Archive | August, 2007

Download pwdump6 and fgdump version 1.6.0 available now.

Your website & network are Hackable


New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!).

For those that don’t know what pwdump or gfdump are..

pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, and should be stable on XP SP2 and 2K3. If you have had LSASS crash on you using older tools, this should fix that.

fgdump is a more powerful version of pwdump6. pwdump tends to hang and such when antivirus is present, so fgdump takes care of that by shutting down and later restarting a number of AV programs. It also can dump cached credentials and protected storage items, and can be run in a multithreaded fashion very easily. I strongly recommend using fgdump over pwdump6, especially given that fgdump uses pwdump6 under the hood! You’ll get everything pwdump6 gives you and a lot more.

Darknet definately DOES recommend fgdump, super cool update of the old favourite pwdump.


The primary change in both packages for version 1.6.0 is that they will once again, for the time being, sneak by antivirus more easily. This is strictly to allow the majority of the userbase, who are legitimate pen-testing users, to carry out their work unfettered.

fgdump was also fixed to correct a problem when running locally – if you’ve received the infamous “error 2” message before, you should find that no longer occurs! As always, for pwdump6 users, I recommend highly that you switch to fgdump – I doubt you will regret it. :)

fgdump is targetted at the security auditing community, and is designed to be used for good, not evil. :) Note that, in order to effectively use fgdump, you’re going to need high-power credentials (Administrator or Domain Administrator, in most cases), thus limiting its usefulness as a hacking tool. However, hopefully some of you other security folks will find this helpful.

Get pwdump here

Get fgdump here

You can read more here and here.


Posted in: Exploits/Vulnerabilities, Hacking Tools, Password Cracking, Windows Hacking

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Password Cracking, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Mirai DDoS Malware Source Code Leaked
- mimikittenz – Extract Plain-Text Passwords From Memory
- Massive Yahoo Hack – 500 Million Accounts Compromised

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 236,502 views
- AJAX: Is your application secure enough? - 120,376 views
- eEye Launches 0-Day Exploit Tracker - 85,869 views


Microsoft UK Defaced by Saudi Hackers

Find your website's Achilles' Heel


A while back Microsoft UK got hacked by some Saudi Hackers, Microsoft is always one of the top targets for renegades and ‘cyber-terrorists’ as the high profile nature of the company can give some publicity to their causes.

This was less than a month after Technet got owned.

I don’t think they are ever going to lay off MS.

Saudi hackers manged to deface a page on Microsoft’s UK web site last week, recording the techniques they used in an online video.

The software giant’s sites are periodically hit by acts of digital graffiti. In this case, however, the defacement gang unusually decided to document its attack.
Click here to find out more!

A video illustrating SQL Injection flaws affecting www.microsoft.co.uk, used to insert extra HTML code that formed the basis of the attack, was posted online. Details of how this might be done would be useful fodder for hackers so it shouldn’t come as any particular surprise to learn that the video (posted on unbase.com) was pulled over the weekend.

I’d say the site is still pretty insecure and is likely to get owned again.

According to Zone-h, microsoft.co.uk’s externally hosted website remains potentially vulnerable to Cross Site Scripting and SQL injection attacks. It bases this conclusion on debug errors generated by scripts on the site.

Microsoft.co.uk is run using IIS6 on a series on Windows 2003 servers, according to Netcraft. ®

You can see details of the defacement and the result at Zone-H here.

Source: The Register


Posted in: General Hacking, Web Hacking

Tags: , , , , , , , , , ,

Posted in: General Hacking, Web Hacking | Add a Comment
Recent in General Hacking:
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,173,674 views
- Hack Tools/Exploits - 634,401 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 438,643 views


FireCAT 1.1 Released – Turn Firefox into a Security Platform

Your website & network are Hackable


FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. It can be used to turn your favorite browser (Firefox) into a powerful security framework.

FireCAT comes from “Firefox Catalog of Auditing Toolbox”

Changes for FireCAT 1.1

+ Category Network Utililies
– Added ffsniff to subcat “Sniffers”
– Added CrossFTP to subcat FTP (thanks to Benjamin Picuira)
– Added JiWire to subcat Wi-Fi (thanks to Mike from google.com)
– Added Oracle DBA Toolbar to Subcat Database (thanks to Laurent Chouraki)

+ New category “IT Security Related”
– Added Open Source Vulnerability Database Search (OSVD)
– Added US Homeland Security Threat Level.

You can download Firecat here:

Firecat 1.1 Freemind source (Zip – 3.4 kb)
Firecat 1.1 PDF (PDF – 156.4 kb)
Firecat 1.1 Browsable HTML (Zip – 36.4 kb)

Or read more here.


Posted in: General Hacking, Hacking Tools

Tags: , , , , , , , ,

Posted in: General Hacking, Hacking Tools | Add a Comment
Recent in General Hacking:
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,173,674 views
- Hack Tools/Exploits - 634,401 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 438,643 views


KGB Keylogger from Refog Software – Review

Your website & network are Hackable


KGB Keylogger from Refog Software is a decent light weight Key Logger.

KGB Keylogger is a multi-functional keyboard tracking software that is widely used by both regular users and IT security specialists for tracking the key strokes typed on a given machine.

KGB Keylogger

KGB Keylogger Features at a Glance

  • Stealth mode and visible mode of work;
  • Logs keyboard input, including language-specific characters;
  • Logs Clipboard entries;
  • Monitors and logs network activities;
  • Custom list of monitored applications;
  • Detailed information for each log entry, including the time stamp, application name and window caption;
  • Screenshots at custom frequency (regular intervals or on mouse clicks);
  • Export of logs into HTML;

The software works as described and is pretty fully featured for a Keylogger including a screen capture feature, not just the normal text/keyboard capturing facility.

The interface is nice and it’s fairly easy to use.

It has good ratings at places like Softpedia (5/5).

You can download the trial version here (Valid for 7 days):

KGB Keylogger – Trial

KGB Keylogger is priced reasonably at the current discount rate of $29USD (Previously $45USD), you can read more here or buy it now here.

You can purchase it securely online with a PayPal, Credit Card, Bank/Wire Transfer, Phone, Fax, Mail/Check and Corporate Purchase orders.


Posted in: General Hacking, Hacking Tools

Tags: , , , , , , ,

Posted in: General Hacking, Hacking Tools | Add a Comment
Recent in General Hacking:
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,173,674 views
- Hack Tools/Exploits - 634,401 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 438,643 views


Vista Security Feature – Teredo Protocol Analysis

Your website & network are Hackable


Teredo is a platform-independent protocol developed by Microsoft, which is enabled by default in Windows Vista. Teredo provides a way for nodes located behind an IPv4 NAT to connect to IPv6 nodes on the Internet. However, by tunneling IPv6 traffic over IPv4 UDP through the NAT and directly to the end node, Teredo raises some security concerns.

Primary concerns include bypassing security controls, reducing defense in depth, and allowing unsolicited traffic. Additional security concerns associated with the use of Teredo include the capability of remote nodes to open the NAT for themselves, benefits to worms, ways to deny Teredo service, and the difficulty in finding all Teredo traffic to inspect.

You can find the report here:

Teredo Security [PDF]

We have completed an analysis of the Teredo protocol based on a reading of the RFC (and apart from any implementation). In this section, we highlight some of the more significant security implications of the protocol; that is, ways in which Teredo positively or negatively impacts the IPv4 and IPv6 portions of the Internet.

Source: Securiteam


Posted in: General Hacking, Windows Hacking

Tags: , , , , , , ,

Posted in: General Hacking, Windows Hacking | Add a Comment
Recent in General Hacking:
- Fully Integrated Defense Operation (FIDO) – Automated Incident Response
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,173,674 views
- Hack Tools/Exploits - 634,401 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 438,643 views


Pixy – New & Free Open-source XSS and SQL Injection Scanner for PHP Programs

Find your website's Achilles' Heel


Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits.

Unfortunately, this manual vulnerability search is a very tiresome and error-prone task.

Pixy is a Java program that performs automatic scans of PHP source code, aimed at the detection of XSS and SQL injection vulnerabilities. Pixy takes a PHP program as input, and creates a report that lists possible vulnerable points in the program, together with additional information for understanding the vulnerability.

Features

  • detection of SQL injection and XSS vulnerabilities in PHP source code
  • automatic resolution of file inclusions
  • computation of dependence graphs that help you understand the causes of reported vulnerabilities
  • static analysis engine (flow-sensitive, interprocedural, context-sensitive)
  • platform-independent (written in Java)

You can download directly here:

Download Pixy 3.0.

Or read more here:

http://pixybox.seclab.tuwien.ac.at/


Posted in: Exploits/Vulnerabilities, Hacking Tools

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment
Recent in Exploits/Vulnerabilities:
- Mirai DDoS Malware Source Code Leaked
- mimikittenz – Extract Plain-Text Passwords From Memory
- Massive Yahoo Hack – 500 Million Accounts Compromised

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 236,502 views
- AJAX: Is your application secure enough? - 120,376 views
- eEye Launches 0-Day Exploit Tracker - 85,869 views


Caller ID Spoofing to be Made Illegal in the USA

Find your website's Achilles' Heel


The US Congress recently approved a bill that will make it illegal to spoof Caller ID in the USA.

A while back the FCC announced the wanted to crack down on Caller ID spoofing as it was still too easy.

The amount of the forfeiture penalty (…) shall not exceed $10,000 for each violation, or 3 times that amount for each day of a continuing violation, except that the amount assessed for any continuing violation shall not exceed a total of $1,000,000 for any single act or failure to act.

The title of the act is “A bill to amend the Communications Act of 1934 to prohibit manipulation of caller identification information”

It was introduced on February 28, 2007 and updated 27th June 2007.

You can find the full text here.

The short name “Truth in Caller ID Act of 2007”.

Source: Library of Congress


Posted in: Hardware Hacking, Legal Issues

Tags: , , , , , , , ,

Posted in: Hardware Hacking, Legal Issues | Add a Comment
Recent in Hardware Hacking:
- Tesla Hack – Remote Access Whilst Parked or Driving
- In 2016 Your Wireless Keyboard Security Still SUCKS – KeySniffer
- Intel Hidden Management Engine – x86 Security Risk?

Related Posts:

Most Read in Hardware Hacking:
- Elevator/Lift Hacking !!!!! - 79,754 views
- Military Communications Hacking – Script Kiddy Style - 49,863 views
- Hackers Crack London Tube Oyster Card - 45,441 views


w3af – Web Application Attack and Audit Framework

Your website & network are Hackable


A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features:

Audit

  • SQL injection detection
  • XSS detection
  • SSI detection
  • Local file include detection
  • Remote file include detection
  • Buffer Overflow detection
  • Format String bugs detection
  • OS Commanding detection
  • Response Splitting detection
  • LDAP Injection detection
  • Basic Authentication bruteforce
  • File upload inside webroot
  • htaccess LIMIT misconfiguration
  • SSL certificate validation
  • XPATH injection detection
  • unSSL (HTTPS documents can be fetched using HTTP)

Discovery

  • Pykto, a nikto port to python
  • Hmap, http fingerprinting.
  • fingerGoogle, finds valid user accounts in google.
  • googleSpider, a spider that uses google.
  • webSpider, a classic web spider.
  • robotsReader
  • urlFuzzer
  • serverHeader, fetches server header
  • allowedMethods, gets a list of allowed HTTP methods.
  • crossDomain, get and parse the flash file crossdomain.xml
  • error404page, generate a regular expression to match 404 pages.
  • sitemapReader, read googles sitemap.xml and parse it.
  • spiderMan, using a localproxy and a human, find new URLs for auditing.
  • webDiff, find differences between a local and a remote directory.
  • wsdlFinder, find and parse WSDL and DISCO files.

The framework is extended using plug-ins and is completely written in Python.

You can download w3af here:

w3af BETA 4

Or read more here.


Posted in: Database Hacking, Hacking Tools, Web Hacking

Tags: , , , , , , , ,

Posted in: Database Hacking, Hacking Tools, Web Hacking | Add a Comment
Recent in Database Hacking:
- Securing MySQL Installation on Ubuntu 16.04 LTS
- BBQSQL – Blind SQL Injection Framework
- DBPwAudit – Database Password Auditing Tool

Related Posts:

Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 77,696 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 54,615 views
- SQLBrute – SQL Injection Brute Force Tool - 41,826 views


Vista Security Claims Debunked – Figures Skewed

Your website & network are Hackable


Ah more news about the insecurity of Vista and something we are all pretty aware of…the skewing of figures by Microsoft.

Microsoft apparently still hasn’t learned that counting vulnerabilities doesn’t establish some kind of ‘security level’.

You can read the report here:

Vista 6 Month Vuln Report [PDF]

The Microsoft “researcher” claims that Windows Vista is exponentially less vulnerable than many Linux distributions and Mac OS X. It may be true that the default Vista installation has had less public vulnerability reports, and that Linux has had many more, but this is due to the nature of Open Source. Jeff does not include any “silently fixed” vulnerabilities that have been patched since Vista was released and Microsoft has not disclosed such vulnerabilities publicly.

The methodology used was deeply flawed, as I briefly mentioned before, bugs in Firefox and other software like emacs count as a flaw for Linux whilst IE bugs get ignored for Vista.

The conclusions that are drawn are built on a lack of understanding by the Microsoft researcher. I highly encourage him to go back and take another look, and pare down the results to essential information that is absolutely critical to the conclusions, rather than just “Other OS’s have more bugs, see, look at my graphs”…

Good PR, but bad research? Seems par for the course.

And perhaps it could backfire PR wise, as the clued in people get pushed further away from Vista.

Source: Full Disclosure


Posted in: Exploits/Vulnerabilities, Windows Hacking

Tags: , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Mirai DDoS Malware Source Code Leaked
- mimikittenz – Extract Plain-Text Passwords From Memory
- Massive Yahoo Hack – 500 Million Accounts Compromised

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 236,502 views
- AJAX: Is your application secure enough? - 120,376 views
- eEye Launches 0-Day Exploit Tracker - 85,869 views


Immunity Debugger v1.0 (immdbg) Release – Download it Now!

Find your website's Achilles' Heel


After almost a year of intensive development and internal use, Immunity (The guys who bought us CANVAS) has announced the public release of Immunity Debugger v1.0. The main objective for this tool was to combine the best of commandline based and GUI based debuggers.

Immunity Debugger

Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry’s first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.

  • A debugger with functionality designed specifically for the security industry
  • Cuts exploit development time by 50%
  • Simple, understandable interfaces
  • Robust and powerful scripting language for automating intelligent debugging
  • Lightweight and fast debugging to prevent corruption during complex analysis
  • Connectivity to fuzzers and exploit development tools

Immunity Debugger’s interfaces include the GUI and a command line. The command line is always available at the bottom of the GUI. It allows the user to type shortcuts as if they were in a typical text-based debugger, such as WinDBG or GDB. Immunity has implemented aliases to ensure that your WinDBG users do not have to be retrained and will get the full productivity boost that comes from the best debugger interface on the market.

Basically they’ve ended up creating a fully flexible and extensible Win32 debugger that has all of it’s features, both debugging and graphical, easily accessible from it’s Python scripting engine.

And best of all, it’s available for free. That’s right, Immunity Debugger is released for free, including free monthly updates.

You can download Immunity Debugger here, after registration.

http://debugger.immunityinc.com/register.html

Yes this goes against our general policy of not including tools that require registration, but this one is too cool to miss, so grab it! This is seriously cool and could well replace Ollydbg as the hackers choice. Along with IDA Pro and SoftIce of course ;)

Or read more here.


Posted in: Hacking Tools, Programming

Tags: , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment
Recent in Hacking Tools:
- PyExfil – Python Data Exfiltration Tools
- Netdiscover – Network Address Discovery Tool
- Kautilya – Human Interface Device Hacking Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,000,926 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,511,727 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 692,100 views