Monday, November 30, 2009

Input Validation Attacks

Input Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.
The most common input validation attacks are as follows-

1) Buffer Overflow :- Buffer overflow attacks are enabled due to sloppy programming or mismanagement of memory by the application developers. Buffer overflow may be classified into stack overflows, format string overflows, heap overflows and integer overflows. It may possible that an overflow may exist in language’s (php, java, etc.) built-in functions.
To execute a buffer overflow attack, you merely dump as much data as possible into an input field. The attack is said to be successful when it returns an application error. Perl is well suited for conducting this type of attack.
Here’s the buffer test, calling on Perl from the command line:
$ echo –e “GET /login.php?user=\
> `perl –e ‘print “a” x 500’`\nHTTP/1.0\n\n” | \
nc –vv website 80
This sends a string of 500 “a” characters for the user value to the login.php file.
Buffer overflow can be tested by sending repeated requests to the application and recording the server's response.

2) Canonicalization :- These attacks target pages that use template files or otherwise reference alternate files on the web server. The basic form of this attack is to move outside of the web document root in order to access system files, i.e., “../../../../../../../../../boot.ini”. This type of functionality is evident from the URL and is not limited to any one programming language or web server. If the application does not limit the types of files that it is supposed to view, then files outside of the web document root are targeted, something like following-
/menu.asp?dimlDisplayer=menu.asp
/webacc?User.asp=login.htt
/SWEditServlet?station_path=Z&publication_id=2043&template=login.tem
/Getfile.asp?/scripts/Client/login.js
/includes/printable.asp?Link=customers/overview.htm

3) Cross-site Scripting (XSS) :- Cross-site scripting attacks place malicious code, usually JavaScript, in locations where other users see it. Target fields in forms can be addresses, bulletin board comments, etc.
We have found that error pages are often subject to XSS attacks. For example, the URL for a normal application error looks like this:
http://website/inc/errors.asp?Error=Invalid%20password
This displays a custom access denied page that says, “Invalid password”. Seeing a string
on the URL reflected in the page contents is a great indicator of an XSS vulnerability. The attack would be created as:
http://website/inc/errors.asp?Error= That is, place the script tags on the URL.

4) SQL Injection :- This kind of attack occurs when an attacker uses specially crafted SQL queries as an input, which can open up a database. Online forms such as login prompts, search enquiries, guest books, feedback forms, etc. are specially targeted.
The easiest test for the presence of a SQL injection attack is to append “or+1=1” to the URL and inspect the data returned by the server.
example:- http://www.domain.com/index.asp?querystring=sports' or 1=1--

Thursday, November 26, 2009

Troubleshoot – Computer Restarts at Windows XP Loading Screen

One of my friend’s laptop recently got this strange problem of restarting at the windows loading screen. Now this was a unique problem since I couldn’t tweak any of the windows settings without first getting into it, and in this case, this was impossible. After a few hours of research I concluded that the trouble is caused by damaged kernel32.dll file, so I simply extracted a new copy of kernel32.dll from the windows xp cd to my friend’s laptop and it started working fine again. Here’s a step by step procedure to do the same-

1. Start the recovery ronsole from the windows boot options menu. If you don’t have the recovery console installed, then start the recovery console from windows xp cd, like this,

a. Insert the windows xp cd into the cd drive and restart the computer to boot from this cd.

b. Follow all the prompts during the text based part of the windows xp setup. Choose recover or repair option by pressing R.

c. Type the administrator’s password when prompted.

2. Now you will be at command prompt. Type cd system32 and press enter

3. Then type ren kernel32.dll kernel32.old and press enter

4. Now type map and then press enter.

5. Now note the drive letter that is assigned to assigned to the cd drive that contains the windows xp cd. It will be displayed in a format similar to this,

D:\Device\CdRom0

6. Type

Expand D:\i386\kernel32.dl_

where D is the drive letter of the cd drive that contains the windows xp cd. This may be different for your computer. See the output of step 5 to find out what is the drive letter for your computer. (Also, note the underscore character after the “l” in kernel32.dl_)

The following message will be displayed after the above command,

Kernel32.dll, 1 file(s) expanded.

7. Type exit to restart the computer.

Hopefully this will solve the problem of computer restarting at the loading screen. If not, then use comments below to post your special case.

Increase Life Span of Your Laptop’s Battery With Proper Calibration

The life of the laptop’s battery depends upon multiple factors. One of the most important factor is the system you follow to charge the battery and how it gets discharged. Its like memory in the battery. The battery retains your habits of charging/discharging and after some time, it is never fully charged or discharged.

For instance, you will notice that when you purchased the laptop the battery lasted for around 2 hours, but now it lasts only for around 45 minutes. This is because, you probably keep the laptop connected to power cable for long intervals of time and the battery has forgotten its ability.

To restore its capability a complete charge and discharge cycle is required. This is called battery calibration. You should calibrate your laptop’s battery at least once in a month to prolong its life and mileage.

How to Calibrate Laptop’s Battery

1. First charge the laptop’s battery to 100%.

2. Assuming that you are on windows, Go to Control Panel > Power Options. Now change the hibernation settings such that the laptop auto hibernates when the battery level reaches 4%.

3. Now use the laptop normally until it auto hibernates.

4. Now leave the laptop alone for at least 5-6 hours.

5. After this, charge the battery again to 100%.

That’s it. Calibrate your laptop’s battery once every month to increase its life span.

Important Note - This method of calibration works only if your laptop uses Ni-MH cells in the battery. If your laptop uses Li-Ion battery, then DON’T USE this method as it will decrease the life span of your Li-Ion battery. Check your laptop’s manual to find out the battery type.

How To Turn Off Laptop’s Monitor Without Affecting Any Running Programs

Its almost impossible to turn off laptop’s monitor without putting it into hibernate/standby mode. But the problem with this is that you can’t run any programs while in hibernate or standby mode. So, how to turn off laptop’s monitor without affecting any running programs?

Use MonPwr Utilty

MonPwr is a freeware utility that lets you turn off your Laptop’s monitor. You just need to click a button and the monitor will turn off. To turn it on again, press space or enter key. When you turn off the monitor using MonPwr, the processes running in the background are not affected. The current version of MonPwr is compatible with all versions of Windows.

Download MonPwr

Use Dark – A Light System Tray App

Dark is a small and lightweight application that lets you turn off your laptop’s monitor by double clicking its icon in the system try (or notification area).


Its an open source application which is written using .NET platform. Its compatible with Windows XP and Windows Vista.

Download Dark

Conclusion

You can use any of the above tools to turn off your laptop’s monitor. Unfortunately both these application work only if your laptop is running Windows OS. If you know about any similar app that works on Linux or Mac, then do let me know using the comment form below.

Enjoy!

Saturday, November 21, 2009

Two Ways to View All the Passwords Stored in Firefox

Whenever you type a password in a web form, for instance, while logging into Gmail, firefox prompts to ask you if you’d like to store this password,

If you click on the Remember button, firefox remembers your password and auto fills it the next time you open the same web page. But do you know that it is very easy to view all these passwords in plain text format. So, anybody with physical access to your computer can easily crack (read?) all your passwords. Following are two ways to do this-

1. This method doesn’t require any third party software. Simply open the firefox and go to Tools -> Options , and click on the security tab. Under this tab click on the Saved Passwords button.

Now, in the saved passwords window, click on Show Passwords button. You’ll instantly see all the password saved by you in the firefox.

This method displays passwords stored only by the current profile of firefox. If you want to see the passwords by another profile, then start firefox with that profile, or use the second method.

2. This method is even more scary. You will be able to view all the passwords stored by all the profiles of firefox, from the same window.

This method involves use of PasswordFox. This is a small program which doesn’t even needs installation. Simply download it from here, and run the executable PasswordFox.exe. The main window of the program will instantly display all the usernames and passwords stored by firefox.

To view the passwords stored by other profiles, click on the folder icon on the program window, then click on the browse profile folders button and choose appropriate profile.

So, next time, think twice before clicking on the Remember button.

Find all the passwords stored in Google chrome

Nirsoft has released a great tool using which you can view all the usernames and passwords stored in Google chrome for your website logins. Just download chromepass, and simply run the executable file. No installation is required. On running chromepass, it displays origin URL, action URL, username field, password field, username, password, and the time at which this information was stored in chrome.

Get all passwords stored in chrome!

To export any one or more items from this output, simply select them and save them as plaintext, html or xml file or you can simply copy them to clipboard. Currently only windows version of chromepass is available.

Running chromepass on command line

You can also use chromepass on command line. Following is the complete list of commands supported.

/stext Save the list of passwords into a regular text file.

/stab Save the list of passwords into a tab-delimited text file.

/scomma Save the list of passwords into a comma-delimited text file.

/stabular Save the list of passwords into a tabular text file.

/shtml Save the list of passwords into HTML file (Horizontal).

/sverhtml Save the list of passwords into HTML file (Vertical).

/sxml Save the list of passwords to XML file.

Translating ChromePass to other languages

You can also translate chromePass to languages other than English using the following process,

Step 1. Run chromePass on commandline with /savelangfile parameter like this,

ChromePass.exe /savelangfile

doing this will create ChromePass_lng.ini folder where chromepass.exe is located.

Step 2. Open ChromePass_lng.ini in notepad or in any other text editor.

Step 3. Now translate all the strings in this file to desired language using any online translation tool.

Step 4. After the translation, simply run chromepass again, all the translated strings will be automatically loaded into it.

If for some reason, you don’t wan’t this translation again, simply delete or move ChromePass_lng.ini.

You can download chromepass here.

That’s it. Enjoy!

Enable Select, Copy and Printing on Restricted PDF Documents

You must have come across pdf files that are distributed with restrictions such as the following,

  • You cannot select text from the pdf file.
  • You can’t copy text from the file even though you can select it.
  • You can’t print the pdf document.

These restrictions are implemented by the pdf creators to protect their work from content thieves. However, these restrictions are really annoying sometimes. You can easily remove all these restrictions using this free web based tool, pdfpirate.

How to Remove Restrictions From PDF Documents Using PDFPirate

1. Go to pdfpirate and upload the pdf document that is restricted.

2. Now pdfpirate will scan the document and all the restrictions from the pdf file will be removed instantly. You can then download the pdf document.

That’s it. Note that pdfpirate won’t work on password protected pdf files.

Enjoy!