Archive for the ‘Networking’ Category

« Older Entries

howto create an intermediate Certificate Authority (CA) using openssl

Thursday, March 20th, 2008

What is an Intermediate Certificate Authority (CA) and why do I need one? An Intermediate CA is an authority that you use to create your own SSL certificates in a PKI environment. An Intermediate CA depends on a Root CA that is the origin of the chain of trust. The idea is that if your Intermediate CA gets compromised or you decide to revocate all the certificates issued by it, you can still use your Root CA without further inconvenience for your users (the users only need to have installed the certificate of the Root CA in their browsers).

As for the second question, the sort answer is that chances are that you really do not need one :) but for the shake of the experiment lets get our hands dirty!
(more…)

Popularity: 63% [?]

Posted in Networking, Security | 7 Comments »

xmitm: xml man in the middle

Sunday, December 16th, 2007

This post is a result of ideas and tools developed during the review of client-side applications that use the XMPP protocol to communicate with a server (opening a raw socket, not using HTTP as a transport).

The only way we could think of getting our hands on the communication was to write a small set of scripts to trick the client and encapsulate the communication inside HTTP requests that we could then manipulate using standard proxy tools such as burp.

Although the information and scripts described in this post are focussed on intercepting a XML communication, the same principles apply to man in the middle any ASCII protocol such as smtp, ftp or pop.

update: slides available here
(more…)

Popularity: 54% [?]

Posted in Networking, Ruby, Security, Shell Script | 2 Comments »

dradis

Tuesday, December 11th, 2007

dradis is a tool for sharing information during a pentest. If you are part of a team of testers working against the same set of targets, you will need to comunicate with each other. The most efficient this communication the more chances of a successful breach you will have.
(more…)

Popularity: 29% [?]

Posted in Networking, Ruby, Security | 1 Comment »

Net::DHCP

Monday, November 5th, 2007

The aim of Net::DHCP (hosted at RubyForge) is to provide a set of classes to low level handle the specifics of DHCP (rfc2131, rfc2132, etc.) in ruby.

With Net::DHCP you will be able to craft custom DHCP packages and have access to all the fields defined for the protocol.
(more…)

Popularity: 18% [?]

Posted in Networking, Ruby | No Comments »

check for robots.txt

Tuesday, October 23rd, 2007

Some times it is useful to check if a given HTTP server has a robots.txt file in it. If it exist it may disclose interesting information, useful for a pentest :)
(more…)

Popularity: 28% [?]

Posted in Networking, Security, Shell Script | No Comments »

ninja iptables for your server

Friday, September 14th, 2007

Security is often about layers on top of layers on top of layers… And one of these layers is usually an iptables firewall installed in your server. Let’s create a small script to provide our server with the kung-fu fighting techniques needed to defeat the black hats!!
(more…)

Popularity: 28% [?]

Posted in Networking, Security, Shell Script | No Comments »

harden your apache+php installation

Friday, September 14th, 2007

Instructions follow on how to build and harden one of the most common configurations out there.
(more…)

Popularity: 16% [?]

Posted in Networking, Security | No Comments »

rails environment with lighttpd

Tuesday, September 4th, 2007

We want an automated deployment enviroment. The server will automatically (upon restart) detect all the rails applications under a given folder and create virtual hosts for them. No further changes in the server configuration will be required. never. :)
(more…)

Popularity: 16% [?]

Posted in Networking, Ruby | No Comments »

send files through email from the command line

Wednesday, December 20th, 2006

Every now and then I need to send by email some file to a friend or coworker or even myself. I have found that the easiest way to do this is just having a shell script that do the hard work for you.

After some research I found a set of scripts that actually do what I want (credit goes to Heiner Steven). The bad news is that this is not a full-bash solution. The scripts use the metasend command to send files as MIME atachments.

(more…)

Popularity: 28% [?]

Posted in Networking, Shell Script | No Comments »

runningserver: hello? anybody out there?

Wednesday, December 20th, 2006

I have created a small ruby script to check if there are running servers on a given port number. The script is able to check a list of hosts and will output an informational message on the port status for each host.

Let’s begin with the script. Then we can talk about the work it does.
(more…)

Popularity: 17% [?]

Posted in Networking, Ruby, Security | No Comments »

« Older Entries