing your browser sessions from being tracked, graphical command line disk usage utilities, and pushing hex over TCP with Echo. All that and more this time on Hak5!

If you're into Hak5 you'll love our new show by hosts Darren Kitchen and Shannon Morse. Check out http://www.revision3.com/haktip

Whether you're a beginner or a pro, http://www.revision3.com/haktip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let's not forget to mention that you can follow us on http://www.twitter.com/hak5 and http://www.facebook.com/technolust, http://revision3.com/hak5/subscribe to the show and get all your Hak5 goodies, including the infamous http://hakshop.com/collections/frontpage/products/wifi-pineapple over at http://hakshop.com . If you have any questions or suggestions please feel free to contact us at feedback@hak5.org.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

3 Comments

  • Is it possible to use ngrep -q -d any 'facebook.com' -K 10 with multiple domains?
    This would be great to keep me on task at school, no facebook and twitter.

  • restrictedbytes 2 years ago

    a little late but if you want to block multiple sites you can do:
    ngrep -d -q any ‘facebook|twitter|myspace|’ -K 10

  • Well I tried to block multiple sites on the network, by using:

    ngrep -d -q any ‘facebook|twitter|myspace|’ -K 10

    I found it was flooding my network and I was not able to surf any website.

    Then, I just modified the command as given below and found it was working perfectly..

    ngrep -d -q any ‘facebook.com|twitter.com|myspace.com’ -K 10

    Hope it would be useful for other too. :)