Archive | November, 2010

Windows Vista & Windows 7 Kernel Bug Can Bypass UAC

Cybertroopers storming your ship?


Now this is not the first time Windows UAC has hit the news for being flawed, back in February 2009 it was discovered that Windows 7 UAC Vulnerable – User Mode Program Can Disable User Access Control and after that in November 2009 it was demonstrated that Windows 7 UAC (User Access Control) Ineffective Against Malware.

A zero-day for Windows 7 back in July of this year also bypassed Windows UAC.

Once again a serious zero-day has hit Windows, this time an unpatched vulnerability in the Kernel. So far it only seems to be a local exploit, for full devastating effect hackers will need to combine this with a remote zero-day to get access to the machine and then elevate their permissions and bypass UAC with this.

Microsoft is investigating reports of an unpatched vulnerability in the Windows kernel that could be used by attackers to sidestep an important operating system security measure.

One security firm dubbed the bug a potential “nightmare,” but Microsoft downplayed the threat by reminding users that hackers would need a second exploit to launch remote attacks.

The exploit was disclosed Wednesday — the same day proof-of-concept code went public — and lets attackers bypass the User Account Control (UAC) feature in Windows Vista and Windows 7. UAC, which was frequently panned when Vista debuted in 2007, displays prompts that users must read and react to. It was designed to make silent malware installation impossible, or at least more difficult.

“Microsoft is aware of the public posting of details of an elevation of privilege vulnerability that may reside in the Windows kernel,” said Jerry Bryant, a group manager with the Microsoft Security Response Center, in an e-mail. “We will continue to investigate the issue and, when done, we will take appropriate action.”

The bug is in the “win32k.sys” file, a part of the kernel, and exists in all versions of Windows, including XP, Vista, Server 2003, Windows 7 and Server 2008, said Sophos researcher Chet Wisniewski in a Thursday blog post.

Microsoft is aware of the flaw but has not yet issued a statement as to when they will be patching this, I’d imagine given their past that will wait for the next Patch Tuesday before pushing the patch out. And plus the fact it’s a kernel bug it, it may take a little more time to fix.

The security companies seem to be taking this one quite seriously as the publicly-released code is confirmed working across multiple versions of Windows.

There is a very slight chance that Microsoft might push an Out-of-band-patch for this, but I find it unlikely as it’s not a remote vulnerability.


Several security companies, including Sophos and Vupen, have confirmed the vulnerability and reported that the publicly-released attack code works on systems running Vista, Windows 7 and Server 2008.

Hackers cannot use the exploit to remotely compromise a PC, however, as it requires local access, a fact that Microsoft stressed. “Because this is a local elevation-of-privilege issue, it requires attackers to be already able to execute code on a targeted machine,” said Bryant.

“On its own, this bug does not allow remote code execution, but does enable non-administrator accounts to execute code as if they were an administrator,” added Wisniewski.

Although many Windows XP users, especially consumers and those in very small businesses, run the OS via administrator accounts, Microsoft added UAC to Vista and later operating systems as one way to limit user privileges, and thus malware’s access to the PC.

Attackers would have to combine the exploit with other malicious code that takes advantage of another vulnerability on the machine — not necessarily one in Windows, but in any commonly-installed application, such as Adobe Reader, for example — to hijack a PC and bypass UAC.

“This exploit allows malware that has already been dropped on the system to bypass [UAC] and get the full control of the system,” said Prevx researcher Marco Giuliani in an entry on that security company’s blog Thursday.

Prevx reported the vulnerability to Microsoft earlier in the week.

Microsoft has changed the way UAC functions before when it was demonstrated that it could be easily bypassed. The next patch cycle is due on Tuesday, Dec. 14 – which thankfully isn’t too long. I’d be expecting a kernel patch for this issue by then.

There is more info about the issue here:

Sophos – New Windows zero-day flaw bypasses UAC
Prevx – Windows 0-day exploit: Q&A session

Source: Network World


Posted in: Exploits/Vulnerabilities, Windows Hacking

Tags: , , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Recent in Exploits/Vulnerabilities:
- BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records
- Apple Will Not Patch Windows QuickTime Vulnerabilities
- BADLOCK – Are ‘Branded’ Exploits Going Too Far?

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 234,353 views
- AJAX: Is your application secure enough? - 120,031 views
- eEye Launches 0-Day Exploit Tracker - 85,486 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


BlackSheep – Detect Users Of FireSheep On The Network

Cybertroopers storming your ship?


As you surely know, things blew up recently at Toorcon 12 with the release of the much talked about Firefox plugin called Firesheep.

There were various discussions about how to mitigate against it like using Firefox plug-ins to force SSL connections (where available). Microsoft also tried to secure Hotmail with SSL but kinda b0rked that too.

For the 1 person in the World left that doesn’t know, Firesheep allowed any user to seamlessly hijack the web session of another user on the same local network. Although such attacks are not new, the ease of use presented by Firesheep brought session hijacking to the masses.

BlackSheep, also a Firefox plugin is designed to combat Firesheep. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked. While Firesheep is largely passive, once it identifies session information for a targeted domain, it then makes a subsequent request to that same domain, using the hijacked session information in order to obtain the name of the hijacked user along with an image of the person, if available. It is this request that BlackSheep identifies in order to detect the presence of Firesheep on the network. When identified, the user will be receive the following warning message:


BlackSheep - Detect FireSheep

It should be noted that Firesheep and BlackSheep cannot be installed on the same Firefox instance as they share much of the same code base. If you want to run both Firesheep and BlackSheep on the same machine, they should be installed in separate Firefox profiles.

Requirements

In order to install BlackSheep, you need:

  • Mac OS X: 10.5 or newer on an Intel processor.
  • Windows: XP or newer. Install Winpcap first!
  • Firefox: 3.5 or newer. 32-bit only.
  • Linux : details here

You can download BlackSheep here:

blacksheep-latest.xpi

Or read more here.


Posted in: Countermeasures, Forensics, Network Hacking, Security Software

Tags: , , , , , , , , ,

Posted in: Countermeasures, Forensics, Network Hacking, Security Software | Add a Comment
Recent in Countermeasures:
- Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response
- PEiD – Detect PE Packers, Cryptors & Compilers
- NAXSI – Open-Source WAF For Nginx

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,031 views
- Password Hasher Firefox Extension - 117,718 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,707 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


SHA-1 Password Hashes Cracked Using Amazon EC2 GPU Cloud

Don't let your data go over to the Dark Side!


It’s not the first time someone has pulled this off, back in November 2009 we wrote about Using Cloud Computing To Crack Passwords – Amazon’s EC2.

Add that with a story way back from 2007 – Graphics Cards – The Next Big Thing for Password Cracking? – and you’ve got yourself an interesting combo with the new offering from Amazon, distributed GPU-based resources.

Put those two stories together in true hacker style and you end up with a guy who used GPU instances on the Amazon EC2 platform to crack SHA-1 password hashes.

A German security enthusiast has used rented computing resources to crack a secure hashing algorithm (SHA-1) password.

Thomas Roth used a GPU-based rentable computer resource to run a brute force attack to crack SHA1 hashes. Encryption experts warned for at least five years SHA-1 could no longer be considered secure so what’s noteworthy about Roth’s project is not what he did or the approach he used, which was essentially based on trying every possible combination until he found a hit, but the technology he used.

What used to be the stuff of distributed computing projects with worldwide participants that took many months to bear fruit can now be done by a lone individuals in minutes and using rentable resources that cost the same price as a morning coffee to carry out the trick. Roth’s proof-of-concept exercise cost just $2. This was the amount needed to hire a bank of powerful graphics processing units to carry out the required number-crunching using the Cuda-Multiforcer.

SHA-1 was of course cracked way back in 2005, and widely reported on in 2007 – and whilst being phased out it is still used in many applications.

But then this attack isn’t really using any flaws in the algorithm – it’s just straight up hash cracking it.

The tool he used was CUDA-Multiforcer – GPU Powered High Performance Multihash Brute Forcer.


SHA-1, although it is in the process of being phased out, still forms a component of various widely-used security applications, including Secure Sockets Layer, Transport Layer Security and S/MIME protocols. Roth claims to have cracked all the hashes from a 160-bit SHA-1 hash with a password of between 1 and 6 characters in around 49 minutes. The process would create a rainbow table, allowing short and therefore automatically insecure passwords to be matched to their hash. It wouldn’t work for longer length passwords. Even so, the bigger point that rentable computing resources might be used for password hacking still stands.

Security watchers warn that the development opens up the possibility of cybercrooks using pay-as-you-go cloud computing-based parallel processing environment for their own nefarious purposes.

Chris Burchett, CTO and co-founder of the data security firm Credant, said: “It’s easy to start up a 100-node cracking cluster with just a few clicks, but if you extend the parallel processing environment by just a few factors, it becomes possible to crack passwords of most types in a relatively short timeframe.”

Cybercriminals might use stolen payment card credentials to fund their cloud cracking escapades “which means they will not be bothered about the cost involved,” he added.

Around 12 months ago, another white-hat hacker, Moxie Marlinspike, created an online Wi-Fi password-cracking service called WPAcracker.com. The $17-a-time service is able to crack a Wi-Fi password in around 20 minutes, compared to the 120 hours a dual-core PC might take to carry out the same job.

Although there’s nothing really new here, it’s still an interesting implementation of some already known techniques. As cloud/distributed computing becomes even cheaper, I’d guess we’ll be seeing more similar attacks in the future.

The original post (which precise details on how to set everything up) can be found on the blog of Thomas Roth here:

Cracking Passwords In The Cloud: Amazon’s New EC2 GPU Instances

Source: The Register


Posted in: Password Cracking, Programming

Tags: , , , , , , , , , ,

Posted in: Password Cracking, Programming | Add a Comment
Recent in Password Cracking:
- RWMC – Retrieve Windows Credentials With PowerShell
- 123456 Still The Most Common Password For 2015
- LaZagne – Password Recovery Tool For Windows & Linux

Related Posts:

Most Read in Password Cracking:
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,401,237 views
- Password Cracking Wordlists and Tools for Brute Forcing - 569,780 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 432,618 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


CUDA-Multiforcer – GPU Powered High Performance Multihash Brute Forcer

Don't let your data go over to the Dark Side!


The Cryptohaze Multiforcer is a high performance multihash brute forcer with support for per-position character sets, and very good performance scaling when dealing with large hash lists. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on a GTX260/216SP@1.24ghz card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate – not the search rate. The search rate is 380M * 1.4M passwords per second!

Platforms

The Cryptohaze Multiforcer supports Windows, Linux, and Mac OS X. An nVidia GPU with CUDA support (8000 series, 9000 series, GTX200 series, GTX400 series) is required for this to function. Additionally, a reasonably modern driver with CUDA support will be required. However, to see good rates, a fairly powerful GPU is required. GTX200 series cards are the lowest recommended cards.

Usage


The Multiforcer takes two files as inputs: the hash file, and the character set file. The hash file is very simple: One hash per line as follows:

Hash input file

The character set file is slightly more complex. For a single character set (the same character set applied to all positions), the character set file is very simple: Just the character set in a file, followed by a newline:

Single charset file (-c parameter)

You can download CUDA-Multiforcer here:

MacOS (Intel Only) – CUDA-Multiforcer-Mac-0.72.tar.bz2
Windows (64-Bit Only) – CUDA-Multiforcer-Windows-0.72.zip
Linux – (32 & 64-Bit) – CUDA-Multiforcer-Linux-0.72.tar.bz2

Or read more here.


Posted in: Hacking Tools, Password Cracking

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Password Cracking | Add a Comment
Recent in Hacking Tools:
- SubBrute – Subdomain Brute-forcing Tool
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,432 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,401,237 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 676,011 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


European Banks Seeing New Wave Of ATM Skimming

Don't let your data go over to the Dark Side!


ATM hacking and skimming were often in the news a few years back, but since the banks ramped up the security on ATM machines – including anti-skimming devices – ATM fraud activities seemed to drop off. Remember the Pro ATM Hacker ‘Chao’ Gives Out ATM Hacking Tips and a bunch of people getting busted not long after that.

Well it seems ATM skimming has resurfaced with the clever criminals finally gaining the ability to remove the anti-skimming devices and modify them to their own nefarious ends.

Banks in Europe are seeing innovative skimming attacks against ATMs, where fraudsters rig special devices to the cash machines to record payment card details.

Many banks have fitted ATMs with devices that are designed to thwart criminals from attaching skimmers to the machines. But it now appears in some areas that those devices are being successfully removed and then modified for skimming, according to the latest report from the European ATM Security Team (EAST), which collects data on ATM fraud throughout Europe.

Skimming devices are designed to record the account details from the magnetic stripe on the back of a payment card. The data can then be encoded onto a dummy card. A person’s PIN (personal identification number) is often captured with a micro-camera, which was done with the illicitly modified anti-skimming devices, according to the report.

Banks in five countries also reported seeing a new type of skimming device, which uses a modified MP3 player to record card details. It also has a micro-camera to record PINs, according to a photo seen by IDG News Service

The advantage of ATM skimming rather than just plain old hacking the data online is that with the placement of a small camera you can also record the PIN number associated with each card – so after cloning it you can actually use it to withdraw money from the ATM.

It seems like the new skimming devices are much more high tech and also use off the shelf components, such as an MP3 player.


EAST doesn’t reveal which banks noticed the fraud or the country in which it occurred. EAST only notes whether the attack occurred in a country that is a “major deployer” of ATMs — where there are more than 40,000 machines in the country. Those countries include France, Germany, Spain, Russia and the U.K.

Installing malicious software on an ATM is a more sophisticated way to execute fraud. One country of the five major deployers saw this style of attack, which was first seen in Eastern Europe in 2007.

ATMs often run operating systems such as Microsoft’s Windows CE and are vulnerable to attacks executed remotely and by people who break into the machines to install malware. Both kinds of attacks were demonstrated by security researcher Barnaby Jack at the Black Hat conference in Las Vegas in July.

European banks haven’t seen a new kind of attack called “shimming.” This attack involved inserting an extremely thin plastic circuit board into a point-of-sale device or ATM. It then can record data either on the card itself or transmit the data using a wireless transmitter. Due to the design of ATM machines in Europe, “we don’t think shimming is an ATM threat,” said Lachlan Gunn, EAST’s coordinator.

They haven’t really released any details such as which banks were effected or even which countries the skimming attacks took place in. There has actually been a record number of skimming attempts this year but the losses have dropped.

I’d guess that would be due to the new security-measures built into the EMV (Europay, Mastercard, Visa) ATM cards which have a chip built in that EMV compliant ATM machines can scan and verify.

Source: Network World


Posted in: Legal Issues, Privacy, Spammers & Scammers

Tags: , , , , , , , , , , , , , ,

Posted in: Legal Issues, Privacy, Spammers & Scammers | Add a Comment
Recent in Legal Issues:
- FBI Backed Off Apple In iPhone Cracking Case
- TalkTalk Hack – Breach WAS Serious & Disclosed Bank Details
- More Drama About Hillary Clinton’s E-mail Leak – VNC & RDP Open

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,692 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,594 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,600 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Crunch – Password Cracking Wordlist Generator

Cybertroopers storming your ship?


Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations.

Some other options are:

Of course John the Ripper (JTR) has some built in options for creating permutations from Wordlists.


Features

  • Crunch generates wordlists in both combination and permutation ways
  • It can breakup output by number of lines or file size
  • Now has resume support
  • Pattern now supports number and symbols
  • Pattern now supports upper and lower case characters separately
  • Adds a status report when generating multiple files

You can download Crunch here:

crunch2.6.tgz

Or read more here.


Posted in: Hacking Tools, Password Cracking

Tags: , , , , , , , ,

Posted in: Hacking Tools, Password Cracking | Add a Comment
Recent in Hacking Tools:
- SubBrute – Subdomain Brute-forcing Tool
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,432 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,401,237 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 676,011 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


TDL AKA Alureon Rootkit Now Infecting 64-Bit Windows 7 Platform

Cybertroopers storming your ship?


As we’ve come to expect, the malware guys are always at the leading edge of technological development. Now there are rootkits infecting 64-Bit versions of Windows, which have been thought of as fairly safe by most parties.

The rootkit in questions is a fairly well known variant (TDL/Alureon) and has been around for several years, but according to Prevx it’s been hitting on x64 installs of Windows 7 since August this year.

It’s usually an oldskool method to circumvent the Windows security measures, the MBR (Master Boot Record) – haven’t seen anyway malware using that for quite some time.

A notorious rootkit that for years has ravaged 32-bit versions of Windows has begun claiming 64-bit versions of the Microsoft operating system as well.

The ability of TDL, aka Alureon, to infect 64-bit versions of Windows 7 is something of a coup for its creators, because Microsoft endowed the OS with enhanced security safeguards that were intended to block such attacks. The rootkit crossed into the 64-bit realm sometime in August, according to security firm Prevx.

According to research published on Monday by GFI Software, the latest TDL4 installation penetrates 64-bit versions of Windows by bypassing the OS’s kernel mode code signing policy, which is designed to allow drivers to be installed only when they have been digitally signed by a trusted source. The rootkit achieves this feat by attaching itself to the master boot record in a hard drive’s bowels and changing the machine’s boot options.

Microsoft has pumped some pretty advanced protection mechanisms into the latest member of the Windows family, but still you just know it’s only a matter of time before the bad guys find some way to get around it.

This is an advanced piece of malware though as there are multiple layers of protection in Windows 7 and TDL4 bypasses them all, it even blocks access to debuggers and is undetectable by most AV software.

Whichever way you look at it, that’s some neat coding.


“The boot option is changed in memory from the code executed by infected MBR,” GFI Technical Fellow Chandra Prakash wrote. “The boot option configures value of a config setting named ‘LoadIntegrityCheckPolicy’ that determines the level of validation on boot programs. The rootkit changes this config setting value to a low level of validation that effectively allows loading of an unsigned malicious rootkit dl file.”

According to researchers at Prevx, TDL is the most advanced rootkit ever seen in the wild. It is used as a backdoor to install and update keyloggers and other types of malware on infected machines. Once installed it is undetectable by most antimalware programs. In keeping with TDL’s high degree of sophistication, the rootkit uses low-level instructions to disable debuggers, making it hard for white hat hackers to do reconnaissance.

One of the advanced protections Microsoft added to 64-bit versions of Windows was kernel mode code signing policy. Microsoft also added a feature known as PatchGuard, which blocks kernel mode drivers from altering sensitive parts of the Windows kernel. TDL manages to circumvent this protection as well, by altering a machine’s MBR so that it can intercept Windows startup routines.

Prevx came out with this research, you can read more about their findings here:

x64 TDL3 rootkit – follow up

There is also an in-depth technical analysis from Microsoft researcher Joe Johnson check here [PDF].

Source: The Register


Posted in: Malware, Windows Hacking

Tags: , , , , , , , , , , , , , , ,

Posted in: Malware, Windows Hacking | Add a Comment
Recent in Malware:
- PEiD – Detect PE Packers, Cryptors & Compilers
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan
- Veil Framework – Antivirus Evasion Framework

Related Posts:

Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,475 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,594 views
- US considers banning DRM rootkits – Sony BMG - 44,979 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Katana v2 (y0jimb0) – Portable Multi-Boot Security Suite

Cybertroopers storming your ship?


Katana is a portable multi-boot security suite which brings together many of today’s best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Able, and many more.

New in V2

This version has a bunch of new stuff all around. One major addition to the project is Forge. This tool facilitates a simple point-and-click installation for adding even more distributions to Katana Bootable. This new version also adds the Computer Aided Investigative Environment (CAINE) for a live forensics environment and Kon-Boot for bypassing password. Much effort was placed on the installation of additional applications to the Katana Tool Kit. These new applications include Metasploit, NMAP, Cain & Able, John the Ripper, Cygwin, and more.


Bootable

A full list of the tools available is here.

You can download Katana v2 here:

Torrent – katana-v2.0.torrent
Direct – katana-v2.0.rar

Or read more here.


Posted in: Forensics, Hacking Tools, Linux Hacking, Network Hacking

Tags: , , , , , , , , , ,

Posted in: Forensics, Hacking Tools, Linux Hacking, Network Hacking | Add a Comment
Recent in Forensics:
- Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response
- FastIR Collector – Windows Incident Response Tool
- Rekall – Memory Forensic Framework

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,372 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 34,104 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 28,217 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


PGP Users Locked Out With Latest OS X Update

Cybertroopers storming your ship?


For the past day or so I’ve been seeing endless people tweeting about how the latest Mac OS X update b0rks your Mac if you are using PGP full disc encryption. It’s a pretty nasty bug, but thankfully it can be recovered from fairly easily.

If you are just looking for a quick solution, you can:

a) Not apply the update (as recommended by PGP)
b) Decypt your volumes, apply the update, then re-encrypt

Users of PGP’s Whole Disk Encryption for Macs got a nasty surprise when they upgraded to the latest OS X update once they discovered their systems were no longer able to reboot.

It seems that Apple and the Symantec-owned PGP suffered a near-fatal failure to communicate that 10.6.5 ships with a new EFI booter that was incompatible with the encryption software’s boot guard. As a result, the update rendered Macs using WDE as little more than expensive paperweights.

“PGP you DO HAVE A FREAKING DEVELOPERS LICENCE FOR APPLE RIGHT???” one outraged user vented here. “YOU CANNOT TEST SYSTEM RELEASES IN ADVANCE???”

It’s caused a massive backlash from the user-base with people hurling insults left, right and center. For the non-tech savvy user it’s pretty worrying when their system can’t even boot up and in most cases they probably have absolutely no idea what to do.

It seems like a lack of communication between PGP devs and Apple with regards to the new boot loader.


Test versions of the update have been available to developers for a while now, but it’s not clear if they included the new EFI booter. If not, the fault could lie with Apple. The world will probably never know.

Fortunately, a fix was provided Thursday morning that’s relatively painless. It involves booting off the PGP recovery CD and then logging in to OS X. An automatic self-repair process that’s part of the Mac bootup sequence will straighten out things from there. A variation on that theme is to put the bricked machine in target mode and boot from another Mac running PGP.

WDE users who have yet to install the update may safely do so by decrypting their systems before running the update, PGP said.

A fix was provided yesterday morning by PGP, the details are here:

Mac PGP WDE customers should not apply the recent Mac OS X 10.6.5 update

Source: The Register


Posted in: Apple, Cryptography

Tags: , , , , , , , , ,

Posted in: Apple, Cryptography | Add a Comment
Recent in Apple:
- FBI Backed Off Apple In iPhone Cracking Case
- Mac OS X Ransomware KeRanger Is Linux Encoder Trojan
- XcodeGhost iOS Trojan Infected Over 4000 Apps

Related Posts:

Most Read in Apple:
- KisMAC – Free WiFi Stumbler/Scanner for Mac OS X - 82,939 views
- Apple Struggling With Security & Malware - 24,120 views
- Java Based Cross Platform Malware Trojan (Mac/Linux/Windows) - 15,879 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


ddosim v0.2 – Application Layer DDOS Simulator

Don't let your data go over to the Dark Side!


DDOSIM simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, DDOSIM starts the conversation with the listening application (e.g. HTTP server). Can be used only in a laboratory environment to test the capacity of the target server to handle application specific DDOS attacks.

Features

  • HTTP DDoS with valid requests
  • HTTP DDoS with invalid requests (similar to a DC++ attack)
  • SMTP DDoS
  • TCP connection flood on random port

Some more information and documentation is available here:

Application Layer DDoS Simulator

You can download ddosim v0.2 here:

ddosim-0.2.tar.gz

Or read more here.


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- SubBrute – Subdomain Brute-forcing Tool
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,432 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,401,237 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 676,011 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95