Archive for the ‘Security’ Category
yl18.net: the chinese menace
Friday, November 16th, 2007This is the story of an attack I had to investigate for a client. The synthoms: mass defacement of web pages in the server, the only tool: roughly 1GB of web server log files.
(more…)
sql injection: inference attack
Monday, November 5th, 2007SQL Injection is the process of injecting SQL commands into strings processed by an application. This is possible when there is insufficient validation of user input before it is executed in dynamic SQL queries.
Different types of attack exist and not all of them are suitable for every situation.
(more…)
check for robots.txt
Tuesday, October 23rd, 2007Some times it is useful to check if a given HTTP server has a robots.txt file in it. If it exist it may disclose interesting information, useful for a pentest 
(more…)
ninja iptables for your server
Friday, September 14th, 2007Security is often about layers on top of layers on top of layers… And one of these layers is usually an iptables firewall installed in your server. Let’s create a small script to provide our server with the kung-fu fighting techniques needed to defeat the black hats!!
(more…)
harden your apache+php installation
Friday, September 14th, 2007Instructions follow on how to build and harden one of the most common configurations out there.
(more…)
runningserver: hello? anybody out there?
Wednesday, December 20th, 2006icmp timestamps
Thursday, December 14th, 2006The Timestamp is an ICMP (rfc792) message which is used for time synchronization. The Timestamp Reply message consists of the originating timestamp sent by the sender of the Timestamp as well as a receive timestamp and a transmit timestamp.
If your machine answers ICMP Timestamp messages an attacker can learn the date which is set on your machine. This may help him to defeat all your time based authentication protocols.