Hello, welcome, and welcome back to those who have came before. I am going to go over a simple technique to create a modal window that i have personally tested in Internet Explorer, Firefox, Safari, and Google Chrome. Its mostly CSS but we use jQuery to toggle the show/hide of the modal windows. Its really clean and simple but it has some neat CSS3 goodies such as rounded corners and a drop shadow effect. Play with its settings a little bit and you will learn how it works easily. It opens dead center of the screen with absolute positioning and it wouldn’t be hard to adapt more functionality like making it drag capable or adding a title bar.
Chinese Espionage Exposure and Analysis by TechMeOut.TV
So the media has been popping with the usual allegations that the Chinese are spying on our government. Well, that is not something surprising at all. Every government that is a smart government would be doing the same thing. The information available in cyber space is to valuable not to.
What I did find surprising was the methods acclaimed to being used by the Chinese. I have been familiar with Trojans and RAT client to server hacking methods for a long time(10+ years). Often times in the past, I would experiment by infecting one of my home computers with a Trojan or RAT and see if I could access it remotely. It was always fun to have different anti-viruses installed to see if any of them would pick it up. What’s scary about this method is that its incredibly basic.
When an undetectable Trojan or RAT software gets introduced to one computer on a network, it is easy for it to spread to other hosts on the same network. The major problem with our government officials is that they are not tech savvy at all. The government issues them a laptop and provides them a stupid security training video that 90% of the staff will just repeatedly click next until its over.
Most of the time the infected computers aren’t going to be accessed while they are on the government network because network equipment would, or should pick up the traffic. Firewalls should be used to only allow certain traffic into the government network, but I question the amount of filtering being done for outbound traffic. If outbound traffic is allowed, then the infect machine could be sending data outbound at all times even while on the government network or any network really. Additionally, there are methods out there for reverse shell connectivity where the victim gets infected with a client file, and the attacker installs the server software on their machine. Then instead of the attacker connecting to the infected machine, the attacker machine is listening on a given port and the infected machine phones home to the attacker by connecting to them over that port.
Another problem is that its not uncommon for someone who works for the government to legitimately transfer files to and from the work network so security experts often overlook or miss things.
Other then infecting government officials issued laptops, attacks could hit server equipment, no? The government has powerful server equipment and some of it is public facing. I am interested in finding out more information on whether or not the Chinese government attempts to exploit outdated server software on our governments servers.
PHP IP Lookups via Quova Neustars IP Intelligence API
These days as a website owner we see tons of malicious activity on our sites daily. From people trying to perform MySQL injections that give them access to sensitive data, to application vulnerabilities, to tons and tons of contact and comment form spam. When it comes to the spam piece you can always put in a CAPTCHA method that verifies its a human and not a bot, but unfortunately some people are willing to pay for these to be solved automatically. The MySQL injections and application security pieces are real important to protecting your content and the server it runs on.
The information available to web owners for every visit they get is limited but with an I.P. address we can do some digging. Sure, the professionals out there who know what they are doing will likely spoof their address by putting a proxy in front of them, but for those who don’t, we can find where they are down to the zip code! One thing I do on some of my sites that get the most traffic is log IP addresses. I want to know what people are requesting and where they are requesting it from. You will notice sometimes long stringed out URL’s with MySQL syntax in them…. This is bad! This means that people are actively trying to exploit your code by doing a MySQL injection.
So how do we find out where they are? Their are several services out there that do I.P. look ups but I am going to go with Quova. Quova was obtained by Neustar in 2012 I believe, and can trace an I.P. address to its geographic extended zip code. It isn’t 100% guarantee to know where the IP is, or have the correct location, but its damn close to it.
Categories: Uncategorized. Windows Active Directory ldapsearch, and ldapmodify Usage from Linux + PHP
So in a recent project of mine, I had to utilize the ldap commands from a linux server to make modifications to a Active Directory tree. I implemented this by using PHP’s exec() function that essentially allows you to run commands on the server in the background. So a user would do an action on the front-end application that would trigger the exec function with its parameter containing an ldapserach,ldapmodify,ldapremove, or ldap add.
ldapsearch -x -h 'example.techmeout.tv' -b 'CN=Hansen\, Kevin,OU=Employee,OU=User-Accounts,DC=domain,DC=techmeout,DC=tv' -D 'example\Admin' -w 'examplepass'
So in this example, I am running an ldapsearch against my example.techmeout.tv active directory server. I am searching for a user with the name “Kevin Hansen”. The administrator account I am using has a username of Admin and a password of examplepass.
Project Pier 0.88 Review
Software: Project Pier
Description: Project Management Freeware
Version: 0.88
Website: http://www.projectpier.org/
Requirements: Apache, PHP, MySQL
I was brought aboard a new venture recently that is still not even in the prototype development stage. So in this new venture, I decided to start researching some good project management based software that we can use to organize and stay on track. There are many options out there but I was looking for something… well… free!
Its been a while… said the RHCSA
It has been a while since I have posted to TechMeOut’s blog but I cannot apologize because I have made some great achievements and progress on many venture fronts. One of those fronts which is non technical, i quit smoking! I have 29 days without a cigarette and I am craving one so badly every 5-10 minutes still.
Just this last Friday I obtained my RHCSA certification so as you all can imagine I have been studying a lot lately.
I finished my semester at Strayer strong and I am onto the next.
Categories: TechMeOut News. RHEL6/CentOS VM Installation and Network Configuration/Apache Server via VirtualBox
Hey everyone. Kevin here again with TechMeOut.TV
I just started a new video series today on RHEL(Redhat Enterprise Linux) and I will continue to do more and more linux related videos to keep my skills up and hopefully in the process I can assist others with there learning.
Today’s video we dive right in to setting up a Linux VM, configuring its virtual network interface, setting up an apache web server, and allowing port 80 connections in the iptables.The
The Danger of WEP Encrypted Networks
Most people in the IT industry are aware of how easy it is to crack a WEP Encrypted wireless network. Most people have no idea what WEP is and just know that there wireless requires a password and they think that its enough. A major problem is the fact that Internet Service Providers come to our homes and setup our internet, and don’t take the extra 2 minutes to really secure peoples networks. I really wanted to stay away from creating a video showing people how to crack WEP encryption and break into peoples networks but I have come to the realization that the information is readily available all over the internet at this point. If the bad guys want to do it, the instructions are available. I created this short flick and posted it to YouTube just to show people its possible and how easy it is. I am not in the business of helping bad guys, so there are no instructions included in the video and I will follow up with a video on how to protect your network and why its important to protect your network.
PHP Google Places API Example
So, recently while working on a project I needed to gather large amounts of businesses in a particular city in the United States. A lot of websites out there offer databases or comma delimited files containing this data, but I wanted it for free. Fortunately for me, Google has an API that has all the data we need and more. It has business name, address, phone number, website, rating, and some even have reviews we can parse. Google limits API users to 1 thousand queries per day unless you pay for more. Seeing as I want my website to allow more then 1k searches per day, I was faced with writing a script that would parse the places, check if they exist in our database, and if not, add them. That way every visitor or person searching my site would be querying our local MySQL database and not hitting the Google API using my 1k limited API key. So with this method, I can pull 1k listings into my database everyday. To get more places into my database daily, of course I can create multiple API key’s.
C++ Writing to Memory to Cheat in a Singleplayer Game Starcraft II
So yesterday I posted a video and a little article about how to find memory addresses and write to in Cheat Engine, today I am going over how to write a program in C++ that does the same thing. We will find our address in Cheat Engine that we want to write to, then write our console program in C++ to overwrite the value that the address holds. Diablo III servers are in maintenance for patch 1.0b so I will be running this tutorial on Starcraft II and we will be changing the amount of minerals we have in the game. I am running Starcraft II and Cheat Engine 6.1 in a Windows 7 64bit environment.