While doing my presentation at CarolinaCon 2007, “How to 0wn CTF”, the question of the winner came up as to if they were actually the winner or did they cheat by using SQL injection. I’ve been racking my brain off and on whenever I get a chance try to come up with a way to do a SQL injection to attack my application. It’s pretty trivial to just add the following to an item in the flag file to get the sql command to execute:

‘;<sql statement you want to run>

The issue that I take with this is that you need to know the table and field names to do any type of INSERT or UPDATE.

I ran across a SQL injection cheat sheet while doing some SQL injection googling. Read the rest of this entry »

I created this site to document projects that I work on. There are a couple of reasons why I go thru the hassle of documentation. The main reason is that I don’t forget anything and the other which is just gravy is that maybe someone else will be able to follow along and not have to jump through all the hoops to learn the same thing that I did. They can also use my documentation to reproduce the steps it took to come to the same end result and hopefully expand upon that. This is the first of many posts to come related to these projects.

My first project will document the steps needed to collect and reverse engineer Windows malware. I’ve never done this before, but have experience with Honeywalls. I used them at the CarolinaCon 2005 Capture the Flag event. For the collection part of this project, I’m going to be using a Honeywall, Nepenthes, HoneyC, and possibly Capture-HPC. The host OS for the Honeywall and Capture will be Windows XP with no service packs installed. Read the rest of this entry »

I’ve reached a bit of happiness in my quest for IRC on windows thru a shell account running a bouncer with SSL encryption from my client to my shell account. I ended up using XChat. After googling, I was able to turn off the internal ident server that comes with it by using the command /set identd 0, which I found in the FAQ. With that turned off, I needed to find a windows ident server that was configurable. After googling, I found one here which is fully configurable. I can now authenticate to my psybnc since ident is properly configured. The only thing left to do that will make me happy is to setup the bouncer so that I can be on two IRC networks at once. I am running into an issue on my Mac. I haven’t found a configurable ident server for os x yet. Snak comes with an ident enabler, but there is no way to configure your username or os/host, so that’s out. I’m still looking for a working solution as time permits. Read the rest of this entry »

Tonight I setup psyBNC so that I could connect to IRC without having to worry about some of the issues that come with being on IRC. I haven’t been active on IRC in about two years and the last time that I was on it was only for a month or so. At every 2600 meeting, I see my friend txs and he always asks me when we are going to start having a work night at the lab to work on projects that we have going on? My response is always I’ve got too much other stuff going. Most recently, the excuse is that there is standing room only in the lab. The reason I have a sudden increased interest in IRC is because he is always in #nc2600 and hopefully I can get some dialog going with him on projects that I’m planing on work on this summer. Read the rest of this entry »

I really need to pick back up studying for certification tests. I’ve always hated them. I never understood why I had to a piece of paper that said I was qualified to the job that I was currently doing. That makes no sense at all to me. I was required to by an employer to acquire CompTia A+, Network+, Microsoft Desktop Support Technician (MCDST), and Microsoft Office User Specialist (MOUS) Word 2003 Expert certifications and that if I didn’t I would be fired along with everyone else in my department that didn’t step up to the challenge. Read the rest of this entry »

I started this blog after a failed attempt to create a community website where members could share information related to the Information Security field. The site fell flat on it’s face due to only one person posting information to share. I have to admit that I didn’t add much myself due to lack of time. I created a tutorial on how to add stuff to the site. I did start to add a firewall presentation that I had given in the past, but I never finished creating the content for it. I think that the few people that were on the site did benefit from the forum. Members were able to ask questions about things that they didn’t understand or wanted to learn more about. The site eventually became a place where I kept my thoughts and notes on projects that I worked on. Since the focus of the site changed, I felt that a blog was more appropriate. I will eventually add a forum to this site so that others can share information that they have learned or ask questions outside of the scope of what I post here.

More to come later…