Archive | March, 2007

Metasploit Exploit Framework Version 3.0 Released

Find your website's Achilles' Heel


Finally it’s out of BETA, Metasploit Framework Version 3.0 has been released and it’s a lot more Windows friendly.

The Metasploit Framework (“Metasploit”) is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a wide range of tasks, including host discovery, protocol fuzzing, and denial of service testing.

Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Metasploit runs on all modern operating systems, including Linux, Windows, Mac OS X, and most flavors of BSD. Metasploit has been used on a wide range of hardware platforms, from massive Unix mainframes to the tiny Nokia n800 handheld. Users can access Metasploit using the tab-completing console interface, the command line scripting interface, or the AJAX-enabled web interface. The Windows version of Metasploit includes all software dependencies and a selection of useful networking tools.

Metasploit 3 is a from-scratch rewrite of Metasploit 2 using the Ruby scripting language. The development process took nearly two years to complete and resulted in over 100,000 lines of Ruby code.

Metasploit is now released under the Metasploit Framework License. This license allows anyone to use the framework for almost anything, but prevents commercial abuse and outright code theft. The Metasploit Framework License helps keep the platform stable and still allows module developers to choose their own licensing terms for their code (commercial or open source). For more information, please see the license document included in the distribution.

You can find more and download the latest Metasploit here:

http://framework.metasploit.com/


Posted in: Exploits/Vulnerabilities, Hacking Tools

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment
Recent in Exploits/Vulnerabilities:
- Intel Hidden Management Engine – x86 Security Risk?
- TeamViewer Hacked? It Certainly Looks Like It
- Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,764 views
- AJAX: Is your application secure enough? - 120,108 views
- eEye Launches 0-Day Exploit Tracker - 85,538 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Agnitum Outpost Firewall PRO Review

Find your website's Achilles' Heel


Agnitum Outpost Firewall Pro is a software based firewall I respect a lot, and used to actually use…It used to be fairly light weight, secure and had some good features the other firewalls at the time didn’t have (system file integrity checking and so on).

Outpost Firewall

But nowadays with NAT routers, the need for desktop firewalls is minimal in my opinion as very few desktops are actually exposed to the Internet with public IP addresses.

To be safe though you should use a desktop or software firewall to police outgoing connections, but then again as a savvy user, I don’t feel the need to have this ‘protection’ as I’m not about to surf some dodgy site with Internet Exploder Explorer or download and run any random executables that I see on the web or receive via E-mail.

I did use Outpost until they started using Microsoft Access database files to store the logs, within the first day of using Outpost with this new system…the database had become corrupt 3 times.

I think most of the things a software or desktop firewall protects against can be mitigated with a little education and good Anti-Virus software such as Avast! or BitDefender (both free for home users).

Outpost does have a vast array of features which I wont list here, you can read them yourself on the Outpost Features page.

It covers all of the important stuff.

Agnitum Outpost

The download is a reasonable 13mb and it’s simple enough to install, it does require a reboot however like most firewalls as they hook in deep with some system level DLLs.

After playing around with it, I’d have to say Outpost is still one of the most powerful and configurable software firewalls out there. It’s still a bit bloaty however, but I no longer have any problems with corrupted MDB files.

It also has some pretty cool anti-spyware software built in which gave my system a full sweep on first run.

It has a bunch of default rules for most common applications which allow secure operation without limiting the main functionality (MSN Messenger, Firefox, Thunderbird and so on).

All in it’s a good product and if you are in the market for a desktop/software firewall or need to recommend one I think it’s about the best you can get.

You can view flash demos of the various firewall functions here.

You can download Agnitum Outpost Firewall Pro here.

The trial is available for a 30 day period, after that it will cost $39.95 for a single computer and a year worth of updates. Full pricing information including a family package is available here.


Posted in: Advertorial, Countermeasures, Security Software

Tags: , , , , , , , , ,

Posted in: Advertorial, Countermeasures, Security Software | Add a Comment
Recent in Advertorial:
- Defence In Depth For Web Applications
- 13 WordPress Security Tips From Acunetix
- Acunetix WVS 10 Released – Keeping Your Website Secure just got Easier

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 41,447 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,261 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,084 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


FireCAT – Firefox Catalog of Auditing Tools

Find your website's Achilles' Heel


After the web 2.0 hacking with firefox and its plugins article I wrote some months ago, recently I found a new way to transform firefox in the ultimate pen-testing tool… actually it has been lying in my inbox for days…

…new Firefox Framework Map collection of the most useful security oriented extensions. We called the framework FireCAT. It stands for FireFox Catalog of Auditing Toolbox.

It is based upon a paper we wrote some weeks before (Turning firefox to an ethical hacking platform) and downloaded more than 25 000 times. We also thank all folks that encouraged us and sent their suggestions and ideas to make this project a reality.

This initial release is presented as a mindmap and we are open to all your suggestions to make it a really good framework for all the community of security auditors and ethical hackers.

this is the mail I got from the securityfocus pen-testing mailinglist…

download the book at: http://www.security-database.com/


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Unicorn – PowerShell Downgrade Attack
- Wfuzz – Web Application Brute Forcer
- wildpwn – UNIX Wildcard Attack Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,978,273 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,421,055 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 679,071 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


JBroFuzz 0.5 from OWASP – Stateless Network Protocol Fuzzer

Your website & network are Hackable


OWASP JBroFuzz is a stateless network protocol fuzzer that emerged from the needs of penetration testing. Written in Java, it allows for the identification of certain classess of security vulnerabilities, by means of creating malformed data and having the network protocol in question consume the data.

The purpose of this application is to provide a single, portable application that offers stable network protocol fuzzing capabilities. A number of frameworks as well as APIs exist for fuzzing; these require a certain skill level to understand and use, which often acts as a barrier when constrained by time.

The goal of the JBroFuzz project is straight forward: Create a simple, easy to use, stable network fuzzer for stateless protocols. JBroFuzz aims to offer a wide range of fuzzing capabilities as seen in the features below.

Fuzzing with JBroFuzz can take place on any part of a socket request by means of specifying one or more generators. These generators can are classified into two broad categories, those being recursive and replasive.

The current version (0.5) supports the ability to perform web enumeration over HTTP and HTTPS. By default, the following are included within the application:

  • A list of ~58000 popular directories
  • Basic cross site scripting (XSS) checks
  • Basic SQL injection (SQL) checks
  • Buffer overflows (BFO) checks
  • Format string errors (FSE) checks
  • Integer overflows (INT) checks

You can download the latest version of JBroFuzz from SourceForge JBroFuzz Download Page.

There is a Java version and a Windows Executable version available.

The flash tutorial available for download typically serves a very good starting point for any new user familiar or not so with fuzzing.

You can find out more here:

JBroFuzz Site


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- Unicorn – PowerShell Downgrade Attack
- Wfuzz – Web Application Brute Forcer
- wildpwn – UNIX Wildcard Attack Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,978,273 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,421,055 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 679,071 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Hackers Attack Root Servers and Slow Internet Key Traffic

Find your website's Achilles' Heel


Well at least it shows the Internet is not very susceptible to such attacks due to its distributed nature, even if the root nameservers are down, the DNS system still functions.

This was a pretty heavy attack though and the most significant in the past 5 years or so, someone testing their ego I guess.

I CAN H4XOR YOUR INTERWEBNETS!

The attack, which began Tuesday at about 5:30 a.m. Eastern time, was the most significant attack against the root servers since an October 2002 distributed denial of service (DDOS) attack, said Ben Petro, senior vice president of services with Internet service provider Neustar. Root servers manage the Internet’s Domain Name System (DNS), used to translate Web addresses such as Amazon.com into the numerical IP addresses used by machines.

Thankfully the Internet didn’t crash, if it did I’d be very sad!

“Two of the root servers suffered badly, although they did not completely crash; some of the others also saw heavy traffic,” said John Crain, chief technical officer with the Internet Corporation for Assigned Names and Numbers (ICANN), in an e-mail interview

The two hardest-hit servers are maintained by the U.S. Department of Defense and ICANN, he added.

The botnet briefly overwhelmed these servers with useless requests, causing them to occasionally hang, but did not disrupt Internet service, Petro said. By 10:30 a.m., Internet service providers were able to filter enough of the traffic from the botnet machines that traffic to and from the root servers was essentially back to normal.

It seems the attack wasn’t that strong and they managed to filter it out, it was in terms of MB rather than GB frequently seen in modern DDoS attacks.

It was just very focused, targeting only the root servers.

Source: Network World


Posted in: General News, Network Hacking

Tags: , , , , , , , , ,

Posted in: General News, Network Hacking | Add a Comment
Recent in General News:
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,393 views
- eEye Launches 0-Day Exploit Tracker - 85,538 views
- Seattle Computer Security Expert Turns Tables On The Police - 43,847 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


ObiWaN – Web Server Brute Forcing from Phenoelit

Find your website's Achilles' Heel


This Phenoelit tool called ObiWaN is written to carry out brute force security testing on Webservers.

The idea behind this is webservers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a HTTP connection to a host with basic authentication can try username-password combinations as long as he/she likes.

Like other programs for UNIX system passwords (crack) or NT passwords (l0phtcrack) ObiWaN uses wordlists and alternations of numeric or alpha-numeric characters as possible passwords. Since Webservers allow unlimited requests it is a question of time and bandwith to break in a server system.

The most interesting targets are web based administration frontends like Netscapes Server Administration. If you can break in, you are able to create accounts, stop the server and modify its content. Real fun.

You can read the full documentation here.

Various versions (including Windows, Linux and Solaris) of ObiWaN are available for download here:

ObiWan – Project 2068/11.1


Posted in: Hacking Tools, Password Cracking, Web Hacking

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Password Cracking, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Unicorn – PowerShell Downgrade Attack
- Wfuzz – Web Application Brute Forcer
- wildpwn – UNIX Wildcard Attack Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,978,273 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,421,055 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 679,071 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Check Point VPN-1 Power VSX NGX – Virtual Firewalls Get Clustered

Your website & network are Hackable


Clustered Firewalls? What on earth next, beowulf IDS systems?

Check Point has added cluster support and more granular controls to its virtual firewall software, memorably named Check Point VPN-1 Power VSX NGX.

Virtual firewalls can now be distributed around a server cluster, with standby firewalls on alternative servers. System administrators can also shift processor power around, taking it from low priority systems and giving to to high priority ones.

“We are seeing a growing market within data centres to have clustered environments so there is no single point of failure,” said Check Point security engineer Caroline Ikomi.

Virtual servers are getting pretty big though, for all kinds of purposes.

“Within the VSX scalability pack, you can allocate virtual systems to specific cluster members based on their performance requirement, and have alternative virtual systems backed up to the same blade as a standby, so making maximum use of resources.”

Check Point claimed that the new clustering capability in VSX enables linear growth in performance, plus real-time monitoring of traffic load distribution, and reduced synchronisation traffic.

The program, which costs from $24,000 for 10 virtual system licences, is a version of Check Point’s firewall, VPN and anti-intrusion software that runs as a virtual application. The company said that it allows a single physical server to run up to 250 virtual security devices.

It’s aimed at large organisations with multiple VLANs so it might interest some of you. It’s also good for running multiple ‘firewall’ devices with different policy sets from the same bit of hardware.

Source: The Register


Posted in: Countermeasures, Security Software

Tags: , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
Recent in Countermeasures:
- Cuckoo Sandbox – Automated Malware Analysis System
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response
- MISP – Malware Information Sharing Platform

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,108 views
- Password Hasher Firefox Extension - 117,780 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,727 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Backup Platinum – CD, FTP & LAN Backup Software Review

Your website & network are Hackable


Backup Platinum is an Windows platform backup program to make another copy of your important stuff so if your PC burns/gets pwned/crashes etc you won’t lose everything.

It supports backup by Hard or USB drives, CD-R/W or DVD±R/RW media, FTP server or Local Area Network (LAN).

It’s easy enough to download and install, you can grab it here (It’s only 2.6MB).

Backup Platinum

You’ll need Microsoft 95/98/ME/NT/2000/XP/2003 and about 3MB of free disk space.

The interface immediately fires up a backup wizards when you first start the software, this guides you nicely through how to setup a new backup job or synchronize your data between two locations.


Backup Platinum Wizard

It supports a good range of files such as Registry Files, Outlook Express Files, MSN Files and so on.

Sadly it’s too MS-centric, I would like to see support for Thunderbird and Firefox files and settings.

File Support

I tested backup via FTP and it worked well allowing me to browse the remote FTP location within the interface and choose the location I wished to save the files.

FTP Backup

It supports various encryption options (128-bit) with Blowfish to ensure file integrity and confidentiality.

The DVD/CD-Writing module also supports spanning across multiple disks and it integrates with windows scheduler so once you have created the jobs you can schedule your backups at regular intervals.

Backup Platinum is priced at a fairly reasonable $67USD per license, honestly for this kind of software (it’s not rocket science) I’d prefer to see it around $30USD.

It’s simple software and it does what it’s supposed to do, good job.


Posted in: Advertorial, General News, Security Software

Tags: , , , , ,

Posted in: Advertorial, General News, Security Software | Add a Comment
Recent in Advertorial:
- Defence In Depth For Web Applications
- 13 WordPress Security Tips From Acunetix
- Acunetix WVS 10 Released – Keeping Your Website Secure just got Easier

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 41,447 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,261 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,084 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Technika – Automate Common Exploit Tasks

Your website & network are Hackable


Technika was developed for the computer security professionals to automate common exploitative task from the browser. It acts like a standard OS shell scripting environment. You can script everything from the currently viewed page just like Greasemonkey (spawn processes, unrestricted XMLHttpRequest connections and sockets). You can autorun bookmarklets and perform safe operations on the currently viewed resource.

You can install the Technika Firefox Extension here:

INSTALL Technika

Or you can explore the code here:

Technika on Google Code

Technika was successfuly used to implement several Web and System related exploits that run directly from the browser. Unfortunatley their source code cannot be shown here for obvious reasons.

If you want to persist some data, use Firefox, IE or Opera persistent objects. Your bookmarklets will remain portable across all browsers as long as you support them in your code. Technika is extremely light so go ahead and install it. If you want to use Technika command console, please install Firebug.

The extension is still in Alpha although it is mostly usable and quite stable.

You can read more on the home page here:

Technika


Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Intel Hidden Management Engine – x86 Security Risk?
- TeamViewer Hacked? It Certainly Looks Like It
- Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,764 views
- AJAX: Is your application secure enough? - 120,108 views
- eEye Launches 0-Day Exploit Tracker - 85,538 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Up to a Quarter of Internet Connected Machines Could be Zombies

Find your website's Achilles' Heel


It’s a scary thought to find out perhaps a quarter of Internet connected machines could be zombies…The sad part is, I think it could well be true, as most of the non tech savvy Internet users I know still use Internet Exploder and their machines are riddled with crapware, trojans, viruses and spyware.

Imagine how many Internet enabled PC’s there are…

Criminals controlling millions of personal computers are threatening the internet’s future, experts have warned.

Up to a quarter of computers on the net may be used by cyber criminals in so-called botnets, said Vint Cerf, one of the fathers of the internet.

Technology writer John Markoff said: “It’s as bad as you can imagine, it puts the whole internet at risk.”

The panel of leading experts was discussing the future of the internet at the World Economic Forum in Davos.

The Internet was not built to be resilient to such things, there’s an inherent problem with the Internet and the level of education and awareness of the average Internet user.

Before AOL there was a certain intellectual barrier to getting online, it wasn’t that straight forwards and required a little bit of grey matter.

Now it’s SO easy to get online….the average intelligence of Internet users has dropped dramatically.

Mr Cerf, who is one of the co-developers of the TCP/IP standard that underlies all internet traffic and now works for Google, likened the spread of botnets to a “pandemic”.

Of the 600 million computers currently on the internet, between 100 and 150 million were already part of these botnets, Mr Cerf said

Botnets are made up of large numbers of computers that malicious hackers have brought under their control after infecting them with so-called Trojan virus programs.

And yes, you guessed it…one of the main problems is our good friend Microsoft and their lovely secure Windows.

Plus on top of that, the proliferation of pirated copies of Windows, pressed pirated CD’s of Windows Vista are already available in China and probably other places like Malaysia and Thailand too.

A shocking 50% of these pirated versions come with Trojans pre-installed.

Operating systems like Microsoft Windows, meanwhile, still made it too easy for criminals to infiltrate them, the experts said.

Microsoft had done a good job improving security for its latest operating system, Windows Vista, said Mr Markoff.

But already pirated copies of Vista were circulating in China, even though the consumer launch of Vista has been scheduled for next Tuesday.

Experience showed that about 50% of all pirated Windows programs came with Trojans pre-installed on them, Mr Markoff said.

Ah what to do, just protect yourself and educate those you can be bothered to listen you.

We’ll just let the rest of the world screw themselves up.

Source: BBC News


Posted in: General News, Malware

Tags: , , , , , , , ,

Posted in: General News, Malware | Add a Comment
Recent in General News:
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,393 views
- eEye Launches 0-Day Exploit Tracker - 85,538 views
- Seattle Computer Security Expert Turns Tables On The Police - 43,847 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95