Testing a personal firewall solution, a couple of resources

I was looking for resources on how to test personal firewall solutions which are so frequent these days. Here are some of the things I found which may come in handy to someone looking 4 the same thing.

History and Advances in Windows Shellcode (The part for: Uploading file with debug.exe and VBS)
http://www.phrack.org/issues.html?id=7&issue=62

Bypassing Windows Personal FW’s
http://www.phrack.org/issues.html?issue=62&id=13 

Firewall leak tester (a collection of scripts for testing personal firewalls)
http://www.firewallleaktester.com/

Defeating Windows Personal Firewalls
http://www.thehackademy.net/madchat/windoz/win32inc/defeating_windows_personal_firewalls.pdf

Hope those help! I need to add those to the directory.

-AV

Posted in Methodology on 06/04/2008 10:09 am by Consultant
 

Quick shellscript for replacing a watermark

This is meant for replacing your own watermarks, not for the purpose of stealing someone else’s content!

But using imagemagick (http://www.imagemagick.org) you can easily replace a portion of the image (*.jpg in this case) with the portion that goes on top, your new logo for instance (litte.gif in this case):

@echo off
for %%X in (*.jpg) do composite -geometry +0+178 little.gif “%%X” output/”%%X”

The -geometry option is for providing a specific horizontal and vertical position within the original image.

What does it have to do with penetration testing you may ask - well it could come useful during a client-side attack where you need to reuse several images quickly, or simply related in the fact that during a period of time where you run out of work, you can work as a designer? oh well.

Hope it helps, it sure helps me remember.

Posted in Tools on 05/25/2008 10:13 am by Consultant
 

It looks like the gpg+firefox+windows+gmail puzzle is solved

This is a quick post but I don’t want to forget this! The guys over at voipsec.eu mention these 2 useful links:

http://getfiregpg.org/

FireGPG is a Firefox extension under MPL which brings an interface to encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG.”

http://www.gpg4win.org/

“Gpg4win is a installer package for Windows (2000/XP/2003/Vista) with computer programs and handbooks for EMail and file encryption. Both relevant cryptography standards are supported, OpenPGP and S/MIME (the latter is in progress and currently works with GnuPG2 and Claws Mail).”

I’ll try these out sometime soon.

Posted in Tools on 05/07/2008 07:36 am by Consultant
 

A look at our security related traffic

Hey, so today I wanted to take a look at the traffic both the blog and the pentest directory project are receiving and, as you may have already noticed, since I’m using Google Analytics for keeping track of traffic stats I found some interesting data that I wanted to share with you.

I’m analyzing 7,167 unique surfers, ranging from January 1st 2008 to yesterday, April 26th 2008.

Most of them, 2.687 connected using IPs from the US. 623 came from the UK and in third place is India, with 417. We then have several more different countries.

From the ~7100 surfers, the 63.61% (4559) used FireFox as a browser, and in second place with 29.15% comes Internet Explorer. 245 used Opera, 114 Safari, 109 Mozilla, 18 Konqueror, 9 Camino, 7 Mozilla compatible Agent, 9 Avant Go.

So most of them use Firefox, that’s nice. And take a look at the following:

82.41% used Microsoft Windows, that’s 5,906 users! Then comes Linux with 831, Macintosh with 370. We have 18 iPhone users! 3 used the iPod, and a couple more.

And moving on to the Adobe/Macromedia Flash plugin version installed:

28.92% (2,073) had 9.0.r115  - 26.58% had 9.0 - and so on with decreasing versions.. we get to a point where:

76 users had version 6.0 installed! and several different old versions of 9.0 including r28, r45, r47, etc.

I would say - interesting. Nothing new yeah but interesting. Let’s update the Flash plugin.

And then you wonder why google analytics takes so much time to load.. 

Cheers

Posted in Uncategorized on 04/27/2008 04:36 pm by Consultant
 
   
  • © 2009 penetrationtests.com