InfoSec

by

A Simple Script to Get Top Passwords Cracked

Several days ago, I took a break from doing my work. I did an exercise to sharpened my “rusty” scripting skills. My goal was to develop a simple script using Ruby to get the top passwords cracked from MD5 Statistics page. This should be an interesting exercise for my brain. :D

Unfortunately, my scripting skills was so rusty, so it took me a while to code this simple script.

Continue reading

by

Kernel Panic Error Message. Is It ?

After doing an upgrade to MSF4, when I run msfconsole, I was greeted by the following “scary error message” :

Unable to handle kernel NULL pointer dereference at virtual address 0xd34db33f
EFLAGS: 00010046
eax: 00000001 ebx: f77c8c00 ecx: 00000000 edx: f77f0001
esi: 803bf014 edi: 8023c755 ebp: 80237f84 esp: 80237f60
ds: 0018   es: 0018  ss: 0018
Process Swapper (Pid: 0, process nr: 0, stackpage=80377000)


Stack: 90909090990909090990909090
90909090990909090990909090
90909090.90909090.90909090
90909090.90909090.90909090
90909090.90909090.09090900
90909090.90909090.09090900
..........................
cccccccccccccccccccccccccc
cccccccccccccccccccccccccc
ccccccccc.................
cccccccccccccccccccccccccc
cccccccccccccccccccccccccc
.................ccccccccc
cccccccccccccccccccccccccc
cccccccccccccccccccccccccc
..........................
ffffffffffffffffffffffffff
ffffffff..................
ffffffffffffffffffffffffff
ffffffff..................
ffffffff..................
ffffffff..................


Code: 00 00 00 00 M3 T4 SP L0 1T FR 4M 3W OR K! V3 R5 I0 N4 00 00 00 00
Aiee, Killing Interrupt handler
Kernel panic: Attempted to kill the idle task!
In swapper task - not syncing

What a “cool” welcome message. :D

by

Security Incident at Automattic

Automattic, the company behind the WordPress.com platform experienced a low-level break-in to several of its servers.

Although at this moment, there haven’t any information about the extend of this incident, as the Automattic’s people are still doing investigation.

If your blog is located in the wordpress.com domain, you may want to follow the suggestions offered by the WordPress about the security fundamentals located in the link mentioned above.