Entries Tagged as Security
How To Spoof Emails
Spoofing emails used to be a pain, you needed to find an open relay server and build an application that used that open relay server to send email on behalf of a specified email address.
Well things just got a whole lot easier. OpenInboxExperiment.com is a communal inbox that’s open to the public. One special feature of this, is the ability to send email however, one awesome feature of this is that the emails don’t need to come from anyone specific, but can be sent from the email address specified. IE; you can spoof someone’s email, without having to find a relay server and build an application to do it, this application is already built and open to the public. Best of all, this service is completely anonymous and according to the website, doesn't save any information about the emails being sent.
[Read more →]
On March 27th Offensive Security released a new version of Backtrack. Because they made so many changes from the last version, they changed the name to Kali Linux. The new version is faster, more than 300 tools, easier to update, Debian compliant and the install is a breeze.
In addition, they created a new website dedicated to Kali Linux which is excellent considering the old backtrack website really needed a facelift. But hey, give me more than 300 tools in linux distro, who am I to complain?
When I heard there was a new version of Backtrack, I almost fell off my chair. I've been on some hacker forums, specifically hackforums.net and many of them have nitpicked it, in my opinion, people like what they know and when things change, many people don't like change.
What i've found, is the new version of Kali Linux is at least for me, much faster, more reliable and the tools are much more up to date. I did a fresh install on one of my "Test" boxes and the install was much more smooth than I've had installing Backtrack. I've run it virtualized since then and found it awesome virtualized as well.
If you havn't already, I would highly recommend downloading it. Do it now!
There are many ways of cracking WEP keys and gaining access to Wi-Fi access points. I don’t recommend doing this unless you have permission to do so from the owners of those access points.
The method that I’ve used for years was to use a combination of tools that are included in BackTrack. These tools include airmon-ng, airodump-ng, aireplay-ng and of course aircrack-ng. Although this is an excellent way of doing this, if you haven’t done it this way I would highly recommend learning how to do it this way however, this method will not be covered in this tutorial. Lifehacker.com
however does have an excellent article on this method
that I highly recommend reading at some point.
[Read more →]
This tutorial goes over the basics of running Backtrack 5 on VirtualBox. In this tutorial I’m using Backtrack 5 R3 and VirtualBox 4.2 on Windows.
[Read more →]
I recently attended CFUNITED and loved it! It was great! Anyway, one of my favorite sessions at CFUNITED was a session by Pete Frietag entitled "Writing Secure CFML". In the session he said "who here has ever had their server hacked?" and to my amazement about half of the room put their hand up. This tells me that people aren't reading security bulletins (Wait, everyone reads those right?) and patching their servers accordingly. In the last few months I've seen two pop up that I just wanted to bring attention too.
Unauthenticated File Retrieval Vulnerability
Allows remote users to gain access to the server files through the ColdFusion Administrator. This could be used to gain database information or as a stepping stone to find internal vulnerability in applications.
Adobe has released a patch for this issue.
If your one of those people that don't like patching, an alternative fix is to change the default location of the ColdFusion Administrator or by limiting the ColdFusion Administrator's access from specified IP's.
Solr Service Information Disclosure Vulnerability
ColdFusion allows users to remotely connect to search collections that have been created by the Solr service. The flaw in this however is that by default any user can connect to this service from any IP without any type of authentication would could be used to gather information about the server or internal processes.
The best current solution at this time is to disable this service to be connected to from any other IP than the local IP of the server. Adobe has come out with an article outlining exactly how this can be done.
I would also highly recommend checking your server for vulnarabilities using http://hackmycf.com/. It's a very easy to use website that will tell you what patches your server needs.
ColdFusion · Security