Archive | October, 2009

Illegal File Sharers To Be Cut Off By 2011

Your website & network are Hackable


It was 2008 when the UK government originally proposed disconnecting pirates from the Internet, then a few months later Australia followed suit.

The latest is that it’s really going to be legislated and will come into force by April 2010 under the Digital Economy Bill.

I’ve noticed this trend picking up lately, a few companies are adopting this strategy or at least discussing it. First hit – warning, second hit – suspension then finally third hit is permanent disconnection and possible blacklisting.

Illegal file-sharers could be booted off the internet by summer 2011, says Lord Mandelson. The Business Secretary, who has been charged with ironing out the UK’s plans to tackle internet piracy, revealed that disconnecting repeat offenders will be a last resort.

Mandelson told the government’s Digital Creative Industries Conference that the “consequence-free” days of illegal file-sharing are over, and that a “legislate and enforce” strategy had been identified as the best way to tackle the problem. “Three strikes is a reasonable way of describing our approach,” he said.

The legislation, which will see those caught illegally downloading sent warning letters, will be officially set out in the Digital Economy Bill that is expected next month and will come into force in April 2010. “Technical measures will be a last resort and I have no expectation of mass suspensions resulting.”

I don’t see what the big deal is really, just use encrypted protocols or sign up to a VPN package and use another country that’s no so big on stamping down on piracy.

A lot of people use VPNs here in US or UK simply because BitTorrent traffic is throttled, it’s a small price to pay.

The same measures could be used to avoid any ISP snooping and get your downloads in peace. The whole Torrent scene has become a bit of a mess lately and it’s a hotpot of bogus files and tracked downloads.

Even with something like PeerGuardian you aren’t totally safe.

Repeat offenders will be issued with a second letter. If this fails to stop them illegally downloading, they will be put on a “serious infringers list”, with ISPs expected to “exercise technical measures”.

Mandelson also said that Ofcom will monitor the success of the warning letters in the first year and if illegal file-sharing has not reduced by 70 percent then suspending net connections will be brought into force.

“The threat for persistent individuals is, and has to be, real, or no effective deterrent to breaking the law will be in place,” he added.

Mandelson also said a “proper route of appeal” would be available for those suspended from the web. Once notified of possible suspension, offenders will be given 20 working days to appeal to an independent body, although Ofcom has yet to appoint the body. Mandelson said the suspension would not come into force until the appeal has been heard.

It’s interesting as well that they aren’t going hardcore right off the bat, they are still giving people a chance. If piracy reduces by 70% after the initial measures are put in place no-one will get disconnected.

Does that mean 30% of people can still download copyright content without any repercussions?

I’ll be watching the implementation anyway to see what kind of effect it has, I’d like to see the figures before and after 12 months and of course the metrics for measurement.

Source: Network World


Posted in: General News

Tags: , , , , , , , , , , , , , , ,

Posted in: General News | Add a Comment
Recent in General News:
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,405 views
- eEye Launches 0-Day Exploit Tracker - 85,579 views
- Seattle Computer Security Expert Turns Tables On The Police - 43,995 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


KrbGuess – Guess/Enumerate Kerberos User Accounts

Find your website's Achilles' Heel


KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you to do this by studying the response from a TGT request to the KDC server. The tool works against both Microsoft Active Directory, MIT and Heimdal Kerberos implementations. In addition it will detect if an account lacks pre-authentication.

The tool is supplied with a file containing a list of usernames and requests a TGT for each user and then waits for the response. If the KDC responds with a valid TGT or with an error message stating that pre-authentication is required, a valid username has been discovered. Several guesses can be run in parallel (currently only against a single KDC) in order to improve performance.


Be careful not to run with to many threads and low timeouts as it will bring the KDC to its knees during the time of the test. The default values have been tuned against a virtual machine, and currently eat somewhere around 80% CPU which gives me roughly 700 guesses per second. In most cases the network throughput won’t be the performance bottleneck. So far I’m seeing that 2-3MBit of queries is generating a sustained 100% CPU load against both Heimdal on Ubuntu and Windows 2003.

The tool is written in Java and does not rely on any Kerberos libraries to perform the guessing. In order to successfully run the tool against a system it needs at least the realm, dictionary and a server parameters to be set. eg.

You can download KrbGuess here:

krbguess-0.21-bin.tar.gz

Or read more here.


Posted in: Hacking Tools, Network Hacking, Password Cracking

Tags: , , , , , , , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Password Cracking | Add a Comment
Recent in Hacking Tools:
- dnmap – Distributed Nmap Framework
- DMitry – Deepmagic Information Gathering Tool
- Automater – IP & URL OSINT Tool For Analysis

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,982,195 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,436,796 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 681,284 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Facebook E-mail Spam Conceals Malware Attack

Find your website's Achilles' Heel


Facebook has had a fair share of problems, being a large community of course it’s going to be a ripe target for spammers, scammers and malware distributors.

The latest to hit is a spam e-mail claiming to be from the Facebook team that actually spreads a nasty piece of malware called Bredolab. It’s also been observed the trojan will connect to additional servers to install more malware.

The ultimate goal as usual is to make the victims part of a botnet.

Researchers at several security firms have uncovered a spam campaign targeting Facebook users. The e-mails, which pose as communications from Facebook about password resets, contain a nasty downloader that ultimately makes users part of a notorious botnet.

Researchers at several security firms have tied the Bredolab Trojan to a spam campaign targeting Facebook users.

The malware is being blasted out by spammers in e-mails claiming to come from “The Facebook Team.” Inside the e-mails is a message that the recipient’s Facebook password has been changed. In order to get the new one, recipients are told to open the accompanying attachment containing the malware.

Researchers at Websense told eWEEK Oct. 27 that they have observed more than 350,000 of the messages. On the company’s blog, researchers explained that the malware connects to two servers to download additional malicious files. Among them is Pushdo, also known as Cutwail.

This spam campaign seems to be generating some fairly high levels of traffic meaning whoever is behind it is pretty serious and committed to this vector for disseminating malware.

Social engineering isn’t a new method for propagating malware as always the weakest link is never the technological barriers but is always the stupidity/greed/gullibility of humans.

You can ALWAYS hack the wetware.

“One of the first things we saw this Trojan horse download was the Pushdo bot which began spamming out more of these Facebook password reset emails,” according to M86 Security.

MX Logic noted that Bredolab bypasses firewalls by injecting its own code into the legitimate process svchost.exe and explorer.exe. It also contains anti-sandbox code to thwart researchers, and creates the following files: %AppData%\wiaservg.log, %Windir%\temp\wpv861256600826.exe and %Programs%\Startup\isqsys32.exe. Bredolab also creates the processes isqsys32.exe and svchost.exe.

Sophos is detecting the malware as Troj/BredoZp-M or Mal/Bredo-A.

“Don’t make life easy for the hackers hell-bent on infecting your computer, stealing your identity and emptying your bank account – exercise caution when you receive unsolicited emails and protect your computer with up-to-date security software,” Graham Cluley, senior technology consultant at Sophos, advised in a blog post.

It looks like a pretty advanced piece of malware code which evades firewall measures and even tries to thwart analysis by AV companies.

Anti sandbox code and process injection, these bad guys are getting smart.

That does not bode well for the average citizen.

Source: eWeek


Posted in: Malware, Social Engineering, Spammers & Scammers

Tags: , , , , , , , , , , , , , , , , , , , , , ,

Posted in: Malware, Social Engineering, Spammers & Scammers | Add a Comment
Recent in Malware:
- Cuckoo Sandbox – Automated Malware Analysis System
- movfuscator – Compile Into ONLY mov Instructions
- MISP – Malware Information Sharing Platform

Related Posts:

Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,517 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,636 views
- US considers banning DRM rootkits – Sony BMG - 44,988 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Yokoso! – Web Infrastructure Fingerprinting & Delivery Tool

Your website & network are Hackable


Yokoso! is a project focused on creating fingerprinting code that is deliverable through some form of client attack. This can be used during penetration tests that combine network and web applications. One of the most common questions we hear is “so what can you do with XSS?” and we hope that Yokoso! answers that question.

We will creating JavaScript and Flash objects that are able to be delivered via XSS attacks. These code payloads will contain the fingerprinting information used to map out a network and the devices and software it contains.

In basic terms Yokoso! is a collection of infrastructure fingerprints. These fingerprints are useful during penetration tests to determine both what infrastructure is in use and to determine who are the admins of that infrastructure. It is built using the URIs of the web administration interfaces.

You can download Yokoso! v0.1 here:

yokoso.0.1.tar.gz

Or read more here.


Posted in: Hacking Tools, Network Hacking, Web Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment
Recent in Hacking Tools:
- dnmap – Distributed Nmap Framework
- DMitry – Deepmagic Information Gathering Tool
- Automater – IP & URL OSINT Tool For Analysis

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,982,195 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,436,796 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 681,284 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Web Application Security Consortium (WASC) 2008 Statistics Published

Find your website's Achilles' Heel


The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2008. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. We ascertain which classes of attacks are the most prevalent regardless of the methodology used to identify them. Industry statistics such as those compiled by Mitre CVE project provide valuable insight into the types of vulnerabilities discovered in open source and commercial applications, this project tries to be the equivalent for custom web applications.

Goals

  1. Identify the prevalence and probability of different vulnerability classes.
  2. Compare testing methodologies against what types of vulnerabilities they are likely to identify.

The statistics was compiled from web application security assessment projects which were made by the following companies in 2008 (in alphabetic order):

  • Blueinfy
  • Cenzic with Hailstorm
  • DNS with WebInspect
  • Encription Limited
  • HP Application Security Center with WebInspect
  • Positive Technologies with MaxPatrol
  • Veracode with Veracode Security Review
  • WhiteHat Security with WhiteHat Sentinel

The statistics includes data about 12186 sites with 97554 detected vulnerabilities. The report contains Web application vulnerability statistics which was collected during penetration testing, security audits and other activities made by companies which were members of WASC in 2008. The statistics includes data about 12186 sites with 97554 detected vulnerabilities.

You can find the full study here:

Web Application Security Statistics


Posted in: Exploits/Vulnerabilities, Web Hacking

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- ERTS – Exploit Reliability Testing System
- shadow – Firefox Heap Exploitation Tool (jemalloc)
- Intel Hidden Management Engine – x86 Security Risk?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,033 views
- AJAX: Is your application secure enough? - 120,160 views
- eEye Launches 0-Day Exploit Tracker - 85,579 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Nikto 2.1.0 Released – Web Server Security Scanning Tool

Find your website's Achilles' Heel


It’s been almost 2 years since the last update on Nikto, which was version 2.

For those that don’t know, Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is not designed as an overly stealthy tool. It will test a web server in the shortest timespan possible, and it’s fairly obvious in log files. However, there is support for LibWhisker’s anti-IDS methods in case you want to give it a try (or test your IDS system).

Changes

This version has gone through significant rewrites under the hood to how Nikto works, to make it more expandable and usable.

  • Rewrite to the plugin engine allowing more control of the plugin structure and making it easier to add plugins
  • Rewrite to the reporting engine allowing reporting plugins to cover more and also ensuring that output is written if Nikto is quit before finishing
  • Large overhaul of documentation to document built-in methods and variables
  • Addition of caching to reduce amount of calls made to the web servers, as well as a facility to disable smart 404 guessing.
  • Addition of simple guessing for whether a system is an embedded device and to report what it is
  • Plugin to use OWASPs dictionary lists to attempt to brute force directories on the remote web server (as mutate 6)
  • Plugin to attempt to brute force domains (as mutate 5)
  • Allow username guessing (mutate 3 and 4) to use a dictionary file as well as brute forcing
  • Support for NTLM authentication
  • Lots of bug fixes and new security checks

You can download Nikon 2.1.0 here:

nikto-current.tar.gz

Plugins and DB can be found here.

Or read more here.


Posted in: Hacking Tools, Network Hacking, Web Hacking

Tags: , , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment
Recent in Hacking Tools:
- dnmap – Distributed Nmap Framework
- DMitry – Deepmagic Information Gathering Tool
- Automater – IP & URL OSINT Tool For Analysis

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,982,195 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,436,796 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 681,284 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Retarded E-mails – Carding, Coins, Bombs & More!

Find your website's Achilles' Heel


Ah it’s that time of the year again when all the back to skoolers have some mad l33t knowledge and wanna h4x0r the planet or something.

Hmmm website hacking, sounds simple eh?

thriller wrote:
hai i would like to know website hacking how?……… sedn to my mail

Ok I’m following up up to the exploding part? Not quite sure about that one.

kesarjahs wrote:
hi 2 all, i just want to ask if you have program for hacking of yahoomail /gmail account? If you don’t mind can you send it to my gmail account coz i want to hack and try to explode. I’m looking forward to the end such a long time.

sincerely,
Kesar Jahs

Ok this one is really bizarre, what kind of question does he expect actually?

Jason Davis wrote:
What is this site. I’m a lil lost
J

WTF, does this look like Security Focus? Oh right copy and paste, at least have the decency to change the e-mail you lazy fuck.

Rudra wrote:
Hello,
I’m the senior product manager and a founder employee of Wank Security – the industry’s leading on demand penetration testing company. Previously I’ve written articles in Hakin9, infosec magazine and CISSP training materials for renowned authors. I would also like to contribute to Security focus on a wide variety of topics including penetration testing. Please let me know if you are accepting articles at this point. Offline, I’ve been working on a article on security threats for online gaming. I can contribute this one if it fits your requirement to start with.

Hope to hear from you soon!

Thanks!
Rudra

Ah back to the normal cheating spouse/erase my debt thing going on.

Aliana wrote:
Quick background – I would like to start a new life, my x husband ran my credit to the ground. I am a 28 year old mother and am seeking someone who can help me erase my debt. If you know of anyone please pass on my email address, if not I am sorry to have wasted your time. Thank you!

What’s the bet this guy is Indian, all their e-mails start with ‘Sir’. BTW if you find the magic undetectable hacking tool Fadi, I want a copy too – thanks.

Fadi wrote:
Dear Sir,
i m looking for undetectable hacking tool to purchase is there any so please tell mei didn’t found any yet :( please sir i shall be highly thankfull to u .

I’m not exactly sure what kind of site people think this is, but since when did we do identity searches? She didn’t even mention what country she’s in or how I’m supposed to locate this mysterious person.


Nia wrote:
Do u need the permission of the individual to be able to give me their location?
And how much will it cost for one search?

Website: Hotmail

Credit cards? I have plenty, you can have them all if you want..I keep buying stuff I don’t really need.

noname wrote:
I want to buy credit card what to do to buy?

mig22 or mig33? Make up your mind..

ahmad wrote:
dear friend,
i just wanted to request you something. there is a software used for chating via mobile. its name is mig22. i want to request you to find some way or make some software for that , for hacking or cracking mig33 password. i will be very thankful to you.
waiting for your reply

Oh wow, poor you Louis. I swear people seem to think every ‘hacker’ runs some kind of hack on demand password recovery scheme.

Louis wrote:
Hi,

My ex stole my email accounts and changed all the details so I cant access them or recover them, can you please help me get the passwords so I can recover the email accounts?

Thanks in advance,

Louis

This one sounds like a 419er.

collins masango wrote:
i would need a good creditcard dealer to be suppling me with numbers,this for long time deal,preferably russian,german,canadian,uk or american

This one is a little bit scary..and disjointed, coins and bombs? What a combination.

Alana wrote:
I looking for imfo on atm and coin machines and how to crack into them and on bombs

Keep an eye on the retards here:

http://www.darknet.org.uk/category/retards/


Posted in: Retards

Tags: , , , , , , , , , , , , , ,

Posted in: Retards | Add a Comment
Recent in Retards:
- Retarded E-mails – Damn Interested Hacking, Paid Server Indian Web, Love Hashing & More
- Retarded E-mails – Carding, Coins, Bombs & More!
- Retarded E-mails – Brute Force, Change School Grades, Hack US Military & MORE

Related Posts:

Most Read in Retards:
- Retarded E-mails – Crack Hotmail? Hack Facebook? Boyfriend Cheating? - 64,539 views
- Retarded E-mails – Carding, Coins, Bombs & More! - 33,490 views
- Retarded E-mails – Brute Force, Change School Grades, Hack US Military & MORE - 10,905 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Origami – Parse, Analyze & Forge PDF Documents

Find your website's Achilles' Heel


origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents.

Features

  • Create PDF documents from scratch.
  • Parse existing documents, modify them and recompile them.
  • Explore documents at the object level, going deep into the document structure, uncompressing PDF object streams and desobfuscating names and strings.
  • High-level operations, such as encryption/decryption, signature, file attachments…
  • A GTK interface to quickly browse into the document contents.

Full Scripts

Some scripts are provided to help in performing common actions on PDF files. You can contribute more by sending your own scripts to origami(at)security-labs.org.

  • detectjs.rb: search for all JavaScript objects.
  • embed.rb: add an attachment to a PDF file.
  • create-jspdf.rb: add a JavaScript to a PDF file, executed when the document is opened.
  • moebius.rb: transform a PDF to a moebius strip.
  • encrypt.rb: encrypt a PDF file.

You can download Origami here:

origami-1.0.0-beta1.tar.gz

Or read more here.


Posted in: Forensics, Hacking Tools, Privacy

Tags: , , , , , , , , ,

Posted in: Forensics, Hacking Tools, Privacy | Add a Comment
Recent in Forensics:
- Web Application Log Forensics After a Hack
- CapTipper – Explore Malicious HTTP Traffic
- Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,449 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 34,345 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 29,212 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Firefox Blocks Microsoft .NET Framework Assistant Add-on

Find your website's Achilles' Heel


This is an interesting development, I noticed the pop-up on my Firefox yesterday. The reason however wasn’t security it was ‘instability’.

It’s a fair move by Mozilla though as the add-on can cause security vulnerabilities in Firefox outside of their control. They can’t fix the software, so the best thing they can do to ensure user safety is to block it.

Compounded with the fact it’s extremely hard for users to remove the add-on themselves the block is a good idea.

Mozilla late Friday blocked the Microsoft-made software that had put Firefox users at risk from attack.

The two-part Microsoft component — an add-on dubbed “.NET Framework Assistant” and a plug-in named “Windows Presentation Foundation” — have been blocked by Mozilla as a precautionary measure, said Mike Shaver, the company’s head of engineering.

“Because of the difficulties some users have had entirely removing the add-on, and because of the severity of the risk it represents if not disabled, we contacted Microsoft today to indicate that we were looking to disable the extension and plug-in for all users via our blocklisting mechanism,” Shaver said in an announcement posted Friday night to the company’s security blog .

The annoying thing is these add-ons are installed in Firefox without any kind of prompt or permission given by the user.

Microsoft pushed them out with the .NET Framework 3.5 Service Pack 1 (SP1) update in February this year, so our browsers have been vulnerable since then.

The software was almost impossible to remove without some registry hacking, Microsoft did remedy this later – but still how many people would know?

Mozilla maintains an add-on/plug-in blocking list that automatically bars risky software from being used by Firefox. The open-source company first used the blocker in 2007. Mozilla has used the tool only nine times, including Friday’s blocking of the Microsoft add-on and plug-in. In May 2008, for example, Mozilla added a Vietnamese language pack for Firefox to the blocking list when the pack was found to contain a worm.

According to Shaver, Microsoft gave Mozilla the go-ahead to block the .Net Framework Assistant and the Windows Presentation Foundation.

Last week, Microsoft’s security team acknowledged that its software — which had been silently installed in Firefox as far back as February 2009 — contained a critical vulnerability that could be used by hackers to hijack Windows PCs. The same vulnerability also affected all versions of Internet Explorer (IE), including the newest version, IE8.

Thankfully Firefox has the blocklist functionality and they have been aggressively moving towards ensuring 3rd party additions are also secure and don’t comprise the integrity of the platform.

Last month they warned users with out of date Flash plugins to update.

Firefox 3.6 will be even more aggressive in this aspect warning users when they visit a site that relies on one or more outdated add-ons.

Source: Network World


Posted in: Exploits/Vulnerabilities, Windows Hacking

Tags: , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- ERTS – Exploit Reliability Testing System
- shadow – Firefox Heap Exploitation Tool (jemalloc)
- Intel Hidden Management Engine – x86 Security Risk?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,033 views
- AJAX: Is your application secure enough? - 120,160 views
- eEye Launches 0-Day Exploit Tracker - 85,579 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Naptha – TCP State Exhaustion Vulnerability & Tool

Your website & network are Hackable


The Naptha vulnerabilities are a type of denial-of-service vulnerabilities researched and documented by Bob Keyes of BindView’s RAZOR Security Team in 2000. The vulnerabilities exist in some implementations of the TCP protocol, specifically in the way some TCP implementations keep track of the state of TCP connections, and allow an attacker to exhaust the resources of a system under attack without utilizing much resources on the system used to launch the attack.

The following links provide more information about the Naptha denial-of-service vulnerabilities:

  • The original BindView advisory is archived here.
  • The advisory that CERT/CC published for the Naptha vulnerabilities is here.

The Tool

To study and show the Naptha vulnerabilities, Bob Keyes wrote the Naptha tool. The tool was written in C and used libpcap to read packets from the network and libdnet to craft packets.

The Naptha tool actually consists of two programs: a program called synsend whose only function is to send TCP SYN packets to the target system, and a program called srvr whose function is to respond to specific traffic received from the target system with TCP packets with specific TCP flags set. Both what traffic to respond to and how to respond to it are specified by the user via command-line arguments.

You can download Naptha here:

naptha-1.1.tgz

Or read more here.


Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- ERTS – Exploit Reliability Testing System
- shadow – Firefox Heap Exploitation Tool (jemalloc)
- Intel Hidden Management Engine – x86 Security Risk?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 235,033 views
- AJAX: Is your application secure enough? - 120,160 views
- eEye Launches 0-Day Exploit Tracker - 85,579 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95