//
archives

Security

This tag is associated with 24 posts

Securing Windows Against Stupid Simple Attacks: Pt 3 Auto Share Server aka Administrative Shares

Most users and admins of windows machines don’t know that each drive has an administrative share for each Logical Volume(partition). These shares are hidden from browsing by putting a ‘$’ at the end of the share name ie ‘c$’ ‘d$’ etc. These shares can lead to information disclosure or be potentially used to place a … Continue reading

Securing Windows Against Stupid Simple Attacks: Pt 2 AutoRun is enabled

Virus distribution via USB is growing with alarming popularity. The recent Gauss virus, a cousin of Stuxnet and Flame, has an encrypted payload that is installed on to USB mediums if a target machine meets certain criteria. Similarly the Stuxnet virus would propagate faster on illegal copies of windows. Zemra was revealed to have USB … Continue reading

Securing Windows Against Stupid Simple Attacks: Pt 1 The Premise

Those of you that work with me already know that I am a huge proponent of the Windows operating system as a versatile platform that is easy to administer. I reserve the use of Linux systems to specialty appliance type roles on a network. If I need a more advanced router, if I need a … Continue reading

Tracking Website Visitors Pt5: Installation Script

/tracker/install.php Tracking Website Visitors Pt1: Masking Image Requests Tracking Website Visitors Pt2: Returning Image From Database Tracking Website Visitors Pt3: Returning Tracking Information Tracking Website Visitors Pt4: Uploading Image to MySql Tracking Website Visitors Pt5: Installation Script

Tracking Website Visitors Pt4: Uploading Image to MySql

/tracker/upload_image.php Tracking Website Visitors Pt1: Masking Image Requests Tracking Website Visitors Pt2: Returning Image From Database Tracking Website Visitors Pt3: Returning Tracking Information Tracking Website Visitors Pt4: Uploading Image to MySql Tracking Website Visitors Pt5: Installation Script

Tracking Website Visitors Pt3: Returning Tracking Information

This is just a simple page for reading the hits from the database with your tracking information for the image id involved. /tracker/status.php Tracking Website Visitors Pt1: Masking Image Requests Tracking Website Visitors Pt2: Returning Image From Database Tracking Website Visitors Pt3: Returning Tracking Information Tracking Website Visitors Pt4: Uploading Image to MySql Tracking Website … Continue reading

Tracking Website Visitors Pt2: Returning Image From Database

/tracker/return_image.php Tracking Website Visitors Pt1: Masking Image Requests Tracking Website Visitors Pt2: Returning Image From Database Tracking Website Visitors Pt3: Returning Tracking Information Tracking Website Visitors Pt4: Uploading Image to MySql Tracking Website Visitors Pt5: Installation Script

Tracking Website Visitors Pt1: Masking Image Requests

Email marketers commonly use small images embedded in email messages as tracking mechanisms. These email tracking images enable marketers to track approximately how many people viewed a particular email campaign. The same technology has implications in security. Now and then I am asked to consult on Bond skips. Bounty hunters will ask me to help … Continue reading

Automatically decompiling virii

While looking for better and faster ways of analyzing virii to attack CNCs faster I ended up finding some new tools out in the world these days. You guys keep me on my toes with coming out with open source tech constantly! There is a free .Net compiler called JustDecompile recently release by Telerik(ok of … Continue reading

Audio Steganography PT5: Estimating Size of Data Hidden by MP3Stego

Analyzing the size of the hidden information After confirming MP3Stego encoder, the size of the hidden information can be determined by calculating the changes of block length’ variance, because the variance changes obviously between the mp3 data with or without information-hiding. Let x denote the block length, and ∑x denote the summation of n blocks … Continue reading