Haroon Meer
SQL Server 2005 – Where the $%#@ is that stored proc ?
While doing some prodding on SQL Server, i came across this newness (of course this is probably old hat to many SQL2005 dba’s)
Essentially i was tryign to track down something in sp_addserver.
The source of this stored proc [System Databases\Master\System Stored Procedures\sys.sp_addserver] showed that another stored proc called: sys.sp_MSaddserver_internal was being called.
For the life of me though, i could not track down sys.sp_MSaddserver_internal.
Turns out the answer is reasonably well documented [SQL Books Online], with 2005 – MSFT moved stored procs / and friends into a readonly hidden db. This can be made visible by copying the physical .mdf files and attaching them. [Process reasonably documented on the interwebs if you know what to search for]
What? no comment on the DNS thing ??
Mostly we have stayed silent, because too many people have commented too much already.. It was interesting however how Ptacek was quite deftly forced to eat his words by a Dan Kaminsky phonecall..
The “ill tell everyone all during my Vegas talk” angle is an obvious way to pack the room.. but hey, cheaper tricks have been pulled to pack rooms in the past.. [and if anyone didnt need help packing a room, its dan.. he has a cult following]
Forget the python vs ruby discussions..
Cause this puts Perl right back in the game!
-snip-
> sudo perl -MCPAN -e shell
cpan> install Acme::LOLCAT
install — OK
> cat demo.pl #!/usr/bin/perl
use Acme::LOLCAT;
print translate($ARGV[0]);
> ./demo.pl “Im going to run all emails through this before sending”
IM GOINS 2 RUN ALL EMAILZ THROUGH THIZ BEFORE SENDIN
-snip-
ahhh.. MUH WORK AR DONE HERE
A blog that hasnt mentioned the OSX priv escalation bug OR Firefox3 ???
well.. 50% right..
But im not going to talk about FireFoxs record breaking download, or the bug that was released in record time.. but want to point you at Andy Inhatko’s review of Firefox3. Andy is old school mac diehard, and is a regular on the MacBreak podcast but says:
“But with 3.0 . . . well, we have a victor. Firefox 3.0 should be your default browser, starting right now.”
Very decent Security Podcast..
I am probably one of the last ppl around to discover this, but ill post it here for the (probably) 2 other ppl in the world who have yet to stumble upon: Risky Business.
Its pretty hard to find good quality security podcasts without some pretty sad signal to noise ratios (or adverts on spinwrite) but risky business is def. a keeper..
i downloaded a few older episodes to help me through a long drive this weekend, and was very pleasantly surprised.. if u have not yet added it to your podcatcher.. u probably will..
Carpet Bombing and eating Crow…
The recent Safari Carpet Bombing bug reported by Nitesh Dhanjani and ignored by Apple had all the makings of an egg-on-face incident. We were discussing it over foosball, and the obvious consensus was “if a line starts with: “thats not exploitable, its only..” then odds are you are wrong..”
But.. lots of people quicker and smarter than me [1, 2, 3] blogged (or twittered) about why this was a silly approach for apple to take..
This has nothing to do with anything technical..
but since it made me eat crow, i figured i would share it..
Although i read a fair bit, i stopped really reading fiction many many moons ago. Its something i often feel ill try to get back into when im a little older with more time (like playing golf), but right now it somehow always feels like fiction pieces give off less real information than their non-fiction counterparts..
To this end, i got through about 0.5 of one of the harry potter books, before deciding that it wasnt for me (but still stood in the queue at midnight for the final book because Deels has always been nuts about it..)
DefCon 16 – Hmm.. 2 of these talks seem familiar…
Some of the DC16 speaker summaries have been posted, and these 2 caught my eye:
Time-Based Blind SQL Injection using heavy queries and
New Tool for SQL Injection with DNS Exfiltration Both descriptions seem pretty much spot on with what we did in our DefCon talk last year..
hmm.. wonder if its new twists on it, or a little more of the same?
/mh
ActiveX Repurposing.. (aka: Other bugs your static analyzer will never find..) (aka 0day^H^H 485day bug!)
Earlier this week we had an internal presentation on Attacking ActiveX Controls. The main reason we had it is because of the ridiculously high hit rate we have whenever we look at controls with a slight security bent.. When building the presentation i dug up an old advisory we never publicly released (obviously we reported it to the vendor who (kinda) promptly fixed the bug (without giving us any credit at all, but hey.. ))
While the IEBlog promises updates to IE8 that will minimize the damage caused by owned controls in the future, the fundamental problems with ActiveX today are an attackers dream.
If you run Debian (or a Debian Derivative, like Ubuntu)…
Then you probably should get on this one… [Problems with Random Number Generator]
While it looks like an arb openssl bug, 2 seconds of reading should get you to:
-snip-
It is strongly recommended that all cryptographic key material which has
been generated by OpenSSL versions starting with 0.9.8c-1 on Debian
systems is recreated from scratch.
&&
Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key
material for use in X.509 certificates and session keys used in SSL/TLS
connections.
-snip-