HackThisSite.org shows you how you can employ a number of hacking tricks to do bad stuff, but hopefully it will serve to show developers how to avoid these common avenues of attack.
CAPTCHA screens help keep bots from flooding sites like this one with spam.
I use a very basic CAPTCHA on the comments section.
Here are 2 articles talking about the effectivness of CAPTCHA, and ways that people can beat it.
I have been researching ways to reset a domain admin password for a client who forgot what they typed in when they set the password.
Most password crackers work only on local accounts, not for anything on a domain. It seems like the way to go about this is to reset the local admin account, then login using Directory Service Recovery Mode to reset the domain admin account.
Here are some of the articles I have been reading:
http://www.jms1.net/nt-unlock.shtml <– this idiot won’t let you view his pages if you are running IE, so use firebox, but again, that’s just stupid
To do this you
- Need a TFTP server running (solarwinds)
- Need to telnet into the device
- Need to be in enable mode
First to make the backup:
write net 192.168.1.2:MyBackup.pixconfig
where the IP is the IP of your TFTPserver
Then to restore it later, you need to enter config terminal mode first and then restore the file:
configure net 192.168.1.2:MyBackup.pixconfig
and there you have it…
The changes will take immediate effect, but you will still need to write them into the non volatile memory, or the changes will be lost when you reboot the device.
Here is a quick trick for resetting a pix password:
You need console access to do so.
Problem getting PDM running:
Installing PDF on a Pix Firewall:
Upgrade/Update/Flash a Cisco Pix:
Change Password on Pix:
Working with Cisco products is not an everyday event for me, but when I do work with them I want to make sure I backup the config files before I do anything.
To do this you can follow the instructions on this page:
You can also download a free TFTP server at this location: