Haroon Meer
Sorting your shoes like a whore!
(my first X-Rated blog post.. i should hook up ad-words and watch the money roll in!) Ok.. our Zimbabwean recruit was posed the following question by some international academics: Q:”How would you sort your shoes?” He answered: A: “I make the assumption that the shoes are positioned such that I can see their sizes, and that they are in a row of boxes. I would randomly pick a pair of…
HTTP-Mangler QoW…
Many people took a crack at “what tool will work to replace mangler, out of the box” and so we have a bunch of new tools to play with.. Steven’s answer of MS-Word or PowerPoint left us scratching our heads a little, and rezn threw in the added complexity of the app requiring valid certs.. (to answer rezn, i think you could avoid the SSL complications with judicious use of…
Locating other sites on a virtually hosted box..
So everyone uses the live search engine with a ip: when trying to locate virtual hosts. I used domaintools in the past with good results, till they went fully pay-per-use. Checkout Reverse IP Domain Check , The 2 ips i’ve tested it on, gave reasonable results and at a great price!
Horses and DNS BruteForcing..
Old timers here will know about the concept of bruteforcing DNS using the clues available.. i.e. zone transfers disabled, but u see that the NS and MX servers are called gandalf.company.com and elrond.company.com. Effectively trying frodo.company.com is going to make good sense.. To this end BidiBlah will do this automagically for u and tries to eek out info.. (a little while back i saw fierce-scanner pop up in a similar…
Open source (and lightning fast) Safari ?
While im into posting mac-links.. Check out [Webkit] A little while back i mentioned not understanding why anyone would run a closed source browser while a decent open source version existed.. Then i was forced to use Safari while doing some testing, and was impressed by its snappiness.. it impressed me more when it didnt flinch at me opening ans surfing thousands of tabs.. blergh.. suddenly my firefox was losing…
Tooble for the win.. piracy++ ??
For those of you who have not yet tried it, check out Tooble. Its a point and click tool that lets you download videos from the youtube.. its pretty cool and allows u to pull/convert videos pretty trivially.. [for all my “dont do piracy” holier than thou-ness, i now have to wondr if pulling a google-tech-talk, which doesnt have a download link (i.e. the authors did not want us to…
John Heasman is now Blogging..
John is one of the bright guys over at NGS, and judging by his track record will boost the signal to noise ratio in the blogosphere.. You can read him at [aut disce, aut discede] (of course, in truth.. i woulda linked to the blog just because i love the title (aut disce, aut discede – Either learn or leave))
Eerie coincidences..
a) its my birthday in a few days b) Apple just announced the new macbookair.. Coincidence??? i think not!!!
Is URL / Variable Name the new Port Number ??
There has been a fair bit of blog buzz about the new SQL Injection worm that ran around infecting sites. I have not looked too deeply into it, but have not yet seen accounts of how the targeting was done. Since the sites do not appear to have been running a common framework i would guess that it was search-engine generated targets based on resource name (like inurl: search.asp).. For…
Strange Entries in your wbeserver logs, Wikto and questions about our Gender!
Over the past while we have been getting emails from people trying to figure out why they had entries like this in their http log files: 10.10.1.136 – – [32/Dec/2007:25:61:07 +0200] “GET //admin/dat_Gareth_at_sensepost_hackslikeagirl_.asp HTTP/1.1” 404 – Recently a concerned Wikto user figured out that this was linked to him using Wikto (our Win32 Nikto Replacement + Directory / File / Back-End Miner). A snippet from his email read: -snip- I…