Noise

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Honestly there hasn’t been much news over the holiday period, well maybe there was but no one bothered reporting it. There was the Stratfor case of course, which Anonymous is saying wasn’t anything to do with them. The scale of this incident somehow reminds me of the whole TJ MAXX fiasco a few years back. [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It looks like Microsoft originally had a patch for the BEAST vulnerability, but for some reason they have withdrawn it for the December Patch Tuesday. It’s a pretty bumper crop of patches though with 13 bulletins and 19 vulnerabilities fixed, the highest profile one being a patch for the zero-day vulnerability exploited by Duqu. The [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The latest wave in the infosec world is that Apple has banned the well known security researcher – Charlie Miller – from it’s developer program for exposing a new iOS exploit. It’s not really the smartest move as I’m pretty sure anyone as smart as Charlie Miller still has plenty of options – use another [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

REC Studio is an interactive decompiler. It reads a Windows, Linux, Mac OS X or raw executable file, and attempts to produce a C-like representation of the code and data used to build the executable file. It has been designed to read files produced for many different targets, and it has been compiled on several [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is not a real shock to be if I’m perfectly honestly, I only use reCAPTCHA whenever I need a CAPTCHA implementation for anything. And well even then, it’s not totally safe as apparently you can farm out your CAPTCHA cracking (those the fail the automated attempts) to India for a few dollars. It does [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Oh look – another vulnerability in Facebook! It wasn’t long ago we reported New Research Shows Facebook’s URL Scanner Is Vulnerable To Cloaking. Well this time the private messaging function has been compromised, you can attach an executable and send it to anyone as long as you put a space after the filename. It’s not [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

I wanted to post this a while back, but the site (and thus the download) was down again – it seems to be a common occurrence. Someone get this guy some proper hosting! winAUTOPWN and bsdAUTOPWN are minimal Interactive Frameworks which act as a frontend for quick systems vulnerability exploitation. It takes inputs like IP [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Oh look, Facebook security (or insecurity) is in the news again – not that this technique is anything revolutionary or ground-breaking. It’s basically a HTTP referer detection system for the Facebook URL scanner (the thing that generates the preview/thumbnail etc for links posted to Facebook). By detecting it, you can feed it something…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The latest story doing the rounds is that MySQL.com got hacked and was serving malware which put it on the Google malware block list. It appears to be in the clear now though and it’s accessible again via Google. It seems to be a similar case with that of the recent Linux.com and Kernel.org hacks [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Google and their Chrome browser have really been stepping things up lately when it comes to security and browsing, we reported not along ago on Google Chrome To Protect Users Against Malicious Executables. Also since we reported on the Chrome bug bounty program back in February 2010 – Google Willing To Pay Bounty For Chrome [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

There was a bit of a buzz on the 10th anniversary of 9/11 when the NBC News Twitter account was hacking and started posting updates regarding a repeated terrorist attack against ground zero. It only lasted a few minutes but as the account has 120,000 followers – it caused quite a stir. It’s not known [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

I’ve always been skeptical about this tool, especially seen as though the first version was released on April Fools day in 2009, anyway it’s 2 years later now and it still seems to be around so I think it’s worth publishing an update. If any of you have actually tested this tool out, do drop [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

One of the big discussions points this week is about a wildcard cert for Google that has leaked out from a Dutch company called DigiNotar. The certificate is good for all Google domains – it’s a *.google.com cert. This is bad news and apparently has been in the wild for a while, some people are [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It seems like some major ownage was layed down at Defcon, I was very interested by the thread coderman posted in Full Disclosure earlier: DEF CON 19 – hackers get hacked! Especially when some people did chime in with supporting opinions and agreeing that it does seem like they got hacked. Basically someone setup some [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is pretty apt after we wrote about WebsiteDefender – Ensure Your Website Security on Monday, a platform for securing web applications with a focus on WordPress. Today a zero-day in a very commonly used WordPress library hit quite a few news sites. The flaw is in an image utility called TimThumb which is used [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We’ve covered various stories about companies offering hackers and security researchers bounties for giving them working exploits for their software/website etc. Early runners in the game were – Google Willing To Pay Bounty For Chrome Browser Bugs Now, 2 years down the road, Facebook has decided it’s a good idea to offer up a…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is a simple Python tool to help you search for exploits in the BackTrack Exploit Database. Features Search the exploitdb archive Case sensitive & insensitive Change output mode Automatically copy your exploits Requirements python (tested with python 2.7.1 and 2.5.2) local exploitdb (pre-installed on BackTrack Linux) Usage exploitdbee.py…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Well everyone has been waiting for a Jailbreak for the iPad 2 with the latest version of iOS – it happened and only hours later the malformed PDF files that were used in the exploit were circulating the Internet. It’s not the first time this has happened, last time jailbreakme did the same thing back [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Ok so you’ve got Metasploit loaded up, you’ve read the Metasploit Tutorials & Watched the Videos – but you’ve still got no idea what to do next and don’t have anything to test against. It’s not exactly new, but I guess a lot of people still don’t know about it. Basically if you don’t know [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It’s very out of character for Adobe – but they’ve actually released two out of band patches in the last week or so. They’ve had to patch 4 times in the past 2 months – that’s a total of 6 times in 2011 so far – with 5 out of those 6 being for critical [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Oh dear, another big organization has fallen foul to the whole RSA SecurID hack – it seems that way anyway. In combination with a Spear Phishing attack (similar to the one carried out on high level US officials via Gmail recently) hackers have busted the IMF wide open. It seems to be a very targeted [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Well we did say assume SecurID was broken back in March when we wrote – RSA Silent About Compromise For 7 Days – Assume SecurID Is Broken. With the recent news Lockheed Martin Hacked – Rumoured To Be Linked to RSA SecurID Breach and another US Military sub-contractor compromised through SecurID tokens – RSA have [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

You all probably remember the big kerfuffle that occurred after RSA got hacked, it was widely assumed that the SecurID system was compromised somehow and could not be relied on. We reported about it in the article – RSA Silent About Compromise For 7 Days – Assume SecurID Is Broken – where we questioned their [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Finally! My friends over in this hemisphere can finally stop whining and get back on PSN! We’ve been covering this whole Sony Hack quite extensively over the past few weeks and this should be the final part of the network coming back online. Asia is the last segment of the PlayStation Network to come back [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We haven’t reported a whole lot about Hotmail over the years, probably because since Gmail took over – Hotmail has mostly taken a backseat. The most recent report we had was about SSL and how Hotmail Always-On Encryption Breaks Microsoft’s Own Apps. The latest news is there has been a nasty bug in Hotmail for [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The big news recently is that someone has finally managed to pop the formidable Chrome browser, as we know from following Pwn2Own – it’s been safe for 3 years in a row. It has a sandbox, ASLR and DEP and that’s a pretty heavy combination to keep users safe from malicious software coming in via [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

sslsnoop dumps live session keys from openssh and can also decrypt the traffic on the fly. Works if scapy doesn’t drop packets. using pcap instead of SOCK_RAW helps a lot now. Works better on interactive traffic with no traffic at the time of the ptrace. It follows the flow, after that. Dumps one file by [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

So after our report on Monday – Sony Rebuilding PlayStation Network (PSN) – Down 4 Days So Far – news had been spilling out about this whole thing pretty much non-stop. It appears the network is still down and there was some serious data loss including user data for millions of users being stolen. All [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

There are various vulnerable web applications such as Jarlsberg, WackoPicko, Damn Vulnerable Web Application (DVWA), Vicnum, etc. Now we have another application that is vulnerable and ready to be exploited! The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to penetration testing. Features Easy to…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

There’s been a lot of news about this Adobe Flash Player vulnerability as apparently it has been exploited in the wild and Adobe were willing to push out an out-of-band patch for it – which means in their eyes it is really serious. They don’t have a great reputation for testing their software before releasing [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We all love Patch Tuesday – no doubt about that right? Well Microsoft has blessed us this month with the biggest Patch Tuesday in the history of the program. That’s a good thing because it’s had some horribly effective vulnerabilities revealed lately. It managed to package up a massive bundle of patches for 64 vulnerabilities…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It’s not surprising really, when I learned that the recently retired NASA space shuttle was still using 5.25″ floppy drives – I suspected that much of the NASA IT architecture was probably antiquated. Also the recent SCADA related security scare, indicated the industrial and large-scale systems probably aren’t the most…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

About a week ago we tweeted about the “Open Letter” from RSA to customers, a rather vague letter. If you haven’t read it yet, you can do so here. To summarise, they basically said “Recently, our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA. [...] Our investigation…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

SCADA is not something we’ve mentioned before, we have covered related areas with articles such as – Industrial Control Systems Safe? I Think Not. Plus the whole Stuxnet thing which was able to attack nuclear plants. In a way I find it ironic because so much more emphasis these days is put on the security [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

With all the new vulnerabilities with working exploits pouring out of Pwn2Own, I can’t say I expected to see another 0-day in Adobe Flash outside of the contest. It wasn’t that long ago (back in October 2010) when there was another Critical 0-day Vulnerability In Adobe Flash Player, Reader & Acrobat and Adobe were scrambling [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Well it’s March again and well we love March because it’s Pwn2Own time! Every year around this time we get some goodies to discuss way back since: 2008 – Mac owned on 2nd day of Pwn2Own hack contest 2009 – Charlie Miller Does It Again At PWN2OWN 2010 – Mozilla Beats Apple & Microsoft to [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Android must be getting popular! It’s always a test of a new platform or OS, when does it start getting serious malware targeting it? It seems like the time for Android is now, the news lately has been buzzing about the DroidDream malware that has been flooding the Android Market. Google pulled a number of [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a snapshot of your system…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This JBoss script deploys a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability to provide an interactive session. Features Multiplatform support – tested on Windows, Linux and Mac targets Support for bind and reverse bind shells Meterpreter shells and VNC support for Windows…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We wrote our first review of Acunetix WVS 6 back in January 2009 and published an update about the release of Acunetix Web Vulnerability Scanner (WVS) 6.5 in June 2009. The team over at Acunetix have been working hard on version 7 for quite some time and released a new build with added features earlier [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Apple has pulled out some new tricks in it’s war against the unstoppable jailbreak machine, this time leveraging on the iBooks application. It’s quite a neat implementation, it appears the new iOS update with iBooks dropped an un-signed application on the phone and tries to run it – if it executes it assumes the device [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Something which caused some kind of stir last week was the hacking of the Canadian dating site Plenty of Fish (sometimes known as PoF) which rose to fame on the Webmaster forums for SEO due to a picture of Markus Frind holding an Adsense cheque for $132,000 for two months earning. For anyone not familiar [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We published the story about the Playstation 3 (PS3) Finally Hacked & Exploit Released back in January 2010. The exploit of course developed by the very prolific hacker and jailbreaker extraordinaire Geohot. He became notorious way back in 2007 by fulling unlocking the iPhone and then again in 2008 by jailbreaking the iPhone running 1.12 [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Inguma is back and being actively developed again. It’s been quite a long time, far too long in fact. We first reported about Inguma way back in 2007 and our latest mention of it was in March 2008. A new version has just been released almost 3 years later with some major changes and a [...]

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

First up, happy new year – let’s hope 2011 is an interesting year for the infosec community. Anyway today’s story is about the recently released tool cross_fuzz by Michal Zalewski and an inadvertent leak that have occurred. tl;dr version is something like this: Michal Zalewski writes a DOM fuzzer, fuzzes IE, finds flaws, Chinese…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

IOCTL Fuzzer is a tool designed to automate the task of searching vulnerabilities in Windows kernel drivers by performing fuzz tests on them. The fuzzer’s own driver hooks NtDeviceIoControlFile in order to take control of all IOCTL requests throughout the system. While processing IOCTLs, the fuzzer will spoof those IOCTLs conforming to conditions…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Another case of a certain industry lagging behind, I mean come-on – who seriously still using proprietary cryptography algorithms in 2010? Especially only 40 or 48-bit protocols, with the processing power available on hand now and new techniques like GPU based cracking – that just doesn’t cut it. The latest discovery of such…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

There are various vulnerable web applications out there to hone your skills or test the latest web vulnerability scanner you downloaded, one such package would be Damn Vulnerable Web App – Learn & Practise Web Hacking. There are others such as: Vicnum – Lightweight Vulnerable Web Application Web Security Dojo – Training Environment For Web…

Read the full post at darknet.org.uk

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test files, Hongfuzz supplies and modifies input to a test program and utilize the ptrace() API/POSIX signal interface to detect and log crashes. Basically it’s a simple, easy to use via command-line interface, providing nice analysis of software crashes in a simple form…

Read the full post at darknet.org.uk