KellyKeeton dot Com v3.0
KellyKeeton dot Com v3.0
reverse engineering life

16Sep/090

kellykeeton.com is officaly a hacker site!

Request denied by WatchGuard HTTP proxy.
Reason: one or more categories denied helper='Default Business Hours' details='Hacking'
________________________________________
Method: GET
Host: www.kellykeeton.com
Path: /blog

15Jul/090

incident response timestamp notepad

I had a need for a tool that I couldnt find that worked like I wanted. So I just builtone. Here is a incident responce notepad, basically it will time stamp every entryinto a file in real time. This is for incident responce teams (IRT) to deal with acrisis but take good notes at the same time for later analysis and review. I dealwith this a lot and always have some notepad files that are in consistant and messy,or papers all over my work area, very unsecure and hard to deal with.

To use the application just load it up, enter some notes and press enter to save yournote No need to save the file ever, as its realtime writing to the file. ToolTextwill help you with the buttons I dont do Icons.

Features of the IRT Notepad 1.01

-time stamp notes to a flat file

-add IR contacts to flat file

-add time accounting to flat file for billing

File Attachment:IRT Notepad.zip (47 KB)

requires .net, there is moderate bug catching do deal with things that can cause problems.If you find something you want added or a good bug let me know. I know it works onXP/Vista with .net if it dont work for you patch your OS. This is a private programthat I am providing for feedback and just a google hit.

Filed under: Security, Software No Comments
23Apr/090

PDF not paedophile

Want to be more secure online? Stop using Adobe Acrobat reader to open PDF documentsin your browser. That's what F-Secure virus hunter Mikko Hypponen, the closest thingto a rock star holding court at the RSA security conference, is advocating.

Ditching Adobe Acrobat Reader will greatly reduce your chances of getting your PCinfected by a drive-by download, says the pony-tailed Hypponen, who was recently profiledin Vanity Fair. "That's my advice," says Hypponen, "I don't expect a Christmas cardfrom Adobe."

The bad guys are increasingly using security flaws in Adobe Acrobat Reader browserplugins to open a backdoor to your hard drive. These instructions get implanted whenyou visit a tainted website. The next time you use Adobe Reader, a very tiny poisonedPDF from the bad guys also opens and installs the backdoor that may allow them totake over your computer.

 

from USA today – however I fully support that claim I use FoxitReader

Filed under: Security No Comments
13Apr/090

A published Security Professional

I don't know that I would call myself a successful published, BUT!! I did get publishedin 2600 magazine. I have been a long time subscriber and was bored one day and feltlike writing. Published up some code to hack up a robots.txt file its fancy I willgive you that, no more cut and paste! I think my dosbox code was cooler.

anywhoo go get a copy of the Spring2600 magazine and I will sign it for you.

8Mar/090

Memory Hacking with MDD

so with a delayed flight I was checking out new PaulDotCom notesand one thing I always like is hacking, and found this new tool called MDD formemory dumper, not new but nice set of tools for it. You can dump out the memory andthen hack up and pull out passwords and other goodies, handy for virus work, forensics,or just plain old hacking Plugins MorePlugins

12Feb/090

backtrack 4

like every other blog, I will blog about backtrack4 out. Its real slick as it alsohas memdump for dumping ram from boot built into it. Some cool tricks is the USBBoot This way cool tool to makea bootable USB but the backtrackteam also have a blog now.

best of all its now debian and not a live CD but a REAL operating system!! no longerdo I need to run slax just for BT

Filed under: Security No Comments
20Jan/090

HELP IM CAPTIVE IN LONDON

So I went to london to enjoy some shitty food and the next thing I know I was takenBy Pirates! These Pirates wont let me go untill you pay them USD1’0000 Dollar.Please! Forgive you for not taking time to phone. Please send help ASAP dont callpolice they will might kill me dead!!!!!!!11!!!! YOu CAN paYpall the cash to KellyKeeton@….

Awesomenews story of wolves attacking prey with social enginering.

19Nov/080

Security for Soccer Moms

I want to create a new presentation called Security for Soccer Moms. I was talkingto someone at work who went to a PTA event and there was a “CISSP” therewho knew a lot about security and children (uhh…) So I wanted to jot thisidea down, so someone can steal it or I can just have some free hits for keywordsof people looking for porn.

Mind you this blog is nerdy so this is the technical idea’s for a class thatI would like to teach with more of a “soccer mom approach” so if you thinkthis is interesting contact me or my company. If you dont get what I publish heregive it to a nerd to debug for you It will give them ideas on how to deal with yourcase.

There are a LOT of resources on this topic and I will choose to look at the free ones.Sure there are the net-nanny products that stop you from looking at porn on the internetbut they are all easy tostop when your kid gets smart, and lets face it who likes to pay for somethingthat takes up memory on likely your home vista computer to make it run even worse.

So I present My list, I will add to it over time. I make this list in dedication toall the crazy people who have kids from high school allready… yikes.

The # 1 rule I have, untill you trust your kid -never allow a computer in a privatearea. (that has internet) I wouldnt reccomend it anyway keep your kids in view untillthey are old and you trust them. or kick them out.

  • PREVENT SOCIAL ENGINERING
    • This is the most effective tool to keep your children safe from scarry assholes
      • Talk to your children about NOT using real facts of life, avoid puttingwhat your dad really works for,
        • dont take a picture of your house address or link to it on google maps.
        • Dont publish your birth year, use a fake year.
        • Dont publish your own work history or keep it vague or mess up addresses for locations(I work at boeing in spokane)
        • Dont publish your last name, or put a inital only (harder to stop kids dooin this)
        • If you have rules about phones, publish only cell numbers that cant be traced by normals andwatch your kids bills for strange 212 numbers.
        • Dont publish details on your school where possible
        • set up a email for your kids to use “on social networks” only (and monitorit)
        • Dont give dates when you will leave for vacation talk about it when you get home!(or I will just come steal your crap)
      • I think you get the idea – just mess things up a little change on your end causesa bad guy to keep moving to someone easy. In the end it all comes down to your parentskills, a parent that says “I dont want to look at my kids site to see whatthey are up to” haha then why are you reading this?? There is no privacy ofa 7 year old on the internet, I dont care about your hippy views. Talk to your childrenwhy you monitor the activity and when they get older put a level of trust in themand dont monitor. If they screw up then kick some ass.
      • Want to scare yourself? Google your Children’s Names see whatdata is out there on your home, family, child…
      • Also remember LOOK at your kids social pages look at history etc to see if they usemyspace etc (this also applies to you and linkedin)
  • Prevent MalWare
    • This is just a crappy fact of life now, its very hard to stop this with out tehncicalcontrols.
      • Use a “safe browser” in a virtual machine, it works great and there arepleanty of bootable browsers (just download ubuntu)and have the kid boot up ubuntu live and use the internet. then whatever they messup you just reboot to fix. But they still can use flash etc etc etc.
      • Use a host file redirector,most kids wouldnt figure this out untill they get real smart and if they are thatsmart they are beyond you trying to control them with just software. Blocks Ads-Mal-X or Porn
      • Use free services like openDNs whichare a bit more easy to deploy
        • set your firewall to use that DNS then dont allow 53 out of your network (53=DNS)and then people CANT use internet with out some more serious hacking. meaning. Block53 outbound from the workstations on your network. but allow your special DNS server(in most cases your firewall relay) as the only IP alolowed to do DNS lookup. thatway the kids (workstations) cant even use the internet with out going thru your proxydevice (dsl router with DNS protection on words or sites etc, pfsence is a good example)
      • most all opesource firewalls include some abilityto do the same things for blocking sites, some will even replicate what netgear etcwill do and put a “block list” of words into your layer7 traffic. So ifyou go to a site that contains the word “boobs” it will disallow the request.(see your hardware for how to do that, as this is about free things) Just learn toleverage what you likely allready have
      • these methods can all be used to block social network sites if wanted
    • Tip: remember to remove the hosts file from the recent open files list, and use notepadto edit it so that you dont leave tracks of what you did.
  • Time restrictions of internet use
    • Kids hate homework they like myspace
      • Most all opensource firewall will allow a time browsing option, the pfsence firewallwill allow you to require a login like at starbucks and only allow you for a ammountof time in a time block. or you could charge your kids
      • a lot of consumer routers (things you buy at bestbuy) also have this feature use whatyou got!
  • Proxy, Ideally Proxy is awesome for a lot of reasons but its out of scope for theaverage home. But if your a nerd or nerd home check out a SquidWeb Proxy and you can lock it down as the only outbound host. then you can browsefor porn but your kids cant etc.

So Remember– The security of your children is also your security.The tips here are also tips for you. The more you talk about it and let them use thetools and sites they want the less they will fight you and hide things. A opensourcerelationship is one where everyone learns.

And no I have no children, this is all assumptions.

This document is a work in progress right now, give feedback if you think of othermajor issues that you have with kids or know of with kids using the internet. I willmake a new section and blather on about it.

Filed under: Internet, Security No Comments
13Nov/080

webslayer omg bbq

I just found a new tool on OWASP site webslayer,this tool is only w32 right now, which bites but the tool is AWESOME!

the payload generator is awesome, as well as the complex rules you can quickly defineto test a site. 31337

Filed under: Hack, Security No Comments
12Oct/080

clickjack wtf bbq

sigh… is this the new bump key? I havent seen a hack get run into the groundby the media since the bumpkey… seriously are we just bored in the securitynews world?

PGP_001

Filed under: Security No Comments