In the tech world, there are a load of religious wars waging currently. Emacs vs. Vi... Linux vs Windows vs FreeBSD... and taking sides really defines you. Everyone involved takes a side, and it really defines who you are. This is me by preferences.
Emacs > Vi
0.5mm metal mechanical pencil > Anything else
Linux > Windows
OpenOffice > MS Office
Firefox > IE
Thunderbird = Evolution > Outlook
Port Multiplexer
The other day I was trying to figure out how much I can do with accessing only one port without tripping IDS before that machine. Hiding a service or two services in one port. Lets take an example, it would make more sense.
A way this can be accomplished is by using a port multiplexer. I searched around for this idea and the only thing I can ran across was a 1988 RFC 1078, that kind of does what I want, but not really. My thought on designing a port multiplexer is have it work like a NAT, except instead of IP address translation, it would do service translation.
This would work like this. First need to have the webserver process (apache/IIS) listen on some other port (lets say 81). Now have the Port Mux program listen on port 80. Now how it works from the time a user tries to connect to the server. The second service would be listening on port 10000 for this example.
So when a connection comes in, PortMUX will make the connection and accept the first packet and if it has a special string, it not it will forward the traffic from that connection to the web server. If it is a special character, the connection would be to port 10000. Its easy to detect if it's a HTTP request by looking at the first string in the packet and find "GET" or "POST". As for the special string, you could put something like "SPAMSPAMSPAM" which is definitely not a HTTP request... and would allow access to the second service.
I will make an implementation of this sometime later and post it, if you have some free time now feel free to make one and test it out.
You have a server with only port 80 open. How can I rig the server so it would continue to serve web data as normal on port 80 to regular clients, but at the same time allow special access or services through the same portA way this can be accomplished is by using a port multiplexer. I searched around for this idea and the only thing I can ran across was a 1988 RFC 1078, that kind of does what I want, but not really. My thought on designing a port multiplexer is have it work like a NAT, except instead of IP address translation, it would do service translation.
This would work like this. First need to have the webserver process (apache/IIS) listen on some other port (lets say 81). Now have the Port Mux program listen on port 80. Now how it works from the time a user tries to connect to the server. The second service would be listening on port 10000 for this example.
Client requests connection to port 80
Port MUX creates connection with client
Client sends packet
PortMUX inspects packet
_ if packet has specialheader
_ _ _ router all traffic to port 10000
_ else
_ _ _ route all traffic to port 81
So when a connection comes in, PortMUX will make the connection and accept the first packet and if it has a special string, it not it will forward the traffic from that connection to the web server. If it is a special character, the connection would be to port 10000. Its easy to detect if it's a HTTP request by looking at the first string in the packet and find "GET" or "POST". As for the special string, you could put something like "SPAMSPAMSPAM" which is definitely not a HTTP request... and would allow access to the second service.
I will make an implementation of this sometime later and post it, if you have some free time now feel free to make one and test it out.
Standup/Lock
As a habit now, every time I stand up from the computer, I press the hotkey to lock the computer (yes, even when I am the only one around at home). It hit me, why not automate this. A sensor you can have on the chair that would lock the machine when it detects you stand up.
Concept seems simple enough, all I need now is some free time to implement this.
Concept seems simple enough, all I need now is some free time to implement this.
Cleanup Time
Looks like it's time for me do a total cleanup of my things, both virtual and in the physical world.
Wow.. thats a lot of random stuff. Maybe I should get started as soon as possible when I find some time.
- Room Cleanup (load of empty boxes, anyone want any?)
- Door-Desk, two of them for the room
- New Book shelves, having a space issue now
- 3TB worth of data to be organized, and the countless number of cd and dvd spindles
- Old cloths, old electronics, old everthing...
Wow.. thats a lot of random stuff. Maybe I should get started as soon as possible when I find some time.
Call for a Next Meta tag
When browsing, you run into many websites which are organized serially. They have a previous and a next page. To access these, you have to browse down and click on next or previous.
Most browsers and keyboards have a next and
Most browsers and keyboards have a next and
Weakness in Captcha
Captcha is a system widely used in web forms to differentiate between humans and bots. I won't go into detail how it works but you can read it on Wikipedia. Many people try to defeat this system by writing very advanced character recognition software but there seems to be a very large hole in this system at the moment.
This vulnerability isn't on all of them, but about half the systems I tried, it works (Yahoo and Google to give two examples). It seems internally, when a new captcha image is generated, the corresponding plaintext is stored in a database. The problem is that this database just stores the plaintext without any connection to the client's identity (For example IP). So how can this bad?
Well you can refresh the captcha images in this system repeatedly and write down the plaintext values from the image. Now you can store those value's in a bot and have the bot enter those plaintext value's in.
Here are the steps for a proof-of-concept.
This vulnerability isn't on all of them, but about half the systems I tried, it works (Yahoo and Google to give two examples). It seems internally, when a new captcha image is generated, the corresponding plaintext is stored in a database. The problem is that this database just stores the plaintext without any connection to the client's identity (For example IP). So how can this bad?
Well you can refresh the captcha images in this system repeatedly and write down the plaintext values from the image. Now you can store those value's in a bot and have the bot enter those plaintext value's in.
Here are the steps for a proof-of-concept.
Go to Computer A, get a captcha image. Write down plaintext
Go to Computer B, go to same page, enter previous plaintext from different session
WRT350N External Serial
I got my hands on a bricked WRT350N router was trying different magic trying to flash a new firmware and get it working. I was trying to connect it to a serial console when I realized that on the WAN port in the back, on the opposite side of the RJ-45 jack there were 4 pins... named UR1 UR2 UR3 UR3... that got me thinking, could those be for a serial connection Linksys started including in their new routers??
Opening the case up and tracing the 4 pins to the internal serial connection terminals proved that they were indeed for a serial connection. Some pictures for your viewing pleasure.
Now I just have to figure out where to get a RJ-45 jack that has the pins on the opposite side so I can hook it up without soldering my own ghetto RJ-45/Serial jack. Let me know if anyone know where to find such a RJ-45 Jack.
Opening the case up and tracing the 4 pins to the internal serial connection terminals proved that they were indeed for a serial connection. Some pictures for your viewing pleasure.
Now I just have to figure out where to get a RJ-45 jack that has the pins on the opposite side so I can hook it up without soldering my own ghetto RJ-45/Serial jack. Let me know if anyone know where to find such a RJ-45 Jack.
