How to automate filling web forms and so?

iMacros is the Firefox add-on that you need to install in your Mozill Firefox browser. I read about how one guy (uberaffiliate.com) pwned Facebook using iMacros and made some cash. What he did is that he created around 500 Facebook accounts by automating Facebook new user sign-up form filling with a macro in iMacros! In iMacros you can record your activities using Record functionality, save it as a macro, edit it and play it as many times as you want. So you just need to record Facebook new user sign-up activity only once, and then copy+paste it inside macro as many times as you want.
What about email? It should be different each time. If you have registered domain, then it is easy! In order to use different email address each time, you just need to create one Email Forwarding account for your domain (abc@yourdomain.com) and make it “Catch All” account.

(GoDaddy.com Help) A catch-all email account is an address that is specified to receive all messages that are addressed to an incorrect email address for a domain. For example, you have three email addresses set up for coolexample.com; info@coolexample.com, sales@acoolexample.com, and webmaster@coolexample.com, you can set up info@coolexample.com as a catch-all email account. Then, any email messages sent to manager@coolexample.com (or any other invalid email address), are sent to the catch-all account (info@coolexample.com).

You can set up one email address as a catch-all account per domain name.

Once you install it, it will appear on the left side of the browser. It’s very easy to learn how to use it. There are 3 functions; Play, Record, Edit. After recording the macros, you can open it (by default it opens with Notepad), edit and save it. You can export info to CSV files as well.

Ways to use it;

1. Form Filler & Password Manager
2. Automated Download & Upload
3. Data Extraction, Web Scraping/Mining & Enterprise Data Mash-Ups
4. Web Testing
5. Social Scripting (Social Bookmarking)
6. and others (upto your imagination!)

I just started testing it, and already big fan of it!

Hint: (If you already haven’t thought about it yet) It can be used to generate traffic (pageloads) in your blogs (CPMs!!!), create repetitive affiliate referrals (you gotta play with macros a lot), and in many other evil ways. But I’m sure people on the other side are also smart enough to track it down. I do not recommend!

ossim plugins

If anyone has been playing with http://www.ossim.net/, it feels good to integrate your own stuff into it..

Here’s the small how to. Feel free to fix/correct it, criticize or otherwise;

$Id$by fygrave@gmail.com —————————————————————————————- 

This is brief unofficial OSSIM plugin howto document. For more details, look into agent code. This howtowill guide you through a process of integrating anew device by developing a plugin for OSSIMTo get started, go into /etc/agent/plugins/and open a file in editor. for example;

boo.cfg. This is the main plugin configuration file and also the heart of your “plugin”

[DEFAULT]# this is plugin ID. pick up a number that doesn’t cross with existing plugins.# plugin ID can be changed on the fly as you parse alert.

plugin_id=6001

[config]# there are other types of plugins. detector is what you’d usually want# (there’s also event, monitor)type=detectorenable=yes

# I think you can leave this one emptyprocess=boo# if you need to run anything whenever agent starts or stops, change this to yes and# put command lines in startup/shutdown filesstart=no ; launch plugin process when agent startsstop=no ; shutdown plugin process when agent stopsstartup=shutdown=

# could be snortlog, unix_socket, database, command, httpsource=loglocation=/var/log/boo.log

# create log file if it does not exists,# otherwise stop processing this plugincreate_file=false

# and now you can create as many parsing rules as you wish. each rule# has to have regexp entry and corresponding assignments to pass data to the agent

[01_boo_syslog]# our data looks like this:# data word identifierprotocolmessageclasssourceipportdstipportlogdataevent_type=eventregexp=^(\w+\s+\d{1,2}\s+\d\d:\d\d:\d\d\s+\d+)\s+\w+\s(\d+)\(\w+)\([^\]+)\(\w+)\(\d+\.\d+\.\d+\.\d+)\(\d+)\(\d+\.\d+\.\d+\.\d+)\(\d+)\([^\]+)\date={normalize_date($1)}# what happens here is server daemon is going to perform lookups whether such sid and# plugin ID exist in database. if it doesn’t. message will be dropped#plugin_id={$2}plugin_sid={$2}protocol={$3}src_ip={$6}src_port={$7}dst_ip={$8}dst_port={$9}userdata1={$5}data=message: {$4}priority=1log={$10}These are attributes in ACID db. You probably can use these at later point to create correlationdirectives.

possible fields are:

(from Event.py): EVENT_ATTRS = [ "type", "date", "sensor", "interface", "plugin_id", "plugin_sid", "priority", "protocol", "src_ip", "src_port", "dst_ip", "dst_port", "username", "password", "filename", "userdata1", "userdata2", "userdata3", "userdata4", "userdata5", "userdata6", "userdata7", "userdata8", "userdata9", "log", "data", "snort_sid", # snort specific "snort_cid", # snort specific ]

Shall your code require any additional parsing code in python, you can include it in Parser_util.pyfor example, and use it directly from your configuration file). for example:

plugin_sid={convert_mypluginsid($2)}

Further, you will need to create sid references in DB, to do this write a script (or do itmanually) and insert all the data into plugin_sid table in form:

insert INTO plugin_sid (plugin_id, sid, category_id, class_id, priority, reliability, name) values ( 6001, 3902, NULL, NULL, 1, 1, “Test code access”);

if message arrives from your plugin id and sid does not exist, the message will be dropped witherror message displayed in server.log: OSSIM-Message: sim_organizer_reprioritize: Error Plugin 6001, PluginSid 123

where 123 is the plugin_sid which doesn’t exist in DB.

I am not sure yet, why i don’t see the new plugin in policy/sensors, but you also may updateplugin table so your plugin appears on the configuration/plugins tab of the web frontend

Once your messages happily appear in ossim event tables, you can move on and create correlationrules.

You can create your own xml file and then include it from /etc/ossim/server/directives.xmlor you can modify existing files (generic, trojans, and so on). There’re example rules which are goodenough to get you started.

Here’s a sample rule which we can hack quickly.

That should be it