Mixed links and commentary


Via rootkit.com: a tool to load arbitrary unsigned drivers under Vista without playing with the boot parameters. Very nice. I didn’t play with it, but I assume that it does this by loading its (signed) driver, then using that to perform the load from kernel mode. The question remains: can’t Microsoft revoke their certificate, so that this driver can no longer be used? If not (and that’s what I’ve heard), the benefits of driver signing are gone.

How to discover a buffer overflow in less than 30 minutes. Cool, just remember that the absence of vulnerabilities can not be proven by attacking it.

The Microsoft file list database, if you want too lookup a file to decide if it’s truly a MS file (of course you also need to check the validity of its certificate)

Via LonerVamp:

DNS pinning explained. From what I know (and that’s not much ;-)), the solution would be to disallow the forging of headers from XMLHttpQuery (why was it in there in the first place!?)

Satori, an OS fingerprinting tool for Windows. I wonder how it compares to nmap or p0f, and how it handles changing the parameters of the Windows TCP/IP stack? (Via PaulDotCom)

Changing your MAC address programatically under Windows – used to to this manually, because I found the idea strange to pay for an utility which does the same as you cn do from a few clicks. Anyway, here is an interesting related tidbid of information, maybe somebody will find it useful: while Windows (tested with XP SP2) can spoof the MAC address, it does not take it kindly (read: everything goes haywire) when it is spoofed from hardware. I was putting two Qemu virtual machines in a virtual network, and to make them have different MAC addresses (so that the network can actually work :)), I gave one 12:34:56:78:9A:BC and the other one :BD. With windows this didn’t work (all kind of strange things happening, like ignoring ARP replies, etc), while with Linux (tested with DSL – Damn Small Linux) everything was perfect. The problem disappeared after I made sure that the MAC address for the Windows machine contained the correct OUI in the first six bytes.

Security videos

Using telnet to test your e-mail – I always forget it too 🙂


Leave a Reply

Your email address will not be published. Required fields are marked *