Archive | July, 2006


16 July 2006 | 13,246 views

Play v2.71 Games on your v1.5 PSP

For those who haven’t noticed yet, today booster made a milestone in PSP history. Enabling firmware 2.71 emulation in DevHook 0.44. Alot has been going on lately in the PSP scene and its great. With the release of the 2.5/.6 downgrader and full iso and game emulation in DevHook. Download here. Credit goes to booster [...]

Continue Reading


14 July 2006 | 15,333 views

Linux Kernel 2.6.x PRCTL Core Dump Handling – Local r00t Exploit ( BID 18874 / CVE-2006-2451 )

A working version of the exploit used to escalate privileges to root in the recent Debian breakin, ah another root kernel exploit. It’s to do with the way the kernel handles file permissions (or lack of) on core dumps. Linux kernel is prone to a local privilege-escalation vulnerability. A local attacker may gain elevated privileges [...]

Continue Reading


13 July 2006 | 5,740 views

Debian Development Machine ‘gluck’ Hacked!

Ah, I wonder what happened? I’ve always been a great fan of Debian, all the way back into the early days of woody and backporting apt packages. What a name too, gluck to me usually means g’luck or good luck ;) Early this morning we discovered that someone had managed to compromise gluck.debian.org. We’ve taken [...]

Continue Reading


12 July 2006 | 3,917 views

Consultant Breached FBI’s Computers

Using standard script kiddy tools a consultant managed to compromise some of the FBI’s computers containing confidential information. Quite a hack eh? A government consultant, using computer programs easily found on the Internet, managed to crack the FBI’s classified computer system and gain the passwords of 38,000 employees, including that of FBI Director Robert S. [...]

Continue Reading


11 July 2006 | 4,814 views

Ticketcharge.com.my website hacked

Ticketcharge.com.my, a Malaysian website that sells event tickets online appears to have been hacked. Forgot to take a screenshot of it but this screenshot from google cache taken today can be seen below. This happened over the weekend or perhaps earlier. Google cache here . This will be gone when google re-cache the site again. [...]

Continue Reading


11 July 2006 | 15,615 views

HoneyBot – A Windows Based Honeypot

HoneyBOT HoneyBOT is a Windows based medium interaction honeypot solution. What is a Honeypot? A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the [...]

Continue Reading


10 July 2006 | 4,562 views

Next Up – Hacking Nuclear Powerstations!

Now this is a scary though, with the digitisation of the old analogue power stations and the accidental cross-over of networks (as we’ve seen before) people could soon be hacking nuclear power station control systems.. he nuclear power industry is going digital — replacing mechanical systems with more efficient, networked computer-controls. If that makes you [...]

Continue Reading


10 July 2006 | 4,681 views

A Day in the Life of a Spyware Company – DirectRevenue

Spyware companies are apparently netting HUGE profits, it doesn’t surprise me though with the amount of people that actually install the crap on their machines.. Let’s say we don’t like companies like Direct Revenue very much though. Consumers have strong opinions about Direct Revenue’s software. “If I ever meet anyone from your company, I will [...]

Continue Reading


08 July 2006 | 13,928 views

WebScarab – Web Application Analysis – New Version

WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review [...]

Continue Reading


07 July 2006 | 8,664 views

‘Free’ USB Drives Defeat Company Security

This is an excellent case of Social Engineering, you could also consider it playing on human greed/ignorance/stupidity. Whatever you want to label it really ;) USB drives are a real security risk.. We recently got hired by a credit union to assess the security of its network. The client asked that we really push hard [...]

Continue Reading