Fun
Tooble for the win.. piracy++ ??
For those of you who have not yet tried it, check out Tooble. Its a point and click tool that lets you download videos from the youtube.. its pretty cool and allows u to pull/convert videos pretty trivially.. [for all my “dont do piracy” holier than thou-ness, i now have to wondr if pulling a google-tech-talk, which doesnt have a download link (i.e. the authors did not want us to download it) is any different to pandas cat internet > home_nas behaviour..)
Eerie coincidences..
a) its my birthday in a few days
b) Apple just announced the new macbookair..
Coincidence??? i think not!!!
Strange Entries in your wbeserver logs, Wikto and questions about our Gender!
Over the past while we have been getting emails from people trying to figure out why they had entries like this in their http log files:
10.10.1.136 – – [32/Dec/2007:25:61:07 +0200] “GET //admin/dat_Gareth_at_sensepost_hackslikeagirl_.asp HTTP/1.1” 404 –
Recently a concerned Wikto user figured out that this was linked to him using Wikto (our Win32 Nikto Replacement + Directory / File / Back-End Miner). A snippet from his email read:
-snip-
I sniffed the traffic going out from my host going to the target host and infact this is the result:
HTTP GET /admin/dat_Gareth_at_sensepost_hackslikeagirl_.asp HTTP/1.0
All the requests are full of this… Well, at this point the questions are two:
1) You have a strange sense of humor.
2) You have been compromised. Waiting for a feedback,
Two pointless excuses to post two pictures..
a) At the end of the year we usually end up getting geek-gifts.. from SensePost, to SensePost.. Last years iPod nano’s were always going to be a tough act to follow.. but i think the picture says it all:
(click pic for clearer view) I know for those across the pond its probably going to sound 3rd world, but i was genuinely suprised at how life-changing GPS technology is.. Of course, it brings the usual geek side effects (other than people playing with Pimp my GPS). I.e. we noticed the other day that in the car park before going home, everyone was busy fiddling with their GPS units.. so suddenly, a bunch of reasonably intelligent folks who used to make the commute to the office and home daily for about 3 years need instructions on how to do it *sigh*
Another time sink-hole..
A while back some of us discovered and subsequently lost days to “The Python Challenge“. Well.. prepare to write off a little more time, and check out “Project Euler“. From its about page:
”
What is Project Euler?
Project Euler is a series of challenging mathematical/computer programming problems that will require more than just mathematical insights to solve. Although mathematics will help you arrive at elegant and efficient methods, the use of a computer and programming skills will be required to solve most problems.
The coolest thing this weekend…
Ok.. so being the cautious geek i am, i had bought a mac mini a while back before jumping into the OS X waters.. Unfortunately it was probably the last PPC mac mini’s sold, which means it has limited options (unless i convert it to yellowdog or somethign of the sort).
About 4 months ago i bought a (huuuuge) tv.. unfortunately i quickly figured out that the reason i never bothered with one before is that there isnt really anything decent on tv, and deels and i still spent more time watching googlevids than anythign else..
Dino Dai Zovi is such a Rock Star..
Dino is the guy who added much shellcode coolness to MetaSploit, gave
the world Karma, released the first virtualization rootkit for Intel
(Vitriol), and gave much credibility to the Matasano crowd while he was
there..
Although he left the consultancy gig, he popped up briefly again during
the year to claim his macbook in the Cansec Hack the Mac challenge and
popped up again to break second-life..
Google as an MD5 Cracker..
Slashdot picked up on the blog post from Light Blue TouchPaper commenting on the fact that a researcher was suprised to discover that simply putting an md5 hash into google returned a hit with a mapping to the original word..
This is an interesting concept.. A while back, we decided to fiddle with the concept of using googles indexing and spidering as a new take on the time/space trade-off for password cracking..
Follow-up (OS X BSOD Win32 Icons)
Of course, Leopard’s new improved ™ finder includes an Itunes’esque “Cover Flow” view (which includes quick view thumbnailing quite impressively)..
Of course, it means you get a better look at the win32 – BSOD :>
i know this has been blogged all over the interwebs..
but Leopards default icon for windows machines has to rank up there with dvwssr.dll
(yeah.. thats a BSOD)
/mh
ok.. who’s old enough? what was the similarity between this and dvwssr.dll ?