Jul 092018
 

If you have worked with mysql/mariadb/galera …. sooner or later you are going to have to do a restore.  Or if you are setting up a new master – slave, the size of the database can greatly affect how long it takes.  mysdqldump at one time was all that was available and for it for to be accurate, you need to lock tables which can affect production environments, do the dump in another shell, record the master log and position, transfer the files to another server, import the database, change master too ….. very very very time consuming.  So here is a way I have found that doesn’t lock the tables, doesn’t need to record the master log file or position, and does the dump and import in parallel greatly speeding things up.

Continue reading »

May 052018
 

We have all lost a hard drive at one time or another on a laptop or desktop computer and it always seems like it happens right after several weeks of not performing backups.  Last year, I lost about 15 years of research on an external drive that failed.  I had this system that has worked as long as I can remember where I simply swapped an external drive every two years with a new one after copying the data.  What failed on me though was I became over-confident in this system and wiped out the older drives in order to make room for something else, meanwhile the current drive decided to barf after only about 6 months of usage … literally within a couple weeks of me wiping the previous drives clean.  I was pretty pissed to say the least.  So, lesson learned, I decided to implement a better backup plan.  I wanted a way that would work and be simple.  Instead of a file server and transferring data over a wire, I wanted an external drive I could plug-in and leave plugged in while working or at home or in some motel.  I wanted full backups and I wanted it to be incremental to save space.  This was how I accomplished these tasks …

Continue reading »

Mar 162015
 
Screenshot of psecio-parse scan

I used rips for many years to help with auditing source code.  Lets face it, anytime you can automate a mundane task such as source code auditing, you free up time for other things to be done…..plus if you have ever stared at source code for 14+ hours straight reading line by line by line ….. you know how well automation helps save your vision.

Anyways, today I found a new project at github and wanted to document how I set it up.  One thing to keep in mind is that this is a relatively new project, and with any new project of this size and scope … we can generally expect a few things …. lots of development changes and false positives.  Even with this being known, I still love the direction the project is already moving … so lets begin.

Continue reading »

Dec 042013
 

I often review various vulnerability scanners.  When I review them, I look at several different things:

  • were they able to find a vulnerability I previously missed?
  • are they accurate in their findings?
  • how quickly do they complete an audit compared to “insert some other vulnerability scanner here”?
  • sometimes I will also grab the tcpdumps of the audits for even further analysis
  • how accessible and easy are they to use by “skiddies”?
  • based on the tcpdumps + noise generated on the server logs, are the audit signatures of wapiti easy to detect?

Continue reading »

Oct 272013
 

This is a really simple fix which will block the user enumeration on a wordpress site (like the method by wpscan).

Before I get into this, I am very well aware of the IfIsEvil page on nginx wiki.  But it also says on this page, “The only 100% safe things which may be done inside if in location context are:  return and rewrite as the last statement in a location block”  With that in mind, we are going to use ONLY rewrite as the last statement in our location block.

Continue reading »

May 182013
 

A long time ago, I created a database to hold passwords and their respective hashes for some 16 various hash types.  It has approximately 310,261,848 passwords for each type and is growing nearly every day as more password lists become available.  I found a pretty quick way to generate the hashes for these wordlists and wanted to share how it is done.  These hashes only work with unsalted/unpeppered passwords.

First, lets look at my table schema, which is very simple and very effective.  It uses an index on the hash + password column so there can not be any two hashes+passwords that are the same.  The types table is a  simple lookup table that references data.type 1 to a name like DES.  The primary key is on the name column.  I don’t claim to be a db administrator so if you spot any errors, let me know.

Continue reading »

Jul 272012
 

Glastopf is a web application honeypot which emulates thousands of vulnerabilities to gather data from attacks targeting web applications.  The principle behind it is very simple:  Reply the correct response to the attacker exploiting the web application.

This article is mostly to cover the installation, setup, usage, etc

Installation

Continue reading »

Jul 092012
 

Backtrack has dbpwaudit in /pentest/database/dbpwaudit, however, it does not come with the java jar files required.  So, first you have to go download them.  The easiest way I found out to do that is by simply searching for the aliases and then googling them.  You can get the aliases with the -L option:

user@HOST:/pentest/database/dbpwaudit$ ./dbpwaudit.sh -L
DBPwAudit v0.8 by Patrik Karlsson <patrik@cqure.net>
----------------------------------------------------
Oracle - oracle.jdbc.driver.OracleDriver
MySQL - com.mysql.jdbc.Driver
MSSql - com.microsoft.sqlserver.jdbc.SQLServerDriver
DB2 - com.ibm.db2.jcc.DB2Driver

Continue reading »

Jun 132012
 

I love tweetdeck, so imagine my surprise when Adobe decided to not support AIR on linux anymore.  So until today, I had still been using the native adobe air version of tweetdeck on linux.  Yesterday though, tweetdeck would randomly lock up.  Today, it wouldn’t post or anything so I set out to install the windows version on linux using wine.  Its actually pretty damn easy and so far, no problems.

This is how you do it in 5 steps or less in ubuntu’ish linux:

Continue reading »