Archive | June, 2008

Technitium FREE MAC Address Changer v5 Released


Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must have tool in every security professionals tool box. Technitium MAC Address Changer is coded in Visual Basic 6.0.

Features

  • Support for Windows Vista SP1 and Windows Server 2008 added.
  • Allows you to remove all registry entries corresponding to Network Adapter that is no longer physically installed on the system.
  • Allows you to configure Internet Explorer HTTP proxy settings through configuration presets or command line.
  • Issues with installer program resolved. (Thanks to all your feedbacks)
  • Identifies the preset applied to currently selected Network Interface Card (NIC) automatically making it easy to identify settings.
  • Most known issues with Windows Vista removed. (Thanks to all your feedbacks)
  • Changes MAC address of Network Interface Card (NIC) including Wireless LAN Cards, irrespective of its manufacturer or its drivers.
  • Has latest list of all known manufacturers (with corporate addresses) to choose from. You can also enter any MAC address and know which manufacturer it belongs to.
  • Allows you to select random MAC address from the list of manufacturers by just clicking a button.
  • Restarts your NIC automatically to apply MAC address changes instantaneously.
  • Allows you to create Configuration Presets, which saves all your NIC settings and makes it very simple to switch between many settings in just a click and hence saves lot of time.
  • Allows you to Import or Export Configuration Presets to or from another file, which saves lot of time spent in reconfiguration.
  • Allows you to load any Configuration Presets when TMAC starts by just double clicking on any Configuration Preset File. (*.cpf file extension)
  • Has command line interface which allows you to perform all the tasks from the command prompt or you can even create a DOS batch program to carry out regular tasks. (see help for command line parameter details)
  • Allows you to export a detailed text report for all the network connections.
  • Displays all information you would ever need to know about your NIC in one view like Device Name, Configuration ID, Hardware ID, Connection Status, Link Speed, DHCP details, TCP/IP details etc.

You can download Technitium v5 here:

Technitium-MAC-Address-Changer

Or read more here.

Posted in: Networking Hacking, Security Software

Topic: Networking Hacking, Security Software


Latest Posts:


RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.


Disgruntled IT Worker Gets Heavy Prison Sentence


It just goes to show, however smart you think you are…don’t bother trying to wreck someones data. In this case, even if the guy was pissed it was highly responsible as it involved medical records and could actually seriously effect someones life.

He was pretty careful but left a few clues behind, more than enough for the FBI to catch him (computer names, printers installed etc.).

An IT manager who sought revenge for an unfavorable job evaluation was sentenced to more than five years in federal prison after being convicted of intentionally triggering a massive data collapse on his former employer’s computer network.

Jon Paul Oson, 38, of Chula Vista, California, was sentenced to 63 months behind bars and ordered to pay more than $409,000 in restitution, according to federal prosecutors in San Diego. He was immediately taken into custody after the sentence was handed down on Monday. It is one of the stiffest penalties ever for a computer hacking offense.

It’s a pretty huge sentence for hacking – 63 months or just over 5 years! As mentioned it’s one of the stiffest sentences ever for a computer related crime.

It did cause some serious losses though with a staggered disruption of data, as he was familiar with the backup system he could disable it then wait until the cycle had finished…then once the data was gone it was gone.

On December 23, Oson logged onto servers belonging to his former employer and disabled the program that automatically backed up medical records for thousands of low-income patients. Six days later, he logged on again, and in the span of 43 minutes, methodically deleted the files containing patients’ appointment data, medical charts and other information.

The dollar cost of Oson’s rampage was pegged at $409,337.83 and accounted for expenses for technical investigations and moving to a paper-based system in the weeks following the attack. But the real toll came when doctors at North County Health Services no longer had medical records for thousands of low-income patients who sought medical care. North County Health Services contracted with Oson’s employer to store the records.

Pretty scary that one guy has this kind of power, it just shows it doesn’t pay to annoy the BOFH! Anyway what he did was wrong and he’s getting what he deserved, I mean he didn’t even get canned he just got a bad evaluation.

Any thoughts on this?

Source: The Register

Posted in: Hacking News, Legal Issues

Topic: Hacking News, Legal Issues


Latest Posts:


RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.


WikiScanner – Find Interesting Anonymous Edits on Wikipedia


Now this isn’t a new tool, and it’s not quite up to date as the author hasn’t updated it for a while – but it’s still exceedingly cool!

As you know most IP addresses are registered to companies or organizations in blocks, so you can identify which network an edit is coming from as Wikipedia logs the IP address when an anonymous edit is made.

WikiScanner (also known as Wikipedia Scanner) is a tool created by Virgil Griffith and released on August 14, 2007, which consists of a publicly searchable database that links millions of anonymous Wikipedia edits to the organizations where those edits apparently originated, by cross-referencing the edits with data on the owners of the associated block of IP addresses. WikiScanner does not work on edits made under a username. The Associated Press reported that Griffith wanted “to create minor public relations disasters for companies and organizations [he] dislike[s].”

Source: Wikipedia

You can check out your current company, your previous company, your college or university and anything else that tickles your fancy.

There are some very interesting edits, you can see some here:

http://wired.reddit.com/wikidgame/

You can try it out here:

Wikiscanner

Posted in: Hacking News, Privacy, Secure Coding

Topic: Hacking News, Privacy, Secure Coding


Latest Posts:


RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.


16 Year Old Indian Hacker Busted for eBay Scam


Looks like India has them moving into the hacking scene young, it’ll happen anywhere with decent network infrastructure and disparate levels of economy. Look at Eastern Europe and China as other examples, India though due to it’s outsourcing culture and plentiful legitimate jobs in the IT industry doesn’t seem to suffer so many problems with hacking.

I guess things might change though with the USD weakening and the World economy slowing down.

His face is cherubic and his mannerisms childish. But, when he talks to police officials, they find it hard to catch up with this whiz-kid. Ajay (16) is a perfect example of what parents should watch out for when they encourage their children to use computers. Being a teenager from a modest background, he wanted to achieve all the good things in life – right from the latest gadgets to a lavish lifestyle.

“His knowledge of the codes and payment gateways is as good as that of a professional hacker,” said a senior crime branch official who has been interrogating this teenager picked up from Mulund in Mumbai, involved in an online payment scam on eBay.

I don’t remember what exactly I was doing at 16 but I think it had something to do with BBS and was fairly advanced, it’s not a large leap of imagination for a 16 year-old to be doing these kind of things.

Paypal and eBay scams/fraud are pretty high on the list now as they are easy to pass off and you can just spend the money back online to buy the latest fashion items or gadgets which makes it very hard to trace.

Ajay was happy with the progress he was making in life and told the police he did not want to pursue college education as “it was useless for earning money”.

His life changed when he came in contact online with bigger hackers five months ago. He started visiting the forums meant for international hackers. One of the international sites with the tagline ‘We move the world to free’ attracted him. It was a gateway to a heaven where the CVV (customer verification value) numbers and personal details were available for a very cheap price.

The same website was being used by his Ahmedabad-based links for dealing on PayPal — a payment gateway — to purchase goods using someone else’s credit card number and bank account. Ajay used it wisely and never raised an alarm. He blames his ‘amateur’ associates of Ahmedabad for landing the whole gang in the police net.

It just shows, be very careful with your CVV number and be careful when using services like Paypal and eBay – sadly once again I think those reading here already are careful so it’s not the target audience for education.

Perhaps you can tell your friends and relatives they might be funding a 16 year olds haircut at Toni and Guy!

Source: Times of IndiaThanks to Navin.

Posted in: Legal Issues, Spammers & Scammers

Topic: Legal Issues, Spammers & Scammers


Latest Posts:


RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.


ArpON – ARP Handler Detect and Block ARP Poisoning/Spoofing


ArpON (Arp handler inspectiON) is a portable handler daemon with some nice tools to handle all ARP aspects. It has a lot of features and it makes ARP a bit safer. This is possible using two kinds of anti Arp Poisoning tecniques, the first is based on SARPI or “Static ARP Inspection”, the second on DARPI or “Dynamic ARP Inspection” approach.

Keep in mind other common tools fighting ARP poisoning usually limit their activity only to point out the problem instead of blocking it, ArpON does it using SARPI and DARPI policies.

Finally you can use ArpON to pentest some switched/hubbed LAN with/without DHCP protocol, in fact you can disable the daemon in order to use the tools to poison the ARP Cache.

However ArpON is also a good tool to a clever sysadmin aware of security related topics. It is a tool born to make ARP secure in order to avoid ARP Spoofing/Poisoning etc.

Static ARP Inspection

When SARPI starts, it saves statically all the ARP entries it finds in the ARP cache in a static cache called SARPI Cache. Note that you can also manage the ARP cache before starting SARPI, through the “ARP CACHE MANAGER” feature of ArpON.

Dynamic ARP Inspection

DARPI startup phase consists in cleaning up the ARP cache, deleting all of its entries. This is due because ARP cache may have poisoned entries from the beginning. DARPI handles the so called DARPI cache, applying different policies to different kinds of packets.

You can download ArpON here:

ArpON-1.10.tar.gz

Or read more here.

Posted in: Countermeasures, Networking Hacking

Topic: Countermeasures, Networking Hacking


Latest Posts:


RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.


May Commenter of the Month Competition Winner!


Competition time again!

As you know we started the Darknet Commenter of the Month Competition on June 1st 2007 and it’s been running since then! We have just finished the twelfth month of the competition in May and are now in the thirteenth, starting a few days ago on June 1st – Sponsored by GFI.

We’ve successfully been holding this contest for a year now!

We are offering some pretty cool prizes like iPods and PSPs (or similar), along with cool GFI merchandise like shirts, keyrings and mugs.

And now the winner will also get a copy of the Ethical Hacker Kit.

GFI Goodies

Keep up the great comments and high quality interaction, we really enjoy reading your discussions and feedback.

Just to remind you of the added perks, by being one of the top 5 commenter’s you also have your name and chosen link displayed on the sidebar of every page of Darknet, with a high PR5 (close to 6) on most pages (5000+ spidered by Google).

So announcing the winner for May…it’s Bogwitch! He’s been one of our best long terms commenter’s and has been with us since before the contest in the early days of Darknet.

I’m glad he won as his comments have been consistently of high quality and often entertaining too.

Comments for June have been quite low so far, so it might be an easy win for someone again this month :) I didn’t manage to grab the site on the day before the month turned…so I just spend a while coming up with an SQL query to grab the counts from the database for the month of May.

Commenter May

Jinesh Doshi was pretty close behind in second place. There were some good discussions in May and I hope to see them continue in June! I’d like to thank you all for your participation! I hope it keeps getting better as 2008 develops with more interesting news and tools. Keep up the excellent discussions, it’s very interesting reading especially on some of the more controversial topics.

Thanks to everyone else who commented and thanks for your links and mentions around the blogosphere!

Feel free to share Darknet with everyone you know :)

Keep commenting guys, and stand to win a prize for the month of June!

We are still waiting for pictures from backbone, Sandeep and TRDQ, dirty and dre, eM3rC, fever, Sir Henry and goodpeople of themselves with their prizes!

Winner for June 2007 was Daniel with 35 comments.
Winner for July 2007 was backbone with 46 comments.
Winner for August 2007 was TheRealDonQuixote with 53 comments.
Winner for September 2007 was Sandeep Nain with 32 comments.
Winner for October 2007 was dre with 19 comments.
Winner for November 2007 was dirty with 38 comments.
Winner for December 2007 was Sir Henry with 84 comments.
Winner for January 2008 was goodpeople with 66 comments.
Winner for February 2008 was eM3rC with 122 comments.
Winner for March 2008 was Pantagruel with 66 comments.
Winner for April 2008 was fever with 44 comments.

Posted in: Site News

Topic: Site News


Latest Posts:


RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.