Recent Posts

Categories

March 21, 2016

quick-and-dirty PAM with LUA, mod_magnet and lighttpd -or- how to breach system security

Posted by: admin  :  Category: Programming, RegExp, Security, Shells

Be warned: This example serves as an illustration on how to *NOT* do it.
It’s just one of my examples I teach to apprentices at the office when it comes to learning scrips, and how important data input validation (or the absence of the same) is.
It’s also a good illustration on how attackers may break into systems to steal data or make them part of a botnet.

The given situation depicts a lighttpd server, which exposes a directory which must be protected via LDAP-managed accounts, so there is an immediate need for PAM. However, lighttpd lacks a PAM implementation. Period. There’s a very ugly and highly insecure way however …

Read more…

Comment (1)  :  Add Comment
July 14, 2011

RegExp Filter: Extract complete interface blocks without ‘shutdown’ statement

Posted by: gdelmatto  :  Category: Cisco, Networking, Programming, RegExp

A project I’m currently working on involges much Regurlar Expressions trickery to parse values from Cisco’s running configuration.
Here’s how to extract a complete interface block not in ‘shutdown’ state.
Read more…

Comments Off on RegExp Filter: Extract complete interface blocks without ‘shutdown’ statement  :  Add Comment
Subscribe to our RSS Feeds

Search

The Author

Gianpaolo
Del Matto

»Conquering Murphy on every day!«

Blogroll

Archives

Meta