Sunday, June 9, 2019

DynamoDB Backup and Restore

If you are using DynamoDB on AWS and facing problem while importing and exporting it, here is solution for you.

In this solution, you need to download a python package from github and you can easily take backup of tables on your local or any s3 bucket.

1. Clone the dynamodump script from github.
git clone https://github.com/bchew/dynamodump.git

2. cd into the directory
cd dynamodump

3. Now you can take backup of one table, multiple or whole database.
Suppose you want to take backup of one table.
python dynamodump.py -m backup -r aws-region-name -s dynamo-tablename
In this case my aws region is us-west-1 and table name is users_profile.
python dynamodump.py -m backup -r us-west-1 -s users_profile
It will take backup of table users_profile in the directory name dump inside cloned directory dynamodump.

If you want to restore this table. Either you want to restore on local or you want to restore on AWS
a) To restore on local
python dynamodump.py -m restore -r us-west-1 -s users_profile
b) To restore on AWS
To restore table on AWS, you should have .boto file in your home directory with access and secret keys.
cat ~/.boto
[Credentials]
aws_access_key_id = AKIAJSIE27KKMHXI3BJQ
aws_secret_access_key = 5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39

aws_access_key_id or aws keys credentials should be configured, it is stored in ~/.aws/credentials 
cat ~/.aws/credentials
[default]
aws_access_key_id = AKIAJSIE27KKMHXI3BJQ
aws_secret_access_key = 5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39

These access and secret keys should have access to import table/database into DynamoDB of your AWS account
python dynamodump.py -m restore -r us-west-1 -s *

4. Similarly you can take backup of complete database as well as you can restore it.
python dynamodump.py -m backup -r us-west-1 -s *
It will take backup of all tables in the directory name dump inside cloned directory dynamodump.

If you want to restore all tables. Either you want to restore on local or you want to restore on AWS
a) To restore on local
python dynamodump.py -m restore -r us-west-1 -s *

b) To restore on AWS
To restore table on AWS, you should have .boto file with access and secret keys or .aws directory with credentials in your home directory.
python dynamodump.py -m restore -r us-west-1 -s *

5. If you want to take backup of dynamodb in your s3 bucket, your access and secret keys should have access to upload content in s3 bucket.
python dynamodump.py -m backup -r region-name -s * -a zip -b s3_bucket_name
In this case my aws region is us-west-1 and s3 bucket name is oculus-db-backup.
python dynamodump.py -m backup -r us-west-1 -s * -a zip -b oculus-db-backup
It will copy dump.zip in your s3 bucket. dump.zip content all exported json files of your dynamodb.

Source :
https://github.com/bchew/dynamodump

Sunday, May 12, 2019

Burp Suite - Not able to intercept android app

If your burp suite  was working fine for intercepting mobile application and suddenly it has stopped working. To fix this issue download latest burp suite from PortSwigger.net download section and install it.

If you are not able to intercept some mobile applications, the reason may be some of the applications are using https protocol and the application for which burp suite worked, it might be used http protocol.

To intercept traffic for mobile application with https APIs, run the burp suite and open it in browser.
Suppose you are running it on 8080 port (Default), open url http://localhost:8080 in browser.
It will look like this.



.der file will be downloaded. Convert the file into pem file
openssl x509 -inform der -in /root/Documents/cacert.der -out /tmp/burp.pem

Browse this pem file in your mobile device and add into 'Add certificate' option of your device. In android device, you can find the option under Settings > Security or Settings >  WLAN > More > Advanced > Install certificates
Once certificate will be installed, you may get notification about network monitoring.
Now try to intercept the app again, it should work fine.

Note : This tutorial is for ethical penetration testing purpose.

Ubuntu Firefox and Chrome - Read History on Command Line

You are very habitual of command line and you do most of your tasks like copying data, report generation, analyzing logs using terminal, you must have thought before if there is a way to read history of browser using command line.

Well yes there is definitely a way to complete this task. Browsers save the history in sqlite files. If you know basic queries of SQL, you can read history on terminal.

Firefox History using Terminal
cd ~/.mozilla/firefox
There must be a folder name with random string. Something like c18jclvi.default
cd ~/c18jclvi.default
You can find the sqlite file here i.e. places.sqlite.
Copy this file somewhere else like /tmp, If you use the file in firefox directory you may get "Error: database is locked" 
Open sqlite command prompt using following command.
sqlite3 /tmp/places.sqlite
To list all tables, run query
sqlite> .tables
You can find the url history in table moz_places.
sqlite> select * from moz_places;

To decode timestamp, first find the timestamp in the row. Usually 10th column is timestamp's column.
Divide this number buy 1000000. Now run command
date -d @1557653257.768815
It will display the correct date and time of this visited url.

Chrome History using Terminal
Similarly you can display chrome browser history in terminal.
cd ~/.config/google-chrome/Default
Copy filename History in some other place like /tmp. If you use the file in Chrome directory you may get "Error: database is locked" 
sqlite3 /tmp/History
To list all tables, run query
sqlite> .tables
You can find the url history in table urls.
sqlite> select * from urls;