Information Security

goofile – Backtrack 5 – Information Gathering – Web Application Analysis – Open Source Analysis – goofile

The goofile Backtrack menu item ( Backtrack > Information Gathering > Web Application Analysis > Open Source Analysis ) is a great little Python script that provides easy access and results from one of Google’s Advanced Searches. During the information gathering phase of a penetration test it provides a great method to collect data about your target by searching a domain for specific file types. Below we describe goofile in more detail and provide an example of how goofile works.

Technology Insights

Find Out The Amount Of Time A Linux Process Has Been Running

I always forget the ps command arguments to see the length of time that a Linux process has been running so I am writing it out here in hopes of remembering it in the future without having to read the ps manpage. I also will know I can easily search this later to find the solution. Below I describe what command to use from a Linux terminal window to display the length of time a specific process or set of processes has been running.

Technology Insights

PostgreSQL Log Entries: CDTLOG: statement: SHOW client_min_messages

I was troubleshooting an issue at work the other day regarding some PostgreSQL connections that were not closing. They were left IDLE, never closed, and eventually used up all of the possible connections (which totaled 100) configured in the  postgresql.conf configuration file. In the process of troubleshooting I noticed a bunch of Postgres log entries that I was unable to immediately pin down to what was causing the entries. Below I describe the view of the idle Postgres connections, the PostgreSQL log entries that were unfamiliar, and the cause of both.

Technology Insights

Restart DD-WRT Web Server Using The Command Line From An SSH Connection

I have a Linksys WRT54G wireless router running DD-WRT open source firmware. A lot of the work I do requires providing access to clients or coworkers to various devices on my local network. I also view the DD-WRT web interface regularly on the Linksys WRT54G to see what devices it can see on the network via ARP or IP. A lot of the time when I attempt to connect to the web server which is only running HTTPS on port 443 the connection via my browser will just hang or simply won’t make a connection at all. During the times when I am unable to open the DD-WRT web interface I am always still able to connect to the Linksys device via SSH meaning that for some reason the web interface is failing.