MS Office Exploit
By Ryan McLean | September 15, 2008
An interesting discovery was made while we were testing MS Office installers.
If you install a demo copy from MS website then install a full copy (in our case office pro plus) without the serial key over the top (setup.exe /adminfile unattended.msp) then you get a seemingly fully functional version that states along the titlebar *Free for non-comercial use*
Just thought I’d share this intersting info.
Topics: My Blog | No Comments »
LoveFilm
By Ryan McLean | August 12, 2008
Well one of the girls in work gave me a free trial, saying it was rather good, so I am giving it a go.
Here is a link that includes a months free trial:
LoveFilm Signup
If you use the link above and decide to keep using after the trial I get points towards a reward, so please use the link.
Topics: My Blog | No Comments »
Cracking the BT HomeHub
By Ryan McLean | June 29, 2008
A friend of mine bought one and i decided to pentest it for him (with his permission)..
Step 1: Load Backtrack 3
Step 2: start Kismet
Step 3: find the his network
Step 4: Start SpoonWEP
Step 5: Enter the BSSID of his network
Step 6: Set the channel of his network
Step 7: Launch ARP replay attack
After xmin-hours you should have the wep key
Step 8: Associate with the AP
Step 9: Use the python scripts from : www.gnucitizen.org
(I used wireshark to catch the mdap but you should just be able to grab it using the python dump script)
Step 10: browse to 192.168.1.254
Now you need to change the password to be able to do anything HOWEVER changing the password back to the serial number when you are done will make it “look” like you have never been there..
http://www.telegraph.co.uk/news/uknews/2028687/Millions-of-BT-internet-users-%27open-to-hackers%27.html
BT disputed the claim, saying the risk was “theoretical” and that hackers would have to “win the computer cracking equivalent of the National Lottery” to succeed.
This will be my last ever post as I am now a millionaire.. 
Edit: Made the link clickable.. 
Topics: My Blog | No Comments »
Migrating from Notes to Gmail
By Ryan McLean | May 28, 2008
Don’t EVER do it, it is nothing short of a complete nightmare.
We have just done it in our company, we currently have multiple bugs open with google and users mostly hate it. As google offer no offline access we have ended up supporting both Thunderbird & Outlook and of the 2 Thunderbird works the best but is still not perfect.
As google are using agile development on google apps it means changes and bug fixes just suddenly appear without warning, changing expected behaviour and braking things without any regard for users.
You can of course use the “stable” older release but imo its not stable its bug ridden, the main difference between it and the current branch is that it waits longer before getting the fixes but they still appear without warning, and as such is of less use than the current branch.
However for those that are foolish enough to do it or for those that are migrating from notes to the likes of exchange I have written a small script to migrate the corporate directory from notes and set the relevent fields in the users’ AD account: Parse a Notes Address Book CSV Export and Import Data to AD
Topics: My Blog | No Comments »
RIP Robert Dunlop
By Ryan McLean | May 16, 2008
http://news.bbc.co.uk/1/hi/northern_ireland/7404844.stm
I was gutted when I heard this, its a tragic loss to Northern Ireland & Motorsport. My heart goes out to the family.
Topics: My Blog | No Comments »
Ubuntu 8.04 Hardy Heron RELEASED!!!!
By Ryan McLean | April 24, 2008
I tried the RC of kbuntu and I must say wow.. It has all of vista’s eye candy, and looks out of this world, will be getting Ubuntu tonight when i get home.
Site Link: www.ubuntu.com
Download link: http://www.ubuntu.com/getubuntu/download
Topics: My Blog | No Comments »
Hacking: The art of exploitation.
By Ryan McLean | April 8, 2008
Read a review on slashdot about it and bought it. Took about 3 weeks to actually get a copy but I must say I am only ~150 pages in and its a very very good read. The review in /. sums it up nicely, it starts of with some basic assembly & C, and then jumps straight in with a buffer overrun, on one of the programs you just wrote.
My only real critisim so far is that he should have went into assembly in a bit more depth at the start.
This book is a must for anyone writing code in assembly/c/c++ and other languages that allow memory access. The book not only tells you what an exploit is but then shows you how to use the exploit, after all we all know WHAT a buffer overrun is but what we dont know is how to instagate one and therefore we don’t think about the risks of it when writing code.
All the details needed to find the book are in the /. article but here it is on amazon anyhow . IMHO the book is worth the read for anyone interested in code exploitation for whatever reason.
Topics: My Blog | No Comments »
PCIII has arrived!!!!
By Ryan McLean | April 2, 2008
My Powercommander for the bike has arrived, just installed it and it works a treat. Bike sounds smoother now and I can feel the smoothness from the throttle in the lower revs.
UK RRP: £280
US RRP: $260
Guess which one I bought
Topics: My Blog | 2 Comments »
Syslinux 3.70 includes gpxe!!!!
By Ryan McLean | March 31, 2008
I spend a lot of time reading the mailing list for syslinux ( The SYSLINUX Project ), you can get syslinx here.
Last week HPA sent out the following mail:
I have produced a first cut of integrating gPXE with PXELINUX. This
builds, in addition to the usual pxelinux.0, an image called gpxelinux.0
which includes the gPXE network stack.The result is that one can now download images via (almost) any network
protocol supported by gPXE, including http. This lets one do fun things
like using a CGI or PHP script for the configuration file.SAN booting (iSCSI or AoE), which is supported by gPXE, can be invoked
via a small (not yet written) comboot module, which is only necessary in
order to pass the appropriate command down to gPXE.Note that currently chainloading other NBPs from gpxelinux.0 is broken.
This will be fixed.In order to invoke the new functionality, you need a filename or
filename prefix which is a URL, identified by the character sequence.
In my test setup, I simply use DHCP option 209 (pxelinux.pathprefix) to
redirect loading to my http server.Please test it out and holler when (not if) it breaks.
A huge amount of effort has gotten into this, and I would like to thank
specially Michael Brown of the Etherboot/gPXE project, without whom this
never would have been possible.-hpa
PXElinux is one of my favourite tools for deploying the linux systems (mainly redhat) in work. I have cheated slightly as I use RIS/WDS to deploy windows so I implemented a quick hack to allow me to use WDS to authenticate the users and then deploy windows and linux ( I wrote the howto here: Deploy Linux from Windows WDS/RIS server using PXELinux its a tad outdated feture wise but imho gives a solid start..)
I would point out that the 3.70 is still in testing and is prerelease only, the latest stable version is 3.62..
Topics: My Blog | No Comments »
Embedded Programming
By Ryan McLean | March 31, 2008
I have always been fascinated by embedded devices, they do a single job and they do it quickly and efficently. So I am looking into giving it a go using embedded linux as the OS.
Due to my love for torrents (best way to get the latest debian DVD 
) I find I am leaving the laptop on 24/7 simply as out of all of the computers in the house it has the lowest power usage (the power supply is a mere 90watts). So I reckon I can save some cash buy designing an embedded device that allows the attachment of 1 or more masss storage devices and has a ethernet port. Then with a simple webbased GUI (and ssh access ofc) I should be able to download 24/7 for less than 20watts.
The main downside to this is that I will have to brush up on my c/c++ & assembly skills, of course when done all code will be open sourced, the other downside is to start embedded programming isn’t going to be cheap. I need to buy the board and dev kits, its looking like for that it’ll be ~£200 which I am reluctant to part with incase I fail.
Topics: My Blog | No Comments »