Tools
reDuh reVisited…
We’ve had a number of issues with reDuh and the various server versions published. Some clients worked with some versions of the server, and didn’t play nicely with others.
I am happy to say that these have all been resolved now. The single reDuhClient now works with JSP, ASPX and PHP versions of reDuh. Its been tested on a number of different platforms.
Additionally, the new reDuh client supports some enhancements. These are:
BiDiBLAH Case Study (Part 1)
With our recent release of BiDiBLAH 2.0, we’ve decided to revisit some real world scenarios, and ways BiDiBLAH can deal with it… All the scenarios can be downloaded from the BiDiBLAH home page.
Scenario:
If a hacker can mine/collect email addresses from our company he/she can send malware / phishing attacks to these people. But, who are these people? And what other sensitive information are we leaking from a particular domain?
Solution:
BiDiBLAH / SPUD.. Quick feedback
We’ve had some feedback from some BiDiBLAH / SPUD users regarding a few changes… Firstly, SPUD seems to be crashing under a few instances of Vista… We’ve taken note of the issue and will spend some time looking into the issue in the *not too distant* future…
Secondly, on BiDiBLAH, we’ve had a request from a user to have brute force and reverse queries done against the servers listed as NS records for the domains. (This will provide authoritative data). We’ll also look into this request in the next release.
reDuh.ASPX
An additional issue has been discovered in the ASPX version of reDuh. Although the script did work as expected, it did not set the ScriptTimeout value. This resulted in reDuh terminating active connections once the page timeout had expired.
This has been fixed in the ASPX version. A copy can be grabbed from here. More information regarding reDuh can be found here.
ASPX and reDuh
We’ve received a number of queries regarding folkses unable to get the ASPX version of reDuh to work.
In truth, the client had a faulty HTTP implementation meaning that HTTP requests were malformed. Apache and Tomcat cope admirably with the malformed requests, IIS does not.
So, we’ve built a new client version for reDuh which will play nicely with IIS. Apart from the bugfix, the new version also supports SSL. A direct link to the updated client is here. More information regarding reDuh is here.
BiDiBLAH 2.0 Released!
Yup, that’s right, BiDIBLAH 2.0 has finally been released and is available for purchase at an incredibly low US$500!! You can get BiDiBLAH here. Users who would like to try it out first, can download the evaluation copy, which is limited to a 60 minute runtime. Also, check out the FAQ page for some common / technical questions and answers.
./frankieg
… Scrapy…
(an open source web crawling and screen scraping framework written in Python..)
i promised deels i wld stay off the interwebs for a few days, which means my quick stops are filling up my bookmarks list..
This looks worth checking out.. http://dev.scrapy.org/
/mh
Wikto 2.1 XMAS edition
The latest version of Wikto (2.1) is available for download here. New features include time anomaly reporting and easier access to findings. A few bugfixes have also been made (thanx to some valuable user feedback). Happy holidays from the research and dev team.
./frankieg
(v2.1 XMAS image)
Windows servers are now a (beta) option on Amazon Ec2
EC2 is now out of beta, and supports windows based ANI’s. [Big Day for EC2]
EC2 blows my mind, and from a bazillion miles away, i was truly surprised the Amazon got the jump on Google/MSFT/Apple/* with their offerings..
/mh
PS. how i managed to write on this as opposed to the [Stack based, pre-auth, wormable windows RPC overflow is anyones guess]
PPS. Actually.. in part its because im miffed. I just wrote a diatribe on how the fact that we werent goign to see another code-red / worm scare anytime soon was going to hurt us (ala aitel.owasp08) and this bug shuts me up for a bit – stay tuned for “is the industry still running on code-red?”
BiDiBLAH 2.0 BETA
Good news to all the blah’ers out there! The BETA version of BiDiBLAH 2 is available for download here.
As you probably know, [a real quick and easy] registration is required, and version 2 of BiDiBLAH runs on dotnet framework 2.
./frankieg