Archive for the 'internet' Category

This is sort of like a timeline

March 8, 2008

So much can change in just one page.

Maybe I should update my wordpress.com blog more often. I usually get more comments here, and the people are generally smarter.

Advertisements

I am the wordpress.com helper monkey

June 1, 2006

I enjoy helping out the wordpress.com .

Whether it be pointing out terrible writing topics (eg: celebrity gossip), guiding people on how to properly live their lives (eg: that microsoft guy wasting his time in a commitment that is destined for failure), or helping the admin team kink out bugs and security flaws, it all makes me feel warm inside.

My latest discovery for the wordpress.com admin team was an XSS bug in a part of the website that I won’t disclose right now. I just sent out the report, and I’m happy to have helped.

Helping people is fun. I usually work for cheap, and often do things completely free of charge.

That’s about all I have to say for now. Have a nice day, folks.

America’s Intelligence can be gauged by 0day Piracy

May 26, 2006

With access to all the newest pirated software, and media, I have a birds-eye view of trends in software, music, television, film, and just about anything which holds value, and can be distributed electronically.

In recent days, I have come to realize that the intelligence of america can be gauged by the 0day software that’s released on a daily basis. For those of you who are unfamiliar with 0day, go read this.

Almost weekly, a new program to log instant messages is released. That’s right, weekly. By interacting with some of my more stupid friends, at least once per week one of them asks me for a program they can use to check up on their girlfriend, and every time I tell them to just break it off, because they aren’t ready for a commitment. I could give them these applications, but it’s an invasion of privacy, and it’s not necessary. With the number of requests I get for these applications, I must assume they are in high demand.

The companies who make these programs are just providing the market with what they demand, but it’s just unethical, and stupid.

I’m sick of writing for now. More will be written in the future.

internets lol

March 19, 2006

hey kids,

i quit posting so much here, cause the thing got so big, and less small.

visit my regular blog at http://imikey.com

Laterios kids.

Spam Injection

December 8, 2005

In these past two weeks, three of our hosting client websites have been exploited by a new, and common security hole among Contact Forms.

The attack itself is extremely simple. Simply stick \n or \r into the “subject” or “your email” field in an email to create a new line, then bcc in the rest of your comma-delimited email addresses in. Then when you submit the form, all of those bcc’d in email addresses will recieve the message that was intended to only be recieved by the you.

What spammers are doing is exploiting the above hole, and sticking their own spam into the ‘message’ field, and sticking their database of emails into the bcc field.

What can you do to stop this stuff?

1) Image Verification
Many of these exploits are run on a reutine basis by bots. Bots can’t usually detect what’s in an image, let alone one that is written on an angle with different colors throughout the pattern of letters. Require a user enter a string of letters he would have to read off of an image to send out his message.

2) Complicated PHP Code
Here’s some complicated php code that can be used to stop this kinda thing, you will need to edit some variables to fit your form:

if (preg_match(’ /[\r\n,;\’?]/ ‘, $_POST[’email’])) {
exit(’Invalid email address’);
}
else {
//code to send the mail
}

3) mod_security
mod_security is an addon module for apache that is made for filtering out all kinds of attacks. SQL Injection, XSS, and it can even filter out this kinda attack. Just add this into your mod_security configuration:

SecFilterSelective POST_PAYLOAD "Subject\:" chain
SecFilterSelective ARG_Bcc ".*\@"
SecFilterSelective POST_PAYLOAD "Subject\:" chain
SecFilterSelective POST_PAYLOAD "\s*bcc\:"
SecFilterSelective ARGS_VALUES "\n\s*bcc\:.*\@"

4) Multi-part forms
If they have to go through 3 or 4 pages to exploit your script, this is going to lessen the likelyhood of a bot-based attack.

Many many many many many scripts are vulnerable to this attack. Take care of your websites, will ya people?

Customizing the squid forwarded_for header

November 7, 2005

Tonight, I got bored so I decided to look into hacking my squid to send a custom value with the forwarded_for header.

After searching around for a while, I found no guides. I had previously talked about this with some friends, and we discussed that squid sends back “unknown” if the user turns off forwarded_for in squid.conf . I wasn’t sure if this value was interpreted by the remote server, or squid. I made sure to rememember the idea for a later day.

Tonight, I downloaded squid squid 2.5 stable and see how easy it could be. Suprisingly, it wasn’t hard at all, and i was able to find it in less than 10 minutes.

If you open up your squid-2.5.STABLE12/src/http.c and scroll all the way down to line 962, there you will see:

/* append X-Forwarded-For */
strFwd = httpHeaderGetList(hdr_in, HDR_X_FORWARDED_FOR);
strListAdd(&strFwd,
(((orig_request->client_addr.s_addr != no_addr.s_addr) && opt_forwarded_for) ?
inet_ntoa(orig_request->client_addr) : "unknown"), ',');
httpHeaderPutStr(hdr_out, HDR_X_FORWARDED_FOR, strBuf(strFwd));
stringClean(&strFwd);

Pay close attention to

inet_ntoa(orig_request->client_addr) : "unknown"), ',');

Simply change the “unknown” value to whatever value you want. It can be 127.0.0.1, 0.0.0.0, 911.911.911.911, or even “banana”, you can insert whatever the hell you want into that section, and it will send that value with the x_forwarded_for header.

After changing the file, ./configure, make, and make install. You’ll need to edit your squid.conf and turn the “forwarded_for” value off in order for the hack to function.

How is this useful? By default, squid will send back your actual ip address if forwarded_for is not disabled. If it is disabled, it will send back “unknown”. There is no way to customize the header via squid.conf. So, this is an excellent solution. Some websites check the x_forwarded_for header, if you want to screw with the administrator, you can change that value to the actual website you’re visiting.

There isn’t a way to change the remote_addr value because that value is interpreted by the remote server.

what the…

October 25, 2005

Going through my wordpress.com blog referers, somebody actually came to my blog while googling ‘meet the people at burger king in lakeville’

Going to that page of search results, I managed to be the 7th result on the first page.

Is this some kind of message? There is a lakeville town a few towns away. I’m not sure if there’s a burger king there, But there probably is.

Why the hell would somebody even be searching for that? Is there some promotion going on at a burger king somewhere in lakeville where you can meet some people?

Why god why?

If you were the person searching, please let me know what you were looking for.

Owen Winkler is a busy man.

October 25, 2005

yeesh.

fucking isn’t cheating

October 22, 2005

Hello People,

I am still sick.

Haven’t been out since monday.

I’ve been drinking theraflu, nyquil, and this tyonal flu medicine. I also got some cough drops. The theraflu seems to help, the cough drops make me cough more, and the nyquil just gives me a buzz that can only be beat with things that require a prescription.

DSL is providing me with good entertainment. I’ve downloaded a whole bunch of new albums, some new applications, and some other neat stuff.

I’m running out of hard drive space here. I’m gonna move some stuff over to my other hard drive later tonight. I’m thinking about buying a 300gb hard drive from newegg or tigerdirect.

That’s all for now. See ya later people.

Last Night’s Dream

October 20, 2005

It seems whenever i take some kind of medicine before going to bed, I have some really far out dreams.

Last night’s dream was very strange. Somehow, adobe included software that dialed to their central offices for logging of installations, as an anti-piracy effort. Well, their software actually scheduled itself to dial in the middle of the night, to make it so that nobody noticed.

Well, I guess i missed that when installing their product, and was actually caught as a result of it.

So, I came up with a plan to pretend my computer was hacked. So, i called up to their offices, and tried to convince their support people that my computer was actually hacked. When i got on the phone with somebody, he told me to save my story for the cops, because they would be at my house in a matter of minutes.

I wasn’t awake long enough for the cops to get to my house. But i did try coming up with a plan to format, but i was afraid the cops would think i formatted my comptuer on purpose. I was really worried, because i thought they could just subpoena my ISP’s router logs to find out what i was really doing.

The whole thing was very very strange