Fork me on GitHub
Its the Code garbage collector. Mind dumps of daily coding antics from a frustrated silly little man. VBS, PHP, TCL, TK, PERL, C++, JAVA....what now? Ruby?
No Wait.. It should be just RUBY!

20060714

Python and Dabo

Since being pushed into Core (Impact), I've started to really dive in to some python coding.. To my total suprise there is a really great project in python called DABO! It is framework for GUI, database, and report generation. It would be nice to wrap a number of cli tools into a db based open source reporting tool. Wikto which is horrible at best for a gui, seems to be one of the wrap up tools in the win32 enviroment. I suppose that good wrapping (like the old cheops-ng) is inorder.. and to make it cross platform (thanks python wxpython) with professional output. Lets all start the integration engine... count down.

20060713

hdm - MOBB bug releases

[[hdm]] has been releasing a number browser bugs this month named MOBB(month of browser bugs). He was able to find these by running different browsers through DOM /CSS / and DHTML fuzzers in an attempt to crash the engines and other ways.

  • Hamachi - DHTML fuzzer that recursively calls XMLHTTP in an attempt to iterate through arrays of possible DHTML element properties. It attempts format string vulnerabilities, long file paths, long urls, and difficult integer injection.

  • CSS-Die - CSSDIE looks for common CSS1/CSS2/CSS3 implementation flaws by specifying common bad values for style values. This is similiar to Hamachi in that it performs format string vulnerabilities, long file paths, long urls, and difficult integer injection.

  • DOM-Hanoi - DOM-Hanoi looks for common DHTML implementation flaws by adding/removing DOM elements. This is done through obj.appendChild and obj.removeChild methods.

  • MangleMe - Mangleme sends format string vulnerabilities, bad characters, malformed javascript & applet requests, long urls, load requests with junk.

Most of his scripts have been attempting to locate vulnerabilities in the following browsers...
konqueror, safari, omniweb, opera, webTV, icab, ie6, mozilla

20060712

SANSFIRE 2006

Just got back from SANSFIRE 2006.. Enjoyed the challenge of learning a bunch of new stuff from the instructors there. Lets see.. couple topics of interest..

WMI Promqry & Promqryui
-- wow windows actually has something of interest.

Spycar
-- IE browser malware checks

netstat (win32 xpsp2/2003)-- netstat -naob (shows dll linkage during mapping of executables/ports)
the -b switch adds some more interesting items.. but its slow... slow.


webgoat-- OWASP super buggy web-app for teaching secure coding.

Some how missed a few other tools this year such as wellenrieter, macshift, bidiblah, and nohup.