Site Stats | Darknet – The Darkside

Comments Posted By Bogwitch

Displaying 1 To 30 Of 170 Comments

I’ve got to agree with Morgan on this one. By far the easiest way to get behind a firewall is to abuse the wetware – the human – behind it. Either by redirecting to a malicious site or emailing a custom trojan.

There is always the possibility to find a o-day in the firewall, where a malformed packet causes the firewall to barf and fall over in an open state, but that’s pretty unlikely, the leaks are usually from within.

Also, there is the risk of information leaking from your system via other channels, assuming it’s worth an attackers effort – Google ‘tempest’

» Posted By Bogwitch On August 11, 2009 @ 11:40 am

Hospital Hacker GhostExodus Owns Himself – Arrested

@Das Licht

I understand fully what I am talking about. The issue I have is with your statement that he ‘intended no harm’ – I now take issue with your statement ‘Nothing he did could have possibly caused harm’

He intended harm. He intended to mess around with the air conditioning of a hospital. Messing around with control systems such as these would have a negative impact such as operations being cancelled which could have the consequence of loss of life.
If he never intended to go ahead with the stunt, he has still changed the operating platform by installing his software which could have unknown, unforseen consequences (trusted computing, anyone?) again, giving the possibility of threatening life.

My points are these. He was in a position of trust which he betrayed. He has not displayed any superior penetration skills, he had physical access to the box. If he intended no harm, he’s a moron as there could be consequences to his actions. If he was committed to carrying out his actions, he could potentially be threatening life directly, therefore he’s at best, a moron.

As for the personal insults, water off a ducks back.

» Posted By Bogwitch On August 3, 2009 @ 9:11 am

Oh, it’s h4cktivism, is it? I thought it was a skiddie posturing and attempting to gain kudos within, what appears on the surface, to be a lame circle of zomg 7331 hax0rz.

What exactly was the cause he was trying to publicise apart from his own ego?

» Posted By Bogwitch On July 21, 2009 @ 11:46 am

@Das Licht

Thanks, 10 minutes of my life I won’t get back.

So, two kiddies on YouTube say ‘He’s a nice guy’ is evidence enough that he meant no harm? If he actually did intend no harm, he should be locked up for stupidity.

Get yourself back to /b/ – You’ll be much more at home there.

» Posted By Bogwitch On July 16, 2009 @ 9:44 am

@das licht
I’m sorry that you feel that way. The fact is, he had authorised, physical access to a box and managed to install some malware onto it. This does not make him a particularly good hacker. He did it to seek noteriety within the community to which he felt he belongs.

I suspect that most people who you have slated on this blog could install a RAT given unhindered physical access to a box, it’s not difficult.

The bottom line is, he was in a position of trust which he broke.

As for not putting life at risk, I would also have do disagree. Whether he went through with the proposed DoS on not, he had introduced some code onto the systems that had not gone through the same (hopefully rigorous) testing that other software components would have gone through. This software could have introduced other vulnerabilities or conflicts that he was not aware of. If the operating theatre was closed down due to a failure of the HVAC, lives could have been put at risk.

Finally, please provide evidence to back up your *guarantee* that we don’t know what we’re talking about.

» Posted By Bogwitch On July 14, 2009 @ 10:30 am

IT Managers Under-Estimate Impact Of Data Loss

I am also very suprised by that figure. I wonder if they are talking about data loss in terms of availability or confidentiality?

From the article, it would appear that availability was the issue. I have seen many, many businesses during my time in InfoSec, I can name only one that had a good handle on backups, what was required, storage, testing, etc. Not down to good management but due to a single techie who knew his stuff. If that company were to lose him, they would be in the same boat as everyone else.

So many times I have seen a backup try to grab the whole WINNT directory yet fail to capture all the user areas.
More of a problem is a lack of user education, meaning users storing their work on local drives, desktops, My Documents etc, and the backups running across the servers every night, backing up the same stuff they’ve been backing up since they were started.

Darknet, it’s good to hear you are making regular backups now, has it always been the case?

» Posted By Bogwitch On June 22, 2009 @ 1:51 pm

WEPBuster – Wireless Security Assessment Tool – WEP Cracking

Eddy,

Refer to my previous comment to Ammar.

» Posted By Bogwitch On July 28, 2009 @ 9:52 am

Ammar,

As with any of the tools mentioned on this site, if you can’t find/download/run them, you shouldn’t.
Why shouldn’t you? There are several reasons:
1. You’re too stupid.
2. You’re likely to get arrested.
3. You’ll probably trash your OS.
4. You won’t be able to interpret the results.

» Posted By Bogwitch On June 6, 2009 @ 2:01 pm

Hackers Exploiting Unpatched DirectX Bug With Quicktime

Bought my wife a nice new Vaio yesterday, first thing I did was to rip Vista off it.
I’d like to say I installed Linux for her but alas, it is now WindowsXP.

I am a little suprised that M$ did not issue the patch for previous versions. I’m sure thay would want more users switching to Vista but any M$ insecurity reflects poorly on them and provides that anti-M$ brigade with more ammunition.
That said, I’m more suprised that M$ are actually putting much effort into Vista, I’m sure they have realised that it is just another WindowsME and should be focussing on getting Windows7 right.

» Posted By Bogwitch On June 2, 2009 @ 9:18 am

Obama To Create Cyber Security Czar In White House

One ‘cyber security czar’ = A single point of failure.

» Posted By Bogwitch On May 28, 2009 @ 7:28 am

Google Poisoning Attack Gumblar Still Causing Problems

Anil,

Assuming you have no business with China, why not block Chinese IP addresses at your firewall? Better still, restrict FTP access to just those IP addresses that require it.

As the story suggests, it is weak FTP passwords that are the problem. Are your passwords strong enough or leaking out?

If you are having serious problems with security, you may find the problem is more widespread than you think and I would recommend employing a professional security consultant to assist you.

» Posted By Bogwitch On June 10, 2009 @ 9:42 am

WarVOX 1.0.1 Released – Telephony Analysis & War Dialing Suite

As with all forms of penetration testing, without the system owner’s permission would be illegal (in most contries)

If you try to run a war-dialler without permission from the target owner, expect to get v&

» Posted By Bogwitch On June 5, 2009 @ 3:07 pm

Hi Navin,

You’re right to say it’s not as relevant today as it may have been in the past however, there are still some legacy systems that are connected via modems, some ‘emergency access’ points, some network infrastructure and some SCADA stuff.
The ability to detect PBX, voicemail etc gives an additional avenue where social engineering can be exploited, too.

» Posted By Bogwitch On May 28, 2009 @ 11:52 am

Conficker Finally Awakes & Dumps Payload

Not a hater, just suggesting that if you are going to cast doubt on my suppositions, you should be prepared to back it up with a reasoned arguement rather that the diatribe you spouted.

» Posted By Bogwitch On April 14, 2009 @ 7:48 pm

@HyPnOtIcHaCkEr

Intelligent input darlin’ why don’t you just have another beer then?

» Posted By Bogwitch On April 14, 2009 @ 4:45 pm

@HyPnOtIcHaCkEr

On what do you base that?

» Posted By Bogwitch On April 14, 2009 @ 11:51 am

@Tom Allen,

I understand what you’re saying, but their motivation is not fame or noteriety, but cash. There is no profit in a DDOS of Google, unless a blackmail attempt on Google would be successful, which I doubt and the fake AV is charged at a high rate which should make the controllers a tidy sum, given the supposed number of infections.

» Posted By Bogwitch On April 14, 2009 @ 7:55 am

I wonder if the long Easter weekend has anything to do with the timing….

» Posted By Bogwitch On April 10, 2009 @ 5:14 pm

Interceptor – Wireless Wired Network Tap (Fon+)

Peter,

The Interceptor code is used to run on a fon+ device connected to the target network. You would need to use a second device to collect the log information, probably a PC using wireshark.

If you are having a hard time interpreting the output of wireshark, I would suggest (and I’m trying not to be patronising here) that you need to learn more, you did say you were a novice! The output from wireshark is among he easiest to follow, filter and process. When I was learning about packet capture and analysis – pre-wireshark days, I started by generating known traffic, ftp, telnet, smtp, pop etc.

HTH

» Posted By Bogwitch On April 23, 2009 @ 5:09 pm

BBC Unleashes Botnet For ‘Investigation’

After reading more in-depth, it does appear that the BBC is in breach of the Computer Misuse Act insofar as they installed a wallpaper. The accusation that the BBC is more responsible than security researchers carries little weight with me – security researchers will try always attempt to keep within the law – something that the BBC decided not to.
I have been trying to find a sample of the wallpaper that the BBC distributed but I have not been successful thus far, if anyone has a source, please provide it!
As for the suggestion that the BBC explained to users that they were infected with a trojan, it is worth noting that the BBC intentionally picked non-UK/USA based computers for this demonstration, where the use of the English language will be less. They did nothing to prevent the computers from being re-infected via the same vectors.
The cynic in me thinks that they selected non-UK/USA computers to prevent posible litigation. It is noted that the Police in the UK will not act unless a complaint is made by a victim…

» Posted By Bogwitch On March 20, 2009 @ 1:32 pm

There is a possibility that this was an offence under Paragraph 3, subsection (1)(b), Subsection (2)(b) applies that ‘to impair the operation of any computer;’ of the Computer Misuse Act 1990

it can be argued that the actions taken by the BBC may have impaired the operation of computers by way of reduced bandwidth available or CPU cycles available.

That said, the act stipulates that there must be ‘an intent to cause a modification of the contents of any computer’

OK, where do you draw the line at modification? The action the BBC took would cause a modification to the volatile ram of the systems running, it is even possible that some code was swapped to the hard disk, although I doubt there would be an intention to cause the data to be swapped.

By the BBC lawyer definition, if I were to take over a botnet and use if for e.g. massively parallel hash cracking would I not be breaking the law?

» Posted By Bogwitch On March 17, 2009 @ 9:21 am

Koobface Worm Variant Hits Facebook

@Mafiya.

No experience of it myself, but as with any other trojan, the safest way would be a complete rebuild of the workstation, unless you keep computational hashes of all the executables on your customers drives for comparison to ensure they have not become infected. Or are you peddling fixes that cannot be verified?

» Posted By Bogwitch On March 3, 2009 @ 6:42 pm

Windows 7 UAC Vulnerable – User Mode Program Can Disable User Access Control

Darknet, please turn it back on!!!!

» Posted By Bogwitch On February 14, 2009 @ 11:54 am

Oh, for Pete’s sake, not logins. Captch’s are not that much nicer, imo. Darknet, if you’re going to use captcha, at least use re-captcha so I feel as though I’m doing something useful.

@Morgan, it is a pain, but ^a^c is not too hard a price to pay to keep the spam out of here, is it? It seems to be working….

» Posted By Bogwitch On February 6, 2009 @ 7:27 pm

Gary McKinnon Wins Right to Appeal Against Extradition

“Professor Simon Baron Cohen, the Cambridge University specialist in developmental psychopathology who initially diagnosed McKinnon, said on Tuesday that McKinnon suffered the risk of “psychiatric difficulties” including depression and anxiety should he be extradited and imprisoned.”

Do we need a Professor to tell us that? I think anyone extradited and imprisoned would suffer from “depression and anxiety”

Oh, and is that professor related to Borat?

» Posted By Bogwitch On January 27, 2009 @ 8:23 pm

Conficker (AKA Downadup or Kido) Infections Skyrocket To An Estimate 9 Million

There appears to be some discrepancies at to the true number of infected machines, with some reports citing 500,000 unique IP addresses infected.

I don’t think it matters too much whether it was reported privately or not; once the hotfix is released it will be diffed to see what was fixed from the previous version. From there it is not difficult to work out how to exploit the vulnerability.

I am not suprised that such a large number of machines are unpatched, given the WGA. Microsoft is damned if they do and damned if they don’t. If all Windows was patched, there would be little effect from this but that would mean Microsoft would have to accept that there are unlicensed copies out there. As it is, there is now more ammo for the ‘Microsoft is insecure’ brigade due to the fact that Microsoft won’t allow patches for rogue systems.
That said, I was talking to a guy whose organisation had been hit and their copies of Windows were licensed unfortunately, their patching policy was ‘ineffective’!

» Posted By Bogwitch On January 19, 2009 @ 8:00 pm

Next-Gen Botnets Taking The Place of Storm and Srizbi

The cat will catch this mouse eventually, but mice breed faster than cats and there’s a lot of them already…

» Posted By Bogwitch On January 19, 2009 @ 8:04 pm

The Associative Word List Generator (AWLG) – Create Related Wordlists for Password Cracking

Don’t hit submit until you’re finished.

Like I said, an automated tool is not a bad idea however, I tend to use a more manual approach and then feed them through Brutus to generate a munged wordlist with appends, prepends and substitutions. I have had limited success with this approach but better than a standard dictionary, munged wordlist.

» Posted By Bogwitch On January 14, 2009 @ 8:23 pm

Nice idea,
I’m not keen on the idea of it being online as Darknet says and how much do you trust any site that states “AWLG.org does not record any transmitted search strings or user information. AWLG.org does record statistical information such as total site usage, total number of words generated per search, etc.”

» Posted By Bogwitch On January 14, 2009 @ 8:19 pm

OWASP (Open Web Application Security Project) Testing Guide v3 Released

The security assessments I have performed indicates that website developers and application developers have never heard of OWASP. When pointed to OWASP the remarks are often “But that’s about security, not web design” – and I think the problem stems from there. Web designers are all-to-often graphic artists, and have cut their teeth in environments where the application software they need to run, runs with elevated privileges, they have access to large portions of systems to aid in publication of content and therefore believe they are above security or that it doesn’t apply to them.

» Posted By Bogwitch On January 12, 2009 @ 5:55 pm