Friday, May 27, 2011
Tuesday, February 15, 2011
Another SEH tutorial
I have written a simple seh tutorial on my wordpress blog,
kindly review it.
http://netsecuritystuff.wordpress.com/2011/02/15/another-seh-tutorial/
Wednesday, February 2, 2011
GSM Security
I had the priviledge of meeting Harald Welte a few days ago and it was really amazing. This is the guru at gsm security in the world. He is the author openbsc, openmoko and many other many cool opensource projects. He managed to spark an interest of gsm security and I am currently looking at this complex stuff by the side. Thanks Harald .
Tuesday, January 25, 2011
Installing virtualbox on backtrack 4 r2
root@bt # echo "deb http://download.virtualbox.org/virtualbox/debian intrepid non-free" >> /etc/apt/sources.list
root@bt # wget -q http://download.virtualbox.org/virtualbox/debian/sun_vbox.asc -O- | sudo apt-key add -
root@bt # apt-get update
root@bt # apt-cache search virtualbox
root@bt # apt-get install virtualbox-3.1
root@bt # wget -q http://download.virtualbox.org/virtualbox/debian/sun_vbox.asc -O- | sudo apt-key add -
root@bt # apt-get update
root@bt # apt-cache search virtualbox
root@bt # apt-get install virtualbox-3.1
Monday, January 24, 2011
Facebook and HTTPS
Roughly two weeks I came across an article at /dev/random that there was a malicious java script injected on facebook in a Tunisia ISP that was capturing users user names and passwords http://blog.rootshell.be/2011/01/13/tunisia-tracks-users-with-javascript-injection/
Even if you were proxying through Tunisia, there could be a chance that your credentials were stolen. Today I woke up to read about how facebook dealt with the problem, guess what they used , https :) http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044
The register also confirmed this http://www.theregister.co.uk/2011/01/25/tunisia_facebook_password_slurping/
The question I always ask myself is why does facebook direct people to login to their http site while they have a https site where communication is encrypted? Even after the release of powerful tools such as wifizoo and firesheep which can be used to intercept http traffic with ease, why does the site with more than ~600 million people with accounts waiting for to use https as the default login page?
To avoid these issues, I always have a mozilla plugin, https-everywhere to force redirection to https. There is another plugin also for mozilla called force-tls that does the same thing. So do the bright thing, use https.
But even with https, be careful, awesome tools such as ssl-strip can be used with an man in the middle attack to strip out the ssl as the traffic. http://www.securitytube.net/Stripping-SSL-and-Sniffing-HTTPS-using-SSLstrip-video.aspx
Even if you were proxying through Tunisia, there could be a chance that your credentials were stolen. Today I woke up to read about how facebook dealt with the problem, guess what they used , https :) http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044
The register also confirmed this http://www.theregister.co.uk/2011/01/25/tunisia_facebook_password_slurping/
The question I always ask myself is why does facebook direct people to login to their http site while they have a https site where communication is encrypted? Even after the release of powerful tools such as wifizoo and firesheep which can be used to intercept http traffic with ease, why does the site with more than ~600 million people with accounts waiting for to use https as the default login page?
To avoid these issues, I always have a mozilla plugin, https-everywhere to force redirection to https. There is another plugin also for mozilla called force-tls that does the same thing. So do the bright thing, use https.
But even with https, be careful, awesome tools such as ssl-strip can be used with an man in the middle attack to strip out the ssl as the traffic. http://www.securitytube.net/Stripping-SSL-and-Sniffing-HTTPS-using-SSLstrip-video.aspx
Monday, January 17, 2011
Sriking Back
Kindly look at this simple tool to use which you can use to "mess with hackers heads". Basically it starts a webserver on port 80 and creates random infinite urls. If somebody is running an automated web server scan against your webserver, it could be caught up in an infinite loop.
Usage:
Stop any webserver that could be running first, then initalise the script.
# python spidertrap.py
Then visit http:\\localhost with your browser and see.
You can read more about this tool here http://pauldotcom.com/wiki/index.php/Episode225
Also for fun, I found this image, "we found the weakest link". In a geek way its funny . Have a look at it. http://yfrog.com/hsfx3p
Usage:
Stop any webserver that could be running first, then initalise the script.
# python spidertrap.py
Then visit http:\\localhost with your browser and see.
You can read more about this tool here http://pauldotcom.com/wiki/index.php/Episode225
Also for fun, I found this image, "we found the weakest link". In a geek way its funny . Have a look at it. http://yfrog.com/hsfx3p
Subscribe to:
Posts (Atom)