Here I’m gonna write how I did to break Google captcha or “automatically bypass” the Google captcha to let one of my online tools (Google Parser) run with a lot of requests and without my intervention.
.
First: What’s the problem to solve?
I have an online tool that does requests to Google and gets the search results. [...]
Archive for the 'Security' Category
Break Google captcha
Published February 26th, 2008 in Google Things, SEO & Web 2.0 and Security. 10 CommentsGoogle Parser Online Tool Upgraded
Published October 13th, 2007 in Google Things, SEO & Web 2.0 and Security. 2 CommentsToday I have a couple of minutes and I improve my Google Parser online tool. Now you can get a clean list of Hiperlinks, so you can quickly go to the returned URLs in your browser.
Of course there still has the option to get a clean list of only text URLs of the Google [...]
JBoss Security vulnerability JMX Management Console
Published October 13th, 2007 in Google Things and Security. 2 CommentsAwesome! A lot of servers have their JBoss Management Console open to the world, without any authentication, no password, no security! A huge and silly vulnerability!
Any remote user can completely control the server, having full control to a lot of server configurations and internal network and infrastructure information disclosure, you can change the web [...]
How to create a portable encrypted file system on a loop file
Published September 21st, 2007 in GNU/Linux and Security. 4 CommentsHere I’m going to explain how to create an encrypted file system over a loop file. I also have a encrypted filesystem on a LVM partition but having them on a file has advantages like the capacity of copy the encrypted file in another PC and mount the file system there ( a portable [...]
Identify equal servers on different IPs using the IP header of packets
Published August 24th, 2007 in Security. 0 CommentsAnother nice tool, I do penetration tests, sometimes I have to know if a service(for example http) over different IPs was served by different hosts or if it’s really served by the same host.
How can I know this?
That IPs could have another services, different between each IP, for example that hosts could be doing NAT.
So, [...]
How to create a LVM encrypted partition
Published August 16th, 2007 in GNU/Linux and Security. 3 CommentsBe carefully with all this commands, with some of them you can erase all the data in a partition, always use ‘man’… of course, I’m using GNU/Linux.
I do this in Debian, works perfect for me, I’m working, mounting and unmounting the partition for more than a year without any problems.
Well, let’s do it…
First, create the [...]
Get Google results in a list of clean URLs
Published August 14th, 2007 in Google Things, SEO & Web 2.0 and Security. 23 CommentsI wrote a perl script to perform certain search in Google, parse the results and save all the founded URLs in a text file.
This is extremely useful for a lot of things, for example, I made a search string for Google to find sites that have a security vulnerability, then I run an exploit to [...]