... neuere Einträge
Sunday, 28. August 2011
Tim Cook was New Apple's Chief
Am Sunday, 28. Aug 2011 im Topic 'News'
..............your creativity was great Steve Jobs
Source
http://www.apple.com/pr/bios/tim-cook.html
Source
http://www.apple.com/pr/bios/tim-cook.html
Tim Cook erhält eine Million Apple-Aktien
Am Sunday, 28. Aug 2011 im Topic 'News'
Mit der Beförderung zum Apple-Vorstandschef dürfte Tim Cook wohl auch finanziell in einer deutlich besseren Position stehen. Wie die Börsenaufsichtsbehörde SEC mitteilte, erhielt der neue CEO des Unternehmens insgesamt eine Million Apple-Belegschaftsaktien. Deren Wert beliefen sich bis vor Kurzen noch auf circa 380 Millionen US-Dollar.
Killapache - DDOS tool - Perl
Am Sunday, 28. Aug 2011 im Topic 'Source Code'
killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.
Source
http://pastebin.com/9y9Atijn
Source
http://pastebin.com/9y9Atijn
Saturday, 27. August 2011
Telecom/Chat Servers <= 2.0.1 .1 Blind Exploitation
Am Saturday, 27. Aug 2011 im Topic 'Vulnerabilities'
using the WQuery injection attack:
WQuery........ ........ ($username)
$userdata = hub#;
if (isPasswordCorrect($username:Bg, $pass:M25)) {
$userdata = Bf%ByLogin($F20); ...
}
{
AS BEGIN
'SELECT:'string=B#(Var char 'FROM''$Status%'varchar(150) Brides'
WHERE 'FrIn'Lw =varchar(50) 'Millix*naire'
ph_status` varchar(20)=Count($Car) > $2000&+'
AND Hs_Status=='3#'
Brth_staus`Varchar(5)= Null;
AND Ss-status' =#Full$
{
$userselect=sxx(>20)
curl_setop="$ch(PRIMARY KEY ) (`dk-enter`)=’$fnm’
isGETCHA =$+`FInLawBal`
) TYPE`=MyFXX`;
}
Various Telecom/ISP servers are vulnerable to this attack.
Highly Vulnerable Softwares:
Pidgin
Meebo
MSN
AIM
Gtalk
Yahoo Messenger
Skype
Vypress
Windows Live Messenger
US Robotics
LG Electronics Routers
Intel Routers
Ericsson Routers
Cisco Routers
BT Telecoms
Win XP
Win Vista
Win Server 2008
Win 7
Win 2003
Firefox
Opera
IE all versions
Chrome Browser
by
FunnyMinds
WQuery........ ........ ($username)
$userdata = hub#;
if (isPasswordCorrect($username:Bg, $pass:M25)) {
$userdata = Bf%ByLogin($F20); ...
}
{
AS BEGIN
'SELECT:'string=B#(Var char 'FROM''$Status%'varchar(150) Brides'
WHERE 'FrIn'Lw =varchar(50) 'Millix*naire'
ph_status` varchar(20)=Count($Car) > $2000&+'
AND Hs_Status=='3#'
Brth_staus`Varchar(5)= Null;
AND Ss-status' =#Full$
{
$userselect=sxx(>20)
curl_setop="$ch(PRIMARY KEY ) (`dk-enter`)=’$fnm’
isGETCHA =$+`FInLawBal`
) TYPE`=MyFXX`;
}
Various Telecom/ISP servers are vulnerable to this attack.
Highly Vulnerable Softwares:
Pidgin
Meebo
MSN
AIM
Gtalk
Yahoo Messenger
Skype
Vypress
Windows Live Messenger
US Robotics
LG Electronics Routers
Intel Routers
Ericsson Routers
Cisco Routers
BT Telecoms
Win XP
Win Vista
Win Server 2008
Win 7
Win 2003
Firefox
Opera
IE all versions
Chrome Browser
by
FunnyMinds
OWASP Tutorial Series
Am Saturday, 27. Aug 2011 im Topic 'Tutorials'
Episode 1: Appsec Basics
Episode 2: SQL Injection
Episode 3: Cross Site Scripting (XSS)
Episode 2: SQL Injection
Episode 3: Cross Site Scripting (XSS)
update: INSECT Pro 2.7
Am Saturday, 27. Aug 2011 im Topic 'Pentest'
This is a partial list of the major changes implented in version 2.7
- Available targets now has a submenu under right-click button
- Check update function added in order to verify current version
- Threading support for GET request
- Module log added and functional
- Sniffer support added
- 50 Remote exploits added
- Project saved on userland - Application Data special folder
- Executed module windows added and functionality for it
- AgentConnect now use telnetlib
Download
http://www.insecurityresearch.com
- Available targets now has a submenu under right-click button
- Check update function added in order to verify current version
- Threading support for GET request
- Module log added and functional
- Sniffer support added
- 50 Remote exploits added
- Project saved on userland - Application Data special folder
- Executed module windows added and functionality for it
- AgentConnect now use telnetlib
Download
http://www.insecurityresearch.com
Friday, 26. August 2011
Malheur Automatic Malware Analysis - Linux
Am Friday, 26. Aug 2011 im Topic 'Malware Search'
Malheur is a tool for the automatic analysis of malware behavior (program behavior recorded from malicious software in a sandbox environment). It has been designed to support the regular analysis of malicious software and the development of detection and defense measures. Malheur allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes.
Download
http://www.mlsec.org/malheur/download.html
Installation
http://www.mlsec.org/malheur/install.html
Download
http://www.mlsec.org/malheur/download.html
Installation
http://www.mlsec.org/malheur/install.html
Windows Registry Forensics
Am Friday, 26. Aug 2011 im Topic 'Books change the World'
Title: Windows Registry Forensics
Author:Harlan A. Carvey
Publisher: Syngress
Pages: 248
Release Date: Feb 7, 2011
Here is the table of contents
Chapter 1. Registry Analysis
Introduction
What Is “Registry Analysis”?
What Is the Window Registry?
Registry Structure
Summary
Chapter 2. Tools
Introduction
Live Analysis
Forensic Analysis
Summary
Chapter 3. Case Studies: The System
Security and SAM Hives
System Hive
Software Hive
BCD Hive
Summary
Chapter 4. Case Studies: Tracking User Activity
Tracking User Activity
Scenarios
Summary
References
Author:Harlan A. Carvey
Publisher: Syngress
Pages: 248
Release Date: Feb 7, 2011
Here is the table of contents
Chapter 1. Registry Analysis
Introduction
What Is “Registry Analysis”?
What Is the Window Registry?
Registry Structure
Summary
Chapter 2. Tools
Introduction
Live Analysis
Forensic Analysis
Summary
Chapter 3. Case Studies: The System
Security and SAM Hives
System Hive
Software Hive
BCD Hive
Summary
Chapter 4. Case Studies: Tracking User Activity
Tracking User Activity
Scenarios
Summary
References
Key Ashampoo Undeleter
Am Friday, 26. Aug 2011 im Topic 'Tools'
Key Features of Ashampoo Undeleter
Recovery of files and directories on NTFS as well as FAT 12, 16, 32 partitions
Recovery of files on partitions with active NTFS compression
Recovery of files on partitions with active NTFS encryption
Recovery of alternate data streams (ADS) on NTFS partitions
Support of all known file systems on Microsoft Windows®
VERY fast MFT and FAT algorithm, as well as extremely quick recovery
Unlimited recoverable objects (files, directories)
Assessment and evaluation of the condition of recoverable objects
Quick and therefore intuitive user interface
Follow below steps to grab free Ashampoo Undeleter
Click here
http://www.ashampoo.com/frontend/registration/php/regpopinstall.php?session_langid=1&edition_id=lvjqld55tzy0wk2iktboolur8knscvin
to visit promo page
Enter your email address to register. Existing users will be prompted to login to your account
We will receive your free license key by email.
Recovery of files and directories on NTFS as well as FAT 12, 16, 32 partitions
Recovery of files on partitions with active NTFS compression
Recovery of files on partitions with active NTFS encryption
Recovery of alternate data streams (ADS) on NTFS partitions
Support of all known file systems on Microsoft Windows®
VERY fast MFT and FAT algorithm, as well as extremely quick recovery
Unlimited recoverable objects (files, directories)
Assessment and evaluation of the condition of recoverable objects
Quick and therefore intuitive user interface
Follow below steps to grab free Ashampoo Undeleter
Click here
http://www.ashampoo.com/frontend/registration/php/regpopinstall.php?session_langid=1&edition_id=lvjqld55tzy0wk2iktboolur8knscvin
to visit promo page
Enter your email address to register. Existing users will be prompted to login to your account
We will receive your free license key by email.
Knock v1.5 - Subdomain Scanner - Python
Am Friday, 26. Aug 2011 im Topic 'Source Code'
Knock is a python script, written by Gianni 'guelfoweb' Amato, designed to enumerate subdomains on a target domain through a wordlist. This program is self contained, doesn't need to be installed in any particular location. All it needs is a recent version of Python 2.xOnly for use the Zone Transfer option (-zt) you must install the module dnspython, otherwise you can do without. If the name server allows zone transfers to occur, all the DNS names and IP addresses hosted by the name server will be returned in human-readable ASCII text.
Usage
$ python knock.py
Rapid Scan
Scanning with internal wordlist:
$ python knock.py
Scanning with external wordlist:
$ python knock.py
Options
-zt Zone Transfer discovery:
$ python knock.py -zt
-dns Dns resolver:
$ python knock.py -dns
-wc Wildcard testing:
$ python knock.py -wc
-wc Wildcard bypass:
$ python knock.py -bw
Download
http://code.google.com/p/knock/downloads/list
Usage
$ python knock.py
Rapid Scan
Scanning with internal wordlist:
$ python knock.py
Scanning with external wordlist:
$ python knock.py
Options
-zt Zone Transfer discovery:
$ python knock.py -zt
-dns Dns resolver:
$ python knock.py -dns
-wc Wildcard testing:
$ python knock.py -wc
-wc Wildcard bypass:
$ python knock.py -bw
Download
http://code.google.com/p/knock/downloads/list
SSL Server Testing - Online
Am Friday, 26. Aug 2011 im Topic 'Pentest'
This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet. Please note that the information you submit here is used only to provide you the service. We don't use the domain names or the test results, and we never will.
Source
https://www.ssllabs.com/ssldb/analyze.html
Source
https://www.ssllabs.com/ssldb/analyze.html
Dissecting Java Server Faces for Penetration Testing
Am Friday, 26. Aug 2011 im Topic 'Tutorials'
This paper sheds light on the findings of security testing of Java
Server Faces. JSF has been widely used as an open source web framework
for developing efficient applications using J2EE. JSF is compared with
ASP.NET framework to unearth potential security flaws.
Download PDF
http://www.secniche.org/jsf/dissecting_jsf_pt_aks_kr.pdf
Server Faces. JSF has been widely used as an open source web framework
for developing efficient applications using J2EE. JSF is compared with
ASP.NET framework to unearth potential security flaws.
Download PDF
http://www.secniche.org/jsf/dissecting_jsf_pt_aks_kr.pdf
Wednesday, 24. August 2011
Upload a php shell
Am Wednesday, 24. Aug 2011 im Topic 'Tutorials'
uploading a shell
IPB Shell uploading
IPB Shell uploading
Sqlmap- Automatic SQL Injection Tool
Am Wednesday, 24. Aug 2011 im Topic 'Tutorials'
Automatic tools play an important role in the field of penetration testing, either the test will going to conduct for network or for web application.
Web application penetration testing is very important for the high profile companies and for those services like E-commerce to secure the data of the user.
Key Feature
It support MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Full support for three SQL injection techniques: inferential blind SQL injection, UNION query (inband) SQL injection and batched queries support.
It support anonymous proxy.
It support http header cookies.
Basic web server software and web application technology fingerprint.
And more....
It available for both windows and linux plate form.
Download
Linux Source: sqlmap-0.9.tar.gz
http://sourceforge.net/projects/sqlmap/files/sqlmap/0.9/sqlmap-0.9.tar.gz/download
Windows Portable: sqlmap-exe.zip
http://downloads.sourceforge.net/sqlmap/sqlmap-0.7_exe.zip
Web application penetration testing is very important for the high profile companies and for those services like E-commerce to secure the data of the user.
Key Feature
It support MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Full support for three SQL injection techniques: inferential blind SQL injection, UNION query (inband) SQL injection and batched queries support.
It support anonymous proxy.
It support http header cookies.
Basic web server software and web application technology fingerprint.
And more....
It available for both windows and linux plate form.
Download
Linux Source: sqlmap-0.9.tar.gz
http://sourceforge.net/projects/sqlmap/files/sqlmap/0.9/sqlmap-0.9.tar.gz/download
Windows Portable: sqlmap-exe.zip
http://downloads.sourceforge.net/sqlmap/sqlmap-0.7_exe.zip
Uniscan vulnerability scanner - Linux
Am Wednesday, 24. Aug 2011 im Topic 'Pentest'
The Uniscan vulnerability scanner is aimed at information security, which aims at finding vulnerabilities in Web systems. The Uniscan was developed using the Perl programming language to be easier to work with text, has an easy to use regular expressions and is also multi-threaded.
It is dedicated for web application security find vulnerabilities before other do. Can easliy find known vulnerabilities gets regularly updated and bugs and news features are added on regular intervals.
Tutorials to create plug-ins:
http://www.uniscan.com.br/tutorial1.php
http://www.uniscan.com.br/tutorial2.php
http://www.uniscan.com.br/tutorial3.php
Download
http://www.uniscan.com.br/download.html
It is dedicated for web application security find vulnerabilities before other do. Can easliy find known vulnerabilities gets regularly updated and bugs and news features are added on regular intervals.
Tutorials to create plug-ins:
http://www.uniscan.com.br/tutorial1.php
http://www.uniscan.com.br/tutorial2.php
http://www.uniscan.com.br/tutorial3.php
Download
http://www.uniscan.com.br/download.html
INSECT Pro 2.6.1
Am Wednesday, 24. Aug 2011 im Topic 'Pentest'
INSECT can help to build a strong security posture that is easy to use so both professional penetration testers and less experienced security pros will have all the tools they need to reduce costs, proactively find vulnerabilities, assess risk, and check the effectiveness of security defenses.
The latest version includes more than 100 native exploits, 300 metasploit modules and web vulnerability scanner.
Download
http://www.insecurityresearch.com/files/download
The latest version includes more than 100 native exploits, 300 metasploit modules and web vulnerability scanner.
Download
http://www.insecurityresearch.com/files/download
Tuesday, 23. August 2011
BING.COM - XSS
Am Tuesday, 23. Aug 2011 im Topic 'Vulnerabilities'
Vendor Homepage : http://www.bing.com
Vulnerability Type : XSS Reflected
Description
------------------
BING.COM is prone to a XSS vulnerability because the application fails
to properly perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code in the
victim's browser.
Details
-------------------
The reflected XSS vulnerability is a variant of a cross-site scripting
flaw: it occurs when the data provided by the attacker is exectued by
the browser, and then displayed on "normal" pages returned to other
users in the course of regular browsing, without proper HTML escaping. A
classic example of this is with online message boards where users are
allowed to post HTML formatted messages for other users to read
Exploit example as follow
-----------------------------
http://www.bing.com/maps/embed/Customize.aspx
?v=2
&cp=-34.59999847400003~-58.45000076200001
&lvl=6
&dir=0
&sty=c
&eo=
&where1=';alert(String.fromCharCode(88,83,83,32,98,121,32,114,117,110,108,118,108))//
&form=LMLTEW
The vulnerability is caused by the following code and affected by the
Generate Code map
by
runlvl
Vulnerability Type : XSS Reflected
Description
------------------
BING.COM is prone to a XSS vulnerability because the application fails
to properly perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code in the
victim's browser.
Details
-------------------
The reflected XSS vulnerability is a variant of a cross-site scripting
flaw: it occurs when the data provided by the attacker is exectued by
the browser, and then displayed on "normal" pages returned to other
users in the course of regular browsing, without proper HTML escaping. A
classic example of this is with online message boards where users are
allowed to post HTML formatted messages for other users to read
Exploit example as follow
-----------------------------
http://www.bing.com/maps/embed/Customize.aspx
?v=2
&cp=-34.59999847400003~-58.45000076200001
&lvl=6
&dir=0
&sty=c
&eo=
&where1=';alert(String.fromCharCode(88,83,83,32,98,121,32,114,117,110,108,118,108))//
&form=LMLTEW
The vulnerability is caused by the following code and affected by the
Generate Code map
by
runlvl
Clickjacking Tool
Am Tuesday, 23. Aug 2011 im Topic 'Tools'
Among the features of the new tool are:
Use point-and-click to select the areas of a page to be targeted
Supports the new 'text-field injection' technique
Supports the new 'content extraction' technique
'Visible mode' replay allowing a user to see how the technique works behind the science
'Hidden mode' replay allows the same steps to be replayed in a hidden manner, simulating a real clickjacking attack.
Download
http://www.contextis.co.uk/resources/tools/clickjacking-tool/cjtool.zip
Use point-and-click to select the areas of a page to be targeted
Supports the new 'text-field injection' technique
Supports the new 'content extraction' technique
'Visible mode' replay allowing a user to see how the technique works behind the science
'Hidden mode' replay allows the same steps to be replayed in a hidden manner, simulating a real clickjacking attack.
Download
http://www.contextis.co.uk/resources/tools/clickjacking-tool/cjtool.zip
Google - help me
Am Tuesday, 23. Aug 2011 im Topic 'Tutorials'
NESSUS - help me
Am Tuesday, 23. Aug 2011 im Topic 'Tutorials'
How NESSUS works
http://www.cs.cmu.edu/~dwendlan/personal/nessus.html
How to use NESSUS
http://www.symantec.com/connect/articles/introduction-nessus
Download
http://www.nessus.org/products/nessus/nessus-download-agreement
http://www.cs.cmu.edu/~dwendlan/personal/nessus.html
How to use NESSUS
http://www.symantec.com/connect/articles/introduction-nessus
Download
http://www.nessus.org/products/nessus/nessus-download-agreement
ClubHack Mag Issue Issue 19, August 2011
Am Tuesday, 23. Aug 2011 im Topic 'Books change the World'
This issue covers Gonna’ Break It on Gonna’ Kick it Root Down in Tech Gyan, RSA Security in Moms Guide, SniffJoke – Defeating Interception Framework in Tool Gyan, Patent Law and Computer Technology in Legal Gyan and Social Engineering Toolkit in Matriux Vibhag
Download PDF
http://chmag.in/issue/aug2011.pdf
Download PDF
http://chmag.in/issue/aug2011.pdf
ClubHack Mag Issue 18-July2011
Am Tuesday, 23. Aug 2011 im Topic 'Books change the World'
This issue covers following articles:-
0x00 Tech Gyan - Using Metasploit with Nessus Bridge on Ubuntu
0x01 Tool Gyan - Armitage – The Ultimate Attack Platform for Metasploit
0x02 Mom's Guide - Penetration Testing with Metasploit Framework
0x03 Legal Gyan - Trademark Law and Cyberspace
0x04 Matriux Vibhag - The Exploitation Ka Baap MSF
Download PDF
http://chmag.in/issue/jul2011.pdf
0x00 Tech Gyan - Using Metasploit with Nessus Bridge on Ubuntu
0x01 Tool Gyan - Armitage – The Ultimate Attack Platform for Metasploit
0x02 Mom's Guide - Penetration Testing with Metasploit Framework
0x03 Legal Gyan - Trademark Law and Cyberspace
0x04 Matriux Vibhag - The Exploitation Ka Baap MSF
Download PDF
http://chmag.in/issue/jul2011.pdf
XSS - Cross Site Scripting Cheat Sheet and more...
Am Tuesday, 23. Aug 2011 im Topic 'Tutorials'
If you don't know how XSS (Cross Site Scripting) works, this page probably won't help you.
http://ha.ckers.org/xss.html
Here you find my custom XSS and CSRF cheat sheet
http://www.xenuser.org/xss-cheat-sheet/
http://ha.ckers.org/xss.html
Here you find my custom XSS and CSRF cheat sheet
http://www.xenuser.org/xss-cheat-sheet/
Facebook Security Guide
Am Tuesday, 23. Aug 2011 im Topic 'News'
Protecting your Facebook account
Avoiding the scammers (very helpful examples of the most popular Facebook scams)
Using advanced security settings (one-time passwords, secure browsing, singel sign-on, social authentication, etc.)
Recovering a hacked Facebook account
Stopping imposters
Download PDF
https://www.facebook.com/safety/attachment/Guide%20to%20Facebook%20Security.pdf
Avoiding the scammers (very helpful examples of the most popular Facebook scams)
Using advanced security settings (one-time passwords, secure browsing, singel sign-on, social authentication, etc.)
Recovering a hacked Facebook account
Stopping imposters
Download PDF
https://www.facebook.com/safety/attachment/Guide%20to%20Facebook%20Security.pdf
Uniscan 4.0 vulnerability scanner
Am Tuesday, 23. Aug 2011 im Topic 'Pentest'
Uniscan Features
Identification of system pages through a Web Crawler.
Use of threads in the crawler.
Control the maximum number of requests the crawler.
Control of variation of system pages identified by Web Crawler.
Control of file extensions that are ignored.
Test of pages found via the GET method.
Test the forms found via the POST method.
Support for SSL requests (HTTPS).
Proxy support.
Download
http://sourceforge.net/projects/uniscan/files/4.0/uniscan.tar/download
Identification of system pages through a Web Crawler.
Use of threads in the crawler.
Control the maximum number of requests the crawler.
Control of variation of system pages identified by Web Crawler.
Control of file extensions that are ignored.
Test of pages found via the GET method.
Test the forms found via the POST method.
Support for SSL requests (HTTPS).
Proxy support.
Download
http://sourceforge.net/projects/uniscan/files/4.0/uniscan.tar/download
JonDoFox 2.5.3 - anonymous and secure
Am Tuesday, 23. Aug 2011 im Topic 'Web Security'
JonDoFox is a profile for the Mozilla Firefox web browser particularly optimized for anonymous and secure web surfing. For anonymous surfing you need an IP changer proxy too. We recommended our proxy tool JonDo but you may use other anonymsation services like Tor Onion Router.
Download
https://anonymous-proxy-servers.net/en/jondofox.html
Download
https://anonymous-proxy-servers.net/en/jondofox.html
update: OWASP Zed Attack Proxy v.1.3.2 Released
Am Tuesday, 23. Aug 2011 im Topic 'Pentest'
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.
Download
http://code.google.com/p/zaproxy/downloads/list
Download
http://code.google.com/p/zaproxy/downloads/list
tor2web: visit anonymous websites
Am Tuesday, 23. Aug 2011 im Topic 'Web Security'
Tor is a software project that lets you use the Internet anonymously. tor2web is a project to let Internet users access anonymous servers.
Source
http://tor2web.org/
Source
http://tor2web.org/
... ältere Einträge