I was debugging a gpg issue earlier this week, and needed to dump the contents of a public key in some type of human readable form. After a bit of googling I came across the crazy awesome pgpdump utility, which provides a command line interface to display the contents of a GPG public key. To [...]
As reported on Slashdot, there is a wide open exploit on dd-wrt due to how the httpd server handles and parses incoming requests without being authenticated. The HTTP get code to execute has been posted on milw0rm. If you haven’t already, you should either update your dd-wrt installation to build 11533 (most router firmwares have [...]
I came across the following vulnerability breakdowns while reading through Richard’s BLOG: Top Vulnerabilities in Cross-Platform Applications * C1. Backup Software * C2. Anti-virus Software * C3. PHP-based Applications * C4. Database Software * C5. File Sharing Applications * C6. DNS Software * C7. Media Players * C8. Instant Messaging Applications * C9. Mozilla and [...]
I read the article Is Your Printer Spying On You? in awe. While I have always known that government intelligence agencies were working back room deals in the sake of “protecting America,” it never dawned on me that they are using the printer companies to identify people through the material they print. This is some [...]
One unnerving thing about UNIX Operating Systems is the number of setuid and setgid root binaries. These binaries run with root privileges, and are often the first binaries examined by individuals wishing to escalate privileges on a system. To keep tabs on setuid and setgid files, the following find(1) statement can be run periodically: $ [...]
Over the years I have accumulated dozens of disk drives. To assist friends and various projects on the Internet, I have decided to donate my unused disk drives to help others. Having no idea what resides on each metal oxide platter, I wanted to make sure I sanitized each disk drive. After doing some research, [...]
