The other night i was chatting with Chris1an about web security and i just happen to realised that he was actually the one who killed Youtube. Some of you might have already knew that he was the one who discovered around 40+ vulnerabilities in Youtube and became famous overnight. Anyway Christ1an is based in Germany and he is only a student, but hack, he is a guru in web security. He was being interviewed by the register and google actually thanked him for his work.
Recently Christ1an launched http://planet-websecurity.org/ with the intention to bring together similarly themed news and rants related to Web security and to display them in one place. Visit his blog on the right side of my feed or check it out here.
The Hacka Man
Friday, June 29, 2007
Thursday, June 28, 2007
SAP
I always wanted to work for SAP because they pay huge money. I remembered i was being interviewed by SAP back in Singapore. During the first interview, it took me at least 1-2 hours of conversation and i passed the interview. The HR invited me for a second interview, however this time, the interviewer is crap. He asked all sorts of questions and i succintly answered them without beating around the bush. Its either he didnt get what i am trying to say or he is just plain talkative. I entrench strong to my roots for what i said and he did not believe me and saying that i am a pefect candidate for the position and looks like what they are searching for. ALL BLOODY CRAP!!!! A bunch of liars. They truly antagonize me and i loathe them for that. I am a straight person, if you don't wish to hire me, thats fine, just tell me straight and i will understand. Don't have to setup a bunch of stories and be a coward.
Well, good luck to you SAP. If i have a chance to audit your system, i promise i will bring down all your SAP/R3 servers and other external servers you have. Better protect your RFC or you will be OWNED!
The Hacka Man
Well, good luck to you SAP. If i have a chance to audit your system, i promise i will bring down all your SAP/R3 servers and other external servers you have. Better protect your RFC or you will be OWNED!
The Hacka Man
Wednesday, June 27, 2007
Cisco show mem vs show processes memory sorted
For me to check the router or firewall cpu usage and the memory usage, i always issue the show mem or show processes cpu to see what is causing the router to have a high CPU or memomry utilization. However, i realised that the show mem command output is not as nice as it seemed to be. I was looking at ioshints blog and found out the same command with a little tweaks here and there. This command provides a better output than show mem which is very important for troubleshooting purposes. See below:
show processes memory sorted
show processes cpu sorted 1min
show processes cpu sorted 7min
From cisco:
http://www.cisco.com/warp/public/63/showproc_cpu.html
http://www.cisco.com/warp/public/63/highcpu.html
For Cisco and Juniper command:
http://networking.ringofsaturn.com/Cisco/ciscojuniper.php
show processes memory sorted
show processes cpu sorted 1min
show processes cpu sorted 7min
From cisco:
http://www.cisco.com/warp/public/63/showproc_cpu.html
http://www.cisco.com/warp/public/63/highcpu.html
For Cisco and Juniper command:
http://networking.ringofsaturn.com/Cisco/ciscojuniper.php
Tuesday, June 26, 2007
Designing and Implementing Linux Firewalls with QoS using netfilter, iproute2, NAT and l7-filter
I was invited by Lucian to review this book. Lucian actually sent me a copy of this book for me to read and i was happy upon receiving it. Well, i am someone who loves firewall and security stuff especially linux and cisco. This book is absolutely amazing. For beginners, there are a lot of technical configuration you can read and learn and for experts, this book will guide you to some topic that might interest you. I would really want to put this book into practice, but however base on my current situation, i will only have the time to read and understand the concept. I would highly rate this book a 4.5/5 and anyone who wants to learn firewall at a low level.
VoIPong installation error
For those of you who try to install VoIPong and have installation errors like the ones below, the problem and solution are provided as shown below:
Murat Balaban writes:
>
> Hi Henrique,
>
> Which UNIX user is trying to run voipong? It seems a non-root
> user is running it, but does not have the sufficient privileges
> to open the ethernet device in promisc mode.
>
> Plus, you seem to have problems with the permissions of
> your modules directory. That directory should be owned by
> the same user running voipong.
>
> Thursday, May 31, 2007, 8:41:56 PM, you wrote:
>
> > Release 2.0, running on DINP70759 [Linux 2.4.25-klg #1
> > SMP Ter Abr 6 09:28:24 BRT 2004 i686]
>
> > (c) Murat Balaban http://www.enderunix.org/
> > 31/05/07 14:34:14: EnderUNIX VOIPONG Voice Over IP
> > Sniffer starting...
> > 31/05/07 14:34:14: Release 2.0 running on DINP70759
> > [Linux 2.4.25-klg #1 SMP Ter Abr 6 09:28:24 BRT 2004
> > i686]. (c) Murat Balaban http://www.enderunix.org/
> > [pid: 669]
> > 31/05/07 14:34:14: Default matching algorithm: lfp
> > 31/05/07 14:34:14: error:
> > securemod(/usr/local/etc/voipong/modules/modvocoder_pcma.so):
> > gid: got 50, expected 0
> > 31/05/07 14:34:14: error:
> > securemod(/usr/local/etc/voipong/modules/modvocoder_pcmu.so):
> > gid: got 50, expected 0
> > 31/05/07 14:34:14: loaded 0 module(s)
> > 31/05/07 14:34:14: libpcap start failure:
> > pcap_open_live: SIOCGIFHWADDR: No such device
>
> > 31/05/07 14:34:14: PID 669 [parent: 653]: exited with
> > code: 1. uptime: .
>
I had the same problems and i had solved it using this command
sudo chown -R root:root /usr/local/etc/voipong/modules/modvocoder_pcm*
Also for the voipongnets, i created the file by
touch /usr/local/etc/voipong/voipongnets
This will solve the error below.
Murat Balaban
>
> Hi Henrique,
>
> Which UNIX user is trying to run voipong? It seems a non-root
> user is running it, but does not have the sufficient privileges
> to open the ethernet device in promisc mode.
>
> Plus, you seem to have problems with the permissions of
> your modules directory. That directory should be owned by
> the same user running voipong.
>
> Thursday, May 31, 2007, 8:41:56 PM, you wrote:
>
> > Release 2.0, running on DINP70759 [Linux 2.4.25-klg #1
> > SMP Ter Abr 6 09:28:24 BRT 2004 i686]
>
> > (c) Murat Balaban http://www.enderunix.org/
> > 31/05/07 14:34:14: EnderUNIX VOIPONG Voice Over IP
> > Sniffer starting...
> > 31/05/07 14:34:14: Release 2.0 running on DINP70759
> > [Linux 2.4.25-klg #1 SMP Ter Abr 6 09:28:24 BRT 2004
> > i686]. (c) Murat Balaban http://www.enderunix.org/
> > [pid: 669]
> > 31/05/07 14:34:14: Default matching algorithm: lfp
> > 31/05/07 14:34:14: error:
> > securemod(/usr/local/etc/voipong/modules/modvocoder_pcma.so):
> > gid: got 50, expected 0
> > 31/05/07 14:34:14: error:
> > securemod(/usr/local/etc/voipong/modules/modvocoder_pcmu.so):
> > gid: got 50, expected 0
> > 31/05/07 14:34:14: loaded 0 module(s)
> > 31/05/07 14:34:14: libpcap start failure:
> > pcap_open_live: SIOCGIFHWADDR: No such device
>
> > 31/05/07 14:34:14: PID 669 [parent: 653]: exited with
> > code: 1. uptime: .
>
I had the same problems and i had solved it using this command
sudo chown -R root:root /usr/local/etc/voipong/modules/modvocoder_pcm*
Also for the voipongnets, i created the file by
touch /usr/local/etc/voipong/voipongnets
This will solve the error below.
Monday, June 25, 2007
Snom phones web interface exposed to public.
I was just researching on hard and soft phones and i came across Snom VoIP phones. I don't know much about the phones, however a simple google dorking gave me a bad result. Default installations of the phone is not password protected. Check it out:
"(e.g. 0114930398330)" snom
"(e.g. 0114930398330)" snom
Sunday, June 24, 2007
Hakin9 X Hackathology
This past week, i was invited by hakin9 magazine to write an article about the lastest hacking skills. I am still thinking about a topic to write. There are different types of hacks and i am in a dilemma in choosing one. After pondering for sometime, i think i would love to write hacks about VoIP. Personally, because VoIP is a subset of network security, i think its best to write something that i am good at. I had already setup a PBX server and now its up to the guys at hakin9. The hakin9 team is a bunch of really cool and nice guys. They gave me a free copy of their magazine and once my article is published, they will also send me a copy of the published issue. I will keep you guys updated on this. Let me know what you guys think?
Friday, June 22, 2007
David Litchfield new Oracle book
I had been wanting to learn more about Oracle hacking and i would not say i am not really good in Oracle Security. I managed to setup a Oracle Database server and do some simple exploitation and auditing, however i know that for me to be good in that aspect, it would require to focus most of my time trying to exploit and learn the techniques to hacking the database. This past week, it had came to my attention that David Litchfield(Oracle Security Guru, google him up to find out more) had published a book called Oracle Hacker's Handbook. I highly recommend anyone who loves Oracle Security to purchase this book. Although i had not lay my hands on this book, it will soon be on my bookshelves.
Monday, June 18, 2007
Using ftp with CUTCP telnet
Check out CUTCP
"Telnet is a program used to interactively log in to a remote computer. CUTCP telnet is a program that runs on a PC and is used in CIRCA labs and elsewhere on campus to log in to remote computers. This program can also function as an ftp server when you are logged in to a remote host. This means that you can use the host's ftp client to connect back to yourself. Here's how you do it:
1) First use telnet to log in to the remote host.
2) Press Alt/T. This will generate an ftp command with the proper network address and start the ftp client program on the interactive host.
3) When it asks for a name, enter anything.
4) When it asks for a password, press Alt/W. This will provide a hidden password to authenticate the connection.
Remember that when you have completed this connection, your PC is an ftp server, and the interactive host is running an ftp client. To transfer a file from the interactive host to your PC, use the put command. To transfer a file from the PC to the interactive host, use the get command."
"Telnet is a program used to interactively log in to a remote computer. CUTCP telnet is a program that runs on a PC and is used in CIRCA labs and elsewhere on campus to log in to remote computers. This program can also function as an ftp server when you are logged in to a remote host. This means that you can use the host's ftp client to connect back to yourself. Here's how you do it:
1) First use telnet to log in to the remote host.
2) Press Alt/T. This will generate an ftp command with the proper network address and start the ftp client program on the interactive host.
3) When it asks for a name, enter anything.
4) When it asks for a password, press Alt/W. This will provide a hidden password to authenticate the connection.
Remember that when you have completed this connection, your PC is an ftp server, and the interactive host is running an ftp client. To transfer a file from the interactive host to your PC, use the put command. To transfer a file from the PC to the interactive host, use the get command."
Sunday, June 17, 2007
Regular Expressions with Cisco IOS
I was reaading some cisco stuffs today and i knew long ago that Cisco IOS allows regular expression for simplification of search task and other uses. Well, back then i did not research much on it but i just came across 2 sites which provides more explaination with regards to Cisco IOS regex.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ftersv_c/ftsappx/tcfaapre.htm
http://www.nil.com/ipcorner/EnhanceIOSUI/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ftersv_c/ftsappx/tcfaapre.htm
http://www.nil.com/ipcorner/EnhanceIOSUI/
Subscribe to:
Posts (Atom)
