Hacks

xrayspx's picture

Hey Hey RSA

Today I got a customer satisfaction survey from EMC. It was specifically about RSA and how we like their products and the company in general. Cynically, I have to believe that it's not entirely a coincidence that they did this survey during BlackHat & DefCon because, well jeez maybe because half of the people receiving this aren't even in their home fucking state? There was a comment field to one of these asking "why do you feel this way".

xrayspx's picture

Yay Yay RSA!

The key point I took away from RSA's communications today is that all implications are that it's likely their token seed database was taken and that token codes are predictable, and may be able to be matched to customers.

They didn't say this, clearly, but every action they suggest to mitigate risk points to the fact. The mitigation steps they give are:

xrayspx's picture

Help me kill this window

I have a bash script on my work Mac which creates an ssh tunnel to my home machine, then runs the Mac ScreenSharing.app VNC client so I can VNC home without opening VNC externally. All this works great with key based auth and stuff for the ssh session, so I just get a login prompt for the VNC session and I'm on my way.

At the end, I try to have it clean up after itself, I've tried using waits and then killing the PIDs associated with things like the tunnel, so when Screen Sharing closes, it tears down the SSH tunnel.

xrayspx's picture

A new job for the little Asus

I think I've finally found the perfect job for the little Asus EEE, since it's just too weak to show good video. It has the following tasks:

Find LDAP groups with obsolete users

OpenLDAP has a nice "feature" that allows for group members to continue to exist, even if the user does not exist any more. Really handy! Problem is, if you, say, have a user in the "Domain Admins" group, and you delete that account, and then some normal user comes along with the same username, they will end up with unexpected elevated privileges.

So I created a script that I run weekly that finds group members that no longer exist, and sends me a report. It also tells me which groups are empty.

This relies on my toolbox... Find it here.

Using some of our new tools

Ok... Now that we have our toolbox Let's do something with it. Today we'll look at a simple solution to an everyday problem. Resetting a password.

Part 4: Wrapping up the foundations

Just to wrap up, and in case you are lazy like me, give you a whole file worth of subroutines. It's my toolbox and I'm giving it to you. I put this in a secure location and just call it from my other scripts. This makes the code much shorter in my other scripts, nearly auto-commenting, and avoids bugs because if it works in one, it will work in others.

NOTE: This uses the foundations in parts 1, 2 and 3. You can find them here: Part 1 Part 2 Part3

Tags:

Part 3: The SubRoutines

Now for the tools. There's a lot here, but in further articles you will see how this can be useful. I'll go through each tool with what it does, how to call it, and then the code itself.

NOTE: This uses the foundations in parts 1 and 2. You can find them here: Part 1 Part 2

Tags:

Part 2: Some Standard declarations and personalizing for your site

More foundational work. This stuff will configure for your site, and the routines that follow will regularly rely on them.

First, let's declare our modules:

#!/user/bin/perl
use strict;
use Net::LDAP;
use Authen::SASL;
use IO::Socket::SSL;
use Digest::SHA qw/sha1_base64/;
use Mail::Sendmail;
use Crypt::SmbHash;
use CGI;
use CGI qw/:standard/;

Tags:

Pages

Subscribe to RSS - Hacks