Archive for 2010
Playing with DLL hijack bug
Wednesday, August 25, 2010
Posted by Blogger
Layer3 switch interview questions
1.What is stacking in L3 switch
2.what is the difference between router & L3 switch
3.What is the use of NO SWITCH PORT command
4.What is router on stick
5.What is inter vlan routing
6.How to configure ip address in each interface in L3 switch
7.Will L3 switch support POE
8.Which model support WLAN
9.Will L3 switch support routing protocols
10.What is the diffrence between SMI&EMI
11.How to enable routing in L3 switch
12.How to confiugre etherchannel
2.what is the difference between router & L3 switch
3.What is the use of NO SWITCH PORT command
4.What is router on stick
5.What is inter vlan routing
6.How to configure ip address in each interface in L3 switch
7.Will L3 switch support POE
8.Which model support WLAN
9.Will L3 switch support routing protocols
10.What is the diffrence between SMI&EMI
11.How to enable routing in L3 switch
12.How to confiugre etherchannel
My first exploit
=====================================================================
Harris Stratex StarMAX subscriber station running config CSRF exploit
=====================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1
#[+] Discovered By : Inj3ct0r
#[+] Site : Inj3ct0r.com
#[+] support e-mail : submit[at]inj3ct0r.com
I found CSRF vulnerability in Harris Stratex 2100 subscriber station.
Using this code i am able to view the current configuration of the subscriber station without authentication from both LAN & WAN
Product :StarMAX 2100 subscriber station
Affected Application Version: 3.0.4.1.7.C
Vendor submission:07-04-2009
Vendor Response:No
Vulnerability:Able to view the running configuration without authentication from both LAN & WAN
http://inj3ct0r.com/exploits/11401
# Inj3ct0r.com [2010-03-23]
Harris Stratex StarMAX subscriber station running config CSRF exploit
=====================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1
#[+] Discovered By : Inj3ct0r
#[+] Site : Inj3ct0r.com
#[+] support e-mail : submit[at]inj3ct0r.com
I found CSRF vulnerability in Harris Stratex 2100 subscriber station.
Using this code i am able to view the current configuration of the subscriber station without authentication from both LAN & WAN
Product :StarMAX 2100 subscriber station
Affected Application Version: 3.0.4.1.7.C
Vendor submission:07-04-2009
Vendor Response:No
Vulnerability:Able to view the running configuration without authentication from both LAN & WAN
http://inj3ct0r.com/exploits/11401
# Inj3ct0r.com [2010-03-23]
Plain Text Password Disclosure vulnerability in rediff mail
Dear all
is it a good mail?what do you feel guys?.It doesn't encrypting your
passwords
POST /cgi-bin/login.cgi HTTP/1.1
Host: mail.rediff.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3)
Gecko/20090824 Firefox/3.5.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.rediff.com/
Cookie: RuW=1252586041360329; RsW=IND;
RLOC=%5F%5FeZMqPfDceMg%5F%5F4P6Xdf5DkD2%5F%5FtHonjGX8AnI%5F%5Find%5F%5F;
Rt=%3D%3DAMwAjN3czN; accounttype=77;
Rp=g%3D2%26a%3D24%26c%3D08%26s%3D29%26cn%3D099%26z%3D123456%26p%3D034%26e%3D05%26d%3D_04%26i%3D_35_%26dor%3D20060220%26mi%3D3;
RMID=7c7dc92f4aa8f200; RMFS=011MljEWU107fl; app_lang=; ckey=70795
Content-Type: application/x-www-form-urlencoded
Content-Length: 63
login=evil.devil&passwd=*devil.evil*&remember=1&FormName=existing
Regards
kalyan
Full disclosure:http://seclists.org/fulldisclosure/2009/Sep/85
is it a good mail?what do you feel guys?.It doesn't encrypting your
passwords
POST /cgi-bin/login.cgi HTTP/1.1
Host: mail.rediff.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3)
Gecko/20090824 Firefox/3.5.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.rediff.com/
Cookie: RuW=1252586041360329; RsW=IND;
RLOC=%5F%5FeZMqPfDceMg%5F%5F4P6Xdf5DkD2%5F%5FtHonjGX8AnI%5F%5Find%5F%5F;
Rt=%3D%3DAMwAjN3czN; accounttype=77;
Rp=g%3D2%26a%3D24%26c%3D08%26s%3D29%26cn%3D099%26z%3D123456%26p%3D034%26e%3D05%26d%3D_04%26i%3D_35_%26dor%3D20060220%26mi%3D3;
RMID=7c7dc92f4aa8f200; RMFS=011MljEWU107fl; app_lang=; ckey=70795
Content-Type: application/x-www-form-urlencoded
Content-Length: 63
login=evil.devil&passwd=*devil.evil*&remember=1&FormName=existing
Regards
kalyan
Full disclosure:http://seclists.org/fulldisclosure/2009/Sep/85
Packet capture analysis
Packet capture is the act of capturing data packets crossing a network
Best Offline analyze tools
1.Wireshark formly ethreal
Best online packet capture analyze tools
1.Pcapr-www.pcapr.net
Best packet capture samples
1.Evilfingers security community-https://www.evilfingers.com/projects/pcaps.php
2.Wireshark-http://wiki.wireshark.org/SampleCaptures
3.Packet life-http://packetlife.net/captures/
Best Offline analyze tools
1.Wireshark formly ethreal
Best online packet capture analyze tools
1.Pcapr-www.pcapr.net
Best packet capture samples
1.Evilfingers security community-https://www.evilfingers.com/projects/pcaps.php
2.Wireshark-http://wiki.wireshark.org/SampleCaptures
3.Packet life-http://packetlife.net/captures/
Posted by Blogger
How to read windows memory dump?
Normaly microsoft based system will create dump file during BSOD(Blue screen of death)
It is will create with *.DMP
How to read the file?
Install the debugging tools
To download and install the Windows debugging tools, visit the following Microsoft Web site:
http://www.microsoft.com/whdc/devtools/debugging/default.mspx (http://www.microsoft.com/whdc/devtools/debugging/default.mspx)
Select the Typical installation. By default, the installer installs the debugging tools in the following folder:
C:\Program Files\Debugging Tools for Windows
Open the dump file
To open the dump file after the installation is complete, follow these steps:
1. Click Start, click Run, type cmd, and then click OK.
2. Change to the Debugging Tools for Windows folder. To do this, type the following at the command prompt, and then press ENTER:
cd c:\program files\debugging tools for windows
3. To load the dump file into a debugger, type one of the following commands, and then press ENTER:
windbg -y SymbolPath -i ImagePath -z DumpFilePath
kd -y SymbolPath -i ImagePath -z DumpFilePath
Check out
http://support.microsoft.com/kb/315263
It is will create with *.DMP
How to read the file?
Install the debugging tools
To download and install the Windows debugging tools, visit the following Microsoft Web site:
http://www.microsoft.com/whdc/devtools/debugging/default.mspx (http://www.microsoft.com/whdc/devtools/debugging/default.mspx)
Select the Typical installation. By default, the installer installs the debugging tools in the following folder:
C:\Program Files\Debugging Tools for Windows
Open the dump file
To open the dump file after the installation is complete, follow these steps:
1. Click Start, click Run, type cmd, and then click OK.
2. Change to the Debugging Tools for Windows folder. To do this, type the following at the command prompt, and then press ENTER:
cd c:\program files\debugging tools for windows
3. To load the dump file into a debugger, type one of the following commands, and then press ENTER:
windbg -y SymbolPath -i ImagePath -z DumpFilePath
kd -y SymbolPath -i ImagePath -z DumpFilePath
Check out
http://support.microsoft.com/kb/315263
Checking Microsoft Fixit Center
Microsoft Fix it Center makes getting support easier than ever, with tools that help solve the issues you have now and prevent new ones.
* Easy to Install and Run: Easy-to-use wizards will guide you through the set-up process and help you anytime you need support.
* Automated: With automated troubleshooters, Fix it Center helps solve issues with your PC, even if you're not sure what the exact problem is. Fix It Center scans your device to diagnose and repair problems, then gives you the option to "Find and fix" or to "Find and report.
* Preventive Care: By helping you find and fix issues before they become real problems, Fix it Center helps keep your PC running smoothly and automatically downloading the latest solutions
You can use any computer with Internet connection to get started with Fix it Center. Simply download the Fix it Center client and follow the on-screen instructions to complete the setup. You can install Fix it Center client on as many PCs you like
I got error what to do?
* Easy to Install and Run: Easy-to-use wizards will guide you through the set-up process and help you anytime you need support.
* Automated: With automated troubleshooters, Fix it Center helps solve issues with your PC, even if you're not sure what the exact problem is. Fix It Center scans your device to diagnose and repair problems, then gives you the option to "Find and fix" or to "Find and report.
* Preventive Care: By helping you find and fix issues before they become real problems, Fix it Center helps keep your PC running smoothly and automatically downloading the latest solutions
You can use any computer with Internet connection to get started with Fix it Center. Simply download the Fix it Center client and follow the on-screen instructions to complete the setup. You can install Fix it Center client on as many PCs you like
I got error what to do?
Hello World!
Each & Every person who want knows about the Software programmer world,This word is very important.
It is the simplest program to
It is a first step to kick start your programming Life
A "hello world" program has become the traditional first program that many people learn
It is the simplest program to
It is a first step to kick start your programming Life
A "hello world" program has become the traditional first program that many people learn
Posted by Blogger