Meet the neighbors



Several months have passed after my first proposal but now ip_map has become an official auxiliary module of metasploit. They probably didn't like proposed name and decided to rename it into ipv6_neighbor. I think it was a good decision because the *map names has been used too much in past years (E.g nmap ... and of course: sqlmap).





Thanks to offensive-security for quickly adding an ipv6 discovery section in theirMetasploit Unleashed. If you want to know more about ipv6 insecurities I strongly suggest the excellent paper from Antonio Merola.

Pulse: Data Visualization with gruff



I spent yesterday night looking for a way to display the data collected by Pulse. After hard googling the web i found a beautifull gem called gruff. Plotting data with gruff is simply amazing and results in great quality graphs as you can see:



You can find my plot script inside Pulse@github. Have a look!

Pulse!


Pulse is a small framework for quickly building network probes and collect response time. Pulse is not intended to monitor complex networks or to replace most advanced tools such as Cacti. It's just a use to monitor response time variances on small amount of time. Right now there are two available probes: ICMP and HTTP but more are coming soon and little effort is required to build new ones from scratch. Let'see some examples.


ICMP Probe:


require 'pulse'
include Pulse

ICMP.pulse(:target => '192.168.1.1', :count =>5, :round_trip => 5) do |probe|
probe.on_fail do |echo|
Pulse::STDERR.report echo
end

probe.on_pulse do |echo|
Pulse::STDOUT.report echo
end
end



HTTP Probe:


require 'pulse'
include Pulse

HTTP.pulse(:target => 'http://localhost/', :count =>5, :round_trip => 5) do |probe|
probe.on_fail do |echo|
Pulse::STDERR.report echo
end

probe.on_pulse do |echo|
Pulse::STDOUT.report echo
end
end
end


A real HTTP Prober should take care of HTTP Response as well. Let'say we want to say alive! if and only if strings 'works' is contained on HTTP response (body) message:


require 'pulse'
include Pulse

HTTP.pulse(:target => 'http://localhost/', :count =>5, :round_trip => 5) do |probe|
probe.grep 'works'

probe.on_fail do |echo|
Pulse::STDERR.report echo
end

probe.on_pulse do |echo|
Pulse::STDOUT.report echo
end
end


To collect round-trip time values pulse provides a SQLite3 Mixin module called Pulse::DB:


require 'pulse'
include Pulse

Pulse::DB::open('HTTP_pulse.sqlite')
HTTP.pulse(:target => 'http://localhost/', :count =>5, :round_trip => 5) do |probe|
probe.on_fail do |echo|
Pulse::STDERR.report echo
end

probe.on_pulse do |echo|
[Pulse::STDOUT, Pulse::DB].each do |r|
r.report echo
end
end
end


The consistency of the Database is guaranteed by an at_exit{ } charged to close DB which in turn will gracefully handle script termination.

Pulse @ github

Thinking Functionally In Ruby


What functional programming is ?
Why it's a "pretty neat idea" ?
How to adopt functional programming principles in Ruby ?

Four Bash built-ins


About a week ago i decided to read again the mighty Advanced Bash Scripting Guide. Here follows some notes about four of its (funny) built-ins.


Truncate a file
belch@graal:~$ > file

How does it works?

belch@graal:~$ strace -efile -f bash -c '> file'

.....

open("file", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 3


Comma separator
belch@graal:~$ t1=0
belch@graal:~$ let t1="t1++, t1+2"
belch@graal:~$ echo $t1
3

Comma separator links together arithmetic expression but only last is returned. On previous example it start by incrementing t1 then sum 2. As you can guess result is 3.


Nop
Believe it or not Bash has a 0x90 builtin. It's the placeholder :

belch@graal:~$ :
belch@graal:~$ echo $?
0


Stacking dirs
belch@graal:~$ cd /home/belch
belch@graal:~$ echo ~+
/home/belch
belch@graal:~$ cd /tmp
belch@graal:~$ cd ~- # ~- get expanded in previous working directory
belch@graal:~$ pwd
/home/belch