Having flashbacks of all kinds including the recent the har2009, which included the lockpicking championships (dutch open). Your guide to lockpicking is there. A stranger flashback was the jingle for Cannings Ice Cream. Coincidently, could there be a connection with Canning Town? Apparently it was named after Ernest Canning.
PCI Standards are a bit unclear about whether using SSLv2 should fail a company or not. They claim it is only applicable if cardholder data is transmitted with it. To me, PCI Standards is just trying to a pleasure GELF, making you see what you want to see... and open to massive misintepretation!
Somebody went down on Virgin
Wednesday 30 September 2009
Tuesday 29 September 2009
Monday 28 September 2009
Random Musings - Day #271
Over the years, there's always been a train of thought that IT work is being taken over by a cheaper third world workforce but evidently it's beginning to kick in as the like of BT and Capgemini are bringing staff abroad to replace UK IT contractors.
I love this, Little Cumbrae an island off the North Ayrshire is now the home to an international yoga camp. The techniques used improve the intake of oxygen which fights ailments like cancer.
I've always thought Arsenal are shrewd team with a shrewd manager who invests in young talent. But it looks like it starts in the boardroom as their subsidiary Arsenal Properties made huge profits (despite property market being flaky).
Ironically, the Saudis look to be interested in Liverpool FC.
How to kiss a girl
I love this, Little Cumbrae an island off the North Ayrshire is now the home to an international yoga camp. The techniques used improve the intake of oxygen which fights ailments like cancer.
I've always thought Arsenal are shrewd team with a shrewd manager who invests in young talent. But it looks like it starts in the boardroom as their subsidiary Arsenal Properties made huge profits (despite property market being flaky).
Ironically, the Saudis look to be interested in Liverpool FC.
How to kiss a girl
Sunday 27 September 2009
Random Musings - Day #270
I've been reminded of an old but cult movie in Idiocracy.
Looking for a place to do karaoke possibly in chinatown like China City.
Betting / Market spread help include prospreads, collective2, John Piper and Interactive Brokers. You could bid oppositely and win.
Looking for a place to do karaoke possibly in chinatown like China City.
Betting / Market spread help include prospreads, collective2, John Piper and Interactive Brokers. You could bid oppositely and win.
Saturday 26 September 2009
Random Musings - Day #269
If I were a woman, I'd probably want to be Alexia. She still looking amazing at 42 and just had a baby not a long ago. These days she's releasing songs in her native Italian but at least she been performing her old tracks like "The music I like"
That said, she did release a song with Bloom 06 (two-thirds of Eiffel 65) called "We is the power".
That said, she did release a song with Bloom 06 (two-thirds of Eiffel 65) called "We is the power".
Random Musings: Day #268
Well fed up with steak at Spur at Lakeside (or as I told someone inside Lakeside and got them exceedingly lost!) They have the 60 quid challenge where if you can eat 4 steaks (64oz), you get the meal free. One of my colleagues was confident she can do it!
I had a strange dream that Newcastle beat Ipswich 5-4. Like that's going to happen!
I had a strange dream that Newcastle beat Ipswich 5-4. Like that's going to happen!
Random Musings - Day #267
Exhausted. went to Guanbarra again. They had salsa dancing and a band on the Thursday.
Wednesday 23 September 2009
Random Musings - Day #266
Market moves have been static around the world markets. So here's useful starting page on how to spot trends.
Oh no looks like Accrington Stanley are in trouble again.
So Sol Campbell leaves Notts County after just one game. At least he stuck around for the entire game. I remember that game where he conceded two goals to West Ham and promptly left the Emirates at half-time and was not seen again for over a week. Interestingly, Sol is favourite to join another team that plays in black and white in the form of Newcastle United. Maybe he got confused on the way up north.
Oh no looks like Accrington Stanley are in trouble again.
So Sol Campbell leaves Notts County after just one game. At least he stuck around for the entire game. I remember that game where he conceded two goals to West Ham and promptly left the Emirates at half-time and was not seen again for over a week. Interestingly, Sol is favourite to join another team that plays in black and white in the form of Newcastle United. Maybe he got confused on the way up north.
Tuesday 22 September 2009
Random Musings - Day #265
Looks like another belgian tennis player is coming out of retirement. It's Justine Henin. Women's tennis has suddenly got a whole lot interesting.
Talking of trying to make a return, former world #4 Sebastien Grosjean is playing in native France but his world ranking is less than most at just #1147.
Meanwhile in Toronto, spotted that former 90s dance starlet, Emjay is doing (what seemingly now is an annual gig at Wayback Wednesday.
Game of the day... go to Holland, for a Dutch Cup action between Haaglandia and Excelsior Rotterdam. The game was 4-4 after 90 minutes where Excelsior had been 2-0 and 3-1 up but needed a last minute goal to take the match into extra time, where they proceeded to concede two quick goals to go 6-4 down. But they clawed themselves in a penalty shootout which they won 7-6.
Talking of trying to make a return, former world #4 Sebastien Grosjean is playing in native France but his world ranking is less than most at just #1147.
Meanwhile in Toronto, spotted that former 90s dance starlet, Emjay is doing (what seemingly now is an annual gig at Wayback Wednesday.
Game of the day... go to Holland, for a Dutch Cup action between Haaglandia and Excelsior Rotterdam. The game was 4-4 after 90 minutes where Excelsior had been 2-0 and 3-1 up but needed a last minute goal to take the match into extra time, where they proceeded to concede two quick goals to go 6-4 down. But they clawed themselves in a penalty shootout which they won 7-6.
Monday 21 September 2009
Random Musings - Day #264
Caught more than glimpse of Shakira's new video for top #5 hit, "she-wolf". She still got the moves.
Been playing "The look" over and over again. Looks like Roxette are re-releasing remastered versions of all their albums next week.
Oh dear, facebook looks to have a flaw and that could allow a trojan. Meanwhile, yahoo have their own problems with a brute-force issue with yahoo mail!
Be careful where you stick your USB in, it may corrupt an entire LAN with conficker
Been playing "The look" over and over again. Looks like Roxette are re-releasing remastered versions of all their albums next week.
Oh dear, facebook looks to have a flaw and that could allow a trojan. Meanwhile, yahoo have their own problems with a brute-force issue with yahoo mail!
Be careful where you stick your USB in, it may corrupt an entire LAN with conficker
Random Musings - Day #263
Pixie Lott falls hard as drops from the top to a lowly #6. Taio Cruz debuts at #1 with "Break your heart". Amazingly David Guetta is stuck at #2 as Madonna also debuts at #3 with "Celebration".
Saturday 19 September 2009
Random Musings - Day #261
Useful Windows commands to help your way are Tasklist and sc.
Local privilege escalation in Windows have seen with driver services, like PML Driver, Epson and privilege escalation on a service.
Local privilege escalation in Windows have seen with driver services, like PML Driver, Epson and privilege escalation on a service.
Wednesday 16 September 2009
Random Musings - Day #260
The whole Taylor/Kanye affair is getting massive expose. It looks like Kanye didn't apologise to Miss Swift according to her appearance on the American chat show, "The View". Taylor is amazingly cute as she described exactly what ran through her mind when she picked up her award and got interrupted by Kanye. West later apologised on Jay Leno's show.
Taking showers can apparently make you ill. But do read on, it usually happens that bacteria get out when the shower is first turned on. By habit, well make sure I get hot water, I leave the shower running for a minute before getting in. So reduces the chances a bit.
Taking showers can apparently make you ill. But do read on, it usually happens that bacteria get out when the shower is first turned on. By habit, well make sure I get hot water, I leave the shower running for a minute before getting in. So reduces the chances a bit.
Tuesday 15 September 2009
Random Musings - Day #259
Here's a novel way of using a system's toolset against them to escalate privileges, it's AT. There were a number of functions, programs and application that have weak permissions, e.g. ssdpsrv, netbt, scardsvr, upnphost, dnscache and dhcp that could make privilege escalation possible.
Power users privilege escalation is quite easy as there are a number of places the power user can install and write data. But note WFP (windows file protection) will generally try to stop you from doing this, so you have to force a reboot before WFP twigs.
Here are some differences between OSPF and RIP. OSPF being newer is obviously better!
Power users privilege escalation is quite easy as there are a number of places the power user can install and write data. But note WFP (windows file protection) will generally try to stop you from doing this, so you have to force a reboot before WFP twigs.
Here are some differences between OSPF and RIP. OSPF being newer is obviously better!
Monday 14 September 2009
Random Musings - Day #258
Patrick Swayze lost his battle with pancreatic cancer. As too did Keith Floyd.
Juan Martin del Potro upset the Fed Express to win the Men's US Open. Now only out of the top 5 ranked players in the world, only Andy Murray hasn't won a slam.
Juan Martin del Potro upset the Fed Express to win the Men's US Open. Now only out of the top 5 ranked players in the world, only Andy Murray hasn't won a slam.
Random Musings - Day #257
What with the outbursts? First, Serena Williams, now Kanye West got into trouble at the 2009 MTV Video Music Awards for snatching the mic off Taylor Swift in the middle of her acceptance speech for best female video, declaring "Yo Taylor, I'm really happy for you, I'll let you finish, but Beyonce has one of the best videos of all time. One of the best videos of all time!" Beyonce was shocked and Taylor so upset she didn't finish her speech. Later on, Beyonce did *actually* win the best video for "single ladies" (which IMHO is one of her worst videos but that's another story) but gave Taylor the chance to finish her speech.
But it could all possibly be a setup as seen at the 2009 MTV Movie Awards when Bruno landed on Eminem's face.
Mika's "We are golden" is very similar to Belinda Carlisle's "Heaven is a place on the earth".
But it could all possibly be a setup as seen at the 2009 MTV Movie Awards when Bruno landed on Eminem's face.
Mika's "We are golden" is very similar to Belinda Carlisle's "Heaven is a place on the earth".
Sunday 13 September 2009
Random Musings - Day #256
One last thing on "kill-you-are-you-serious-gate". The foot fault given by the judge was wrong, at the very best debatable but in that situation on a 2nd serve and at a pivotal point in the match, she should have been given the benefit of the doubt. I am not sure if Serena could have 'challenge' that. It's probably something hawk-eye couldn't be used for. But it's true, Serena should have never reacted the way she did and did no favours in her following press-conference.
Pixie Lott is new #1 with "boys and girls". David Guetta at #2. Jay-Z and co at #3.
Pixie Lott is new #1 with "boys and girls". David Guetta at #2. Jay-Z and co at #3.
Saturday 12 September 2009
Random Musings - Day #255
Unbelievably, Serena Williams erupted on a line decision at 15-30, losing the point which made it 15-40. Consequently, she confronted and abused the line judge and earned a penalty point, which gave Kim Clijsters, the game, the set and match.
I didn't know that a supergroup of divas is forming for Christmas. Here comes the (old) girls features the talents of Lulu, Chaka Khan and Anastacia. The first two are coincidentally in the Thank you for the music concert in Hyde Park.
Apparently, you can disable LMHASH with nolmhash value of "HKLM/SYSTEM/CurrentControlSet/Control/Lsa". This is opposed to the previously mentioned "LMCompatibilityLevel".
Don't forget the port numbers and ascii table
I didn't know that a supergroup of divas is forming for Christmas. Here comes the (old) girls features the talents of Lulu, Chaka Khan and Anastacia. The first two are coincidentally in the Thank you for the music concert in Hyde Park.
Apparently, you can disable LMHASH with nolmhash value of "HKLM/SYSTEM/CurrentControlSet/Control/Lsa". This is opposed to the previously mentioned "LMCompatibilityLevel".
Don't forget the port numbers and ascii table
Friday 11 September 2009
Random Musings - Day #254
That abs video featured: knee ups, leg raises, cycles... reverse crunches, crunches, hip thrust... cross crunches, reach and touch, cross leg reverse crunch...
How suid works... Code access control security control in Microsoft .Net framework. However, I don't think it's meant to be used over the Internet.
You can create your own service in Windows. You would need "instsrv.exe" from the resource kit. You can modify the registry but I've discovered you need to reboot the system to make it appear in services. You can write a cpp program using the openscmanager.
How suid works... Code access control security control in Microsoft .Net framework. However, I don't think it's meant to be used over the Internet.
You can create your own service in Windows. You would need "instsrv.exe" from the resource kit. You can modify the registry but I've discovered you need to reboot the system to make it appear in services. You can write a cpp program using the openscmanager.
Thursday 10 September 2009
Random Musings - Day #253
I was just about to say, have a look at the Pub in the Park festival. But it looks like organisers have cancelled it. BTW I am not sure what pubinthepark.co.uk is all about...
What's happening to these guys...
I read recently that former UK #1 artist, Sonique has had treatment for breast cancer. Also Phil Collins spinal injury has finished his career as a drummer.
What's happening to these guys...
I read recently that former UK #1 artist, Sonique has had treatment for breast cancer. Also Phil Collins spinal injury has finished his career as a drummer.
Wednesday 9 September 2009
Random Musings - Day #252
9/9/9
Today was 9/9/9 and thankfully that day passed through near enough quietly.
Twitter RANT
Decided to just use twitter as following tool. Maybe I am not using it right but I think it's useless if you want to talk to someone new, really... You can't direct message unless they are following you. How the hell are you supposed to get a message across @someone and everyone potentially could see your tweet. No thanks. RANT OVER.
BTW my twitter is Shy 90, which I am now only tweeting useless 90s facts.
Internet Radio
A couple more internet radio stations to look out for. Some DJs that I know of are at Rockin Radio. Also found fallen sword via twitter.
Java certify me
Sun is telling me to upgrade my Java Certification.
More one-liners
This one was done on-the-fly. Figure out what the awk does?
Turns out it was easier to replace an enhanced grep...
As shown in the modified one-liner...
To read a argument from shell... "READ IPS"
Today was 9/9/9 and thankfully that day passed through near enough quietly.
Twitter RANT
Decided to just use twitter as following tool. Maybe I am not using it right but I think it's useless if you want to talk to someone new, really... You can't direct message unless they are following you. How the hell are you supposed to get a message across @someone and everyone potentially could see your tweet. No thanks. RANT OVER.
BTW my twitter is Shy 90, which I am now only tweeting useless 90s facts.
Internet Radio
A couple more internet radio stations to look out for. Some DJs that I know of are at Rockin Radio. Also found fallen sword via twitter.
Java certify me
Sun is telling me to upgrade my Java Certification.
More one-liners
This one was done on-the-fly. Figure out what the awk does?
cat all-result.txt | grep 10.0.0.1 | grep HIGH | grep 'MS0' | awk '{where=match($0,"MS0?-???"); print substr($0,where,8)}'
Turns out it was easier to replace an enhanced grep...
grep -o "MS[0-9+]-[0-9]*."
As shown in the modified one-liner...
cat all-result.txt | grep 10.0.0.1 | grep HIGH | grep 'MS0' | grep -o "MS0[0-9]-[0-9]*." | sort | uniq
To read a argument from shell... "READ IPS"
Tuesday 8 September 2009
Random Musings - Day #251
Who said chess was boring? Russian grandmaster Vladislav Tkachiev passed out drunk in a tournament. One lady has written a book about the goings on in chess, 'Chess Bitch'
What is the world coming to as McDonalds try to and unsuccessfully sue McCurry for name infringement.
Have a look video found by searching 'six pack abs'
What is the world coming to as McDonalds try to and unsuccessfully sue McCurry for name infringement.
Have a look video found by searching 'six pack abs'
Monday 7 September 2009
Random Musings - Day #250
Pentestmonkey's blog is game for a laugh.
Unicode is lot more complicated than first thought, what with UTF-8, UTF-16. Lots of words about it and trying to translate it is probably hard as it's not well discussed. Here's the unicode charmap. Anyhow translations can be used in directory traversals.
Don't forget sharenum...
Unicode is lot more complicated than first thought, what with UTF-8, UTF-16. Lots of words about it and trying to translate it is probably hard as it's not well discussed. Here's the unicode charmap. Anyhow translations can be used in directory traversals.
Don't forget sharenum...
Sunday 6 September 2009
Random Musings - Day #249
Jay-Z, Rihanna and Kanye West tag up and wrestle the number 1 spot from Dizzie Rascal and David Guetta. Sugababes regroup at #2 with "Get sexy"
Saturday 5 September 2009
Random Musings - Day #248
Hsving thunder thighs evidently protects the heart. Size-plus model, Lizzie Miller has sparked some controversy in showing a little flab (i.e. not airbrushed) in a photo. Now that's normal!
Not so normal is Lady Gaga. The eccentric pop starlet has overdone it with tanning lotion in the latest edition of V magazine. BTW like the name, Amy Grindhouse.
Big deal is being made about Daniela Westbrook's return to Eastenders. It is noted that Kim Medcalf who last played the Sam Mitchell character was asked first and wasn't available.
Not so normal is Lady Gaga. The eccentric pop starlet has overdone it with tanning lotion in the latest edition of V magazine. BTW like the name, Amy Grindhouse.
Big deal is being made about Daniela Westbrook's return to Eastenders. It is noted that Kim Medcalf who last played the Sam Mitchell character was asked first and wasn't available.
Friday 4 September 2009
Random Musings - Day #247
The Security Accounts Manager (SAM) can be stored in LANMAN hash and/or NTLM. LANMAN makes passwords brute-force attacks easy if the SAM is retrieved.
There is a registry setting to look for under "HKLM\System\CurrentControlSet\Control\LSA", there is a key "LMCompatibilityLevel" which has acceptable range of 0-5. 0 is usually default, which means all hashing is acceptable. You should really set it to 4 or 5. Microsoft discuss this on their support site
More useful links include: arp-scan, introduction to steganograhpy, XSS in the Cisco Ironport and how to look up reverse zones for ip addresses in DNS.
The well known SMB vulnerability ms09-001 does have POC exploits but they only crash the concerned system best demonstrated by 4xunderground.
There is a registry setting to look for under "HKLM\System\CurrentControlSet\Control\LSA", there is a key "LMCompatibilityLevel" which has acceptable range of 0-5. 0 is usually default, which means all hashing is acceptable. You should really set it to 4 or 5. Microsoft discuss this on their support site
More useful links include: arp-scan, introduction to steganograhpy, XSS in the Cisco Ironport and how to look up reverse zones for ip addresses in DNS.
The well known SMB vulnerability ms09-001 does have POC exploits but they only crash the concerned system best demonstrated by 4xunderground.
Thursday 3 September 2009
Random Musings - Day #246
On the Open Source Vulnerability Database (OSVDB), the first entry is the coldfusion information disclosure
Here's a good introduction to HTTP Response Splitting and the infamous cheat-sheet. All the finger abuse from yesteryear in a nice page.
Apparently, this is the way to lost the fat around your stomach.
Here's a good introduction to HTTP Response Splitting and the infamous cheat-sheet. All the finger abuse from yesteryear in a nice page.
Apparently, this is the way to lost the fat around your stomach.
Random Musings - Day #245
There has been a bit of controversy about the man that appeared on the Traflagar Square plinth in the nude.
Apparently, A police spokesman said it was not a crime to appear naked in public.
Finally, the GTA maker's Take-Two Interactive have paid out over the 'hot coffee' sex minigame left within Grand Theft Auto San Andreas.
Apparently, A police spokesman said it was not a crime to appear naked in public.
Finally, the GTA maker's Take-Two Interactive have paid out over the 'hot coffee' sex minigame left within Grand Theft Auto San Andreas.
Tuesday 1 September 2009
Random Musings - Day #244
Johnstone Paints Trophy starts this week. I am not sure how the byes are sorted out but of the teams relegated last season, Norwich didn't get a bye! Yet struggling Grimsby did.
Anyways one team not taking part is the defending champions, Luton Town. That sucks. But the theory behind the rejected request is that this is a competition for the lower two divisions. So teams that get promoted to the Championship and in this case relegated to the Conference cannot defend the trophy. Ironically, Scunthorpe whom Luton beat in the final, last April got promoted to the championship.
China invests in Canada oil sands interesting!
Anyways one team not taking part is the defending champions, Luton Town. That sucks. But the theory behind the rejected request is that this is a competition for the lower two divisions. So teams that get promoted to the Championship and in this case relegated to the Conference cannot defend the trophy. Ironically, Scunthorpe whom Luton beat in the final, last April got promoted to the championship.
China invests in Canada oil sands interesting!
Random Musings - Day #243
Exhausted.
I didn't get back until 1am from the Notting Hill Carnival. It was good, lots of dancing and for longer but the band didn't complete the course before the 9pm curfew. So the music had to cut and had to walk the rest of the way there. Not sure why it was slow. We parked up for quite while a few times.
I didn't get back until 1am from the Notting Hill Carnival. It was good, lots of dancing and for longer but the band didn't complete the course before the 9pm curfew. So the music had to cut and had to walk the rest of the way there. Not sure why it was slow. We parked up for quite while a few times.
Subscribe to:
Posts (Atom)