Author Archives: mcontino

Ad-Play: Experiments to Better Understand Online Advertising

Posted on by

Some of my readers may have recently noticed the introduction of online advertising, being displayed at the top and bottom of all pages. Although some may not believe me, this is by no means a money making scheme. I have recently become intrigued by the online advertising and search engine optimization space. I want to try and better understand how search engines make decisions like page ranking, content trustworthiness, site indexing, and file parsing/usage. I hope to gain insight into these activities by leveraging heavy logging and analytics for this blog and my other sites. Over the next few months I hope to collect data related to several experiments with analytics services, ad services, and even testing the impact of factitious postings, malicious takeover, and even out of topic postings.

So in short, Yes, there are now adds on the site. No, I don’t make many really any money off of them. On a good day I may make a single penny. In fact, most of the experiments i’ve been conducting have caused quite a large decline in the pay per viewers (RPM/RPC). The advertising, analytics, and tracking are all just means to collect data to try and better understand the effects each of these experiments has on the overall operation of a standard website.

If you normally use adblock or other online advertising/tracking prevention mechanizes to stop those pesky ads or to maintain your privacy.  I formally request that you continue to due so, when interacting with this site, as its a valid aspect of this type of testing. However, please note that all requests sent to this site, and all data sent in response is being logged. There is no way to opt out of this type of logging. Although I would hate to lose reader because of these changes, I fully understand, and recommended checking social media for updates related to this logging being disabled.

Updates related to future experiments, supporting data, and findings will be posted in the future when time permits.

External IP Address Lookup Service

Posted on by

As a penetration testing having the ability to easily preform an internet facing or external IP address lookup is very important. Weather you end up on a box in a clients DMZ or you just need to set up that handler for your social engineering engagement, being able to quickly get the IP makes things a lot easier. I for one, like to do a great deal of automation and I’ve used several of these external IP address lookup services over the years. However, as I’m sure many people are aware, these services some and go like the wind.

One of my favorites that I’ve come to relay on over the years is ifconfig.me. Not only did this external ip address lookup service have some of the coolest domain names ever, but it also responded very quickly via the terminal with just the IP; while offering additionally information if you viewed the web page directly. Needless to say, I kinda just fell in love and mindlessly used its services for over a year.

Sadly ifconfig.me and several other external IP address lookup services have since slowed to a crawl or been shutdown. Likely because they begin to receive heavy traffic once they take off and generate little to no revenue for the host. Nevertheless, I’ve decided that instead of finding a new external ip address lookup service to fall in love with, I would just piggy back off my blog to release my own simple version of the site. My goal being, to maintain the external IP address lookup service, via the terminal, that I’ve come accustom to using for scripting and automation.

So without further a due I give you hackersvanguard.com/ip.php, your one stop stop for external ip address lookup. I know some people like be wondering why the heck they would ever trust me so I’ve included the complete source code bellow.

 

<?php
function getIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check to see if the ip is internal
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //check and to if the ip is being properly proxied
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['REMOTE_ADDR']; //else use the value given in the remote ip address header
}
return $ip;
}
?>

NCL Summer 2015 Skyline Thoughts and Challenges Walk through

Posted on by

NCL recently ran a pilot to introduce there new skyline platform. Although this will likely be the NCL Summer 2015 competition i’ll be able to compete in, I wanted to give my honest opinion on the platform and walk through some of the challenges that I thought were well done.

Review:

First of all I find that this new Skyline platform had far better performance then old NCL scoring engine. This is likely due to the lower number of players in this summer round, but I hope the stability remains. Additionally, I thought the step by step approach with hints available will make challenges far more approachable to player who are new to the infosec competition space. My only real criticism would be the web app challenge, having it embedded into the skyline interface made it much harder to work with. In the further maybe still host web app challenges in AWS.

Challenges:

QR Code Images

There were really two very similar QR image challenges. These were among my favorite present, in this NCL round. Since some of the guided questions were very similar I will just cover them once. Now the latter image is given to you in 4 pieces and you are meant to use your forensic skills to reassemble the image based on some hex headers, footers, and commonalities. However, I just wrote a quick script to cat each of the files together in each of the possible permutations; then just opened the one that showed a valid thumbnail of the image.

What is the md5 hash of the image? In both chases the following command on that trust kali box will get you the