Roachys Weblog

A digital notebook of technical experiences

Archive for July 2008

Google vs. Cuil as a Password cracker

without comments

Well, Google is effectively an amazingly powerful data gatherer and indexing tool – check out this article on how Google can be used to check for previously indexed MD5 hashes:

http://www.lightbluetouchpaper.org/2007/11/16/google-as-a-password-cracker/

I thought I’d put Cuil to the test, to see whether they can offer the same “service”….given their bold claims about their number of indexed pages ;)

Step 1 – think of a password – for the sake of this test I’ll choose the weak password, gringo

Step 2 – hash the password (if you’re lazy, like me, this can be done here)

Step 3 – Google it!

Step 4 – Cuil it!

Cuils MD5 Search....

Written by Paul Morgan-Roach

July 31, 2008 at 2:54 pm

Stop Piping Cats

without comments

I must be having one of those days…..

Reading a page of Unix tips and I got to #10 – Stop Piping Cats, and was struck by an uncontrollable fit of the giggles about the willful abuse of pets…..

http://www-128.ibm.com/developerworks/aix/library/au-badunixhabits.html?ca=lnxw01GoodUnixHabits#ten

Like I said….one of those days….

Written by Paul Morgan-Roach

July 30, 2008 at 1:17 pm

Posted in Linux

Tagged with , ,

First DNS Hijacks reported

without comments

It looks like following Dan Kaminsky’s exploit being made public the first attacks have been reported on DNS servers:

http://www.techcentral.ie/article.aspx?id=12375

I can’t believe that there are many people out there who haven’t yet patched their DNS servers……but it’s worth checking on the Doxpara site (http://www.doxpara.com/)

…that is, of course unless you’re DNS has been hijacked and you are being sent to a spoofed doxpara site ;)

Still bad news for those running Mac DNS servers as Apple still haven’t released a patch, although apparently the Bind team have stated that the BSD version of the patch can be ported….

Further info here:

http://xforce.iss.net/xforce/xfdb/35575

Written by Paul Morgan-Roach

July 29, 2008 at 7:34 am

Corruption in Roaming Profiles in Windows Vista

without comments

It’s common knowledge that Roaming Profiles are a pretty bad idea, but for practicalities sake and ensuring users back up the data on the Desktop, they are sometimes a necessary evil.

Recently for a specific user, the user received the error on their Vista laptop:

“Your user profile was not loaded correctly! You have been logged on with a temporary profile.

Changes you make to this profile will be lost when you log off. Please see the event log for details or contact your administrator.”

When logging onto a different laptop, the profile loaded correctly.  which meant the issue was on the users laptop, rather than an issue with the profile.

Task #1 is to back up the data on the profile to a separate location.  Particularly any files on the Desktop that you are desperate to preserve.  Next, a quick registry edit removing the reference to the roaming profile for the user; find the entry for the corresponding users SID in the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Remove the key for this SID only (you should see the path to the profile within the key to give it away).

On deleting the key, just reboot and it should pull down the profile as usual.  In the event of the new profile overwriting the server copy, then simply copy the backup data (you’d be well advised to just copy docs and manually recreate settings such as Exchange profiles).

Written by Paul Morgan-Roach

July 9, 2008 at 3:58 pm