When our Pen-Testing class lost some direction in the Fall 2005 semester, Mike and I led the class around a real life pentest of the Electric Sheep screensaver application. We acted as teachers for close to a month for the class of about 20 grads and undergrads dividing up tasks, polishing the quality of work, managing communication, locating new leads for vulnerabilities and even authoring a few exploits. The end results of our work were multiple local buffer overflows, two avenues for remote privilege escalations, and arbritrary remote video playback with a few unanswered questions concerning other functions of Electric Sheep. Here are copies of our work:
Less
More
Archive for February, 2006
I spent most of last week either at a funeral in Virginia, sick with a terrible stomach virus I caught at the funeral, or crying for my computer to finally start working again. Luckily, by now, Sunday night, my life is back to normal. Luckily…
Anyway, two interesting people started blogging this week. One of them is the current Zen Master in Tokyo and the other is Malcolm Gladwell.
I’d also like to inform the public that I am now a certified Bomb Technician, so if you see me running, trying to keep up. I’m not joking, I was actually given the privilege of being able to attend a security awareness training seminar dealing with the identification and response to explosive material.
Last piece of queued up news is that I received an offer for an internship this summer. I’ll be working at an Investment Bank in Manhattan :-).
No wait, I can’t leave without a quick joke:
What’s worse than getting tea-bagged and almost banana butt-raped? Give up? Getting tea-bagged and almost banana butt-raped and having your mom tell national television about it! Sigh, the things that qualify as news these days…
UPDATE: I forgot the real reason I started writing this. Ubuntu reached a major milestone in the last few days, they had a version freeze for the development branch of Dapper Drake! Also in Linux distro news, SUSE 10.1 is almost out the door, Fedora Core 5 is due to be released March 15th and so is Gnome 2.14! This time of year is exciting for Linux because most people time their releases for just about now. But guess what? Because of Gaim’s inability to get a new version out on the door, all 3 of those distros including Gnome will be shipping with Gaim 1.5.
As I was saying, Gaim, the omnipresent IM client on Linux and force for good in the proprietary IM protocol wars, sucks. Their lead developer can’t manage an open source project and participation in its development is devolving into flame wars. Users pissed that he can’t keep people up to date on the project (through gaim.sf.net) because, dammit, he’s got some explaining to do! Gaim v2 is over 4 months late and integration of the Google SoC projects from 2005 are over 5 months late. Google hired the lead developer (same one as before) so he could drop everything else and get to fucking work on it and all I’ve ever heard since is how they squandered the improvements the gaim-vv fork contributed back to the project. They’re a big, fucking, mess.
They need:
- A monthly newsletter. It’s as useful for the users as it is for the devs because it keeps them on target and forces them to have something to show each release.
- More releases. Release early, release often. D’uh.
- A working forum. SF’s pathetic forum and Gaim’s pathetic organization of it (1 room? are you kidding?) should be ported over to vBulletin and used as a primary source for gathering bug reports, feature requests, and encouraging collaboration.
- A group developer blog where devs aren’t shy to post technical details and calls for help. A good model would be the Securiteam Blogs, The Fridge, or MozillaZine.
- A name change. Gaim is no longer just for AIM and the name was retarded to begin with IMHO.
- Drop the ugly looking windows frontend and someone use libgaim to develop a windows-only frontend a la Adium for MacOSX.
In the meantime, I’m hoping that Google gets a move on with its gateway between GTalk and AIM because I’d much rather use their client.
I think Niki has the right idea. It’s about time I set up an encrypted home directory and an encrypted swap partition. I’m going to wait for my new motherboard and for the next version of Ubuntu to come out though. This computer isn’t exactly all that stable yet.
I found these links to be very helpful:
UPDATE: Here’s a HOWTO I wrote for doing everything you might want with dm_crypt Continue reading ‘encrypted filesystems’
Has anyone heard of this? You can use Google Talk as a Single Sign On mechanism?
http://dystopics.dump.be/2006/02/04/the-mysteries-of-x-google-token-and-why-it-matters/
Before we go any further, answer this question:
If you had another opinion or would like to explain your position please post a comment and tell me what you think, I’d really like to know.
I took a little adventure this weekend and worked through the entire Headfirst XHTML and CSS book from O’Reilly. The end result was this monster: www.cryptocity.net. A good example of Pure CSS menus, a CSS footer, and a static, centered, 3 column with header CSS layout that validates in XHTML 1.0 Strict and CSS. I’m proud of myself. I have the feeling that if I did this for 8 hours a day for another 2 weeks, I’d be able to design a large scale website that looks good and functions well. I’m not going to, but what I’m saying is that this advanced use of CSS came so easy that I don’t see it getting much tougher.
Anyway, I highly reccommend the book, it was a great read even though I started at Chapter 6 (I think). It really explained what I need to know but it should have had more on descendant selectors, grouping selectors, wildcard selectors, and single-level descendant selectors in CSS. I had to look up all of those online to figure them out out and I used all of them except wildcard selectors in my little demo.
After having said all that, here’s my take on web design. I don’t think that Web Design presents as much oppurtunity as a normal art form like print media or full-blown graphic design does. Web design is very limited, the tools are crude, the browsers are cruder. Instead, I’d describe it as a study of Human Usability. It’s not what looks nice, it’s what works right. And if you take it as designing a product which is the most usable given a human operator, Web Design becomes less an art form and more a school of engineering. I think Web Design is a misnomer. It’s Web Engineering.
I don’t in a million years think that I could sit down for a weekend and become a good designer (an artist). I do think that I can sit down for a weekend and become a Web Designer only because it’s not so much about design as it is about creating something that ‘works’, an inherently un-artistic quality.
So KisMAC has the void11 deauth attack, aircrack’s wep cracking, and a script to do the packet reply attack built into it.
Kismet, take a hint.
Now all they’ve got to do is add-in coWPAtty and bundle the WPA rainbow tables the Church of Wifi was working on at ShmooCon. I wonder if coWPAtty works correctly on Mac OSX… damn you Apple! Come out with the perfect laptop for me and I’ll buy it, but your MacBook Pro shit sucks.
