beraldo is currently certified at Apprentice level.

Name: Beraldo Leal
Member since: 2007-06-14 15:32:02
Last Login: 2008-08-15 15:08:58

FOAF RDF Share This

Homepage: http://www.beraldoleal.com

Notes:

I'm a Brazilian, living in Sao Paulo/SP who loves geek stuffs.

Recent blog entries by beraldo

Syndication: RSS 2.0

3 anos…

3 anos nesta selva de pedras, e longe da Terra do Sol.... :(
Saudades....

Syndicated 2010-11-21 19:32:09 from beraldoleal.com

10 Modular Blues Turnarounds and Introductions


After a long time without any post, so I decided to publish here links to the sheet music, tablature and midi file of 10 modular turnarounds and introductions of blues. That's right, I completely changed the main subject of the blog (geeky stuff), but music is for nerds too.

Here are the files to download, including lilypond source file.

Turnarounds.pdf
Turnarounds.ly
Turnarounds.midi

Enjoy!

Syndicated 2010-07-19 00:17:51 from beraldoleal.com

mutt + sidebar patch + postfix + vim + offlineimap + cron = MUA perfeito (para mim)

Fazia bastante tempo que eu queria voltar a usar o mutt, mas tinha perdido meus backups dos arquivos de configuração e estava sem tempo para configurá-lo novamente. Finalmente neste fds tive tempo para fazer a brincadeira funcionar com múltiplas contas. Depois eu posto aqui os arquivos de configuração.... (se me restar tempo...)

Mutt

Syndicated 2009-09-06 23:08:21 from beraldoleal.com

Grabbing and sending packets with Scapy (Scapy, part 2)

HI folk, in the last post (a long time ago), I write a short introduction to Scapy tool. With this post, I need, show to you, how grab and send packets with Scapy. This is a good way to develop tools to test any network application, such study Kaminsky's DNS flaw, since no talks about anything else on the Internet.

In scapy there are many methods to send or receive a packet in network. We have the families of commands, below:

  • Send family - Just send packets in layer 2 or 3.
  • Send and Receive family - Send packets in layer 2 or 3 and print or store results.
  • Sniff family - Receive packets in promisc mode and return them in a packet list.

This post is not intended as a reference for each of the families above. For more informations, execute lsc() in scapy and see Scapy doc.

You can see a sample of Sniff family in action, below (execute scapy as root):

>>> a=sniff(count=2)
>>> a
<Sniffed: UDP:2 ICMP:0 TCP:0 Other:0>
>>> a.nsummary()
0000 Ether / IP / UDP / DNS Qry "www.google.com."
0001 Ether / IP / UDP / DNS Ans "www.l.google.com."
>>> a[0].show()
###[ Ethernet ]###
dst= 00:03:99:89:83:a9
src= 00:1e:c9:1b:7b:da
type= 0x800
###[ IP ]###
version= 4L
ihl= 5L
tos= 0x0
len= 60
id= 12959
flags= DF
frag= 0L
ttl= 64
proto= udp
chksum= 0xd5af
src= 10.1.0.1
dst= 200.170.95.182
options= ''
###[ UDP ]###
sport= 54584
dport= domain
len= 40
chksum= 0x329c
###[ DNS ]###
id= 16628
qr= 0L
opcode= QUERY
aa= 0L
tc= 0L
rd= 1L
ra= 0L
z= 0L
rcode= ok
qdcount= 1
ancount= 0
nscount= 0
arcount= 0
qd
|###[ DNS Question Record ]###
|  qname= 'www.google.com.'
|  qtype= A
|  qclass= IN
an= 0
ns= 0
ar= 0
>>>

You can have many parameters in sniff() function, like a filter , timeout , an interface (iface ), and a function to apply to each packet (prn and lfilter ).

>>>  sniff(filter="udp and port 53", count=2, iface="eth0")
<Sniffed: UDP:2 ICMP:0 TCP:0 Other:0>
>>>

Sending a simple ICMP packet

>>> pkt=IP(dst="10.0.0.1")/ICMP()
>>> pkt
<IP  frag=0 proto=icmp dst=10.0.0.1 |<ICMP  |>>
>>> send(pkt,count=2)
..
Sent 2 packets.

Ok, this is a simple sample, I know, but you now can use your mind and play with Scapy.

Syndicated 2009-02-19 19:15:32 from beraldoleal.com

Grabbing and sending packets with Scapy (Scapy, part 2)

HI folk, in the last post (a long time ago), I write a short introduction to Scapy tool. With this post, I need, show to you, how grab and send packets with Scapy. This is a good way to develop tools to test any network application, such study Kaminsky's DNS flaw, since no talks about anything else on the Internet.

In scapy there are many methods to send or receive a packet in network. We have the families of commands, below:

  • Send family - Just send packets in layer 2 or 3.
  • Send and Receive family - Send packets in layer 2 or 3 and print or store results.
  • Sniff family - Receive packets in promisc mode and return them in a packet list.

This post is not intended as a reference for each of the families above. For more informations, execute lsc() in scapy and see Scapy doc.

You can see a sample of Sniff family in action, below (execute scapy as root):

>>> a=sniff(count=2)
>>> a
<Sniffed: UDP:2 ICMP:0 TCP:0 Other:0>
>>> a.nsummary()
0000 Ether / IP / UDP / DNS Qry "www.google.com."
0001 Ether / IP / UDP / DNS Ans "www.l.google.com."
>>> a[0].show()
###[ Ethernet ]###
dst= 00:03:99:89:83:a9
src= 00:1e:c9:1b:7b:da
type= 0x800
###[ IP ]###
version= 4L
ihl= 5L
tos= 0x0
len= 60
id= 12959
flags= DF
frag= 0L
ttl= 64
proto= udp
chksum= 0xd5af
src= 10.1.0.1
dst= 200.170.95.182
options= ''
###[ UDP ]###
sport= 54584
dport= domain
len= 40
chksum= 0x329c
###[ DNS ]###
id= 16628
qr= 0L
opcode= QUERY
aa= 0L
tc= 0L
rd= 1L
ra= 0L
z= 0L
rcode= ok
qdcount= 1
ancount= 0
nscount= 0
arcount= 0
qd
|###[ DNS Question Record ]###
|  qname= 'www.google.com.'
|  qtype= A
|  qclass= IN
an= 0
ns= 0
ar= 0
>>>

You can have many parameters in sniff() function, like a filter , timeout , an interface (iface ), and a function to apply to each packet (prn and lfilter ).

>>>  sniff(filter="udp and port 53", count=2, iface="eth0")
<Sniffed: UDP:2 ICMP:0 TCP:0 Other:0>
>>>

Sending a simple ICMP packet

>>> pkt=IP(dst="10.0.0.1")/ICMP()
>>> pkt
<IP  frag=0 proto=icmp dst=10.0.0.1 |<ICMP  |>>
>>> send(pkt,count=2)
..
Sent 2 packets.

Ok, this a simple sample, I know, but you now can use your mind and play with Scapy.

Syndicated 2008-08-28 14:20:24 from beraldoleal.com

16 older entries...

 

beraldo certified others as follows:

  • beraldo certified enerv as Journeyer
  • beraldo certified faw as Journeyer
  • beraldo certified terceiro as Journeyer
  • beraldo certified aurium as Journeyer
  • beraldo certified frolic as Journeyer

Others have certified beraldo as follows:

  • faw certified beraldo as Apprentice
  • frolic certified beraldo as Apprentice
  • chalst certified beraldo as Apprentice
  • lmvaz certified beraldo as Master

[ Certification disabled because you're not logged in. ]

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

X
Share this page