Search This Blog

Monday, July 28, 2008

Secure Computing Sidewinder vulnerable to DNS Query Port Weakness

Yes, the so invulnerable Sidewinder is finally flagged with a workable and exploitable vulnerability. So, for those of you who keep saying its a Sidewinder, I do not need to patch it, this is haha on your face...

No, seriously. You should patch this and this is a serious problem. This is related to the famous DNS poison exploit that is running wild with is tagged with CVE-2008-1447. It affects both Sidewinder and Sidewinder G2.

So, go patch it before someone "patches" your DNS for you.
P.S. Working codes is out for BIND 9.x and Metasploit framework. Go play with it now.

Wednesday, July 23, 2008

Windows Home Server Power Pack 1 RTM

Its finally here... The greatest improvement (other than fixing the corruption bug) is the Remote Access which now you can see your pictures in thumbnail view. For IE6 and IE7 (officially), you will be able to drag and drop to upload and download now. Its also a (few) click to download multiple files via ZIP now!

The other improvements includes backup enhancements including the ability to backup to USB connect drive, backup your WHS share folders. Of course, the power consumption has been fixed to give it a more green environment friendly feel.

Download WHS PP1 from :
http://www.microsoft.com/downloads/details.aspx?FamilyId=1A6AEF46-DB57-401F-814F-6EFA26E7A1E8&displaylang=en

Put that onto your WHS onto the software directory. Remote desktop into it and launch the installer. After that you will need to go onto each of your client machine and follow the instruction to upgrade the client connector software. Its goes something like http://(WHSServer):55000 to download the upgrade for each machine.

My advice is to immediately launch the connector software and perform a backup. Why? If you do so, you will released your security suite will detect the connector software has changed and it will prompt you for allow/deny the backup engine. Imagine if you have not done so and leave it overnight hoping it would somehow worked, well it won't. You will have to allow it and save the config this once. Well, if you have no such issue, I suggest STRONGLY that you get a client side security software. I am using Microsoft OneCare which has report it doesn't play nice with WHS. It worked for me anyway now that I am on OneCare 2.5 anyway.

Friday, July 18, 2008

Keeping the rows together in MS Word

This is be an accomplishment for me. I managed to figured out how to join the splited rows in a Word documents together again. Well, if you do not understand the problem, you will simply suggest to just disabled the "split row across pages" or check the page alignment etc... Ok, for those who knows what I am talking about, its about having a table... YES, I had checked, its the SAME table, ... having some rows on page x, then one BIG BLANK space and then my next row goes to page x+1. And the next row is not like major big or long. Why don't they just stick together? AHHHHUUURRRGGHHHHH!

Ok, if you understand the problem, then I am happy to tell you, after wasting 5 minutes on it and many click and check on google and whatever, I finally found the solution!

There are a few problems :

1. Check your page setup, make sure its align to the top, not center, bottom or whatever. This is the most stupid part of it.

2. Ok, as suggest, uncheck allow rows to split across pages.

3. Select the table. Format->Paragraph. Line and Page Breaks tab. Uncheck "keep with next" and "keep lines together".

Now, it does get solved? I hope so. Mine did. Make sure for (3) you select the table.

Sunday, July 13, 2008

Tin of Paint ~ A Cyanide and Happiness Short

Cyanide and Happiness, a daily webcomic
Cyanide & Happiness @ Explosm.net

Well you heard of Cyanide & Happiness. If you haven't, then you hear this from me. You like South Park and can take that extend of joke, you won't be disappointed. Visit and see daily comics and more shorts from explosm.net.

Microsoft OneCare 2.5 Released

Yes, finally. All you need to do it to wait for it to update your OneCare and you will have the new V2.5. Whats the changes (visually)? None. All the changes involves the underlaying layers. So its better performance and security below. In any case, you should not miss this update.

To do a manual update, which is not advisible, you will need to uninstall OneCare first. Then go download it again and reinstall. Some of your settings and firewalls rules will be lost as a result. Well, if this is the way you choose, you can start from here :
http://onecare.live.com/standard/en-us/purchase/trial.htm?sc_cid=wlsc_centers&redir=true

True Crypt 6.0 Portable

True Crypt is something free. It protects you from embassasing moments if you data is exposed to others. It keeps you personal data safe and away from eyes of audits. Yes, basically, its encryption. But a FREE, true AES grade and higher type of encryption. No spyware or 30 days trial.

True Crypt supports disk based encryption too. However, that would means that the host system needs to have True Crypt before it can open your encrypted disk. I would prefer another way to install that. Instead, you should download True Crypt and expands all the files into a folder or the root directory. Then create a file based encryption with the remaining space. In this way, you will be able to mount your encrypted file with the True Crypt binaries in the main directory on any machines. So, make sure you get all the version of True Crypt. For mac and linux as well if you want to mount the file there. You can also upgrade true Crypt easily this way. This give you truly independent OS portability especially on your PenDrive and Portable HDD. Unfortunately, its easier said than done. I probably wont go make a mac + linux binaries anyway, since they vaires so much.

Now, lets talk about the failing of this. True Crypt can fail in some ways. For example, you forget to eject the thumbdrive and pull it out. Or if you crashed Windows with a blue screen halfway writing to the Thumbdrive. Or the Thumbdrive simply goes dead. One solution for all 3. Backup. You can backup the raw or the encrypted file itself. Of course, there are ways to avoid issues especially from the first case. When you mount the file in True Crypt, choose the mount options and check mount volume as removable media. The 2nd and 3rd case is a bit hard to avoid, but do you know that there is rescue disk for True Crypt. This only applies if you encrypt the system partition though. Mount you file for the first time, select system->create rescue disk and follow the instruction. That proves to be a life saver sometimes in the 2nd and 3rd case. But in the case of a removable drive for True Crypt, this does not apply at all.

Well. The autorun.inf you will need to make the automount and dismount for hte thumdrive is as follows :

[autorun]
label=TrueCrypt
icon=truecrypt.exe

action=Mount TrueCrypt Volume
open=truecrypt /v /l /q /a /m rm /e

shell=mounttc
shell\mounttc=&Mount
shell\mounttc\command=truecrypt /v /l /q /a /m rm /e

shell=dismounttc
shell\dismounttc=&Dismount
shell\dismounttc\command=truecrypt /d /q

shell=runtc
shell\runtc=Run &TrueCrypt
shell\runtc\command=truecrypt

Just copy and paste the above into notepad and you need to edit to z or whatever drive you like. Also replace to the (path and) filename of the encrypted volume. Make sure you extract the setup exe and keep truecrypt files in the root directory.

That was the old days way fo doing it. Now, just install and run Tools->Travellers Disk Setup and you will be guided with a wizard to creating the above. That takes all the fun away does it not...

Thursday, July 10, 2008

The Pentester's Art of War Chapter 0

This is something I always wanted to write, but never really find the time to do so and organized them. Well, since nobody is really going to published this as a book, why not just blog it onto the net pieces by pieces. I can make up the chapters along the way too. That certainly save me time from organizing it. Ok, I am lazy. This I admit.

First, lets take a look at the title of this article. Pentester. Well, I am sure it's a familiar term to many. A Pentester is basically a short of a Penetration Tester. Usually he is a security professional who conduct testing of the security of a subject (be it a application, network or even a physical location) by means of attacking it. Some people may want to use the word "hacking". I absolutely agree. However, there are many among the security professional who prefers not to be associated with the word hacking as it usually has a bad annotation.

I am sure some of you had already notice I used the word "he". Its not that I am male chauvinistic about this. I do admit there are a few pretty good security professional who are female. I knew a few from mother Russia. However, to make things simple, I would use the word "he" throughout. Just remember it can mean either sexes.

Next, the term "Art of War". The first reaction will be relating this to Sun Tzu's "Art of War". Well, I admit, I may be using something similar to run through these topics, but by no means do I want to translate it into a guide for Pentesters or explaining the whole book of Art of War. I remember there was somebody who would disagree with my term "Art". Pentesting is a science he would argued. I disagree. If Pentesting is a science, then simply it means that given the same application, for example, two different individual would have done the pentesting similarly (and maybe even word for word) and produced a similar report. If this is pentesting, no wonder my friend laugh at the joke about getting monkeys to do our pentesting in the future. I argued from the point that its an art because no two pentester will do it the same way. One might decided to deploy an sniffing attack on the application while another simply may want to unassemble some of the binaries. There are many ways and often the results varies. And I believe this is what makes one pentester better than another. I know this will hurt people who runs automatic tools such as nessus or appscan and then pull the beautiful report off their color laser printer and pass it to their boss. Sorry, strictly, I do not classify these people as pentester.

The term "War" probably raise some eyebrow. A serious Pentester treats his every project like a battle. In my opinion anyway. Each penetration test will have to be treated seriously like a war. All the strategy, the tactics to deploy as well as the resources gathering. All these plays a part in whether the project is successful or not. Of course, by means of sucessful, it means the Pentester found serious vulnerability and gotten in. Of course, the condition of winning will depends on each different engagement.

So, the following articles will concentrate on the strategy, tactics and the art of winning the war of pentesting.

Tuesday, July 08, 2008

Astalavista Security Toolbox DVD 2008 V5.0

From the site :
Astalavista's Security Toolbox DVD 2008 (v5.0) is considered to be the largest and most comprehensive Information Security archive. As always we are committed to provide you with a resource for all of your security and hacking interests, in an interactive way! The Information found on the Security Toolbox DVD has been carefully selected, so that you will only browse through quality information and tools. No matter if you are a computer enthusiast, a computer geek, a newbie looking for information on "how to hack", or an IT Security professional looking for quality and up to date information for offline use or just for convenience, we are sure that you will be satisfied, even delighted by the DVD!

Let me just say that I am not advertising for this product and in my opinion, most people should not need this product at all, especially some of the security professional who would not like to be associated with words like hackers, blackhat etc. The tools inside this DVD is pretty blackhat if you ask me. There are tons of exploit codes and source for you to see and play around with (your VM that is). If you are hardcore enough, this is a great buy especially at this rock bottom price.

Read more from :
http://astalavista.com/index.php?page=340

萧十一郎 ~ 罗文 TVB 1978


历遍江湖千般凶险
捱尽世途困苦片段
自觉目光似剑 此心昭日月
情共爱 在脑海 尽化烟

梦里芳踪渺渺 怕触爱火烈焰
挥刀断水水更现
蜜意若灰寸寸 爱海有千叠浪
心头若絮乱

世间多情偏偏多怨
情路爱途已感厌倦
独对落英片片 顾影空寂寞
怀旧侣 忆往事 恨肠断

Saturday, July 05, 2008

PSP 4.01M33 Save State

This is one of the 2 major improvement for the version 4 firmware. Now this is available as a plugin. I had packed the file for you to copy all over to your root directory of your PSP memory stick main directory. However, there is a readme.txt you will probably not want to copy over. I simply had to include this because this is a major README that you MUSt read in order to operate the save state. If you have a text reader, feel free to copy it over to your PSP as well.

Here is the download :
http://rapidshare.com/files/127353321/401M33-Savestate.rar

Remember you need at least 4.01M33 to operate this plugin.

PSP 4.01M33-2 Released

I know its been a while, I am late again on this as usual. I had made sure I tested this before sharing it. Firstly, I do no suggest jumping to 4.01M33-2 immediate from your 3.80+. Because this is a major jump in firmware, I suggest going to 4.01M33, then 4.01M33-2.

I had made everything simple this time. Just download the 4.01M33 package. Unpack the files into the root of your memory stick. Yes, I had created all the directories to make life simple. Run the updater. Follow all instruction. Again, let me stress that you MUST PRESS O when told to do so to reboot at the end. Do not power off or do something otherwise.

Download 4.01M33 :
http://rapidshare.com/files/127352946/PSP401M33.RAR

After that, download the 4.01M33-2 below. Just copy all to the main directory of your PSP memory stick again. Run the update. It will auto reboot and tada, you have 4.01M33-2.

Download 4.01M33-2 :
http://rapidshare.com/files/127353130/401M33-2.RAR

CWCheat 0.22 Rev C

It has been a while since this was released. I had not included it because there is not much changed. But here is it anyway... As usual, I had included only the PSP Slim edition here, with the latest updated cheat.db as of today 4th July 2008. I had some comments about leaving out the cheatpops.db in my last release, but since it has been some time since, I do not mind including that db in this release as well. So as a summary, this is the FULL release for PSP Slim. Not an upgrade.

Also, if you had others plugins installed, please do not copy all the files in step 1. Edit your pops.txt, game150.txt and game.txt to include the lines in these file. Its kinda like merging them into your current files.

Here is what you need to do (good for newbies) ...
1. Copy the folders into your memory stick main folder. All the directory has been prepared for you. See above if you have other plugins installed, do not overwrite your pops.txt, game150.txt and game.txt.
2. Power up your psp while pressing R
3. Select plugins
4. Press X over cwcheatpops.prx [POPS] it will say ENABLED
5. Press X over cwcheat.prx [GAME] it will say ENABLED
6. Press X over cwcheat.prx [GAME150] it will say ENABLED
7. Exit recovery
8. When in game press select for x3 seconds to access the menu(default options which can be changed)

Here is the download :
http://rapidshare.com/files/127354421/CWCheat022C.rar

Thursday, July 03, 2008

Back|Track 3 Release

Ya, this is old news. Its been about 1 whole week since its release. If you had not seen the power of Backtrack, see it online somewhere or one of my previous post. The Wifi Zoo kick ass. WEP cracking is not reduced to a 1-click script kiddies stunt.

In any case, here is the direct link :

Description: CD Image
Name:: bt3-final.iso
Size: 695 MB
MD5: f79cbfbcd25147df32f5f6dfa287c2d9
SHA1: 471f0e41931366517ea8bffe910fb09a815e42c7
Download: Click here

Description: USB Version (Extended)
Name:: bt3final_usb.iso
Size: 784 MB
MD5: 5d27c768e9c2fef61bbc208c78dadf22
SHA1: 3aceedea0e8e70fff2e7f7a7f3039704014e980f
Download: Click here

Description: VMware Image
Name: BACKTRACK3_VMWare.rar
Size: 689 MB
MD5: 94212d3c24cf439644f158d90094ed6a
SHA1: 21c9a3f9658133efff259adbe290723583b4fd82
Download: Click here

Yes, I know. It still doesn't play nice with Virtual PC. And BT3 , in my opinion, is really slow compare to BT2... You probably need to install Nessus 3 on this too...

Thawte Free Email Certificate vs Vista IE7

For a long long time, Thawte hsa not came out with a solution to allow easy installation of their free email cerifitcations on Vista / IE7. Vista has already launched SP1 and Thawte is still there...

Well for those who did not know what a email certificate is... Imagine SSL.. Ok, even more plain, the padlock you will see on the browser when you do you internet banking... Well, thats encryption. SSL is basically encryption. But you need a SSL certificate to do the encryption. Email certificate is somethign very similar. But on top of being able to do encryption, email certificate also allow you to identify yourself. This mean when you friend / client receive a email signed by your email certificate, they can be sure its you. If the email ash been tampered, changed, edited, forwards etc.. the signing will fail and you will see a X on your email client. What? You are still using Lotus Notes? Man, get a real email client, FCS!

Anyway, back to this issue of using Thawte Email Certificates. Its FREE. Thats one plus point. And so far I tried many, like komodo etc.. And evne one which I will not name, who issue email cert, but their own SSL cert is kinda expired or blacklist... This is the type of CA you should avoid. In any case, Thawte has the advantage.

Sometime back in Dec 2007, thawte posted a "solution" to the Vista IE7 problem.
https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=S:SO5558&actp=search&searchid=1215093218617
Well if you do not know whats the problem, it can only means you are not using Vista or are using IE7 or below on XP. anyway, the problem is there is no support for creating the private key to make the certificate.

Anyway, if you follow the instruction above, you will hit the Error: "424 Object required" error.
Thawte suggest your try :
https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO5657
OK, stop right here. This is the step I strong advice you DO NOT do. Whats is the point of using a certificate when you have to cripple your security on your browser to get the certificate in the first place?

This is my approach :
Grab a machine with Win XP. Yes, a VM is good. Always keep Win XP VM around.
Go through the process and request the cert, then complete it by installing the cert.
Now, you will have to export the cert.
Ok, this is the tricky part. Listen carefully, or you will find that you cant import your cert properly later...
YOU NEED TO EXPORT YOUR PRIVATE KEY.
Choose that... then the rest you can play around with... use a good password. But I strongly suggest after importing sucessfully onto your Vista that you delete the exported keys away.

Put all your *.PFX together and bring it to your Vista machine. Open IE options and then import them. Just let IE decide where to put the certs. It should end up in the Personnel folder. Otherwise, you done it wrongly. See the CAPITAL above. Once all yoru cert if done, go ahead and sign some email with your Outlook and smile.

I try to be brief here cos I figure most of us knows what we are doing. If you have problem wit hthis instruction, please post a comment and I will try to help you out. For Firefox, the procedure is different, so lets just worry about IE / Vista here.

I wonder why I searched and cannot find this solution on Google...

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008 nemesisv.blogspot.com, All rights reserved.