Archive | June, 2009

Acunetix Web Vulnerability Scanner (WVS) 6.5 Released

The New Acunetix V12 Engine


You may remember a while back we did a Review of Acunetix Web Vulnerability Scanner 6 – the very full featured web vulnerability scanning software.

Acunetix

Well the latest version has been released recently with some updates, bug fixes and improvements on the web application security front.

I’m hoping to try out the AcuSensor on a PHP install soon to see what kind of information it can give me.

A full review isn’t really need as the installation, interface and features are mostly the same as version 6.

Acunetix Web Vulnerability Scanner (WVS) 6.5

One of the great new features is the Login Sequence Recorder (LSR), which can record the exact sequence needed to login to a site and replay it.


Acunetix WVS Login Sequence Recorder

Combine this with the Session Auto Recognition module, which will identify when a logged in session is invalided or expired and will re-login automatically and you have a great tool for scanning authentication based web applications.

There is also a lot more support for JSP/Tomcat based application, I haven’t had chance to test this as I don’t deal with many Java based web applications.

Also included are some back-end and interface changes like the display of port scan & network alerts separately from the web alerts, which does make it easier to see where the issues are.

Scanning Interface

Backend stuff like cookie handling and Blind SQL Injection methods have been improved, you can also import your settings from Version 6 if you are currently using that.

You can read the press release here, or more on the blog here.

The pricing can be found here (in both Euros and USD).

If you want to know more about the features you can download the manual here:

Acunetix WVS 6.5 Manual [PDF]

Posted in: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

Topic: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking


Latest Posts:


Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.


Apple iPhone OS 3.0 Released – 46 Security Patches

The New Acunetix V12 Engine


With the latest version of the Apple iPhone OS being released last night or this morning (depending where in the World you are) I guess most of the iPhone users amongst you would have already installed the software.

Everyone I know using an iPhone has already done it without a hitch, it’s been long awaited and it’s definitely an improved over version 2.0.

The new OS also includes patches for 46 previously unpatched security vulnerabilities in the version 2.0 OS.

Apple releases iPhone OS 3.0 to much fanfare. In addition to new features, the updated iPhone operating system brings several patches that address serious security issues in the mobile device.

Apple quietly plugged nearly four dozen security holes when it pushed out an upgrade to iPhone OS 3.0 on June 17.

With iPhone OS 3.0, users are getting fixes for several critical flaws, a number of which could be exploited by an attacker to execute arbitrary code. The WebKit and CoreGraphics components were the most vulnerable with 21 and eight vulnerabilities, respectively.

There are several serious flaws being fixed in this update, so even if you don’t need the features please update for the security.

Let anyone else you know using the iPhone to update too.

Apple’s advisory on the issues can be found here.

The Apple iPhone OS 3.0 contains more than 100 new features, some of which were aimed squarely at enterprises. In March, Apple gave about 50,000 individuals who paid to be part of the company’s developer program access to both the updated SDK (software development kit) and the beta version of the operating system as part of an effort to bring more secure business functionality to the iPhone.

The popularity of the iPhone and other smartphones has brought about an increased interest in properly securing and managing the devices. Along those lines, the Center for Internet Security just released a benchmark with advice on using the iPhone securely.

“Phones are small and relatively cheap, and fashionable, so many companies still don’t realize—or don’t want to acknowledge—that they can be as serious in terms of breach effects as a laptop or desktop PC,” Gartner analyst John Girard said.

I would take a wild guess though with 100 new features introduced that Apple has also introduced some security vulnerabilities.

I’d give it a week or so before some issues start to pop up with the new OS.

Companies do need to look at the security of mobile devices seriously, that’s partially why BlackBerry is so popular as it’s easy to setup secure communications and lock down the device.

Source: eWeek

Posted in: Apple

Topic: Apple


Latest Posts:


Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.


fm-fsf – Freakin’ Simple Fuzzer – Cross Platform Fuzzing Tool

Use Netsparker


fm-fsf is a new fuzzer/data scraper that works under OSX, Linux (with Mono) and Windows (.NET Framework). Fuzzing tools are always useful if you are looking at discovering some new flaws in a software or web service.

Quick Info

FSF is a plug-in based freakin’ simple fuzzer for fuzzing web applications and scraping data.

It supports some basic stuff and is missing some features however it has got some advanced RegEx capturing features for scraping data out of web applications.

It’s still in early stage of development so don’t expect too much.

Why bring yet another fuzzer into this cruel world?

The author was trying to fuzz something and after spending about 2-3 hours about 3-4 different terribly designed fuzzers he thought knocking up his own would be better.

Don’t use if you….

  • Want a fuzzer where you can control the raw HTTP request
  • Need some crazy features such as fuzzing multiple locations at a time

Use if you need a fuzzer…

  • That allows to take advantage of RegEx with the full power for scraping data (this is quite useful while exploiting SQL Injections, gathering data, looking for some hidden resource or trying to enumerate all valid “user id”s)
  • Simple to run and easy to use
  • Which makes it easy to write your own fuzzing modules
  • With simple and compact .NET code

You can download fm-fsf here:

FSF-7.1.0.0.tar.gz

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Secure Coding

Topic: Exploits/Vulnerabilities, Hacking Tools, Secure Coding


Latest Posts:


Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.


Massive Malware Outbreak Infects 30,000 Websites

Use Netsparker


This looks like a fairly complex infection mechanism combining exploiting websites, injecting JavaScript code then attempted exploitation of host machines and failing that prompting a download for some fake malware.

The way they have it all setup is pretty clever too hiding behind common technologies so their infections don’t look out of place.

An obfuscated JavaScript meant to look like Google Analytics code? That’s smart.

A nasty infection that attempts to install a potent malware cocktail on the machines of end users has spread to about 30,000 websites run by businesses, government agencies and other organizations, researchers warned Friday.

The infection sneaks malicious javascript onto the front page of websites, most likely by exploiting a common application that leads to a SQL injection, said Stephan Chenette, manager for security research at security firm Websense. The injected code is designed to look like a Google Analytics script, and it uses obfuscated javascript, so it is hard to spot.

The malicious payload silently redirects visitors of infected sites to servers that analyze the end-user PC. Based on the results, it attempts to exploit one or more of about 10 different unpatched vulnerabilities on the visitor’s machine. If none exist, the webserver delivers a popup window that claims the PC is infected in an attempt to trick the person into installing rogue anti-virus software.

If you imagine 30,000 websites have been installed, how much traffic do these sites have in total? And out of that how many client computers have been infected.

The numbers could be quite huge.

The rogue anti-virus seems fairly intelligently designed too with polymorphic techniques to avoid signature scanning by real AV engines.

The rogue anti-virus software uses polymorphic techniques to constantly alter its digital signature, allowing it to evade detection by the vast majority of legitimate anti-virus programs. Because it uses obfuscation, the javascript is also hard to detect by antivirus programs and impossible to spot using Google searches that scour the web for a common string or variable.

“For the common user, it’s going to be possible but difficult to determine what the code is doing or if it’s indeed malicious,” Chenette told The Register. “We can see this quickly growing.”

The infection shares many similarities with a mass website malady that’s been dubbed Gumblar. It too injects obfuscated javascript into legitimate websites in an attempt to attack visitors. So far, it’s spread to about 60,000 sites, Websense estimates.

Several differences in the way the javascript behaves, however, have led Websense researchers to believe the two attacks are unrelated. The researchers have also noticed that the code, once it’s deobfuscated, points to web addresses that are misspellings of legitimate Google Analytics domains that many sites use to track visitor statistics. The RBN, or Russian Business Network, has used similar tactics in the past, and Websense is now working to determine whether those responsible for this latest attack have ties to that criminal outfit.

Seems like it could possibly be from Russia (the RBN) and it’s not related to Gumblar, even though they have quite a few similarities.

Interesting case to watch, and make sure any sites you run are up to date, secured and not open to SQL injection!

Source: The Register

Posted in: Exploits/Vulnerabilities, Malware, Web Hacking

Topic: Exploits/Vulnerabilities, Malware, Web Hacking


Latest Posts:


Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.


Honeysnap – Pcap Packet Capture File Parsing Tool

Use Netsparker


Honeysnap is designed to be a command-line tool for parsing single or multiple pcap data files and producing a ‘first-cut’ analysis report that identifies significant events within the processed data. This presents security analysts with a pre-prepared menu of high value network activity, aimed at focusing manual forensic analysis and saving significant incident investigation time. Once you have identified data that interests you, you can then employ other tools for more in depth analysis, such as the Walleye user interface to the Honeywall. Honeysnap is also suitable for manual operation or automation via cron.

Example Functions

  • Packet and connection overview.
  • Flow extraction of ASCII based communications.
  • Protocol decode of the more common Internet communication protocols.
  • Binary file transfer extraction.
  • Flow summary of inbound and outbound connections.
  • Keystroke extraction of ver2 and ver 3 Sebek data.
  • Identification and analysis of IRC traffic, including keyword matching.

Version 1.0.6 now decodes the following protocols.

  • DNS
  • FTP
  • HTTP
  • IRC
  • Socks
  • Sebek

In addtion, the new 1.0.6 version includes

  • Socks proxy traffic stats
  • User definable filters for the counts
  • Improved DNS output
  • Fixed bug in file extraction
  • A big speed increase in gzip decoding
  • Print querying IP for DNS decodes
  • Auto-spotting of IRC traffic on any port
  • SOCKS decoding
  • Fix to the truncation of extracted files
  • Includes magicpy in the distribution to solve the problems caused by the original website going away.

You can download Honeysnap here:

honeysnap-1.0.6.14.tar.gz

Or read more here.

Posted in: Hacking Tools, Networking Hacking

Topic: Hacking Tools, Networking Hacking


Latest Posts:


Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.


FBI Unclassified E-mail Network Owned By Virus

The New Acunetix V12 Engine


If the FBI e-mail network can get owned by a virus, what hope does the average joe have when it comes to keeping their e-mail secure?

It must be pretty serious too if it actually forced them to shut down the Internet facing e-mail network, it seems like it was down for at least a week and possible still unavailable to some users.

This demonstrates the problems self-propagating malware can cause to e-mail systems.

A virus has reportedly disrupted Web-based e-mail services at the U.S. Federal Bureau of Investigation.

The FBI confirmed Friday that it had been forced to shut down its Internet-facing unclassified network, but disputed a report that the incident had left the agency unable to e-mail counterparts in other intelligence and law enforcement agencies. “The external, unclassified network was shut down by the FBI as a precautionary measure,” the FBI said in a statement. “Within 48 hours of identifying the issue and mitigating risks, e-mail traffic was largely restored to the external, unclassified network.”

FBI agents can send e-mail on the agency’s more secure internal network or via BlackBerry, but many use this unclassified network to send messages via a Web-based e-mail system, said a source familiar with the situation. That webmail service was down throughout the week and continued to be unavailable for some users, the source said.

Where’s the full disclosure! We want details please, was this a normal virus that going around online? Was it something tailored to attack the FBI network? Was it seeded from inside or did it come in externally?

So many interesting questions, but no answers as usual.

It could be related to the recent QuickTime flaw with the DirectX rendering, the timing is about right – I guess we’ll never know though.

The FBI did not provide details on the security incident, but it looks as though hackers may have used maliciously encoded file attachments to hack into the network. In its statement, the FBI said it was now blocking users from sending or receiving attachments on the unclassified network “to give our technicians time to scan all the attachments that came into the e-mail system to make sure we have identified and mitigated all threats to the network.”

Malicious attachments are a constant security threat for computer users.

Microsoft warned Thursday that attackers are sending malicious QuickTime media files to victims, exploiting an unpatched flaw in Apple’s media format, in order to install malicious software on Windows systems.

It was first reported by NYPost and then later by CBS News.

I’ll be keeping an eye out to see if there are any further developments or news disclosure, if you’ve read anything relevant drop a link the comments.

Source: Network World

Posted in: Exploits/Vulnerabilities, Legal Issues, Malware

Topic: Exploits/Vulnerabilities, Legal Issues, Malware


Latest Posts:


Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.