Another bit of wisdom

I just have one windows vm on my Mac. It's Windows 7 and I want to run my favorite hacking tools on it. My favorite of the favorite tools is Wikto. I especially like the Googlehacking database included in it. This will rapidly search Google for vulnerable systems. You can use it to break in, or to find problems on your own web site. Anyone who works in vulnerability management, as I do, should know how to use it.

To use Wikto for Googlehacking, you have to have an api running that lets Google know you're doing it on purpose and you're not malware. There are viruses and trojans that hijack computers to do these queries and Google is a good citizen and blocks them.

Sensepost has an api called Spud that will let you run a query on a website through Wikto. Starting Spud is tricky in Windows 7. You have to open up a command prompt as administrator, change to the sensepost spud directory and run \bin\spud.exe. You can't run it from the bin directory, just the directory above it.

Bricked Netgear WNDR3700

I am going to have to get a new tshirt. Thinkgeek has one that says "I void warranties". I need a shirt that says "I brick wireless routers".

Until a few minutes ago I had a bricked Netgear WNDR3700 wireless router. I also have a bricked Linksys router, I'll try to restore it next and post instructions if I have success restoring it too.

I have tried the tftp restore instructions on both routers with no success. The netgear was in a continuous reboot cycle and the put command just timed out. I was able to use the Netgear firmware restore utility to restore the firmware eventually. Here are the steps:

1. Get the Netgear installation CD. If you're like me and can't find it, download the Windows 7 version from the Netgear website at http://www.netgear.com/win7. Extract it on a Windows 7 machine (I used a virtual machine on my Mac in VMware Fusion). Set up a static ip address on your physical network port on the 192.168.1.0/24 network, plug a network cable into your workstation port and then in port 1 of the router. It helps to turn off your wireless on your workstation while you do this or you can have trouble only talking on the network cable.

2. Do the 30-30-30 hard restart on your router. Make sure your router is plugged in to power and connected to your workstation. Use a straightened paperclip and press and hold the reset button for 30 seconds on the router. Still pressing the reset button, pull out the power cord from the router. Hold the reset button for another 30 seconds and then plug the router back in while still holding the reset button and hold the reset button for another 30 seconds while the power is restored.

3. Now you should see 2 green lights on the router. There will be a steady green light on the port you're plugged into and a slowly blinking green light about it. This means it has corrupt firmware but it's waiting and available for upgrade. If you don't see this, run the 30-30-30 restart again. I had to do it twice.

4. Start the firmware upgrade utility. It should detect the router and reload the firmware. Follow the instructions on the screen and you should have a functional router in a few minutes!