Dharshin's Blog

Configure Policy-Based Routing On Check Point Secure Platform

2011-11-04T23:27:00.000+05:30

There's no straight-forward way to achieve policy-based routing on Check Point SPLAT (Secure Platform). Since SPLAT is Linux-based and Check Point firewalls relies on operating system routing functions, policy based routing is also archived through iproute2 - a set of utilities used to control network traffic on Linux systems. iproute2 is available with most of the Linux distributions (including SPLAT) with a kernel version above 2.2.

For more information about iproute2, please refer to the links in Additional References section of this article.

When configuring policy-based routing with iproute2 on SPLAT, there are some important point you need to remember.

You need to configure a routing table per policy and it's independent of your normal routing table
Because of that once a policy is matched only that particular table is looked for routing
Therefore you must manually add all the routing information (including directly connected routes) for each and every table you create
route --save command does not save the policy based route you configure using ip route command.

gnmap2csv - Generate a CSV File from Nmap Scan Results

2011-07-04T12:45:00.003+05:30

I created this basic script to generate a small report from nmap scan results. It's just a quick-and-dirty bash script that can generate a CSV file from .gnmap files that are produced by nmap scanner. You can either use this for reporting or just to get a quick view of the hosts, open ports and services. It has been quite useful for me for penetration tests that I do.

The following is a sample file I generated from an nmap scan and I opened the CSV in Microsoft Excel.

Automating Penetration Tests - Part 2

2011-06-12T09:22:00.002+05:30

This is the part 2 of the article, click here to read part 1 of the article.

Modern Approaches to Attack Graphs Generation and Analysis

In the modern approach, attack graphs are generated without the full knowledge about the network – which represents real-world scenarios. Then during the attack phase rest of the information is learned and the attack graph is altered accordingly. A planner or an intelligent mechanism such as neural network is used to analysis the graphs and then to generate attacks.

There are two notable researches papers that discusses on attack planning. Ghosh and Ghosh proposed a new approach to attack planning using a planner [35]. Then Obes et al. have used the same concept and integrated the planner to a penetration testing framework to successfully conduct a penetration test [36].

Read more »

Automating Penetration Tests - Part 1

2011-06-10T23:01:00.005+05:30

This article is written based on the literature survey of my Masters theses on Automating Penetration Tests. The main objective of this research is to look into ways that penetration tests can be automated. However I strongly believe that capabilities of a god penetration tester can not be automated using a computer program. So the intention is to automate systematic steps of penetration tests to save time and effort for the penetration tester.

Basic Automation of Penetration tests

There have been various attempts to simplify penetration tests by automating various steps of the penetration test. The simplest attempt is Autopwn [3] in Metasploit framework [4]. First penteser gathers information about target systems using Nmap or Nessus. This information is imported to a database using database module in Metasploit. Autopwn query the database for open ports and services. Then it loads the exploits in Metasploit that matches these services and launch them against the target systems.

Read more »

Introduction to Penetration Testing For Non-Technicals

2011-05-16T19:33:00.012+05:30

If you are a manager with a different background than IT or if you are a non-technical person wondering whether to conduct a penetration test for your organization, this article might be of help to you.

What's Penetration Testing?
In a penetration test (a. k. a. pentest) penetration testers (a. k. a. pentester) simulate an actual attack on the system being tested to assess the weaknesses of the system(s) and gives recommendations on fixing the vulnerabilities discovered.

Penetration Testing Vs. Ethical Hacking?
Ethical hacking is a buzz word that became popular in information security industry with the introduction of Certified Ethical Hacker exam by EC-Council. Although some argue that penetration testing and ethical hacking are two different things , it's quite hard to identify any difference between the two

Read more »

CarolinaCon 2011 Videos

2011-05-08T09:39:00.004+05:30

Although I had not have a chance to attend major information security conferences, I follow them through videos that they release. I dont think videos give the same experience, but the knowledge you can gain from these presentations is really awesome.

You can get information about the videos from here.

You can find CarolinaCon 2011 conference videos bellow.

Read more »

Display Post Title Before Blog Title in Blogger for SEO

2011-04-29T21:22:00.002+05:30

By default Blogger displays the blog title before post title. For an example <Blog Title>: <post title>.In terms of SEO this is bad. We want to display the post title first and then the blog title. To change the default behavior follow the following steps.

Log into Blogger and go the "Design" tab
Then click on "Edit HTML" link.
Make sure you take a back of your existing template by clicking on "Download Full Template" link and saving the XML file to a safe storage location.
Search for the following text in the template.

Updated My Blog

2011-04-25T20:07:00.000+05:30

If you have been to my blog before, you can see that most of the things have been changed. Got a new domain name, moved to blogger from self hosted Wordpress blog, got a new theme, but the same old content :).

Most of the stuff written to date in this blog are from my old blog. Most of these articles are about 2-3 years old - they still get hits.

Why did I move to blogger from a self hosted WordPress blog?

First of all, I love WordPress, there's nothing wrong with it. But maintaining a self hosted blog is a lot of work. Updates, plugin updates, moderating comments and what not. Blogger is easy, you can focus your entire energy on writing posts.

My previous blog dharshin.co.cc was hosted on Freehostia.com's free hosting package. For a completely free package it was awesome. The loading speed is good, availability is a also really great. I really love them.Go check them out (http://www.freehostia.com: not a reference or affiliation link :)) if you are planing to host any web site.

Speaking of web hosting, I really had very band experience with web hosting providers. That's also probably why I moved to Blogger (plus it's free). Web hosting is another topic. I'll exposed about web hosting scams in the future.

That's it for now. Enjoy my new blog!

How to Customize Google Country Redirect in Firefox

2011-04-25T15:34:00.002+05:30

This article discusses about how to change Google country redirect to whatever your want from firefox permanently.

The Problem
Google automatically redirects to the Google's country domain depending on your IP address. If you are using Google search through a proxy or if you are traveling, you might have experienced this.

Solution 1: Always get results from Google.com

One way to stop Google country redirect is to visit this link: http://www.google.com/ncr. This sets a cookie in your browser announcing Google not to redirect. Now you are getting results from google.com. But this solution fails if you remove cookies in Firefox. And the other problem is that you’ll not get country-specific search features.

Solution 2: Get results from your favorite Google country domain

Firefox’s default search bar gets its configuration options (what search engine to use, what parameters to pass, etc) from XML files located in ’searchplugins’ directory in Firefox’s default directory. If you are on a Windows system this most probably be ‘C:\Program Files\Mozilla Firefox\searchplugins’. There’s an XML file for Google called ‘google.xml’. Following is the content of that file.


Google
Google Search
UTF-8



  

http://www.google.com/

XML tags hare are self-explanatory. First copy google.xml and make a new one. Lets’ call it ‘google.lk.xml’ for examples. Then Edit ‘ShortName’, tag and rename it to something else. Let’s call is “Google.lk”. Then there are two ‘Url’ tags. Leave the first ‘Url’ tag as it is since it’s used to get search suggestions. In the second tag change template attribute to template="http://www.google.lk/search".

Change http://www.google.com/ to http://www.google.lk within '<SearchForm>' tags. This specifies the page to display if you click on the magnifying glass icon, at the left hand corner of the search bar, without any search terms.

After these changes are made, new google.lk.xml file should look like follows.


Google LK
Google Search
UTF-8



  
  

http://www.google.lk/

If you are in a different country than Sri Lanka, use your country’s Google domain instead of google.lk.
Finally, you have to select “Google.lk” from the search engine list in Firefox's search bar (Click on the small traigle next to search engine logo)

Solutions for Kies Not Recognizing Samsung Galaxy S Problem

2011-04-25T00:47:00.002+05:30

Problem
Samsung Kies does not recognize Galaxy S (with Android 2.1) even though the phone is properly connected to the PC. If your Android crashes while connecting, then this might not be a solution for you. If not here are some troubleshooting steps.

What Could Go Wrong?

Your phone is not in "kies mode"
Windows drive for your phone is not properly installed
You are not running TWlauncher
Kies errors/OS errors and what not

Solutions

First check if you phone is in "Kies mode" when you connect it to the PC via USB.

Go to Settings > About Phone > USB Settings

Check if you have selected Kies or Ask every time option

If the above setting are in place, then check if you have installed the driver properly on your PC. You can reinstall the driver via Kies by going to Tools > Install driver.

The third reason could be that you are using some other launcher application than Samsung's stock laucher - TWlauncher. For me this was the problem. I was running Go Launcher Ex (it's a really cool app by the way) instead of the TWlauncher and Kies do not recognize the phone - no warnings, no error messages. After uninstalling Go Launcher Ex :(, everything is working perfectly now. If you know a way to keep Go Launcher Ex and connect to Kies, please let me know.

Finally if nothing works first try restarting Galaxy S and PC. If that also fail, try reinstalling kies

Configuring Cisco Terminal Logging: Minimize Interruptions to the terminal

2011-04-18T16:09:00.001+05:30

You might have experienced that while you are typing a command on a terminal, some stuff get thrown to the terminal by the router or the switch making it a mess. This stuff can be useful specially when you are configuring a routing protocol or changing setting on an interface. However messages like the following, is quite disturbing when you are doing some task.

Router(config)#
Router#show
*Mar  1 00:07:23.487: %SYS-5-CONFIG_I: Configured from console by
consolerun
Building configuration...

Current configuration : 694 bytes
!
version 12.3

Above terminal output is a good example. A message has been thrown in between me “show run” command. The router understood the command perfectly, but it we cat read it clearly. The reason for this is logging. Routers and switches use console ports to log messages. You can three options to stop or minimize the logging disturbances on terminals.

Read more »

Configuring Cisco ISO Command Line Aliases

2011-04-18T16:02:00.001+05:30

How many times do you type show ip interface brief, copy run start, configure terminal, show running-config, etc. But isn’t there a way to make thing easier? Yes there is, that’s command aliases feature provided in Cisco IOS.

Aliases are configured within a mode; exec: #, global configuration: (config)#, interface configuration: (config-if)#, router configuration: (config-router)#, etc. you can issue a show aliases ? command to see how many modes are there. But practically you’ll mostly need exec mode aliases.

A filtered output of the show aliases ? command is shown bellow.

Router#show aliases ?
--- output omitted ---
  configure                  Global configuration mode
...
  exec                       Exec mode
...
  interface                  Interface configuration mode
...
  router                     Router configuration mode
...

Disable DNS Lookup on Cisco Routers and Switches

2011-04-18T15:19:00.000+05:30

This article discusses how you can disable DNS lookup on Cisco routers and switches and effect when DNS lookup is enabled.

Problem
In privilege EXEC mode, if you type in something other than a Cisco IOS command, the router assumes that you typed a domain name and it tries to resolve what ever you type.

Although this feature is can be useful in some situations, for most of the time, this is a pain, especially if you do not have DNS server configured. The router becomes irresponsive for about 5-6 seconds trying to resolve the name.

The following is an example.

R4#wrong-command
Translating "wrong-command"...domain server (255.255.255.255)
 (255.255.255.255)
Translating "wrong-command"...domain server (255.255.255.255)

% Unknown command or computer name, or unable to find computer
address
R4#

Enable SSH Server on BackTrack

2010-07-04T11:32:00.002+05:30

If you need to SSH or SCP to BackTrack box, you need to start the SSH server that comes with Backtrack.

First you need to generate keys. As root, type in the following line

root@bt:~# sshd-generate 
Generating public/private rsa1 key pair.
<--- snip --- >
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
<--- snip --- >
Generating public/private dsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_dsa_key.
Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub.
<--- snip --- >

PHP File Upload

2008-05-10T21:43:00.001+05:30

I'm going to show you how you can allow users to upload file into your web server. Although I'm not concerning security related issues here, there is a big risk in allowing users to upload files.

The first reason is that people can upload scripts into you server and execute them there. The second easiest thing to do is write a script that upload hundreds of thousands of files into your server, eventually making it run out of disk space. Hopefully in the future I'm going to write some security articles as well.

By default in PHP versions 5.x, file uploading is enables in php.ini. If you are in windows, php.ini file resides in the folder where you installed PHP. In Linux this file may exist in /usr/local/lib/php.ini path, if you went with the default settings.

Under the File upload section, there are some important directivesfile_uploads = On. This directive indicate that file upload is on. The next directive is 'upload_tmp_dir'. When user uploads a file, the file is temporally stored in the directory specified by this directive. One important thing you should keep in ming is that This temporally created file only exist until the PHP file ends. So you must move the file to the appropriate directory of your choice. I'll show you how to do it later. Then you have another directive called upload_max_filesize'. This specifies the maximum size of the file allowed to upload.First step is designing a form that user can use to select his/her file. Here is a simple form.

File:

If you want to upload a file enctype="multipart/form-data" attribute must be in the form tag, otherwise the browser will not send the file to the server. As usual, there is an input field, but with the type equals to 'file'. This gives the user a browse button with a text field to select the file. I'm sending the information to a php file called file_upload.php here.Now lets look at how does file_upload.php looks like.

/* file_upload.php */
< ?php
$file_path="C:/www/uploads/";
$file_name=$file_path.$_FILES['upload_file1']['name'];
move_uploaded_file($_FILES['upload_file1']['tmp_name'], $file_name); 
?>

PHP has a super global array called $_FILES. Then a file is uploaded to the server, php uses this array to keep information about the file. In the first pair of square brackets, you have the file name. The file name is taken from the form that you send the file. In this case it's “ upload_file1 “. Next, attributes associated with the file are in the next pair of square brackets. $_FILES['upload_file1']['name'] – Name of the original file that the user upload.

$_FILES['upload_file1']['tmp_name']: I mentioned earlier that the file is copied to a temporary location, until the script ends. This has the name given to that temporally created file. By default. This file has a file name with “php” prefix and a randomly generated name. This has done to eliminate one file overwriting another file with the same name.

There are some more attributes. You can refer to the PHP manual, if you want to have more control.Only thing you have do is, copy the temporally created file to a permanent location with the function move_uploaded_file(). This function copies the temp file to you ferment location. You should give the full path of the file. That is the path and the name.

Also make sure that this directory exist and apache as permission to write the destination location. This example shows a Microsoft Windows path. If you are on linux file path can be something like /var/www/html/uplodes/ ($file_path="/var/www/html/uplodes/";). If your running apache user that user “apache”, you can change its ownership to apache.chown -R apache /var/www/html/uplodes/.

Hope you got something out of it. Your comments are always welcome.

Paging Results with PHP and MYSQL – Part 2

2007-10-25T11:06:00.000+05:30

Welcome to part 2, if you didn’t read part 1, please do, because this is a continuation of that. Now we want to go a step further and add “First” and “Last” links to our navigation.

“First” should point to the first page of our result set and last should point to the last page.

If user is at the first page, “First” and “Previous” links should disabled and like wise “Last” and “Next” should be disabled at the last page of the result set. It makes sense right?

Read more »

Paging Results With PHP and MYSQL - Part 1

2007-09-15T11:07:00.000+05:30

Lets say you got a site that prints out some result based on a search term or lists some items that has many rows that's too much for a single page.I’m going to show you a way of dividing results into several pages and allow users to navigate through there results.

For this example, I am using a mysql database called "temp" and a table called "links".

The following code is a set of SQL statements that I used to generate a sample database for this example. Database name is called 'temp' and it has one table called 'links' (see SQL statements bellow). Then I have added some data to that table.

Read more »

Insall MPlayer from Source

2006-05-01T18:56:00.001+05:30

I have seen many people struggling to get the MPlayer working in GNU/Linux and the following is a simplified guide for these people, it worked for me. Follow this method in any disto, it should work, unless of course if you don’t have the basic resources like make, gcc and etc.
Before you install MPlayer, it asks for either DivX or XVid codec (not sure if they are available in you distro) else fetch it from http://www.xvid.org/ and http://download.divx.com/labs/ divx611-20060201-gcc4.0.1.tar.gz [update: this link is not updated. when you download make sure to get the current version of the codec].

Just install them both so you can use both of them. First install these two, so mplayer can support these codecs as well. It’s not a big deal to install these codecs.

DivX has a shell script called install.sh just run it using ./install.sh command. By the way, to extract a tar.gx or a tgx file, use the following command tar –xzvf file_name.tar.gx To extract a tar.bx2 file or a tbz file use the following command.

tar –xjvf file_name_here.tar.bz2

for xvid codec uncompress it and go to that directory and in that, go to build/generic
and then do the following

./configure
make
make install

Then download MPlay from the following link http://www1.mplayerhq.hu/MPlayer/releases/MPlayer-1.0pre8.tar.bz2.
Then start installing MPlayer. uncompress it using this command.

tar -xjzf MPlayer-1.0pre8.tar.bz2

Go into that directory that it creates and execute the following command.
Note: If you don’t use –enable-gui option it will not compile it to enable the GUI skin, so make sure to include this option.

./configure –enable-gui

Now execute the following two commands.

make
make install

Then install a font Copy a *.ttf file form any ware to the /user/local/share/mplayer/ directory and rename it to subfont.ttf.

Then install a skin. Download any skin from http://www.mplayerhq.hu/MPlayer/Skin/ and then make a director inside /user/local/share/mplayer/ calles skins. Copy the skin (.tar.bz2 file) into the newly created directory and uncompress it. Then rename the skin (the name of the directory which was created by uncompress process) that you want to appear as the default skin for Mplayer, to default. Then you can play music and movies. Use gmplayer file_name.mp3 in a terminal or you can set file association and then use it like any other player you are already familiar with.