Information Security

How To Set a Root CA to Untrusted on Mac OSX

I decided to make a quick post on how to set a trusted root CA to untrusted in Mac OSX. As some people may or may not know, one of the root CA authorities was recently hacked and several rouge certificates were issued including one with a domain name of  .google.com. Now DigiNotar, which is the company in question, claims that the have revoked all the rouge certificates and all is well. However, me being involved in infosec and security I would rather not take any chances so I decided to set DigiNotar to a “trust never” level on my machine for the time being. Below I will outline the few simple steps to do this for any certificate authority on Mac OSX.

Information Security

Crack Juniper Router Passwords, Juniper Password Hash Details

Recently I needed to find out information about a Juniper router password which is stored as a hash in the router configuration. The tricky part is while the password hash is technically a MD5 hash it is modified to make it unique and make it harder to crack. Luckily there is a way to crack the hash using JTR (John The Ripper) though it will require that you also have the username associated to the password as the username is used as part of the salt for the hash. Below there is first information on how to crack Juniper hashes which are the same as Netscreen hashes followed by more information about the hash itself.

Information Security

Crack Cisco IOS Password Hashes, Crack Cisco Type 5 & Type 7 Password Hashes

Cisco devices running the Cisco IOS have three types of ways to display passwords in the device configuration which include Type 0, Type 5, and Type 7. Below we describe all three methods of storing passwords in the Cisco IOS device configuration and how to obtain the password from each method either by simply reading the password, by quickly converting the password from the Cisco defined encryption algorithm, or by cracking MD5 UNIX password hashes.

Information Security

SELinux prevented ruby from reading files stored on a NFS filesytem

While working on a server farm for a client I kept running into some issues with one of the servers. The issue appeared to be a single CentOS Linux server in a cluster of ten CentOS Linux servers configured exactly the same as the other nine CentOS Linux servers was having issues writing to a network storage device. Initially I figured that the CentOS Linux server having the issues had some permission issues with the directory that was mounted to the SAN (Storage Area Network) however after minimal troubleshooting it was verified that the permissions were identical to the other servers. I started looking through other logs on the server having the issue and located some SELinux errors that were noticeably related to the issue at hand. Below I describe where the SELinux error was located, what the specific errors were, and how I was able to resolve the errors on this specific CentOS Linux server.