The DNS protocol has some time, the RFC which define it, 1034 (concepts and facilities) and 1035 (implementation and specification) are from 1987 and like in all the protocols of that time, security in the comunication wasn't a priority, anyone sniffing the network can see which domains visit everyone, let alone the providers of the DNS service, but it has little solution in the short run, Internet depends on this name sistem and there isn't another better with the required infrastructure, right?

Well, it seems that the Tor SOCKS proxy interface offers a non standard option (point 2) which allows to use this network to resolve names, this functionality can be accessed from the command line through tor-resolve, this capability can be exploited to build a private DNS server which don't filter the domain name lookups to the network.

Using Twisted is simple to build a this DNS server to use the Tor network as a resolver backend (is going to be limited to the A and AAAA records), this is implemented in Onion-dir (At Gitorious | At Github).

This may be used adding the parameter DNSPort 53 to the /etc/tor/torrc file, the performance may look like an issue but after testing it the results were pretty good, to a local bind9 server it takes ~52s to solve every IP from the "100 most popular webs" and Tor does it in ~58s (both times with the cache empty), with cached results it takes ~2.8s for both.

But there is some problems looking up domains like _xmppconnect.gmail.com, the Google XMPP server, domains which on the other hand actually doesn't exists.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

$ dig @8.8.8.8 _xmppconnect.gmail.com

; <<>> DiG 9.8.1-P1 <<>> @8.8.8.8 _xmppconnect.gmail.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54080
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;_xmppconnect.gmail.com.        IN  A

;; AUTHORITY SECTION:
gmail.com.      60  IN  SOA ns1.google.com. dns-admin.google.com. 1523590 21600 3600 1209600 300

;; Query time: 87 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Jun 14 19:44:34 2013
;; MSG SIZE  rcvd: 97

And that seems the main problem left...

Based on the GtkSourceView one, just add it to the configuration and call (cobalt-theme).

Code:

Ler máis…

Ever wondered how a vulnerability scan is seen from the server? Well, not very quiet :P

In real time, if every ball represents a petition, the ones who bounce are the one answered succesfully and the other ones do not:

Visualized with logstalgia

Some weeks ago I looked at some configuration management tools like chef, puppet and salt, but I gave up when noticed that a server side agent was required.

Fast-forward to this saturday, at the hackmeeting there was a talk about ansible, a tool for this purpose written in python. I didn't attended the talk but today I looked the website

Ansible is a radically simple IT orchestration engine that makes your applications and systems easier to deploy. Avoid writing scripts or custom code to deploy and update your applications— automate in a language that approaches plain English, using SSH, with no agents to install on remote systems.

That looks really, really good, I'm testing it now and works great, it may be what you where looking for :P.

Takes the zombie parent process id as parameter and uses GDB to waitpid them surely it'll need root.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

#!/usr/bin/env bash
# Kills zombie process spawning from a parent PID

# check parameter number
if [ -z "$1" ];then
    echo "$0 <zombie parent pid>"
    exit 0
fi

# assign reasonable names to variables
ppid=$1
fname=`tempfile`

# GDB instructions
(for zpid in `ps h --ppid=$ppid|grep -P '^\s*\d+\s+[^ ]+\s+Z'|awk '{print $1;}'`;do
    echo "print waitpid($zpid, 0, 0)" # wait for each zombie
 done
 # and detach
 echo "detach") > $fname

# launch GDB
gdb -batch -p $ppid /proc/$ppid/exe -x $fname

# and cleanup
rm $fname

Ler máis…

After using the perl WebService::Dropbox library for some time to manage (because of external factors) this service without having to resort to privative software, I guess someone may find it usefull, so here it is:

At Gitorious | At GitHub

Ler máis…

Sometimes may be useful to detect a text language, *NIX systems usually have a directory containing the mostly used words of various languages, simply comparing the numbers yielded from checking which words of the text appear there seem to give a significative number regarding which language the text is written in.

Ler máis…

Últimamente encuentro bastantes sítios de humor por aquí dejo los que he encontrado (dádle al título del post para ver las imágenes):

• Infosec Reactions “Sólo lo toque y la aplicación se cayó sola”

• Devops Reactions “Desarrollando sin especificaciones”

• the_coding_love(); “Cuando llega un informe de error el viernes a las 4”

• The Joys of Code... aunque este tiene alguno que puede sentar mal

“Cuando los compañeros intentan explicar por que deberíamos programar en Java”

• r/Programmer Humor

1

saveurl() { cat > /dev/null; } # Save a url for reading later when you "have time".

Hace un tiempo vimos como escribir un sencillo antidebugger y como esquivarlo, en ese momento lo evitamos eliminando la llamada a ptrace directamente del binario, ahora veremos como "cazar" la llamada y reemplazarla por la nuestra propia sin tener que tocar el archivo.

Priemero crearemos un archivo con la función que lo reemplazará

Ler máis…