Archive | February, 2007

Sun Solaris 10 – Free Offer – Media DVD

Your website & network are Hackable


It’s good to have a variety of Operating Systems in your hacking lab at home, it helps you get familiar with them..as to break things, you have to know how they work first.

So get to know Solaris, they have some pretty neat security related software inside their OS and generally are pretty good when it comes to having a secure architecture with stuff like Trusted Extensions and DTrace.

As they say:

How else to explore and discover for yourself the many innovations and features that Solaris 10 has to offer, than by running Solaris 10 yourself?

So go ahead, grab a copy and start hacking.

To obtain a copy of Solaris 10 Media DVD visit the site below and fill up the form.

Solaris 10


Posted in: General News, UNIX Hacking

Tags: , , , , , , ,

Posted in: General News, UNIX Hacking | Add a Comment
Recent in General News:
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,447 views
- eEye Launches 0-Day Exploit Tracker - 85,746 views
- Seattle Computer Security Expert Turns Tables On The Police - 44,394 views

Get protected with Sucuri


ADTool – Active Directory Domain Listing Tool

Your website & network are Hackable


ADtool is a neat tool to help you list all the machines that are part of an Active Directory driven domain or network.

It is intended to help pentesters and admins in their day to day work, there are some other tools that can accomplish the work for listing domain servers, but unfortunately all other tools are GUI based, which makes it difficult to script actions based on the ouput and is difficult to export a list of machines.

So this tool is for the work day to day, when you need to get a simple and easy to use list of all machines in a domain.

ADtool doesn’t need any special membership, or user in the desired domain, just be connected on the same network, and information will come to you!.


You can download ADTool here:

ADTool BETA 1.0


Posted in: Hacking Tools, Network Hacking, Windows Hacking

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Windows Hacking | Add a Comment
Recent in Hacking Tools:
- OWASP OWTF – Offensive Web Testing Framework
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,992,403 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,478,472 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 687,199 views

Get protected with Sucuri


Defense Workers Warned About Spy Coins for Espionage

Your website & network are Hackable


This is a pretty cool new development, something straight out of a Tom Clancy thriller or a spy/hacker movie.

Introducing Spy Coins! People are actually being warned about picking up stray coins as they might have surveillance devices inside.

Can the coins jingling in your pocket trace your movements? The Defense Department is warning its American contractor employees about a new espionage threat seemingly straight from Hollywood: It discovered Canadian coins with tiny radio frequency transmitters hidden inside.

In a U.S. government report, it said the mysterious coins were found planted on U.S. contractors with classified security clearances on at least three separate occasions between October 2005 and January 2006 as the contractors traveled through Canada.

It’s not the best way to hide a surveillance device though as someone might actually spend it…then your plan is foiled, they could also easily lose it, leave it on a desk, put it in a donation box or simply give it away.

“It wouldn’t seem to be the best place to put something like that; you’d want to put it in something that wouldn’t be left behind or spent,” said Jeff Richelson, a researcher and author of books about the CIA and its gadgets. “It doesn’t seem to make a whole lot of sense.”

Canada’s physically largest coins include its $2 “Toonie,” which is more than 1-inch across and thick enough to hide a tiny transmitter. The CIA has acknowledged its own spies have used hollow, U.S. silver-dollar coins to hide messages and film.

The government’s 29-page report was filled with other espionage warnings. It described unrelated hacker attacks, eavesdropping with miniature pen recorders and the case of a female foreign spy who seduced her American boyfriend to steal his computer passwords.

Anyway just be wary, people are getting more ingenious, you might not know who is tracking you.

CIA hollow coin: CIA Archive – Hollow Coin

*THE FACTS WITHIN THIS ARTICLE MAY NOT BE TRUE, THE US GOVERNMENT HAS STATED IN ANOTHER ARTICLE THIS REPORT IS UNKNOWN TO THEM*


Posted in: Countermeasures, General Hacking, Privacy

Tags: , , , , , , , , ,

Posted in: Countermeasures, General Hacking, Privacy | Add a Comment
Recent in Countermeasures:
- Bearded – Security Automation Platform
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,272 views
- Password Hasher Firefox Extension - 117,884 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,752 views

Get protected with Sucuri


LFT – Layer Four Traceroute and WhoB

Find your website's Achilles' Heel


LFT

LFT, short for Layer Four Traceroute, is a sort of ‘traceroute’ that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, loose source routing, netblock name lookups, et al.

What makes LFT unique?

LFT is the all-in-one traceroute tool because it can launch a variety of different probes using both UDP and TCP layer-4 protocols. For example, rather than only launching UDP probes in an attempt to elicit ICMP “TTL exceeded” from hosts in the path, LFT can send TCP SYN or FIN probes to target arbitrary services. Then, LFT listens for “TTL exceeded” messages, TCP RST (reset), and various other interesting heuristics from firewalls or other gateways in the path.

LFT also distinguishes between TCP-based protocols (source and destination), which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 (IP) hops. With LFT’s verbose output, much can be discovered about a target network.

WhoB

WhoB is a likable whois client (see whois(1)) designed to provide everything a network engineer needs to know about a routed IP address by typing one line and reading one line. But even so, it’s worth typing a few more lines because WhoB can do lots of other cool things for you! It can display the origin-ASN based on the global routing table at that time (according to Prefix WhoIs, RIPE NCC, or Cymru), the ‘origin’ ASN registered in the RADB (IRR), the netname and orgname, etc. By querying pWhoIs, WhoB can even show you all prefixes being announced by a specific Origin-ASN.

WhoB performs the lookups quickly, the output is easily parsed by automated programs, and it’s included as part of the Layer Four Traceroute (LFT) software package. LFT uses WhoB as a framework (and you can too, quite easily–see whois.h). Recent LFT releases (as of version 2.5) include WhoB functionality through a standalone “whob” client/command placed in the LFT binary directory.

LFT and WhoB continue to evolve and provide more and more useful data to network engineers and to anyone else that cares how IP datagrams are being routed. With the advent of smarter firewalls, traffic engineering, QoS, and per-protocol packet forwarding, LFT and WhoB have become invaluable tools for many network managers worldwide.

You can download LFT & WhoB and read more here:

LFT & WhoB


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- OWASP OWTF – Offensive Web Testing Framework
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,992,403 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,478,472 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 687,199 views

Get protected with Sucuri


Serious XSS Flaw in Google Desktop Allows Data Theft

Your website & network are Hackable


Google has fixed a security flaw in its desktop search software that created a means for hackers to rifle through personal files on users’ PCs.

A failure in Google Desktop to “properly encode output containing malicious or unexpected characters” created a means for hackers to cross from the web environment to the desktop application environment.

So if you are running Google Desktop we suggest you update it ASAP.

The attack, outlined in a paper (PDF) released by the firm, uses a cross-site scripting (XSS) flaw in the Google Desktop application in conjunction with any other XSS flaw in the Google.com domain to install malicious JavaScript on the user’s computer. Using the technique, an attacker could create a JavaScript program that Google Desktop repeatedly runs, allowing the attacker to search a victim’s computer using terms most likely to dredge up interesting data.

Google released an updated version of Google Desktop that fixes the local cross-site scripting flaw earlier this month, but many users may not have gotten the patch, said Danny Allan, director of security research for Watchfire. Because of the popularity of Google Desktop, there could be a large number of users with vulnerable systems.

Read More:

Google Desktop flaw allows data theft
Google patches critical desktop flaw
Serious Flaw in Google Desktop Prompts Patch


Posted in: Exploits/Vulnerabilities, General Hacking

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, General Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Massive Yahoo Hack – 500 Million Accounts Compromised
- Tesla Hack – Remote Access Whilst Parked or Driving
- PunkSPIDER – A Web Vulnerability Search Engine

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,897 views
- AJAX: Is your application secure enough? - 120,272 views
- eEye Launches 0-Day Exploit Tracker - 85,746 views

Get protected with Sucuri


Why Blurring or Mosaicing Important Information is a BAD Idea

Find your website's Achilles' Heel


I saw a pretty interesting article a few days attempting to reverse engineer the mosaic tool used often online to obscure sensitive or confidential information.

The article shows that the mosaic isn’t actually very random, and in a way you can brute force reverse engineer the mosaic to reveal the contents before they were obscured.

It’s ok for faces, but when it comes to letters/numbers and text it can be uncovered.

For the most part this is all fine with peoples’ faces as there isn’t a convenient way to reverse the blur back into a photo so detailed that you can recognise the photo. So that’s good if that is what you intended. However, many people also resort to blurring sensitive numbers and text. I’ll illustrate why that is a BAD idea.

Suppose someone posted a photo of their check or credit card online for whatever awful reason (proving to Digg that I earned a million dollars, showing something funny about a check, comparing the size of something to a credit card, etc.), blurring out the image with the far-too-common mosaic effect to hide the numbers.

Which is true, it is very common.

There is some ubermath geek stuff after this, analysing the brightness vector of the mosaic areas.

In this case, the account number 0000001 creates mozaic brightness vector a(0000001)=[213,201,190,…]. We find the mozaic brightness vector for every account number in a similar fashing using a script to blur each image and read off the brightnesses. Let a(x) be the function of the account number x. a(x)_i denotes the ith vector value of the mozaic brightness vector a obtained from account number x. Above, a(0000001)_1 = 213.

We now do the same for the original check image we found online or wherever, obtaining a vector we hereby call z=[z_1,z_2,…z_n]:

Anyway go ahead and check the article out, a very interesting read and a real example of proper hacking, thinking of a solution to something, thinking how to break something..

You can read more in the full article here:

Why blurring sensitive information is a bad idea


Posted in: General Hacking, Privacy

Tags: , , , , , ,

Posted in: General Hacking, Privacy | Add a Comment
Recent in General Hacking:
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,171,986 views
- Hack Tools/Exploits - 631,226 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 436,645 views

Get protected with Sucuri


Fierce Domain Scanner Released – Domain Reconnaissance Tool

Your website & network are Hackable


Fierce domain scan was born out of personal frustration after performing a web application security audit. It is traditionally very difficult to discover large swaths of a corporate network that is non-contiguous. It’s terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can miss huge chunks of networks.

Fierce

First what fierce is not. Fierce is not an IP scanner, it is not a DDoS tool, it is not designed to scan the whole internet or perform any un-targeted attacks. It is meant specifically to locate likely targets both inside and outside a corporate network. Only those targets are listed. No exploitation is performed. Fierce is a reconnaissance tool. Fierce is a PERL script that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics.

First it queries your DNS for the DNS servers of the target. It then switches to using the target’s DNS server (you can use a different one if you want using the -dnsserver switch). Fierce then attempts to dump the SOA records for the domain in the very slim hope that the DNS server that your target uses may be misconfigured.

Once that fails (because it almost always will) it attempts to “guess” names that are common amongst a lot of different companies. Don’t ask me where I got the list, it’s just a list of names that id and I have seen all over the place. I thought about adding a dictionary to this, but I think that would take a lot longer, and given that very few of the words are dictionary words I don’t think this would add a lot of value.

The syntax is something like this:

You can download Fierce Domain Scanner here:

fierce.pl – Download host list: hosts.txt

More info here:

Fierce Domain Scanner

Written by RSnake with input from id, Vacuum and Robert E Lee.


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- OWASP OWTF – Offensive Web Testing Framework
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,992,403 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,478,472 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 687,199 views

Get protected with Sucuri


Another 0-day MySpace XSS Exploit

Find your website's Achilles' Heel


This was a while ago, but once again unsurprising..The amount of security holes that have been discovered in MySpace (to say they hold some pretty confidential info and are a preying ground for paedos..it’s a scary thought).

Once again an XSS flaw shows up in MySpace.

digi7al64 found yet another hole in myspace using non-alpha-non-digit exploit. Again, this time, like last time, MySpace is doing a bad job of stripping out tags. This is the fifth time they’ve been hit by this exact same issue. MySpace should really consider hiring someone who knows how to write while loops. Until then they are vulnerable yet again. The trick is again simple:

becomes: because they strip out the


Posted in: Exploits/Vulnerabilities, Web Hacking

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Massive Yahoo Hack – 500 Million Accounts Compromised
- Tesla Hack – Remote Access Whilst Parked or Driving
- PunkSPIDER – A Web Vulnerability Search Engine

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,897 views
- AJAX: Is your application secure enough? - 120,272 views
- eEye Launches 0-Day Exploit Tracker - 85,746 views

Get protected with Sucuri


sqlmap – Automated Blind SQL Injection Tool

Your website & network are Hackable


sqlmap is an automatic blind SQL injection tool, developed in python, capable of enumerating an entire remote database, performing an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.

Features

  • Test of the remote url stability, based on page hash or string match;
  • Identification of url dynamic parameters;
  • Test numeric, string (single quote and double quotes) SQL injection on all url dynamic parameters and at first vulnerable it will be used to perform the future SQL injections;
  • Possible selection of HTTP method for testing and exploiting dynamic parameters, GET or POST (default: GET);
  • Fingerprint of web application database back-end based upon specific queries output which identify database characteristics and banner grabbing;
  • Random HTTP User-Agent header selection;
  • HTTP Cookie header provided, useful when web application requires authorization based on cookies and you an account;
  • Provide an anonymous HTTP proxy address to pass by request to the target url;
  • Other command line parameters to get database banner, enumerate databases, tables, columns, dump values, retrieve an arbitrary file content and provide own SQL expression to query remote database;
  • Debug output messages in verbose mode execution;
  • PHP setting magic_quotes_gpc evasion by encoding every query string, between single quotes, with CHAR (or similar) database function.

You can find out more at http://sqlmap.sourceforge.net/ and the documentation is available here.

You can download sqlmap at:

sqlmap Files Page

For the development release you can browse its SourceForge SVN repository or directly download the source code:


Posted in: Hacking Tools, Security Software, Web Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Security Software, Web Hacking | Add a Comment
Recent in Hacking Tools:
- OWASP OWTF – Offensive Web Testing Framework
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,992,403 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,478,472 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 687,199 views

Get protected with Sucuri


The RFID Song from Monochrom

Find your website's Achilles' Heel


A pretty cool song about RFID and RFID hacking from Monochrom.at.

Written and first performed at 23C3 (23rd Chaos Communication Congress) in December 2006 in Berlin as part of monochrom’s ‘Proto-Melodic Comment Squad’.

Users, there’s trouble ahead
I said users, it is totally sad
But users, the future lies in your hand
Cause it’s all about surveillance

Comrades, you don’t know what I mean?
Well comrades, there’s new tech on the scene
Come on comrades, stand up fight for your right
There’s a need for your experience

It’s fun to hack the RFID
It’s fun to hack the RFID
Technology is just a matter of choice
You can microwave all their toys

It’s fun to hack the RFID
It’s fun to hack the RFID
They want to store everything about you
But there’s plenty of things you can do

w00t!

You can download the mp3 versions here:

RFID Song (Bratlfettn Version) [MP3, 2:42]
RFID Song (Rohkost Version) [MP3, 2:34]

The full lyrics are available here:

monochrom: RFID song


Posted in: General Hacking

Tags: , , , , , ,

Posted in: General Hacking | Add a Comment
Recent in General Hacking:
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,171,986 views
- Hack Tools/Exploits - 631,226 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 436,645 views

Get protected with Sucuri