Tuesday, June 30, 2009

Google Reader Lite

Recently, Google Reader homepage has been updated with a small feed reader on 3 feed categories: News, Popular, Sport.

You can access this Google Reader lite directly instead of via iFrame.

Sunday, June 28, 2009

Forensic on Microsoft Office Document Metadata

This is a post about performing metadata forensics on office documents using some tools: wmd.pl, SSView, BIFFView.

As a forensic practitioner, you shouldn't have miss the Deeply Embedded Metadata at CmdLab.

DoS in HTTP

This weekend, I've been spending time checking on a couple of posting about denial of service (DoS). Of course, it is all begin with the recently HTTP DoS (not TCP DoS), Slowloris.

This is an effort in performing DoS attack to vulnerable HTTP servers rather than TCP services. A few common web servers have been identified to be vulnerable to this type of attack including Apache 1.x and 2.x. But our favorite IIS is NOT vulnerable.

Ans don't forget to check out the DoS attack to HTTP using Google Analytics. This is interesting as it is targetting those shared sub-domain sites, such as blogspot.com, and browsers that allow top level domain cookies. The idea here is, if you can set a large enough cookie (8190 bytes), you can DoS someone's client from accessing the web page. The limit for a cookie is 4K, but you can use 2 cookies at Google Analytics as a attack vector. This is serious.

The other posts from WebSecurity are interesting too. It classifies HTTP DoS attacks for both the browser and web application. One very interesting post from WebSecurity is the "Recursive File Include DoS Attack". See the links below.

Check them out if you have time:

Friday, June 26, 2009

DEFCON Tools Page

Now, DEFCON has its tools page up!

This is a repository of the great and innovative tools that have accompanied DEFCON talks over the years. Have fun!
  • https://www.defcon.org/html/links/dc-tools.html

Free Skype-in with Ring2Skype

Ring2Skype is a new free service that allows you to receive phone calls on your Skype from the phone network!

Once you sign up, you will get a phone number and a private extension. All calls to your extension ring at your Skype. That’s it. Simple, Reliable and FREE.

Google's approach to email

Become a Gmail Ninja: white belt, green belt, black belt, and Master.

Learn tips and tricks to save time, increase your productivity, and manage your email efficiently. Start with the tips that are right for you, based on how much email you get each day.

Friday, June 12, 2009

Howto Make the Search Engine Searches You

Here's the instruction on how to submit your websites to the popular search engines.

Microsoft Bing
Get your Windows Live ID ready, and visit to this site:
  • http://www.bing.com/webmaster/WebmasterAddSitesPage.aspx
  • Fill out your website’s complete URL
  • (Optionally) Insert the your sitemap URL in second line.
  • Finally, input email and select if you want news updates for webmasters.

Google
Same here, visit to this site:
  • http://www.google.com/webmasters/tools/
  • Log in with your Google ID.
  • Enter your site’s URL address
  • You may also add a site map and get it verified. This involves adding some code to your site to confirm the ownership.
Have you submitted your blog or website to these or other search engines? Which has brought you the best results? Share them with us in the comments!

Monday, June 08, 2009

Swiss Army Knife Internet Tool

Today, I've been introduced a new online tool to perform information gathering, called robtex.

With rotex, we can search for:
  • RBL checks multible RBL
  • DNS checks: detailed DNS information for a hostname or a domain
  • IP-number checks: IP number information such as DNS reverse/forwards
  • C-net checks an entire c-network
  • WHOIS lookup checks.
  • Route: checks a specific routed prefix
  • AS numbers: checks information on an AS-number
  • BGP announcements: checks prefixes origined from a specific AS-number
  • AS macros: checks who belongs to an AS-macro (example: as-ams-ix-peers)
  • RFC documents.

Friday, June 05, 2009

Virtual Host and DNS Enumeration Techniques

This is a great post on techniques to performing virtual host and DNS enumerations for reconnaissance in penetration testing.

Here's the summary:
  • DNS enumeration
  • Banner grabbing
  • SSL/TLS enumeration
  • HTTP Protocol enumeration
  • Active/Passive Web enumeration
Check out this site from Lonerunners. It does mention about Hostmap too.

Thursday, June 04, 2009

HostMapping

Everyone perform reconnaissance during penetration testing. Here comes a handy tool to help you to perform hostmapping for information gathering.

It helps you using several techniques to enumerate all the hostnames associated with an IP address. This is similar to SpyOnWeb.

The major features are:
  • DNS names and virtual hosts enumeration.
  • Multiple discovery techniques, to read more see user guide.
  • Results correlation, aggregation and normalization.
  • Multithreaded and event based engine.
  • Platform independent.
Download a copy of this handy tool here!

Wednesday, June 03, 2009

Spy On Web

SpyOnWeb.com takes the information from public sources, then structures it for your quick and convenient search for the websites that probably belong to the same owner. The web crawler picks out the following data: IP address, Google Adsense ID, Google Analytics ID, Yahoo Publisher Network ID, Yandex Direct ID.

This greatly helpss a pentester to disclose any websites with the same IP address and same owner during reconnaissance. Simply enter website URL, IP address, adversting or statistics code to discover the targetted internet business and use this data for your further strategy.

According to the website, they have indexed more than 72 million domains with more than:
  • 8 499 550 sites with Google Analytics code.
  • 3 603 150 sites with Google AdSense code.
  • 20 347 sites with Yahoo Publisher Network code.
  • 13 448 sites with Yandex Direct code.

Tuesday, June 02, 2009

Online Web Information Gathering

Here is a very useful service I’ve discovered today.

Sucuri WIGS (Web information gathering) is a simple tool to collect public information from any web site. It is very lightweight, executing just a few normal requests to your site and processing the information internally.

Enter the site URL, it will shows you:
  • The web server information: banner, version.
  • Related hosts and IP address: sub-sites.
  • DNS lookup information.
  • HTTP header information.
  • Whois information.
  • List of links.
Find here the online service from Sucuri web site.

Monday, June 01, 2009

Reverse Lookup with Bing

I learn this unique feature at Microsoft latest search engine, Bing.

You may perform reverse lookup with an IP address for a main site and generate a list of sub-site with Bing search engine.

For example, you enter "ip:216.34.181.45" (without the quote). This is the IP address for SlashDot main. It will results in 310,000 answers with a list of sub-site that hosting at the same public IP address.

This is a great feature as it can allow a pentester to find out how many websites are hosted at one particular IP address during reconnaissance. Cool!