Archive for the ‘Security’ Category

Newer Entries »

dradis

Tuesday, December 11th, 2007

dradis is a tool for sharing information during a pentest. If you are part of a team of testers working against the same set of targets, you will need to comunicate with each other. The most efficient this communication the more chances of a successful breach you will have.
(more…)

Popularity: 30% [?]

Posted in Networking, Ruby, Security | 1 Comment »

yl18.net: the chinese menace

Friday, November 16th, 2007

This is the story of an attack I had to investigate for a client. The synthoms: mass defacement of web pages in the server, the only tool: roughly 1GB of web server log files.
(more…)

Popularity: 10% [?]

Posted in Security | 1 Comment »

sql injection: inference attack

Monday, November 5th, 2007

SQL Injection is the process of injecting SQL commands into strings processed by an application. This is possible when there is insufficient validation of user input before it is executed in dynamic SQL queries.

Different types of attack exist and not all of them are suitable for every situation.
(more…)

Popularity: 9% [?]

Posted in Security | No Comments »

check for robots.txt

Tuesday, October 23rd, 2007

Some times it is useful to check if a given HTTP server has a robots.txt file in it. If it exist it may disclose interesting information, useful for a pentest :)
(more…)

Popularity: 29% [?]

Posted in Networking, Security, Shell Script | No Comments »

ninja iptables for your server

Friday, September 14th, 2007

Security is often about layers on top of layers on top of layers… And one of these layers is usually an iptables firewall installed in your server. Let’s create a small script to provide our server with the kung-fu fighting techniques needed to defeat the black hats!!
(more…)

Popularity: 29% [?]

Posted in Networking, Security, Shell Script | No Comments »

harden your apache+php installation

Friday, September 14th, 2007

Instructions follow on how to build and harden one of the most common configurations out there.
(more…)

Popularity: 16% [?]

Posted in Networking, Security | No Comments »

runningserver: hello? anybody out there?

Wednesday, December 20th, 2006

I have created a small ruby script to check if there are running servers on a given port number. The script is able to check a list of hosts and will output an informational message on the port status for each host.

Let’s begin with the script. Then we can talk about the work it does.
(more…)

Popularity: 17% [?]

Posted in Networking, Ruby, Security | No Comments »

icmp timestamps

Thursday, December 14th, 2006

The Timestamp is an ICMP (rfc792) message which is used for time synchronization. The Timestamp Reply message consists of the originating timestamp sent by the sender of the Timestamp as well as a receive timestamp and a transmit timestamp.

If your machine answers ICMP Timestamp messages an attacker can learn the date which is set on your machine. This may help him to defeat all your time based authentication protocols.

(more…)

Popularity: 23% [?]

Posted in Networking, Security, Shell Script | No Comments »

install auditor in your hard drive

Thursday, September 22nd, 2005

Auditor is a knoppix-based linux distribution full of network auditing tools. The main drawback is that it is unable to boot from a firewire cd-rom, so if you have one, you need to install Auditor on your hard drive.

You need some tricks to make it work.
(more…)

Popularity: 15% [?]

Posted in Hardware, Security | No Comments »

Newer Entries »