Month / April 2004

by dmacias

Cisco Security Advisory: A Default Username and Password in WLSE and HSE Devices

Interesting read over at Slashdot, about Cisco having a hard coded L/P in two of their software packages.


  • The affected software releases for WLSE are 2.0, 2.0.2 and 2.5.
  • The affected software releases for HSE are 1.7, 1.7.1, 1.7.2 and 1.7.3.




    • Of course the fine folks at Slashdot have raised all sorts of issues about privacy, who can you trust, open source this, open source that, and wearing tin foil hats.



    Cisco Slashdot

    Interesting read over at Slashdot, about Cisco having a hard coded L/P in two of their software packages.


  • The affected software releases for WLSE are 2.0, 2.0.2 and 2.5.
  • The affected software releases for HSE are 1.7, 1.7.1, 1.7.2 and 1.7.3.




    • Of course the fine folks at Slashdot have raised all sorts of issues about privacy, who can you trust, open source this, open source that, and wearing tin foil hats.



    Cisco SlashdotI am a bit torn on the issue. How many calls does a company get regarding forgotten passwords or rogue employees sabotaging a company’s network?


    Who can you trust with information that could potentially put at risk each and every one of your customers?



    There is the pickle!

    by dmacias

    dmacias.org is broken!

    Well not really, I had to change to a default theme, because the theme I normally use Axonz, is not compatible with my version of GL. So I will be dropping the Axonz developer a line to see what’s up. Also, I am working on my own little theme, but since school and work are constantly keeping me too busy, I don’t have that much time to dedicate to this site.

    ~david macias

    PS: to the lovely bot who spammed my site, I will find you.

    Well not really, I had to change to a default theme, because the theme I normally use Axonz, is not compatible with my version of GL. So I will be dropping the Axonz developer a line to see what’s up. Also, I am working on my own little theme, but since school and work are constantly keeping me too busy, I don’t have that much time to dedicate to this site.

    ~david macias

    PS: to the lovely bot who spammed my site, I will find you.

    by dmacias

    RSS and PHP with a hint of CSS

    Well this is the continuation from ealier story to my earlier post about messing around with RSS feeds with PHP. The synopsis of my little project was to capture the recents job postings from a really good job posting website. Take a look below for the code.



    ~david macias

    Well this is the continuation from ealier story to my earlier post about messing around with RSS feeds with PHP. The synopsis of my little project was to capture the recents job postings from a really good job posting website. Take a look below for the code.



    ~david maciasSome limitations: I need to learn how to reuse the XML parser that way I don’t have to build it and clean it up new everytime, creates really messy code. I am not sure how bad of a load it is causing on the RSS home website. Among other things, but hey for 2 hours of hacking this works out pretty decent. Check out a live example at: Example

    
<html>
<head>
<title>Bottom Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
//CSS to ensure that text starts on top of colum regarldless of how many entries are received
<style type="text/css">
<!--
.veralign {
        vertical-align: top;
}
-->
</style>
</head>

<body>
<p>
  <?php
        if (($_GET['city']) == NULL){
                printf("No City Selected");
//if there is no city selected do not process and code, saves resources
        }
        else {
                printf("<p>City: ");
                printf($_GET['city']);
                printf("</p>");

                class RSSParser {
                        var $insideitem = false;
                        var $sectitle = "";
                        var $title = "";
                        var $link = "";
                        var $creator = "";
                        var $language = "";
                        var $source = "";
                        var $rights = "";
                        var $date = "";
                        var $type = "";

                        function startElement($parser, $tagName, $attrs) {
                                if ($this->insideitem) {
                                        $this->tag = $tagName;
                                }
                                elseif ($tagName == "ITEM") {
                                        $this->insideitem = true;
                                }
                        }

                        function endElement($parser, $tagName) {
                                if ($tagName == "ITEM") {
                                        printf("<font size =\"2\"><b><a href='%s'>%s</a></b> [ %s ]</font><BR>", trim($this->link), htmlspecialchars(trim($this->title)), htmlspecialchars(trim($this->source)));
                                        printf("<font size=\"2\"><b>Date: %s </b></font><BR>", htmlspecialchars(trim($this->date)));
                                        printf("<font size=\"1\">Creator: %s</font><BR>", htmlspecialchars(trim($this->creator)));
                                        printf("<font size=\"1\">Rights: %s</font><BR><BR>", htmlspecialchars(trim($this->rights)));
                                        $this->title = "";
                                        $this->link = "";
                                        $this->source = "";
                                        $this->date = "";
                                        $this->rights = "";
                                        $this->creator = "";
                                        $this->insideitem = false;
                                }
                        }

                        function characterData($parser, $data) {
                                if ($this->insideitem) {
                                        switch ($this->tag) {
                                                case "DC:TITLE":
                                                        $this->title .= $data;
                                                break;
                                                case "LINK":
                                                        $this->link .= $data;
                                                break;
                                                case "DC:CREATOR":
                                                        $this->creator .= $data;
                                                break;
                                                case "DC:RIGHTS":
                                                        $this->rights .= $data;
                                                break;
                                                case "DC:DATE":
                                                        $this->date .= $data;
                                                break;
                                                case "DC:SOURCE":
                                                        $this->source .= $data;
                                                break;
                                        }
                                }
                        }
                }
 printf("<table width=\"100%%\" border=\"1\" cellspacing=\"0\" cellpadding=\"10\"><tr>");
        printf("<td class=\"veralign\">");

                $xml_parser = xml_parser_create();
                $rss_parser = new RSSParser();

                xml_set_object($xml_parser,&$rss_parser);
                xml_set_element_handler($xml_parser, "startElement", "endElement");
                xml_set_character_data_handler($xml_parser, "characterData");

                printf("<B>%s Internet Engineering</B><BR>", $_GET['city']);
                $fp = fopen("http://".$_GET['city'].".craigslist.org/eng/index.rss","r")
                or die("Error reading RSS data.");
                while ($data = fread($fp, 4096))
                        xml_parse($xml_parser, $data, feof($fp))
                or die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser)));
                fclose($fp);

                xml_parser_free($xml_parser);
        printf("</td>");

        //////////////
        printf("<td class=\"veralign\">");

                $xml_parser = xml_parser_create();
                $rss_parser = new RSSParser();
                xml_set_object($xml_parser,&$rss_parser);
                xml_set_element_handler($xml_parser, "startElement", "endElement");
                xml_set_character_data_handler($xml_parser, "characterData");

                printf("<B>%s Software/DBA</B><BR>", $_GET['city']);
                $fp1 = fopen("http://".$_GET['city'].".craigslist.org/sof/index.rss","r")
                or die("Error reading RSS data.");
                while ($data = fread($fp1, 4096))
                        xml_parse($xml_parser, $data, feof($fp1))
                or die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser)));
                fclose($fp1);

                xml_parser_free($xml_parser);

        printf("</td>");

        ///////////
        printf("<td class=\"veralign\">");

                $xml_parser = xml_parser_create();
        $rss_parser = new RSSParser();
        xml_set_object($xml_parser,&$rss_parser);
        xml_set_element_handler($xml_parser, "startElement", "endElement");
        xml_set_character_data_handler($xml_parser, "characterData");

        printf("<B>%s Systems/Networking</B><BR>", $_GET['city']);
        $fp1 = fopen("http://".$_GET['city'].".craigslist.org/sad/index.rss","r")
        or die("Error reading RSS data.");
        while ($data = fread($fp1, 4096))
                xml_parse($xml_parser, $data, feof($fp1))
        or die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser)));
        fclose($fp1);

        xml_parser_free($xml_parser);

        printf("</td>");

        ///////////

        printf("<td class=\"veralign\">");

        $xml_parser = xml_parser_create();
        $rss_parser = new RSSParser();
        xml_set_object($xml_parser,&$rss_parser);
        xml_set_element_handler($xml_parser, "startElement", "endElement");
        xml_set_character_data_handler($xml_parser, "characterData");

        printf("<B>%s Web/Design</B><BR>", $_GET['city']);
        $fp1 = fopen("http://".$_GET['city'].".craigslist.org/art/index.rss","r")
        or die("Error reading RSS data.");
        while ($data = fread($fp1, 4096))
                xml_parse($xml_parser, $data, feof($fp1))
        or die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser)));
        fclose($fp1);

        xml_parser_free($xml_parser);

        printf("</td>");

        ///////////
        printf("<td class=\"veralign\">");

        $xml_parser = xml_parser_create();
        $rss_parser = new RSSParser();
        xml_set_object($xml_parser,&$rss_parser);
        xml_set_element_handler($xml_parser, "startElement", "endElement");
        xml_set_character_data_handler($xml_parser, "characterData");

        printf("<B>%s Tech Support</B><BR>", $_GET['city']);
        $fp1 = fopen("http://".$_GET['city'].".craigslist.org/tch/index.rss","r")
        or die("Error reading RSS data.");
        while ($data = fread($fp1, 4096))
                xml_parse($xml_parser, $data, feof($fp1))
        or die(sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser)));
        fclose($fp1);

        xml_parser_free($xml_parser);

        printf("</td>");
        printf("</tr></table>");
        }

?>
</p>
</body>
</html>