Darknet - The Darkside

Don`t Learn to HACK - Hack to LEARN. That`s our motto and we stick to it, we are all about Ethical Hacking, Penetration Testing & Computer Security. We share and comment on interesting infosec related news, tools and more. Follow us on Twitter, Facebook or RSS for the latest updates.

11 September 2006 | 70,586 views

LCP – A Good FREE Alternative to L0phtcrack (LC5)

Cyber Raptors Hunting Your Data?

Since Symantec stopped development of L0phtcrack many people have been looking for alternatives.

So don’t forget..

Jack the Ripper is still king
Medusa is good
Ophcrack for Rainbow Tables

And now one more, introducting LCP, which we have talked about before in the article Password Cracking with Rainbowcrack and Rainbow Tables.

LCP is freeware!

The main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. General features of this product:

Accounts information import:

  • import from local computer;
  • import from remote computer;
  • import from SAM file;
  • import from .LC file;
  • import from .LCS file;
  • import from PwDump file;
  • import from Sniff file;

Passwords recovery:

  • dictionary attack;
  • hybrid of dictionary and brute force attacks;
  • brute force attack;

Brute force session distribution:

  • sessions distribution;
  • sessions combining;

Hashes computing:

  • LM and NT hashes computing by password;
  • LM and NT response computing by password and server challenge.

You can download LCP here.


10 September 2006 | 4,826 views

What Responsibility do Anti-Spyware Researchers Have?

Ethical debates are always interesting, and people have gotten in trouble lately for reverse engineering and various other branches of research.

This is a fairly old topic, but as I’m clearing out some old drafts, I still find it an interesting one.

There’s been an ongoing debate in security circles concerning how security researchers should disclose vulnerabilities for a long time, Darknet is of course in the Full Disclosure school of thinking. The common viewpoint is that the researchers should disclose the vulnerabilities to the company, giving them some time to fix the problem.

Typically, however, if nothing is done to fix the vulnerability, then researchers eventually will disclose it publicly. That’s where a lot of the conflict occurs, and there are even some questionable laws that might get you in trouble for publicly discussing a vulnerability. However, does this apply to spyware research as well?

The main question is, should the vulnerabilities ever be posted publically? I of course say yes, as if I’m using that software, I have the right to know there’s something wrong with it and take remedial measures, even if there’s no patch (that’s the beauty of open source, you can patch it yourself!).

There was a lot of conversation during the 180solution period about responsible disclosure and disclosing the affiliates used to install spyware, someone 180 always manage to spin it into a self-serving press release about how they triumphed over evil.

Ah ethics, always an interesting topic.

The whole thing became a virtual war between a high profile security researcher and the spammy 180solution folks.

The sniping between a controversial adware company and a prominent anti-spyware researcher continued Thursday as 180solutions defended its practices and called critic Ben Edelman “irresponsible.”

Earlier this week, Bellevue, Wash.-based 180 solutions, which distributes software that delivers ads to users’ computers, blasted Edelman, a Harvard researcher, for improperly disclosing a hack into the company’s installation software. Last week, Edelman had posted an analysis of an illegal download of 180’s Zango software by an affiliate Web site of 180’s advertising network.

You can read more here.

07 September 2006 | 125,266 views

Hacking Still Can’t Outdo Stupidity for Data Leaks

Can you believe this the provincial government in British Columbia has managed to auction off a set of data tapes containing people’s social insurance numbers, dates of birth and medical records among other information.

The provincial government has auctioned off computer tapes containing thousands of highly sensitive records, including information about people’s medical conditions, their social insurance numbers and their dates of birth.

Sold for $300 along with various other pieces of equipment, the 41 high-capacity data tapes were auctioned in mid-2005 at a site in Surrey that routinely sells government surplus items to the public.

Included among the files were records showing certain people’s medical status — including whether they have a mental illness, HIV or a substance-abuse problem — details of applications for social assistance, and whether or not people are fit to work.

Stupidity knows no bounds really. Do people not understand SENSITIVE, or CONFIDENTIAL or PRIVATE?

In an interview Friday afternoon, Labour Minister Mike de Jong, whose ministry oversees the auction process, said he has ordered an immediate investigation to determine how the breach took place.

“It is completely unacceptable for information like this to be unsecured in the way this clearly is,” he said.

“People deserve to know [this] type of information . . . is secure and kept private,” he added, offering an apology. “I can think of no excuse for information of this sort finding its way into the public domain.”

Well yes I totally agree. And well..this is not the first time is it? And I’m damn sure it wont be the last.

Source: Canada.com

*Clearing out some old articles*

06 September 2006 | 1,237,414 views

Brutus Password Cracker – Download brutus-aet2.zip AET2

If you don’t know, Brutus is one of the fastest, most flexible remote password crackers you can get your hands on – it’s also free. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future. Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 downloads and over 175,000 visitors to this page. Development continues so new releases will be available in the near future.

Download brutus-aet2.zip

Brutus was written originally to help me check routers etc. for default and common passwords.


Brutus version AET2 is the current release and includes the following authentication types :

  • HTTP (Basic Authentication)
  • HTTP (HTML Form/CGI)
  • POP3
  • FTP
  • SMB
  • Telnet

Other types such as IMAP, NNTP, NetBus etc are freely downloadable from this site and simply imported into your copy of Brutus. You can create your own types or use other peoples.

The current release includes the following functionality :

  • Multi-stage authentication engine
  • 60 simultaneous target connections
  • No username, single username and multiple username modes
  • Password list, combo (user/password) list and configurable brute force modes
  • Highly customisable authentication sequences
  • Load and resume position
  • Import and Export custom authentication types as BAD files seamlessly
  • SOCKS proxy support for all authentication types
  • User and password list generation and manipulation functionality
  • HTML Form interpretation for HTML Form/CGI authentication types
  • Error handling and recovery capability inc. resume after crash/failure.

You can download brutus-aet2.zip here (the password is darknet123):

Brutus AET2

06 September 2006 | 5,879 views

Charity Computers May Fuel Malware Wars

Sometimes doing good can help bad things propagate, sometimes it’s good to consider the big picture and the repercussions of your charitable actions.

This is a case where such logic rings true.

Programs to send PCs to third world countries might inadvertently fuel the development of malware for hire scams, an anti-virus guru warns.

Eugene Kaspersky, head of anti-virus research at Kaspersky Labs, cautions that developing nations have become leading centres for virus development. Sending cheap PCs to countries with active virus writing cliques might therefore have unintended negative consequences, he suggests.

“A particular cause for concern is programs which advocate ‘cheap computers for poor third world countries’,” Kaspersky writes. “These further encourage criminal activity on the internet. Statistics on the number of malicious programs originating from specific countries confirm this: the world leader in virus writing is China, followed by Latin America, with Russia and Eastern European countries not far behind.”

It has to be considered I guess, but this shouldn’t be a reason to NOT give them computers, IMHO anyway.

But what about all the positive uses in education, for example, possible through the use of second-hand PCs in developing nations? We reckon these more than outweigh the possible misuse of some computers at the fringes of such programs.

We wanted to quiz Kaspersky more closely on his comments but he wasn’t available to speak to us at the time of going to press.

I say let’s do the best we can, and take the bad guys out as we go along.

Source: The Register

05 September 2006 | 32,394 views

The Top 10 PHP Security Vulnerabilities from OWASP

This is a useful article that has basically taken the OWASP Top 10 Vulnerabilities and remapped them to PHP with actual examples.

The Open Web Application Security Project released a helpful document that lists what they think are the top ten security vulnerabilities in web applications.

These vulnerabilities can, of course, exist in PHP applications. Here are some tips on how to avoid them. I’ve included related links and references where relevant.

You can download the detailed OWASP Top 10 Vulnerabilities here.

You can find PHP and the OWASP Top Ten Security Vulnerabilities here.

04 September 2006 | 310,052 views

Web Based E-mail (Hotmail Yahoo Gmail) Hack/Hacking with JavaScript

“pleez, pleez, PLEEZ teach me how to hack a Hotmail Account!!!”
-unidentified IRC user

From here on in you walk alone. Neither little_v OR Black Sun Research Facility AND its members will be responsible for what you do with the information presented here. Do not use this information to impress your “l33t0_b0rit0” friends. Do not operate in shower. Objects in article may be closer than they appear.

Note: If you see (x), where x is a number, it means that this term is defined at (x) at the bottom of this article.


The purpose of this article is NOT, I repeat, NOT to teach someone how to “hack an email account”. It’s true purpose is actually MUCH more devious. The purpose of this and all other articles in the “An Exploit Explained: ” series is to teach readers about various web technologies, and the basics of security and exploiting. I will try to give you a hands-on, learn as you go type of education in computer security. Sound good??? Then let’s get in to it!!


On Wednesday, Sept. 22 1999, yet another bleary day in the life of little v, the following message was sent to my inbox:

Ok, don’t puke, I’m going to explain what just happened in a fashion that even your dog can understand.

What is this all about?

This important part of this posting to the Bugtraq(1) (http://www.securityfocus.com) mailing list is the actual exploit(2).
The exploit would be:

first message in your Inbox is from :

What does it do?

As this exploit, when put into an email message sent to a hotmail user, opens a little box using the “alert()”(3) function in javascript(4), and is also supposed to read who the first message in your inbox is from. However, this code does not work on its own. You see, the email also says that you need to use the ASCII(5) code for “C” in the message. If I get out my handy HTML reference book, I can see that the ASCII code is C. If we substitute this into our little exploit, minus the “read who the first message in your inbox” part, we get this:

How does it work?

Finding out how an exploit works is always the part that makes people a bit spindizzy. If we look at that gibberish we call code one more time we can see that it uses an tag, which all you who took my HTML tutorial would know is to display an image onto the page. Because hotmail tries to be the “top dog” webmail provider, they allow you to set autoloading of images, so the image just shows up on the same page as the mail. When you open a new hotmail account, this option is already set (hurray!). The conflict happens because your normal browser allows you to put javascript tags into your IMG tags. Because JavaScript is a strong little language, and allows just about full control over someone’s browser, if the conditions are right. Naturally, people like you and me started exploiting hotmail’s allowing of javascript. Soon, the

Subscribe via e-mail for updates!


Users Online 

Twitter Updates