Well, I was getting bored and just googled my domain name. As I was browsing through the search results, I clicked on a Spanish site containing the word gofedora. I clicked on google’s “Translate this page” and was surprised by the result. Watch it yourself below.
PS : Direct link for translated website.
PS2 : The actual website.
There is a vulnerability in the way Google authentication service works. Whenever you login to any of the Google’s online services like GMail, Orkut, Groups, Docs, Youtube, Calendar etc., you are redirected to an authentication server which authenticates against the entered username and password and redirect back to the required service (GMail, Youtube etc.) setting the session variables.
Now, if you are able to grab the url used to set the session variables, you can login as the user to whom that url belongs from any machine on the Internet (need not be the machine belonging to the same subnet) without entering the username and password of the user.
The proxy servers in the organizations can be used to exploit this vulnerability. Squid is the most popular proxy server used. In the default configuration, squid strips the query terms of a url before logging. So, this vulnerability can’t be exploited. But if you turn off the stripping mechanism by adding the line shown below, then squid will log the complete url.
strip_query_terms off |
So, after turning stripping mechanism off, the log will contain urls which will look like this
http://www.google.co.in/accounts/SetSID?ssdc=1&sidt=Q5UrfB0BAAA%3D.oHVGErODzffQ%2Bms%2FOKfk53g5naReDKehRNHOBsmJlBu3VTNXjF03SbgX%2FVEEhmImhR4mlu5IAAjM%2BdbuXvMMSIb0oU8IGCYpnLcSNkbCIrG%2BQnm81YmX5%2Brcrq7U6Qx65%2F1yaQ2NzgmKD94jg0Iw13iXDen3qD5qn6L%2FhmmYWwTrcOeuTzGbO%2BAehpjEU3mrWapRafaq3b4kxyigJ68s8QrGQqZTINNE%2Bs%2BoIkZWmGt5kNzoT8fkVAsWJeu3CKFkxj4oVMngeDvpwb1nyFpsJCltOzmAr46fTxVJSpvQdx0%3D.BMLtjUdIDCcuszktZSvYzA%3D%3D&continue=http%3A%2F%2Fwww.orkut.com%2FRedirLogin.aspx%3Fmsg%3D0%26ts%3D1226148773097%3A1226148773386%3A1226148774868%26auth%3DDQAAAIcAAAC1pPE1QT4chKgrU4B3oyKZrQRkEVPtYlclpESQoXV_d9x9gdoe75Z0hfJ_22Pn5tVMR7j-uV5YCps3NB48L0bFlDeX-4PGHVT6Loztp_ru3tAy_gxDa9_YAEbz4d9CO4wD2VTKtzax9zvpGgrnJVZQfoWPkkIomUmxDtVGoH7g3fA3UjS0vdBJ2PJtgFMElso |
Replace .co.in with your tld specific to your country. If you paste this url in any browser, it’ll directly log you in and you can do whatever you want to that account. Remember that all such urls remains valid only for two minutes. So, if you use that url after two minutes, it’ll lead nowhere.
At the time of writing this post Orkut, Google Docs, Google Calendar, Google Books and Youtube are vulnerable.
So, make sure your squid has stripping mechanism turned on and your squid server is properly firewalled.
You can watch the Video proof for Orkut on Blip.tv, Youtube.
To configure a caching nameserver on a local machine which will cascade to another previously configured and functional nameserver (may or may not be caching. It’ll generally be your ISP nameserver or the one provided by your organization).
(The working is my understanding of caching-nameserver using wireshark as traffic analysis tool and caching-nameserver may not behave exactly as explained above.)
named is by default on most of the systems by the package name ‘caching-nameserver‘. If its not present on your system, install using
[root@localhost ~]# yum install caching-nameserver [ENTER] # If that doesn't work try this [root@localhost ~]# yum install bind [ENTER] |
The main configuration file for named resides in /var/named/chroot/etc/named.caching-nameserver.conf which is also soft linked from /etc/named.caching-nameserver.conf . named configuration file supports C/C++ style comments.
For a caching nameserver which will cascade to another nameserver, there is nothing much to be configured. You need to configure “options” block. Below is a configuration file for a machine with IP address 172.17.8.64 cascading to two nameserver 192.168.36.204 and 192.168.36.210. The comments inline explain what each option does.
options { // Set the port to 53 which is standard port for DNS. // Add the IP address on which named will listen separated by semi-colons. // It'll be your own IP address. listen-on port 53 {127.0.0.1; 172.17.8.64;}; // These are default. Leave them as it is. directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; // The machines which are allowed to query this nameserver. // Normally you'll allow only your machine. But you can allow other machines also. // The address should be separated by semi-colons. To allow a network 172.16.31.0/24, // the line would be // allow-query {localhost; 172.16.31.0/24; }; // Don't forget the semi-colons. allow-query { localhost; 172.17.8.64; }; recursion yes; // The parent nameservers. List all the nameserver which you can query. forwarders { 192.168.36.204; 192.168.36.210; }; forward first; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; |
Now start the caching-nameserver using the following command
[root@localhost ~]# server named start [ENTER] |
OR
[root@localhost ~]# /etc/init.d/named start [ENTER] |
To make named start every time your reboot your machine use following command
[root@localhost ~]# chkconfig named on [ENTER] |
To use your caching-nameserver, open /etc/resolv.conf file and add the following line
nameserver 127.0.0.1 |
Comment all other lines in the file, so that finally the file looks like
; generated by /sbin/dhclient-script #search wlan.iiit.ac.in #nameserver 192.168.36.204 #nameserver 192.168.36.210 nameserver 127.0.0.1 |
Now your system will use your own nameserver (in caching mode) for resolving all domain names. To test if your nameserver use the following command
[root@localhost ~]# dig fedora.co.in [ENTER] |
Now if you use that command for the second time, the resolution time will be around 2-3 milli seconds while first time it would be around 400-700 milli seconds.
Example
Below is two subsequent runs of dig for fedora.co.in . Notice the Query time.
[root@bordeaux SPECS]# dig fedora.co.in ; <<>> DiG 9.4.2rc1 <<>> fedora.co.in ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7839 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;fedora.co.in. IN A ;; ANSWER SECTION: fedora.co.in. 83629 IN A 72.249.126.241 ;; AUTHORITY SECTION: fedora.co.in. 79709 IN NS ns.fedora.co.in. ;; ADDITIONAL SECTION: ns.fedora.co.in. 79709 IN A 72.249.126.241 ;; Query time: 531 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Nov 19 18:04:47 2008 ;; MSG SIZE rcvd: 79 [root@bordeaux SPECS]# dig fedora.co.in ; <<>> DiG 9.4.2rc1 <<>> fedora.co.in ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64233 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;fedora.co.in. IN A ;; ANSWER SECTION: fedora.co.in. 83625 IN A 72.249.126.241 ;; AUTHORITY SECTION: fedora.co.in. 79705 IN NS ns.fedora.co.in. ;; ADDITIONAL SECTION: ns.fedora.co.in. 79705 IN A 72.249.126.241 ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Nov 19 18:04:51 2008 ;; MSG SIZE rcvd: 79 [root@bordeaux SPECS]# |
I use knetstats for monitoring my wireless traffic. One fine day my wireless connection was not working as expected. I reloaded the module and reactivated the wifi device. Just to check if there were some traffic, I opened knetstats and guess what happened. I was blown the by the huge traffic on my wifi interface. The upload speed was something around 5.33 ExaBytes/sec ( or 5864061874995MB/sec) for sometime. I almost survived a heart attack. I wonder when we will have Internet connection with that speed. Here is the proof 🙂
Well, I happened to attend this workshop on “How to build business around open source tools” organized by Twincling Society and IIIT Hyderabad. There I came to know about Spicebird. Spicebird is a single platform for many collaboration needs. It provides e-mail, calendaring and instant messaging with intuitive integration and unlimited extensibility. Spicebird is being developed by a Hyderabad based Indian start-up named Synovel (All four founders are alumni of IIIT Hyderabad). Below we look at some features that Spicebird provides.
The tabbed interface for different utilities like mail, calendar, contacts, tasks etc. looks pretty clean. The interface is not at all cluttered in any way and navigation to different utilities is straight forward. You don’t have to brainstorm before getting something done.
Spicebird has an interface similar to loads of mozilla based application out there. The settings, preferences and the way things have been managed are familiar. So people who are switching from other open source email clients will not face any problems at all. Spicebird uses icons from Tango Project. The icons used are really good looking.
The way Home tab has been organized is really appealing. You can add applets which includes rss feeds from you favourite blogs, mail folder views, calendar, upcoming events and Date & Time. Geeks love rss feeds. And what can be better than having it on your home tab all the time along with your mails. Event applet comes handy to remind you of the upcoming meetings and deadlines. And its on home tab all the time 🙂 Date & Time is specially helpful when you collaborate with people in different timezones. So you can add their timezone on home tab and you know when is the right time to ping them.
Email experience is more or less like any other open source email client. But Spicebird provides some intitutive features like if it finds that the content of a mail is about a meeting, it’ll give an option for creating a calendar event for the same. This is a really good feature and this is just the begining. Spicebird is still beta.
This is a really cool feature from collaboration point of view and which makes Spicebird different from the masses. Spicebird is supporting IM via any jabber server. So if you are a startup, setup your own jabber server on Intranet and use it for collaboration. Mind blowing!! This also includes Gmail/GTalk. So you can just say bye bye to your messenger and start using it right away with GTalk. Plus this will import all your contacts to your local address book. Another real good feature which is not there in lot of other email clients.
Another good feature. Integrated calendar and task management. You can quickly add tasks and events. And you need not check your calendar for upcoming events, add upcoming event applet on home tab and you will have them all the time in front of your eyes 🙂
Whether you are a startup which is looking for tools to collaborate or a user who is excited about using open source tools, just go and download Spicebird from here and explore a new way of managing things at a single place 🙂
You can look at Spicebird Roadmap here and checkout the video demo of Spicebird here.