Archive | March, 2009

Microsoft Open Source Security Tool – !exploitable Crash Analyzer

Cybertroopers storming your ship?


Finally Microsoft is doing something proactive and perhaps even slightly ahead of the game, a real game-change for the security community.

They have released a new AND open-source tool to make debugging easier, it gives developers a lot of help during the release cycle to build more secure software. Mostly because it takes the legwork and labour intensive tasks and semi-automates them leaving the developer to concentrate on more important stuff.

At least something from Microsoft we can applaud!

Microsoft on Friday released an open-source program designed to streamline the labor-intensive process of identifying security vulnerabilities in software while it’s still under development.

As its name suggests, !exploitable Crash Analyzer (pronounced “bang exploitable crash analyzer”) combs through bugs that cause a program to seize up, and assesses the likelihood of them being exploited by attackers. Dan Kaminsky, a well-known security expert who also provides consulting services to Microsoft, hailed the release a “game changer” because it provides a reliable way for developers to sort through thousands of bugs to identify the several dozen that pose the greatest risk.

“Microsoft has taken years of difficulties with security vulnerabilities and really condensed that experience down to a repeatable tool that takes a look at a crash and says ‘You better take a look at this,'” Kaminsky told The Reg. “What makes !exploitable so fascinating is that it takes at least the first level of this knowledge and packages it up into something that can be in the workflow.”

It’s a great idea, as surely there are a lot of conditions that cause an application to hang – but the majority of them will pose no security risk other than a denial of service locally (which is quite pointless). The tool will point out those bugs that are exploitable and therefore can be considered critical issues.

I hope developers harness this app and really start to produce more secure code.

Over the past five years, Microsoft has made a fair amount of progress hardening its operating systems and applications against the most-common security threats. Protections such as Address Space Layout Randomization and cross-site scripting defenses have been added to later versions of Windows and Internet Explorer, respectively. And the company has generally managed to exorcise its programs of dangerous vulnerabilities before they can be exploited by attackers.

Now, Microsoft wants to help secure third-party applications that run on top of Windows. Last year, the company released a threat-modeling tool and other resources designed to help software developers kick-start secure development lifecycle programs in their organizations. The idea was to package the security experience Microsoft has attained so it can serve as a sort of template for other companies.

The release of !exploitable, which was announced at the CanSecWest security conference in Vancouver, British Columbia, is a continuation of that effort. It’s a Windows debugger extension that’s used during fuzz testing, when testers test the stability and security of an application by throwing unexpected data at it.

The tool creates hashes to ensure each crash is unique then rates them according to how exploitable it is – Exploitable, Probably Exploitable, Probably Not Exploitable or Unknown.

There is currently an x86 and an x64 version availalble.

As wisely said, it’s about the signal to noise ratio and this tool can really help you weed out the noise and get to the important issues.

You can download the application here:

!exploitable Crash Analyzer – MSEC Debugger Extensions

Source: The Register


Posted in: Countermeasures, Exploits/Vulnerabilities, Programming, Security Software

Tags: , , , , , , , , , , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities, Programming, Security Software | Add a Comment
Recent in Countermeasures:
- Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response
- PEiD – Detect PE Packers, Cryptors & Compilers
- NAXSI – Open-Source WAF For Nginx

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,997 views
- Password Hasher Firefox Extension - 117,693 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,696 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Deblaze – Remote Method Enumeration Tool For Flex Servers

Don't let your data go over to the Dark Side!


Through the use of the Flex programming model and the ActionScript language, Flash Remoting was born. Flash applications can make request to a remote server to call server side functions, such as looking up accounts, retrieving additional data and graphics, and performing complex business operations. However, the ability to call remote methods also increases the attack surface exposed by these applications.

This tool will allow you to perform method enumeration and interrogation against flash remoting end points.

Deblaze came about as a necessity during a few security assessments of flash based websites that made heavy use of flash remoting. The author needed something to give him the ability to dig a little deeper into the technology and identify security holes. On all of the servers he’d seen so far the names are not case sensitive, making it much easier to bruteforce. Often times HTTP POST requests won’t be logged by the server, so bruteforcing may go unnoticed on poorly monitored systems.

Deblaze provides the following functionality:

  • Brute Force Service and Method Names
  • Method Interrogation
  • Flex Technology Fingerprinting

There are several ways to determine and access exposed methods:

  • Decompile SWF and search for remoting calls
  • Watch network traffic for service and method names
  • Dictionary attack against service and methods

You can download Deblaze here:

deblaze.tar.gz

Or read more here.


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Empire – PowerShell Post-Exploitation Agent
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,715 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,388,692 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,318 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Israel Hacker ‘The Analyzer’ Steals Over $10 Million USD

Cybertroopers storming your ship?


It’s seems like a new hacker is in the sights of the US Government, this time it’s Ehud Tenenbaum AKA ‘The Analyzer’.

He seems to have been quite sloppy about covering his tracks and remaining under the radar, he acts as if no-one can get him. Perhaps he knows something we don’t?

Anyway he’s firmly under investigation now having first popped onto the radar 10 years at the age of 19 for hacking into Pentagon computers.

Ehud Tenenbaum, an Israeli hacker arrested in Canada last year for allegedly stealing about $1.5 million from Canadian banks, also allegedly hacked two U.S. banks, a credit and debit card distribution company and a payment processor in what U.S. authorities are calling a global “cashout” conspiracy.

The U.S. hacks have resulted in at least $10 million in losses, according to court records obtained by Threat Level, and are just part of a larger international conspiracy to hack financial institutions in the United States and abroad.

The broadened case highlights the continued vulnerability of U.S. financial networks to cybercrime, despite supposedly tight industry security standards. It comes on the heels of other multimillion-dollar heists that also breached the security protecting ATM codes and account information. In late 2007, criminals used four hacked iWire payroll cards to steal $5 million from ATMs around the world in just two days. Shortly thereafter, a processing server that handles withdrawals from Citibank-branded ATMs at 7-Eleven convenience stores was cracked, leading crooks to converge on New York to withdraw at least $2 million from Citibank accounts using the stolen ATM data. And a carefully coordinated global heist last November resulted in a one-day haul of $9 million in cash, following a breach at payment processor RBS WorldPay.

It seems like the US banking system has some major problems, with all their self-invented, self-imposed regulations (SOX, PCI, ISO27001 etc.) you’d think they would be more secure.

Obviously all these regulations and reams of paperwork are just making things worse, burying problems under tonnes of dead trees really doesn’t help.

It’s a very International crime network with participants all over the World including Dutch servers and hackers in Russia and Turkey.

According to the affidavit, in October 2007, the United States Secret Service began investigating “an international conspiracy” to hack into computer networks of U.S. financial institutions and other businesses. As part of that investigation, agents examined network intrusions that occurred in January and February 2008 at OmniAmerican Credit Union, based in Fort Worth, Texas, and Global Cash Card of Irvine, California, a distributor of prepaid debit cards used primarily for payroll payments.

In both cases, the attacker gained access using a SQL injection attack that exploited a vulnerability in the company’s database software. The attacker grabbed credit and debit card numbers that were then used by thieves in several countries to withdraw more than $1 million from ATMs.

In April and May 2008, agents investigated two additional hacks at 1st Source Bank in Indiana, and at Symmetrex, a prepaid debit card processor based in Florida. The intruder again used a SQL injection attack, and losses added up to more than $3 million.

It seems like this might have been going on for some time, he managed to pull similar stunts in both Canada and the US and perhaps even Greece too.

I wonder where he is now, and where he’s going to hit next. Or perhaps he won’t, he must have plenty of cash to lay low in some country with no extradition treaty with the US.

Do read the whole article as it’s very interesting.

Source: Wired Blog


Posted in: General Hacking, Legal Issues

Tags: , , , , , , , , ,

Posted in: General Hacking, Legal Issues | Add a Comment
Recent in General Hacking:
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS
- Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,167,589 views
- Hack Tools/Exploits - 620,963 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 432,042 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


ProxyStrike v2.1 Released – Active Web Application Proxy Tool

Don't let your data go over to the Dark Side!


In April last year we wrote about ProxyStrike, recently the developer has released a couple of new versions – the latest being v2.1.

ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web applications that depends heavily on Javascript, not many web scanners did it good in this stage, so we came with this proxy.

Right now it has available SQL injection and XSS modules. Both modules are designed to catch as many vulnerabilities as we can, it’s that why the SQL Injection module is a Python port of the great DarkRaver “Sqlibf”.

The process is very simple, ProxyStrike runs like a passive proxy listening in port 8008 by default, so you have to browse the desired web site setting your browser to use ProxyStrike as a proxy, and ProxyStrike will analyze all the paremeters in background mode. For the user is a passive proxy because you won’t see any different in the behaviour of the application, but in the background is very active.

Features

  • Plugin engine (Create your own plugins!)
  • Request interceptor
  • Request diffing
  • Request repeater
  • Automatic crawl process
  • Save/restore session
  • HTTP request/response history
  • Request parameter stats
  • Request parameter values stats
  • Request URL parameter signing and header field signing
  • Use of an alternate proxy (tor for example)
  • Attack logs
  • Export results to HTML or XML
  • SQL attacks (plugin)
  • Server Side Includes (plugin)
  • XSS attacks (plugin)

You can download ProxyStrike v2.1 here:

ProxyStrike-v2.1.zip (Windows)
proxystrike-2.1.tar.bz2 (Linux)

Or read more here.


Posted in: Hacking Tools, Network Hacking, Web Hacking

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Empire – PowerShell Post-Exploitation Agent
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,715 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,388,692 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,318 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Charlie Miller Does It Again At PWN2OWN

Don't let your data go over to the Dark Side!


You right remember in March last year we posted about Charlie Miller at the PWN2OWN contest owning the MacBook Air in under 2 minutes.

Guess what? He’s done it again! This time though he’s even faster clocking in at under 10 seconds. No one else stood a chance. He walked off with the prize again, $5000 and the MacBook that he hacked.

Of course he wrote the exploit before hand, but still impressive!

Charlie Miller, a security researcher who hacked a Macintosh in two minutes last year at CanSecWest’s PWN2OWN contest, improved his time today by breaking into another Macintosh in under 10 seconds.

Miller, an analyst at Independent Security Evaluators in Baltimore, walked off with a $5,000 cash prize and the MacBook he hacked.

“I can’t talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched,” said Miller on Wednesday, not long after he had won the prize. “It probably took five or 10 seconds.” He confirmed that he had researched and written the exploit before he arrived at the challenge.

It guess it might be a Safari exploit, but I guess if you keep your ears open you’ll hear about it soon enough.

I wonder if he’ll be able to pull the same trick again next year, with his record so far I’d say it wouldn’t be a large stretch of imagination.

The PWN2OWN rules stated that the researcher could provide a URL that hosted his exploit, replicating the common hacker tactic of enticing users to malicious sites where they are infected with malware. “I gave them the link, they clicked on it, and that was it,” said Miller. “I did a few things to show that I had full control of the Mac.”

Two weeks ago, Miller predicted that Safari running on the Macintosh would be the first to fall.

PWN2OWN’s sponsor, 3Com Corp.’s TippingPoint unit, paid Miller $5,000 for the rights to the vulnerability he exploited and the exploit code he used. As it has at past challenges, it reported the vulnerability to on-site Apple representatives. “Apple has it, and they’re working on it,” added Miller.

Interestingly another researcher later broke into a Sony laptop that was running Windows 7 by exploiting a vulnerability in Internet Explorer 8. So Safari and IE8 both fell!

What with all the claims from Microsoft that IE8 is so secure…I guess that pissed on their bonfire didn’t it?

This year’s PWN2OWN also has a section for mobile operating systems, the prize is larger too at $10,000. If you want to join you can have a crack at Windows Mobile, Google’s Android, Symbian, and the operating systems used by the iPhone and BlackBerry.

Source: Computer World (Thanks Navin)


Posted in: Apple, Exploits/Vulnerabilities

Tags: , , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities | Add a Comment
Recent in Apple:
- FBI Backed Off Apple In iPhone Cracking Case
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan
- XcodeGhost iOS Trojan Infected Over 4000 Apps

Related Posts:

Most Read in Apple:
- KisMAC – Free WiFi Stumbler/Scanner for Mac OS X - 82,914 views
- Apple Struggling With Security & Malware - 24,119 views
- Java Based Cross Platform Malware Trojan (Mac/Linux/Windows) - 15,842 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


sqlsus 0.2 Released – MySQL Injection & Takeover Tool

Don't let your data go over to the Dark Side!


sqlsus is an open source MySQL injection and takeover tool, written in perl.

Via a command line interface that mimics a mysql console, you can retrieve the database structure, inject a SQL query, download files from the web server, upload and control a backdoor, and much more…

It is designed to maximize the amount of data gathered per web server hit, making the best use of MySQL functions to optimize the available injection space.

sqlsus is focused on PHP/MySQL installations, and integrates some neat features, some of them being really specific to this DBMS.

It is not and won’t ever be a SQL injection scanner, it starts its job on the next step.

Both quoted and numeric injections are supported.

All quoted texts can be translated as their hex equivalent (eg : “sqlsus” will become 0x73716c737573)

sqlsus also supports these 2 scenarios of injection :

  • sighted : the result of the request will be in the HTML returned by the web server
  • blind : when you can’t see the result of the request directly

Support for GET and POST parameters injections.

Support for HTTP proxy and HTTP simple authentication.

Full logging support of your queries and the answers, allowing you to recall a command and its cached answer, even in a later re-use of the session.

Key variables can be edited on the fly, saved per session, and can be loaded in a later session on the same target server.

Requirements

On a Debian system, in addition to perl, you will need the following packages :

  • libterm-readline-perl-perl
  • libipc-shareable-perl
  • libwww-mechanize-perl

It also requires previous SQL injection knowledge, and.. well.. a brain helps.

You can download sqlsus 0.2 here:

sqlsus-0.2.tgz

Or read more here.


Posted in: Database Hacking, Hacking Tools, Web Hacking

Tags: , , , , , , , , , ,

Posted in: Database Hacking, Hacking Tools, Web Hacking | Add a Comment
Recent in Database Hacking:
- Onapsis Bizploit v1.50 – SAP Penetration Testing Framework
- OAT – Oracle Auditing Tools For Database Security
- ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security

Related Posts:

Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 76,006 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 54,299 views
- SQLBrute – SQL Injection Brute Force Tool - 40,576 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Indian Credit Card Fraud Exposed – Linked to Symantec

Don't let your data go over to the Dark Side!


In a recent undercover sting the BBC has uncovered some unscrupulous Indian chaps selling valid UK credit card details, the kicker to the story is the fraud is linked to Symantec as the people being defrauded had all recently bought Norton subscriptions.

I guess it’s hard to control a 3rd party call center though and who works there of course. I guess from now on they will be running their ship a little bit tighter, I’ve conducted audits on centers which deal with financial information before and the security was insane. Unless you etched the info into your body with a paperclip there’s no way you were getting it out of there.

A criminal gang selling UK credit card details stolen from Indian call centres has been exposed by an undercover BBC News investigation.

Reporters posing as fraudsters bought UK names, addresses and valid credit card details from a Delhi-based man. The seller denied any wrongdoing and Symantec corporation, from whom three victims bought a product via a call centre, called the incident “isolated”. Card fraud totalled £609m during 2008, according to payments group Apacs.

Symantec said it requires rigorous security measures of any third-party call centre agents and it believed the breach had been limited to a single agent. The BBC team went to India on a tip off after being put in touch with a man offering to sell stolen credit and debit card details.

The price they charged is quite high too, more than double the normal online rate for purchasing dodgy credit card details. I guess they could fetch a premium though being UK cards and having a high chance of being active, valid cards.

It turns out the info wasn’t that accurate, but it was good enough to commit some online fraud.

He told the pair he could supply them with hundreds of credit and debit card details each week at a cost of $10 dollars a card. After the reporters agreed to initially buy the details of 50 cards, the man handed over a list of 14. He said the remainder would be sent later by e-mail.

The man claimed some of the numbers had been obtained from call centres handling mobile phone sales, or payments for phone bills. Back in the UK, the broker continued to supply card details to one of the undercover reporters by email.

Nearly all of the names, addresses and post codes sold to the BBC team were valid. But most of the numbers attached to them were invalid – often out by a single digit. However, about one in seven of the numbers purchased were valid – active cards still in use by UK customers. Their owners could have been subjected to fraud if these cards had fallen into the hands of criminals.

It just goes to show, even when you’re not being phished you’re still in danger of being conned and defrauded.

Just be careful what you buy and how you buy it, I’d say buying online from a HTTPS site with a valid certificate from a real CA is much safer than doing it over the phone.

But then that’s just me.

Source: BBC News


Posted in: Legal Issues, Privacy, Spammers & Scammers

Tags: , , , , , ,

Posted in: Legal Issues, Privacy, Spammers & Scammers | Add a Comment
Recent in Legal Issues:
- FBI Backed Off Apple In iPhone Cracking Case
- TalkTalk Hack – Breach WAS Serious & Disclosed Bank Details
- More Drama About Hillary Clinton’s E-mail Leak – VNC & RDP Open

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,684 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,586 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,596 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Webshag 1.10 Released – Free Web Server Audit Tool

Don't let your data go over to the Dark Side!


Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing.

You may remember back in March 2008 we published about Webshag 1.00 being released. Now Webshag 1.10 has been released! This new version provides several feature enhancements as well as some bug-fixes.

Webshag can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication (Basic and Digest). In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more complicated (e.g. use a different random per request HTTP proxy server).

It also provides innovative functionalities like the capability of retrieving the list of domain names hosted on a target machine and file fuzzing using dynamically generated filenames (in addition to common list-based fuzzing).

Webshag URL scanner and file fuzzer are aimed at reducing the number of false positives and thus producing cleaner result sets. For this purpose, webshag implements a web page fingerprinting mechanism resistant to content changes. This fingerprinting mechanism is then used in a false positive removal algorithm specially aimed at dealing with “soft 404” server responses.

Requirements

To be fully functional, Webshag requires the following elements:

  • Python 2.5 or Python 2.6 (NOT compatible with Python 3.0)
  • wxPython 2.8.9.0 (or greater) GUI toolkit
  • Nmap port scanner (for port scanning module only)
  • A valid Live Search AppID (for domain information module only)

Just like the previous version, Webshag 1.10 is freely available (GPL license) for Linux and Windows platforms.

You can download Webshag 1.10 here:

Linux – ws110.tar.gz
Windows – ws110.zip
Windows (installer) – ws110_win32installer.zip
User Manual (EN) – ws110_manual.pdf

Or read more here.


Posted in: Hacking Tools, Network Hacking, Web Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment
Recent in Hacking Tools:
- Empire – PowerShell Post-Exploitation Agent
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,715 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,388,692 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,318 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


New Conficker Variant More Aggressive

Cybertroopers storming your ship?


Conficker has gotten quite a lot of news recently with it growing so fast and Microsoft offering a bounty for the authors.

It seems like the Conficker authors are really serious about retaining control of their botnet and expanding it further without hindrance from the companies trying to stop them.

It’s quite likely they are netting some serious cash from the network of infected computers, with estimates at over 10 million now that’s a large collection of computers for brute forcing, e-mail spam or DDoS attacks.

The authors of the latest variant of the Conficker worm are upping the ante against security vendors who are working to stop the spread and threat of the persistent program.

Conficker.C shuts down security services, blocks computers from connecting to security Web sites, and downloads a Trojan. It also is programmed to begin connecting to 50,000 different domains on April 1 to receive updated copies or other malware, as opposed to connecting to 250 domains a day as previous versions are doing, Ben Greenbaum, senior research manager for Symantec Security Response, said on Friday.

The authors of the code are “strengthening their hold on their collection of infected machines at the same time they are attempting to strengthen their ability to control those machines by moving to 50,000 domains,” he said.

A self-described “cabal” of companies, including Microsoft, Symantec, and a host of domain registration providers, have been trying to thwart the efforts of Conficker by pre-registering and locking up the domain names being used by the worm to distribute updates.

They are getting sneaky now, targeting security software and services on an infected PC and blocking it from accessing related sites that could help a user fix the infection.

Plus they have expanded their ‘update’ domains to 50,000 – which will take a huge effort to get all of the domains blocked.

I wonder what the next step will be in protecting again this?

Now that Conficker.C is targeting 50,000 domains, the group has its work cut out for it, Greenbaum said. Regardless, “it’s unknown at this point whether (boosting the domains) is an effective sidestep around the cabal’s actions,” he said.

The worm, also called Kido or Downadup, was first detected in November and is believed to have infected more than 10,000 computers. The first two versions exploit a vulnerability that Microsoft patched in October.

The second variant, Conficker.B, was detected last month. It added the ability to spread through network shares and via removable storage devices, like USB drives, through the AutoRun function in Windows.

Among the domains targeted by Conficker was that of Southwest Airlines, which was expected to see an increase in traffic from the botnet on Friday, Sophos said last week. However, a Southwest spokesman said there had been no impact to the site from any additional traffic as a result of Conficker.

I hope this stays as just Conficker, if there’s another large scale breakout we might be in trouble again. There is a way to remove it though, so if you know anyone that has managed to get themselves infected you can give them the below links:

Source: Cnet (Thanks Navin)


Posted in: Malware, Spammers & Scammers

Tags: , , , , , , , , , , ,

Posted in: Malware, Spammers & Scammers | Add a Comment
Recent in Malware:
- PEiD – Detect PE Packers, Cryptors & Compilers
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan
- Veil Framework – Antivirus Evasion Framework

Related Posts:

Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,470 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,586 views
- US considers banning DRM rootkits – Sony BMG - 44,978 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


dnsmap 0.22 Released – Subdomain Bruteforcing Tool

Don't let your data go over to the Dark Side!


dnsmap is a subdomain bruteforcer for stealth enumeration, you could say something similar to Reverse Raider or DNSenum.

Originally released in 2006, dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc. dnsmap was included in Backtrack 2 and 3, although the version included is the now dated version 0.1.

Subdomain brute-forcing is another technique that should be used in the enumeration stage, as it’s especially useful when other domain enumeration techniques such as zone transfers don’t work (public zone transfers rarely work nowadays).

Original Features of Version 0.1

  • obtain all IP addresses (A records) associated to each successfully bruteforced subdomain, rather than just one IP address per subdomain
  • abort the bruteforcing process in case the target domain uses wildcards
  • ability to be able to run the tool without providing a wordlist by using a built-in list of keywords
  • bruteforcing by using a user-supplied wordlist (as opposed to the built-in wordlist)

New Improvements in Version 0.22

  • saving the results in human-readable and CSV format for easy processing
  • fixed bug that disallowed reading wordlists with DOS CRLF format
  • improved built-in subdomains wordlist
  • new bash script (dnsmap-bulk.sh) included which allows running dnsmap against a list of domains from a user-supplied file.
  • bypassing of signature-based dnsmap detection by generating a proper pseudo-random subdomain when checking for wildcards

You can download dnsmap 0.22 here:

dnsmap-0222tar.gz (Make sure you add another . before the tar)

Or read more here.


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- Empire – PowerShell Post-Exploitation Agent
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,969,715 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,388,692 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 674,318 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95