Archive | March, 2007


19 March 2007 | 8,489 views

ADN – Win32 Active Directory Navigator

ADN – Active Directory Navigator is a little tool to visually explore an Active Directory and perform a simple dictionary attack against users’ password. You can download the tool here: ADN – Active Directory Navigator MD5 4a1e3bb33a25d91d7d7a70877f8374ef SHA1 a0bf80e9426835b88cc6604784d2d949efe5645f Notes: It requires .NET framework and PCSoft framework

Continue Reading


16 March 2007 | 42,164 views

MSN Password Stealing Trojan Becomes Public

Ah another trojan, this time targeting MSN Live logins for. The trojan has been made public by some kind citizen calling himself “Our Godfather” on the BitTorrent network. The sad thing is…I guess it works and hundreds of people will have installed it. Malware designed to steal users’ Windows Live Messenger password has been released [...]

Continue Reading


15 March 2007 | 7,751 views

Stompy – The Web Application Session Analyzer Tool

A new tool dealing with web sessions was recently announced, it’s called stompy, a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they’re predictable or simply vulnerable to brute-force attacks, we do have a problem. [...]

Continue Reading


14 March 2007 | 5,988 views

Huge Online Loss by Swedish Bank Nordea – Claimed to be Biggest Loss?

A massive online heist, some (like McAfee) claim it’s the biggest ever online sting involving a bank, it’s comes in at about half a million pounds or or $1.1 million USD. Using some l33t0 custom trojan, it seems to be more a case of lack of education and the whole situation could have been avoided [...]

Continue Reading


13 March 2007 | 8,725 views

PwdHash from Stanford – Generate Passwords by Hashing the URL

The Common Password Problem. Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As expected, [...]

Continue Reading


09 March 2007 | 12,594 views

Blue-Ray DRM Cracked Already?

It didn’t take them long! A while ago some smart chaps worked out the a way to extract the HD DVD and Blu-ray Disc “volume keys” to decrypt AACS DRM on individual films (This was about 2 months ago). Now they have cracked the scheme behind it, the so called “processing key” used to decrypt [...]

Continue Reading


08 March 2007 | 41,615 views

PReplay – A pcap Network Traffic Replay Tool for Windows

There are not many good tools for replaying traffic, most people use WireShark (formely known as Ethereal) for capturing the traffic, but what happens if you want to take that capture and reply it over the wire? Someone has this problem so they decided to code their own solution, thankfully for us! There are quite [...]

Continue Reading


07 March 2007 | 7,687 views

Microsoft’s Live OneCare the WORST Anti-Virus Solution

An Austrian web site called AV Comparatives has done an ‘independent‘ test of 17 different Anti-Virus products and released the results online. On this site you will find independent comparatives of Anti-Virus software. All products listed in our comparatives are already a selection of some very good anti-virus products. In order to get tested by [...]

Continue Reading


06 March 2007 | 6,806 views

WordPress Download Server Compromised (2.1.1) – Get 2.1.2 NOW!

Some sneaky hacker got into the WordPress download server and placed a backdoor in the latest available version (2.1.1). Luckily within a day someone reported the exploit to the WordPress team and they took the site down to investigate. This morning we received a note to our security mailing address about unusual and highly exploitable [...]

Continue Reading


05 March 2007 | 6,184 views

Let’s Digest Some Messages – md5 Hash Checker for Windows

Of course it’s a small article about md5… I really wondered how many Micro$oft Windows users check the md5 sum of programs that they download from the internet… Do you really trust that much the mirror websites? Even I could set up a mirror website for any download website and spread malformed packages to include, [...]

Continue Reading