Posted by admin on Wednesday, January 18, 2012 – 1:59 PM
I should have started this article a few days ago. There’s a lot at stake here and this topic deserves a lot more time than I can give it right now. However, today many sites are joining the STOP SOPA & PIPA blackout protest. This way people can see what can happen if these Bills pass.
There is a need to protect copyright on the internet, but not at the cost of our First Amendment. America was founded on this principal and these Bills threaten the concept our forefathers fought for and believed so greatly in.
Until I can really do this subject justice, I’ll post a link that you can use to learn more today’s protest
http://americancensorship.org/
Posted by admin on Monday, June 13, 2011 – 1:06 AM
Had some problems with the site and I’m reinstalling it right now. Things will look a bit funny until I am done.
Posted by chris on Friday, April 9, 2010 – 11:28 AM
The traffic I was getting last year was 1000-2000 visits a day. This had me pretty excited and I was trying to make sure I added new content at least a couple times a week. Then about a month or so ago, my traffic really dropped off, at some point it was down to 200-300 visits a day. This killed my enthusiasm and as you can see, I haven’t posted much. I know I should probably post more if I want more traffic.
Well I just looked at my page stats and I see I’m getting close to the 1000 again. So when I get home tonight I’m going to post at least one new article. It’s one I have been saving or I should say it’s an answer to a previous problem I had been working on and talked about here. The search results redirection malware that I was trying to remove. I found something that got rid of it! Anyways, I don’t want to say too much right now or else I won’t have anything to write about now will I.
Sorry for slacking off. Two years or so ago I wasn’t even getting 100 page views a day, much less 100 visitors. When my traffic started climbing every month by like 50%, I guess I got spoiled. And when it peaked in December, I should have been ready for the decline. It was just nice to know that people were actually reading what I put on here. And now that I see that’s happening again, I’ll get back to work. Thanks for stopping by 
-Chris / PC CyberTek
Posted by chris on Sunday, November 22, 2009 – 11:54 PM
A while ago I used simple scripts to update this blog. I got a notice that my sites were out of date and I could run it to update all my sites, quickly and easily. A list popped up with all my Word Press installs and what version each one was currently at. Also the words “Upgrade Available” in blood red next to each install. While I should have paid more attention to what version each one said was installed, I didn’t. I think this is where I got myself in trouble. After my site broke, I went back and looked closer and found that you can change which version you have installed because what is listed can be wrong. After that I noticed that there was also an option for backing up the entire site before you upgrade as well as an option to restore it. But of course I didn’t do either and it was too late. This site was still up and running but I had problems behind the scenes. I couldn’t create, view or edit new posts. I also couldn’t view or edit previous posts. When I logged in as admin and went to posts, I would get a list of what I had, but if I tried to edit any of them or create a new post, I would just get a blank page. No where to type, none of the edit buttons, not even a publish button. I did figure out a way to to type a post into another program and copy and paste it into the quick post option. But I couldn’t add any links or use html or even preview my post. And after I did post it, I couldn’t edit it or anything.
Read More »
Posted by chris on Friday, November 20, 2009 – 2:07 AM
t’s been about a year since one of the best pen testing tools has seen an upgrade to the framework. Metasploit Framework 3.3 is now available. Not only does it support Linux, Windows, OS X, and many versions of BSD, but now it also supports Windows 7. And according to the website this release has 446 exploits, 216 auxiliary modules, and hundreds of payloads, including an in-memory VNC service and the Meterpreter. However one of the new features that I’m pleased about is you can now run a full console version in Windows using Cygwin which is how I like to run nmap when I’m on my Windows computers, and RXVT. To be honest, I haven’t fired up any of my Linux machines in a while. I just boot from a Linux Live CD most the time but I digress.
The Windows installer works on all versions of Windows from 2000 to Windows 7 and the Linux installer works on most versions of Linux released in the last five years.
I’d like to point out, this is not a toy. This is the bad boy of penetration testing tools. I love using this because I know that if I can’t get into the system I’m testing with it, I can feel pretty confident that system is pretty secure. I wouldn’t go so far as to say that I’m 100% secure because I’ve been doing this long enough to know there is no such thing. But if you can’t successfully attack one of your computers with this, then chances are neither can the script kiddies.
Posted by chris on Thursday, September 3, 2009 – 10:15 AM
I started this blog to help people. I had no intention of making money off it. Unfortunately, due to the economy I had to take a pay cut at work. To be honest, I’m not able to keep up with bills at this point and my hosting for this site costs money. I’m getting around 20k views a month but I only made less than $1 from Adsense last month and have made less than $5 ever from them. So I need your help keeping this site up. I won’t be able to renew my host if I don’t get any donations. There is now a donation link on the right side of this page. If you want, it will also give you credit on the donation wall. I hate to even ask but since the adsense links aren’t generating anything I don’t have any other choice. I figured it would be better to ask now then to have this site just vanish in a few months.
Thanks
Posted by chris on Sunday, August 2, 2009 – 12:24 AM
I uploaded MakeTheWebBetter to Threat Expert and here is the report. This is the program that is downloaded from the My Web Tattoo website and starts all this @#$! Now assuming you already tried to uninstall it using it’s uninstall program or add and remove programs in control panel and it’s still running, you can try this to remove any remains of it. Some of this information may not be for beginners. Use common sense, if you have no idea what I’m talking about, stay out of your files. Especially the registry. If you don’t know what your doing in there, you can make a real mess of your system. Now that is out of the way, here’s some information about how we can get rid of this thing.
Read More »
Posted by chris on Thursday, July 30, 2009 – 2:35 AM
Hanging out at Black Hat would have been a lot cooler than hang out at work or home, by 20 degrees at least. We’ve been having are usual July heat wave. Over 100 degrees everyday with lots of cloud coverage and enough rain to spot the car windows good and keep the humidity off the charts.. It’s been miserable hot here and while it’s probably not much cooler in Vegas, there is good air conditioning. But your not here to listen to me whine about the heat, I live in the high desert so ummm yeah, it’s gonna get hot.
What is of considerable interest to me is what was sure to be unveiled. Black Hat & Def Con both have their share of hacks shown off. Best place to learn about an attack is from the source itself and we get plenty of source from the coders themselves. And this year so far, has had some big revelations.
Like this SSL certificate hack from Moxie Marlinspike So those little Verisign certificates that pop up and imply there’s no worries, this website we are loading is what it is. And our data is encrypted to keep it safe from prying eyes. Kinda gives you a warm fuzzy feeling all over. Except the computer on the other end will be able decrypt the data and that can now be any computer with a forged signature. So much for that warm fuzzy feeling. While the implications of this hack, and how easy it is to pull off, are scary, it seems like one that should be easy to patch. But until then… And this isn’t the first problem with Verisign. It wasn’t wasn’t long ago that the MD5 vulnerability was confirmed.
It will be interesting to see what else filters down from Black Hat this year.
Posted by chris on Sunday, July 26, 2009 – 12:48 AM
I haven’t stopped working on how to remove My Web Tattoo and the associated programs. If you have it in Firefox, then you’re kinda in luck. I have removed it from Firefox
And I found a phone number that was on the EULA page for Make The Web Better, which is the first program that is downloaded from the My Web Tattoo page. I suggest if you haven’t been able to get it removed from Internet Explorer yet, you follow the advice on their page
If you experience any problems installing and/or
uninstalling the Software Product, please contact us via email at: info@make-the-web-better.com, or call us at: 1 (800) 831-8940.
I’m still working on removing it. I can’t get it installed on IE 7 on my test computer. So I’ve been doing some other stuff like running it in a sandbox to see what it does. I’ve identified several registry keys that are affected and where it’s sending data to. I just got this info though and I’m in the middle of a computer repair job that should have been done already. So when I get some more time I’ll write up what I have found about removing it and more.
In the meant time, there is the number you can all. You can leave comments on how it went if you do call them. I’m sure others will be interested in how they helped you.
Posted by chris on Tuesday, February 10, 2009 – 2:40 AM
Up until now, you didn’t have to worry about graphics being a virus. Then I came across this at the Internet Storm Center over at sans.org
.gif Files Presenting a Not so Pretty Picture
Published: 2009-02-07,
Last Updated: 2009-02-07 21:51:03 UTC
by Tony Carothers (Version: 1)
0 comment(s)
A Storm Center subscriber has just submitted malware embedded in .gif image files, downloaded from the image site 4chan.org. For the sake of expediency, and because this person did such a good write up, here is the analysis provided:
“The *.gif files were found the “random” board of the image board site 4chan. The files contain a large picture with instructions to save the file with a .jse extension and run it.
The *.out files are the result of applying scrdec to the gifs to reveal the encoded script.
It appears to:
(1) copy itself somewhere as ‘sys.jse’
(2) add itself to a Run key in the registry
(3) (a) fetch the index to 4chan’s /b forum
(b) download the first image
(c) save it as ‘j.jse’
(d) attempt to run ‘j.jse’
(4) construct a POST request containing the image as payload
(5) upload itself as a new post on 4chan
(6) point an instance of IE at site it came from
(3)-(6) are in an infinite loop.”
To the subscriber who did the legwork on tihs one, my thanx for the excellent work
(View the original post here)
So after reading this, I see it’s not so bad. Basically, you will have to rename and run the file. So you don’t have to worry about .gif files being a virus at this time. However it did bring a good point to mind, that I thought I would share. You should never have to change the extension, or the last 3 letters after the dot in a file name. For eample, something.gif to something.com or something.exe or anything like that. If you are asked to do so, it’s a very good chance that it could be, to get you to install something, without you knowing.
