Categories
Tech

Palo Alto Networks – Update Server API Exposure

In this brief post I will relay my finding of a security vulnerability with the Palo Alto update servers. This post refers to the security advisory PAN-SA-2016-0010.

Categories
Tech

Take Care When Applying Palo Alto Best Practices

This is a follow up from my other blog post – as I have found another issue with the best practices provided by Palo Alto, I thought I’d consolidate them in a single post.

Categories
Tech

Random Password Generator in PowerShell

Here is a quick and dirty PowerShell script that you can use to generate pseudo-random passwords using dictionary words, numbers and special characters.

This kind of script is good for environments such as schools and universities where mass-enrolment is quite common before the start of the academic year.

You can incorporate the function in your own script or come up with something new.

Credit goes to setgetgo.com for making the random word generator API available for public use.

The code is available on my GitHub page and is a good place to check for the latest iteration of code as well as some examples. Below is the code as of 14/06/2016

<#
.SYNOPSIS
Generate a random password

.DESCRIPTION
Uses the setgetgo.com random word API to generate random words. A random number and special character is then appended

.PARAMETER numberOfPasswords
Number of passwords to generate. Default is 1.

.PARAMETER wordLength
Word length. Default is 8.

.PARAMETER allowedSpecialCharacters
Special characters that are allowed to be appended to the password. Default is ! * and ?
If defining your own, use the format:
Generate-Password -allowedSpecialCharacters "!","?",",","/"

.PARAMETER maximumNumber
Default number to append to word will be between 0 and 999.

.EXAMPLE
PS C:\> Generate-Password
This will generate a random 8 character word, append a number between 0 and 999 and finally append a special character.

.NOTES
Additional information about the function.
#>
function Generate-Password
{
[CmdletBinding()]
[OutputType([string])]
param
(
[Parameter(Mandatory = $false)]
[int]$numberOfPasswords = 1,
[Parameter(Mandatory = $false)]
[int]$wordLength = 8,
[Parameter(Mandatory = $false)]
$allowedSpecialCharacters = @('!', '*', '?'),
[Parameter(Mandatory = $false)]
[int]$maximumNumber = 999
)

for ($i = 1; $i -le $numberOfPasswords; $i++)
{
$randomWord = Invoke-WebRequest -URI http://randomword.setgetgo.com/get.php?len=$wordLength
$randomNumber = Get-Random -Maximum $maximumNumber
$randomSpecialCharacter = $allowedSpecialCharacters | Get-Random
Write-Output "$($randomWord.content)$randomNumber$randomSpecialCharacter"
}
}
Categories
Tech

Office 365 Quarantine Tool

If you find yourself using the Office 365 (Exchange Online) e-mail quarantine often then you probably know how frustrating and slow it can be to quickly find and release quarantined items. Often times you’ll find yourself waiting for a few minutes only to realise it’s not doing anything. Then you have to refresh the page and re-enter your search criteria. The fact you can’t even wildcard searches is also unforgivable (it’s 2016 Microsoft, why can we not wildcard search the subject and sender fields?!)

This annoyance coupled with my eagerness to play with PowerShell led me to develop a quick and dirty quarantine tool or viewer if you like. The tool is quite basic but it will let you do the following:

  • Wildcard search the subject and sender fields
  • Configure the number of results to return
  • Release a message based on message ID

2016-06-07 20_17_07-Office 365 Quarantine Tool v012016-06-07 20_19_19-Office 365 Quarantine Tool v01
If you want to have a play with the tool, it’s on my GitHub along with the source code if you feel like suggesting some improvements.

Categories
Tech

WSUS Range Headers and Palo Alto Best Practices

It seems Windows Updates doesn’t play nice with Palo Alto best practices; specifically when it comes to range headers.

Palo Alto best practices state that you should block the HTTP range option for the following reason: