Where is Sysprep in Vista?

In previous versions of Microsoft Windows, the System Preparation Tool (sysprep.exe) was found in the Deployment.cab file on your product CD. If you’ve examined the Vista DVD however, there’s no such cabinet file present.

So where can you find sysprep now? Turns out, it’s included in the operating system itself now at the following location:

%windir%\system32\sysprep\sysprep.exe

You can run the tool either from the command line using various switches (type sysprep /? to learn more about these) or you can double-click on the executable and run the GUI version of the tool.

Source: Windows Networking

Posted in Networking, Windows | No Comments

Linux: Windows Made Hard

For the past few months, we’ve shown how Linux has emerged from its early murky reputation of being cool to have but impractical to use. And there’s no question it’s refreshing to use an entire desktop system with nary a Microsoft or Apple product. But as some of our readers have pointed out, Linux is still finicky, particularly if you’re used to Windows. Here we look at two of the mundane tasks you’ll find much harder on the open-source OS—assuming you already know Windows, that is.

If you’re interested in some usability data on the differences between Windows and Linux, check out Relevantive’s very good report, published in August 2003 (opens PDF). Interestingly, the study shows that at the time Windows XP was easier to use, but only slightly. Since then, Linux has improved, while the jury is still out on whether Windows, with the release of Vista, has done the same.

Most five-button mice are a snap to reconfigure in Windows. Just open the Mouse applet in Control Panel and configure as you like. In Ubuntu , however, the story is different. The Mouse Preferences applet, available from the System | Preferences menu, is a stripped-down utility that assumes a two-button mouse and doesn’t get any richer if you have more buttons.

Read the rest of this story…

Posted in Linux | No Comments

Windows XP Service Pack 3 RTM Screenshots

Microsoft released Windows XP SP3 to manufacturing today: Check out the first XP SP3 RTM screenshots!

Click here for the screenshots…

Posted in Windows | 2 Comments

Deciphering the PHP-Nuke Captcha

The Captcha used in the current version 8.1 of PHP Nuke can be deciphered with 100% accuracy. more information can be found here:

http://www.rooksecurity.com/blog/?p=6

Exploit Code: http://www.rooksecurity.com/exploits/php_nuke_captcha.zip

What is so interesting about this captcha is that it is incredibly wide spread. Variants of this captcha are being used by big names like Paypal. This particular captcha is used for the forgotten password feature. There are few differences between this captcha and the one i broke. For one the background is a different image. The captcha is also using alpha-numeric which would mean 36^5 = 60466176 possibilities

My attack against PHP-Nuke is taking advantage of the fact that there are only 10^6 or a 1,000,000 possible combinations of this captcha. It only takes a few minuets to calculate all possibilities. I am storing the results in as a md5 hash in a SQL database for speed. The entire SQL table needed to crack this captcha with 100% accuracy takes up less than 43 megabytes. After the table is generated it take only a few seconds to crack a captcha. This is a time-memory trade off very similar to Rainbow Crack. Let me be very clear that I am not relying on MD5 for security and in fact a faster and much less secure message digest function like Tiger is better suited for this task. MD5 is being used as an attack tool because it saves a lot of space and time verses storing the entire image in the database.

Source: Bugtraq

Posted in Coding, Internet, Security, Software | No Comments

The Snare Of Unauthorized Requests

Almost everyone knows what CSRF or better unauthorized requests are. I never really embraced CSRF as the correct term for unauthorized request issues, because the term is outdated and inadequate to contemporary hacking. For me, an unauthorized request is the layer or automation of a hacking procedure without direct interference of the hacker. I usually illustrate this by comparing unauthorized requests to a trap, or snare utilized by survivors or hunters. It is automated to catch, and the victim will trigger his own capture due the the automation. There isn’t a lot of skills involved here, it is easy to set up. The only thing an attacker needs to do is wait.

Webapplication vulnerabilities.

Most vulnerabilities are due to unauthorized requests being made. Almost all cross site scripting attacks are only useful when a unauthorized request is made. In order to do something more useful than to print alert boxes, attackers need to make remote, or non-same origin requests. Like logging cookies, phoning home, or requesting a worm. SQL injection can be achieved also by unauthorized requests due to the fact that it’s a verbatim GET request. When I am very strict, I’ll even say that SQL injection is also request abuse of the programming layer. In this case, the program of software is the victim of unauthorized requests. Even many vulnerabilities that are designed to exploit browsers do sometimes rely on unauthorized requests in the architecture of the browser, like calling system function or simply browser internals which should not be exposed in a secure browser.

So CSRF or unauthorized requests are multi-dimensional, and can appear in any place. It’s very important to understand the notion that it is only a distribution layer for the actual payload. Whether it be session stealing, cookie stealing or a complete automated reconfiguration of your router. The attack is automated, instead of directly targeted like most network attacks are. With this in mind, I like to stress the importance of the distribution layer instead of it’s payload. Without distribution, the payload cannot be transported. Hence the distribution layer must be flawed. Preventing unauthorized requests should be the focus in web application security, because we can continue to invent new rules, signatures, and vectors, but as we all learn that is an arms-race which is very difficult to win, and it won’t stop unknown attacks yet to be invented.

Read the rest of this story…

Posted in Internet, Privacy, Security | No Comments