Archive | December, 2006

XSS Shell v0.3.9 – Cross Site Scripting Backdoor Tool

Cybertroopers storming your ship?


XSS Shell is a powerful XSS backdoor which allows interactively getting control over a Cross-site Scripting (XSS) vulnerability in a web application. Demonstrates the real power and damage of Cross-site Scripting attacks.

WHAT IS XSS SHELL ?

XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by XSS-Proxy (http://xss-proxy.sourceforge.net/). Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim, you can backdoor the page.

You can steal basic auth, you can bypass IP restrictions in administration panels, you can DDoS some systems with a permanent XSS vulnerability etc. Attack possibilities are limited with ideas. Basically this tool demonstrates that you can do more with XSS.

FEATURES

XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands.

Most of the features can enable or disabled from configuration or can be tweaked from source code.

Features:

  • Regenerating Pages
  • Keylogger
  • Mouse Logger (click points + current DOM)

Built-in Commands:


  • Get Keylogger Data
  • Get Current Page (Current rendered DOM / like screenshot)
  • Get Cookie
  • Execute supplied javaScript (eval)
  • Get Clipboard (IE only)
  • Get internal IP address (Firefox + JVM only)
  • Check victim’s visited URL history
  • DDoS
  • Force to Crash victim’s browser

Online URL (Download, Screenshots, demo etc.):

http://ferruh.mavituna.com/article/?1338

Download :

http://www.portcullis-security.com/tools/free/XSSShell039.zip
or
http://ferruh.mavituna.com/xssshell/download/xssshellv039.zip


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,336 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,387,306 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,129 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Save Your Reputation Online with ReputationDefender

Cybertroopers storming your ship?


This is a pretty interesting idea and for once it addresses a real requirement. A lot of stories have hit the press about people getting fired or ‘dooced’ because of stuff online or not even getting jobs because of something found on MySpace.

So up pops a company that is willing to protect your reputation online.

The mistakes you make on the internet can live forever — unless you hire somebody to clean up after you.

A new startup, ReputationDefender, will act on your behalf by contacting data hosting services and requesting the removal of any materials that threaten your good social standing. Any web citizen willing to pay ReputationDefender’s modest service fees can ask the company to seek and destroy embarrassing office party photos, blog posts detailing casual drug use or saucy comments on social networking profiles.

It’s pretty reasonable too and can work great for anyone wanting to clear up a messy online history after those wild college years.

The company produces monthly reports on its clients’ online identities for a cost of $10 to $16 per month, depending on the length of the contract. The client can request the removal of any material on the report for a charge of $30 per instance.

Michael Fertik and his partners originally conceived of ReputationDefender as a way for parents to protect their children from potentially damaging postings to social networking sites like MySpace or Facebook.

Of course Facebook and MySpace are the main culprits.

Using both site-scraping robots and good old-fashioned human detective skills, ReputationDefender promises to scour the internet — particularly social networking sites like MySpace, Facebook, Xanga and Flickr — for materials that could threaten the author’s employability once he reaches the professional world and its army of Google-savvy hiring managers.

According to CareerBuilder.com, 26 percent of hiring managers say they have used search engines to research potential employees, and one in 10 has looked on a social networking website.

As you can see it is important now to look after your reputation online.

Source: Wired


Posted in: Legal Issues, Privacy

Tags: , , , , , , , , ,

Posted in: Legal Issues, Privacy | Add a Comment
Recent in Legal Issues:
- FBI Backed Off Apple In iPhone Cracking Case
- TalkTalk Hack – Breach WAS Serious & Disclosed Bank Details
- More Drama About Hillary Clinton’s E-mail Leak – VNC & RDP Open

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,681 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,584 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,593 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


SinFP 2.0.4 – OS Detection – Now Works On Windows

Cybertroopers storming your ship?


SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has.

Nmap approaches to fingerprinting as shown to be efficient for years. Nowadays, with the omni-presence of stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies, its approach to OS fingerprinting is becoming to be obsolete.

SinFP uses the aforementioned limitations as a basis for tests to be obsolutely avoided in used frames to identify accurately the remote operating system. That is, it only requires one open TCP port, sends only fully standard TCP packets, and limits the number of tests to 2 or 3 (with only 1 test giving the OS reliably in most cases).

SinFP 2.04 is now available, which for the first time, can now run under Windows ActivePerl.

More info here:

SinFP

SinFP has now more than 130 signatures in its database.

For Windows users, follow these instructions:

This was tested with ActivePerl 5.8.8.819, with PPM v4.0.

If you have error messages about failing to load some .dll, go to www.microsoft.com. Then, in the search field, type in vcredist_x86.exe, download it and install it.


Posted in: Hacking Tools, Network Hacking, Security Software

Tags: , , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Security Software | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,336 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,387,306 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,129 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


the Art of Virology 02h

Don't let your data go over to the Dark Side!


This is the one and only (and first article) which will present you the source code of a virus on Darknet, and a lame one too :)

Theory again…

First should mention a couple of things which haven’t been specified till now. This virus is going to be an appending virus:

An appending virus is a virus that writes all of his code to the end of the file, after which it writes a simple jump to the code at the start of the file

I will use this method, for first in the virus i’ll present here, maybe later I will adopt another technique as EPO:

Entry Point Obscuring is a method which inserts the entry point of the virus somewhere in the host file, where it can do an interception of the code for later replication, but not at the start.

…but definitely not overwriting viruses:

An overwriting virus has a simple routine to overwrite the host file, thus being easily detected because of the fact that infected files in 99% of cases won’t run anymore

Back to reality

So my first virus is called infant-a, because it only does a single thing (like an infant); also it is a DOS COM infecter, so you won’t have much trouble with it. What to say more, the source if fully commented, and if you have read the book I have suggested you in the 00h article than you won’t have any problems in understanding it.It is not detected by Avira anti virus, check it with other anti viruses and tell me if it found and under which name, oh yeah Kaspersky doesn’t find it either.

BTW: don’t compile and infect other files (computers) with it because I will look lame not you

The brilliant (and simple code) follows: infant-a

How to play with it?

Everything goes in 3 steps, or 2 depends on you…

1st step – dummy com files

Enter in DOS mode (run cmd from Windows run) and write the following lines:

2nd step – compile the virus

For this one you need TASM & TLINK, google to get them; if you have them enter the following lines supposing infant-a.asm is the virus:

3rd step – optional

Download DOSBox, install it and use the following commands (after starting DOSBox):

Let’s play

And now you can start the virus and see how it infects one file per run, the dummy COM files should have 6 bytes length, and after infection 161, you can’t miss them…

Are we done already?

Well 02h is over, but 03h is there waiting to be written; whats next? infant-b of course which will have:

  • An encryption method (XOR)
  • A traversal infection (dotdot [..] method)
  • More infections per run
  • Stealth?

Till then have fun with infant-a, and see you as soon as possible (if anybody reads this series).


Posted in: Virology

Tags: , , , , , , , , ,

Posted in: Virology | Add a Comment
Recent in Virology:
- The greatest virus of all time
- the Art of Virology 03h
- the Art of Virology 02h

Related Posts:

Most Read in Virology:
- The greatest virus of all time - 67,653 views
- the Art of Virology 00h - 8,792 views
- the Art of Virology 01h - 7,545 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Hackers Break Into Water Processing Plant Network

Cybertroopers storming your ship?


When things like this happen it’s kinda of scary, like a while back when someone managed to get into a highly secure power station network through a stupid contractors laptop that was connected to the net via dialup and to the uber ‘secure’ power station LAN.

An infected laptop PC gave hackers access to computer systems at a Harrisburg, Pa., water treatment plant earlier this month.

The plant’s systems were accessed in early October after an employee’s laptop computer was compromised via the Internet and then used as an entry point to install a computer virus and spyware on the plant’s computer system, according to a report by ABC News.

Similar to the power station incident eh?

Can’t people just take a little care and lock down all the machines on the network, install Firefox, install Anti-virus, enable Windows updates etc.

The incident is under investigation by the FBI, but no arrests have been made in the matter, said Special Agent Jerri Williams of the FBI’s Philadelphia office. The attackers are believed to have been operating outside of the U.S.

Williams said that the hackers do not appear to have targeted the plant. “We did not believe that they were doing it to compromise the actual water system, but just to use the computer as a resource for distributing e-mails or whatever electronic information they had planned,” she said.

It could have had some serious consequences on the water processing system.

Still, the FBI is concerned that even without targeting the system itself, this malicious software could have interfered with the plant’s operations, Williams said.

Had the breach targeted the water plant, it could have had grave consequences, according to Mike Snyder, security coordinator for the Pennsylvania section of the American Water Works Association. “It’s a serious situation because they could possibly raise the level of chlorine being injected into the water… which

Seems like security is still not as important as it should be.

Source: ComputerWorld


Posted in: General Hacking

Tags: , , , , , ,

Posted in: General Hacking | Add a Comment
Recent in General Hacking:
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS
- Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,167,494 views
- Hack Tools/Exploits - 620,767 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 431,980 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Backframe (Formerly Backweb) JavaScript Attack Console

Cybertroopers storming your ship?


There has been a recent release of Backframe (Formerly Backweb) Attack Console.

Backframe Attack Console was started as an experiment to create a full featured attack console for exploiting web browsers, web users and remote applications. Those who are familiar with XSS Proxy or even BEEF might already be familiar with the core principles of the project.

The console is based on simple client-server interaction. Both parts are required for successful operation. The server, also known as the attack channel, provides functionalities for establishing bi-directional communication with remote clients. On the other hand, the console is responsible for interacting with the channel providing the necessary toolkit for launching attacks against these clients.

The result of these core principles is an easy to use and understand web-client-oriented attack framework that keep the data, the presentation layer, and the underlying logic apart. This design is known as “the separation of concerns model”. This is highly effective practice which allows to easily extend upon the core elements.

Right now it is quite stable and it should work well with attack channels similar to the one described here:

Persistent Bi-directional Communication Channels

Check the AttackAPI project for the attack channel complete source code.

More information here:

Backframe

You can try out Backframe here:

Backframe Application


Posted in: Hacking Tools, Programming, Web Hacking

Tags: , , , , , , , ,

Posted in: Hacking Tools, Programming, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,336 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,387,306 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,129 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Massive Data Theft Operation Uncovered

Cybertroopers storming your ship?


UK Police have uncovered a fairly massive data theft operation with a total close to 8,500 victims.

It’s quite worrying when things like this are uncovered as if 1 is uncovered or discovered…imagine how many aren’t found out about, just like exploits.

British electronic-crime detectives are investigating a massive data theft operation that stole sensitive information from 8,500 people in the U.K. and others in some 60 countries, officials said Tuesday.

In total, cybercriminals targeted 600 financial companies and banks, according to U.K. authorities, who have worked over the past week to identify and notify victims.

Through intelligence sources, U.K. police were given several gigabytes of data — around 130,00 files — that came from a server in the U.S., said Charlie McMurdie, detective chief inspector for the Specialist Crime Directorate e-Crime Unit of the London Metropolitan Police. Most of the data related to financial information, she said.

Several GIG of data, that’s a hell of a lot of text.

They were using a pretty basic program though, haxdoor.

The data was collected by a malicious software program nicknamed Haxdoor that infected victims’ computers. Some 2,300 machines were located in the U.K. McMurdie said.

Haxdoor is a powerful program that can collect passwords and send them to another e-mail address plus disable a computer’s firewall, among other functions, according to a description posted on security vendor F-Secure Corp.’s Web site. Symantec Corp., another security company, wrote it first detected Haxdoor in November 2003.

Computers can get infected with Haxdoor if they don’t have security patches or up-to-date antivirus software. London police said it’s believed many victims were infected through instant message programs.

Nice to see the good guys also using technology to parse the data and locate victims.

Metropolitan police experts built a special program to search through the data and identify victims, she said. The data contained information such as logins and passwords for major Web sites such as eBay Inc., Amazon.com, BT Group PLC and Pipex Internet Ltd., a U.K. Internet service provider.

In some instances, Haxdoor employed a screen-capture function to obtain information, McMurdie said.

Source: Infoworld


Posted in: General Hacking, Malware, Privacy

Tags: , , , , , , ,

Posted in: General Hacking, Malware, Privacy | Add a Comment
Recent in General Hacking:
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS
- Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,167,494 views
- Hack Tools/Exploits - 620,767 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 431,980 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


NMAP 4.20 released

Cybertroopers storming your ship?


This is just a simple warning to all NMAP users out there. If you’re registered on the announcement mailing list you already now this, otherwise, heads up.

NMAP 4.20 has been released with something that looks promising. 2nd generation OS detection. The changelog is available here.

Enjoy!


Posted in: Hacking Tools

Tags: , , ,

Posted in: Hacking Tools | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,336 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,387,306 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,129 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Linux Reverse Engineering Hacker Challenge

Don't let your data go over to the Dark Side!


The first round results of the Linux Reverse Engineering Hacker Challenge are out!

http://www.hackerchallenge.org

It was expected that an intermediate hacker with Linux experience should be able to defeat the protection(s) in less than 10 hours. Participants may earn up to $4100 USD.

A total of 93 individuals registered to participate in the first Hacker Challenge. Individuals were compensated for defeating the protection and submitting a report that summarized how the defeat was executed. All individuals who defeated the protection and submitted a sufficient report were compensated with $500, while a partial defeat which was accompanied by a complete report was compensated with $200 (all payments in US dollars, with payments made anonymously via PayPal). Special payments were made for the first three successful defeats, as well as the top-three highest-quality reports

The competition is apparently run by a US based company anonymously and all payouts are made via PayPal.

We are a US company performing security testing and security metric research. This activity is being funded by a component of the US government.

The purpose of this project is to evaluate the effectiveness of software anti-piracy protections. The results of this effort will be used to improve our protection measures.

Perhaps something to do with the RIAA or DMCA as they are evaluating anti-piracy measures.

This is a security testing activity. All software and software anti-piracy measures were developed exclusively for use in this effort. No commercial protections were used in the development of this test.

Do watch out for the next competition from Hacker Challenge!


Posted in: Linux Hacking, Programming

Tags: , , , , , , ,

Posted in: Linux Hacking, Programming | Add a Comment
Recent in Linux Hacking:
- The Linux glibc Exploit – What You Need To Know
- LaZagne – Password Recovery Tool For Windows & Linux
- LSAT – Linux Security Auditing Tool

Related Posts:

Most Read in Linux Hacking:
- Kon-Boot – Reset Windows & Linux Passwords - 139,660 views
- Russix – LiveCD Linux Distro for Wireless Penetration Testing & WEP Cracking - 126,568 views
- BackTrack v2.0 – Hackers LiveCD Finally Released - 101,133 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


(IN)SECURE Magazine ISSUE 1.9 – December 2006

Don't let your data go over to the Dark Side!


(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. It can be distributed only in the form of the original non-modified PDF document.

The 9th issue of (IN)SECURE magazine was recently released, in this issue you can find the following:

  • Effectiveness of security by admonition: a case study of security warnings in a web browser setting
  • Interview with Kurt Sauer, CSO at Skype
  • Web 2.0 defense with AJAX fingerprinting and filtering
  • Hack In The Box Security Conference 2006
  • Where iSCSI fits in enterprise storage networking
  • Recovering user passwords from cached domain records
  • Do portable storage solutions compromise business security?
  • Enterprise data security – a case study
  • Creating business through virtual trust: how to gain and sustain a competitive advantage using information security

You can get it at www.insecuremag.com or directly here:

ISSUE 1.9 (December 2006) – DOWNLOAD

You can find the complete archive online HERE, it’s well worth a look.


Posted in: General Hacking

Tags: , , , , , , ,

Posted in: General Hacking | Add a Comment
Recent in General Hacking:
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS
- Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,167,494 views
- Hack Tools/Exploits - 620,767 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 431,980 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95