All your OpenSSH belongs to…

July 1, 2011 § Leave a comment

Yesterday a vulnerability on OpenSSH allowing remote access was disclosed by Kingcope.
The vulnerability affects OpenSSH 3.5p1 which is the default OpenSSH version running on FreeBSD 4.9 and 4.11 installations.
The problem seems to reside in the auth2-pam-freebsd.c source file.

this is something… isn’t it?

And now, with the power of SHODAN, guess what… 139 results out there…. you get the point, right?


PenTesting with Bookmarks

June 30, 2011 § Leave a comment

I love sharing. I adore sharing. It is not a matter of circulating and all but rather how we perceive reality and the environment around us. You wanna be on your own? fine by me. you wanna share? come aboard! but you wanna gain from others, while at the same time keeping everything for yourself?…well… that’s how parasites live my friend. Do not call me mad or whatever… I’m not saying that in order to gain, you need to contribute… all I’m sayin’ is:

share or be shared…

ok, ok, do not share your toothbrush, do not share your car, do not share your wife (I bet that’s what you thought at the first time), but c’mon…

share knowledge. share experience.

Okay, back to the topic’s topic (nice ha?). Most of us use Web bookmarks in order to make our Web life easier. Many of us use bookmarks for our daily jobs. Many of us completely rely on bookmarks. To some of us our bookmarks are our “secret weapon”. As a penetration tester, I also rely on bookmarks in my daily work life and also spend much time searching around the web, looking for useful resources in order to gather as much detailed as well as diverse information resources possible.

Jason Haddix, along with other equally brilliant IS professionals, released something that is so small but so important at the same time. It may sound all too exaggerating but sharing your own armory or personal library which was compiled after years of research and hard work is a big thing for me.  You can find the project in:


Isn’t it brilliant? seriously. This kind of experience, knowledge, methodology sharing? I embrace this initiative and I hope it spreads, not only for people in the specific field, but everywhere.

Back to my own bookmarks now, see how I can contribute and see ya later 🙂

blogs, blogs, blogs…

June 29, 2011 § Leave a comment

ok, so I created my own blog… now what?

well… dunno about this blog but I’m going to grab something to eat now.

see you around