Microsoft hardening tool with graphical user interface
•September 3, 2010 • Leave a CommentgBridge – poke holes through those firewalls
•August 26, 2010 • Leave a CommentRating: Functionality-7/10 Ease of use: 8/10 Usability: 9/10
This week I’ve been testing Gbridge. Gbridge is a (currently free) extension to Google’s Gtalk network service for Windows 2000/XP/Vista/7. Installed as an agent, it will automatically create a VPN tunnel between other computers running Gbridge and logged in under the same gTalk account. You can also extend the VPN to Gtalk friends by invitation. Gbridge also has some nifty features such as folder synchronization, remote desktop share (VNC), automatic backup, live browsing, chat, and tunneling of RDP and other TCP/UDP protocols. Gbridge also integrates with Google Apps accounts, making it easy to create VPN within organizations that utilize Google Apps.
APPLICATION SUPPORT: I tested several applications over Gbridge such as RDP, NetBIOS shares, FTP and even a little NMAPpery — everything worked like a champ. Gbridge has built in firewall functionality, allowing you to allow/block traffic to and from other Gbridge clients logged in under your gTalk account as well as specific firewall rules for connections to other gTalk friends’ computers.
THROUGHPUT: Gbridge will, like many p2p platforms, try to establish direct connections between Gbridge clients, even if behind a NAT device using some UDP NAT traversal tricks. If for some reason it cannot traverse the NAT device(s), it will use Gbridge servers as a proxy, or you can manually setup port forwarding. In my testing between my house (7Mb DSL) and the office (10MB fiber) I got a respectable 2.5Mb throughput using CIFS copy and about the same using the built in SecureShare HTTP copy. Not bad for NAT traversal.
SECURE SHARES: Want to share a folder or group of folders out to your gTalk friends? Not a problem. The Gbridge pointy-clicky interface allows you to share a folder with other PCs logged in under your gTalk account; individuals friends accounts; and apply file filtering rules and additional password protection. Very nifty for a quick file transfer or leeching.
AUTOSYNC and BACKUPS: Quickly becoming one of my favorite functions. Setup a SecureShare on one or more of your GBridged computers, and you can “AutoSync” it at will. Great for syncing work/home files or pwning a headless server. Not as elegant as ncat, but workable and everyone allows access to google servers these days. Backups work much the same way — a one-way sync of a SecureShare. Fast and easy DR/COOP.
CAVEATS: if you have a host firewall or Host-based intrusion prevention service like eEye Blink, be sure you pre-configure rules to allow gBridge to do its thing. When I was testing the utility, I forgot to disable the firewall service before I left for work and as a result when I tried to connect from the office, the connection failed because Blink was popping up dialogs on my home PC asking if it should allow the inbound connection.
Software Security space exceeds $500MM
•August 16, 2010 • Leave a CommentThe software security space exceeded the $500 million mark in 2009. Software security expert Gary McGraw examines the tools providers and services firms to find out how quickly the market is growing, and which parts of the market are driving growth.
http://www.cigital.com/justiceleague/2010/08/16/software-security-crosses-the-threshold-in-2009/
VentureBeat – a hidden gem of developments in IT
•August 15, 2010 • Leave a CommentNot sure why I never stepped on this before: This is a well managed aggregrated news site + original content http://venturebeat.com/
Metasploit To Get More Powerful Web Attack Features
•August 4, 2010 • Leave a CommentWeaknet linux penetration testing distro
•August 4, 2010 • Leave a CommentWeakNet Linux is designed primarily for penetration testing, forensic analysis and other security tasks. WeakNet Linux IV was built from Ubuntu 9.10 which is a Debian based distro. All references to Ubuntu have been removed as the author completely re-compiled the kernel, removed all Ubuntu specific software which would cause the ISO to bloat, and used a non-Ubuntu-traditional Window Manager, with no DM. To start X11 (Fluxbox) simply type “startx” at the command line as root.
Spoof a cell tower for $1500. Monitor calls.
•August 4, 2010 • Leave a CommentWell, 2G ATT and TMobile anyway. Over at Wired
~40,000 vulnerabilities in SCADA systems
•August 4, 2010 • Leave a CommentHey, it’s not like you could bring down the grid or anything. #root #fail Pop over to SC Magazine
Microsoft ICE – photo stitcher
•August 3, 2010 • Leave a CommentOne of my new favorite toys. One use: pop a client site, take a round of photo’s, show a panorama of pwnage http://research.microsoft.com/en-us/downloads/730cd6bb-6450-4e66-8101-a94e71cb0779/default.aspx
Gbridge – remote desktop share, filesync, etc. over Google Talk
•August 1, 2010 • Leave a CommentI like free. http://www.gbridge.com/
Gbridge is a free software that lets you remotely control PCs, sync folders, share files, and chat securely and easily. An extension of Google’s gtalk service, Gbridge automatically forms a collaborative, encrypted VPN (Virtual Private Network) that connects your computers and your friends’ computers directly and securely with patented technology. Gbridge has many unique features.
DesktopShare(VNC): Access your computer desktop remotely or share your desktop with your friend from anywhere in the world. Gbridge automatically traverses firewalls and NATting routers without the need for configuration!
SecureShare: Securely share files among your own computers, so you can remotely access your files, e.g. play mp3 , with ultimate privacy. Securely share files to your designated friend, so the selected friend can instantly view the auto-generated photo thumbnails and slideshow remotely. No web upload/download needed!
AutoSync: Transfer large files and synchronizing folders to and from anywhere has never been easier. AutoSync supports auto-schedule, auto-resume, incremental transfers and no size restrictions!
EasyBackup: Setup an auto-recurring backup of your important folder to a local or remote PC is as easy as 1-2-3!
Droid Rooting
•July 31, 2010 • Leave a Comment**Remember, these roots simply give you system file access and the ability to tweak a few other things — NOT install/flash custom roms, kernels, etc.
- Droid X (Birdman method) - http://alldroid.org/Default.aspx?tabid=62&g=posts&m=6151&#post6151
- Droid X (1-click) http://alldroid.org/Default.aspx?tabid=40&g=posts&t=553 and download DroidXRoot.zip
The 2010 Verizon Data Breach Report is Out
•July 29, 2010 • Leave a CommentYMMV. Includes info from the Secret Service and some of their cases. Not much changed from previous years.
Who is behind Data Breaches?
- 70% resulted from external agents
- 48% caused by insiders
- 11% implicated business partners
- 27% involved multiple parties
How do breaches occur?
- 48% involved privilege misuse
- 40% resulted from hacking
- 38% utilized malware
- 28% involved social tactics
- 15% comprised physical attacks
What commonalities exist?
- 98% of all data breached came from servers
- 85% of attacks were not considered highly difficult
- 61% were discovered by a third party
- 86% of victims had evidence of the breach in their log files
- 96% of breaches were avoidable through simple or intermediate controls
- 79% of victims subject to PCI DSS had not achieved compliance
Jump over to Verizon for the report: http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf
Plainsight: Open Source Computer Forensics
•July 27, 2010 • Leave a CommentWindows zero-day exploit?: USB storage + .lnk files + file explorer = FAIL
•July 25, 2010 • Leave a CommentI just did a presentation to the State of Mississippi on USB as an attack vector. The vector continues to evolve.. I love it. … another tool for my kit! http://grandstreamdreams.blogspot.com/2010/07/windows-zero-day-exploit-usb-storage.html and http://blog.didierstevens.com/2010/07/18/mitigating-lnk-exploitation-with-ariad/ and http://blog.lumension.com/?p=3214 and a proof of concept http://www.exploit-db.com/exploits/14403/ and a metasploit module http://www.metasploit.com/modules/exploit/windows/browser/ms10_xxx_windows_shell_lnk_execute *update: Zeus botnet exploiting it: http://www.theregister.co.uk/2010/07/27/zeus_exploit_shortcut_hole/ * *update: M$FT releasing out of band patch: http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx
Pulling geolocation data out of Twitter/Twitpic
•July 23, 2010 • Leave a Commenthttp://icanstalku.com/
Everyone loves to post things to their Twitter account. Every day, people post things about the minutiae in their lives, from where they had lunch to what their kids are doing. People also are using services that allow them to post photos of these things. Because after all, a picture is worth a thousand words and isn’t limited to 140 characters. This seems great, but did you know that for a lot of folks, whenever they post a photo of their lunch or kids, also included in their thousand words are details about their exact location of where they took the photo?
Now, we love Twitter and posting photos of our lunch, however, we don’t feel that enough people realize what kind of data they are posting, albeit inadvertantly. By posting this information, they are allowing their movements to be recorded and analyized by anyone: from a government to a nosy neighbor. After analyzing your photos, someone could find out:
- Where you live
- Who else lives there
- Your commuting patterns
- Where you go for lunch each day
- Who you go to lunch with
- Why you and your attactive co-worker really like to visit a certain nice restaurant on a regular basis
Tweaks for using linux with SSD drives
•July 20, 2010 • Leave a CommentMeganet Dominator – Snoop on GSM calls and SMS streams
•May 12, 2010 • Leave a CommentWow.
“Dominator I” sounds more like a monster truck than a collection of small boxes that collectively erase 20 years of relatively secure wireless phone service, doesn’t it? Alas, what you’re looking at here is a convenient, plug-and-play solution for exploiting the hard work the world’s hacking community has put into cracking the A5/1 encryption used on GSM networks in Europe and the US over the past few years. The system consists of two nondescript white boxes, two directional antennas that you’ll point in the direction of your victim, and a laptop that you can use to get a glimpse at all of the phones currently connected to your nearest cell site and record up to four active calls simultaneously — and if you’re more of the text messaging type, Dominator I’s got you covered there, too, with full access to SMS.
Games Criminals Play – How you can profit by Knowing them
•May 12, 2010 • Leave a CommentZachary Burt synopsis of the book, well articulated and detailed in the manner of Cliffs Notes. Summarizes ways to systematically build rapport and control of a mark. Useful for security engineers of all breeds. Click on over
Vulnerable Google Webapp
•May 4, 2010 • Leave a CommentOther samples exist on the internet for training, but I have to admit these are pretty elegant.
Multi-threaded screen capture utility for hacked websites
•April 21, 2010 • Leave a CommentWhen capturing “proof” that a client’s website has been popped, I use this application from time to time to capture proof of the compromise. It takes single URL’s cut-n-paste of lists of URLs, and such. Normally when a baddie pops a webserver, if it’s multi-homed or part of a farm behind a load balancer, you can do DNS magic to find all the other domains served up on that infrastructure, paste them into this application and capture proof of compromise in short order. Multi-threaded, fast, lightweight and the unregistered version puts a watermark on the screencap. Worth the $25 to buy.
“Schoolhouse Rock” -> “PCI Standards Rock”
•April 5, 2010 • Leave a CommentWell done and humorous look at the PCI DSS requirements, performed in the manner of the old “Schoolhouse Rock” Saturday cartoons we all grew up to.
Firefox search add-ons for security nerds
•March 26, 2010 • Leave a CommentShodan Computer Search Engine
•March 24, 2010 • Leave a CommentFind routers, web servers, ports, protocols, etc. by version, geographic location, etc. Useful if you have an 0-day http://www.shodanhq.com/
How to Make Things Worse With IT Security Technology
•March 22, 2010 • Leave a CommentYes, Virginia, InfoSec *IS* an immature field
•March 22, 2010 • Leave a Comment“Any field that’s dominated by its product and service vendors is an immature field.
Products can typically solve a narrow problem, but if you lead the security function at a large organization, narrow problems are rare. Problems are connected to other problems and surrounded by all the fun issues of ownership and stewardship and cooperation and accounting that make our lives rich and rewarding. (You may detect a tiny hint of sarcasm here, although it’s mixed with a larger portion of sincerity.)
Think of IT…er, management information systems…er, data processing back when it was all Big Blue over SNA. Costs were high and innovation was relatively slow. When the CIO voice became prominent—a business person running the IT shop based on the needs of the business, not the availability of whatever the vendors decided to put out—that’s when IT started to enable and contribute to systemic change and improvement.”
Amen brother.
The Ultimate Password List
•March 15, 2010 • Leave a CommentCritical Log Review Checklist for Security Incidents
•March 15, 2010 • Leave a CommentCritical Log Review Checklist for Security Incidents and some other good checklists by Lenny Zilster here http://zeltser.com/cheat-sheets/
SAHI web application automation & testing tool
•March 15, 2010 • Leave a CommentList of Web application scanners
•March 10, 2010 • Leave a CommentWell rounded list of commercial and free scanners over at http://projects.webappsec.org/Web-Application-Security-Scanner-List
Do a full background check on yourself – for FREE.
•March 4, 2010 • Leave a CommentCheck out the consolidated list of sources that “the man” uses to gather your personal information. Get your reports, go over them with a fine toothed comb, and get errors corrected. Oh, and be awed by how much of your life is available to anyone willing to pay to get it. Very Scary. http://consumerist.com/2010/02/get-all-your-reports.html
Google – China – Aurora attacks dissected.
•March 2, 2010 • Leave a Commenthttp://www.theregister.co.uk/2010/03/01/aurora_resistence_futile/
Full paper here . iSecPartner’s recommendations are good. However, while comprehensive and technically accurate, I think it would be beneficial to have an accompanying set of “triage” recommendations (Use GPOs to disable LANMAN hashes; perform egress filtering and alerting; never EVER EVER login with admin credentials – use sudo or runas; migrate to token based authentication).
HITECH data breach analysis
•March 2, 2010 • Leave a CommentChris Merritt over at Lumension did a quick analysis of the HHS breaches of healthcare data for ~4Q09. It pretty well repeats what most of us in the security industry have been harping on for years regarding healthcare information:
- Theft (not accidental loss) is the biggest vector both in terms of # of incidents and total records compromised
- The endpoint, NOT the datacenter, is your weak link
The picture is a bit different with respect to financial information and PII (application and endpoint security), but time after time we’ve shown that if I can pop your desktops, I can use them to pop your datacenter.
VMWare Guest Stealer
•February 19, 2010 • Leave a Commenthttp://www.fyrmassociates.com/tools.html
Requirements
Instructions
Requirements
Instructions
|
New google adwords Phish
•January 4, 2010 • Leave a CommentJust saw a new google adwords phish this morning. Nothing earth shattering, but well done in the google minimalist style:
If you view the mail headers, you’ll see that the email was bounced off (yet another) open .edu relay, copeland.udel.edu. Update your blacklists – in this case, MXLogic didn’t catch it.
My list of Security RSS feeds
•December 30, 2009 • Leave a CommentThought others might like my list of Security feeds that I scan daily. Some are very active, some less so, and some defunct. I get between 250 and 1200 items a day in this cluster, and can scan through, select, and flag interesting content in about 30 minutes a day using google reader. Provided as a shared bundle from within google reader.
Migrated to my new Kingston 128G SSDNow-V
•December 22, 2009 • Leave a CommentMan, this thing is sweet. It took a bit of tinkering and resizing to get the migration from my old Maxtor 160G SATA-RAID setup to the new 128G SSDNow, but it was well worth it, and I added a lot to my toolkit along the way:
- built a USB MultiPass (I call it my U3-SwissBlade) with gParted, CloneZilla and several other nifty tools
- broke the RAID on my Maxtors
- Resized my partitions to fit on the 128G SSDNow using gParted
- Installed my SSDNow as my primary SATA drive
- used CloneZilla to do a disk-to-disk partition copy from the Maxtor to the SSDNow (this took a few tries since I had failed to move all partitions to the right after resizing and free up slack space — you really CAN’T get 160G onto a 128G drive!)
- Went through a few boot sequences until I discovered that my fstab was referencing root by UUID and thus GRUBbooting from the SSDNow and immediately mounting the old Maxtor for the rest of the OS Load. Grrrrrgggggggggggh. (Note, get confortable with the vol_id utility so you can find the unique UUIDs for all your drives and update your fstab to use UUIDs instead of device sequence numbers like sda, sdb, etc).
- uuidgen
tune2fs /dev/sdb1 -U <numbergeneratedbyuuidgen>
verify with vol_id /dev/sdb1
vol_id /dev/hdaX
Performance is excellent. My VMs load near instantly and no more disk thrashing.
I put one of the SSDNows in my old Dell D630 and it has made significant improvements in performance as well. I may get another year or two out of this laptop after all. Well worth the $230 I spent.
I’m interested in getting a SSDNow V+ to see if the write performance justifies the increased cost, but not until I do some benchmarking of my system to see if I am write-bound or not.
Fixed: Unetbootin / Syslinux version issues
•December 16, 2009 • Leave a CommentHaving problems using unetbootin to install certain packages on your USB multipass? Discovered recently that syslinux version differences between packages (like GParted) and unetbootin can cause nasty errors at boot:
SYSLINUX 3.72 2008-09-25 EBIOS copyright (cc) 1994-2008 H. Peter Anvin
Unknown keyword in configuration file: UI
Could not find kernel image: linux
boot:
FIX: Use a current syslinux or syslinux.exe (version 3.82 at the time of this writing, download here) to re-prep the USB stick:
Where z: is the drive letter of the USB drive. This will install the newer version of syslinux on the USB drive and resolve those keyword issues.
syslinux z:
Best kitchen-sink pizza
•December 14, 2009 • Leave a CommentTonight I perfected it. Adjust to suit your tastes (e.g. leave off the hot stuff if you like)
Ingredients:
- 12″ thin crust
- 6 oz finely shredded mozarella
- 5 oz pizza sauce (or tomato sauce)
- 1 roma tomato, halved and sliced into 1/8″ slices
- 1/4 red onion, sliced in 1/4″ rings and quartered
- 1/4 cup pepper rings
- 1/3 green pepper, diced
- 2 TBsp Feta cheese
- Sliced Pepperoni
- 8 oz Chorizo, cooked, crumbled
- 8 oz spicy Jimmy Dean sausage, cooked, crumbled
- 1/2 cup mushrooms, sliced
- 3 cloves garlic, minced
- 3 pieces thick cut bacon, crumbled
- 2 Tbsp capers
- 1 jalapeno, seeded, halved and sliced
- Preheat oven to 450
- Spread sauce on crust to within 1/2″ of outer edge
- Evenly distribute mozarella
- Evenly spread all other ingredients (meat first, then veggies, then feta cheese)
- Cook in 450 degree oven for 9 minutes
Remove pizza. Let cool for 7 minutes. Slice. Serve. Enjoy.
General fix for “ERROR FOUND IN CUSTOM UI XML” issues in MSOffice Products
•October 29, 2009 • 1 CommentI have seen this error in various software and it’s terribly annoying. It most often pops up in outlook every single time you create an email, appointment or other object. I thought it was originally isolated to the LinkedIn toolbar, but then it started happening with various MapiLab add-ins and other objects. I have tried diagnosing binaries using reflector, analyzing the subject XML, etc. but the fix was ridiculously simple. I must have wasted at least 10 hours of my life chasing “errors” that are nothing more than annoyances and don’t break any application functionality. To turn these goofy errors OFF in MSOffice products:>
- Go into the application’s Options (i.e. click the Office Button
and select “Options”)
- Select “Advanced” from the navigation pane on the left.
- Find the “Show add-in user interface errors” checkbox and unselect it.
- Click the OK button.
Outlook operates a little differently:
- Start Microsoft Office Outlook.
- On the Tools menu, click Options.
- In the Options dialog box, click the Other tab, and then click Advanced Options.
- In the Advanced Options dialog box, select Show add-in user interface errors, and then click OK.
- Click OK to close the Options dialog box.
Don’t hate your customers
•October 21, 2009 • 1 CommentA recent exchange with Delta Airlines went something (actual, EXACTLY) like this:
Welcome!
Note: During your chat session, Delta agents may be able to view your delta.com transactions. Additionally, chat conversations are recorded and monitored by Delta Air Lines.
Please wait while we contact the next available agent…
You are now speaking with Morris!
Morris: Hi! My name is Morris. How may I help you?
Morris: Hi! How may I assist you today?
Steve Goldsby : I just checked in online, and tried to print my boarding pass . When I do, I get a “page not found” error from the website. If I go back to my itinerary and try to “reprint” boarding pass, I get the same “page not found” error. Can you fix this or email me my boarding pass in PDF format so I can print it and avoid the lines at the airport? SkyMiles #: <xxxxxxxxxxxxxx>
Morris: Steve, I apologize for the inconvenience you faced on Delta.com; please give me a moment while I look into the matter for you!
Steve Goldsby : thanks.
Steve Goldsby : i also notice the flight is oversold. if you have seats on an ealrier flight, I would be happy to consider an earlier flight.
Morris: Let me check that for you. Just one moment.
Morris: I see on your reservation that you have already checked in, be rest assured you will get a print of the boarding pass at the airport.
Steve Goldsby : right. i don’t want to wait in line.
Morris: I will not be able to send a print of the pass via chat.
Morris: Did you receive my last response?
Steve Goldsby : i did.
Steve Goldsby : since the flight is oversold, is there an option to move to an earlier flight?
Morris: On the seat map I see that two seats are available 33 B and 36 F.
Steve Goldsby : okay. when i checked in the website said:
Steve Goldsby : Your flight is oversold. Delta is seeking volunteers with flexible travel plans to exchange their seats for compensation. Go ahead and check in below. If interested in volunteering see your gate agent at the airport.
Morris: To check in, print your boarding card and check your bags online, please go to our home page, click on the Itineraries and Check In under the tab Traveling and Check In, retrieve your reservation with your name and the confirmation number or ticket number, on the trip details page you will see the area at the top that says Check In, please click on that link and follow the instructions. You will also be able check in your bags online.
Steve Goldsby : I did that. website returns this error page at the “print boarding pass” page
Steve Goldsby : Requested Page Not Found The requested page could not be found on delta.com: * We may have removed the page or changed its web address. * Bookmark or link you clicked on might be incorrect. * Web address may have been mistyped. Recheck it to make sure it’s correct. How to Find Your Page: Use our Search tool to help you find what you’re looking for, or start again from our home page. If you still need assistance, try our Live Chat option with a customer service representative, or contact us for help.
Steve Goldsby : so I contacted you for help.
Morris: please call our Online Customer Support Desk at 1-888-750-3284 and our Representatives will be glad to help.
Steve Goldsby : What’s the vector victor? Roger roger.
Steve Goldsby : i’ll call customer support.
Morris: Is there anything else I may help you with?
Morris: Thanks for choosing Delta have a nice day.
Morris left the chat.
Your chat has ended. Thank you for speaking with us.
Please help us improve our service by clicking on the following link to take a short survey: CLICK HERE
Gmail phishing redux
•September 23, 2009 • Leave a CommentJust noticed over at Commtouch Cafe that the gmail trickery is ongoing . They did a good job of comparing the real gmail site with a forgery, pointing out the obvious differences. Got me to thinking so I did a little search (using google!) and came up with several phonies. (Search criteria: intitle:”gmail: email from google” “lots of space” “mobile access” “less spam”) I don’t have the time right now, but it would be an interesting exercise to find linked pages… you’d probably find some XSS on the originating site, or an evil web proxy at the other end. Maybe a project for my next layover at the airport.

real Gmail page

Fake Gmail screencap
StolenID Search: Find out if your PII has been compromised
•September 23, 2009 • Leave a CommentThere’s a free (as in beer) search service over at Stolen ID Search that allows you to search their database of stolen identity information to There’s a free (as in beer) search service over at Stolen ID Search that allows you to search their database of stolen identity information to see if you’re a victim of identity theft. These guys claim to have information on 120 million+ compromised accounts. Doesn’t require you to give up the farm to find out if you’ve been popped. If there’s a match, Stolen ID Search also offers a fee-based service to get additional information on how the data was compromised, where it was discovered and instructions on what to do next for $15. see if you’re a victim of identity theft. These guys claim to have information on 120 million+ compromised accounts. Doesn’t require you to give up the farm to find out if you’ve been popped. If there’s a match, Stolen ID Search also offers a fee-based service to get additional information on how the data was compromised, where it was discovered and instructions on what to do next for $15.
Disabling USB on various platforms
•August 28, 2009 • Leave a CommentNice little cheatsheet from the NSA that I leave behind with clients. Gives them enough information to get the job done without overwhelming them with unnecessary information. http://www.nsa.gov/ia/_files/factsheets/I731-002R-2007.pdf
Fixing Goorecon.rb to handle new google responses
•August 22, 2009 • Leave a CommentGoorecon recently broken when querying for email addresses (e.g. ruby goorecon.rb -e icsinc.com). Sometime between when goorecon was written and now, google changed their formatting of reposnses for email addresses from:
emailaddress@<br>icsinc.com to emailaddress@<em>icsinc.com
Easy fix is to change the following line in goorecon.rb
response.scan(/[\w.-]+@<b>#{target}/o) { |t|
to
response.scan(/[\w.-]+@<[^>]+>#{target}/o) { |t|
This will keep the code flexible enough so that if google ever changes the highlighting tag (formerly <b> but now <em>) to some other html tag, goorecon will still correctly draw out emaill addresses.
Analyst Cheatsheets over at Packetlife
•August 13, 2009 • Leave a CommentGreat list of cheat sheets for by Jeremy Stretch over at Packetlife
Patenting the pen-test?!?!
•August 12, 2009 • 2 CommentsOkay, process patents in this space have gone too far. I’m googling for some information for a presentation today, and I come across a WIPO patent titled: “SYSTEM AND METHOD FOR PROVIDING NETWORK PENETRATION TESTING”. The “inventors” (and yes, I’m using that term loosely) are Fernando Federico Russ Alejandro David Weil Matias Ernesto Eissler Francisco Javier Dibar Hector Adrian Manrique. A quick search shows these guys in other patent activity. What’s disturbing is that this patent appears to have been filed in 2008, but the process described doesn’t seem terribly innovative. Client side pen testing with a bunch of legal and process fluff thrown in to make it look sexy. Surely metasploit would be prior art, among other tools and frameworks. How do these folks get away with this. I need to go do my research on these inventors, and CORE SDI INC to get a complete picture. If anyone out there has input, I’d sure like to hear it.
Finally, understand your inner (or outer) Nerd
•August 12, 2009 • Leave a CommentI thought I’d reached the end of the Internet, but apparently I missed this little gem of content. It actually brought tears to my eyes. Tears of joy, because finally someone understands me and my kind. I’m willing to bet that at least one out of three readers of this blog can relate. So look to your right, and look to your left. If it ain’t them… well, you’re the nerd. Definitely worth the 8 minute read (40 seconds if Mubix’s recommendation works).
Fixing the way Firefox renders under Backtrack/Ubuntu
•August 11, 2009 • Leave a CommentI finally had enough retuning Firefox every time I loaded Backtrack4. You see, some apps (like firefox) are built using GTK, but Ubuntu/Backtrack run use KDE. The result is that no matter how you tune your X-theme, Firefox still looks like poo. The fix is to do some trickery with KDE->GTK->Qt bindings, look at Bug #193538, or just load a Firefox theme that addresses this problem. My preference is KFirefox: Firefox Theme for KDE4. Pointy clicky, draggy droppy, and you have a svelte firefox under Ubuntu.
Baby pictures in lost wallets increase the chance they will be returned
•July 12, 2009 • Leave a Comment
Interesting Social component. This and similar research may have implications with social engineering to increase likelihood of success. Article is over at BoingBoing http://www.boingboing.net/2009/07/12/baby-pictures-in-los.html






