Dec 042013

I often review various vulnerability scanners.  When I review them, I look at several different things:

  • were they able to find a vulnerability I previously missed?
  • are they accurate in their findings?
  • how quickly do they complete an audit compared to “insert some other vulnerability scanner here”?
  • sometimes I will also grab the tcpdumps of the audits for even further analysis
  • how accessible and easy are they to use by “skiddies”?
  • based on the tcpdumps + noise generated on the server logs, are the audit signatures of wapiti easy to detect?

Continue reading »

May 182013

A long time ago, I created a database to hold passwords and their respective hashes for some 16 various hash types.  It has approximately 310,261,848 passwords for each type and is growing nearly every day as more password lists become available.  I found a pretty quick way to generate the hashes for these wordlists and wanted to share how it is done.  These hashes only work with unsalted/unpeppered passwords.

First, lets look at my table schema, which is very simple and very effective.  It uses an index on the hash + password column so there can not be any two hashes+passwords that are the same.  The types table is a  simple lookup table that references data.type 1 to a name like DES.  The primary key is on the name column.  I don’t claim to be a db administrator so if you spot any errors, let me know.

Continue reading »

Jul 272012

Glastopf is a web application honeypot which emulates thousands of vulnerabilities to gather data from attacks targeting web applications.  The principle behind it is very simple:  Reply the correct response to the attacker exploiting the web application.

This article is mostly to cover the installation, setup, usage, etc


Continue reading »

May 252012

I do things the easiest way that gets the job done.  Someone asked me recently about mounting a shared windows drive in Linux from bash.  They stated they normally mount it through dolphin using:


That works until you need to copy files via rsync or some other bash method.  The solution is actually very simple:

mount -t cifs //ip_address/SHARED_DRIVE /mnt/directory -o user=username,password=user_password_on_windows_share,uid=500,gid=500

Just be sure you replace uid=500 with the users id in linux and gid=500 with the users group id in linux in order to be able to write files/directories with the proper permissions.  Of course the mount directory, /mnt/directory, also must exist.

If you get an error about “mount error(12): Cannot Allocate Memory

the fix is:

Edit the windows registry

Set “HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\LargeSystemCache” to “1″.
Set “HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\Size” to “3″.
Restart the “server” service.

Oct 112011

….I can assure you, if I can’t do it in bash, it doesn’t need to be done…..the other side of the argument was, well, bash isn’t multi-threaded…..hahahahaha …..really??? Run this……

set -m # Enable Job Control
trap '' 2 # disable ctrl + c so you can't stop this bitch
rand=${RANDOM} # lets find some big random number
let POWEROFTWO=${rand}**2 # and since its not big enough, make it ^2
	for i in `seq ${POWEROFTWO}`; do # start HUGE num jobs in parallel
		echo "99999999999^99999999999" | bc
		sleep 1 &
# Wait FOREVER for jobs to finish cause you can't stop me now nemo
while [ 1 ]; do fg 2> /dev/null; [ $? == 1 ] && break; done

Aug 152006

I am teaching three Distance Learning Classes for the Maysville Community & Technical College beginning in the fall semester.

The two courses are:
NIS230 – Introduction to Unix (using Fedora Core Linux)
CIS200 – MySQL & PHP Programming

The first course, NIS230, is a repeat of the Winter course using a revised edition of the book with an additional chapter on Linux System Security. The book includes Fedora Core 2 installation CD’s which have a bug if it is installed on a dual-boot system and since the latest version of Fedora Core 4 is out, I will be handing these CD’s out to students and recommend they use this edition instead (or any other Linux distribution of their choice). As an alternative to installing Fedora Core Linux, we also offer the option of using the Adios bootable Linux distribution (or any bootable Linux distribution will suffice). The book & lecture content will be updated, as needed, since Linux is a rapidly changing operating system that remains in constant development.

The combined MySQL + PHP course will be split into two 8 week courses, and using the excellent book Build Your Own Database Driven Website Using PHP & MySQL from SitePoint.