Archive | 2009

Microsoft Leaves Users Waiting For Black Screen Of Death Fix

Cybertroopers storming your ship?


The news this week has been a flaw in Microsoft‘s all versions of Windows labeled as the “Black Screen of Death”, they did acknowledge the problem a few days ago (in a roundabout way) but basically said it wasn’t their fault and it wasn’t widespread.

The blame is currently being passed around and as of now, no-one really knows exactly what is going on. With Prevx leading up the initial claims that the newest batch of November updates pushed out by Microsoft caused the problem.

Users who want the best Windows experience will need some help from Microsoft. But if the Black Screen of Death case is any indication, Microsoft isn’t so quick to take responsibility. As usual, users find they are left to their own devices to solve problems with software and hardware they paid good money for.

For too long, users have been forced by default to deal with the many security problems that plague the Windows ecosystem. Whether because of malware, flaws in how Microsoft built Windows or any other number of things that can occur in the course of using a Windows PC, it seems that users have to look to their own knowledge and resources to maintain at least a basic level of security.

It has gotten so bad that today, no anti-malware program is capable of targeting and removing every malicious file that can potentially impact a Windows installation. Even with several anti-malware tools installed, not a single Windows user is absolutely safe. And in order to come closer to achieving that lofty goal, the user needs to be diligent, always keeping in mind that if trouble strikes, it could very well be a battle with a malicious hacker.

It’s a pretty crippling bug and very confusing for most users as it’s not a total kernel panic like the traditional Blue Screen of Death but starts up normally and allows you login.

The problem appears after you login when the entire screen is black, there is no menu, no system tray, no taskbar and only a single “My Computer” desktop icon.

Plus any non-technical users trying to remedy the problem will face a tough time, not all fixes work and it’s really an odd problem.

Perhaps that’s why the controversy over the Black Screen of Death has taken on such a life of its own in the past 24 hours. Just one day ago, Windows users experiencing a Black Screen of Death generally believed that the problem began with updates from Microsoft that they had installed.

But after investigating the situation, Microsoft responded late Dec. 1 saying it wasn’t at fault. And Prevx, the security company that initially suggested that Windows updates were to blame, has already backtracked. Once again users are left wondering what they can possibly do to keep from loosing time, data and even possibly cash to this glitch for which Microsoft apparently doesn’t want to take responsibility.

A lot of buck passing has been going on as per usual and the baggage ends up with the end user as per usual with issues pertaining to Microsoft.

It’s pretty heated at the moment so it’ll be interested to see what transpires over the next few days and if we will actually get some definitive answers (unlikely).

Wherever the fault actually lies, Windows 7 users are still left wondering what is going on and how they are supposed to fix it.

Source: eWeek


Posted in: Exploits/Vulnerabilities, Windows Hacking

Tags: , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- DROWN Attack on TLS – Everything You Need To Know

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,042 views
- AJAX: Is your application secure enough? - 119,981 views
- eEye Launches 0-Day Exploit Tracker - 85,449 views

Get 50% off your second year with our 2-year deal!


Process Hacker v1.7 Released – Process Viewer & Memory Editor

Don't let your data go over to the Dark Side!


Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Key Features

  • Viewing, terminating, suspending and resuming processes.
  • Restarting processes, creating dump files, detaching from any debuggers, viewing heaps, injecting DLLs, etc.
  • Viewing detailed process information, statistics, and performance information.
  • Viewing, terminating, suspending and resuming threads.
  • Viewing detailed token information (including modifying privileges).
  • Viewing and unloading modules.
  • Viewing memory regions.
  • Viewing environment variables.
  • Viewing and closing handles.
  • Viewing, controlling and editing services.
  • Viewing and closing network connections.

System Requirements

  • .NET Framework 2.0
  • Microsoft Windows XP SP2 or above, 32-bit or 64-bit.

You can download Process Hacker v1.7 here:

processhacker-1.7-setup.exe

Or read more here.


Posted in: Forensics, Windows Hacking

Tags: , , , , , , , , ,

Posted in: Forensics, Windows Hacking | Add a Comment
Recent in Forensics:
- FastIR Collector – Windows Incident Response Tool
- Rekall – Memory Forensic Framework
- DAMM – Differential Analysis of Malware in Memory

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,326 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 33,898 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 27,787 views

Get 50% off your second year with our 2-year deal!


Home Secretary says McKinnon must face US trial

Don't let your data go over to the Dark Side!


Since the last update almost a year ago when Gary won the right to appeal against extradition, the latest news in the Gary Mckinnon saga is that his extradition to the US for trial will be going ahead.

Even with his apparent medical condition of Ass Burgers Asperger’s it seems he will be extradited anyway according to the UK Home Secretary Alan Johnson.

Let’s hope the US government don’t throw the whole terrorism book at him and he gets charged under computer misuse laws.

Computer hacker Gary McKinnon looks set to face trial in the US after Home Secretary Alan Johnson said there were no grounds to prevent his extradition.

He appeared to have been thrown a lifeline last month when new medical evidence was submitted to Johnson regarded McKinnon’s Asperger’s Syndrome. However, after considering the evidence, Johnson said yesterday that sending McKinnon to the US would not breach his human rights.

“Due to legitimate concerns over Mr McKinnon’s health, we have sought and received assurances from the United States authorities that his needs will be met,” Johnson said.

In an interview with the BBC, McKinnon’s lawyer said his legal team would not give up the fight to prevent McKinnon’s extradition.

It’s fair enough really, I don’t see how the whole Asperger’s thing has anything to do with it. The guy did do something wrong, and he knew it was wrong so it’s not like you can claim insanity.

I just think the whole thing has been totally blown out of proportion, he got into some pretty heavy networks using easily guess passwords.

It’s not like he did some Einstein relative cryptography on US army weapon algorithms.

“We are certainly coming to the end of the road,” said Karen Todner. “We’re just hoping at some point someone sees sense and steps in. All the legal team do know is we cannot give up because in some ways it’s like dealing with a death row case, and we genuinely believe that Gary’s life is at stake here.”

McKinnon’s legal battle dates back to 2001, after he broke into US military computers, including those belonging to NASA, in a bid to prove the US government had knowledge of UFOs.

While he says his actions caused no damage, the US claims he stole 950 passwords, deleted files at a naval base in New Jersey and rendered the military computer networks used following September 11 useless. The US estimates the damage caused by McKinnon at $700,000 (£433,000).

His legal battle has been going for 8 years now, I wonder how much longer it has left to run. I’d say another 1-2 years at minimum.

We’ve been covering it for 3 years already and it’s still nowhere near conclusion.

Either way I wish my fellow brit Gary Mckinnon the best of luck in fighting the behemoth US legal system.

Source: Network World


Posted in: General Hacking, Legal Issues

Tags: , , , , , , , , , , , ,

Posted in: General Hacking, Legal Issues | Add a Comment
Recent in General Hacking:
- Dradis – Reporting Platform For IT Security Professionals
- Kid Gets Arrested For Building A Clock – World Goes NUTS
- Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Related Posts:

Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,167,352 views
- Hack Tools/Exploits - 620,480 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 431,851 views

Get 50% off your second year with our 2-year deal!


Metasploit 3.3 Released! Exploitation Framework

Don't let your data go over to the Dark Side!


What is Metasploit?

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

What does it do?

The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.

If you don’t already know about Metasploit I would guess you aren’t even in the security industry.

It’s come a long way since it’s early versions and has picked up huge supports from the community.

  • Metasploit now has 445 exploit modules and 216 auxiliary modules (from 320 and 99 respectively in v3.2)
  • Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (375k lines of Ruby)
  • Over 180 tickets were closed during the 3.3 development process

Full release notes for v3.3 are here.

You can download Metasploit v3.3 here:

Windows – framework-3.3.exe
Linux – framework-3.3.tar.bz2

Or read more here.


Posted in: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking, Windows Hacking

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- DROWN Attack on TLS – Everything You Need To Know

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,042 views
- AJAX: Is your application secure enough? - 119,981 views
- eEye Launches 0-Day Exploit Tracker - 85,449 views

Get 50% off your second year with our 2-year deal!


First Malicious iPhone Worm In The Wild

Cybertroopers storming your ship?


It’s a little less than 2 weeks since the Jailbroken iPhone Users Got Rickrolled and as I thought a similar worm has been seen in the wild – but this time with malicious intent.

As the rickrolling incident showed, even the more savvy users that jailbreak their phones neglect to change the default SSH password meaning they can easily be rooted…and well this new worm is doing just that.

The user as usual is the weak link here, it’s not a true exploit – just an unchanged default password.

A Dutch internet service provider has identified a worm that installs a backdoor on jailbroken iPhones and makes them part of a botnet.

The worm, according to XS4ALL, targets jailbroken iPhones whose owners have carelessly failed to change the default password. In addition to connecting to a Lithuanian master command channel, it also changes the root password for the device, making it harder for owners trying to regain control. Infected iPhones are also tagged with a unique ID number.

“A number of customers with jailbroken phones have been found running unknown software on their phones which is trying to compromise other iPhone users at other telecommunications providers,” the XS4ALL advisory stated. “XS4ALL strongly advises caution against jailbreaking if you are not fully aware of the potential risks to your privacy and security.”

It’s quite smart, after installing itself it’ll change the root password (from my point of view to stop it getting reinfected and b0rked) and also to make it harder for the phone user to take back control.

I think it’s the first time I’ve seen a mobile device be infected and hooked up to a botnet, I thought it might happen with consoles before..but now with mobile 3G/3.5G Internet and powerful CPUs in mobile phones the next big thing might be botnets running on iPhones, Android and Symbian devices.

The worm has the ability to pillage SMS databases, and an analysis by Security.nl (English translation here) has identified a script that looks for mobile transaction authentication numbers used by some banks to perform two-factor authentication with SMS-based systems. (Sophos also has analysis here.)

The worm tries to propagate by scanning a variety of IP ranges, including those used by carriers T-Mobile, UPC in the Netherlands, and Optus in Australia. The worm is especially active when it has access to wi-fi networks. One tip-off that a device has been infected is that battery life is extremely short when connected to 802.11 networks because the worm generates so many connections. The worm is not widespread, F-Secure said Sunday.

The attacks come two weeks after a separate piece of self-replicating code caused iPhones mostly located in Australia to display images of Rick Astley, the schmaltzy 1980s pop singer. The most recent outbreak appears to be the first instance of malicious iPhone malware spreading in the wild.

So do your friends a favour and tell anyone with a jailbroken iPhone to change the default SSH password to something else! Just doing that will save them from the current crop of threats.

I wonder what else will come of this, will it become a widespread infection of jailbroken iPhone users? Will it reach every continent?

Over here in asia iPhones are fairly popular, but not hugely so like in the US. I’d say if there’s anywhere ripe for some iPhone mayhem it would be America.

Source: The Register


Posted in: Apple, Exploits/Vulnerabilities, Malware

Tags: , , , , , , , , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities, Malware | Add a Comment
Recent in Apple:
- FBI Backed Off Apple In iPhone Cracking Case
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan
- XcodeGhost iOS Trojan Infected Over 4000 Apps

Related Posts:

Most Read in Apple:
- KisMAC – Free WiFi Stumbler/Scanner for Mac OS X - 82,902 views
- Apple Struggling With Security & Malware - 24,117 views
- Java Based Cross Platform Malware Trojan (Mac/Linux/Windows) - 15,832 views

Get 50% off your second year with our 2-year deal!


Microsoft Confirms First Windows 7 0-Day Vulnerability

Don't let your data go over to the Dark Side!


So a pretty serious remote vulnerability has been discovered in Windows 7, as usual Microsoft is downplaying the problem asking you to block the ports on your firewall rather than fixing the issue.

I’d imagine the problem would only really be a big issue inside networks as who exposes SMB ports to the outside world anyway (TCP ports 139 and 445).

But as we all know, the biggest threat to corporate network security ALWAYS comes from the inside.

Microsoft late on Friday confirmed that an unpatched vulnerability exists in Windows 7, but downplayed the problem, saying most users would be protected from attack by blocking two ports at the firewall.

In a security advisory , Microsoft acknowledged that a bug in SMB (Server Message Block), a Microsoft-made network file- and print-sharing protocol, could be used by attackers to cripple Windows 7 and Windows

The zero-day vulnerability was first reported by Canadian researcher Laurent Gaffie last Wednesday, when he revealed the bug and posted proof-of-concept attack code to the Full Disclosure security mailing list and his blog. According to Gaffie, exploiting the flaw crashes Windows 7 and Server 2008 R2 systems so thoroughly that the only recourse is to manually power off the computers.

At the time, Microsoft only said it was investigating Gaffie’s reports.

And well let’s face is, this is not the first time that a serious flaw that can be remotely exploited has been discovered in SMB.

It doesn’t seem like the most secure of protocols, I really doubt Microsoft developed it using SDL (Security Development Lifecycle).

It seems in this case though it’s limited to a DoS attack, perhaps due to all the fancy security controls Microsoft has implemented in the Windows 7 kernel.

Then on Friday, it took the next step and issued the advisory. “Microsoft is aware of public, detailed exploit code that would cause a system to stop functioning or become unreliable,” Dave Forstrom, a spokesman for Microsoft security group, said in an e-mail. “The company is not aware of attacks to exploit the reported vulnerability at this time.”

Forstrom echoed Gaffie’s comments earlier in the week that while an exploit could incapacitate a PC, the vulnerability could not be used by hackers to install malicious code on a Windows 7 system.

Both SMBv1 and its successor, SMBv2, contain the bug. “Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003 and Windows 2000 are not affected,” assured Forstrom.

Attacks could be aimed at any browser, not just Internet Explorer (IE), Microsoft warned. After tricking users into visiting a malicious site or a previously-compromised domain, hackers could feed them specially-crafted URIs (uniform resource identifier), and then crash their PCs with malformed SMB packets.

Even so, I’m sure a skilled attacker could probably work out a way to drop some malicious code into the OS using this PoC and well if I know the underground they probably already are.

This vulnerability is the first official zero-day reported and confirmed by Microsoft in Windows 7 since the new operating system went on sale October 22nd.

I’m sure there will be many more.

Source: Network World


Posted in: Exploits/Vulnerabilities, Windows Hacking

Tags: , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- DROWN Attack on TLS – Everything You Need To Know

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,042 views
- AJAX: Is your application secure enough? - 119,981 views
- eEye Launches 0-Day Exploit Tracker - 85,449 views

Get 50% off your second year with our 2-year deal!


Katana v1 (Kyuzo) – Portable Multi-Boot Security Suite

Cybertroopers storming your ship?


The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite security tools, you can keep them all conveniently in your pocket.

Katana includes distributions which focus on Penetration Testing, Auditing, Password Cracking, Forensics and Honey Pots. Katana comes with over 100 portable Windows applications, such as Wireshark, HiJackThis, Unstoppable Copier, Firefox, and OllyDBG. It also includes the following distributions:

  • Backtrack 4 pre
  • the Ultimate Boot CD
  • Ophcrack Live
  • Damn Small Linux
  • the Ultimate Boot CD for Windows
  • Got Root? Slax
  • Organizational Systems Wireless Auditor (OSWA) Assistant
  • Damn Vulnerable Linux

Katana is also highly customizable. You can modify Katana by adding or removing distributions and portable apps with ease. You can add functionality to distributions like the Ultimate Boot CD, Got Root? Slax and UBCD4Win. You can also load your personal scripts and documents to keep them conveniently with
you on your flash drive to use in concert with the provided tools.

You can download Katana v1 here:

katana-v1.rar
katana-v1.torrent

Or read more here.


Posted in: Hacking Tools, Password Cracking

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ,

Posted in: Hacking Tools, Password Cracking | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,968,656 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,384,772 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 673,787 views

Get 50% off your second year with our 2-year deal!


SSL Renegotiation Bug Succesfully Used To Attack Twitter

Don't let your data go over to the Dark Side!


When this SSL Renegotiation bug hit the news, most people said it was a theoretical attack and was of no practical use in the real world.

But then people tend to say that about most things don’t they until they get pwned up the face.

It turns out the rather obscure SSL flaw can be used to take over user accounts from websites that use API’s and especially those utilizing 3rd party clients (Twitter being the biggest but a lot of people are accessing Facebook now using clients too).

A Turkish grad student has devised a serious, real-world attack on Twitter that targeted a recently discovered vulnerability in the secure sockets layer protocol.

The exploit by Anil Kurmus is significant because it successfully targeted the so-called SSL renegotiation bug to steal Twitter login credentials that passed through encrypted data streams. When the flaw surfaced last week, many researchers dismissed it as an esoteric curiosity with little practical effect.

For one thing, the critics said, the protocol bug was hard to exploit. And for another, they said, even when it could be targeted, it achieved extremely limited results. The skepticism was understandable: While attackers could inject a small amount of text at the beginning of an authenticated SSL session, they were unable to read encrypted data that flowed between the two parties

So even though the fella couldn’t decrypt or read the data in the session, he could manipulate it in such a way that it spat out the goodies using the Twitter API.

It’s a very neat attack if you ask me, especially if you executed it via DM (Direct Message) it’s pretty unlikely anyone would notice their account had been ‘hacked’.

Perhaps this is how the bad guys have been doing it for a while because I do see an awful lot of hijacked accounts on Twitter and the owners have no idea why (they hadn’t logged in to any dodgy sites with OAuth or their Twitter credentials).

Despite those limitations, Kurmus was able to exploit the bug to steal Twitter usernames and passwords as they passed between client applications and Twitter’s servers, even though they were encrypted. He did it by injecting text that instructed Twitter’s application protocol interface to dump the contents of the web request into a Twitter message after they had been decrypted.

“My point is I think that it’s not so hard to make it work,” said Kurmus, who lives in Zurich and recently completed his masters thesis at the Eurecom Institute. “Maybe some other people did the same thing and did not make it public, so this is why I think it’s important that people would take this bug more seriously.”

Twitter proved an ideal platform to carry out the attack for several reasons. First, every request sent over the microblogging site includes the account holder’s username and password. Second, the site’s API made it easy to post the contents of the intercepted data stream into a message that an attacker could then retrieve.

Twitter has apparently plugged the hole from their side, but as the flaw in SSL itself it seems only one vendor is near to issuing a patch (OpenSSL).

If you extrapolate a little though, this attack could work on anything with a POST/GET interface on the web running on SSL – like Gmail for example.

I hope companies get to patching and plug this hole as it can be carried out all too quietly and wreak a whole lot of havoc!

Source: The Register


Posted in: Exploits/Vulnerabilities, Network Hacking, Web Hacking

Tags: , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Network Hacking, Web Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?
- DROWN Attack on TLS – Everything You Need To Know

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,042 views
- AJAX: Is your application secure enough? - 119,981 views
- eEye Launches 0-Day Exploit Tracker - 85,449 views

Get 50% off your second year with our 2-year deal!


Cain & Abel v4.9.35 – Password Sniffer, Cracker and Brute-Forcing Tool

Cybertroopers storming your ship?


It’s been quite a while since we’ve written about Cain & Abel, one of the most powerful tools for the Windows platform (back in 2007 here).

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.

Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.


The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.

Most recently added is the support for Windows 2008 Terminal Server in APR-RDP sniffer filter.

You can download Cain & Abel v4.9.35 here:

ca_setup.exe

Or read more here, the online user manual is here.


Posted in: Hacking Tools, Network Hacking, Password Cracking

Tags: , , , , , , , , , , , , , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Password Cracking | Add a Comment
Recent in Hacking Tools:
- Recon-ng – Web Reconnaissance Framework
- INURLBR – Advanced Search Engine Tool
- DNSRecon – DNS Enumeration Script

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,968,656 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,384,772 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 673,787 views

Get 50% off your second year with our 2-year deal!


Jailbroken iPhone Users Get Rickrolled

Cybertroopers storming your ship?


The ‘big’ news this week was the first self-replicating worm hit the iPhone, it only seemed to be spreading in Australia though and only worked under a specific set of circumstances.

It only effects iPhone users that have jailbroken their phone and have the SSH software installed with a default password of alpine.

Thankfully it’s not particularly malicious unless you are allergic to Rick Astley.

iPhone owners in Australia awoke this weekend to find their devices targeted by self-replicating attacks that display an image of 1980s heart throb Rick Astley that’s not easily removed. The attacks, which researchers say are the world’s first iPhone worm in the wild, target jailbroken iPhones that have SSH software installed and keep Apple’s default root password of “alpine.” In addition to showing a well-coiffed picture of Astley, the new wallpaper displays the message “ikee is never going to give you up,” a play on Astley’s saccharine addled 1987 hit “Never Gonna Give You Up.”

Tricking victims in to inadvertently playing the song has become a popular prank known as Rickrolling. A review of some of the source code, shows that the malware, once installed, searches the mobile phone network for other vulnerable iPhones and when it finds one, copies itself to them using the the default password and SSH, a Unix application also known as secure shell. People posting to this thread on Australian discussion forum Whirlpool first reported being hit on Friday.

A new twist on the rickrolling phenomena at least, and of course the good thing for the rest of the World is that the infection seems to be fairly localized.

To me it’s more of a PoC (Proof of Concept) than anything else, but it is a neat piece of programming and shows what some malicious minds could put together if they wanted to target iPhones.

From the authors perspective he just wants to let people know that if they are gonna mess with their iPhone they better secure their shit.

The attack is a wakeup call for anyone who takes the time to jailbreak an iPhone. While the hack greatly expands the capabilities of the Apple smartphone, it can also make it more vulnerable. Programs such as OpenSSH, which can only be installed after iPhones have undergone the procedure, can be extremely useful, but if owners haven’t bothered to change their root password, the programs also represent a gaping hole waiting to be exploited.

Indeed, a hacker going by the moniker ikee and claiming to be responsible for the worm said here that he wrote the program to bring awareness to the widely followed practice of failing to change the iPhone’s password.

“I was quite amazed by the number of people who didn’t RTFM and change their default passwords,” the unidentified worm writer said. “I admit I probably pissed of [sic] a few people, but it was all in good fun (well ok for me anyway).”

Ikee said the worm disables the SSH daemon so it can’t be targeted further.

And in the true hacker spirit, the worm disables SSH so it can’t get infected again or hacked by anyone else.

It doesn’t takes skills to own the box, it takes skills to stay on the box :)

Source: The Register


Posted in: Apple, Exploits/Vulnerabilities, Malware

Tags: , , , , , , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities, Malware | Add a Comment
Recent in Apple:
- FBI Backed Off Apple In iPhone Cracking Case
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan
- XcodeGhost iOS Trojan Infected Over 4000 Apps

Related Posts:

Most Read in Apple:
- KisMAC – Free WiFi Stumbler/Scanner for Mac OS X - 82,902 views
- Apple Struggling With Security & Malware - 24,117 views
- Java Based Cross Platform Malware Trojan (Mac/Linux/Windows) - 15,832 views

Get 50% off your second year with our 2-year deal!