Tuesday, July 15, 2014

office 365 reports links


The weird of office 365 reports is you cannot get some reports from the admin portal. below is the links of these reports:

 












However, it cannot handle the result that returns more than thousands lines, you will have to install an Excel add-on for it: http://www.microsoft.com/en-us/download/details.aspx?id=30716

Tuesday, April 22, 2014

Use NMAP to detect OPENSSL heartbleeding vulnerability

NMAP 6.46 (http://nmap.org/download.html) includes the openssl heartbleed script:


To use it, below is a sample command:
nmap -sV -v -p 0-65535 --script=ssl-heartbleed -iL ./hosts.txt -oX ./result.xml
Parameter description:
-sV: Probe open ports to determine service/version info
-v: Increase verbosity level
-iL : Input from list of hosts/networks
-oX: output scan in XML format.
A sample output as below:



If for some reason, you cannot install nmap 6.46, you can manually download ssl-heartbleed.nse from http://nmap.org/nsedoc/scripts/ssl-heartbleed.html and put it in the NMAP scripts folder. You may need tls library to run the heartbleed script. Download it from http://nmap.org/nsedoc/lib/tls.html and put it in NMAP nselib folder.

Monday, March 19, 2012

MS12-020 denial of service code test

The RDP Vulnerability attack code has been spread like a wild fire.  I just tested the code yesterday, it works really well even cross the Internet. I recorded the whole process. You can see how easy it is. Currently the code can only cause blue screen, but it might change to remote code execution soon. The clock is ticking. Install the patch in your computers. You can download the code from http://aluigi.org/adv/termdd_1-adv.txt

To check if the patches are already applied, use these 2 commands:
wmic qfe | find "KB2667402"
wmic qfe | find "KB2621440"