Archive | August, 2009


28 August 2009 | 7,611 views

Mac OS X Snow Leopard Bundled With Malware Detector

Ah we saw this coming didn’t we, back in June we reported on Apple Struggling With Security & Malware and now they have shown they were paying attention. Even though they tried to do so quietly, they are slipping a ‘malware detector’ into the latest OS X update known as Snow Leopard. The problem is [...]

Continue Reading


27 August 2009 | 6,767 views

Trafscrambler – Anti-sniffer/IDS Tool

Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD. Features Injection of packets with bogus data and with randomly selected bad TCP cksum or bad TCP sequences Userland binary(tsctrl) for controlling trafscrambler NKE SYN decoy – sends out number of SYN pkts before the original SYN pkt TCP reset attack – sends [...]

Continue Reading


25 August 2009 | 6,962 views

TJX Hacker Albert “Segvec” Gonzalez Indicted By Federal Grand Jury

We’ve been following the whole TJX saga for quite some time now since way back in September 2007 when the hack became public as the Largest Breach of Customer Data in U.S. History and in August 2008 when the TJX Credit Card Hackers Got Busted. The legal system has ticked along and now they have [...]

Continue Reading


21 August 2009 | 13,176 views

IKECrack – IKE/IPSec Authentication Cracking Tool

IKECrack is an open source IKE/IPSec authentication crack tool. This tool is designed to bruteforce or dictionary attack the key/password used with Pre-Shared-Key [PSK] IKE authentication. The open source version of this tool is to demonstrate proof-of-concept, and will work with RFC 2409 based aggressive mode PSK authentication. IKE Agressive Mode BruteForce Summary Aggressive Mode [...]

Continue Reading


19 August 2009 | 19,786 views

Serious Linux Kernel Vulnerability For ALL 2.4 & 2.6 Kernels

This is a serious bug, it effects all Kernel versions released since May 2001! That goes all the way back to the early 2.4 versions. It’s also exploitable according to the report – This issue is easily exploitable for local privilege escalation. In order to exploit this, an attacker would create a mapping at address [...]

Continue Reading


18 August 2009 | 22,803 views

Stoned Bootkit – Windows XP, 2003, Vista, 7 MBR Rootkit

What is Stoned Bootkit? A bootkit is a boot virus that is able to hook and patch Windows to get load into the Windows kernel, and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption, because the master boot record (where Stoned is stored) is not encrypted. [...]

Continue Reading


17 August 2009 | 13,393 views

Twitter Being Used As Botnet Command Channel

Ah Twitter in the news again, the bad guys sure do keep up with new trends. After being taken offline for a while by a Joejob DDoS attack Twitter is in the news again – this time it’s being used as the command channel for a Botnet. The normal method for controlling Botnets is via [...]

Continue Reading


14 August 2009 | 26,877 views

sslsniff v0.6 Released – SSL MITM Tool

This tool was originally written to demonstrate and exploit IE’s vulnerability to a specific “basicConstraints” man-in-the-middle attack. While Microsoft has since fixed the vulnerability that allowed leaf certificates to act as signing certificates, this tool is still occasionally useful for other purposes. It is designed to MITM all SSL connections on a LAN and dynamically [...]

Continue Reading


12 August 2009 | 53,535 views

WordPress 2.8.3 Admin Reset Exploit

Ah it’s WordPress again, sometimes I wonder how many holes there are in WordPress. I guess a dedicated attacker could find some serious ones with the complexity of the code base. It’s suspected some of the recent high profile breaches have come from WordPress exploits. The latest one to become public is a simple but [...]

Continue Reading


10 August 2009 | 19,179 views

Xplico – Network Forensic Analysis Tool

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic [...]

Continue Reading