 |
| Ubuntu |
 |
| El Capitan |
 |
| Windows 10 |
Friday, November 20, 2015
A comparison of OS phone homes
Not much to say here really...so I'll let the pictures do the talking. Each OS was turned on...that was it....no interaction for a few days at all. Each OS was a basic install....no other applications were installed.
Wednesday, August 19, 2015
Binnavi install on Windows
Great app...I couldn't find anywhere that talked about what you need to make it so here goes:
Apache Ant
Apache Maven
Java JDK
PostgreSQL
Install the JDK, create a new Windows Environment Variable called JAVA_HOME that should point to install directory (e.g. C:\Program Files\Java\jdk1.8.0_60). Extract your apache-maven-*.*.*-bin.zip and apache-ant-*.*.*-bin.zip, put them somewhere (I put mine just in "c:\", and add both to your PATH (I renamed these and mine look like: C:\apache-maven\bin;C:\apache-ant\bin).
Install PostgreSQL, and with pgAdmin create a new user (I called mine binnavi), then create a new database (I called mine binnavi) with the owner being binnavi.
Get a command prompt/powershell and cd to binnavi-master then build:
mvn dependency:copy-dependencies
ant -f src/main/java/com/google/security/zynamics/build.xml build-binnavi-fat-jar
Then run and point to your PostgreSQL instance:
java -jar target/binnavi-all.jar
Done.
Apache Ant
Apache Maven
Java JDK
PostgreSQL
Install the JDK, create a new Windows Environment Variable called JAVA_HOME that should point to install directory (e.g. C:\Program Files\Java\jdk1.8.0_60). Extract your apache-maven-*.*.*-bin.zip and apache-ant-*.*.*-bin.zip, put them somewhere (I put mine just in "c:\", and add both to your PATH (I renamed these and mine look like: C:\apache-maven\bin;C:\apache-ant\bin).
Install PostgreSQL, and with pgAdmin create a new user (I called mine binnavi), then create a new database (I called mine binnavi) with the owner being binnavi.
Get a command prompt/powershell and cd to binnavi-master then build:
mvn dependency:copy-dependencies
ant -f src/main/java/com/google/security/zynamics/build.xml build-binnavi-fat-jar
Then run and point to your PostgreSQL instance:
java -jar target/binnavi-all.jar
Done.
Sunday, August 16, 2015
Breaking Windows 10 with a Firewall
Breaking Windows 10 with a Firewall
My firewall of choice is Commodo since I can get pretty granular with it. Settings below:
- Clicking the Windows Start Button results in a spin wheel...takes several tries to get the menu to pop up
- Said menu is completely blank
- Calculator no longer functions (for another post)
Powershell executable search order
Powershell executable search order
Seems legit....just type "calc" in a shell...hope nobody places anything naughty there.
Saturday, August 15, 2015
Windows 10 Observations
Windows 10 Observations
I wonder why SearchUI.exe (Cortana) needs all those User Agents?
Friday, April 17, 2015
Bro IDS SMTP File Extraction
Bro-ids SMTP file extraction script, first attempt:
#define list of mime types to extension that we want
global ext_map: table[string] of string = {
["application/x-dosexec"] = "exe",
["application/zip"] = "zip",
["application/msword"] = "xls",
};
event file_new(f: fa_file)
{
# if this isn't SMTP, we don't want it
if ( f$source != "SMTP" )
return;
#if it's not a mime type, or it's not in our list we don't want it
if ( ! f?$mime_type || f$mime_type !in ext_map )
return;
local ext = "";
if ( f?$mime_type )
ext = ext_map[f$mime_type];
local fname = fmt("%s-%s.%s", f$source, f$id, ext);
Files::add_analyzer(f, Files::ANALYZER_EXTRACT, [$extract_filename=fname]);
}
#define list of mime types to extension that we want
global ext_map: table[string] of string = {
["application/x-dosexec"] = "exe",
["application/zip"] = "zip",
["application/msword"] = "xls",
};
event file_new(f: fa_file)
{
# if this isn't SMTP, we don't want it
if ( f$source != "SMTP" )
return;
#if it's not a mime type, or it's not in our list we don't want it
if ( ! f?$mime_type || f$mime_type !in ext_map )
return;
local ext = "";
if ( f?$mime_type )
ext = ext_map[f$mime_type];
local fname = fmt("%s-%s.%s", f$source, f$id, ext);
Files::add_analyzer(f, Files::ANALYZER_EXTRACT, [$extract_filename=fname]);
}
Subscribe to:
Posts (Atom)