Archive | July, 2008

Facebook Bug Leaks Birthday Data

Your website & network are Hackable


It’s not a big deal but it does show a problem with the way Facebook deals with data and how much power they have over people’s privacy.

A small slip in coding could cause much worse problems that this, plus this could have happened before but no one picked up on it. It takes a certain amount of observational skills to notice something fairly subtle like this.

A glitch in a test version of Facebook’s Web site inadvertently exposed the birthdays of Facebook’s 80 million members this week.

The bug was discovered over the weekend by Graham Cluley, a senior technology consultant at Sophos. While checking out Facebook’s new design, Cluley noticed that the birth dates of some of his privacy-obsessed acquaintances were popping up when they should have been hidden.

Facebook allows users to control who sees private information such as their birth date, which can be a valuable nugget of data for identity thieves. But Cluley discovered that the new site was making this information public to other members. “Their new profile page essentially ignored the privacy setting to withhold the data of birth,” he said.

As said, identity thieves can have a field day with the birth date, but on Facebook it’s not too much of a threat.

But as always you shouldn’t really put anything on ANY website that you don’t want other people to know about. It could get hacked, sold or like this inadvertently exposed.

“For a brief period of time, a small number of users were able to access a private beta of Facebook’s new site design meant only for developers. During that time, some of those users had their birthdays revealed due to a bug,” Facebook said Wednesday in a statement. The company could not say exactly how long this data was exposed or how many people viewed the beta site, but the bug was patched within hours of Cluley’s discovery.

Facebook may intend for the beta site to be private, but it has been open to the general public for several days. It features a new profile design that should be rolled out as an option to Facebook users some time this week.

Seems like a slip up somewhere with the development workflow, the beta site exposed to the public? The beta tree got merged with the live tree somewhere and rolled out?

I’m not exactly sure how the Facebook architecture works but I’d imagine it’s fairly complex.

Source: ComputerWorld


Posted in: General Hacking, Privacy

Tags: , , , , , , ,

Posted in: General Hacking, Privacy | Add a Comment
Recent in General Hacking:
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,171,951 views
- Hack Tools/Exploits - 631,090 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 436,597 views

Get protected with Sucuri


Lynis – Security & System Auditing Tool for UNIX/Linux

Your website & network are Hackable


Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

This is a tool that might be useful for both penetration testers performing white box tests and system admins trying to secure their own systems.

This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, CD/DVD).

What is Lynis NOT:
– Not a hardening tool: Lynis does not fix things automatically, it only reports (and makes suggestions).

Intended audience:
Security specialists, penetration testers, system auditors, system/network managers.

Examples of audit tests:

  • Available authentication methods
  • Expired SSL certificates
  • Outdated software
  • User accounts without password
  • Incorrect file permissions
  • Firewall auditing

You can download Lynis 1.1.7 here:

lynis-1.1.7.tar.gz

Or you can read more here.


Posted in: Countermeasures, Linux Hacking, Security Software

Tags: , , , , , , ,

Posted in: Countermeasures, Linux Hacking, Security Software | Add a Comment
Recent in Countermeasures:
- Bearded – Security Automation Platform
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,269 views
- Password Hasher Firefox Extension - 117,883 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,752 views

Get protected with Sucuri


UK’s Most Spammed Man – 44,000 Junk Mails a DAY!

Your website & network are Hackable


I stopped using ISP based e-mail accounts years ago, they always had lousy spam control and after joining a few mailing lists they used to get flooded with junk.

I always found web based mail systems to have much more effective spam filtering systems, plus I don’t have to waste my time and bandwidth downloading spam mails to categorise them with a bayesian filter such as the one in Thunderbird.

Web mail systems have the advantage of having such a huge userbase, people marking mails as spam are in the millions so the bayesian database for spam and ham would be extremely accurate.

An anti-spam software company has revealed that three of the UK’s five most spammed individuals use Orange as their ISP.

Figures released by ClearMyMail show that the three Orange customers have around 63,339 spam emails blocked every day and 23,118,735 spam emails blocked every year.

ClearMyMail failed to establish a connection between a customer’s choice of ISP and the amount of spam they receive, but did name the UK’s most spammed citizen, Exeter-based Colin Wells.

According to ClearMyMail, 44,000 spam emails heading for Wells’s inbox are blocked each day, amounting to around 16 million a year.

That’s an incredible amount of spam gathered by just 3 users! Well even one user with 44,000 a day that’s about 1.3 million spam mails a month – incredible! Imagine what a database they could build up harvesting that address alone.

It’s sad though so much resources are wasted dealing with, storing, filtering and managing spam and junk mails.

At the height of the problem Wells, a workshop foreman for Stagecoach buses, was spending two hours a day deleting spam from his account, making the prospect of “taking a week’s holiday a complete nightmare”.

The UK’s second most spammed individual, who also uses Orange as their ISP, is fortunate by comparison with just 13,578 daily junk messages.

The third, fourth and fifth most spammed British citizens get 12,428, 5,760 and 3,982 spam mails a day respectively.

Colin must have his e-mail address in some really dodgy mailing lists, he’s getting almost 3 times as much as the second place and almost 10 times as much as the fourth place!

It just shows spam isn’t going to stop *sigh*.

Source: Vnunet (Thanks razta)


Posted in: Spammers & Scammers

Tags: , , , , , , , , , , ,

Posted in: Spammers & Scammers | Add a Comment
Recent in Spammers & Scammers:
- Russian Cyber-Crime Market Doubled In 2011
- Android Trojan Targets Japanese Market – Steals Personal Data
- Ramnit Worm Stealing Facebook Account Passwords, E-mail Address & Bank Details

Related Posts:

Most Read in Spammers & Scammers:
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,752 views
- Pro ATM Hacker ‘Chao’ Gives Out ATM Hacking Tips - 36,713 views
- Twitter DM Phishing Scam - 28,969 views

Get protected with Sucuri


FWAuto v1.1 – Firewall Auditing & Ruleset Analyzer Tool

Your website & network are Hackable


FWAuto (Firewall Rulebase Automation) is a Perl script and should work on any system with Perl installed. Provide the running config of a PIX firewall to fwauto. It will analyze and give you a list of weak rules in your rule base and store the result in multiple output files.

Maybe there have been times when you have pentested a firewall. As part of a grey box engagement you were assigned the task of auditing that HUGE firewall rulebase and were stuck on how to proceed, just because of the sheer volume of information. This tool in Perl is created to help in auditing a rulebase and helping you to narrow down on the weak rules. Current support is just for Cisco PIX though the framework was designed to scale across multiple firewalls and no major changes need to be made.

Updates

  • Outputs now available in reasonably neat HTML format
  • No more complex command line arguments, everything’s in a config file
  • More ports added in vulnerable ports section
  • Options available to obtain detailed/non detailed output

You can download fwauto v.1.1 here:

fwauto_v1.1.zip

Or read more here.


Posted in: Network Hacking, Security Software

Tags: , , , , , , , , , ,

Posted in: Network Hacking, Security Software | Add a Comment
Recent in Network Hacking:
- Two Israeli Men Arrested For Running VDoS-s.com DDoS Service
- DET – Data Exfiltration Toolkit
- miranda-upnp – Interactive UPnP Client

Related Posts:

Most Read in Network Hacking:
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,477,592 views
- Wep0ff – Wireless WEP Key Cracker Tool - 514,625 views
- THC-Hydra – The Fast and Flexible Network Login Hacking Tool - 328,453 views

Get protected with Sucuri


Google to Reveal Youtube Viewing Details to Viacom

Your website & network are Hackable


Now this is an interesting privacy related case to think about over the weekend, Google has to reveal viewing details for Youtube to Viacom.

Anyone who has EVER watched a Youtube video, that’s pretty extreme. Luckily most people are using dynamic IP addresses, so it shouldn’t be too much of a concern.

Unless of course they decide to subpoena the ISPs for their logs too..then the ‘illegal viewers’ are in trouble.

Google was yesterday ordered to hand over the personal details of anyone who has ever watched a YouTube video.

The ruling – which has massive privacy implications for millions of internet users – was made as part of the search engine’s legal battle with content provider Viacom over allegations of copyright infringement.

Under the ruling, Google, which bought YouTube for $1.65 billion (£820 million) in 2006, must hand over to Viacom its viewing log – which includes users’ log-in information and their IP address, the code that identifies their computer.

It’s an interesting case however because YouTube is a public resource, who is to say what is on there is legal or not.

How are the users supposed to know? Say they view a video from a search, then view some related content which happens to copyrighted?

Is it the system that’s to blame or the user?

Although the case is being contested in the U.S., legal experts warned last night that the ruling would almost certainly apply to YouTube users worldwide, including those in the UK. The Electronic Frontier Foundation, an internet freedom campaign group, described the judgment as a ‘ setback’ to online privacy rights.

Viacom, which owns MTV and Paramount Pictures, has alleged that YouTube has done ‘little or nothing’ to stem the flow of copyrighted material on its site.

The company said it had identified more than 150,000 unauthorised clips of its content that had been uploaded.

I’m pretty sure YouTube and Google are pretty strict about copyright content hosted on their services, but with user generated sites it’s so hard to control and it’s so hard to block.

Even if they md5 hash the ‘illegal’ files a user can just chop a few seconds off to change the hash and re-upload it.

Source: Daily Mail


Posted in: Legal Issues, Privacy

Tags: , , , , , ,

Posted in: Legal Issues, Privacy | Add a Comment
Recent in Legal Issues:
- Two Israeli Men Arrested For Running VDoS-s.com DDoS Service
- Criminal Rings Hijacking Unused IPv4 Address Spaces
- The Panama Papers Leak – What You Need To Know

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,724 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,661 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,635 views

Get protected with Sucuri


DNSenum – Domain Information Gathering Tool

Find your website's Achilles' Heel


The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain.

The program currently performs the following operations:

  1. Get the host’s addresse (A record).
  2. Get the namservers (threaded).
  3. Get the MX record (threaded).
  4. Perform axfr queries on nameservers (threaded).
  5. Get extra names and subdomains via google scraping (google query = “allinurl: -www site:domain”).
  6. Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded).
  7. Calculate C class domain network ranges and perform whois queries on them (threaded).
  8. Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded).
  9. Write to domain_ips.txt file ip-blocks.

The output file domain_ips.txt will contain non-contiguous IP blocks:

127.0.0.1/32
127.0.0.8/31

You can download DNSenum v1.2 here:

dnsenum1.2.tar.gz

Or you can read more here.


Posted in: Hacking Tools, Network Hacking, Web Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment
Recent in Hacking Tools:
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework
- DET – Data Exfiltration Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,992,153 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,477,592 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 687,075 views

Get protected with Sucuri


June 2008 Commenter of the Month Competition Winner!

Your website & network are Hackable


Competition time again!

As you know we started the Darknet Commenter of the Month Competition on June 1st 2007 and it’s been running since then! We have just finished the thirteenth month of the competition in June and are now in the fourteenth, starting a few days ago on July 1st – Sponsored by GFI.

We’ve successfully been holding this contest for a year now!

We are offering some pretty cool prizes like iPods and PSPs (or similar), along with cool GFI merchandise like shirts, keyrings and mugs.

And now the winner will also get a copy of the Ethical Hacker Kit.

GFI Goodies

Keep up the great comments and high quality interaction, we really enjoy reading your discussions and feedback.

Just to remind you of the added perks, by being one of the top 5 commenter’s you also have your name and chosen link displayed on the sidebar of every page of Darknet, with a high PR5 (close to 6) on most pages (5000+ spidered by Google).

So announcing the winner for June…it’s Navin!

Comments for June picked up towards the middle of the month with a relative (but very active newcomer taking the throne with more than double the second place, which was May’s winner Bogwitch).

Commenter June

There were some great discussions in June and I hope to see them continue in July! I’d like to thank you all for your participation! I hope it keeps getting better as 2008 develops with more interesting news and tools. Keep up the excellent discussions, it’s very interesting reading especially on some of the more controversial topics.

Thanks to everyone else who commented and thanks for your links and mentions around the blogosphere!

Feel free to share Darknet with everyone you know :)

Keep commenting guys, and stand to win a prize for the month of July!

We are still waiting for pictures from backbone, Sandeep and TRDQ, dirty and dre, eM3rC, fever, Sir Henry and goodpeople of themselves with their prizes!

Winner for June 2007 was Daniel with 35 comments.
Winner for July 2007 was backbone with 46 comments.
Winner for August 2007 was TheRealDonQuixote with 53 comments.
Winner for September 2007 was Sandeep Nain with 32 comments.
Winner for October 2007 was dre with 19 comments.
Winner for November 2007 was dirty with 38 comments.
Winner for December 2007 was Sir Henry with 84 comments.
Winner for January 2008 was goodpeople with 66 comments.
Winner for February 2008 was eM3rC with 122 comments.
Winner for March 2008 was Pantagruel with 66 comments.
Winner for April 2008 was fever with 44 comments.
Winner for May 2008 was Bogwitch with 37 comments.


Posted in: Site News

Tags: , , , , , , , , , , , ,

Posted in: Site News | Add a Comment
Recent in Site News:
- A Look Back At 2015 – Tools & News Highlights
- A Look Back At 2014 – Tools & News Highlights
- Yes – We Now Have A Facebook Page – So Please Like It!

Related Posts:

Most Read in Site News:
- Welcome to Darknet – The REBIRTH - 36,617 views
- Get the ball rollin’ - 19,006 views
- Slashdot Effect vs Digg Effect Traffic Report - 12,274 views

Get protected with Sucuri


Pantera – Web Application Analysis Engine

Your website & network are Hackable


Pantera is actually using an improved version of SPIKE Proxy and is a project under the umbrella of OWASP.

It’s aiming to be a more automated method for testing Web Application Security.

Features

  • User-friendly custom web GUI. (CSS): Pantera itself is a web application that runs inside the browser and can be customized using CSS by the user. Some of the customizations are visual style, colors, fonts, views for easy information access, etc.
  • 100% python: Python is cross-platform, easy to install and use. Making it the perfect language of choice to use.
  • Multi-platform (Windows, Linux, etc.) and multi-browser (IE, Firefox, etc.): By using Python, Pantera is cross-platform. And we have made sure Pantera works fine with the most common browsers.
  • Supports SSL, NTLM, HTTP Basic: All this is supported by Pantera, still most open source tools have problems with things like NTLM.
  • Powerful analysis engine: Pantera has a powerful analysis engine, meaning that each web page that Pantera sees is analyzed for several things like comments, scripts, vulnerabilities, hidden tags and more. All this is done in background and transparent for the user while testing the website manual and of course all this info is stored in the database.
  • XML data files for configuration and attacks: Pantera uses XML files for configuration but also all the attacks and tests are stored in XML files, so it’s easy to add content to these files.
  • MySQL support: Most tools do not allow you to save the assessment. While performing an assessment with Pantera you can create a session, so all the info generated while the assessment is stored in the database. You can edit, delete and modify the content of the assessment at your will. You can continue the next day on the same point you stopped. Currently only MySQL is supported, more databases will be supported in the future.
  • Project Management: Each assessment is a session. Pantera offers project management to create new, open and delete projects.
  • Plug-in support: Pantera offers plug-in support so advanced users can add and extent its features.
  • Report generation: As Pantera can save assessments it can generate reports with all the gather data and vulnerabilities found. Some reports formats are HTML, XML, PDF, etc. Reports can also be customized!!

Requirements

  • Python 2.4
  • MySQL 5 (Due to the use of triggers)
  • pyOpenSSL
  • FormBuild (install script inside Pantera zip)

You can download Pantera v0.1.3 here:

Pantera_Release_0.1.3

Or read more here.


Posted in: General Hacking

Tags: , , , , , , , , , , ,

Posted in: General Hacking | Add a Comment
Recent in General Hacking:
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,171,951 views
- Hack Tools/Exploits - 631,090 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 436,597 views

Get protected with Sucuri


Which Browser Users Are More Secure?

Your website & network are Hackable


Some new statistics just came out regarding Browser Security, this is more in terms of which users are most likely to apply patches and be using the most secure version.

I would have thought Firefox would have been pretty high since the newer series prompt automatically new patches. My only guess is a lot of people are still using 1.5x series which didn’t have that feature.

It turns out, that Internet Explorer is the ‘most secure’. Well that’s very subjective as IE doesn’t show sub versions like the other browsers do..and Windows Updates pushes out patches quite agressively. It also depends which set of data you look at as both conflict, one says Firefox users are more secure and one says IE

The researchers who published a large study of web browser security this week had a great idea and excellent data to work with. Too bad they overreached with their conclusions. A lot more is being made of this paper than is warranted.

The researchers, from ETH Zurich, Google, and IBM, looked at log data provided by Google from their global user base for web search and applications for the period between January 2007 and June 2008. This data was based on the browser user-agent string, which is also the reason the data is not as telling as the authors argue.

What did the study conclude? First, lots of users are not running the most up-to-date and secure versions of their web browsers. Second, that this is primarily a phenomenon of Internet Explorer users; Firefox users, on the other hand, overwhelmingly update their browsers quickly. These and other results lead the authors to suggest that browsers get expiration dates, much like milk and pharmaceuticals.

As expected though a LOT of users are not running the latest version of their browser, but that doesn’t surprise us really does it?

I think the versioning is an issue though, with IE you only get to know about the major version (IE5, IE6, IE7, IE8) and not which actual patches they have applied.

Why, one might ask, does Microsoft not provide minor version information? Microsoft’s David LeBlanc answers that question in his blog by saying that they consider such information to be an “information disclosure vulnerability.” In other words, by giving a web-based attacker precise version information, you are also giving them better information on how to attack that browser.

In these measurements IE7 users are much more likely to be up to date than other browser users. The authors are correct that Secunia users are more likely to be security-aware, but even when they try to adjust the numbers, multiplying the IE7 number by 2.1 “… to correct for the bias of Secunia’s measurement within a security aware user population” IE7 still ends up looking better.

There is actually a discrepency between the two sets of data, the metrics are odd though and are based on heavy assumptions (IE7 is secure but IE6 is not, while IE7 is a MORE secure browser architecture and feature wise, a fully patched IE6 can also be perfectly secure).

I’d be interested to see more of these stats and see the full Google access logs for a few month period.

That would be some interesting data mining.

Source: eWeek


Posted in: Countermeasures, Exploits/Vulnerabilities

Tags: , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities | Add a Comment
Recent in Countermeasures:
- Bearded – Security Automation Platform
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,269 views
- Password Hasher Firefox Extension - 117,883 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,752 views

Get protected with Sucuri


ratproxy – Passive Web Application Security Audit Tool

Find your website's Achilles' Heel


Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.

The proxy analyzes problems such as cross-site script inclusion threats, insufficient cross-site request forgery defenses, caching issues, potentially unsafe cross-domain code inclusion schemes and information leakage scenarios, and much more.

Why Ratproxy?

There are numerous alternative proxy tools meant to aid security auditors – most notably WebScarab, Paros, Burp, ProxMon, and Pantera. Stick with whatever suits your needs, as long as you get the data you need in the format you like.

That said, ratproxy is there for a reason. It is designed specifically to deliver concise reports that focus on prioritized issues of clear relevance to contemporary web 2.0 applications, and to do so in a hands-off, repeatable manner. It should not overwhelm you with raw HTTP traffic dumps, and it goes far beyond simply providing a framework to tamper with the application by hand.

You can download Ratproxy here:

ratproxy-1.51.tar.gz

Or read more here.

The tool should run on Linux, *BSD, MacOS X, and Windows (Cygwin). Since it is in beta, there might be some kinks to be ironed out, and not all web technologies might be properly accounted for.


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework
- DET – Data Exfiltration Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,992,153 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,477,592 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 687,075 views

Get protected with Sucuri