Archive | May, 2009

WarVOX Download – War Dialing Tool Software

The New Acunetix V12 Engine


WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, it works with the actual audio from each call and does not use a modem directly.

WarVOX Download - War Dialing Tool Software


This model allows the tool to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders. It provides the unique ability to classify all telephone lines in a given range, not just those connected to modems, allowing for a comprehensive audit of a telephone system.

What does WarVOX War Dialing Tool Software Do?

WarVOX requires no telephony hardware and is massively scalable by leveraging Internet-based VoIP providers. A single instance on a residential broadband connection, with a typical VoIP account, can scan over 1,000 numbers per hour. The speed is limited only by downstream bandwidth and the limitations of the VoIP service. Using two providers with over 40 concurrent lines we have been able to scan entire 10,000 number prefixes within 3 hours.

WarVOX War Dialing Tools Features

  • License changed to BSD, no restrictions on commercial use
  • Support number exclusion lists / black lists (regex based)
  • Support for phone number ranges in addition to masks
  • Support for multiple ranges and masks per job
  • Numerous bug fixes and stability improvements
  • Command line script for exporting dial results (bin/export_list.rb)

The resulting call audio can be used to extract a list of modems that can be fed into a standard modem-based wardialing application for fingerprinting and banner collection. One of the great things about the WarVOX model is that once the data has been gathered, it is archived and available for re-analysis as new signatures, plugins, and tools are developed. The current release of WarVOX (1.0.0) is able to automatically detect modems, faxes, silence, voice mail boxes, dial tones, and voices.

It is written in Ruby and designed to be run on any modern Linux distribution.

It was actually merged into the Metasploit Project in August 2011.

WarVOX download here:

warvox-master.zip

Or read more here.

Posted in: Hacking Tools

Topic: Hacking Tools


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


Obama To Create Cyber Security Czar In White House

Use Netsparker


It looks like Obama is taking a serious stance on Cyber Security and Cyber Crime with his introduction of a new position which will be known as the ‘Cyber Czar’.

As a senior White House official this is quite a serious position with the responsibility of protecting both the US government networks and looking out for private companies too.

It’ll be interesting to see who is chosen for the post and what kind of policies or campaigns they will run.

President Obama is expected to announce late this week his decision to create a senior White House official responsible for protecting the nation’s government-run and private computer networks from attack, according to a published report.

The “cyber czar” will probably be a member of the National Security Council but will report to the national security adviser and the senior White House economic advisor, according to The Washington Post, which cited unnamed officials who had been briefed on the plan. As of Friday, Obama had not yet settled on the advisor’s rank and title.

The announcement is to coincide with the release of a 40-page report evaluating the government’s strategy for security government networks and other infrastructure deemed critical to national security. The timing of the report – it was expected to be released a week or two ago – and the details included in the Washington Post report suggest the plan may have run into infighting by advisors to Obama.

Officially the rank and title have not yet been decided but they will be working with the National Security Council and the Economic division of the government.

The strategy will be interesting to see too, what are they going to propose to protect the government networks and what else will they deem critical to national security? I hope it includes power stations and other such resources (Industrial Control Systems for example) as they seem to be massively lacking security.

On his first full day in office, Obama signaled a willingness to have the cyber czar report directly to the president, an arrangement that he promised as a candidate and that was also recommended by a panel of more than 60 government and business computer security experts.

While the idea is whoever is appointed will be someone who can “pick up the phone and contact the president directly, if need be,” the advisor no longer would report directly to Obama, according to the report. What’s more, the czar would now have two bosses, in an attempt to strike a balance between homeland security and economic concerns.

Over the past few months, turf wars have arisen between advisors who want the ultra-secretive National Security Agency to oversee the country’s cybersecurity. Others have said the job is best carried out by the National Cybersecurity Center, an office within the Department of Homeland Security that’s responsible for coordinating the defense of civilian, military and intelligence networks. In March, the government’s cybersecurity chief abruptly resigned amid allegations his office was woefully underfunded and inappropriately controlled by the military.

Seems like there is some infighting going on in the government and a bit of a power struggle as to which department will be controlling the ‘cyber czar’.

It’s looking like the organizational problems regarding cyber security may run deeper than they appear on the surface with claims of underfunding and misuse by the military.

I hope they do sort it out though, the more secure the US government is the safer the rest of the World will be.

Source: The Register

Posted in: Hacking News

Topic: Hacking News


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


Technitium FREE MAC Address Changer v5 R2 Released for Windows

The New Acunetix V12 Engine


It’s been a while since the last update of Technitium back in June 2008, the latest release is v5 R2 with support for Windows 7 RC.

Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must tool in every security professionals tool box.

Technitium MAC Address Changer is coded in Visual Basic 6.0.

Features

  • Support for Windows 7 RC added.
  • Issues with installer program resolved.
  • Most reported bugs in previous versions removed.
  • Allows you to remove all registry entries corresponding to Network Adapter that is no longer physically installed on the system.
  • Allows you to configure Internet Explorer HTTP proxy settings through configuration presets or command line.
  • Identifies the preset applied to currently selected Network Interface Card (NIC) automatically making it easy to identify settings.
  • Most known issues with Windows Vista removed.
  • Changes MAC address of Network Interface Card (NIC) including Wireless LAN Cards, irrespective of its manufacturer or its drivers.
  • Has latest list of all known manufacturers (with corporate addresses) to choose from. You can also enter any MAC address and know which manufacturer it belongs to.
  • Allows you to select random MAC address from the list of manufacturers by just clicking a button.
  • Restarts your NIC automatically to apply MAC address changes instantaneously.
  • Allows you to create Configuration Presets, which saves all your NIC settings and makes it very simple to switch between many settings in just a click and hence saves lot of time.
  • Allows you to Import or Export Configuration Presets to or from another file, which saves lot of time spent in reconfiguration.
  • Allows you to load any Configuration Presets when TMAC starts by just double clicking on any Configuration Preset File. (*.cpf file extension)
  • Has command line interface which allows you to perform all the tasks from the command prompt or you can even create a DOS batch program to carry out regular tasks.
  • Displays all information you would ever need to know about your NIC in one view like Device Name, Configuration ID, Hardware ID, Connection Status, Link Speed, DHCP details, TCP/IP details etc.
  • Displays total bytes sent and received through the NIC.
  • Displays current data transfer speed per second.
  • Allows you to configure IP Address, Gateway and DNS Server for your NIC quickly and instantaneously.
  • Allows you to enable/disable DHCP instantaneously.
  • Allows you to Release/Renew DHCP IP address instantaneously.

There are some famous, commercial tools available in the market from USD 19.99 to as much as USD 2499, but Technitium MAC Address Changer is available for FREE. They don’t charge for just changing a registry value! Also knowing how this works doesn’t require extensive research as some commercial tool providers claim.

You can download Technitium v5 R2 here:

TMACv5_R2_Setup.zip

Or read more here.

Posted in: Networking Hacking, Security Software

Topic: Networking Hacking, Security Software


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


DNS DDoS Attack Takes Down China Internet

Use Netsparker


The latest news is a few million Chinese Internet users had trouble accessing any websites yesterday due to a DDoS attack on the DNS system from one of the countries registrars.

It just shows that China has an inherently weak infrastructure if such a large portion of people can be disrupted with an attack to a single location.

I guess the users haven’t heard of OpenDNS either, or perhaps they can’t use it because it’s blocked by the ‘Great Firewall of China‘.

An attack on the servers of a domain registrar in China caused an online video application to cripple Internet access in parts of the country late on Wednesday.

Internet access was affected in five northern and coastal provinces after the DNS (domain name system) attack, which targeted just one company but caused unanswered information requests to flood China’s telecommunications networks, China’s IT ministry said in a statement on its Web site. The DNS is what computers use to find each other on the Internet.

The incident revealed holes in China’s DNS that are “very strange” for such a big country, said Konstantin Sapronov, head of Kaspersky’s Virus Lab in China.

The problems started when registrar DNSPod’s DNS servers were targeted with a DDOS (distributed denial of service) attack, described by the company in an online statement. In such an attack, the attacker orders a legion of compromised computers to try to communicate with a server all at once, which overwhelms the server and crushes its ability to return requests for information.

A DoS attack on the root domain servers of any organisation is always one of the most effective as you don’t have to saturate a large pipe, you just have to make the machine max out it’s CPU/RAM so it can’t serve any more requests.

It’s much better than trying to take a corporate network offline by filling up their main line. Targeted attacks are always the most effecient.

Internet access returned to normal in the late night several hours later, according to the government statement.

China had almost 300 million Internet users at the end of last year, according to the country’s domain registry agency, and streaming online video is as popular among young people as it is in Western countries.

The event, the first of its kind in China, suggests the country needs to improve its rules managing the DNS, said Zhao Wei, CEO of Knownsec, a Beijing security firm.

The original attack transformed into a regional DNS jam essentially because Baofeng is so popular, said Zhao.

Such programs may need smarter code, which could instruct them to withdraw DNS requests that go unanswered, he said. The way unanswered requests are redirected to higher-level servers could also be changed, Zhao said.

An interesting point is that the registrar that was attacked hosted the DNS for the very popular video streaming site Baofeng – the traffic was so high for this site that that unanswered DNS requests turned into another traffic jam having the effective of multiplying the original DDoS attack.

I’m guessing this was an unintended side effect, but it worked out well for the attackers.

Source: PCWorld

Posted in: Networking Hacking, Telecomms Hacking

Topic: Networking Hacking, Telecomms Hacking


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


BugSpy – Crawls The Web For Open Source Software Bugs

The New Acunetix V12 Engine


BugSpy is an interesting web site I came across recently, put together using a Python Framework (django) it aggregates bugs from as many open source projects as it can find. Preferably critical bugs.

BugSpy

You can search by tag (e.g java, email or php ) or by product name (e.g Ubuntu, Typo3 or Samba).

http://bugspy.net/

Posted in: Exploits/Vulnerabilities, Web Hacking

Topic: Exploits/Vulnerabilities, Web Hacking


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.


Google Poisoning Attack Gumblar Still Causing Problems

The New Acunetix V12 Engine


I thought this would have been stamped out by now, but sadly it’s still going on. With the advent of cheap web hosting and easy to use CMS systems like WordPress more and more people are managing their own websites (gone are the days of Geocities).

More people with websites means more FTP details to be stolen, and more websites to be spammed up by malware propagators.

With that sentiment, Gumblar is gaining more traction poisoning Google search results.

A Web attack that poisons Google search results is getting worse, according to security researchers.

The attack first relies on compromising normally legitimate website and planting malicious scripts. US CERT reports that stolen FTP credentials are reckoned to be the main technique in play during this stage of the attack but poor configuration settings and vulnerable web applications might also play a part.

Surfers who visit compromised websites are exposed to attacks that rely on well-known PDF and Flash Player vulnerabilities to plant malware onto Windows PCs.

This malware is designed to redirect Google search results as well as to swipe sensitive information from compromised machines, according to early findings from ongoing analysis.

Unsurprisingly the infection vectors are still the same, the recent PDF and Flash exploits. You can bank on the majority of people not installing the updates and still being vulnerable.

As always make sure any networks you manage are updated and the people you know have the latest versions of the software they use to read PDFs and Flash Player.

The SANS Institute’s Internet Storm Centre (ISC) adds that the attack has been around for some time but has intensified over recent days. Initially the malware was served up onto vulnerable Windows clients from the website gumblar.cn, which has been offline since Friday. A second domain – martuz.cn – has taken over this key role in the attack, ISC reports.

Web security scanning firm ScanSafe, which was among the first to warn of the rise of the attack, notes that the reference to martuz.cn in more recent attacks has been obfuscated, possibly in an attempt to thwart rudimentary blacklists. “The URI resulting from the injected script might appear as mar”+”tuz.cn instead of just martuz.cn,” writes ScanSafe researcher Mary Landesman.

ScanSafe reported on Monday that Gumblar more than trebled (up 246 per cent) over the preceding week. It describes Gumblar as a botnet of compromised websites in a series of blog postings on the attack, which can be found here. Sophos reckons the Gumblar-related malware appeared in 42 per cent of all the newly infected websites it detected last week.

From the domains being used it seems probably that this attack originated from China, perhaps they are starting to cash in on the malware distribution/spam/info trading scene online.

If they can from behind “The Great Firewall of China“.

It seems like the Gumblar activity has intensified significantly in recent weeks though so do watch out for it. Make sure anyone who has FTP access to any websites you run has a secure system.

Source: The Register

Posted in: Malware, Spammers & Scammers, Web Hacking

Topic: Malware, Spammers & Scammers, Web Hacking


Latest Posts:


Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.