Archive for the ‘life’ Category

« Older Entries

IRISS Conference 2009

Sunday, November 22nd, 2009

I had the joy to attend the first annual IRISS Conference 2009 which is a for free conference held by IRISS, the Irish CERT.

It was about cybercrime in general and there were speaker from e.g. SANS, IRISS -the local cert- or Team Cymru which I already enjoyed at DNF CERT Conf at the beginning of the year.

One talk I attended was by a local polices cybercrime investigation team. He basically talked about the goodness of creating movement profiles with GSM data and ISP keeping IP to customer data to catch criminals…

Then we participated in HackEire, a Capture the Flag style contest. We ran second. Not too bad for our sucky preparation and the fact that we spent more than an hour to make a Mac share its 3G uplink with two Linux Notebooks over (encrypted -didn’t work-) WiFi. The game network was 10.0.1.0/23 and the Mac automatically and not changable was 10.0.2.0/24. Although the networks overlapped by one bit I expected it to work for the majority of the packets being sent. But we failed. Hard. So hard, that the Mac couldn’t take part in the game anymore… I need to polish either my understanding of networking or my passion for hating Apple.

This CtF, however, was a bit different since there was one virtual network for everyone. I.e. no team had an own server or an own virtual network. There were four machines which were supposed to be owned in a given order. That wasn’t immediately clear and there were many tarpits to waste a lot of time. I.e. a Kernel in a supposed-to-be vulnerable version which is not exploitable, or a separate PHP user for the Webserver with a locked down home directory, tempting you to mess around with PHP scripts to investigate.

And the end of the day, the contest was about collecting secret keys to decrypt a file afterwards. The secret keys were more or less obviously lying around once the machine has been pwned. Passphrases to that secret keys were either user passwords or otherwise easily guessable strings.

The Machines were:

  1. Linux Webserver. To be 0wned with a password being served on a page from the webserver. A bit obfuscated though, so that one had to use the source. Once SSHed to that host, secrings were lying around in ~/gnupg/. Also, weird processes were running that connected to a strange host outside the network (4) to send a password over the wire.
  2. BIND on windows (sic!). To be pwned via the conficker exploit. Also, one should crack a users password using THCs Hydra.
  3. Linux Mailserver. With SSH Server only visible when coming from (1). Log in with password from (2). Machine was running an old kernel, thus sooner or later you g0t root. Then search for keyring in home directories. Also, crack the shadow using a John that’s capable of cracking SHA256 (i.e. not the most recent version shipped with Ubuntu).
  4. “hidden” DB server on Windows, only connectable from (1). You could find that machine by looking at the network interfaces of (1). You’d see that it has a second interface with a different IP thus inviting you to scan the new subnet. Luckily, there was an smbclient on (1) and with credentials from (1), one could enumerate all users (smbclient -L). Then, with the other credentials found on (1), connect and get keyring as well as final encrypted file.

That final file could be decrypted using keys and passphrases obtained earlier. Out came an ELF binary that looked, smelled and quacked like “ls”. However, it contained a steganographically hidden text file. Using a standard stego tool shipped with Backtrack, it’s possible to obtain the very final CSV file.

I not only liked the fact that they posted hints on the wall every now and then, but also that they actively walked around, talking to the teams and helped them actually achieving stuff. In fact, I wouldn’t even have thought about transferring zones from that BIND instance using AXFR or checking the machines whether they have an smbclient installed.

While we were playing, I bricked my sudo by trying to add a line without knowing the syntax. I couldn’t do sudo nano /etc/sudoers afterwards as it couldn’t parse the file, effectively leaving me without root access. I think I’ll better use visudo now…

Tags: , , ,
Posted in lang:en, life | No Comments »

Ireland vs. France

Thursday, November 19th, 2009

Heh, the following conversation might not have happened (unless the Consulat Général De France is located in “Joker Street”, but anyway, it’s hillarious. Either read the quotes or find the (largish) Image:

Ireland-vs.-France

20 October 2009

Dear Sir,

I am writing to you on behalf of the French President, Monsieur Nicolas Sarkozy. Following the recent announcement of the World Cup play-off match between our two countries, the President has requested that you provide a VIP box for the game as he is very keen to attend.

Yours faithfully,
Jacques du Maurier
Directeur
Consulat Général de France
12-24 Rue des Blaguer
74139 Paris
France

23.10.09

Dear Mr. Du Maurier,

Thank-you for your recent letter concerning box arrangements at Croke Park. We are delighted that President Sarkozy wishes to attend and look forward to welcoming him. We would just like some clarification regarding the VIP box as there are a number of options available. Do you have any preferences re: size?

Yours faithfully,
Bill O’Leary
Liaison officer
Department of Diplomatic Affairs
28 St. Stephens Green South
Dublin 2
Ireland

26.10.09

Dear Mr. O’Leary,

Thank-you for your prompt response. We were not aware that the boxes at the stadium came in different sizes. Do the dimensions have any bearing on one’s enjoyment of the game?

Yours faithfully,
Jacques du Maurier

29.10.09

Dear Mr. Du Maurier,

The overall match experience will certainly be influenced by the President’s choice of box. The first box is 30cm high and will allow the President to see most of the Croke Park pitch, though he may not be quite able to see play in the North-West quadrant. The second box is 60cm, but whilst this would afford the President a panoramic view of the pitch, it will also make him visible to Press photographers which may compromise his privacy.

Yours faithfully,
Bill O’Leary

2 Novembre 2009

Dear Mr. O’Leary,

There appears to have been some confusion. When we requested a “VIP box” for our President, we were not looking for a box for him to stand on. Whilst we expect the foreign press to make humorous remarks about the President’s diminutive stature, we do not expect this from an official representative of the Irish government department.

Yours faithfully,
Jacques du Maurier

5.11.09

Please accept our apologies and those of the Executive Hospitality Committee at Croke Park. There was certainly no intentional attempt at humour on our part and we hope that you will accept this as a genuine misunderstanding. Naturally, we will make a VIP ‘Executive’ box available to the President, with full security and hospitality arrangements in place. The boxes will then be placed discreetly inside.

Yours faithfully,
Bill O’Leary

9 Novembre 2009

Sir,

In light of the lack of respect we feel your office has displayed in response to an official request from a visiting Head of State, the President has decided to watch the match in Paris instead. Rest assured that we will be lodging a formal complaint regarding your conduct at the highest levels.

Jacques du Maurier

12.11.09

Fair enough. We look forward to seeing the boys in green give your lot a good hammering.

Bill

Tags: , , , , , ,
Posted in lang:en, life | 1 Comment »

Ireland, Blasphemy €25.000 and other rules

Thursday, October 15th, 2009

I was rather shocked as I read this article about a law passing the Dáil which fines blasphemy with 25.000 Euro. If I didn’t know better I’d say this couldn’t happen in an European country, but astonishingly such things happen within the EU. Now I’m a bit afraid being Ireland as an atheist.

Freshly draught Guinness (~5€)

Freshly draught Guinness (~5€)

So yes, I moved to Dublin, Ireland to study at the DCU :) If you want to visit me, have lunch or a pint, don’t hesitate to ring me :) I haven’t seen so much of Ireland myself so far, but I’ve been into bloody cold Irish Sea…

Also, The Pirate Bay is blocked by Eircom, the largest ISP in Ireland. They use an IP based filter, not only  a DNS based one. So they actually interfere with my communication which I assumed to be unconstitutional. But luckily, I have a tunnel set up which gives me free access to the world.

Cliff in Howth near Dublin

Cliff in Howth near Dublin

Besides the panic about the swine flu, another weird thing is Irish bureaucracy. My impression is that the people don’t really think beyond their utterly extensive and most of the times really stupid rules. For example, I tried to register at the University by paying 2000 Euros study fees. It failed because my credit card apparently has a limit of something less than that. The registry advised me to wire the money and print a screenshot of the online banking site. Of course I didn’t know a) how I could connect my laptop to the internet, b) how or where to print and c) log on to anything because I wasn’t even a student yet. Luckily, I have some friends at that university, that helped me out so I could finally register… It appears, that the rules are generally made to be ignored. They probably want to have them just in case they need to file a case against you. So as I applied at the university, I had been offered a conditional offer which was to be accepted by some specified date. I couldn’t, however, fulfill the condition and time to discuss that was running out. They told me that the date could generally be amended. I don’t think it’s good to have rules which are known to not be enforced and just needed to have something against you just in case…

The pubs in Dublin are great, although they have to close rather early, like around 02:00 o’clock. Also, you can’t get beer after 22:00 in a shop *sigh*. Yes, Irland might have a drinking problem, but treating everybody like a small child obviously doesn’t help it.

Beerprice dropped from ~20€ to 12€

Beerprice dropped from ~20€ to 12€

Tags: , , ,
Posted in lang:en, life | No Comments »

Engrish

Wednesday, September 30th, 2009

Alright, the following stuff is probably only funny, if you know German and Germans a bit. At least I had to laugh a couple of times, so you might enjoy that as well :)

I received a PDF with some weird English translations of German idioms and I tried to extract the text information from that, so I stumbled upon a page explaining how to do OCR with free software on Linux. I got the best results using Tesseract with the German language set, but I had to refine the result (leaving some typos intact).

  • that’s me sausage = ist mir wurst
  • go where the pepper grows = geh hin wo der pfeffer wächst
  • I think my pig whizzles = ich glaub mein schwein pfeift
  • sorry, my english is under all pig = entschuldige, mein englisch ist unter aller sau
  • now can come what want…i ready = letzt kann kommen was will, ich bin fertig
  • I think I spider = ich glaub ich spinne
  • the devil will i do = den teufel werd ich tun
  • what too much is, is too much = was zu viel ist, ist zu viel
  • my lovely mister singing club = mein lieber herr gesangsverein
  • don’t walk me on the nerves = geh mir nicht auf die nerven
  • come on…jump over your shadow = komm schon…spring ueber deinen schatten
  • you walk me animally on the cookie = du gehts mir tierisch auf den keks
  • there my hairs stand up to the mountain = da stehen mir die haare zu berge
  • tell me nothing from the horse = erzaehl mir keinen vom pferd
  • don’t ask after sunshine = trag nicht nach sonnenschein
  • free like the motto: you me too = frei nach dem Motto, du mich auch
  • I have the nose full = ich hab die nase voll
  • lt’s not good cherry-eating with you = es ist nicht gut kirschen essen mit dir
  • it’s going up like smiths cat = es geht ab wie Schmidts katze
  • to thunderweather once more = zum Donnerwetter noch mal
  • not from bad parents = nicht von schlechten eltern
  • now it goes around the sausage = jetzt geht’s um die wurst
  • there you on the woodway = da bist du auf dem holzweg
  • good thing needs while = gut ding braucht weile
  • holla the woodfairy = holla die waldfee
  • we are sitting all in the same boot = wir sitzen alle im selben boot
  • don’t make you a head = mach dlr keinen kopf
  • there run me the water in the mouth together = da läuft rnlr das wasser im mund zusammen
  • I understand just train-station = ich versteh nur bahnhof
  • I hold it in head not out = ich halt’s im kopf nicht aus
  • shame you what = scham dich was
  • there we have the salad = da haben wir den salat
  • end good, everything good = ende gut, alles gut
  • zip you together = reiß dich zusammen
  • now butter by the fishes = jetzt mal butter bei die flsche
  • he made himself me nothing you nothing out of the dust — er machte sich mir nichts, dir nichts aus dem Staub
  • I belive you have the ass open — ich glaub du hast den Arsch auf!
  • you make me nothing for = du machst mir nichts vor
  • that makes me so fast nobody after = das macht mir so schnell keiner nach
  • I see black for you = ich seh schwarz fur dich
  • so a pig-weather = so ein Sauwetter
  • you are really the latest = du bist wirklich das letzte
  • your are so a fear-rabbit = du bist so ein angsthase
  • everybody dance after your nose = alle tanzen nach deiner nase
  • known home luck alone = trautes Heim, Glueck allein
  • I think I hear not right = Ich denk Ich hör nicht richtig
  • that have you your so thought = das hast du dir so gedacht
  • give not so on = gib nicht so an
  • heaven, ass and thread! = Himmel, Arsch und Zwirn’
  • of again see = auf wiedersehen
  • Human Meier = Mensch Meier
  • now we sit quite beautiful in the ink = jetzt sitzen wir ganz schoen in der Tinte
  • you have not more all cups in the board = du hast nicht mehr alle Tassen im Schrank
  • around heavens will = um Himmels willen
  • you are heavy in order = du bist schwer in Ordnung
  • l wish you what = ich wünsch dir was
  • she had a circleroundbreakdown = sie hatte einen kreislaufzusammenbruch
  • you are a blackdriver = du bist ein schwarzfahrer
  • I know me here out = ich kenn mich hier aus
  • l fell from all clouds = Ich fiel aus allen Wolken
  • that I not laugh = das ich nicht lache
  • no one can reach me the water = niemand kann mir das wasser relchen
  • that’s absolut afterfullpullable = das ist absolut nachvollziehbar
  • give good eight = gib gut acht
  • not the yellow of the egg = nicht das gelbe vom Ei
  • come good home = komm gut heim
  • evererything in the green area = alles im gruenen bererch
  • I die for Blackforrestcherrycake = Ich sterbe fuer Schwarzwalderkirschtorte
  • how too always = wie auch immer
  • I make you ready! = Ich mach dlch fertig!
  • I laugh me death = ich lach mich tot
  • it walks me icecold the back down = es lauft mir eiskalt den rücken runter
  • always with the silence = Immer mit der Ruhe
  • that’s one-wall-free = das Ist einwandfrei
  • I’m foxdevilswild = lch bin fuchsteufelswild
  • here goes the mail off = hier geht die post ab
  • me goes a light on = mir geht ein licht auf
  • it‘s highest railway = es ist hoechste Eisenbahn

Tags: , , , , ,
Posted in lang:en, life | 1 Comment »

Universal Parcel Tracking with BoxOh.com

Friday, September 25th, 2009

Again, this is a quick reminder for myself and I want to share it with you.

There is an interesting webservice which tracks nearly all your (read: mine) parcels. It also offers an RSS feed and maps :)

The service is available under http://boxoh.com/

Tags: , , ,
Posted in lang:en, life | No Comments »

Bundestagswahl 2009 – Rette deine Freiheit!

Wednesday, September 16th, 2009

Bald sind Bundestagswahlen und Blumentopf moechten dich mit einem Video zur Wahl motivieren:

Und zur Entscheidungsfindung empfehle ich Rette deine Freiheit, ein wirklich sehr gelungenes Video:

Aber Obacht: Die offensichtliche Empfehlung, die FDP zu waehlen, ist nicht vor dem Hintergrund einer schwarz-gelben Koalition nicht schlau, denn die FDP hat angekuendigt, nur gegen das Zensurgesetz vorzugehen, wenn sie nicht an der Regierung beteiligt sind. Aber auch sonst gaebe es mit der FDP nicht so viel zu lachen.

Eine andere Entscheidungshilfe kann die Uebersicht der Free Software Foundation Europe (FSFE) sein: Auf einer Wikiseite werden Positionen der Abgeordneten zu Freier Software gesammelt. Ein sehr interessantes Projekt.

Noch ein schoenes Video vom selben Macher ist Du bist Terrorist:

Wenn du den Film gut findest, dann vote fuer ihn im Bitfilmfestival Voting!

Wir haben die Kraft! Unser Land kann mehr!

PS: Sorry fuer das einbinden von YouTube, wenn du eine freie Alternative kennst, sag bescheid!

Tags: , , ,
Posted in lang:de, life | No Comments »

Freiheit statt Angst – 2009-09-12 in Berlin

Friday, August 28th, 2009

Hier der Trailer zur geplanten Großdemonstration unter dem Motto “Freiheit statt Angst – Stoppt den Überwachungswahn!“, die am 12.09.2009 in Berlin stattfindet. Hinweise zur Anfahrt gibt es im FoeBud Blog.

Die Forderungen der Bürgerrechtler sind:

1. Überwachung abbauen

  • Abschaffung der flächendeckenden Protokollierung der Kommunikation und unserer Standorte (Vorratsdatenspeicherung)
  • Abschaffung der flächendeckenden Erhebung biometrischer Daten sowie von RFID-Ausweisdokumenten
  • Schutz vor Bespitzelung am Arbeitsplatz durch ein Arbeitnehmerdatenschutzgesetz
  • Berücksichtigung des Datenschutzes für Bürger- und Arbeitnehmer/innen bereits in der Konzeptionsphase aller öffentlicher eGovernment-Projekte
  • Keine einheitliche Schülernummer (Berliner SchülerID)
  • Keine Weitergabe von Informationen über Menschen ohne triftigen Grund
  • Keine europaweite Vereinheitlichung staatlicher Informationssammlungen (Stockholmer Programm)
  • Keine systematische Überwachung des Zahlungsverkehrs oder sonstige Massendatenanalyse in der EU (Stockholmer Programm)
  • Kein Informationsaustausch mit den USA und anderen Staaten ohne wirksamen Grundrechtsschutz
  • Abbau von Videoüberwachung und Verbot des Einsatzes von Verhaltenserkennungssystemen
  • Keine pauschale Registrierung aller Flug- und Schiffsreisenden (PNR-Daten)
  • Keine geheime Durchsuchung von Privatcomputern, weder online noch offline
  • Keine Einführung der Elektronischen Gesundheitskarte in der derzeit geplanten Form

2. Evaluierung der bestehenden Überwachungsbefugnisse

Wir fordern eine unabhängige Überprüfung aller bestehenden Überwachungsbefugnisse im Hinblick auf ihre Wirksamkeit, Kosten, schädliche Nebenwirkungen und Alternativen.

3. Moratorium für neue Überwachungsbefugnisse

Nach der inneren Aufrüstung der letzten Jahre fordern wir einen sofortigen Stopp neuer Gesetzesvorhaben auf dem Gebiet der inneren Sicherheit, wenn sie mit weiteren Grundrechtseingriffen verbunden sind.

4. Gewährleistung der Meinungsfreiheit und des freien Meinungs- und Informationsaustauschs über das Internet

  • Keine Beschränkung des Internetzugangs durch staatliche Stellen oder Internetanbieter (Sperrlisten)
  • Keine Sperrungen von Internetanschlüssen
  • Verbot der Installation von Filtern in die Infrastruktur des Internet.
  • Entfernung von Internet-Inhalten nur auf Anordnung unabhängiger und unparteiischer Richter.
  • Einführung eines uneingeschränkten Zitierrechts für Multimedia-Inhalte, das heute unverzichtbar für die öffentliche Debatte in Demokratien ist.
  • Schutz von Plattformen zur freien Meinungsäußerung im Internet (partizipatorische Websites, Foren, Kommentare in Blogs), die heute durch unzureichende Gesetze bedroht sind, welche Selbstzensur begünstigen (abschreckende Wirkung)

Tags: , , , ,
Posted in lang:de, life | No Comments »

Wilhelm.Tel Speed

Saturday, August 8th, 2009

After ranting about the HanseNet Speed, I now have the opponents test result:Wilhelm.Tel Benchmark

I didn’t expect 100MBit/s down, because I still have my old router in place which most likely isn’t able to push 100MBit/s. I’ll definitely give it a new try once I am “directly” connected, i.e. without any unnecessary hardware in between.

Tags: ,
Posted in lang:en, life | No Comments »

I did it for the lulz

Friday, July 31st, 2009
Do it for the lulz!

Do it for the lulz!

Tags: , ,
Posted in lang:en, life | No Comments »

16th DFN CERT Workshop 2009

Tuesday, June 30th, 2009

Again, I had the great pleasure to attend the annual DFN Workshop which takes place in the Conference Center Hamburg (ever thought about, why they haven’t called it “Konferenz Zentrum”?).

dfn-cert logo

It’s more “tieish” than a Chaos Communication Congress but it’s still comfortable being there. Most people have a strong academic background so they were used to jeans and pullovers as well ;-)

The first person to speak was a Dr. Neil Long from Team Camry and he spoke about the underground economy. They claim to research and investigate in that area and make deals with the criminals. He showed IRC logs most of the time and it was quite funny to see how the people interact with each other. They actually do speak 1337 and even I had a tough time reading their conversation ;-) He explained in great detail how the underground is organized. He claimed, that there are specialists for everything, everywhere. Programmers, Exploit-writers, Webhosts, Credit Card stealers, yadda yadda. Everything has it’s price and that is paid through various online money trasferring systems.

The next guy talked about Exploit Toolkits for the Web. He named various kits, like MPack, IcePack, NeoSploit, FirePack or UniquePack. They basically allow you to create a drive-by download site and deploy a given payload. The programs itself are split up into two parts. A server part which actually exploits a browser and makes it download and execute a loader program which in turn downloads the second stage – the real malware to be run on the victims machine. The other part is a binary to create that first-stage program. I spent some time in searching for those toolkits and downloaded some of them. That required me to learn some Russian ;-)
This first-stage part opens an interesting attack vector to the wannabe hackers: Many Web Exploit Toolkits were infected with malware themselves. Because you have to run a strange smelling binary to create your first-stage excutable, you might run foreign malware yourself. I actually don’t understand, why this loader thing is such a big issue. I assume you could deploy your malware in first place without having it loaded through a staging program.

The next interesting talk was given by the smart guys from Red Team Pentesting, which is a pretty interesting company actually. Former students founded that company and they do professional Pentesting. I have to admit, that I envy them a little. It must be a great job with a lot of interesting stuff to see. Anyay, they talked about jBoss insecurities. It seems that jBoss comes with development configuration and the people don’t change them to productive values but blindly bind their server to the network. It turns out that you can get shell access through nearly a handful ways, even if a smart administrator has locked some ways down. Also, many corporate or governmental site are driven by a jBoss server and -which is the interesting part- have a weak configuration. They have an interesting statistic that shows that only 8% of the JBoss servers out there are reasonably secure.

How secure is the JBoss Web?

How secure is the JBoss Web?

I was actually bored by just one talk. It was about GRID Firewalls. While the topic is interesting in general, the guy made me fall asleep :- That’s a pity, because I believe he knew what he was talking about and had valuable information to deliver, especially due to his strong emphasis on practical problems. Maybe he can get his talk accepted next year and improve his talking skills.

After the first day, we visited the Groeninger Braukeller which was a real blast! They have one of the finest beers I know of. Also the food in there is delicious. It’s a perfect atmosphere to get together and discuss the talks you’ve just listened to. I also took the chance to meet old friends which I haven’t seen for a while.

Probably due to the massive amount of food and beer, I couldn’t sleep well that night and I thus was very tired the second day. I’ve listened to the talks but I couldn’t make it to the ModSecurity workshop :( It’s really annoying, because I actually wanted to attend that session! I do use ModSecurity at some projects and I think it’s a good tool. A reallife-relevant workshop would have been great.

So, if you have nothing else to do on 2009-02-09, consider coming to Hamburg and enjoy the 17th DFN Workshop!

Tags: , , ,
Posted in lang:en, life | Comments Off

« Older Entries