HowTos Linux Network Scanners Penetration Testing

How to install and use PScan – Free Multithreaded TCP Port Scanner

What is PScan?

PScan is a multi-threaded port scanner that can scan 65535 port numbers. It is very efficient, super fast compare to Nmap but provide a limited set of features.

Features :

  • Perform SYN scan
  • Define port ranges to scan (by default attempt to scan all)
  • Resolves port number to known services.

How to install PScan?

There isn’t any binary available for PScan so we have to compile it from the source code. Before compiling it, you need to make sure you have libpcap library installed at your system.
This HowTo can be followed for any linux distro e.g CentOS, BackTrack, LinuxMint etc.
aptitude install libpcap-dev

cd /tmp/
cd threaded-syn-port-scanner-2.0/
cp -a pscan /bin/

It is cooked.

Now simple run;

How to use PScan?

PScan can be use with following options;

Example :
pscan -p 1-65535 -n 20 -w 2000 -r -M

-p : Define port ranges
-n : Number of threads that runs ports scan
-w : Max time to wait for next port scan
-r : If you want to resolve port number to known service name e.g 53 # DNS
-M : Lookup for Mac Address.

Note : You must provide IP address to scan it. You can use nslookup or dig command line utility.

If you have any question or suggestion feel free to comment.

HowTos Linux

Install Mod_Proxy Apache module on WHM/CPanel CeEntOS Linux Server Without Recompiling Apache

Scenario :
Our client required mod_proxy module for their application. Apache is already installed on WHM/CPanel CentOS Linux Server that run few websites. We thought recompiling Apache is not a good option that will require a down time for maintenance window and a small error can put our contract at risk and lost for our client.

What is ModProxy?

Mod_proxy is an Apache module that implements a proxy for your Apache web server. It is divided into further modules for different purposes. For example mod_proxy_http, mod_proxy_connect, mod_proxy_ftp, mod_proxy_ajp, mod_proxy_balancer. In our case we will compile few of them that are required for our application.

Installation :

Check Apache current version :

/usr/local/apache/bin/httpd -v

Output :
Server version: Apache/2.2.19 (Unix)
Server built: Jul 4 2011 06:24:27

Go to and pick your matched apache version. In our case it is Apache 2.2.19

cd /tmp/
tar -jxvf httpd-2.2.19.tar.bz2
cd httpd-2.2.19
./configure --enable-mods-shared="proxy proxy_http proxy_connect"

Note : You can add additional mod_proxy modules inside inverted commas.
In our case "proxy proxy_http proxy_connect"

cd modules/proxy/
/usr/local/apache/bin/apxs -i -a -o -c mod_proxy.c proxy_util.c
/usr/local/apache/bin/apxs -i -a -o -c mod_proxy_http.c proxy_util.c
/usr/local/apache/bin/apxs -i -a -o -c mod_proxy_connect.c proxy_util.c
/etc/init.d/httpd restart

Installation is completed.

You can verify modules under Apache modules directory.

ls -l /usr/local/apache/modules/mod_proxy*

Output :

If you have any question, feel free to comment below.

HowTos Linux Troubleshootings

iconv php extension installation without recompiling PHP

Overview :
Installing a single php extension without recompiling PHP is never been a difficult job but most of the people doesn’t know it which leads to re-compile whole php.. In this article i will explain how can you add new php extension without recompiling whole php.

In our example, i will tell you how can you add iconv php extension without recompiling PHP.

A sample error for iconv php extension which was not installed
Fatal error: Call to undefined function iconv() in /some/path/file.php line 12

iconv php extension necessary configuration & compilation :
View current php version
php -v

Output :
PHP 5.2.13 (cli) (built: Jun 23 2010 04:49:30)
Copyright (c) 1997-2010 The PHP Group

Downloading the same php version source code from
cd /tmp/
tar -jxf php-5.2.13.tar.bz2
cd php-5.2.13/ext/iconv

Prepare php extension to compile it.

Output :
Configuring for:
PHP Api Version: 20041225
Zend Module Api No: 20060613
Zend Extension Api No: 220060519

make install

You can can see iconv php extension is installed under php extensions directory:
ls /usr/local/lib/php/extensions/no-debug-non-zts-20060613/

Enable iconv PHP extension in php.ini
echo "" >> /usr/local/lib/php.ini

Verify iconv :
php -i | grep -i "iconv support"

iconv support => enabled

HowTos Linux Troubleshootings

How to enable mod_rewrite module in apache2.2 on Ubuntu/Debian/backtrack 5

BackTrack 5 is the most popular Penetration testing among Security Analysts. We have also been using it for a very long time.

Today we were testing one application on our back track 5 Linux. It has Apache installed but with a limited modules. I couldn’t access any page of my application because all URLs were rewritten using mod_rewrite. I performed following troubleshooting and finally installed mod_rewrite module.

mod_rewrite module is actually available under back track 5 Linux, but you 
have to just activate it.

How to check module if it is already available?

Module path :
ls -l /usr/lib/apache2/modules/

Module config path :
ls -l /etc/apache2/mods-available/rewrite.load

How to Enable mod_rewrite now?

a2enmod rewrite

Output :
Enabling module rewrite.
Run ‘/etc/init.d/apache2 restart’ to activate new configuration!

Restart Apache
/etc/init.d/apache2 restart

Test you application, all URLs that is rewritten should work now!

HowTos Linux Penetration Testing Security Reconnaissance

How to use SlowHTTPTest HTTP DoS Tool

Introduction :
Slow HTTP DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. SlowHTTPTest is developed by Sergey Shekyan, Who is  Developer Web Application Scanning at Qualys.

This tool is enough capable to acquire resource on server side at application layer.

How to Install SlowHTTPTest?
gunzip slowhttptest-1.1.tar.gz
tar xf slowhttptest-1.1.tar
cd slowhttptest-1.1

Configure & Compile it. You can use custom –prefix=your-location
make install

How To Use SlowHTTPTest for DoS?
slowhttptest -c 1000 -B -g -o output-file-name -i 100 -r 300 -s 10240 -u -x 20

Detailed options :

-a start start value of ranges-specifier for range header test
-b bytes limit of range-specifier for range header test
-c number of connections limited to 1024
-H, B, or R specify to slow down in headers section or in message body.
            -R enables range test
-g generate statistics in CSV and HTML formats, pattern is slow_xxx.csv/html,
   where xxx is the time and date
-i seconds interval between follow up data in seconds, per connection
-l seconds test duration in seconds
-o file custom output file path and/or name, effective if -g is specified
-r connections per second connection rate
-s bytes value of Content-Length header, if -B specified
-t verb custom verb to use
-u URL target URL, the same format you type in browser, e.g https://host:port/
-v level verbosity level of log 0-4
-x bytes max length of follow up data

Troubleshooting :

configure: error: OpenSSL is missing

Install openssl devel package on backtrack(or any debian based distro)
aptitude install libssl-dev

On CEntOS Linux :
yum install openssl-devel

SlowHTTPTest Video Tutorial :

HowTos Linux

How to use PTCL EVO USB device on Linux?

We have already written a brief How To use worldcall USB on Linux.

To use PTCL Evo device on Linux, follow the  previous HowTo  and  update the username/password in /etc/wvdial.conf as follows;

vi /etc/wvdial.conf

Update following;

Username =
Password = wcall


Username =
Password = ptcl

and run;