I have just published an article about Vulnerabily Engineering in Wintercore’s blog (spanish version in 48bits.com). It focuses in applying Software Engineering metrics to the world of Vulnerability Research which can give us an idea about how Reliable a Software Product is.
In this article I analyze five applications Microsoft’s Explorer, Sun’s Java JRE, Apple’s QuickTime, HP NodeManager and Adobe Reader. The conclusion I formulated after writing the article was that the reliability of Software Product is too low to be even bad.
QuickTime’s users are 99% of the time exposed to at least one unfixed vulnerability, which I think should ban this products for almost all computers.
I hope you enjoy the article.
Computer Security, Software Engineering, vulnerability engineering
I have just published a new paper under the “Good Coding Practices” section, which I think can be useful for someone else.
In this article I classify the bugs depending where in the life cycle of development they can be produced. This would be helpful to reduce the bugs which can be produced in the softwae development and will help if any bug appears since we know, just with its behaviour, where in the life cycle was produce. Therefore we will be able to react sooner and fix it in less time.
This is the base of comming papers about building secure software systems from a software engineering point of view.
Besied the PDF and HTML versions I always provide this time I have the Google version as well.
Do you have a virtual machine running a UNIX-like or Windows as guest OS, instead a physical one, as part of your organization network? Take CARE! Because it is more evil than it looks!
If you are thinking on using VMWare Workstation or similar you should test the issues I present below. They look to be fixed with the VMWare ACE version.
Have you ever tried to gain root access in one of your companies’ computer to sniff? Have you ever tried to crack someone’s else password? And you have spend hours, days surfing the web looking for an exploit ?
Now you don’t have to worry anymore if you use VmWare at work! With VmWare you will be able to read in plain text the password of the incoming ssh connections or even you could change your id to 0. And you only need to run VmWare nor even being superuser in the OS under VmWare. Does it sound good? Read ahead!
1) Looking for plain text password (I have tested it with OpenBSD & Linux + OpenSSH under VmWare):
Once someone has logged in your local OS you just need to suspend the VmWare machine (you know the [ | | ] symbol).
Afterwards, go straight to the directory of the Virtual Machine and edi, preferably with an hex editor, the “xyz.vmem” file.
Look for “ssh-connection”, you will find it several times before the password appear. The text sourrounding the password is like the following:
ssh-connection.....password....Cabronazo#####
Being Cabronazo the password and ### garbage.
2) Gaining root access:
Do you run an Unix-like OS under VmWare at work? Bad Idea!! (If it is not properly configured, obviously) You can gain root just with a few key-strokes and an hex editor. Look for "username:" and just change all the pid to 0.
It is easy! isn't it?
