... neuere Einträge
Wednesday, 13. July 2011
Loki: An Open Source Layer 3 Packet Generating and Attacking Python Framework
Am Wednesday, 13. Jul 2011 im Topic 'Pentest'
When we speak of layer 3, the Network Layer, a very few tools have the power or the capability to support all the support protocols for packet generation and attack. To name a few, we have tools like Cain & Abel, Scapy, Yersinia and HPING. Yersinia and Scapy being our favourites, they need a bit of knowledge before being set up. Enter Loki, a Python based GUI framework implementing many packet generation and attack modules for Layer 3 protocols
Download
http://www.ernw.net/content/e6/e180/index_eng.html
Download
http://www.ernw.net/content/e6/e180/index_eng.html
UPDATE: WPScan v1.0!
Am Wednesday, 13. Jul 2011 im Topic 'Pentest'
Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, …)
Download
http://code.google.com/p/wpscan/downloads/list
Link
http://securityxploit.blogger.de/stories/1853410/
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, …)
Download
http://code.google.com/p/wpscan/downloads/list
Link
http://securityxploit.blogger.de/stories/1853410/
CentOS 6.0
Am Wednesday, 13. Jul 2011 im Topic 'Pentest'
We haven’t yet covered operating systems as a part of PenTestIT. However, we are thinking that we should start covering operating system/kernel/application updates too. Starting with CentOS, that has released its new and improved operating system CentOS 6.0 for i386 and x86_64 architectures.
It is based on the upstream release EL 6.0 and includes packages from all variants. All upstream repositories have been combined into one, to make it easier for end users to work with.
Download
http://www.centos.org/modules/tinycontent/index.php?id=30
It is based on the upstream release EL 6.0 and includes packages from all variants. All upstream repositories have been combined into one, to make it easier for end users to work with.
Download
http://www.centos.org/modules/tinycontent/index.php?id=30
Bokken - Linux
Am Wednesday, 13. Jul 2011 im Topic 'Pentest'
Bokken was recently introduced in Inguma penetration toolkit (version 0.3 to be precise!). Now, it has also been released as a stand-alone tool for malware analysis. In actuality, Bokken is a GUI for the pyew tool. So, you know that it can do all that pyew can, with a nice user interface.
Download
http://bokken.inguma.eu/projects/bokken/files
Download
http://bokken.inguma.eu/projects/bokken/files
Inguma 0.4 - Linux
Am Wednesday, 13. Jul 2011 im Topic 'Pentest'
Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits.
While the current exploitation capabilities in Inguma may be limited, this program provides numerous tools for information gathering and target auditing. Inguma is still being heavily developed so be sure to stay current and check back for news and updates.
Download
http://inguma.eu/projects/inguma/files
While the current exploitation capabilities in Inguma may be limited, this program provides numerous tools for information gathering and target auditing. Inguma is still being heavily developed so be sure to stay current and check back for news and updates.
Download
http://inguma.eu/projects/inguma/files
Mitigating Software Vulnerabilities
Am Wednesday, 13. Jul 2011 im Topic 'Vulnerabilities'
How exploit mitigation technologies can help reduce or eliminate risk, prevent attacks and minimize operational disruption due to software vulnerabilities
Download PDF
http://www.microsoft.com/downloads/info.aspx?na=41&srcfamilyid=3fec5647-f58b-4443-9ead-eb219f4bf31d&srcdisplaylang=en&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f5%2f0%2f5%2f505646ED-5EDF-4E23-8E84-6119E4BF82E0%2fMitigating_Software_Vulnerabilities.pdf
Download PDF
http://www.microsoft.com/downloads/info.aspx?na=41&srcfamilyid=3fec5647-f58b-4443-9ead-eb219f4bf31d&srcdisplaylang=en&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f5%2f0%2f5%2f505646ED-5EDF-4E23-8E84-6119E4BF82E0%2fMitigating_Software_Vulnerabilities.pdf
ClubHack Magazine - July 2011
Am Wednesday, 13. Jul 2011 im Topic 'Books change the World'
Topics of interest include, but not limited to:-
Mobile (Cellular), VOIP Exploitation and Security
Firewall Evasion Techniques
Malware Attacks
Sniffing
Forensics
Protocol Security and Exploitation
ClubHack Magazine has as different sections:
1.Tech Gyan - Main article of the magazine. Covers various technical aspects
in security, latest hacking trends and techniques.
2. Tool Gyan - Covers various hacking and security tools.
3. Mom's Guide - Dedicated to common man. Covers basics and fundamentals.
4. Legal Gyan - IT Law with respect to hacking explained in simple language.
5. Matriux Vibhag - Articles on Matriux Security Distro.
Download PDF
http://chmag.in/issue/jul2011.pdf
Mobile (Cellular), VOIP Exploitation and Security
Firewall Evasion Techniques
Malware Attacks
Sniffing
Forensics
Protocol Security and Exploitation
ClubHack Magazine has as different sections:
1.Tech Gyan - Main article of the magazine. Covers various technical aspects
in security, latest hacking trends and techniques.
2. Tool Gyan - Covers various hacking and security tools.
3. Mom's Guide - Dedicated to common man. Covers basics and fundamentals.
4. Legal Gyan - IT Law with respect to hacking explained in simple language.
5. Matriux Vibhag - Articles on Matriux Security Distro.
Download PDF
http://chmag.in/issue/jul2011.pdf
ZeuS trojan attacks Android
Am Wednesday, 13. Jul 2011 im Topic 'Android'
Several AV vendors report that, after targeting Symbian, BlackBerry and Windows Mobile devices, a variant of the ZeuS online banking trojan now also infects Android smartphones and will upload any TANs that arrive via SMS text message to a server. If they have control of victims' PCs as well as their smartphones, criminals are then able to bypass the mobile TAN system and make fraudulent transactions from their victims' accounts.
According to Kaspersky, the Android variant of ZeuS-in-the-Mobile (ZitMo) is more simple than the version for Symbian, which appeared in September 2010, and the Windows variant that followed. ZitMo for Android does not require any digital certificates and is injected by manual download of an alleged security extension from a company called Trusteer. Once installed, the trojan masquerades as an online banking activation app.
While this means that a variant of the ZeuS trojan now exists for most modern mobile and open platforms, there is no need for users to panic. For example, in none of the cases can the malware be injected into a device via a security hole when visiting a web page. Criminals always need to persuade users, in more or less ingenious ways, to download and install a specially crafted file onto their smartphones. Users who are certain that they won't fall for such tricks can continue to live without a virus scanner for their smartphones.
According to Kaspersky, the Android variant of ZeuS-in-the-Mobile (ZitMo) is more simple than the version for Symbian, which appeared in September 2010, and the Windows variant that followed. ZitMo for Android does not require any digital certificates and is injected by manual download of an alleged security extension from a company called Trusteer. Once installed, the trojan masquerades as an online banking activation app.
While this means that a variant of the ZeuS trojan now exists for most modern mobile and open platforms, there is no need for users to panic. For example, in none of the cases can the malware be injected into a device via a security hole when visiting a web page. Criminals always need to persuade users, in more or less ingenious ways, to download and install a specially crafted file onto their smartphones. Users who are certain that they won't fall for such tricks can continue to live without a virus scanner for their smartphones.
Exploit & Vulnerability Search Engine
Am Wednesday, 13. Jul 2011 im Topic 'News'
online search for currently utilizing data from NVD, OSVDB, SecurityFocus, Exploit-DB, Metasploit, Nessus, OpenVAS, and PacketStorm.Well search engine does the work but this is a specific search engine for better results.
Source:
http://www.exploitsearch.net/
Source:
http://www.exploitsearch.net/
WPSCAN - WordPress Security & vulnerability Scanner Linux
Am Wednesday, 13. Jul 2011 im Topic 'Pentest'
Details
Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version) (todo)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, ...)
Download
http://code.google.com/p/wpscan/
http://wpscan.googlecode.com/svn/trunk/
Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version) (todo)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, ...)
Download
http://code.google.com/p/wpscan/
http://wpscan.googlecode.com/svn/trunk/
GMER - Automating Rootkit Analyzer
Am Wednesday, 13. Jul 2011 im Topic 'Malware Search'
Windows x64 Shellcode
Am Wednesday, 13. Jul 2011 im Topic 'Vulnerabilities'
Contents
Introduction
RIP-Relative Addressing
API Lookup Overview
API Lookup Demo
The Code
Building
Testing
Comments
Mitigations
Source:
http://mcdermottcybersecurity.com/articles/windows-x64-shellcode
Introduction
RIP-Relative Addressing
API Lookup Overview
API Lookup Demo
The Code
Building
Testing
Comments
Mitigations
Source:
http://mcdermottcybersecurity.com/articles/windows-x64-shellcode
Tuesday, 12. July 2011
Syringe - Dll/Shellcode Injection Tool C/C++
Am Tuesday, 12. Jul 2011 im Topic 'Source Code'
Syringe is a general purpose injection utility for the windows platform. It supports injection of DLLs, and shellcode into remote processes as well execution of shellcode (via the same method of shellcodeexec) https://github.com/inquisb/shellcodeexec/. It can be very useful for executing Metasploit payloads while bypassing many popular anti-virus implementations as well as executing custom made DLLs (not included).
Sorce Code
http://pastebin.com/pu76ixSH
Sorce Code
http://pastebin.com/pu76ixSH
Monday, 11. July 2011
XpertRAT 1.1
Am Monday, 11. Jul 2011 im Topic 'Remote Administration Tool'
XpertRAT (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows up windows7
Download:
soon
Download:
soon
WebCalendar - XSS
Am Monday, 11. Jul 2011 im Topic 'Vulnerabilities'
Affected Software: Version 1.2.3 and probably prior versions
Vendor URL: http://www.k5n.us/webcalendar.php
Details
http://www.rul3z.de/advisories/SSCHADV2011-008.txt
by schurtz
Vendor URL: http://www.k5n.us/webcalendar.php
Details
http://www.rul3z.de/advisories/SSCHADV2011-008.txt
by schurtz
viaExtract - Forensic tool for Android devices released
Am Monday, 11. Jul 2011 im Topic 'Android'
Key Features
An easy-to-use interface for data acquisition, analysis and reporting
Searching and sorting acquired data, plus printing to PDF
Pre-configured VM runs on Linux, Windows or Mac
Logical recovery of call logs, contacts, browser history, SMS/MMS and more
Forensically sound, proven technology
Purchase includes 1 year of updates and support, with many planned enhancements coming soon
Download Demo!
https://viaforensics.com/register/?p=viaextract-demo%2Caccess
An easy-to-use interface for data acquisition, analysis and reporting
Searching and sorting acquired data, plus printing to PDF
Pre-configured VM runs on Linux, Windows or Mac
Logical recovery of call logs, contacts, browser history, SMS/MMS and more
Forensically sound, proven technology
Purchase includes 1 year of updates and support, with many planned enhancements coming soon
Download Demo!
https://viaforensics.com/register/?p=viaextract-demo%2Caccess
Android Botnet : Command and Control Channel over SMS
Am Monday, 11. Jul 2011 im Topic 'Android'
Shmoocon 2011 Smartphone Botnets over SMS Demo from Georgia Weidman. Compiling instructions are simple and straight forward. Please follow these:
Compile with arm-gcc with the -static flag set
Copy to anywhere on the underlying OS that is writable (/data/ is good).
Rename /dev/smd0/ to /dev/smd0real/
Start the bot application
Kill the radio application (ps | grep rild)
The radio will automatically respawn and now the bot proxy will be working
More interesting stuff such as the botnet structure, possible infection methods are presented by the author in here slides that can be found here.
PDF
http://www.grmn00bs.com/GeorgiaW_Smartphone_Bots_SLIDES_Shmoocon2011.pdf
Download
http://www.grmn00bs.com/botPoCrelease-android.c
http://vimeo.com/19372118
Compile with arm-gcc with the -static flag set
Copy to anywhere on the underlying OS that is writable (/data/ is good).
Rename /dev/smd0/ to /dev/smd0real/
Start the bot application
Kill the radio application (ps | grep rild)
The radio will automatically respawn and now the bot proxy will be working
More interesting stuff such as the botnet structure, possible infection methods are presented by the author in here slides that can be found here.
http://www.grmn00bs.com/GeorgiaW_Smartphone_Bots_SLIDES_Shmoocon2011.pdf
Download
http://www.grmn00bs.com/botPoCrelease-android.c
http://vimeo.com/19372118
XerXes C/C++ - Linux
Am Monday, 11. Jul 2011 im Topic 'Source Code'
XerXes is one of the most powerful private dos tool
Source Code
http://pastebin.com/eLrQXTnu
Info
http://vimeo.com/17268609
Platform: Linux
Instructions for use: Save that as xerxes.c
then in terminal: gcc xerxes.c -o xerxes
Followed by ./xerxes www.target.com 80
Ensure TOR is running and on the port in the source, feel free to edit that in the source to match your port.
Source Code
http://pastebin.com/eLrQXTnu
Info
http://vimeo.com/17268609
Platform: Linux
Instructions for use: Save that as xerxes.c
then in terminal: gcc xerxes.c -o xerxes
Followed by ./xerxes www.target.com 80
Ensure TOR is running and on the port in the source, feel free to edit that in the source to match your port.
Hackers Family Tree
Am Monday, 11. Jul 2011 im Topic 'News'
Many People are still confused by all the hacking groups that were and ruling the internet now.You must be confused between the connection between Anonymous , LulzSec and AntiSec . Why Team Poison attacked LulzSec and Anonymous. Ahh it is really confusing even i get confuse at times.
http://2.bp.blogspot.com/-UEcnPhuYDHs/ThfD_yoljvI/AAAAAAAAAXs/hIY5qKhVd0w/s640/phpTFPs66PM2.jpg
http://2.bp.blogspot.com/-UEcnPhuYDHs/ThfD_yoljvI/AAAAAAAAAXs/hIY5qKhVd0w/s640/phpTFPs66PM2.jpg
Clickjacking Attacks Unresolved
Am Monday, 11. Jul 2011 im Topic 'Vulnerabilities'
Share with your friends on Facebook Share with your friends on StumbleUpon Share with your friends on Digg Reddit this post Share with your friends on del.icio.us Technorati
Clickjacking attacks were originally described by Robert Hansen and Jeremiah Grossman in 2008. In these attacks, the attacker tricks the user into interacting with a malicious web page, but routes the user’s input to another web page that would result in undesirable consequences. A commonly used technique is to embed the targeted web page with a completely transparent IFRAME and lure the user to click on it unintentionally. There are plenty of known variants demonstrated by researchers, with or without JavaScript.
read full article
https://docs.google.com/document/pub?id=1hVcxPeCidZrM5acFH9ZoTYzg1D0VjkG3BDW_oUdn5qc
Clickjacking attacks were originally described by Robert Hansen and Jeremiah Grossman in 2008. In these attacks, the attacker tricks the user into interacting with a malicious web page, but routes the user’s input to another web page that would result in undesirable consequences. A commonly used technique is to embed the targeted web page with a completely transparent IFRAME and lure the user to click on it unintentionally. There are plenty of known variants demonstrated by researchers, with or without JavaScript.
read full article
https://docs.google.com/document/pub?id=1hVcxPeCidZrM5acFH9ZoTYzg1D0VjkG3BDW_oUdn5qc
Sunday, 10. July 2011
AutoDiff - Online
Am Sunday, 10. Jul 2011 im Topic 'Pentest'
AutoDiff is a project which performs automated binary differential analysis between two executable files. This is especially useful for reverse engineering vulnerability patches and spotting other additional code updates. AutoDiff allows to find executable code similarities and differences among two executable files. Additionally it also includes some heuristics methods for matching variables (objects) between two executable files. AutoDiff is ultra fast, standalone tool. It was especially designed to diff Portable Executable files released by Microsoft every time in the security bulletin.
http://autodiff.piotrbania.com/
http://autodiff.piotrbania.com/
Poison Ivy 2.3.2 (latest version)
Am Sunday, 10. Jul 2011 im Topic 'Remote Administration Tool'
Poison Ivy (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows up windows xp
Download:
http://www.poisonivy-rat.com/index.php?link=download
How to Poison Ivy server compatible with Win-7 32bit :
http://securityxploit.blogger.de/stories/1915595/
Download:
http://www.poisonivy-rat.com/index.php?link=download
How to Poison Ivy server compatible with Win-7 32bit :
http://securityxploit.blogger.de/stories/1915595/
Darkcomet v3.3 FWB
Am Sunday, 10. Jul 2011
DarkComet-RAT (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows machine since Windows 2000.
Download:
http://www.darkcomet-rat.com/#tabs-3
Download:
http://www.darkcomet-rat.com/#tabs-3
BBC XSS Vulnerability
Am Sunday, 10. Jul 2011 im Topic 'Vulnerabilities'
by Nerv
BeEF v0.4.2.7-alpha Linux
Am Sunday, 10. Jul 2011 im Topic 'Pentest'
“BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target. The user of BeEF will control which browser will launch which exploit and at which target.
BeEF hooks one or more web browsers as beachheads for the launching of directed exploits in real-time. Each browser is likely to be within a different security context. This provides additional vectors that can be exploited by security professionals.BeEF provides an easily integratable framework that demonstrates the impact of browser and Cross-site Scripting issues in real-time. Development has focused on creating a modular framework. This has made module development a very quick and simple process. Current modules include Metasploit, port scanning, keylogging, TOR detection and more.
Download:
http://code.google.com/p/beef/downloads/list
BeEF hooks one or more web browsers as beachheads for the launching of directed exploits in real-time. Each browser is likely to be within a different security context. This provides additional vectors that can be exploited by security professionals.BeEF provides an easily integratable framework that demonstrates the impact of browser and Cross-site Scripting issues in real-time. Development has focused on creating a modular framework. This has made module development a very quick and simple process. Current modules include Metasploit, port scanning, keylogging, TOR detection and more.
Download:
http://code.google.com/p/beef/downloads/list
Crisis Aversion Tool
Am Sunday, 10. Jul 2011 im Topic 'Tools'
Technorati
The Crisis Aversion Tool (“CAT ” for short) is a tool that aides in computer repairs. With a large collection of commonly needed windows fixes, a full Restore Point Manager, research tools/links, and more!
Download:
http://sourceforge.net/projects/crisistool/files/CAT%20-%20Beta%200.6.5.0/
The Crisis Aversion Tool (“CAT ” for short) is a tool that aides in computer repairs. With a large collection of commonly needed windows fixes, a full Restore Point Manager, research tools/links, and more!
Download:
http://sourceforge.net/projects/crisistool/files/CAT%20-%20Beta%200.6.5.0/
Saturday, 9. July 2011
Facebook Sql Injection
Am Saturday, 9. Jul 2011 im Topic 'Vulnerabilities'
by Nerv
Burger King - Xss Attack
Am Saturday, 9. Jul 2011 im Topic 'Vulnerabilities'
By: Nerv
... ältere Einträge