Thursday, April 16, 2015

How to test for Critical Microsoft IIS Vulnerabilty (MS15-034) Allow Remote Code Execution

Critical Microsoft IIS Vulnerabilty (MS15-034) released April 14, 2015

Allows is a vulnerability in HTTP.sys Could Allow Remote Code Execution on unpatched IIS, on all Windows x64 systems affected. 

Full details of the security bulltein provided by Microsoft at https://technet.microsoft.com/library/security/MS15-034

This vulnerability can allow a remote and unauthenticated denial of service (DoS) and a possible remote code execution (RCE). An attacker sends a specially crafted http request with the correct header to exploit it.

To identify if your Windows server is vulnerable, run the following command under another another Unix/Linux/Mac bash shell. Substitute your windows machine up address with SERVER_IP. 


If you get the following response then it’s vulnerable:
















In fact if any part of the response contains "Requested Range Not Satisfiable" then you are vulnerable, whether its a header response as HTTP/1.1 416 Requested Range Not Satisfiable or wrapped in HTML tags.


The stated temporary workaround in the bulletin is to “Disable IIS kernel caching”, in IIS, until you get patched. 

Play safe my friends.

Wednesday, April 8, 2015

Iphone iOS 8.3 Update Download taking forever estimated at 27 to 30 hrs

IOS is quickly becoming bloatware, at 27hrs for an estimeate download, this is ridonculous.


I tried downloading and installing the iOS 8.3 update today upgrading from iOS 8.2 and normally this process takes less than 3hrs, of time, which is long enough. Today, the estimate time to update to iOS 8.3 started at 30hrs.  After 1hr it was an estimated 27hrs. So I thought it was my phone free space, but I cleared that up to have 3G free. That did not work either.
Many people removing large chunks of photos or a music collection just to be able to upgrade. Then, there’s the fact that 8.0.1 killed a lot of phones reception for iPhone 6 owners. iOS 8 was very buggy, so you can understand wanting to put the updates off. iOS 8 Update uptake was less than 50 per cent and the slowest uptake yet nearly three weeks after launch. By comparison, iOS 7 had hit nearly 70 per cent adoption. 


We all know that IOS is getting bloated, but this is getting rhino-diculous. 

  • iOS 8 needs nearly 5.7GB of free space to install. 
  • iOS 8.1 update file size ranges from 60MB to 127MB, for a total of 5.8G 
  • iOS 8.2 update added an additional 300MB, for a total of 6.1G
  • iOS 8.3 update added an additional 200MB, for a total of 6.3G

So 6.3 GB for iOS 8.3 is allot space for a phone. Below are rounded up percentages;

  • 40% of space for 16G iPhone. 
  • 20% of space for 32G 
  • 10% of space for 64G 
  • 5%   of space for 128G - an acceptable amount for an OS footprint




I have a ~17Mbps download connection, so this is not on me. In comparison,  Windows Updates are far more efficient to download.






Okay, Apple enough is enough, if you can get you download bandwidth act together, give provide some other means like an official torrent release and allow users to update from a download file.

We want an official torrent release of Iphone OS updates.



And here's the features you get with iOS 8.3, summary quoted below from quora.com forum.

Digging into the release notes, iOS 8.3 and differences in application  programming interfaces between iOS 8.2 we note that Apple (so far) is  adding very little to the features of the operating system. Most of the  work in iOS 8.3 is focused on optimization. The biggest new  function—outside of WatchKit integration—in iOS 8.3 is a new feature  where Apple Pay supports different shipping types such as “delivery,”  “pick up from store” and “pick up from customer.” A new class of payment  button that initiates Apple Pay purchases is also available.

The API frameworks and modules for iOS development—the building blocks  of iPhone and iPad apps—see the heaviest revisions in iOS 8.3. The most  significant changes come for the frameworks and modules listed below  with notes on what APIs are affected.Frameworks:

  • HomeKit (ValueLockMechanism, Metadata, HMError)
  • Metal (RenderCommand Encoder, ComputeCommandEncoder, MTLLibary)
  • NetworkExtension (NEVPNProtocol)
  • PassKit (PaymentButton, PaymentAuthorizationViewController, PaymentRequest)
  • UIKit (Application, Device, PresentationController, TableViewController)
CloudKit, SceneKit, SpriteKit, CoreAudioKit, CoreMotion, CoreImage and Security among others also saw minor revisions.

Modules:
In keeping with the theme of optimizing iOS for the next generation  of app development for the operating system, the modules have seen the  most additions and modifications. It would be impractical to list them  all here (see the iOS 8.3 iOS Diffs in the Apple Developer portal for the full list). A few highlights below.

  • CoreAudio (A dozen modified and 35 new APIs based mostly on buffering, packet description and timestamps)
  • PassKit (21 new APIs based on the changes to Apple Pay listed above)
  • UIKit (A couple dozen modifications based on accessibility, attributes and activities)
  • Swift (The second biggest change in APIs in iOS 8.3 with dozens of added and removed functions)
  • Darwin (The Unix kernel for iOS has the largest volume of changes in iOS 8.3)
The MapKit, HealthKit, QuartzCore, SpriteKit and AVFoundation modules  all see significant additions and modifications in iOS 8.3 as well.

Tuesday, March 31, 2015

How to Delete Google Chrome Adobe Flash Cookies (.sol files)

How to clean up those nasty Adobe Flash Cookies (.sol files) in Google Chrome 


Flash Cookies dump
Google Chrome bundles Adobe Flash with their Chrome web browser, because Adobe could not be trusted to write secure code, but now is caught in the Adobe Flash cookie dump load. 

The big issue with Adobe Flash, is that it can store it's own data on your machine, which now is being used by Adware companies for tracking, in other words a cookie, but with much more detail and storage capacity. Worse, the vast majority of users probably didn’t realize you even could do this — or that you perhaps should.

Adobe Flash calls these cookies Flash Local Shared Objects which are files ending in .SOL, or euphemistically Shit Out of Luck files.

Many sites make it clear that browser cookies are in use, but not Adobe Flash Cookies.


right-click a on flash file & move Local Storage to None
Moreover, Adobe Flash cookies are being use to surreptitious store data to reinstate traditional cookies that a user deleted, called ‘re-spawning. So even if you get rid of a website’s tracking cookie, that cookie’s unique ID will be assigned back to a new cookie again using the Flash data as the “backup". In effect, your have continuous tracking.

Google has maintained since they started bundling Flash that it was mainly to ensure they could make it more secure for their Chrome users. They do this by both sand boxing it and auto-updating it when the security patches regularly appear. In other browsers, Adobe Flash is a separate download and stand-alone plug-in. 

You can turn off the creation of Adobe Flash Cookies by moving Local Storage setting to null. You can navigate to adobe.com/products/flashplayer.html. Right-click a on flash file & move Local Storage to None, to stop downloading of flash cookies. Read more about Adobe Flash settings here http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html

Let's examine where Adobe Flash Cookies are on disk, which Google Chrome directories they live in. You'll want to delete all of these sites. Here's a sample site TED.com that stores a Flash cookie.

%HOMEPATH%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\{userkey}\www.ted.com
TEDPlayer.sol

Additionally, there are shadow copies of all these cookies, one per site in this directory

%HOMEPATH%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\{userkey}\macromedia.com\support\flashplayer\sys


Other Adobe Flash cookie stores are 

%HOMEPATH%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\{userkey}\

Tip - Cut'n paste this into Windows Explorer Path Windows to open in 

%HOMEPATH%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\

Navigate one level down. They are littered with files like

F74FCD943BAC79E6DADBF0307B55B0697C5907E4.heu
67BA9F962EEC4D8B413432AFAD5C88BB810426B9.swz

.HEU files are Adobe Flash Player cache metadata files.  
.SWZ files is a signed Adobe Flash Player library file.

Chrome now allows users to easily clear cookies form from within the browser, this also includes Flash cookies.

Settings -> "Show advanced settings..." (at bottom of page)
-> Click Clear browsing data... button.

Choose this option to clear Adobe Flash cookies




Better, you can also set up Chrome to clear all plug-in cookie data every time you close Chrome.

















Even better use Bleach Bit, and you can delete all you Adobe Flash Cookies across all browsers at once! 








You can download BleachBit a new privacy tool here.
http://bleachbit.sourceforge.net/