Archive for January, 2010

Penetration Testing Add-ons for Firefox

Monday, January 11th, 2010

In this post, I just wanted to enumerate a few Firefox add-ons that I thought were very useful in conducting penetration tests. I’d be really interested to hear what Firefox extensions other people are using for pen testing. So here it goes!

AddnEdit Cookies: This add-on allows you to easily add, delete and edit cookies in your browser.  (http://addneditcookies.mozdev.org/) Unfortunately, the latest version does not support the newer Firefox 3, until the maintainer updates the package, I’ve edited the latest XPI to work with the latest versions of Firefox. A copy of it can be found here.

DT Whois – Allows quick domaintools.com lookups for the page you are looking at (http://www.beysim.net/dtwhois/)

Firebug – Allows you to read, debug and locally tweak HTML, Javascript and CSS right in Firefox (http://getfirebug.com/)

HackBar – The toolbar that tries to do it all! (http://devels-playground.blogspot.com/)

Leet Key – an add on that makes it trivial to convert text in various formats back and forth.  For example, URL Encode, Base64, Hex and even morse code. |\|347! (http://leetkey.mozdev.org/)

Live HTTP Headers – Allows you to watch, edit and replay HTTP requests (http://livehttpheaders.mozdev.org/)

SQL Inject Me, XSS Me, Access Me - Those are 3 separate add-ons from Seccom Labs that try to make it easy to test Sql Injection, XSS vulnerabilities and Access vulnerabilities. (http://labs.securitycompass.com/index.php/exploit-me/)

SwitchProxy Tool – If you find yourself switching from no proxy, to burp proxy to paros proxy, etc a lot then you will enjoy switch proxy. It will allow you to switch proxy settings with just a few clicks! (http://mozmonkey.com/switchproxy/)

Tamper Data – It will allow you to selectively intercept HTTP and HTTPS traffic and tamper with the requests via it’s nice user interface. It will let you tamper with http headers, post and get requests. (http://tamperdata.mozdev.org/)

Torbutton – If you need to hide behind Tor, it can be only a click away with Torbutton (https://www.torproject.org/torbutton/)

User Agent Switcher - Need to change your user-agent string in a jiffy? Want to look like a robot? User Agent Switcher is here for that! (http://chrispederick.com/work/user-agent-switcher/)

exploit-db Search – Lets you search the exploit-db database right in the firefox search box (https://addons.mozilla.org/en-US/firefox/addon/50241)

SecurityWire Search – Lets you search the top security sites on the web right in the Firefox search box. All sites in the index have been handpicked by the SecurityWire Team. (https://addons.mozilla.org/en-US/firefox/addon/58686)

For a listing and easy installation of all these  on the mozilla ad-ons site. simply follow this link: https://addons.mozilla.org/en-US/firefox/collection/pentesterstools

Hope you enjoy the add-ons, next post will be about general security add-ons for Firefox.

Posted in Penetration Testing, SecurityWire | No Comments »

CentOS and RedHat auto install of security updates

Friday, January 1st, 2010

If you trust your distribution’s vendor with their digitally signed security updates and would like to automatically install those security updates,  you can easily configure your CentOS, RedHat or other Yum based system to automatically install them.  Of course installing updates automatically is not for everyone since in most environments, patches are usually tested before being deployed to production servers. Nevertheless, this information may be useful for less critical production servers and other servers used for development, testing, staging, etc.. I found that yum-updatesd provided similar functionally but it wants to update all packages and not only security fixes.

First you will need to install yum-security like this (as root or with sudo):

yum install yum-security

You can learn some more about yum-security here: http://magazine.redhat.com/2008/01/16/tips-and-tricks-yum-security/

Second, with your favorite text editor, you will want to create a script in /etc/cron.daily (to run the job daily) named “yum-update-security” with this content:


#!/bin/bash
yum update --security -y -d0 -q

Finally, once the script has been created make sure to give it execute permissions by running:

chmod +x /etc/cron.daily/yum-update-security

Then its a good idea to give it a spin by running it manually. ie:


/etc/cron.daily/yum-update-security

If the run is successful, the script should not output any text and  return to the command prompt after waiting a few seconds (or minutes if you are actually out of date on updates).

Tags: , , , ,
Posted in Protection, SecurityWire | No Comments »