Tuesday, July 19, 2005

Microsoft Windows server with a vulnerable IIS5 installation

Nice One with Whoppix.

The author has provided you with an "over the shoulder" view of locating, probing, penetrating and 0wning a Microsoft Windows server with a vulnerable IIS5 installation.

Highly recommended viewing. You'll get a nice idea of how useful the Knoppix-style distributions are and how powerful some of the tools are.

You can see the video here

Nitin :)

Wednesday, July 06, 2005

City of Vienna Chooses Linux

(via Slashdot) Bill Kendrick writes "Back in January, ZDNet reported that the city of Vienna, Austria was looking to move at least a portion of its desktops to Linux. Well, it looks like it happened (in German; use the fish). Their official distro is based on Debian with KDE, and is called WEINUX."

Source /.

Nitin :)

PHP Blogging Apps Vulnerable to XML-RPC Exploits

Many popular PHP-based blogging, wiki and content management programs can be exploited through a security hole in the way PHP programs handle XML commands. The flaw allows an attacker to compromise a web server, and is found in programs including PostNuke, WordPress, Drupal, Serendipity, phpAdsNew, phpWiki and phpMyFAQ, among others.

The flaw affects the XML-RPC function, which has many uses in web applications, including "ping" update notifications for RSS feeds. PHP libraries that allow applications to exchange XML data using remote procedure calls(RPC) fail to fully check incoming data for malicious commands. The affected libraries, including PHPXMLRPC and Pear XML-RPC, are included in many interactive applications written in PHP.

Source : Netcraft

Nitin :)

FreeBSD Tip

After a long time putting up a FreeBSD tip :

How to write protect important file (even root can NOT modify/delete it)

If you have some internal application developed to manage the users and other stuff. However some admin still some time make changes /etc/passwd or /etc/master.passwd via sudo. Then the idea of file write protection comes. I suggested to use them chflags.

This kind of write protection can be set under FreeBSD using the special bit call immutable by root user only. Once this bit is setup no one can delete or modify file including root. And only root can clear the File immutable bit.

You must be a root user to setup or clear the immutable bit.

1. Setup file immutable bit
Use chflags command as follows:
#chflags schg /tmp/test.doc

Try to remove or moify file file with rm or vi:
# rm -f /tmp/test.doc
rm: /tmp/test.doc: Operation not permitted

Don't be supriesed even root is not allowed to remove or modify file. This is useful to protect important file such as /etc/passwd, /etc/master.passwd etc.

2. Display if file immutable bit is on or off:
ls -lo /tmp/test.doc
-rw-r--r-- 1 root wheel schg 19 Jun 29 22:22 /tmp/test.doc

3. Clear or remove file immutable bit:
#chflags noschg /tmp/test.doc

Now you can remove or modify file. Please note that immutable flag can be set by root user only. chflags also supports few other interesting flags.

arch: set the archived flag
nodump: set the nodump flag
sappnd: set the system append-only flag
schg: set the system immutable flag
sunlnk: set the system undeletable flag
uappnd: set the user append-only flag
uchg: set the user immutable flag
uunlnk: set the user undeletable flag

Putting the letters ``no'' before an option causes the flag to be turned off.

It is possible to do this in Linux too ;) using the chattr command. For more info on it do man chattr.

Also you can explore various linux options to view these attributes using the man ls and checking out the options

Nitin :)

Superimposing Google Satellite and Map images

Surprising the maps are so inaccurate - I think it has something to do with Googles rendering, which sacrifices accuracy for pretty looking pictures.

You can view it here.
Nitin :)

Monday, July 04, 2005

Penetration Testing Tools

I have been doing a lot of reading on penetration testing on Wireless networks and cracking WEP.

I have found one of the best toolkits/Knoppix cd is Whoppix. It has everything you need to perform basic and some advanced penetration testing on a network. Their site also has some pretty interesting videos, for example how to crack WEP in under ten minutes.

The other good one to be named here is Knoppix STD.

The link to their websites is as below :

Whoppix : http://www.whoppix.net/
Knoppix STD : http://www.knoppix-std.org/

Last but not the least whoppix has exploit archive from Securityfocus , Packetstorm , SecurityForest , Milw0rm.

Remember if you wanna test your own networks with these tools it good , if you wanna test some other network pls get a approval from that organisation else you would be putting your foot in your mouth.

Nitin :)

Sunday, July 03, 2005


Mr. Narayana Murthy is undoubtedly one of the most famous persons from Karnataka.

He is known not just for building the biggest IT empire in India but also for his simplicity.Almost every important dignitary visits Infosys campus.This is interesting... A MUST READ for people doing Over-Time (OT) out there...An interesting speech delivered by a CEO of a premier IT company ofIndia during an employee session with another IT company in India. Heis incidentally, one of the top 50 influential people of Asiaaccording to the latest Asiaweek publication and also the new ITAdvisor to the Thailand Prime Minister.

Extract of Mr. Narayana Murthy's Speech during Mentor Session:

I totally agree with him ( Mr Narayana Murthy ) and thankfully GOD i love my job and company too currently :).

You can read the complete story here

Pls friends put your suggestions on what do you feel.

Nitin :)