Scan for FREAK using nmap

Not everyone is vulnerable to the potential attack vector that researchers from INRIA, a French research institute, and Microsoft disclosed recently. In order to be vulnerable, the computer or server must support a class of deliberately weak export cipher suites. Support for these weak algorithms has remained in many implementations, however they are typically disabled by default. Nevertheless, the researchers discovered that several implementations incorrectly allow the message sequence of export ciphersuites to be used even if a non-export ciphersuite was nogotiated.


AutoIt DllCall examples

Using AutoIt's DllCall function might be confusing at first. The biggest issue I encountered was on how to "translate" the C++ variable types to AutoIt variable types. In this article, we give some example of how some standard Microsoft DLL calls can be translated into AutoIt DLL calls. We give a brief explation of each function and then first show the function definition in C++ and then show how you can call the function from within AutoIt.


Meaning of the extended flag value when using AutoIt's RunAs and RunAsWait

When using the RunAs or RunAsWait functions in AutoIt, you want to run an external program under the context of a different user. While doing this, there can be many things that may be the reason why the functions fails. The AutoIt Function Reference only states that if the function call failed that the return value is zero and that the @error flag is set to non-zero.


Prevent spammers from sending mails that abuse your domain name using an SPF record

All mail server administrators will have encountered the following problem: spammers send out spam and they spoof the mails so that the sender appears to be a user in the domain you are managing. Unfortunately there is not a lot that can be done to prevent spammers from sending such these spam mail. There is however a way in which receiving mail servers can check whether the mail was send from your mail server or whether is was a spammer who used a mail server that is not authorized to send mails from your domain. This can be accomplished with SPF (Sender Policy Framework).


Scan for POODLE using nmap from a Windows machine

Researchers from the Google Security Team have published findings about a vulnerability in SSL 3.0. CVE-­2014­-3566 has been allocated for this protocol vulnerability. It is possible to use nmap to scan for the presence of this vulnerability by doing a scan on the supported SSL/TLS protocols. This post shows how to scan for the POODLE weakness using nmap.


Translating C++ variable types to AutoIt types when using DllCall

Using DllCall in AutoIt given you enormous power to extend the functionality of AutoIt. It allows you to implement almost everyting in AutoIt that you can implement in C++.
However, one of the most difficult things when working with DllCall is to know how to type the variables that you pass to DllCall.
The table below show how to convert C++ and Windows API types to AutoIt types:

C++ AutoIt



Subscribe to RSS