Tuesday, April 22, 2014

Use NMAP to detect OPENSSL heartbleeding vulnerability

NMAP 6.46 (http://nmap.org/download.html) includes the openssl heartbleed script:


To use it, below is a sample command:
nmap -sV -v -p 0-65535 --script=ssl-heartbleed -iL ./hosts.txt -oX ./result.xml
Parameter description:
-sV: Probe open ports to determine service/version info
-v: Increase verbosity level
-iL : Input from list of hosts/networks
-oX: output scan in XML format.
A sample output as below:



If for some reason, you cannot install nmap 6.46, you can manually download ssl-heartbleed.nse from http://nmap.org/nsedoc/scripts/ssl-heartbleed.html and put it in the NMAP scripts folder. You may need tls library to run the heartbleed script. Download it from http://nmap.org/nsedoc/lib/tls.html and put it in NMAP nselib folder.

Posted by at No comments:
Labels: , , ,

Monday, March 19, 2012

MS12-020 denial of service code test

The RDP Vulnerability attack code has been spread like a wild fire.  I just tested the code yesterday, it works really well even cross the Internet. I recorded the whole process. You can see how easy it is. Currently the code can only cause blue screen, but it might change to remote code execution soon. The clock is ticking. Install the patch in your computers. You can download the code from http://aluigi.org/adv/termdd_1-adv.txt

To check if the patches are already applied, use these 2 commands:
wmic qfe | find "KB2667402"
wmic qfe | find "KB2621440"

For more information: http://isc.sans.edu/diary.html?storyid=12808&rss and http://isc.sans.edu/diary.html?storyid=12805&rss

Posted by at No comments:
Labels: ,

Friday, July 29, 2011

D3DX9 error when installing Movie Maker 2011

I was trying to install Movie Maker – one of the components of Microsoft live Essentials 2011 in my Windows 7 box, and got this error:


My troubleshooting steps:

  1. Install other components of Microsoft Live Essentials 2011 (live messenger) without any problems.
  2. Google 0x800b010e, no luck. Looks like it is a general error message.
  3. Google D3DX9. Looks like it is something related to DX9 (DirectX 9)
  4. Run “dxdiag”. Determine my DirectX version is 11.
  5. Check Movie Maker System requirements in Microsoft website (bing movie maker 2011): http://www.microsoft.com/download/en/details.aspx?id=26689
Found this important requirement:
For Photo Gallery and Movie Maker: Some required components of DirectX 9 may be installed for you if they're not already on your computer.
  1. Find out the DirectX 9 runtime installation in Microsoft.com: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=35. Install the Runtime.
  2. Reinstall Movie Maker. Problem solved.
Posted by at 1 comment:
Labels:
Subscribe to: Posts (Atom)