Archive for the ‘Security’ Category
Tuesday, December 11th, 2007
dradis is a tool for sharing information during a pentest. If you are part of a team of testers working against the same set of targets, you will need to comunicate with each other. The most efficient this communication the more chances of a successful breach you will have.
(more…)
Popularity: 30% [?]
Posted in Networking, Ruby, Security | 1 Comment »
Friday, November 16th, 2007
This is the story of an attack I had to investigate for a client. The synthoms: mass defacement of web pages in the server, the only tool: roughly 1GB of web server log files.
(more…)
Popularity: 10% [?]
Posted in Security | 1 Comment »
Monday, November 5th, 2007
SQL Injection is the process of injecting SQL commands into strings processed by an application. This is possible when there is insufficient validation of user input before it is executed in dynamic SQL queries.
Different types of attack exist and not all of them are suitable for every situation.
(more…)
Popularity: 9% [?]
Posted in Security | No Comments »
Tuesday, October 23rd, 2007
Some times it is useful to check if a given HTTP server has a robots.txt file in it. If it exist it may disclose interesting information, useful for a pentest 
(more…)
Popularity: 29% [?]
Posted in Networking, Security, Shell Script | No Comments »
Friday, September 14th, 2007
Security is often about layers on top of layers on top of layers… And one of these layers is usually an iptables firewall installed in your server. Let’s create a small script to provide our server with the kung-fu fighting techniques needed to defeat the black hats!!
(more…)
Popularity: 29% [?]
Posted in Networking, Security, Shell Script | No Comments »
Friday, September 14th, 2007
Instructions follow on how to build and harden one of the most common configurations out there.
(more…)
Popularity: 16% [?]
Posted in Networking, Security | No Comments »
Wednesday, December 20th, 2006
I have created a small ruby script to check if there are running servers on a given port number. The script is able to check a list of hosts and will output an informational message on the port status for each host.
Let’s begin with the script. Then we can talk about the work it does.
(more…)
Popularity: 17% [?]
Posted in Networking, Ruby, Security | No Comments »
Thursday, December 14th, 2006
The Timestamp is an ICMP (rfc792) message which is used for time synchronization. The Timestamp Reply message consists of the originating timestamp sent by the sender of the Timestamp as well as a receive timestamp and a transmit timestamp.
If your machine answers ICMP Timestamp messages an attacker can learn the date which is set on your machine. This may help him to defeat all your time based authentication protocols.
(more…)
Popularity: 23% [?]
Posted in Networking, Security, Shell Script | No Comments »
Thursday, September 22nd, 2005
Auditor is a knoppix-based linux distribution full of network auditing tools. The main drawback is that it is unable to boot from a firewire cd-rom, so if you have one, you need to install Auditor on your hard drive.
You need some tricks to make it work.
(more…)
Popularity: 15% [?]
Posted in Hardware, Security | No Comments »