Archive | March, 2007

Massive Security Breach Leaks Credit Card Info

Don't let your data go over to the Dark Side!


Recently a fairly huge credit card breach occurred involving a large retail company called TJX, with more than 2,000 retail stores.

Some pretty well known brands there, I know I’ve used some of them…the sad part is they themselves still haven’t worked out the extent of the damage done to their information.

For me this has serious integrity implications.

The TJX Companies, a large retailer that operates more than 2,000 retail stores under brands such as Bob’s Stores, HomeGoods, Marshalls, T.J. Maxx and A.J. Wright, said on Wednesday that it suffered a massive computer breach on a portion of its network that handles credit card, debit card, check and merchandise transactions in the United States and abroad.

The company does not know the extent of the breach, which was first discovered in December 2006. However, hackers may have made off with credit and debit information from transactions in the United States, Canada and Puerto Rico in 2003 as well as transactions between May and December 2006, according to a company statement.

Hopefully the retailer and the credit card companies will bear the brunt of the hack attack and not pass the costs onto the customers.

I really believe customers shouldn’t be penalized for sloppy company security.

The TJX breach recalls other recent hacks, including BJ’s wholesale club and another, reportedly at OfficeMax in 2005. Those breaches, as well as incidents like the hacking of card processor Card Systems, prompted the payment card industry to issue new rules, dubbed the PCI, about how sensitive data is stored and transmitted on internal systems.

However, Spitzer of the MBA said that banks still bore the brunt of security breaches at retailers because they have to pay to reissue cards to customers and absorb the financial losses from unauthorized account withdrawals. Small banks and credit unions often have trouble absorbing those costs, though they are not at fault in the breach itself, Spitzer said.

We’ll have to wait and see I guess.

Source: CSO Online


Posted in: General Hacking, Privacy

Tags: , , , , , , , ,

Posted in: General Hacking, Privacy | Add a Comment
Recent in General Hacking:
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS
- Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,168,337 views
- Hack Tools/Exploits - 622,546 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 432,656 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


the Art of Virology 03h

Cybertroopers storming your ship?


…finally after three months of inactivity (exams, parties and so) I made some time to write this virus and this article… so for the ones who read this series… ENjOY =)

The Old School Virus

Yeah, I gave up writting infant-b because even the [a] version was full of bugs, and had to logicaly restructure the code so I could implement the things I promised for this virus, which bears the name Old School (oldskl)…

A mutant?

I said that in this virus I’m going to implement and encryption scheme, xor based one and mutational (this I forgot to mention). The basics of the XOR is that when comparing two bits, if there are the same the result is 0 (zero) and if different (1).


0 xor 0 = 0
0 xor 1 = 1
1 xor 0 = 1
1 xor 1 = 0

Well also you could use other functions as rotate (left or right), increase/decrease, and, or, not and any other variation of these… The mutation of the virus happens before every infection. It simply adds 1 to the key (which is of dimension byte maxvalue = 255) until it reaches 0FFh (255), moment when it resets the key to 1, not 00 because then the virus would be no more encrypted. So it has 253 posible states (255 and 00 are out)…

The famous transversal infection (.. or Dot Dot)

I had to implement a multi-directory infector. Not all the files are in one single directory, so I implemented the dotdot technique, nothing fancy it works as a simple cd .. command… it’s a clasic …

Multiple infections per run

Simple implementation, but heavy result…
Some info on how it works… I used a tree type infection, just to make it funkier…

]The first infection wave infects 5 files, including itself (the first)…

]]The second file infects other 4 files

]]]The third file infects other 3

]]]]The fourth other 2

]]]]]The fifth just 1

When these infected files are executed, the above scheme starts over again, but decreasing from the number the have. So after another infection wave the second infected files infects other 4 files which infect as follows:

]The first 3 files

]The second 2 files

]The third 1 file

]The fourth 1 file

I think you got the idea… After going to 1 infections per run it stays there and infect just 1 file per run…

Stealth

Actually semy stealth because it only saves the time and date of the file and save the attributes of the files (because it resets them)… Why does it reset the attributes of the files? Because this way it can infect read-only files…

COM’s

You need some COM files to play with this baby… so I created a batch file which will automatically create you ten COM files per run (5 normal, 5 read-only)… Here is the code for the createCOM.bat:


@echo off
debug < gencom.file > nul
copy com.com 1.com > nul
copy com.com 2.com > nul
copy com.com 3.com > nul
copy com.com 4.com > nul
copy com.com 5.com > nul
copy com.com 6.com > nul
copy com.com 7.com > nul
copy com.com 8.com > nul
copy com.com 9.com > nul
copy com.com 10.com > nul
del com.com > nul
attrib +R 1.com
attrib +R 3.com
attrib +R 5.com
attrib +R 7.com
attrib +R 9.com
@echo off

Besides of this BAT file you also need the following file named gencom without any extension:


a100
mov ah, 4C
int 21h
nop
nop
nop
nop
nop
nop

n com.com
rcx
A
w
q

I advice you to make 2 directories: one Virus and a subfolder Start… Place the virus you assemble in start, where you also run createCOM.bat, and also run createCOM.bat in the folder Virus… Atention if the file gencom isn’t in the same directory with the bat, then no com files will be created..

Give me the virus
Again don’t spread this virus… It would an ok virus about 20 years ago, but not it’s god damn old for these times…

Oldskl by backbone: oldskl.asm

The ending of 03…

If you understand everything until now than you know the basics of computer viruses… If not don’t panic (i didn’t also understand viruses at the beginning) the following article will be a fully detailed one about every function we used… for the ones that have learned a bit of assembly… for the others: check my first article and get a good assembly book to learn…

EOF


Posted in: Virology

Tags: , , , , , , , ,

Posted in: Virology | Add a Comment
Recent in Virology:
- The greatest virus of all time
- the Art of Virology 03h
- the Art of Virology 02h

Related Posts:

Most Read in Virology:
- The greatest virus of all time - 67,664 views
- the Art of Virology 00h - 8,797 views
- the Art of Virology 01h - 7,547 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Handy Recovery for Recovering Deleted Data on Windows

Don't let your data go over to the Dark Side!


Handy Recovery is pretty neat software, there is occasions when I’m using Windows and I need to recover something or I’ve deleted something by mistake (I have a habit of using SHIFT+DEL so it’s not even in the recycle bin.

I usually use Active Undelete and was pretty happy with it, I got a chance to try out this software though and looked pretty cool.

Handy Recovery

I have to say I do prefer Handy Recovery to Active Undelete, it’s faster, small (Only 876kb including installer) and the best part is it gives an actual probability of data recovery for each file.

Plus it has a pretty neat filter/search system for finding specific files if you don’t know their location. The program supports FAT 12/16/32, NTFS and NTFS 5 + EFS file systems. This tool can recover files from deleted and formatted partitions or create disk images for deferred recovery. It shows probability of successful recovery for each file and features in-depth disk scanning for certain file types. According to Microsoft, Handy Recovery turned out to be among the first 100 applications that have earned the “Certified for Windows Vista” logo.

The Interface is nice and simple and it runs through the analysis stage pretty quickly, it’s very easy to recover files (recommended to recover to a different partition to reduce chances of permanent data loss) and just takes a couple of clicks.

File Recovery

The trial version is limited to recover 1 file per day and can be download here:

Handy Recovery

There is also a freeware ‘lite’ version here:

Handy Recovery Lite

System Requirements

Windows 95/98/NT/2000/ME/XP/Vista
File systems: FAT12/16/32 or NTFS/NTFS 5.

You can purchase Handy Recovery here:

Order Handy Recovery

It’s pretty reasonably priced at $39US for 1-4 copies with discounts if you buy 5 or more.


Posted in: Forensics, Security Software, Windows Hacking

Tags: , , , , , , , , ,

Posted in: Forensics, Security Software, Windows Hacking | Add a Comment
Recent in Forensics:
- Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response
- FastIR Collector – Windows Incident Response Tool
- Rekall – Memory Forensic Framework

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,374 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 34,114 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 28,237 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


SHA-1 Cracked – Old News, But People Still Talk

Cybertroopers storming your ship?


A paper about cracking SHA-1 originally surfaced in 2005, from a fairly reputable scientific source in China, it was widely publicised nor talked about much.

But then recently, just last month China managed to make a wave out of it, almost 2 years after the initial ‘report’.

It was even Slashdotted on January 20th 2007, the article states the following:

These two main algorithms are currently the crucial technology that electronic signatures and many other password securities use throughout the international community. They are widely used in banking, securities, and e-commerce. SHA-1 has been recognized as the cornerstone for modern Internet security. According to the article, in the early stages of Wang’s research, there were other data encryption researchers who tried to crack it. However, none of them succeeded. This is why in 15 years Hash research had become the domain of hopeless research in many scientists’ minds.

Source: Epoch Times

Bruce Schneier wrote about this in 2005, February in fact, almost 2 full years ago.

SHA-1 Broken

Cryptanalysis of SHA-1

It’s not a major thing though and it’s far beyond anything most criminals could use to thwart national security…or even the security of things based on SHA-1 like OpenSSH.

There are however plenty of replacement algorithms if you are paranoid such as SHA-224, SHA-256, SHA-384, and SHA-512.


Posted in: Cryptography, General Hacking

Tags: , , , , , , , , , , , ,

Posted in: Cryptography, General Hacking | Add a Comment
Recent in Cryptography:
- DROWN Attack on TLS – Everything You Need To Know
- Dell Backdoor Root Cert – What You Need To Know
- ISIS Running 24-Hour Terrorist Crypto Help-desk

Related Posts:

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 47,655 views
- Hackers Crack London Tube Oyster Card - 44,700 views
- WPA2 Vulnerability Discovered – “Hole 196” – A Flaw In GTK (Group Temporal Key) - 32,920 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


A Collection of Web Backdoors & Shells – cmdasp cmdjsp jsp-reverse php-backdoor

Cybertroopers storming your ship?


Michael Daw has collected some WEB backdoors to exploit vulnerable file upload facilities and others. It’s a pretty useful library for a variety of situations, especially for those doing web application security audits and web app security.

Understanding how these backdoors work can also help security administrators implement firewalling and security policies to mitigate obvious attacks.

All these backdoors are publicly available. They have simply been packaged them together into wbc-v1.tar.gz.

The package includes:


Note: readme.txt is also included in this package but not listed here.

You can download the package here:

wbc-v1.tar.gz

You can find the original page here:

Web Backdoor Compilation


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- SubBrute – Subdomain Brute-forcing Tool
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,656 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,402,300 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 676,180 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95