Install Shotwell Photo Manager in Ubuntu

Shotwell is a digital photo organizer that runs on Linux. Shotwell is an efficient photo organizer designed specifically for the GNOME desktop. It can edit, sort, import, and organize the image collection of the users in fast and secure manner.

What's new in this Release:

• Raw and enhanced image - It’s smarter at keeping paired images together now.


• Better reporting and options to save the details, if something fails.


• Shotwell using new Facebook Graph API‘d


• New types of circular, checkboardular, nifty new wipes.


• Along with all this come many bugs fixed, UI nits squashed and glitches – now fixed.

Shotwell offical Site : http://www.yorba.org

To install shotwell in Ubuntu/Linux Mint

• sudo add-apt-repository ppa:yorba/ppa


• sudo apt-get update


• sudo apt-get install shotwell

Dorking with Fimap in BackTrack 5 R3

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable.

The goal of fimap is to improve the quality and security of your website.

Quick News for SVN and upcoming versions

• Bing searching module implemented in SVN! Currently broken :-O


• SSH-Logfiles can now be scanned and exploited through SSH username!


• You can now define which target to exploit and execute shell commands without the interactive exploit interface! (FimapNonInteractiveExec)


• New experimental fallback plugin which you can try when just /etc/passwd (or any other only-readable file was found. (FimapPhpInfoExploit)


• New fallback plugin for windows victims! (FimapFindFirstFileExploit)

what works currently?

• Check a Single URL, List of URLs, or Google results fully automaticly.


• Can identify and exploit file inclusion bugs.
  
  
  
  • Relative\Absolute Path Handling.
  
  
  • Tries automaticly to eleminate suffixes with Nullbyte and other methods like Dot-Truncation.
  
  
  • Remotefile Injection.
  
  
  • Logfile Injection. (FimapLogInjection)
  
  
  
  


• Test and exploit multiple bugs:
  
  
  
  • include()
  
  
  • include_once()
  
  
  • require()
  
  
  • require_once()
  
  
  
  


• You always define absolute pathnames in the configs. No monkey like redundant pathes like:
  
  
  
  • ../etc/passwd
  
  
  • ../../etc/passwd
  
  
  • ../../../etc/passwd
  
  
  
  


• Has a Blind Mode (--enable-blind) for cases when the server has disabled error messages. BlindMode


• Has an interactive exploit mode which...
  
  
  
  • ...can spawn a shell on vulnerable systems.
  
  
  • ...can spawn a reverse shell on vulnerable systems.
  
  
  • ...can do everything you have added in your payload-dict inside the config.py
  
  
  
  


• Add your own payloads and pathes to the config.py file.


• Has a Harvest mode which can collect URLs from a given domain for later pentesting.


• Goto FimapHelpPage for all features.


• Works also on windows.


• Can handle directories in RFI mode like:
  
  
  
  • <? include ($_GET["inc"] . "/content/index.html"); ?>
  
  
  • <? include ($_GET["inc"] . "_lang/index.html"); ?>
  
  
  • where Null-Byte is not possible.
  
  
  
  


• Can use proxys.


• Scans and exploits GET, POST and Cookies.


• Has a very small footprint. (No senseless bruteforcing of pathes - unless you need it.)


• Can attack also windows servers! (WindowsAttack)


• Has a tiny plugin interface for writing exploitmode plugins (PluginDevelopment)
  
  
  
  • Check out the PHPInfo() Exploit plugin: FimapPhpInfoExploit
  
  
  
  


• Non Interactive Exploiting (FimapNonInteractiveExec)

what doesn't work yet?

• Other languages than PHP (even if engine is ready for others as well.)

VIDEO :

Install and enable XScreensaver in ubuntu 12.04.2

XScreenSaver is the standard screen saver collection shipped on most Linux and Unix systems running the X11 Window System. I released the first version in 1992. I ported it to MacOS X in 2006, and to iOS in 2012.On X11 systems, XScreenSaver is two things: it is both a large collection of screen savers; and it is also the framework for blanking and locking the screen.On MacOS systems, these screen savers work with the usual MacOS screen saving framework (X11 is not required).On iOS devices, it is an application that lets you run each of the demo modes manually.

XScreenSaver is a collection of about many free screensavers for Linux.

sudo apt-get remove gnome-screensaver
sudo apt-get install xscreensaver xscreensaver-gl-extra xscreensaver-data-extra

create file for autostart enter following command in terminal:

sudo gedit /etc/xdg/autostart/screensaver.desktop

after that copy and paste the following code in file:

[Desktop Entry]
    Name=Screensaver
    Type=Application
    Exec=xscreensaver -nosplash

Save and Exit the file.

VIDEO :






 

Python Reverse shell

simple reverse shell written in Python (BSIDESLV and Defcon 20 Demo)

Download Python Reverse shell - http://adf.ly/LVvor

VIDEO :