Infosec Pals

There are myriad of tutorials available that spoon feed how to setup a SOCKS dynamic proxy connection using SSH. The problem with all of these setups is they assume you are in control of the SSH server and can run as root (dynamic proxy only works as root) and the application that you intend to tunnel has SOCKS proxy support.

If you have tried to tunnel any traffic through university SSH accounts or tried to tunnel IM clients through SSH SOCKS proxy you will soon realize they don’t work with any of the SOCKS proxy instructions.

Most IM clients don’t support SOCKS or if the do they don’t work well. On the other hand HTTP proxies work universally well with all type of applications. Read more »

Everyone knows about how great HDM’s Metasploit really is. I recently came across an interesting feature on the website called the Metasploit Opcode DB that allows people to not only search for instructions from Windows system DLLs but also check for their compatibility across different flavors of Windows.
The need for such instructions stems from a situation when Read more »

An unauthenticated SQL Injection point in an application using a Microsoft Access database will probably not lead to sensitive information leakage. However, it is still possible to use the error messages from Access to verify if a specific file exists in the server file system or not:

Injection: ‘ union select 1 from blah in ‘\foo’ where 1=1 or ‘a’=’

Microsoft OLE DB Provider for ODBC Drivers error ‘80004005′
[Microsoft][ODBC Microsoft Access Driver] Could not find file ‘c:\foo’.
/search/sub_search.asp, line 209

Injection: ‘ union select 1 from blah in ‘\boot.ini’ where 1=1 or ‘a’=’

Microsoft OLE DB Provider for ODBC Drivers error ‘80004005′
[Microsoft][ODBC Microsoft Access Driver] Unrecognized database format ‘c:\boot.ini’.
/search/sub_search.asp, line 209

I have been using EvDO for a while and the Rev.A speeds rock putting most EDGE/GPRS networks to shame. Recently came across the GPS feature in the EvDO Novatel-S720 card, a new software/firmware update makes the GPS function more easier to access. On older Sprint connection manager software you had to be disconnected from the network and type ##GPS over the Go button to bring the hidden GPS window. With the new connection manager for S720 it is all right there in the menu.

Read more »

An example post about an example website, that has an URL www.example.com, apparently an example domain that cannot be used for any other purposes other than for examples as defined in the example RFC 2606 (Section 3) not bad for an example post huh!