Archive | 2007

Worm Spreading Fast on Google’s Orkut Social Network

Outsmart Malicious Hackers


A new worm has hit Google’s Orkut and it seems to be hitting it pretty hard, it’s infected via the scrapbook feature and is adding hundreds of thousands of users, similar to the Myspace worm (Samy) that hit in October 2005.

It seems to be fairly unmalicious, more of a ‘look at me – see what I can do’ kind of thing. It’s certainly interested to see that social networking sites are beginning to be the focus of hackers, even if it’s not for money or stealing info..But more of a playground to test their skills.

A fast moving worm is squirming though Google’s Orkut social network, adding hundreds of thousands of users to an Orkut community created by a Brazilian hacker.

The worm, which first appeared on Dec. 19, has been spreading through Orkut’s Scrapbook system at a rapid pace, infecting more than 650,000 users in the space of a few hours.

According to an alert from anti-virus specialist Trend Micro, infection starts when an Orkut user is sent an e-mail telling them that they have a new Scrapbook entry.

I guess you can avoid it by not reading any scraps, or using something like NoScript – which would remove the danger of the JavaScript. But again it comes back to the same old thing, how many average users would even know what NoScript is?

Logging into Orkut, the victim is greeted with Portuguese-language text that reads: “2008 vem ai… que ele comece mto bem para vc.” This translates to “2008 is coming…I wish that it begins quite well for you”.

No interaction is necessary. Simply looking at the scrap starts the infection sequence,” says Trend Micro researcher Robert McArdle.

Once the scrap is viewed, it deletes itself and the victim is automatically added to the “Infectados pelo Vírus do Orkut” community.

Once a user becomes infected, the infected account downloads and executes an embedded Javascript that sends a copy of the original Scrapbook post to all the victim’s contacts.

But yes indeed, it shows the danger of allowing rich user content sanitizing it properly. Haven’t they learned their lessons from what happened at MySpace?

Source: eWeek

Learn about Malware



Posted in: Malware, Web Hacking

Topic: Malware, Web Hacking

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


Inguma 0.0.6 Released for Download – Free Pen-testing Framework

Outsmart Malicious Hackers


Quite a few people seem to be interested in this tool, so here is the latest revision – Inguma 0.0.6.

For those that don’t know, Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Inguma Penetration Testing Toolkit

In this new version various things have been added like new modules and improvements in the existing ones. For example the Oracle modules. The Oracle payloads now uses the Cursor Injection method when possible so CREATE PROCEDURE system privilege is not needed to become DBA.

The support for InlineEgg, added in version 0.0.5.1, have been removed and a new completely free library have been added (PyShellCodeLib).

The static analysis framework OpenDis have been enhanced and now you can use the API exposed by OpenDis to write your own binary static analysis tools. As an example of the API, a tool to make binary diffs have been added. Take a look to the file $INGUMA_DIR/dis/asmdiff.py and to the README stored in the same directory.

New 5 exploits for Oracle Databases have been added and the module “sidguess” have been enhanced to retrieve the SID of the database instance from the Enterprise Manager/Database Control banner when possible.

The new modules added to the discover, gather and brute sections are the following:

  • brutehttp: A brute forcer for HTTP servers.
  • extip : A tool to known your external IP address. Very useful to check anonymous proxies.
  • nmbstat : A tool to gather NetBIOS information.
  • ipscan : A tool to make IP protocol scans. The tool check what IP protocols are enabled in the target.
  • arppoison: A tool to poison target’s ARP cache

You can download Inguma 0.0.6 here:

Inguma 0.0.6

Or read more here.

Learn about Exploits/Vulnerabilities



Posted in: Exploits/Vulnerabilities, Hacking Tools, Password Cracking

Topic: Exploits/Vulnerabilities, Hacking Tools, Password Cracking

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


Pcapy – Python Interface to LibPcap

Outsmart Malicious Hackers


Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

Advantages of Pcapy

  • Works with Python threads.
  • Functions in both UNIX with libpcap and Windows with WinPcap.
  • Provides a simpler Object Oriented API.

Requirements

  • A Python interpreter. Versions 2.1.3 and higher.
  • A C++ compiler. GCC G++ 2.95, as well as Microsoft Visual Studio 6.0 or MSVC 2003 depending on the Python version.
  • A Libpcap 0.9.3 or newer. Windows users should have installed WinPcap 4.0 or newer.

Download Pcapy here:

Source code

Latest stable release (0.10.5) – gzip’d tarball or zip file

Win32 binaries – Pick the appropriate Python or WinPcap version.

Latest release (0.10.5) – Windows installer – Python 2.5 and WinPcap 4.0.
0.10.4 – Windows installer – Python 2.4 and WinPcap 3.1.

Or read more here and the documentation is here.

Learn about Networking Hacking



Posted in: Networking Hacking, Secure Coding

Topic: Networking Hacking, Secure Coding

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


DNS Poisoning Getting Serious – Phishing from Open Recursive DNS Servers

Outsmart Malicious Hackers


A new generation of phishing attacks is being studied jointly by Google and Georgia Institute of Technology, it seems the bad guys are getting some smarter ideas.

They are using Open Recursive DNS servers to poison DNS queries and return false information, thus luring consumers to even more realistic phishing domains.

Researchers at Google and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims go on the Internet.

The study, set to be published in February, takes a close look at “open recursive” DNS servers, which are used to tell computers how to find each other on the Internet by translating domain names like google.com into numerical Internet Protocol addresses. Criminals are using these servers in combination with new attack techniques to develop a new generation of phishing attacks.

The scary thing about this is, you could end up at Paypal.com or HSBC.com and the site could look exactly the same, but you could actually be connected to some Russian phishers web site…and you wouldn’t even know.

Unless of course you check the SSL certificate whilst using the https version, but come on – how many average Joes would do that?

The Georgia Tech and Google researchers estimate that as many as 0.4 percent, or 68,000, open-recursive DNS servers are behaving maliciously, returning false answers to DNS queries. They also estimate that another two percent of them provide questionable results. Collectively, these servers are beginning to form a “second secret authority” for DNS that is undermining the trustworthiness of the Internet, the researchers warned.

“This is a crime with few witnesses,” said David Dagon, a researcher at Georgia Tech who co-authored the paper. “These hosts are like carnival barkers. No matter what you ask them, they’ll happily direct you to the red light store, or to a Web server that does nothing more than spray your eyeballs with ads.”

Oh well, another scam to look out for and another threat to monitor. Something else for us to educate the masses about, and some more ammo for us to scare people with.

It’s not all bad – is it?

Source: PC World

Learn about Networking Hacking



Posted in: Networking Hacking, Phishing

Topic: Networking Hacking, Phishing

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


Nmap Port Scanner 4.50 Released for Download

Outsmart Malicious Hackers


At last a new major release of Nmap!

If for some odd reason you don’t already know what Nmap is, it is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

The changelog shows 320 changes since 4.00 with a lot of great stuff in this release! It has a brand new GUI and results viewer (Zenmap), a scripting engine allowing you to write your own scripts for high-performance network discovery (or use one of the 40 scripts shipped with it), the 2nd generation OS detection system (now with more than a thousand fingerprints), nearly 1,500 more version detection signatures, and a lot more!

Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scan results can be compared with one another to see how they differ. The results of recent scans are stored in a searchable database.

Zenmap for Nmap

More on Zenmap here:

Zenmap – the Nmap GUI

You can download the new Nmap here:

Nmap 4.50

Or read more here.

Learn about Hacking Tools



Posted in: Hacking Tools, Networking Hacking, Security Software

Topic: Hacking Tools, Networking Hacking, Security Software

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


Microsoft Plugs 11 Serious Flaws in December Update

Outsmart Malicious Hackers


Seen as though we’ve been having a good bash on Microsoft recently, here’s some more relevant news. The December update from Microsoft has delivered patches for 11 series flaws spanning both IE6 & IE7 and all their currently supported operating systems (Windows 2000, Windows XP and Windows Vista).

So if you are running Windows, make sure you get your updates downloaded and installed before you’re away from your PC during this festive season.

Microsoft today released software updates to plug at least 11 security holes in PCs powered by its Windows operating systems and other software. Windows users can download the fixes either directly through the Microsoft Update Web site or via Automatic Updates.

December’s seven update bundles includes fixes for four separate security holes in Internet Explorer 6 and IE7, vulnerabilities that are considered critical for Windows 2000, Windows XP and Windows Vista users. Microsoft rates a flaw “critical” if it can be exploited to break into vulnerable systems with little or no help from the user, save perhaps for browsing a Web site or by clicking on a malicious link in an e-mail or instant message.

Seems like even though Internet Exploder Explorer is such a ‘stable’ and ‘mature’ product – it’s not immune to serious problems. I’m sorry but it’s a web-browser..how complicated can it be!

Microsoft also issued critical updates to fix at least two different problems with the way Windows handles the processing and display of various video and audio files. The first of those is a serious vulnerability in the “Windows media file format” — chiefly, files that end in “.asf” and “.wmv” — used principally by the Windows Media Player software bundled with the operating system. Another patch addresses a critical flaw in most versions of “DirectX,” a Windows component that handles the display of a variety of video file formats (files that end in “.wav” and “.avi” for example). Again, these are especially dangerous flaws because they can be exploited merely by getting users to view maliciously crafted video files via a Web browser or e-mail.

Of the seven patch bundles released today, only two did not affect Windows Vista systems, suggesting that the vulnerable components were carried over into Vista from older versions of the OS despite the multi-year secure coding review conducted for Vista. That said, two of the bundles were released to plug security holes that were found exclusively in Vista.

This news directly related to what we have been discussing recently, how previous Windows flaws carry over into the supposidly ‘all-new’ Windows Vista.

Only TWO of the problems did not effect Vista, which shows that the problems that effect an OLD (8 years old now) OS like Windows 2000 are still effecting Vista.

Source: Security Fix

Learn about Exploits/Vulnerabilities



Posted in: Exploits/Vulnerabilities, Windows Hacking

Topic: Exploits/Vulnerabilities, Windows Hacking

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.