Pages

Saturday, 7 December 2013

Pastebin monitoring

Few months ago I was thinking about public pastebins. From experience I can say many people put dumps/configs on public pastebins, just because its easy and fast. They don't think that someone can see it.
Examples from today:

All new pastebins are being published on main page, what makes the task much easier.


Looking through them can give us much information, often information that we shouldn't see. Of course opening every new one manualy is time wasting, there are a lot of useless pastebins. Here comes idea that I had few months ago, to make an automatic tool, that is opening every pastebin and analyzing content with keywords, unfortunately I haven't had time to implement it myself.
Accidentally few days ago, I found ready solution for that. Whats more the solution is open source and based on twitts, what makes it easy to follow.

It's named Dumpmon
Everything is written in python -  here you can find source on Github.

In addition it doesn't only find Acc/Db leaks, but Cisco configuration files, Google Api keys and honeypot logs as well.



At the end I would like to mention there is one more tool for similar purpose, named PastebinDorks



Unfortunately source code is not available and it doesn't show what kind of data is included in pastebin, only amount, but its worth to follow it as well.

To sum up if you are going to post data that you don't want to be seen by others, spend a little more time and use password protected solutions and if you want to be up to date with fresh leaks, follow mentioned bots ;)

Monday, 2 December 2013

DOS - Mozilla Firefox & Internet Explorer

Since some time ( I saw it at least a year ago ) there is available javascript code that cause DOS in newest versions of FF and IE. Unfortunately it doesn't work in Chrome, because each card has own process. I don't know what about Chrome or Opera, You can test it and let me know in comments. It was already reported to Mozilla long time ago ( I reported too ) but it seems they are not going to fix it.

Javascript code:
var a=String.fromCharCode(60,115,99,114,105,112,116,62,118,97,114,32,97,61,34,60,109 ,97,114,113,117,101,101,62,97,34,59,119,104,105,108,101,40,49,41,123,97,61,97,43 ,97,59,100,111,99,117,109,101,110,116,46,119,114,105,116,101,40,97,41,59,125,60, 47,115,99,114,105,112,116,62);
while(1){
a=a+a;
document.write(a);}

For test how and if it works:
WARNING, IT WILL CRASH YOUR BROWSER, OPEN ON OWN RESPONSIBILITY
https://dl.dropboxusercontent.com/u/17580849/freez.html

How it can be useful
You can say its useless and good just for making friends angry,
not only...

1. An attacker may add this code to website, so everyone who visit it will get crash, it will make website unreachable. Probably now you think - if attacker has access to website he can just delete main page or do something simpler than crashing visitors browsers. Yes, but javascript can be used in XSS attack and then its useful.

2. Attacker can also add it after phishing attack, after password getting step. Thanks to this attacker don't have to worry to show correct messages and redirection. Whats more after running that he can add ip/browser rule, so when victim visit phishing link again, will be redirected to real page. After one crash none will think something is wrong (in ff flash plugin often crash itself) and when he visit page second time, this time there will be nothing suspicious.

3. As everywhere in IT, the only limit is imagination.

At the end, Mozilla respond:



Thursday, 28 November 2013

Texas Instruments eZ430-Chronos

Z okazjii czarnego piątku pojawiły się 2 kody rabatowe na zegarki eZ430-Chronos:
868_BF, lub 915_BF , zależnie od wersjii. Dzięki temu możemy go kupić za 29.99 USD (normalna cena: 58.00) i z darmową przesyłką, co za tego typu zegarek jest świetną ceną. Promocja trwa od 19 listopada do dziś. Jeszcze godzinę temu zegarki były wyprzedane, ale wygląda na to, że właśnie je uzupełnili, Kto pierwszy ten lepszy!















Poza standardowymi opcjami jakie mają zagarki posiada on acelerometr, wysokościomierz oraz termometr, dodatkowo można zakupić pulsometr. Nie robiłoby to wrażenia gdyby nie możliwość praktycznie dowolnego zaprogramowania. Umożliwia on także radiową łączność na falach zależnych od wersjii, dzięki temu możemy np. sterować myszką komputera ruszając reką (wykorzysytanie acelerometru), albo zmieniać slajdy na prezentacji, czy muzyke, przyciskiem zegarka. Jeżeli kupilibyśmy wersje 433 mhz (która w Polsce jest legalna tylko z licencją krótkofalowca), mamy praktycznie nieograniczone możliwośći, moglibyśmy nim otwierać brame garażową, czy gasić światło w pokoju, ponieważ większość z nich działa właśnie na tych falach. Na szczęscie pozostałe wersje też dają nam szeroki wachlarz możliwośći po połączeniu ich z Ardunio lub Rasberry Pi. Np. możemy do ardunio wrzucić moduł bluetooth i zsynchronizować z telefonem, albo ird i np. przelączać kanały w telewizorze. Możliwości są praktycznie nieograniczone. A to wszystko za pomocą zegarka za 30$!
Jakbyście zamierzali go kupić dodam, że w Europie obowiązuje standard 868mhz.

Oczywiście nie pisałbym o tym, gdyby nie udało mi się go zamówić
Jak tylko dojdzie zamieszcze recenzje.

Wednesday, 27 November 2013

Creative rounding in C/C++


If you are coding in C/C++ for rounding you are probably using  round(),  which is part of the C99, but did you think about another solutions, for example if the compiler doesn't support C99, or you just want to do something "cool"?

At the beginning I would like to give you a piece of code:

 int roundedResult, sum = 5, div = 3; 
 roundedResult = (float) sum / (float) div + 0.5;
 cout<<roundedResult;
output: 2
(5/3 = 1.666..)

 int roundedResult, sum = 5, div = 4; 
 roundedResult = (float) sum / (float) div + 0.5;  
 cout<<roundedResult;
output: 1
(5/4 = 1.25) 

You could notice that + 0.5 at the end and probably think that it may be somehow connected with rounding... If yes, then you are right! In first example when we add 0.5 to the result (1.66..) we got ~2.16. As roundedResult is integer type it just cuts the rest after dot.
In second example result after adding 0.5 is 1.75 and again when we cut 0.75 we got correctly rounded number.

Here is a ready function for rounding this way
 int roundNumber(float number)
 { 
   int rounded = (int)(number + 0.5); 
// in C++ recommended to use static_cast instead of (int) 
   return rounded; 
 } 
but you could notice that the problem appears when we want to round minus number. -2.6 will become -2, what is incorrect. Fortunately there is a simple solution:
 int roundNumber(float number)
 { 
  int rounded = (int)(number > 0) ? (number + 0.5) : (number - 0.5);
// in C++ recommended to use static_cast instead of(int)
   return rounded; 
 } 
Thanks to this for minus numbers we subtract 0.5 instead of adding, after that from -2.6  we will get -3,1, which is being cut to 3 - correct!

Tip for C++ coders: For small functions use:
inline int roundNumber(float number)
thanks to inline keyword compiler will put function code into place where you called it, instead of putting on stack etc. It makes program faster, but be careful! If you use inline for big functions it will drastically increase output file size, so use it wisely.


Tuesday, 26 November 2013

Hello World;





This is my first blog, I am going to write about all topics connected with security, malware etc.., but also a little about coding. From time to time there may also appear posts with some interesting links, geeks stuff etc.



To mój pierwszy blog, zamierzam głównie pisać po angielsku, ale myślę, że od czasu do czasu pojawi się także coś po Polsku. Tematyka głównie związana z szeroko pojętym bezpieczeństwem teleinformatycznym, czasem też trochę ciekawostek programistycznych i informacji o ciekawych stronach/wydarzeniach/promocjach. Posty po polsku będą miały tag "Pl".