I am temporarily stopping this blog. It has come to my attention that the content is being scraped and hosted on a different site without my consent. WordPress will not help me remedy this problem so I am forced to migrate my blog elsewhere. I will post the new address here when I’ve got everything set up.
Entries from June 2007
Phishing Social Network Sites
June 15, 2007 · Leave a Comment
“Lazy web developers are the reason I’m still around phishing”
Ha.ckers.org has posted an interesting interview with a phisher who makes a living hacking social networking websites. Of course, you have to take what the hacker says with a grain of salt, considering he is a criminal and goes by the anonymous name of “lithium”. That being said, it is still pretty interesting to hear from an 18 year old high school drop out who has stolen over 20 million IDs. He claims that once he has a user’s social networking password he can break into their email address or other accounts because “5 times out of 10 the person uses the same password for their email account.” Here’s a good tip: never reuse the same password.
Ha.ckers.org is a web-application security blog run by “security gods” RSnake and id. They post relevant and accurate information about current security issues. Also, not to be missed is the full-disclosure forums at sl.ackers.org.
Despite the growing threat, websites and applications are becoming more and more permeable leaving unsuspecting users at risk. The best way to defend yourself is to become aware of the techniques and capability of the attackers, and to practice strong security habits.
Updated Kernel Debugging
June 13, 2007 · Leave a Comment
In my last post I explained how to set up kernel debugging with WinDbg and a Virtual PC running Windows XP. I understand that this is a little outdated now, and there are some people that may be wondering how this can be done if the Virtual PC is running Vista. The process is nearly identical to the one I outlined in my previous post, with the exception of step two. In Vista, Microsoft changed the way boot options are defined and replaced the manual editing of a boot.ini file with an application called BCDEdit.exe. This program can be invoked from the command prompt and you must use it configure your Vista boot for debugging. Windows Hardware Developer Central has a step-by-step explanation that I am not going to try to reproduce here. If you are interested, follow this link.
Categories: Uncategorized
Tagged: Debugging, Kernel, Windows
Kernel Debugging: WinDbg and Virtual PC
June 11, 2007 · 4 Comments
My new job has me doing a lot of device driver development, which naturally leads to quite a bit kernel debugging and system crashes. Thankfully, with WinDbg and Virtual PC it is simple to set up kernel debugging for a virtual machine. Since I am developing for a Windows environment, I am using Virtual PC 2007 and WinDbg. This process will also work for Virtual PC 2004. This is all probably possible with VMWare, Virtual Box, or any other virtual machine program out there, I am just not sure of the steps. The following steps are all you need to get debugging, assuming that you have a Windows virtual machine already set up:
Step 1: Edit the settings of you virtual machine to use a named pipe for a COM port
Edit
Settings
COM1
Named pipe:
Add: \\.\pipe\vpcdebug
Step 2: Edit boot.ini file on the virtual machine.
Right-click on My Computer
Properties
Settings
Edit start-up file manually:
Add: /DEBUG /DEBUGPORT = COM1 /BAUDRATE=115200
I like to add a second line here instead. Copy the last line, and append it with the above line:
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
/DEBUG /DEBUGPORT=COM1 /BAUDRATE=115200
This will give you two different boot options, one for debugging and the other for normal use.
Step 3: Set up WinDbg for remote debugging over COM1.
This can be done through the File -> Kernel Debug menu, but I prefer to make a shortcut so I can have multiple different types of debugging environments.
Create a shortcut that points to WinDbg.exe and add the the necessary command-line arguments. Your shortcut target should look something like this:
"C:\Program Files\Debugging Tools for Windows\windbg.exe" -k com:pipe,port=\\.\pipe\vpcdebug,resets=10
This is all you need to do to set up kernel debugging. Be sure to start the VM before WinDbg so that it has a chance to create the named pipe. Also, make sure you download the correct symbols for your environment. For example:
SRV*c:\websymbols* http://msdl.microsoft.com/download/symbols
Categories: Uncategorized
Tagged: Debugging, Kernel, Windows
