For anyone that has done a long source code audit is not about really finding the easy/low hanging fruit stuff that can be slow and sometimes a bit “frustrating”. I recently had a nice 660,000 lines of code source code audit to be done in less than 2 weeks, the language was Java, so the…
I recently wrote an article about how to fix btscanner in Backtrack Linux and realized after the article was completed that some people may prefer to launch btscanner via the menu in Backtrack Linux instead of the command terminal by typing btscanner. This article specifically explains how to add btscanner back to the menu in…
When attempting to launch creepy via the Backtrack menu (Backtrack > Information Gathering > Network Analysis > OSINT Analysis > creepy) the starting creepy window will show in the taskbar however it simply disappears after a couple seconds without any action. If you investigate the menu item you will see that the menu item executes…
The below code snippet was used to add SSH users to RackSpace cloud CentOS Linux nodes being used as application servers and managed via RightScale. The SSH users were required during a testing phase so they could look through logs and make modifications to specific configuration files, etc. There are three things that have to…
The other day I needed to create a RightScript shell script that would update a couple configuration files on a server that was being launched in the RackSpace Cloud via RightScale. I decided to use SED to find and replace content within the configuration files. The first pass at the script failed because what I…
So earlier today I noticed a discrepancy in traffic to question-defense.com and because of a previous incident I knew exactly where to look. Sure enough a similar attack had been performed which we are coining Search Engine Click Jacking. In this case we are sure that a single files permissions were left open and the…
Earlier tonight I created a little script that will run in cron on a Linux server. The script counts the number of directories and files in a specific directory and if the count is above Y then it deletes directories and files older than X number of days. In the example script below the number…
Earlier today I was troubleshooting some resource issues on a PostgreSQL server and needed to test some various SELECT statements to see if any of them were causing problems. I also wanted to verify the amount of resources a SELECT statement made using PGAdmin versus the amount of resources the same SELECT statement used running…
I have had a lot of questions lately about making patches. On Backtrack we get a lot of user submissions and many times we need a patch rather than a modified source file. The reason being is that a patch can be documented and contains the specific changes made to the source file and can…