KellyKeeton dot Com v3.0 reverse engineering life

8Mar/100

Better then Duct Tape?

since owning a home I have come across a few products that never leave my tool box.Thought it would be a good blog post. Since our grandpa's days WD40 and Duct Tapeare the staples right? well I do like WD40 but I have hated duct tape forever, havinghad the background in sound and light I learned of gafferstape early on, I have no idea why you use that nasty duct tape ever. I feel itsa new era for tool box products to become staples so I give you my must own list ofnew products I have found.

SiliconTape - amazing stuff really its tape that only bonds to its self, creates a supercrazy tight bond and shrinks as it cures. This stuff is basically required when youwant to repair anything in a quick fix. it will repair a burst pipe, hose clamp, toolyou name it if you can wrap a bandage like seal around it this will hold it till youcan repair it, must have for an old truck tool box. wont dry out or get nasty in heatlike PVC tape. Its nothing new just new to me since owning a house. its never cheapbuy it on ebay or the likes.

AluminumFlashing Butyl Tape) - This actually single handed replaced duct tape for me..this actually is. duct tape. I found it when repairing duct leaks in my house itsamazing sticky as heck, strong (not for load bearing) I use this in automotive, electrical,appliances, touch up work, you name it . this stuff rocks and its cheap! recommendany home store for it.

Peel& Seal - actually what got me to blog this, just found this stuff today. Amazingstuff aluminum backed rubberized asphalt. This stuff is amazing stick it on and watertight seal is formed! I actually purchased this as a cheap alternative for DynaMatthe sound deadener product that sells for 4 bucks a sq foot to a dealer. this wasmuch cheaper and its the same thing! I will also be using this on the roof of my camperto make a poor man repair to a leak but I feel it will be a great tool for the job.It wont go on when its cold out so not the best for winter repairs but if your cheapand want to fix a leaky area in the roof that is small this stuff is awesome for that.it is also handy to use as glue or just real good tape that wont ever come off

Heat Gun - this item isn't new to home ownership but let me tell you I use a heatgun on just about every project any more. Trying to loosen a bolt, apply any of thetape I have listed here. Dry Paint. dry out a wall, cook pop corn (yes I tried andit works) for 30 bucks its worth the investment.

27May/090

open source visitor badge software

I recently had a requirement to build a visitor badge system but didn't have any cash.So i created my own software! I build what I am calling for lack of a better termphpvisitorbadge. Runs on PHP has a SQL backed and will catalog and log your visitorsfrom multiple locations and also give you a sign out ability. I actually reverseengineered the idea from someone but came out with a dandy product. So if you havea LAMP like install sitting around let me know what you think. IN the next week ifI get time I will set up a demo site with the server software running. I added somesecurity to the page but not a lot as its intended for internal use only. HoweverI am curious on how much people could hack it if I let them.

http://www.kellykeeton.com/phpvisitorbadge/

Filed under: HowTo, Software No Comments
28Oct/080

Slurp Slurp USB to gather good data

Im sure we all know of slurping by now but I just came across this site for windowscommand ninja skills. with that I took the time to update my slurp tool with somehacks I just didnt think about using. As well as some uses for NET that I didnt knowabout.

I have attached a copy of one of the slurp scripts I run, your milage will vary butyou should get a lots of Ideas from it if you know whats going down. (I also justfixed that my server wasnt serving up batch files)

File Attachment:slurp.bat (14 KB)

File Attachment:slurp.bat (14 KB)


Filed under: Hack, HowTo No Comments
18Oct/080

load dos zip game into dosbox

So I am working on a project that required me to getcreative, I have about 10gb of DOS Games but they are in ZIP format, nice for storagebut not easy to deal with on a emulatorfront end, who wants to unzip a thousand files. So I set to work to make thisscript that will run a zip file game for dosbox. I read somewhere that dosbox willmount a zip file but seems like it wont work in the sdl build I have for linux, soI built this...

File Attachment:ldDOSzip.sh (2 KB)

File Attachment:ldDOSzip.bat (2 KB)

I put up a DOS batch file, its a very basic convert from the shell, most parts workI think. I didnt actually test it. You will also need to download a unzip tool forthe command line this is also expected to be ran in XP or greater as I dont know howfar back some of the file and path variables go in msft land. comment back if youfind any issue with the dosbox batch file for windows. I will fix it up.

I did fix up the fact that by default IIS wont server up a batch file.

Filed under: HowTo, Linux No Comments
17Sep/080

Thermite How-To

Thermite is a great tool to break into banks, destroy hard disks. Or just burn a holein a engine block. It has great effect on anything iron.

A great site to try new waysto burn things

8Sep/080

drop the netbios hell in XP

When you run explorer and its using mapped drives or printers, there is a lot of crapnetwork traffic that hangs up the kernel and your experence with your OS in windows.so here is a tip that I never bloged about. Disable the qutomatic query for networkresources. This will speed up your work PC a bit if your a poweruser.

Speedupwindows

Filed under: HowTo, Microsoft No Comments
13May/080

a windows CVS ‘how-to’

I recently was working with some shared code and didnt like the regulations or the publicity of SourceFourge, so I set up a home CVS server to distro the code. Like another individual I googled out and found a bunch of documentation from linux users, no offence but I dont have time to read 30 pages to edit a password file. so I duplicated notes from here -http://www.adp-gmbh.ch/blog/2004/november/3.html- in case its ever removed and added my own commentary and edited some things for the new version of cvsnt.

Wih the server I also just checked out TortoiseCVS (formallyI used wincvs) I dont like how much its lockedinto explorer but its so easy that I dumped wincvs and only use the turtle.

Installation

The installation turns out to be quite straight forward. Starting the installer takescare of the entire installation.
The default installation installs two windowsservices: the cvsnt service (named CVSNT) and the cvsnt lock (namedCVSNT Locking Service) service. Additionally, it also installs a default certificate.
The cvs.exe was installed into C:\Program Files\cvsnt. Installalso adds to your path statment.

Creating a repository

A repository needsa root directory under which both the files under version control and auxiliary filesfor use by CVS server are stored. I created this directory manually:
C:> mkdir c:\CVSSERVER
However, this is not a CVS repository by itself; the CVS server needs to be told touse this directory as a repository. The CVS server (or service, respectively) is administeredthrough a service control panel that can be invoked in the dos prompt likeso: (or via start menu)
C:\> cvsnt.cpl 
Now, with cvsnt.cpl, one can go to the Repositories tab and add the created repository.I chose /test for the name of the repository.

A dialog informed me: C:/CVSSERVER, but is not a valid CVS repository.
Do you want to initialise it?

And yes, of course, that's what I wanted.
Then I pressed apply.
The initialization basically created a CVSROOT directory beneath c:\CVSSERVERand put some 55 files and yet another directory into CVSROOT.

Adding a user

After creating the repository, I needed to create a user that can access (that isstore and retrieve files) the repository.
C:\>cvs -d:sspi:localhost:/test passwd -asome_user
Adding user some_user@localhost
New password: ******
Verify password: ******
cvs server: *WARNING* CVS user 'some_user' will not be able to log in until they arealiased to a valid system user.
The password that I have specified (and is hidden in the console) was password.
This command created \CVSSERVER\CVSROOT\passwd with the following content:
some_user:AuC4s3kI8ixcs
Now, some_user needs to be aliased (according to the warning returned by cvs) to avalid NT system user:
C:\>cvs -d:sspi:localhost:/test passwd -r SYSTEM\administrator some_user
Changing repository password for some_user@localhost
New password: ******
Verify password: ******
Although this seems a bit redundant, it looks like one has to give the password again.This is the password for the CVS user not the system account. The SYSTEM\administratoris the NT-FQ name of the local admin in this example.

Creating a module

Now, it was time to create a module which I named test_module:
C:\CVSSERVER\>mkdir test_module
C:\CVSSERVER\>cd test_module
For the beginning, I only stored one file, README.txt, into this module. (one fileis required to start the module)
C:\CVSSERVER\test_module\>notepad README.txt
Here's the content of README.txt:
test_module
===========
This is some dummy text.
C:\CVSSERVER\test_module\>cvs -d:pserver:some_user:password@localhost:/test import TestModuleno-vendor initial-release
I didn't specify the -m flag, so CVS opened the default editor likely notepad (asthe environment variable CVSEDITOR is not set) to enter a message. 
CVS: ----------------------------------------------------------------------
CVS: Enter Log. Lines beginning with `CVS:' are removed automatically
CVS:
CVS: ----------------------------------------------------------------------

just say C for continue
.. and CVS answered with:
N tm/README.txt

No conflicts created by this import
The N obviously indicates that tm/README.txt is a new file.
Now, let's see what happened in C:\CVSSERVER>.
C:\CVSSERVER\test_module\>cd \..

C:\CVSSERVER>dir
Directory of C:\CVSSERVER
02.11.2004 23:35 <DIR> .
02.11.2004 23:35 <DIR> ..
02.11.2004 15:53 <DIR> CVSROOT
02.11.2004 23:35 <DIR> TestModule
Indeed, it added a new directory called TestModule What's in there?
C:\CVSSERVER\test_module\tm>dir
Directory of C:\test_repository\tm

02.11.2004 23:35 <DIR> .
02.11.2004 23:35 <DIR> ..
02.11.2004 23:35 <DIR> CVS
02.11.2004 23:35 506 README.txt,v
It contains a CVS directory (again, used for CVS use) and the README.txt (with a ,vsuffix)
Now, the repository is ready to be used.

so in the end to connect
cvs -d:pserver:some_user:password@localhost:/test /TestModule

Filed under: HowTo, Software No Comments
20Mar/080

change VMware disk size

recently found a good use of VM Converter to change the disk size and no need to messaround in command line

 1) if you own a copy of converter thats a cheat

http://www.vmware.com/products/converter/

 if all else fails

http://www.ebswift.com/OpenSource/VMDiskSize/

then use diskpart (cmd tool with windows)

run the following commands…(on a different box)

diskpart

list disk

list volume

select volume=(your volume)

extend

list volume (check your work)

Filed under: HowTo, Software No Comments
30Nov/070

Browser Plug-In’s

I wanted to make a list of browser plug-ins that I use and find quite importantto security and daily ops work.

First, for IE (I accidently upgraded to 7.0 and didn't feel like un-installing thebehemoth)

  • Bayden Systems' TamperIE offersHTTPS form-tampering
    • sort of a mac-daddy tamper application to change your post data on the fly, must have.
  • Microsoft's IEDeveloper Toolbar
    • Change values on the fly also get header info and more right away
  • Microsoft's IEPowertoys for WebDevs
    • was cool but appears the highlight and show source dont work with IE7, however stillworks for DOM data so I keep it.

Now the giant list for FireFox (where all the 31337 users are)

  • AdBlockPlus
    • This is like going from dial up to DSL, the internet all the sudden becomes “sweet”
  • BlogJet
    • This is also in my IE, its my blogger application
  • DOM Inspector
    • handy for webdev and de-construction
  • DownloadThemAll
    • I dont like to click and this is a price-less tool for saving clicks.
  • GoogleBrowserSynch
    • I dont like how big google is and I dont like the idea of google watching what I browse,this was just an interesting tool since I am on lots of computers, I just dont havethe guts to sign-in yet.
  • GoogleToolBar
    • this is a must, duh.
  • HttpHeaders
    • handy for webdev and de-construction
  • ModifyHeaders
    • handy for webdev and de-construction, and user-agent mods
  • NoScript
    • The only “security” leo laporte knows with out steve giving him a script. Handy forhacking things.
  • RefControl
    • spoof the referrer to the server.
  • PDF Download
    • sometime I like to download pdf’s sometimes I like to view them live, this lets mechoose.
  • Tamper Data
    • same as TemperIE but for zilla
  • ULRParms
    • Different type of TamperData type plugin
  • User Agent Switcher
  • WebDev
    • This tools is mostly a must for anyone, you can quickly shut on and off and mod partsof sites.

Update June2008:
some good hack tools
http://www.securitycompass.com/exploitme.shtml

20Nov/070

av cable

if you ever get me started on “24kgold connectors” you know how much Ihate magnolia hi-fi and all the sales people there how they push monster and highergrade connectors.

Here is a podcast that is a full hourof how to cable your AV equipment

 

 

Filed under: HowTo No Comments