Archive | February, 2008

Password Hasher Firefox Extension

Don't let your data go over to the Dark Side!


Well seen as though we were talking about breaking passwords, here’s a tool for Firefox to help you manage your more secure passwords.

Better security without bursting your brain

Password Hasher is a Firefox security extension for generating site-specific strong passwords from one (or a few) master key(s).

What good security practice demands:

      Strong passwords that are hard to guess.
      Different passwords at each site.
      Periodically changing existing passwords.

Why you probably aren’t practicing good security:

      Strong passwords are difficult to remember.
      Juggling a multitude of passwords is a pain.
      Updating passwords compounds the memorization problem.

How Password Hasher helps:


  • Strong passwords are automatically generated.
  • The same master key produces different passwords at many sites.
  • You can quickly upgrade passwords by “bumping” the site tag.
  • You can upgrade the master key without updating all sites at once.
  • It supports different length passwords.
  • It supports special requirements, such as digit and punctuation characters.
  • All data is saved to the browser’s secure password database.

You can download Password Hasher here:

passhash-1.0.5.xpi

Or read more here.


Posted in: Countermeasures, Security Software

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
Recent in Countermeasures:
- Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response
- PEiD – Detect PE Packers, Cryptors & Compilers
- NAXSI – Open-Source WAF For Nginx

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,031 views
- Password Hasher Firefox Extension - 117,718 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,707 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Password Cracking Wordlists and Tools for Brute Forcing

Cybertroopers storming your ship?


I quite often get people asking me where to get password cracking Wordlists, after all brute forcing and password cracking often relies on the quality of your word list.

Do note there are also various tools to generate wordlists for brute forcing based on information gathered such as documents and web pages (such as Wyd – password profiling tool) These are useful resources that can add unique words that you might not have if your generic lists.

Password Cracking Wordlists and Tools for Brute Forcing

Also add all the company related words you can and if possible use industry specific word lists (chemical names for a lab, medical terms for a hospital etc).

And always brute force in the native language.

You can find a simple wordlist generator in PERL here.

Although old, one of the most complete wordlist sets is here (easily downloadable by FTP too):

Oxford Uni Wordlists

There’s a good set of lists here including many european languages and topic specific lists:

The Argon Wordlists

Here we have 50,000 words, common login/passwords and African words (this used to be a great resource):

Totse Word Lists

There’s a good French word list here with and without accents, also has some other languages including names:

Wordlists for bruteforce crackers

One of the most famous lists is still from Openwall (the home of John the Ripper) and now costs money for the full version:

Openwall Wordlists Collection


Some good lists here organized by topic:

Outpost9 Word lists

Packetstorm has some good topic based lists including sciences, religion, music, movies and common lists.

Packetstorm word lists

You can also check out some default password lists and if you aren’t sure what tools to use I suggest checking out:

Enjoy! And as always if you have any good resources or tools to add – do mention them in the comments.

Digg This Article!


Posted in: Hacking Tools, Password Cracking

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Password Cracking | Add a Comment
Recent in Hacking Tools:
- SubBrute – Subdomain Brute-forcing Tool
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,377 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,401,050 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 675,978 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


US Customs Owns Your Data?

Don't let your data go over to the Dark Side!


Ok here’s something controversial for you guys to digest, there has been anecdotal evidence of US Customs seizing laptops before and examining the data…but it now seems to be rather more widespread.

It’s a little worrying to me how a government can just rummage through your data when you are totally innocent and they don’t even have any evidence that you have or will commit any wrong doings. With not so much as a warrant, they can take your cellphone, read all the SMSes, check all your contacts and copy all the data from your laptop and mp3 player.

Nabila Mango, a therapist and a U.S. citizen who has lived in the country since 1965, had just flown in from Jordan last December when, she said, she was detained at customs and her cellphone was taken from her purse. Her daughter, waiting outside San Francisco International Airport, tried repeatedly to call her during the hour and a half she was questioned. But after her phone was returned, Mango saw that records of her daughter’s calls had been erased.

A few months earlier in the same airport, a tech engineer returning from a business trip to London objected when a federal agent asked him to type his password into his laptop computer. “This laptop doesn’t belong to me,” he remembers protesting. “It belongs to my company.” Eventually, he agreed to log on and stood by as the officer copied the Web sites he had visited, said the engineer, a U.S. citizen who spoke on the condition of anonymity for fear of calling attention to himself.

Imagine that? As stated in the article it’s entirely different from looking through your suitcase. A laptop can be an extremely personal thing for many people, especially those net junkies like us.

Perhaps have a dual boot laptop with a minimal Windows install and a Linux install PGP encrypted with all your data on it.

It’d be invisible to the Windows partition, and it’d keep your personal information and surfing habits safe.

Maria Udy, a marketing executive with a global travel management firm in Bethesda, said her company laptop was seized by a federal agent as she was flying from Dulles International Airport to London in December 2006. Udy, a British citizen, said the agent told her he had “a security concern” with her. “I was basically given the option of handing over my laptop or not getting on that flight,” she said.

The seizure of electronics at U.S. borders has prompted protests from travelers who say they now weigh the risk of traveling with sensitive or personal information on their laptops, cameras or cellphones. In some cases, companies have altered their policies to require employees to safeguard corporate secrets by clearing laptop hard drives before international travel.

I think they should be sued, this is a serious privacy infringement and a very clear violation of human rights and civil liberties. The US praises itself for it’s excellent human rights…but it doesn’t seem to apply the same rules if you are brown, yellow or any other minority.

Almost all travelers involved in the case are of Muslim, Middle Eastern or South Asian background.

TSA has confirmed this is a Customs issue and they will not be seizing any laptops.

Source: Washington Post


Posted in: Legal Issues, Privacy

Tags: , , , , , ,

Posted in: Legal Issues, Privacy | Add a Comment
Recent in Legal Issues:
- FBI Backed Off Apple In iPhone Cracking Case
- TalkTalk Hack – Breach WAS Serious & Disclosed Bank Details
- More Drama About Hillary Clinton’s E-mail Leak – VNC & RDP Open

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,692 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,594 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,599 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


PHPIDS – Security Layer & Intrusion Detection for PHP Based Web Applications

Cybertroopers storming your ship?


Another protection for those building website and web applications, as it’s the the most common attack vector nowadays I think it’s important to be extra safe on this front.

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt.

This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.

PHPIDS enables you to see who’s attacking your site and how and all without the tedious trawling of logfiles or searching hacker forums for your domain. Last but not least it’s licensed under the LGPL!

It’s a fairly mature product with some good documentation (docs are here) and it’s easily to programmatically grab the latest version of the filter rules (it’s just an xml file).

You can see a demo here were you can try some injections or XSS and see the warnings.

http://demo.php-ids.org/

Download the latest version of PHPIDS here:

PHPIDS 0.4.6 zip
PHPIDS 0.4.6 tar.gz

There are other versons for Drupal and WordPress on the download page.

Or read more here.


Posted in: Countermeasures, Security Software, Web Hacking

Tags: , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment
Recent in Countermeasures:
- Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response
- PEiD – Detect PE Packers, Cryptors & Compilers
- NAXSI – Open-Source WAF For Nginx

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,031 views
- Password Hasher Firefox Extension - 117,718 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,707 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Adobe Reader Vulnerability Being Actively Exploited

Cybertroopers storming your ship?


It seems like some recently patched flaws in Adobe Reader are actively being exploited in the wild, mostly via malicious banners from various sites.

Nothing particularly nasty is happening, but a trojan is being installed which can intercept search engine results. It’s definitely recommended to update to the latest version (8.1.2).

Personally I don’t have such a problem…as I use Foxit Reader instead, I find Adobe software incredibly bloated.

iDefense says that on Friday it saw the same banner ad tactic being used in the wild to install a Trojan horse program. That Trojan, dubbed “Zonebac,” disables various anti-virus products and modifies the victim’s search engine results. As of late Friday evening, the company claims that not a single commercial anti-virus product detects this thing as malicious.

While having some unwelcome program monkey with your search results may not sound like the worst thing to have happen to your PC, cyber criminals may find more nefarious purposes for this vulnerability.

It’s an interesting target for criminals because Adobe Reader has a truly enormous install base, yet it is one of those applications that so few people even think to update regularly. According to Adobe, more than 500 million copies of Adobe Reader have been distributed worldwide on 23 platforms and in 26 languages. The product also is distributed by the top 10 PC manufacturers.

That’s a lot of installs of Adobe Reader, I would hazard a guess that only 10-20% max are regularly updated to the latest version – that leaves an aweful lot of people vulnerable to some pwnage by these spammers.

You can work out the rest of the figures yourself..

Adobe released an updated security advisory for this patch late Thursday, but it didn’t contain many more details than the original advisory, other than to credit iDefense and several other security vendors for reporting vulnerabilities. iDefense said an internal researcher discovered the flaw, and that the company alerted Adobe back on Oct. 11, 2007. A spokesperson for Fortinet, also credited in the latest advisory, said researchers alerted Adobe to their findings on Nov. 1, 2007.

Steve Gottwals, senior product management for Adobe Reader, declined to say how many vulnerabilities this 8.1.2 patch fixed, but confirmed reports that the attackers were already exploiting the flaw.

At least Adobe aren’t too slow with updates, I wish their software wasn’t so hugely bloated, come one it’s a PDF reader how freaking huge does it have to be?

It just displays PDFs!

Well it has to be 22.4mb for the latest Windows version, compare that with Foxit Reader which is 2.2mb – much faster and does exactly the same things.

I know which I prefer.

Source: Security Fix


Posted in: Exploits/Vulnerabilities, Windows Hacking

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,342 views
- AJAX: Is your application secure enough? - 120,031 views
- eEye Launches 0-Day Exploit Tracker - 85,486 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Kismet – Wireless Network Hacking, Sniffing & Monitoring

Don't let your data go over to the Dark Side!


For some reason I’ve never posted about Kismet, and I don’t like to assume everyone knows everything. So for those who may not have heard of it, here’s Kismet.

Kismet is one of foundation tools Wireless Hacking, it’s very mature and does what it’s supposed to do.

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

Features

  • Ethereal/Tcpdump compatible data logging
  • Airsnort compatible weak-iv packet logging
  • Network IP range detection
  • Built-in channel hopping and multicard split channel hopping
  • Hidden network SSID decloaking
  • Graphical mapping of networks
  • Client/Server architecture allows multiple clients to view a single
  • Kismet server simultaneously
  • Manufacturer and model identification of access points and clients
  • Detection of known default access point configurations
  • Runtime decoding of WEP packets for known networks
  • Named pipe output for integration with other tools, such as a layer3 IDS like Snort
  • Multiplexing of multiple simultaneous capture sources on a single Kismet instance
  • Distributed remote drone sniffing
  • XML output
  • Over 20 supported card types

If you need to get funky with a wireless network, grab Kismet for a start.

You can download the latest stable source here:

kismet-2007-10-R1.tar.gz (sig)

Or read more here.


Posted in: Hacking Tools, Network Hacking, Wireless Hacking

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Wireless Hacking | Add a Comment
Recent in Hacking Tools:
- SubBrute – Subdomain Brute-forcing Tool
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,377 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,401,050 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 675,978 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


January Commenter of the Month Competition Winner!

Cybertroopers storming your ship?


Competition time again!

As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June and July. We have just finished the eigth month of the competition in January and are now in the ninth, starting a few days ago on February 1st – Sponsored by GFI.

We are offering some pretty cool prizes like iPods and PSPs, along with cool GFI merchandise like shirts, keyrings and mugs.

And now the winner will also get a copy of the Ethical Hacker Kit.

GFI Goodies

Keep up the great comments and high quality interaction, we really enjoy reading your discussions and feedback.

Just to remind you of the added perks, by being one of the top 5 commenter’s you also have your name and chosen link displayed on the sidebar of every page of Darknet, with a high PR5 (close to 6) on most pages (4000+ spidered by Google).

So announcing the winner for January…it’s goodpeople! goodpeople was quickly overtaken last month! So luckily he got his just deserts :)

Pantagruel is it your turn yet?

Commenter January

January has been an extremely active month for comments with some interesting discussions happening, I’d like to thank you all for your participation! I hope it keeps getting better as 2008 develops with more interesting news and tools.

Thanks to everyone else who commented and thanks for your links and mentions around the blogosphere!

Feel free to share Darknet with everyone you know :)

Keep commenting guys, and stand to win a prize for the month of February

We are still waiting for pictures from backbone, Sandeep and TRDQ, dirty and dre and Sir Henry of themselves with their prizes!

Winner for June 2007 was Daniel with 35 comments.
Winner for July 2007 was backbone with 46 comments.
Winner for August 2007 was TheRealDonQuixote with 53 comments.
Winner for September 2007 was Sandeep Nain with 32 comments.
Winner for October 2007 was dre with 19 comments.
Winner for November 2007 was dirty with 38 comments.
Winner for December 2007 was Sir Henry with 84 comments.


Posted in: Site News

Tags: , , , , , , , , , ,

Posted in: Site News | Add a Comment
Recent in Site News:
- A Look Back At 2015 – Tools & News Highlights
- A Look Back At 2014 – Tools & News Highlights
- Yes – We Now Have A Facebook Page – So Please Like It!

Related Posts:

Most Read in Site News:
- Welcome to Darknet – The REBIRTH - 36,569 views
- Get the ball rollin’ - 18,992 views
- Slashdot Effect vs Digg Effect Traffic Report - 12,251 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


FireCAT 1.3 Released – Firefox Catalog of Auditing Extensions

Don't let your data go over to the Dark Side!


FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. Version 1.3 was pending the ExploitMe tools availability to the public.

Changes for version 1.3

Category Information Gathering (Googling and Spidering)

  • GSI Google Site indexer (GSI Creates Site Maps based on Google queries. Useful for both Penetration Testing and Search Engine Optimization. GSI sends zero packets to the host making it anonymous)

Category Information Gathering (Data mining)

  • Who is this person (Highlight any name on a web page and see matching information from Wink, LinkedIn, Wikipedia, Facebook, Google News, Technorati, Yahoo Person Search, Spock, WikiYou, ZoomInfo, IMDB, MySpace and more…)
  • FaceBook Toolbar (Search Facebook from anywhere The Search Box allows you to easily search Facebook no matter)

Category Information Gathering (Location info)

  • Router Status (Shows the current status of your router in the status bar and allows you to control it)

Category Security Auditing

  • XSS-Me (the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS) vulnerabilities)
  • SQL Inject-Me (the Exploit-Me tool used to test for SQL Injection vulnerabilities)
  • FireWatir (Watir is a simple open-source library for automating web browsers.)

Category Network utilities (Database)

  • SQLite Manager (Manage any SQLite database on your computer.)

Download PDF, Sources and HTML browsable here:

FireCAT Version 1.3


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- SubBrute – Subdomain Brute-forcing Tool
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,377 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,401,050 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 675,978 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


German Police Creating Law Enforcement Trojan

Cybertroopers storming your ship?


After banning hacking tools it looks like the German police are looking into digital wiretapping and creating ‘whitehat’ trojans for monitoring the bad guys…

Of course they define who the bad guys are, and according to law 202(c) it could be us..

This is very definitely questionable when it comes to ethics, it’s almost as bad as backdooring highly secure encrption alogrithsm just so the government has a universal key..so yes you say what happens when the bad guys get the key? Same things happen when the bad guys take over this ‘remote forensic software’ network..

German cops are pushing ahead with controversial plans, yet to be legally approved, to develop “remote forensic software” – in other words, a law enforcement Trojan.

Leaked documents outline proposals by German firm Digitask to develop software to intercept Skype VoIP communications and SSL transmissions. A second leaked document from the Bavarian Ministry of Justice outlines costing and licensing proposals for the software. Both scanned documents (in German, natch) have found their way onto the net after being submitted to Wikileaks.

They are even looking at jacking Skype so they can monitor net based VoIP calls..and intercepting SSL communications, although that shouldn’t be too tricky.

Either way they are both very dodgy.


Proposals to give explicit permission for law enforcement officials to plant malware stem from a Federal Court ruling last year declaring clandestine searches of suspects’ computers to be inadmissible as evidence, pending a law regulating the practice. Germany’s Federal Court of Justice said the practice was not covered by existing surveillance legislation.

Joerg Ziercke, president of Germany’s Federal Police Office (BKA), expressed frustration about their inability to decipher the encryption used by Skype in order to tap into the VoIP calls of suspected terrorists. Digitask, if the leaked documents are to be believed, has stepped into the breach.

Ok so normal people can’t make security tools to test their networks….but the government can create malware to monitor private communications?

Yah that really makes sense.

Once again – this is ridiculous!

Source: The Register


Posted in: Malware, Privacy

Tags: , , , , , , , , ,

Posted in: Malware, Privacy | Add a Comment
Recent in Malware:
- PEiD – Detect PE Packers, Cryptors & Compilers
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan
- Veil Framework – Antivirus Evasion Framework

Related Posts:

Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,475 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,594 views
- US considers banning DRM rootkits – Sony BMG - 44,979 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95