In this brief post I will relay my finding of a security vulnerability with the Palo Alto update servers. This post refers to the security advisory PAN-SA-2016-0010.
Category: Tech
This is a follow up from my other blog post – as I have found another issue with the best practices provided by Palo Alto, I thought I’d consolidate them in a single post.
Random Password Generator in PowerShell
Here is a quick and dirty PowerShell script that you can use to generate pseudo-random passwords using dictionary words, numbers and special characters.
This kind of script is good for environments such as schools and universities where mass-enrolment is quite common before the start of the academic year.
You can incorporate the function in your own script or come up with something new.
Credit goes to setgetgo.com for making the random word generator API available for public use.
The code is available on my GitHub page and is a good place to check for the latest iteration of code as well as some examples. Below is the code as of 14/06/2016
<# .SYNOPSIS Generate a random password .DESCRIPTION Uses the setgetgo.com random word API to generate random words. A random number and special character is then appended .PARAMETER numberOfPasswords Number of passwords to generate. Default is 1. .PARAMETER wordLength Word length. Default is 8. .PARAMETER allowedSpecialCharacters Special characters that are allowed to be appended to the password. Default is ! * and ? If defining your own, use the format: Generate-Password -allowedSpecialCharacters "!","?",",","/" .PARAMETER maximumNumber Default number to append to word will be between 0 and 999. .EXAMPLE PS C:\> Generate-Password This will generate a random 8 character word, append a number between 0 and 999 and finally append a special character. .NOTES Additional information about the function. #> function Generate-Password { [CmdletBinding()] [OutputType([string])] param ( [Parameter(Mandatory = $false)] [int]$numberOfPasswords = 1, [Parameter(Mandatory = $false)] [int]$wordLength = 8, [Parameter(Mandatory = $false)] $allowedSpecialCharacters = @('!', '*', '?'), [Parameter(Mandatory = $false)] [int]$maximumNumber = 999 ) for ($i = 1; $i -le $numberOfPasswords; $i++) { $randomWord = Invoke-WebRequest -URI http://randomword.setgetgo.com/get.php?len=$wordLength $randomNumber = Get-Random -Maximum $maximumNumber $randomSpecialCharacter = $allowedSpecialCharacters | Get-Random Write-Output "$($randomWord.content)$randomNumber$randomSpecialCharacter" } }
Office 365 Quarantine Tool
If you find yourself using the Office 365 (Exchange Online) e-mail quarantine often then you probably know how frustrating and slow it can be to quickly find and release quarantined items. Often times you’ll find yourself waiting for a few minutes only to realise it’s not doing anything. Then you have to refresh the page and re-enter your search criteria. The fact you can’t even wildcard searches is also unforgivable (it’s 2016 Microsoft, why can we not wildcard search the subject and sender fields?!)
This annoyance coupled with my eagerness to play with PowerShell led me to develop a quick and dirty quarantine tool or viewer if you like. The tool is quite basic but it will let you do the following:
- Wildcard search the subject and sender fields
- Configure the number of results to return
- Release a message based on message ID
If you want to have a play with the tool, it’s on my GitHub along with the source code if you feel like suggesting some improvements.
It seems Windows Updates doesn’t play nice with Palo Alto best practices; specifically when it comes to range headers.
Palo Alto best practices state that you should block the HTTP range option for the following reason: