Main
Codex
Librarium Whitehat
Advisories
Blog Pics
"Inveniam viam aut faciam" : I will either find a way, or I shall make one

Adeptus-Mechanicus - BlogMe


Ubuntu ‘pictures folder’ screensaver – custom folder

If you use Ubuntu, and you use the ‘Pictures Folder’ screensaver, you may want to not have it point at your entire folder of pictures. So if you want it to just display pictures from a specific folder:

  • edit the /usr/share/applications/screensavers/personal-slideshow.desktop file
  • change the Exec entry to look like: Exec=slideshow –location <path to folder>
Published by erich, on October 30th, 2011 at 4:26 am. Filled under: linux,quickNo Comments

Getting the the ‘nice’ Picasa on linux

If you do not use a apple computer, then your choice for free photo management is pretty much going to be Picasa from google. It is a nice  program, with some cool features. But if you use linux, you may be feeling a bit unloved. You see, the only ‘official’ linux package of Picasa stops at version 3.0. And this is missing some of the nicer features, like facial recognition. But fear not, all it not lost!

You see the official package is pretty much just a wine package anyway, so with a few simple steps we can upgrade. What we are going to do is:

  1. download the current windows version of picasa
  2. make sure you have wine installed and then install this new windows picasa binary using wine
  3. once setup is done head to /opt/google/picasa/3.0/wine/drive_c/Program Files/Google
  4. get rid of the picasa3 folder
  5. now create a link to ~/.wine/drive_c/Program Files/Google/Picasa3 to replace the folder you just deleted

Now when you start up picasa,it will load the new version with the new features. Enjoy.

Published by erich, on October 30th, 2011 at 1:35 am. Filled under: linux,quickNo Comments

Metasploit and owning windows – SAM and OPHCrack

Metasploit is a must have in anyone’s toolkit (go get it now – here), and among it laundry list of functionality I want to start touching on using it to get windows password hashes and cracking them. Now for the purposes of this you will also need ophcrack (get here and do not forget the tables). Ophcrack is a rainbow tables password cracker, which in simple terms means it has precomputed password hashes and stores them in an easily searchable format. It is generally only useful for non-salted hashes but on those it does work on, it is very, very fast.
Address : <http://www.adeptus-mechanicus.com/codex/metasam/metasam.php>

Published by erich, on September 14th, 2011 at 1:41 pm. Filled under: GeneralNo Comments

Movie title buffer underflow?

Published by erich, on August 21st, 2011 at 5:31 pm. Filled under: GeneralNo Comments

How can I remember the color of my car, hmmmm…

Published by erich, on August 21st, 2011 at 5:28 pm. Filled under: GeneralNo Comments

Hyundai of the beast

Published by erich, on August 21st, 2011 at 5:26 pm. Filled under: GeneralNo Comments

sftp transfer logs

If you want to log the usage of sftp on your linux box you can make a simple edit to your (normally found here) /etc/ssh/sshd_config:

Subsystem sftp internal-sftp -f AUTH -l INFO

The addition of those two switches will greatly increase the details that are logged showing source, what directories accessed and what file actions are taken.

Published by erich, on August 18th, 2011 at 8:11 pm. Filled under: linux,quickNo Comments

A “Sophie’s Choice”

There is a very interesting novel called ‘Sophie’s Choice’. Without giving too much away, the core fact of the book is a choice a Polish mother had to make in the concetration camps during World War 2 and the impact it had. It is a powerful book and the core issue has been identified with so much that it has become an idiom. To quote wikipedia: A “Sophie’s Choice” is a tragic choice between two unbearable options.

So what has this to do with information security you ask? Well recently I was reading an article which put forward that Senior information security staff are not technical staff but sales staff. They need to be able to sell the various intiatives in the best possible way. Now I actually do agree with this, but I do have a problem (or I would not be writing this obviously), and it is this: The predominant way this is put forward to information security people is that if you want to get ahead and effect real change and earn ‘big-boy’ money, you have to become one of these Senior IS staff. And thus you need to give up the technical skills and become a sales person.

This to me is a “Sophie’s Choice”. You can stay technical doing what got you into the field in the first place BUT you never earn greatly and you are limited in effecting business. OR you can give it up, and become a sales person.

My thoughts on IS folk with no skills is well documented in previous posts, and I know this is not the case at all companies, but it is the general rule with a few exceptions. And it is due to this that I lay the fact that we are losing the war on cybercrime. Businesses expect and reward political games, ass-kissing and spin-doctoring. Whereas the bad guys want technical people to do what they do best so they can make money, and they pay them for it.I believe this is why the bad guys are out-doing us across the board.

Yes this may be a whine, but surely our choices are not limited to sales or technical?

Published by erich, on August 8th, 2011 at 5:25 pm. Filled under: General,rantNo Comments

Quick MYSQL tip

Using mysql from the command line is very useful. It allows one to plugin mysql queries and responses into a shell script. This is a good thing. The problem that arises though is the output. When you get the response it is delimited with a tab, and this can make it a bit difficult to work with in shell scripts. So lets use ‘tr’ …

echo “select * from TABLE1′” | mysql -pxxx DBNAME | tr “\011” “:” 

..and that will quite nicely replace the tabs with semi-colons. And that is easier to use in a script.

Published by erich, on August 3rd, 2011 at 3:00 pm. Filled under: linuxNo Comments

The right tool

I have recently being reminded that putting in a solution is not the same as putting in the right solution. In one company a risk was identified as data leakage, so they wanted a DLP solution. Nothing out of ordinary so far. Except that some people decided to use Safeguard PortProtector / DataExchange to accomplish this.

I have nothing against the product, it does what it is designed to do well. But what it is designed for is an active user-participation encryption mechanism for sharing files on portable media, NOT as a DLP solution. But regardless the solution was rolled out. within the first day, multiple “workarounds” had been discovered;

-Create a truecrypt file container at home (unecrypted), mount it at workplace and copy files in and out without the files or the container being encrypted.

-Use a separate machine without safeguard (like a test bench linux box), transfer files across the network to machine (unencrypted) and transfer there

-Use a vmware player instance since it will mount the usb device before safeguard grabs it and you can transfer files without encryption

Let me repeat, none of these are problems which are the fault of the Safeguard product, it was not designed for this. But because it was implemented poorly, this company now has these gaping holes in what it considers it’s DLP solution.

The blind leading the blind through traffic…

Published by erich, on May 18th, 2011 at 3:14 am. Filled under: GeneralNo Comments