As our nation continues its downward spiral into Socialism the inevitable results are killing the economy. Thankfully the security sector is not being affected quite as badly as most...at least for now.
Friday, July 3, 2009
Thursday, July 2, 2009
Backtrack 4 Pre-Release with persistence on an SD card (or USB drive)
"I was excited to be able to use the new pre-release version of Backtrack 4, as I love to use it on my Asus EEE 1000HA. When it was released I was eager to make it work, booting off of an SD card in the EEE so that I would not have to mess with additional USB thumb drives (they stick out of the laptop, and the SD card is internal). During the process, I was happy to discover that both the internal wireless and bluetooth adapters are now supported. The wireless card even appears to support injection!"
Read more...
“The Real IPv6, Part 1 of 13″ - Microsoft Direct Access
This should be an interesting series.
"Over the next few months, we plan to articulate the real-world applications of IPv6 right now. This is not going to be one of those discussions that highlight beautiful IPv6 features stuck in the theoretical and things that don’t actually exist in nature (mandated IPSec, QoS, etc). We are going to show you what is actually happening in the industry currently and what applications are leveraging IPv6. Obviously, this is going to help everyone’s business case to drive adoption further along. Without further ado, the juiciest use of IPv6 today: Microsoft’s Direct Access Enjoy!"
Read more...
Kon-Boot - Reset Windows & Linux Passwords
"Kon-Boot is an prototype piece of software which allows to change contents of a Linux kernel (and now Windows kernel also!!!) on the fly (while booting).
In the current compilation state it allows to log into a Linux system as ’root’ user without typing the correct password or to elevate privileges from current user to root. For Windows systems it allows to enter any password protected profile without any knowledge of the password.
It was mainly created for Ubuntu, later the author has made a few add-ons to cover some other Linux distributions.
Entire Kon-Boot was written in pure x86 assembly, using old grandpa-geezer TASM 4.0."
Major iPhone vulnerability discovered (iPwnd?)
"Mac security expert Charlie Miller has identified an SMS exploit on the iPhone that could let attackers take over the phone...and even eavesdrop on owners.
At the SyScan security conference being held in Singapore this week, Macintosh security expert Charlie Miller has outlined an SMS-based vulnerability in the Apple iPhone that could let attackers listen in on calls, access the GPS unit to locate the phone, execute arbitrary programs, and even let the phone participate in distributed denial-of-service (DDOS) attacks against other Internet sites via the Internet.
Miller didn't go into significant detail on the exploit, although he planned to discuss the possible attack in greater detail at the Black Hat security conference later this month in Las Vegas, Nevada. Apple is expected to offer a patch for the vulnerability before then.
The vulnerability enables attackers to send a program to the iPhone—140 bytes at a time via SMS—which the iPhone then executes as its root user with no interaction or confirmation required from the iPhone's owner. In theory, the exploit could be used to access virtually any of the iPhone's functions or run any program, if enough exploitative SMS messages could be delivered to the iPhone.
The exploit serves as an illustration of the potential pitfalls of ever more-sophisticated mobile devices: as users are increasingly isolated from the fundamentals of the technologies they're using, they often have no way to know whether their devices or personal information are vulnerable or have been compromised"
Monday, June 29, 2009
Germany's "anti-hacking" laws revisited
Many of us have been watching to see how Germany's very restrictive "anti-hacking" laws would play out in court.
Here is a recent ruling that helps define how they are to be interpreted going forward:
Read more...
Tuesday, June 9, 2009
WEPBuster - automated WEP cracking
This small utility was written for Information Security Professionals to aid in conducting Wireless Security Assessment. The program executes various utilities included in the aircrack-ng suite, a set of tools for auditing wireless networks, in order to obtain the WEP encryption key of a wireless access point. aircrack-ng can be obtained from http://www.aircrack-ng.org
Features:
Cracks all access points within the range in one go!!
Supports:
- Mac address filtering bypass (via mac spoofing)
- Auto reveal hidden SSID
- Client-less Access Point injection
- Shared Key Authentication
- WEP Decloacking (future version)
- whitelist (crack only APs included in the list)
- blacklist (do not crack AP if it's included in the list)
Check it out...
Video demonstration...
Apple Struggling With Security & Malware
"It’s inevitable as Apple products become more and more popular they will get targeted by the bad guys. Count on more viruses, malware, exploits and rootkits for Apple Operating Systems.
They are a bit behind in the curve as they don’t have a formal security program and it’s unknown if they use secure development practices (they seem to focus more on interface design than anything else)."
Developing Exploits for Penetration Testers and Security Researchers
A one-of-a-kind course on exploitation development! Covers techniques to defeat the latest protection mechanisms in the latest OSs.
Check it out...
Monday, June 8, 2009
Political rant :)
Yet another reason to get spun up on our Constitution and to start voting people into office that will actually honor their oath to uphold it...
"Owners of capital will stimulate the working class to buy more and more of expensive goods, houses and technology, pushing them to take more and more expensive credits, until their debt becomes unbearable. The unpaid debt will lead to bankruptcy of banks, which will have to be nationalized, and the State will have to take the road which will eventually lead to communism."
Karl Marx, Das Kapital, 1867
Hacker named to Homeland Security Advisory Council
Very interesting...
"Jeff Moss, founder of the Black Hat and Defcon hacker and security conferences, was among 16 people sworn in on Friday to the Homeland Security Advisory Council.
The HSAC members will provide recommendations and advice directly to Secretary of Homeland Security Janet Napolitano.
Moss' background as a computer hacker (aka "Dark Tangent") and role as a luminary among young hackers who flock to Defcon in Las Vegas every summer might seem to make him an odd choice to swear allegiance to the government. (Although before running his computer conferences, Moss also worked in the information system security division at Ernst & Young.)
I'd like to hear some of the banter as he rubs elbows with the likes of former CIA (Bill Webster) and FBI directors (Louis Freeh), Los Angeles County sheriff, Miami mayor, New York police commissioner, governors of Maryland and Georgia, former Colorado Sen. Gary Hart, and the president of the Navajo Nation."
Read more...
Sunday, May 31, 2009
Defence trials sneaky cameras
"The Defence Science Technology Organisation (DSTO) is running facial recognition trials which will underpin biometric initiatives across the Department of Defence, Immigration and new smartcard driver's licences.
The agency has toyed with so-called "attractors" including signs or noise-emitting devices that draw the attention of passers-by so they inadvertently look directly into a camera.
Stop Hacker Commerce (H*Commerce)
Interesting videos explaining how hacker commerce works.
Watch videos...
Packers and protectors - evading AV
"It is ironic but the extreme growth rate of malware attacks is actually partly due to how successful AV technology really is. Quite simply - if AV scanners were not so successful in blocking trojans and viruses there would be little need for the bad guys to write new ones. One can even say that malware writers are digging an elephant trap for all computer users because lots of new malware demands a response from AV, which can contribute to the slower operation of computers for all of us.
Figuratively speaking, the primary tools that the bad guys are using to dig their side of the trap and evade detection are packers (like UPX and Petite) and protectors (like Armadillo and Themida). Packers are legitimately used to reduce the size of programs (saving disk space), while protectors are legitimately used to prevent patching, hacking or reverse engineering. For malware production, however, packers and protectors are useful as they can often obfuscate original malware beyond recognition by AV.
Commercial protectors are especially loved by malware writers because they can put a protective envelope on top of, say, their spam-bot and it will be well hidden inside. Additionally, it will now really look more like a legitimate file obfuscated with the same protector. Malware writers use this trick more and more frequently."
Read more...
How to save your keyboard after a spill
"If you've used a computer for any significant amount of time, you've also probably face-palmed after spilling some potentially sticky substance into the recesses of your keyboard. (If you haven't, your day will come.) Here's how to save your keyboard after that spill."
Check it out...
Gray Hat Python: Python Programming for Hackers and Reverse Engineers
Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.
Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.
You'll learn how to:
- Automate tedious reversing and security tasks
- Design and program your own debugger
- Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
- Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
- Sniff secure traffic out of an encrypted web browser session
- Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more
The world's best hackers are using Python to do their handiwork. Shouldn't you?
Check it out...
Subscribe to:
Posts (Atom)
