average admins

I remember reading a cool article a long time ago about how it was possible for someone to create a backdoored image and use it to gain access to the internal network of the company he was targeting. The article was called Wardriving Into GIAC Enterprises with JPEG’s and is available here: http://www.giac.org/certified_professionals/practicals/gcih/0651.php

Well, apparently it’s STILL possible to backdoor an image, but this time it’s with JavaScript. I don’t know JavaScript very well but I can only assume that it’s possible to code a quick script to download any imaginable tool and execute it.

http://www.gnucitizen.org/blog/backdooring-images

Surely you’ve heard of how it’s possible, by just visiting a website, to have a JavaScript script sent to your computer which can do any number of things … such as port scanning your internal network, for example. SPIDynamics has written a POC that does just that. You can read about there here: http://www.spidynamics.com/spilabs/education/articles/JS-portscan.html. Now you know how to incorporate that code in a simple image.

If you want to test this out yourself and you don’t have a webserver for uploading images, try downloading XAMPP and setting up a webserver on your local machine. It’s perfect for testing web applications such as this.

I spent a few minutes at work last night after everyone left to catch up on some Windows patches that, for whatever reason, weren’t being installed by the WSUS server.

We run all of our client workstations through a proxy that gets assigned through Logon scripts. Since I was logging on to these workstations as the local Administrator I was not getting the proxy settings assigned to me so I had to manually configure each PC’s IE settings twice (once to add the proxy and another to remove it). I only had a handful (maybe 20) of PCs to do this to so it wasn’t THAT big of a deal but it got me wondering if there was an easier way to apply the proxy settings to IE. After a quick Google search I found a site that explains what registry settings to make: http://www.adopenstatic.com/cs/blogs/ken/…/131.aspx

I’ve never used RegWrite in any of my scripts so I had to look it up:
http://www.devguru.com/…/wshshell_RegWrite.html

So here’s the final scripts that can easily be placed on a server for quick access:

IE-EnableProxySettings.vbs

Set WshShell = WScript.CreateObject(”WScript.Shell”)
WshShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable”,”1″,”REG_DWORD”
WshShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer”,”proxyserver:8080″,”REG_SZ”

IE-DisableProxySettings.vbs

Set WshShell = WScript.CreateObject(”WScript.Shell”)
WshShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable”,”0″,”REG_DWORD”
WshShell.RegDelete “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer”

Andi Gutmans, co-founder of Zend Technologies, announced earlier this week that Zend will be collaboratiing with Microsoft toward the common goal of making PHP run faster and more stable on the Microsoft Windows platform.

Andi commented on his blog that “There are now people at Redmond who understand that supporting interoperability between open-source software and the Windows platform will have benefits to their customer base. 4.5M PHP developers are hard to ignore, especially when so many PHP developers actually do their development on Windows”. It was refreshing to hear that Microsoft was open-minded enough to change thier plans for IIS 7 to support a FastCGI implementation in an effort to meet the goal of improving PHP performance on Windows. They had apparently not originally intended to do this. The official Zend press release indicates that this collaborative effort has already made huge improvements.

I am glad to hear that Zend is committed to improving the performance of PHP for use on mulitiple platforms (PHP has run on Windows for some years now, just not as well as it should). It is also great that Microsoft is giving notice to the open source community.

I currently develop on Linux and that is also what my production servers run on. I am extremely happy with this arrangement and will more than likely not be changing to another platform (ie; PHP on Windows).

What about you? Will you consider migrating your PHP *nix servers to Windows based on this news? Are you currently running PHP on Windows and if so, what are your thoughts on this?

I am currently working on a project for my personal business, Fruitful Solutions, and wanted to display dynamic image headlines on my pages, similar to the post headlines we have here on average admins. Normally I use straight HTML to create page headings or statically create images in a graphics application. Both of these methods work and have worked well for me in the past, but I wanted a little more this time around. I wanted the look of the static image with the ease of creation that the straight HTML headings gives me. I also wanted to use TrueType Fonts (TTF) so that my headlines would look similar to the font I used in my logo for consistency. I did a little research and here is what I have come up with.

(more…)

I just read an article on Richard Bejtlich’s blog about some proof of concept code that SPI Dynamics has released. The application is written in JavaScript and runs in a web browser. The application shows how a JavaScript application can scan network devices and even determine running services on hosts found to be active on the network. This is an extremely cool concept.

I suggest you read the whitepaper and give the proof of concept a try. It is quite impressive. I tried the proof of concept on my home network and was amazed as the web page continued to update displaying live hosts on the network and whether the hosts were running a web server or not. It scanned my HP 2550 Color LaserJet printer and showed the IP to be active and that there was a web server running on it, although it couldn’t identify the server software correctly. It currently will only identify IIS and Apache web servers correctly. There are also a lit of known issues posted on their site.

I can see how this could get ugly real fast. The next web site you entertain could have something similar running behind the scenes and may not be so polite as to update the web page you are viewing with the activities it is performing unbeknownst to you. If this type of scanner were to grow over time, there could be ways to determine vulnerabilities within the services found on the host and then determine ways to exploit them. All of this can happen while you peruse the web behind the comfort and security of your firewall… Interesting!

I’m not a programer of any kind or a web master. I coded a html web page when I was 14 and that is it. Here’s the question:

Here at the Uber credit union we have in house classifieds for Employees to post junk for sale for free. The girl that is in charge of this is having a hard time with some free ware script that is not customizable or intuitive, and is very limited in what it can do, i.e. she can’t delete one ad at a time. She has to delete the whole classified section of all ads. Do any of you know of some freeware or sites other than SF.net (been there) to try?

Kevin

I just read an article about the Portland Project, a Free Desktop initiative for a set of APIs to allow software developers to more easily develop applications for cross-desktop use. The announcement was made today at LinuxWorld in Boston.

(more…)

Adrian has been singing the high praises of Lisp to me for a few months now. This is a quick how-to for installing Emacs, SBCL, and SLIME on FreeBSD. Keep in mind that I know nothing of the Lisp language (or Emacs for that matter) currently so this is just the steps to set up the development environment for Lisp development in FreeBSD. The language will come second and will require a lot of reading, trying, failing, and discussion with Adrian over IM!

This tutorial is, for the most part, based on a how-to movie by Marco Baringer which can be downloaded here: http://common-lisp.net/movies/slime.mov or via BitTorrent here http://common-lisp.net/movies/slime.torrent. For more detailed information on what the below steps are actually doing, I highly recommend you watch Marco’s movie. There will be references throughout this how-to to the movie. They will look like [MOVIE: XX:XX:XX] where XX:XX:XX is the time the item I am discussing is referenced in the movie.

One more note about the video tutorial: Marco is connecting to a remote server and not doing everything locally. This tutorial discusses everything you need to do to get this running on FreeBSD locally. Again, Marco explains in great detail what is going on in the below steps. This how-to is more or less to document the exact steps I went through to get Emacs, SBCL, and SLIME playing nicely on FreeBSD. Hopefully this will be helpful to others around the ‘Net!

(more…)

Part of my job requires that I create web-based reports. Generally speaking, “my” users don’t like to scroll down to the 700th row of data, nor do they enjoy losing view of the nice column description headers I put at the top of the dataset for them.

As a result, I am constantly looking for new ways to present data. As I implied above, some of these data sets can be quite large and may include hundreds of rows. I have used IFrames in the past, but recently began using the often overlooked CSS overflow property. The overflow property allows me to stick with my preferred method of applying CSS stylesheets as much as possible (as opposed to html table-based layout), and in this case seemed like a great solution for using CSS to control data layout in the browser.

The CSS overflow property specifies whether a box is clipped to its padding edge, and if so, whether a scrolling mechanism is provided to access any clipped out content. The property has several values which provide situational flexibility.

You can view my working example here. If you are really interested, you can read more about the CSS overflow property at W3.org

One caveat that I will warn you about, if you need to print the page, only the data that appears in the top n rows will appear on the printed page. However, if you use a printer-friendly CSS layout for printing, it shouldn’t be a problem.