Archive | June, 2008

Technitium FREE MAC Address Changer v5 Released

Keep on Guard!


Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must have tool in every security professionals tool box. Technitium MAC Address Changer is coded in Visual Basic 6.0.

Features

  • Support for Windows Vista SP1 and Windows Server 2008 added.
  • Allows you to remove all registry entries corresponding to Network Adapter that is no longer physically installed on the system.
  • Allows you to configure Internet Explorer HTTP proxy settings through configuration presets or command line.
  • Issues with installer program resolved. (Thanks to all your feedbacks)
  • Identifies the preset applied to currently selected Network Interface Card (NIC) automatically making it easy to identify settings.
  • Most known issues with Windows Vista removed. (Thanks to all your feedbacks)
  • Changes MAC address of Network Interface Card (NIC) including Wireless LAN Cards, irrespective of its manufacturer or its drivers.
  • Has latest list of all known manufacturers (with corporate addresses) to choose from. You can also enter any MAC address and know which manufacturer it belongs to.
  • Allows you to select random MAC address from the list of manufacturers by just clicking a button.
  • Restarts your NIC automatically to apply MAC address changes instantaneously.
  • Allows you to create Configuration Presets, which saves all your NIC settings and makes it very simple to switch between many settings in just a click and hence saves lot of time.
  • Allows you to Import or Export Configuration Presets to or from another file, which saves lot of time spent in reconfiguration.
  • Allows you to load any Configuration Presets when TMAC starts by just double clicking on any Configuration Preset File. (*.cpf file extension)
  • Has command line interface which allows you to perform all the tasks from the command prompt or you can even create a DOS batch program to carry out regular tasks. (see help for command line parameter details)
  • Allows you to export a detailed text report for all the network connections.
  • Displays all information you would ever need to know about your NIC in one view like Device Name, Configuration ID, Hardware ID, Connection Status, Link Speed, DHCP details, TCP/IP details etc.

You can download Technitium v5 here:

Technitium-MAC-Address-Changer

Or read more here.

Learn about Networking Hacking



Posted in: Networking Hacking, Security Software

Topic: Networking Hacking, Security Software

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


Disgruntled IT Worker Gets Heavy Prison Sentence

Outsmart Malicious Hackers


It just goes to show, however smart you think you are…don’t bother trying to wreck someones data. In this case, even if the guy was pissed it was highly responsible as it involved medical records and could actually seriously effect someones life.

He was pretty careful but left a few clues behind, more than enough for the FBI to catch him (computer names, printers installed etc.).

An IT manager who sought revenge for an unfavorable job evaluation was sentenced to more than five years in federal prison after being convicted of intentionally triggering a massive data collapse on his former employer’s computer network.

Jon Paul Oson, 38, of Chula Vista, California, was sentenced to 63 months behind bars and ordered to pay more than $409,000 in restitution, according to federal prosecutors in San Diego. He was immediately taken into custody after the sentence was handed down on Monday. It is one of the stiffest penalties ever for a computer hacking offense.

It’s a pretty huge sentence for hacking – 63 months or just over 5 years! As mentioned it’s one of the stiffest sentences ever for a computer related crime.

It did cause some serious losses though with a staggered disruption of data, as he was familiar with the backup system he could disable it then wait until the cycle had finished…then once the data was gone it was gone.

On December 23, Oson logged onto servers belonging to his former employer and disabled the program that automatically backed up medical records for thousands of low-income patients. Six days later, he logged on again, and in the span of 43 minutes, methodically deleted the files containing patients’ appointment data, medical charts and other information.

The dollar cost of Oson’s rampage was pegged at $409,337.83 and accounted for expenses for technical investigations and moving to a paper-based system in the weeks following the attack. But the real toll came when doctors at North County Health Services no longer had medical records for thousands of low-income patients who sought medical care. North County Health Services contracted with Oson’s employer to store the records.

Pretty scary that one guy has this kind of power, it just shows it doesn’t pay to annoy the BOFH! Anyway what he did was wrong and he’s getting what he deserved, I mean he didn’t even get canned he just got a bad evaluation.

Any thoughts on this?

Source: The Register

Learn about Hacking News



Posted in: Hacking News, Legal Issues

Topic: Hacking News, Legal Issues

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


WikiScanner – Find Interesting Anonymous Edits on Wikipedia

Outsmart Malicious Hackers


Now this isn’t a new tool, and it’s not quite up to date as the author hasn’t updated it for a while – but it’s still exceedingly cool!

As you know most IP addresses are registered to companies or organizations in blocks, so you can identify which network an edit is coming from as Wikipedia logs the IP address when an anonymous edit is made.

WikiScanner (also known as Wikipedia Scanner) is a tool created by Virgil Griffith and released on August 14, 2007, which consists of a publicly searchable database that links millions of anonymous Wikipedia edits to the organizations where those edits apparently originated, by cross-referencing the edits with data on the owners of the associated block of IP addresses. WikiScanner does not work on edits made under a username. The Associated Press reported that Griffith wanted “to create minor public relations disasters for companies and organizations [he] dislike[s].”

Source: Wikipedia

You can check out your current company, your previous company, your college or university and anything else that tickles your fancy.

There are some very interesting edits, you can see some here:

http://wired.reddit.com/wikidgame/

You can try it out here:

Wikiscanner

Learn about Hacking News



Posted in: Hacking News, Privacy, Secure Coding

Topic: Hacking News, Privacy, Secure Coding

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


16 Year Old Indian Hacker Busted for eBay Scam

Outsmart Malicious Hackers


Looks like India has them moving into the hacking scene young, it’ll happen anywhere with decent network infrastructure and disparate levels of economy. Look at Eastern Europe and China as other examples, India though due to it’s outsourcing culture and plentiful legitimate jobs in the IT industry doesn’t seem to suffer so many problems with hacking.

I guess things might change though with the USD weakening and the World economy slowing down.

His face is cherubic and his mannerisms childish. But, when he talks to police officials, they find it hard to catch up with this whiz-kid. Ajay (16) is a perfect example of what parents should watch out for when they encourage their children to use computers. Being a teenager from a modest background, he wanted to achieve all the good things in life – right from the latest gadgets to a lavish lifestyle.

“His knowledge of the codes and payment gateways is as good as that of a professional hacker,” said a senior crime branch official who has been interrogating this teenager picked up from Mulund in Mumbai, involved in an online payment scam on eBay.

I don’t remember what exactly I was doing at 16 but I think it had something to do with BBS and was fairly advanced, it’s not a large leap of imagination for a 16 year-old to be doing these kind of things.

Paypal and eBay scams/fraud are pretty high on the list now as they are easy to pass off and you can just spend the money back online to buy the latest fashion items or gadgets which makes it very hard to trace.

Ajay was happy with the progress he was making in life and told the police he did not want to pursue college education as “it was useless for earning money”.

His life changed when he came in contact online with bigger hackers five months ago. He started visiting the forums meant for international hackers. One of the international sites with the tagline ‘We move the world to free’ attracted him. It was a gateway to a heaven where the CVV (customer verification value) numbers and personal details were available for a very cheap price.

The same website was being used by his Ahmedabad-based links for dealing on PayPal — a payment gateway — to purchase goods using someone else’s credit card number and bank account. Ajay used it wisely and never raised an alarm. He blames his ‘amateur’ associates of Ahmedabad for landing the whole gang in the police net.

It just shows, be very careful with your CVV number and be careful when using services like Paypal and eBay – sadly once again I think those reading here already are careful so it’s not the target audience for education.

Perhaps you can tell your friends and relatives they might be funding a 16 year olds haircut at Toni and Guy!

Source: Times of IndiaThanks to Navin.

Learn about Legal Issues



Posted in: Legal Issues, Spammers & Scammers

Topic: Legal Issues, Spammers & Scammers

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


ArpON – ARP Handler Detect and Block ARP Poisoning/Spoofing

Outsmart Malicious Hackers


ArpON (Arp handler inspectiON) is a portable handler daemon with some nice tools to handle all ARP aspects. It has a lot of features and it makes ARP a bit safer. This is possible using two kinds of anti Arp Poisoning tecniques, the first is based on SARPI or “Static ARP Inspection”, the second on DARPI or “Dynamic ARP Inspection” approach.

Keep in mind other common tools fighting ARP poisoning usually limit their activity only to point out the problem instead of blocking it, ArpON does it using SARPI and DARPI policies.

Finally you can use ArpON to pentest some switched/hubbed LAN with/without DHCP protocol, in fact you can disable the daemon in order to use the tools to poison the ARP Cache.

However ArpON is also a good tool to a clever sysadmin aware of security related topics. It is a tool born to make ARP secure in order to avoid ARP Spoofing/Poisoning etc.

Static ARP Inspection

When SARPI starts, it saves statically all the ARP entries it finds in the ARP cache in a static cache called SARPI Cache. Note that you can also manage the ARP cache before starting SARPI, through the “ARP CACHE MANAGER” feature of ArpON.

Dynamic ARP Inspection

DARPI startup phase consists in cleaning up the ARP cache, deleting all of its entries. This is due because ARP cache may have poisoned entries from the beginning. DARPI handles the so called DARPI cache, applying different policies to different kinds of packets.

You can download ArpON here:

ArpON-1.10.tar.gz

Or read more here.

Learn about Countermeasures



Posted in: Countermeasures, Networking Hacking

Topic: Countermeasures, Networking Hacking

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


May Commenter of the Month Competition Winner!

Keep on Guard!


Competition time again!

As you know we started the Darknet Commenter of the Month Competition on June 1st 2007 and it’s been running since then! We have just finished the twelfth month of the competition in May and are now in the thirteenth, starting a few days ago on June 1st – Sponsored by GFI.

We’ve successfully been holding this contest for a year now!

We are offering some pretty cool prizes like iPods and PSPs (or similar), along with cool GFI merchandise like shirts, keyrings and mugs.

And now the winner will also get a copy of the Ethical Hacker Kit.

GFI Goodies

Keep up the great comments and high quality interaction, we really enjoy reading your discussions and feedback.

Just to remind you of the added perks, by being one of the top 5 commenter’s you also have your name and chosen link displayed on the sidebar of every page of Darknet, with a high PR5 (close to 6) on most pages (5000+ spidered by Google).

So announcing the winner for May…it’s Bogwitch! He’s been one of our best long terms commenter’s and has been with us since before the contest in the early days of Darknet.

I’m glad he won as his comments have been consistently of high quality and often entertaining too.

Comments for June have been quite low so far, so it might be an easy win for someone again this month :) I didn’t manage to grab the site on the day before the month turned…so I just spend a while coming up with an SQL query to grab the counts from the database for the month of May.

Commenter May

Jinesh Doshi was pretty close behind in second place. There were some good discussions in May and I hope to see them continue in June! I’d like to thank you all for your participation! I hope it keeps getting better as 2008 develops with more interesting news and tools. Keep up the excellent discussions, it’s very interesting reading especially on some of the more controversial topics.

Thanks to everyone else who commented and thanks for your links and mentions around the blogosphere!

Feel free to share Darknet with everyone you know :)

Keep commenting guys, and stand to win a prize for the month of June!

We are still waiting for pictures from backbone, Sandeep and TRDQ, dirty and dre, eM3rC, fever, Sir Henry and goodpeople of themselves with their prizes!

Winner for June 2007 was Daniel with 35 comments.
Winner for July 2007 was backbone with 46 comments.
Winner for August 2007 was TheRealDonQuixote with 53 comments.
Winner for September 2007 was Sandeep Nain with 32 comments.
Winner for October 2007 was dre with 19 comments.
Winner for November 2007 was dirty with 38 comments.
Winner for December 2007 was Sir Henry with 84 comments.
Winner for January 2008 was goodpeople with 66 comments.
Winner for February 2008 was eM3rC with 122 comments.
Winner for March 2008 was Pantagruel with 66 comments.
Winner for April 2008 was fever with 44 comments.

Learn about Site News



Posted in: Site News

Topic: Site News

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.