NSE isn't actually domain specific, it's the tried, tested, and fast Lua (with extensions to make it fit with the Nmap scanner). You get the speed of Nmap to find hosts/ports plus the NSE scripts backing it up to do deeper probes.
Wireshark, Snort, Nmap, and plenty of other tools use Lua for scripting, so it's a valuable language to learn. I recommend it!
I'm sure it doesn't help that the plants that are resistant to roundup will cross-pollinate with the weeds that are supposed to be killed with roundup, thereby making everything resistant. I remember people saying a long time ago that this would happen, and here we are!
I originally wrote it as a single page, but 60 images + that much text was too much, so I broke it into 4 pages. For what it's worth, I don't have any ads or anything so it's not like I'm profiting from it.
Yeah, the simple xor 'encryption' is pretty oldschool. I can't believe I didn't notice that right away myself. I didn't see it till I started looking at the send/recv functions.
As to the CLSID, good thought, but no -- the CLSID isn't a real CLSID, it's just a way of identifying its own commands. Basically, it's a list of if(!strcmpi(command, "clsid1")) { do_this() } elseif(!strcmpi(command, "clsid2")) { do_that() } etc.
It only has those 9 or so CLSID's included, and if it isn't on the list the command is simply discarded.
And for what it's worth, the initial "'\x00\x00\x00" that you're seeing is a length (0x27 = the length of the CLSID = ').
I spent the morning reverse engineering the Trojan and wrote an Nmap script to detect if a remote system is infected. Hope it helps out: http://www.skullsecurity.org/blog/?p=563.
As the original poster, and the author of a dozen or more Nmap scripts, I agree 100%. If you look at the tool itself, you'll see that everything is fairly separate and independent, even if they share a common codebase -- between the scripting and the "bonus" tools, the core is still fairly tight.
My comment at the end about the bloat + Emacs was intended 100% as humour, not actual commentary. I'm hoping nobody took it as a legitimate stab at Nmap, because it wasn't.
That's correct. I added a 'safe' parameter last night, since the Connficker check is safe, and have been advocating its use in all my posts (you'll see "script-args=safe=1" in everything). Watch out for that.
And for what it's worth, even if 'safe' is missing, it's only going to crash stuff that isn't patched for MS08-067.
Glad to hear it! When I wrote the ms08-067 script, I was surprised to see it posted around the Internet -- I wrote it as a demo of what Nmap can do, not as a production-grade scanner, and I guess it ended up being more useful than the other scripts that I've put *far* more work into:)
Can you be more specific? I've played that game a significant amount, and beat a handful of the campaigns, but I've never had any issues that make the game out to be less than professional.
As a disclaimer, I've never played online, so I don't know how their multiplayer gaming is set up.
Actually, Flash provides a write-only clipboard. It can't read the clipboard unless the user gives it permission (short of some vulnerability in Flash, of course).
Don't forget that every security patch that Microsoft releases is a hole that blackhats could already have been exploiting. Patches created now could (and often do) fix vulnerabilities dating back to the release of Windows 2000 or Windows NT. There's no way to guarantee that the holes aren't known and exploited by others.
That being said, any system with proper firewalling mitigates much of the issue. If the only port open to the public network is the one running the proxy software (or whatever it is), then there is very little attack surface.
Having worked at Symantec, I can tell you that it's nothing like that. There isn't even yelling or clamoring, it's just business as usual. There aren't even any blinking lights!
Oh, and John Thompson (the current CEO) isn't involved in the decision, nor is he in the same country as the people who are.
Did you actually READ the links you posted? Here's a quote from one of them:
The lawmakers pointed to an unclassified summary from a report by the National Ground Intelligence Center regarding 500 chemical munitions shells that had been buried near the Iranian border, and then long forgotten, by Iraqi troops during their eight-year war with Iran, which ended in 1988.
The U.S. military announced in 2004 in Iraq that several crates of the old shells had been uncovered and that they contained a blister agent that was no longer active. Neither the military nor the White House nor the CIA considered the shells to be evidence of what was alleged by the Bush administration to be a current Iraqi program to make chemical, biological and nuclear weapons.
You're assuming that it'll be censored and say that way. I doubt that'll be the case -- if a user "censors" something, just like when a user vandalizes Wikipedia, it'll likely be reversed fairly quickly. It would surprise me if this became an issue.
Slashdot Mirror
+1. I've been through this exact same thing with Paypal.
NSE isn't actually domain specific, it's the tried, tested, and fast Lua (with extensions to make it fit with the Nmap scanner). You get the speed of Nmap to find hosts/ports plus the NSE scripts backing it up to do deeper probes.
Wireshark, Snort, Nmap, and plenty of other tools use Lua for scripting, so it's a valuable language to learn. I recommend it!
I'm sure it doesn't help that the plants that are resistant to roundup will cross-pollinate with the weeds that are supposed to be killed with roundup, thereby making everything resistant. I remember people saying a long time ago that this would happen, and here we are!
Haha, I hadn't even thought of that!
I originally wrote it as a single page, but 60 images + that much text was too much, so I broke it into 4 pages. For what it's worth, I don't have any ads or anything so it's not like I'm profiting from it.
Yeah, the simple xor 'encryption' is pretty oldschool. I can't believe I didn't notice that right away myself. I didn't see it till I started looking at the send/recv functions.
As to the CLSID, good thought, but no -- the CLSID isn't a real CLSID, it's just a way of identifying its own commands. Basically, it's a list of if(!strcmpi(command, "clsid1")) { do_this() } elseif(!strcmpi(command, "clsid2")) { do_that() } etc.
It only has those 9 or so CLSID's included, and if it isn't on the list the command is simply discarded.
And for what it's worth, the initial "'\x00\x00\x00" that you're seeing is a length (0x27 = the length of the CLSID = ').
I spent the morning reverse engineering the Trojan and wrote an Nmap script to detect if a remote system is infected. Hope it helps out: http://www.skullsecurity.org/blog/?p=563.
Ron
As the original poster, and the author of a dozen or more Nmap scripts, I agree 100%. If you look at the tool itself, you'll see that everything is fairly separate and independent, even if they share a common codebase -- between the scripting and the "bonus" tools, the core is still fairly tight.
My comment at the end about the bloat + Emacs was intended 100% as humour, not actual commentary. I'm hoping nobody took it as a legitimate stab at Nmap, because it wasn't.
That's correct. I added a 'safe' parameter last night, since the Connficker check is safe, and have been advocating its use in all my posts (you'll see "script-args=safe=1" in everything). Watch out for that.
And for what it's worth, even if 'safe' is missing, it's only going to crash stuff that isn't patched for MS08-067.
Glad to hear it! When I wrote the ms08-067 script, I was surprised to see it posted around the Internet -- I wrote it as a demo of what Nmap can do, not as a production-grade scanner, and I guess it ended up being more useful than the other scripts that I've put *far* more work into :)
Hey guys,
I'm the author of that script, and that's exactly right. I posted a full explanation on my blog.
Google and the like don't care what your source IP is, just that you have the proper cookie. Something else is causing your problem.
(If you want proof, drag a laptop to your friends' houses, and you'll still be logged in)
Based on the context, even if somebody doesn't know the word, it should still be perfectly cromulent.
Can you be more specific? I've played that game a significant amount, and beat a handful of the campaigns, but I've never had any issues that make the game out to be less than professional.
As a disclaimer, I've never played online, so I don't know how their multiplayer gaming is set up.
What about a loudener? Speed cocker? An attachment for shooting down police helicopters?
Actually, Flash provides a write-only clipboard. It can't read the clipboard unless the user gives it permission (short of some vulnerability in Flash, of course).
Don't forget that every security patch that Microsoft releases is a hole that blackhats could already have been exploiting. Patches created now could (and often do) fix vulnerabilities dating back to the release of Windows 2000 or Windows NT. There's no way to guarantee that the holes aren't known and exploited by others.
That being said, any system with proper firewalling mitigates much of the issue. If the only port open to the public network is the one running the proxy software (or whatever it is), then there is very little attack surface.
Having worked at Symantec, I can tell you that it's nothing like that. There isn't even yelling or clamoring, it's just business as usual. There aren't even any blinking lights!
Oh, and John Thompson (the current CEO) isn't involved in the decision, nor is he in the same country as the people who are.
Then I assume you HAVE chopped up your neighbour with an axe because it seemed like a fun thing to do?
Did you actually READ the links you posted? Here's a quote from one of them:
Or people, like some elderly friends of my family, who were duped and don't understand why Microsoft is harassing them.
Seems like it should be easy enough. Just start shooting the passengers one by one until they give in and open the door.
... please don't tell anybody you got the idea from me!
I think YOU meant, "Ones own breath" -- when pronouns become possessive, they don't have apostrophes (like "its" and "yours")
Is there a law yet for people inevitably making a mistake when correcting somebody? If not, we need to coin one. :)
You're assuming that it'll be censored and say that way. I doubt that'll be the case -- if a user "censors" something, just like when a user vandalizes Wikipedia, it'll likely be reversed fairly quickly. It would surprise me if this became an issue.
Does it keep lions away? Because I have one that does, and it's currently working at 100% capacity.
I think this post, more than any other, called for: [citation needed].