Archive | January, 2007


09 January 2007 | 15,281 views

WordPress 2.0.5 Trackback Vulnerability with Exploit

WordPress was “born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL and licensed under the GPL. It is the official successor of b2/cafelog. WordPress is fresh software, but its roots and development go back to 2001. It is a mature and stable product. We hope by focusing [...]

Continue Reading


09 January 2007 | 9,844 views

MTR – Traceroute on Steroids

MTR was written by Matt Kimball, with contributions by many people. Take a look at the “AUTHORS” file in the distribution. Roger Wolff took over maintenance of MTR in october 1998. MTR combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single network diagnostic tool. As MTR starts, it investigates the network connection [...]

Continue Reading


08 January 2007 | 8,343 views

Organised Cyber Criminals Recruiting Fresh Grads

Criminals are not stupid, cyber criminals are the same breed, perhaps even smarter than the traditionalists as they are utilising new ways of doing the same old tricks online. Now the online criminals are recruiting fresh grads to help them push the boundaries further. Organised crime is “grooming” a new generation of would-be cybercriminals using [...]

Continue Reading


06 January 2007 | 33,511 views

LMCrack – Windows LanMan Hash Cracker Tool with Download

As a security consultant, job functions include Penetration Testing and Vulnerability Assessments. The aim of these types of engagements is to demonstrate risk to the customer. One of the steps involved in demonstrating risk is password auditing (“cracking”) in order to assess the strength and quality of passwords in use in the environment. On a [...]

Continue Reading


05 January 2007 | 7,235 views

Serious Exploit in Windows Media Player (WMP)

Oh look! Another 0-day in Windows…this time in Media Player, there was a few in Word lately and the latest thing that just hit is an XSS flaw in PDF files online. I’ll report more on those later. The Windows Media Player library WMVCORE.DLL contains a potentially exploitable heap buffer overflow in its handling of [...]

Continue Reading


04 January 2007 | 7,280 views

SIFT Web Services Security Testing Framework

SIFT has released a new Intelligence Report titled ‘A Web Services Security Testing Framework‘. The framework covers the entire web services security testing process incorporating detailed threat modelling, scoping and planning methodologies tailored specifically for web services applications. Web services are a widely touted technology that aim to provide tangible benefits to both business and [...]

Continue Reading


03 January 2007 | 30,907 views

Malware Outbreak During New Year – Dref-V and Trojan downloader Tibs-jy

Social Engineering again, someone praying on xmas spirit and good will to spread their filthy malware. It quite often happens during festive times, someone hatches a new worm and sends it out packaged as a jolly xmas card or game. A significant worm outbreak over the new year festivities has put paid to the notion [...]

Continue Reading


02 January 2007 | 225,982 views

Cain & Abel – Download the Super Fast and Flexible Password Cracker with Network Sniffing

Cain & Abel is easily one of our favourite password crackers here at Darknet, especially because it’s oldskool but still under development, unlike most other projects which have been abandoned as time passed. Cain & Abel has some awesome stuff built in like native network sniffing and network password grabbing. Cain & Abel is a [...]

Continue Reading


01 January 2007 | 84,994 views

eEye Launches 0-Day Exploit Tracker

Ah finally a decent 0-day exploit tracker, one that isn’t underground and could be fairly useful to everyone. 0-day as basically stated in the article is an exploit not known publicly or available publicly well before any patches are available, some private groups often have exploits for a year or more before someone else discovers [...]

Continue Reading