Archive | September, 2007


28 September 2007 | 6,428 views

TJX (T.J. Maxx and Marshall’s) Largest Breach of Customer Data in U.S. History

This case has been going on for a while but obviously hush hush, being that it is the largest breach of customer data in U.S. History. The details of the case have only started emerging in the last couple of months. Information Week published a good article covering what has been going on recently. Amazing [...]

Continue Reading


27 September 2007 | 10,188 views

httprint v301 – Web Server Fingerprinting Tool – Download

I was looking through my toolbox to see what else is useful and I came across this one, httprint – the only caveat is that it’s a little out of date. It still does a good job though. httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web [...]

Continue Reading


26 September 2007 | 21,715 views

Gentoo Pulls the Plug after Getting Pwned

Gentoo Pulls the Plug after Getting Pwned Gentoo pulled quite a few of it’s servers recently following the discovery of a fairly severe flaw in it’s systems. Just to show that Linux systems aren’t invulnerable and immune to all security issues. Ubuntu suffered quite heavily recently too, so don’t assume just because you use Linux [...]

Continue Reading


25 September 2007 | 142,278 views

aircrack-ptw – Fast WEP Cracking Tool for Wireless Hacking

WEP is a protocol for securing wireless LANs. WEP stands for “Wired Equivalent Privacy” which means it should provide the level of protection a wired LAN has. WEP therefore uses the RC4 stream to encrypt data which is transmitted over the air, using usually a single secret key (called the root key or WEP key) [...]

Continue Reading


24 September 2007 | 4,389 views

Voting Machines Lose to Hackers Again

I’m sure everyone remembers the Diebold voting fiasco with their system getting pwned multiple times. Back in May 2006 it was announced from multiple sources that the Diebold system was critically flawed. Then more recently Hackers in the Philippines were Invited to Crack Internet Voting, which is definitely positive step to increase security in voting [...]

Continue Reading


21 September 2007 | 8,137 views

LORCON (Loss Of Radio CONnectivity) 802.11 Packet Library

The LORCON packet injection library provides a high level interface to transmit IEEE 802.11 packets onto a wireless medium. Written for Linux systems, this architecture simplifies the development of 802.11 packet injection through an abstraction layer, making the development of auditing and assessment tools driver- independent. Using LORCON, developers can write tools that inject packets [...]

Continue Reading


20 September 2007 | 4,807 views

Major Web Vulnerability Effects Yahoo, MSN, Google and More

I’ve seen this from quite a few sources so it seems it’s fairly legitimate, it seems all major websites have some flaws in the way they implement cookies meaning they are vulnerable to certain types of attack. The only current solution seems to be using full time SSL or https connections full-time, if any of [...]

Continue Reading


19 September 2007 | 9,324 views

IPAudit – Network Activity Monitor with Web Interface

IPAudit monitors network activity on a network by host, protocol and port. It listens to a network device in promiscuous mode, and records every connection between two ip addresses. A unique connection is determined by the ip addresses of the two machines, the protocol used between them, and the port numbers (if they are communicating [...]

Continue Reading


18 September 2007 | 4,622 views

Im In Your Leenucks Box Changing Your Password

More hacker humour – this is a good one! — So I’ve been a professor at this ‘little school’ for a while now. I love my job. My classes contain students from all age groups. I have a few 17 year old high schoolers that are here because they are bored during the summer. I [...]

Continue Reading


17 September 2007 | 5,935 views

Foremost – Recover Files From Drive or Drive Image AKA Carving

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a [...]

Continue Reading