Archive | August, 2007


17 August 2007 | 7,249 views

PDF & Image Attachment Spam – The New Problem with E-mail

The spam landscape has changed quite a lot in the last year or so with image spam and now the latest tactic is PDF and .zip attachments. PDF’s of course being preferred by spammers as you don’t need to extract anything to view their spam, you just open it in your favourite PDF viewer and [...]

Continue Reading


16 August 2007 | 6,774 views

German Hacker Successfully Clones E-Passports

So the latest news is that the RFID chips in electronically enabled passports are NOT encrypted, which bright spark came up with that idea? Ok so you implement ‘more secure’ RFID passports, and leave all the data in plain text for anyone to tamper with – nice! So what do you think they are gonna [...]

Continue Reading


15 August 2007 | 7,828 views

rtpBreak – RTP Analysis & Hacking Tool

rtpBreak detects, reconstructs and analyzes any RTP [rfc1889] session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it doesn’t require the presence of RTCP packets (voipong needs them) that aren’t always transmitted from the recent VoIP clients. The RTP sessions are composed [...]

Continue Reading


14 August 2007 | 6,445 views

Russian Elcomsoft Finds Backdoor in Quicken Passwords

Elcomsoft is quite a well known firm when it comes to password ‘recovery’, I have used their products in the past when I was in a fix and I needed a password that had been, you know…lost. They rose to fame in 2001 after cracking Adobe’s eBook format. Recently they announced a fairly serious backdoor [...]

Continue Reading


13 August 2007 | 2,908 views

June Commenter of the Month Competition Winner Daniel and his Prizes

Daniel has received his prices for winning the June competition. Doesn’t he look smart! He’s happy! I want a silver PSP too *sigh* so sad they give it to other people haha. So keep commenting guys and keep up the good discussion, in the world of blogs you ‘tip’ the author by leaving comments. It [...]

Continue Reading


10 August 2007 | 9,664 views

mssql-hax0r v0.9 – Multi-purpose MS-SQL injection script

mssql-hax0r v0.9 is a Multi-purpose MS-SQL injection attack tool for advanced Microsoft SQL Server exploitation. Three modes of operation are currently available: info (Information Gathering), dump (Record Dump), and brute (Brute Force). You may need to tweak the code a bit to make it fit your needs (i.e. modifying the injection string and/or the language [...]

Continue Reading


09 August 2007 | 5,282 views

NASA Hacker Gary McKinnon Wins Right to Lords Appeal Extradition Hearing

As we followed the Gary McKinnon case quite closely whilst it was happening, here’s the latest update. At least he seems to be getting a break in the case as he’s won the right to have his extradition case heard by the House of Lords. Gary McKinnon, the ex-systems administrator accused of conducting the biggest [...]

Continue Reading


08 August 2007 | 5,551 views

XSS Warning – A Security Extension/Add-on for Firefox

XSS Warning is a extension/add-on for Firefox that filters malicious values to prevent Cross Site Scripting (XSS) attacks by malicious URLs (assuming you have Javascript enabled). XSS Warning 0.1.8 beta protect from: URL attack Redirect attack Link code injection Compatible with Firefox: 1.5 – 2.0.0 You can install and read more about XSS Warning here: [...]

Continue Reading


07 August 2007 | 6,382 views

The Homeland Security Department Suffered More Than 800 Successful Hack Attacks

Not just attempts, but 844 successful intrusions over the past two years, quite a scary statistic no? They are actually having a subcommittee hearing entitled “Hacking the Homeland”. This includes all kinds of intrusions including web site hacks, viruses, worms and other kinds of intrusion. DHS and its constituent agencies have suffered more than 800 [...]

Continue Reading


06 August 2007 | 19,184 views

Inguma – Penetration Testing Toolkit

Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits for many products. Inguma the word is the name of a Basque’s mythological spirit who kills people while sleeping and, also, the one [...]

Continue Reading