Archive | October, 2007

FireCAT 1.2 Released – Firefox Catalog of Auditing Extensions

Your website & network are Hackable


As mentioned in the previous FireCAT 1.1 post, FireCAT 1.2 was released last month.

If you aren’t aware, FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.

Changes for FireCAT 1.2

  • Renamed subcategory “Social Engineering” to “Data mining”
  • Bibirmer updated location (thanks to Zagrodzki Krzysztof from Telekomunikacja Polska)
  • Enhanced History Manager (to new subcategory Misc -> Logs / History)
  • Fixed FireGPG extension name
  • Added Oracle OraDB Error Code Look-up (to subcategory Database)

5 New Extensions

  • SQL connection (to subcategory Database)
  • MySqlSidu – MySQL client (to subcategory Database)
  • iMacros (to new subcategory Misc -> Automation)
  • Slogger (to new subcategory Misc -> Logs / History)
  • Gnosis (to subcategory Data mining)

FireCAT 1.2 now reaches reaches 60 extensions. Thanks to all fellas who give us a helping hand to collect and maintain this framework. We are also happy to announce that FireCAT exceeded 40,000 download.

You can download FireCAT 1.2 here:

FireCAT 1.2 Source (FreeMind) (Zip – 3.9 kb)
FireCAT 1.2 HTML Browsable (Zip – 76.4 kb)
FireCAT 1.2 PDF (PDF – 164.7 kb)

Or you can read more here.


Posted in: General Hacking, Web Hacking

Tags: , , , , , , , ,

Posted in: General Hacking, Web Hacking | Add a Comment
Recent in General Hacking:
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,171,833 views
- Hack Tools/Exploits - 630,896 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 436,456 views

Get protected with Sucuri


Web Integrity Checker – ISPs Inserting Ads Into Web Content

Find your website's Achilles' Heel


A while back it was discovered that some ISPs have taken to inserting ads into web pages you are viewing, these are ads from the ISP you are using (AND PAYING FOR) not ads from the content provider or site that you are viewing.

Some ISPs are resorting to a new tactic to increase revenue: inserting advertisements into web pages requested by their end users. They use a transparent web proxy (such as this one) to insert javascript and/or HTML with the ads into pages returned to users. Neither the content providers nor the end-users have been notified that this is taking place, and I’m sure that they weren’t asked for permission either

From Slashdot.

It seems some ISPs have bought a device from Fair Eagle, which is basically a spam box – it attempts to insert ads into all HTTP traffic that passes through it.

This is where the Web Integrity Checker from Washington University comes in.

The University of Washington security and privacy research group and ICSI have created a measurement infrastructure. By visiting our web page, you are helping out with our experiment. (Thank you!) In the process, we’ll help you figure out if some “party in the middle” (like your ISP) might be modifying your web content in flight. We also plan to share our overall results with the public.

Just by visiting this page, your web browser is participating in our experiment. We are detecting whether some “party in the middle” is modifying a set of test web pages, and the results of the tests are shown below. If you do not see a “change found” message below, then we did not detect any modifications to the test pages.

UW CSE and ICSI Web Integrity Checker

Details on how it works are at the bottom of the page.


Posted in: Legal Issues, Privacy

Tags: , , , , , ,

Posted in: Legal Issues, Privacy | Add a Comment
Recent in Legal Issues:
- Criminal Rings Hijacking Unused IPv4 Address Spaces
- The Panama Papers Leak – What You Need To Know
- FBI Backed Off Apple In iPhone Cracking Case

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,722 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,661 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,635 views

Get protected with Sucuri


Scavenging for project members on Darknet

Find your website's Achilles' Heel


Wanna work on a web reconnaissance tool?
Want to have your name in readme file?
Got bored and want to help somebody?

Well then darknet readers this is your chance, because I need people to help me on a project I started a while ago called Website Anatomy, to find out what it is about check out the link… That is what the initial idea I had about it, since then it changed radically.

Anyway arriving to the important part of this article… I need a regEx guy (many regular expressions will be needed) and a php-guru (to tidy up and improve my code), till next weekend drop me mails at: backbone46 [at] gmail dot com


Posted in: Web Hacking

Tags: , , , ,

Posted in: Web Hacking | Add a Comment
Recent in Web Hacking:
- PunkSPIDER – A Web Vulnerability Search Engine
- UFONet – Open Redirect DDoS Tool
- Everything You Need To Know About Web Shells

Related Posts:

Most Read in Web Hacking:
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 686,818 views
- Web Based E-mail (Hotmail Yahoo Gmail) Hack/Hacking with JavaScript - 312,064 views
- Download youtube.com videos? - 156,586 views

Get protected with Sucuri


Recent in Forensics:
- Cuckoo Sandbox – Automated Malware Analysis System
- Web Application Log Forensics After a Hack
- CapTipper – Explore Malicious HTTP Traffic

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,492 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 34,615 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 30,334 views

Get protected with Sucuri


VPS – Virtual Private Server for Darknet

Find your website's Achilles' Heel


So I’ve got a VPS set-up for Darknet, it’s not quite a dedicated server or a co-lo but it’s pretty close and it’s much more affordable!

Can’t beat a bit of root access so I can rysnc things off to another box.

The box will be backed up off-site every day anyway, and I’ll pull back-ups daily to a local box here.

The server is up and prepped, everything is installed. I’m just tweaking it a bit now and I’ll probably move the site over during the coming weekend.

It should be noticeably faster for most people as it’ll be moving back to North America from Asia where it’s temporarily hosted currently.


Posted in: Site News

Tags: , , , , , , , ,

Posted in: Site News | Add a Comment
Recent in Site News:
- A Look Back At 2015 – Tools & News Highlights
- A Look Back At 2014 – Tools & News Highlights
- Yes – We Now Have A Facebook Page – So Please Like It!

Related Posts:

Most Read in Site News:
- Welcome to Darknet – The REBIRTH - 36,616 views
- Get the ball rollin’ - 19,006 views
- Slashdot Effect vs Digg Effect Traffic Report - 12,274 views

Get protected with Sucuri


The Next Evolution – GFI Uncovers MP3 Spam

Your website & network are Hackable


If you remember a while back we mentioned PDF & Image Attachment Spam – The New Problem with E-mail, now we have another ‘innovation’ in spamming..

MP3 spam!

It seems they are using it for the same old pump and dump tactics (Microcap stock fraud) to artificially inflate stock prices then sell out fast.

Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams.

One sample identified this morning by GFI, was a heavily distorted 30-second MP3 file. A synthetic female voice was used to promote a particular stock. This voice is distorted to avoid filtering approaches based on the file signature.


Once again, spammers are taking advantage of the fact that the MP3 format is one of the most common in use today, another attempt at social engineering.

I wonder what they are going to come out with next, really?

The spam is a short, 30-second MP3 file recorded at low bit-rate with a synthetic female voice promoting a particular stock; the voice heavily distorted to avoid signature-based anti-spam approaches (click here [MP3] to listen to an edited sample of MP3 spam).

“MP3 spam is a natural progression from PDF and Excel spam whereby spammers are exploiting a new file format to be able to send spam. This is their latest attempt to evade anti-spam filters. There is also a social engineering aspect to this tactic because people frequently share MP3 files,” David Vella, Director of Product Management, said.

Another thing to look out for anyway, perhaps start filtering mp3 attachments on the mail gateway, then they’ll start putting them in passworded zip files I guess..

Source: GFI


Posted in: Advertorial, Phishing, Spammers & Scammers

Tags: , , , , , , , , , , ,

Posted in: Advertorial, Phishing, Spammers & Scammers | Add a Comment
Recent in Advertorial:
- Everything You Need To Know About Web Shells
- Web Application Log Forensics After a Hack
- Defence In Depth For Web Applications

Related Posts:

Most Read in Advertorial:
- eLearnSecurity – Online Penetration Testing Training - 42,000 views
- Acunetix Web Vulnerability Scanner 6 Review - 15,345 views
- Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements - 15,201 views

Get protected with Sucuri


CORE GRASP – PHP Web Application Protection Software

Your website & network are Hackable


CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations.

As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license.

The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, it can be installed with almost the same effort as the PHP engine, both in Unix and Windows systems, and protection is immediate with any PHP web application running in the protected server.

CORE GRASP works by enhancing the PHP execution engine (VM) to permit byte-level taint tracking and analysis for all the user-controlled or otherwise untrustable variables of the web application. Tainted bytes are then tracked and their taint marks propagated throughout the web application’s runtime.

Whenever the web application tries to interact with an DB backend using SQL statements that contain tainted bytes, GRASP analyzes the statment and detects and prevents attacks or abnormal
actions.

CORE GRASP was developed by CoreLabs, the research unit of Core Security Technologies. At CoreLabs, we plan to improve the tool and include new protections shortly. However, the invitation to collaborate with the project is open. If you would like to collaborate, please go to the GRASP website and subscribe to the mailing list.

The documentation for CORE GRASP is available here and you can download it here:

CORE GRASP download page

Or you can read more here.


Posted in: Countermeasures, Security Software, Web Hacking

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment
Recent in Countermeasures:
- Bearded – Security Automation Platform
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,264 views
- Password Hasher Firefox Extension - 117,881 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,751 views

Get protected with Sucuri


Police to Monitor Indian Cyber-Cafes

Your website & network are Hackable


It seems India are getting serious about terrorist activities being co-ordinated via the Internet, they are starting to run extremely deep surveillance on many cyber-cafes in Mumbai.

The solution appears to be some kind of ‘legal’ trojan system that will collect logs and send them to the police

The Mumbai police will soon have khabris deployed (not physically) at over 500 cyber cafes in the city. A new software will allows cops to swoop down on terrorists the moment a keystroke is pressed at any cyber café across the city.

Investigations into the recent Hyderabad and Mumbai blasts have revealed that the planning was done using the Internet especially, chat rooms.

In fact, it is a well-known fact that terrorists all over the world do not use paper and pen or the phone to communicate. Everywhere, all over the world, it’s the net.

It seems to be fairly basic, key stroke logging and time lapsed screenshots fed back to a main server. There doesn’t seem to be any clever analysis going on, perhaps a few thousand Indian programmers will be sifting through the screenshots to identify anything dodgy amongst all the Telegu Karaoke videos and Punjabi Porn.

Vijay Mukhi, President of the Foundation for Information Security and Technology says, “The terrorists know that if they use machines at home, they can be caught. Cybercafes therefore give them anonymity.”

“The police needs to install programs that will capture every key stroke at regular interval screen shots, which will be sent back to a server that will log all the data.

The police can then keep track of all communication between terrorists no matter, which part of the world they operate from.This is the only way to patrol the net and this is how the police informer is going to look in the e-age,” added Mukhi.

Is it a privacy concern? Well yeah I guess it is, but then who conducts anything important from a cyber-cafe anyway?

All you need to do is find an un-encrypted wifi point…

Source: Mid-day


Posted in: General News, Legal Issues

Tags: , , , , , , , , , , ,

Posted in: General News, Legal Issues | Add a Comment
Recent in General News:
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,440 views
- eEye Launches 0-Day Exploit Tracker - 85,737 views
- Seattle Computer Security Expert Turns Tables On The Police - 44,361 views

Get protected with Sucuri


HttpBee – Web Application Hacking Toolkit

Your website & network are Hackable


HttpBee is a swiss-army-knife tool for web application hacking. It is multi-threaded, embedded with scriptable engine and has both command-line and daemon mode (if executed in daemon mode, HttpBee can become an agent of a distributed framework).

This is a tool for more advanced users and there isn’t much documentation so if anyone feels like writing a more comprehensive guide or tutorial, please do so!

Installing

You will need lua 5.1.x. Grab it at http://www.lua.org/ftp/

You will also need pcre library.

There’s no ./configure script in HttpBee at the moment, so you will need to change Makefile directly before you build it. Look into CXXFLAGS and CFLAGS section. -DOS_X (or -DLINUX, or -DWINDOWS is basically a setting for your platform, plus, ajust the pathes).

Using

The folder ‘modules’ contains lua plugins that HttpBee uses to perform its assessment tasks. You can run HttpBee as ./httpbee -s path/to/modules/script.lua -t 255 -h localhost (specifying different number of parallel threads impacts performance)

Scripting

The way HttpBee’s scripting engine is implemented is relevant to HttpBee architecture itself. HttpBee maintains a pool of threads that it uses for parallel task execution. Therefore execution of HttpBee scripts is not linear. Instead, there are certain functions which are executed at certain steps of scanning process. The global scripting part is executed when the script is initially “scanned”, so HttpBee can pick up tags, description and other data from your script. init function will be executed only when your script is picked up and scheduled for execution (based on tags selection for example).

You can download HttpBee here:

httpbee-1.0rc1.tgz

Or read more here.


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework
- DET – Data Exfiltration Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,991,674 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,475,564 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 686,818 views

Get protected with Sucuri


Cyber Crime Toolkits Go On Sale

Your website & network are Hackable


This is not exactly new news either, these kind of toolkits have been on sale for a long time, virus generators, trojan toolkits, now they are getting more polished, more stream-lined, more expensive and more easily available.

News of them is hitting the mainstream media..

Malicious hackers are producing easy to use tools that automate attacks to cash in on a boom in hi-tech crime.

On sale, say security experts, are everything from individual viruses to comprehensive kits that let budding cyber thieves craft their own attacks.

The top hacking tools are being offered for prices ranging up to £500.

Some of the most expensive tools are sold with 12 months of technical support that ensures they stay armed with the latest vulnerabilities.

Hacking tools with support packages! Now that’s something new.

According to Mr Henry there were more than 68,000 downloadable hacking tools in circulation. The majority were free to use and took some skill to operate but a growing number were offered for sale to those without the technical knowledge to run their own attacks, he said.

But, he added, many hacking groups were offering tools such as Mpack, Shark 2, Nuclear, WebAttacker, and IcePack that made it much easier for unskilled people to get in to the hi-tech crime game.

Mr Henry said the tools were proving useful because so many vulnerabilities were being discovered and were taking so long to be patched.

Mentions of Mpack always pops up, but now there’s a plethora of competitors.

The landscape is getting interesting, time for companies to invest more in their I.T. budgets I think. Especially when it comes to education and awareness.

Source: BBC


Posted in: Legal Issues, Malware

Tags: , , , , , ,

Posted in: Legal Issues, Malware | Add a Comment
Recent in Legal Issues:
- Criminal Rings Hijacking Unused IPv4 Address Spaces
- The Panama Papers Leak – What You Need To Know
- FBI Backed Off Apple In iPhone Cracking Case

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,722 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,661 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,635 views

Get protected with Sucuri