tanasi.it » In English

Lol: Hosting Your Windows 7 Torrenting Party

jekil — Fri, 27 Nov 2009 13:50:07 +0000

Random Posts

Lol: A Geek Life

jekil — Sat, 17 Jan 2009 23:37:52 +0000

(from xkcd)

Must have useful cheatsheets

jekil — Sun, 07 Dec 2008 17:08:18 +0000

(photo credits: David_Stubbart)

Random Posts

Photo gallery with AJAX and Javascript

jekil — Thu, 02 Oct 2008 15:04:35 +0000

(photo credits striatic)

I am searching a photo gallery that works using AJAX and Javascript with minimum effort of change server side pages.

I found this list of galleries that seems really good:

Random Posts

CakePHP vs Ruby on Rails

jekil — Thu, 11 Sep 2008 22:49:38 +0000

Ruby on Rails or PHP, this is the dilemma.
I think that Ruby on Rails is the greatest web development framework i have ever used, but Ruby is too slow, needs the deploy of some libraries, and can be a hell when you need to scale.
On the other side PHP is tedious, but scale well and have a lot of libraries.

Links:

ASP.NET and input validation against XSS

jekil — Thu, 04 Sep 2008 23:01:52 +0000

The today’s topic is XSS under ASP.NET and how validation filters and request filters works and are applied under ASP.NET.

The Microsoft .NET framework comes with a request validation feature, configurable by the ValidateRequest setting. ValidateRequest has been a feature of ASP.NET since version 1.1. This feature consists of a series of filters, designed to prevent classic web input validation attacks such as HTML injection and XSS (Cross-site Scripting).

Procheckup describe how bypass ValidateRequest in a whitepaper.

On the other side, some ASP.NET controls offers by default automatic html encoding, a great resource when you are reviewing your code for possible Cross-Site Scripting (XSS) or double encoding problems is this table that list all ASP.NET control and which property offers html, script or url encoding.

What’s new in the Flash 10 security

jekil — Wed, 03 Sep 2008 23:41:58 +0000

The new version of Adobe Flash (actually 10 beta) has a variety of features and enhancements aimed to increase the security.

You can read a detailed article of Trevor McCaulery here: http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html

It seems that the Adobe security is based on:

require user interaction: to avoid automatic explotation and warn user about flash actions
new features that ovverride olds with a more secure implemtation

splmap 0.6 released

jekil — Sun, 31 Aug 2008 23:36:19 +0000

My friend inquis today released one of the best SQL injection tools available to the public: sqlmap.
For the ones of you that do not know this tool yet, sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.

After almost a year of extensive programming I am done with complete code refactoring, many bugs fixes and many new features.
Some of the new features include:

Added multithreading support to set the maximum number of concurrent HTTP requests.
Implemented SQL shell (–sql-shell) functionality and fixed SQL query (–sql-query, before called -e) to be able to run whatever SELECT statement and get its output in both inband and blind SQL injection attack.
Added an option (–privileges) to retrieve DBMS users privileges, it also notifies if the user is a DBMS administrator.
Added support (-c) to read options from configuration file, an example of valid INI file is sqlmap.conf and support (–save) to save command line options on a configuration file.
Implemented support for HTTPS requests over HTTP(S) proxy.
Enhanced logging system: added three more levels of verbosity to show also HTTP sent and received traffic.

Complete list of changes at http://sqlmap.sourceforge.net/doc/ChangeLog.

A browser as web hacking platform

jekil — Tue, 19 Aug 2008 01:08:00 +0000

A list of Firefox plugins to turn your browser in an hacking platform. This is an improved list based on "Turning Firefox to an ethical hacking platform" from Security-Database.com

Information gathering

Whois and geo-location
- ShowIP
  : Show the IP address of the current page in the status bar. It also
  allows querying custom services by IP (right mouse button) and Hostname
  (left mouse button), like whois, netcraft.
- Shazou
  : The product called Shazou (pronounced Shazoo it is Japanese for
  mapping) enables the user with one-click to map and geo-locate any
  website they are currently viewing.
- HostIP.info Geolocation : Displays Geolocation information for a website using hostip.info data. Works with all versions of Firefox.
- Active Whois : Starting Active Whois to get details about any Web site owner and its host server.
- Bibirmer Toolbar
  : An all-in-one extension. But auditors need to play with the toolbox.
  It includes ( WhoIs, DNS Report, Geolocation , Traceroute , Ping ).
  Very useful for information gathering phase

Enumeration / fingerprinting
- Header Spy: Shows HTTP headers on statusbar
- Header Monitor
  : This is Firefox extension for display on statusbar panel any HTTP
  response header of top level document returned by a web server.
  Example: Server (by default), Content-Encoding, Content-Type,
  X-Powered-By and others.

Social engineering
- People Search and Public Record:
  This Firefox extension is a handy menu tool for investigators,
  reporters, legal professionals, real estate agents, online researchers
  and anyone interested in doing their own basic people searches and
  public record lookups as well as background research.

Googling and spidering
- Advanced dork
  : Gives quick access to Google’s Advanced Operators directly from the
  context menu. This could be used to scan for hidden files or narrow
  in a target anonymously (via the scroogle.org option)
- SpiderZilla : Spiderzilla is an easy-to-use website mirror utility, based on Httrack from www.httrack.com.
- View Dependencies
  : View Dependencies adds a tab to the "page info" window, in which it
  lists all the files which were loaded to show the current page. (useful
  for a spidering technique)

Security Assessment / Code auditing

Editors
- JSView
  : The ’view page source’ menu item now opens files based on the
  behavior you choose in the jsview options. This allows you to open the
  source code of any web page in a new tab or in an external editor.
- Cert Viewer Plus
  : Adds two options to the certificate viewer in Firefox or Thunderbird:
  an X.509 certificate can either be displayed in PEM format (Base64/RFC
  1421, opens in a new window) or saved to a file (in PEM or DER format -
  and PKCS#7 provided that the respective patch has been applied – cf.
- Firebug
  : Firebug integrates with Firefox to put a wealth of development tools
  at your fingertips while you browse. You can edit, debug, and monitor
  CSS, HTML, and JavaScript live in any web page
- XML Developer Toolbar:allows XML Developer’s use of standard tools all from your browser.
- Web developer : Adds a menu and a toolbar with various web developer tools.

Headers manipulation
- HeaderMonitor
  : This is Firefox extension for display on statusbar panel any HTTP
  response header of top level document returned by a web server.
  Example: Server (by default), Content-Encoding, Content-Type,
  X-Powered-By and others.
- RefControl : Control what gets sent as the HTTP Referer on a per-site basis.
- User Agent Switcher :Adds a menu and a toolbar button to switch the user agent of the browser

Cookies manipulation
- Add N Edit Cookies : Cookie Editor that allows you add and edit "session" and saved cookies.
- CookieSwap
  : CookieSwap is an extension that enables you to maintain numerous sets
  or "profiles" of cookies that you can quickly swap between while
  browsing
- httpOnly : Adds httpOnly cookie support to Firefox by encrypting cookies marked as httpOnly on the browser side
- Allcookies : Dumps ALL cookies (including session cookies) to Firefox standard cookies.txt file

Security auditing
- HackBar
  : This toolbar will help you in testing sql injections, XSS holes and
  site security. It is NOT a tool for executing standard exploits and it
  will NOT learn you how to hack a site. Its main purpose is to help a
  developer do security audits on his code.
- Tamper Data : Use tamperdata to view and modify HTTP/HTTPS headers and post
  parameters.
- Chickenfoot
  : Chickenfoot is a Firefox extension that puts a programming
  environment in the browser’s sidebar so you can write scripts to
  manipulate web pages and automate web browsing. In Chickenfoot, scripts
  are written in a superset of Javascript that includes special functions
  specific to web tasks.

Proxy/web utilities

FoxyProxy
: FoxyProxy is an advanced proxy management tool that completely
replaces Firefox’s proxy configuration. It offers more features than
SwitchProxy, ProxyButton, QuickProxy, xyzproxy, ProxyTex, etc
SwitchProxy:
SwitchProxy lets you manage and switch between multiple proxy
configurations quickly and easily. You can also use it as an anonymizer
to protect your computer from prying eyes
POW (Plain Old WebServer)
: The Plain Old Webserver uses Server-side Javascript (SJS) to run a
server inside your browser. Use it to distribute files from your
browser. It supports Server-side JS, GET, POST, uploads, Cookies,
SQLite and AJAX. It has security features to password-protect your
site. Users have created a wiki, chat room and search engine using SJS.
Torbutton : Torbutton provides a button to securely and easily enable or disable
the browser’s use of Tor. It is currently the only addon that will
safely manage your Tor browsing to prevent IP address leakage, cookie
leakage, and general privacy attacks.

Misc

Hacks for fun
- Greasemonkey : Allows you to customize the way a webpage displays using small bits of JavaScript (scripts could be download here)

Encryption
- Fire Encrypter
  : FireEncrypter is an Firefox extension which gives you
  encryption/decryption and hashing functionalities right from your
  Firefox browser, mostly useful for developers or for education &
  fun.

Malware scanner
- QArchive.org web files checker
  : llowing people to check web files for any malware (viruses, trojans,
  worms, adware, spyware and other unwanted things) inclusions.
- Dr.Web anti-virus link checker : This plugin allows you to check any file you are about to download, any page you are about to visit
- ClamWin Antivirus Glue for Firefox : This extension scans every downloaded file automatically with ClamWin.

Anti Spoof
- refspoof
  : Easy to pretend to origin from a site by overriding the url referrer
  (in a http request). — it incorporates this feature by using the
  pseudo-protocol spoof:// .. thus it’s possible to store the information
  in a "hyperlink" – that can be used in any context .. like html pages
  or bookmarks

Kaminsky DNS Vulnerability for dummies

jekil — Sun, 10 Aug 2008 18:12:37 +0000

The easiest and best explanation of Dan Kaminsky DNS Vulnerability that i found on the Net:
An Illustrated Guide to the Kaminsky DNS Vulnerability by Steve Friedl