Monthly Archives: June 2010

mod_security rule for e107 ‘plugindir’ and ‘ifile’ remote include vulnerability

Posted on by Randy

Here are modsecurity2 rules for the latest string of vulnerabilities affecting the E107 CMS system described in the following links: http://www.exploit-db.com/exploits/12818/ http://www.exploit-db.com/exploits/12715/ SecRule ARGS:THEMES_DIRECTORY “^http” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'” SecRule ARGS:ifile “^http” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'” SecRule ARGS:plugindir “^http” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'” SecRule ARGS:author_name “\[php\]” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'”

Remotely installing PFSense to hard drive with VGA and without CD-ROM

Posted on by Randy

FreeBSD is great for certain tasks (such as firewalls and other embedded devices), but has some real shortcomings when it comes to booting from attached or remote storage. This severely complicates the installation process in some cases. In my case, I have a remote server in a rack with no CD-ROM. Pulling the server from […]