... neuere Einträge
Monday, 10. October 2011
Social Engineering with SET
Am Monday, 10. Oct 2011 im Topic 'Tutorials'
It is a useful social engineering tool by David (ReL1k). It can be used to perform a number of Social Engineering attacks with minimal effort. SET can be used with Metasploit to additionally perform metasploit's powerful post exploitation. This tool can be accessed through web interface or command line.
Download PDF
http://www.garage4hackers.com/attachment.php?attachmentid=97&d=1314862575
Download
http://securityxploit.blogger.de/stories/1864853/
Download PDF
http://www.garage4hackers.com/attachment.php?attachmentid=97&d=1314862575
Download
http://securityxploit.blogger.de/stories/1864853/
Macrium Reflect
Am Monday, 10. Oct 2011 im Topic 'Tools'
Features of Macrium Reflect
A free disaster recovery solution for your home computer
Protect your personal documents, photos, music and emails
Clone your hard disk and create disk images in the safe knowldge that
everything is securely saved in an easily recovered backup file
Simple and easy-to-use interface
Backup disk images
Clone disk images
Mount or open disk images in Windows Explorer
Create recovery media to boot and restore backup images
Download
http://www.macrium.com/reflectfree.aspx
A free disaster recovery solution for your home computer
Protect your personal documents, photos, music and emails
Clone your hard disk and create disk images in the safe knowldge that
everything is securely saved in an easily recovered backup file
Simple and easy-to-use interface
Backup disk images
Clone disk images
Mount or open disk images in Windows Explorer
Create recovery media to boot and restore backup images
Download
http://www.macrium.com/reflectfree.aspx
WebBackdoors
Am Monday, 10. Oct 2011 im Topic 'Tutorials'
This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. Paper explains few techniques that could be used to render undetectable and unnoticed backdoor inside web applications.
This paper is mainly an update for an old paper of ours Effectiveness of Antivirus in Detecting Web Application Backdoors, which mainly questioned the effectiveness of AV with respect to web shells and analysis of a couple of web shells. Current paper takes this topic further and explains a couple of methodologies that could be used to make stealth application layer backdoors using web scripting languages .This paper explains various Web Backdoor attacks and evasion techniques that could be used to stay undetected
Download PDF
http://www.garage4hackers.com/blogs/8/attachments/101d1318227327-webbackdoors-attack-evasion-detection-cocon_paper.pdf
This paper is mainly an update for an old paper of ours Effectiveness of Antivirus in Detecting Web Application Backdoors, which mainly questioned the effectiveness of AV with respect to web shells and analysis of a couple of web shells. Current paper takes this topic further and explains a couple of methodologies that could be used to make stealth application layer backdoors using web scripting languages .This paper explains various Web Backdoor attacks and evasion techniques that could be used to stay undetected
Download PDF
http://www.garage4hackers.com/blogs/8/attachments/101d1318227327-webbackdoors-attack-evasion-detection-cocon_paper.pdf
Friday, 7. October 2011
REMnux - Linux
Am Friday, 7. Oct 2011 im Topic 'Pentest'
REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained by Lenny Zeltser.
Download
http://sourceforge.net/projects/remnux/files/version2/remnux-vm-public-2.0.zip/download
http://sourceforge.net/projects/remnux/files/version2/remnux-public-2.0-live-cd.iso/download
Download
http://sourceforge.net/projects/remnux/files/version2/remnux-vm-public-2.0.zip/download
http://sourceforge.net/projects/remnux/files/version2/remnux-public-2.0-live-cd.iso/download
WebCookiesSniffer
Am Friday, 7. Oct 2011 im Topic 'Tools'
WebCookiesSniffer is a new packet sniffer utility that captures all Web site cookies sent between the Web browser and the Web server and displays them in a simple cookies table. The upper pane of WebCookiesSniffer displays the cookie string and the Web site/host name that sent or received this cookie. When selecting a cookie string in the upper pane, WebCookiesSniffer parses the cookie string and displays the cookies as name-value format in the lower pane.
Download
http://www.nirsoft.net/utils/webcookiessniffer.zip
http://www.nirsoft.net/utils/webcookiessniffer-x64.zip
Download
http://www.nirsoft.net/utils/webcookiessniffer.zip
http://www.nirsoft.net/utils/webcookiessniffer-x64.zip
NSS Labs - Bounties for exploits
Am Friday, 7. Oct 2011 im Topic 'Jobs'
ExploitHub, which operates a penetration-testing site and is run by NSS Labs, announced a bug-bounty program for researchers to develop exploits for 12 high-value vulnerabilities in Microsoft and Adobe products. The company, which has set aside $4,400 in reward money, plans to give $100 to $500 to the first people to submit a working exploit for the vulnerabilities. Ten of the vulnerabilities concern Microsoft's Internet Explorer browser and two were found in Adobe's Flash multimedia program.
Source
https://www.exploithub.com/request/index/developmentrequests/
Source
https://www.exploithub.com/request/index/developmentrequests/
Thursday, 6. October 2011
Steve Jobs 1955 - 2011
Am Thursday, 6. Oct 2011 im Topic 'News'
The mastermind behind Apple's iPhone, iPad, iPod, iMac and iTunes, has died in California. Jobs was 56.
A Collection of 60 Inspirational Steve Jobs Quotes About Life, Design and Apple:
http://pastebin.com/k0UxRtRa
A Collection of 60 Inspirational Steve Jobs Quotes About Life, Design and Apple:
http://pastebin.com/k0UxRtRa
Wednesday, 5. October 2011
Download the DEF CON 19 DVD!
Am Wednesday, 5. Oct 2011 im Topic 'News'
DEF CON 19 DVD content on media.defcon.org. two .iso images, one is the original DVD distributed at the show, and the other contains all the same content, but with the updated slide decks from the speakers. Download them at the following links:
https://media.defcon.org/dc-19/defcon-19-dvd-original.iso (~1.6 GB)
https://media.defcon.org/dc-19/defcon-19-dvd-updated.iso (~1.7 GB)
https://media.defcon.org/dc-19/defcon-19-dvd-original.iso (~1.6 GB)
https://media.defcon.org/dc-19/defcon-19-dvd-updated.iso (~1.7 GB)
WordPress 2.3.3 - hidden link injection
Am Wednesday, 5. Oct 2011 im Topic 'Vulnerabilities'
Google up inurl:wp-content/1/ [Warning: just google it up, don't visit any of the site in the search results. They are full of activeX viruses!].
What you see is a list of sites that were hacked through the latest WordPress Vulnerability that allows to insert spam into your blog.
Source
http://smackdown.blogsblogsblogs.com/2008/03/23/new-wordpress-233-exploitvulnerability-adds-spam-directory-wp-content1/
What you see is a list of sites that were hacked through the latest WordPress Vulnerability that allows to insert spam into your blog.
Source
http://smackdown.blogsblogsblogs.com/2008/03/23/new-wordpress-233-exploitvulnerability-adds-spam-directory-wp-content1/
Exploit Pack
Am Wednesday, 5. Oct 2011 im Topic 'Tools'
Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant search features and XML-based modules.
Download
http://exploitpack.com/download-framework
Download
http://exploitpack.com/download-framework
Hash Code Cracker 1.2
Am Wednesday, 5. Oct 2011 im Topic 'Tools'
This software will crack the MD5, SHA1,NTLM(Windows Password) hash codes. No need to install. Supports All platforms(windows XP/7,Linux,..).
How to run the software?
Download the .zip file and extract.
Extract the zip file.
Open the Terminal or command prompt.
Navigate to the path of Extracted zip file (i mean HashCodeCracker Folder) in Terminal.
Type this command "java -jar HashCodeCracker.jar".
Now the application will run.
Download
http://sourceforge.net/projects/crackerpassword/files/Version%201.2/HashCodeCracker.zip/download
http://code.google.com/p/password-cracker/downloads/list
How to run the software?
Download the .zip file and extract.
Extract the zip file.
Open the Terminal or command prompt.
Navigate to the path of Extracted zip file (i mean HashCodeCracker Folder) in Terminal.
Type this command "java -jar HashCodeCracker.jar".
Now the application will run.
Download
http://sourceforge.net/projects/crackerpassword/files/Version%201.2/HashCodeCracker.zip/download
http://code.google.com/p/password-cracker/downloads/list
Monday, 3. October 2011
PuttyHijack
Am Monday, 3. Oct 2011 im Topic 'Pentest'
PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers.
The injected DLL installs hooks and creates a socket in guest operating system for a callback connection that is then used for input/output redirection.
PuttyHijack does not kill the current connection, and will cleanly uninject if the socket or process is stopped. Leaves no race for further analysis.
Download
http://www.insomniasec.com/tools/PuttyHijackV1.0.rar
The injected DLL installs hooks and creates a socket in guest operating system for a callback connection that is then used for input/output redirection.
PuttyHijack does not kill the current connection, and will cleanly uninject if the socket or process is stopped. Leaves no race for further analysis.
Download
http://www.insomniasec.com/tools/PuttyHijackV1.0.rar
killapache - PHP
Am Monday, 3. Oct 2011 im Topic 'Source Code'
How does above mentioned code works in killapache.
killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.
Download
http://pastebin.com/gWB76qmj
killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.
Download
http://pastebin.com/gWB76qmj
DarkComet-RAT
Am Monday, 3. Oct 2011 im Topic 'Remote Administration Tool'
DarkComet-RAT (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows machine since Windows 2000.
This software allow you to make hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.
Download
http://www.darkcomet-rat.com/process_download.php?id=7
DarkComet RAT Remover
DarkComet RAT Remover will detect any kind of instance of darkcomet running in memory even if an hacker try to obfuscate the loader to be undetected by common Antivirus softwares, also it detects registry threats and keyloggers logs.
Download
http://darkcomet-rat.com/downloads/DarkCometRemover.zip
DarkComet Analysis
http://resources.infosecinstitute.com/darkcomet-analysis-syria/
This software allow you to make hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.
Download
http://www.darkcomet-rat.com/process_download.php?id=7
DarkComet RAT Remover
DarkComet RAT Remover will detect any kind of instance of darkcomet running in memory even if an hacker try to obfuscate the loader to be undetected by common Antivirus softwares, also it detects registry threats and keyloggers logs.
Download
http://darkcomet-rat.com/downloads/DarkCometRemover.zip
DarkComet Analysis
http://resources.infosecinstitute.com/darkcomet-analysis-syria/
QR codes - Android Malware?
Am Monday, 3. Oct 2011 im Topic 'News'
Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their Android smart phones. Kaspersky's SecureList blog has a report of a malicious QR code on a web site which when scanned directs the user to a URL; the linked site doesn't have a file matching the name in the URL, but it does redirect the browser to another site where the file jimm.apk is downloaded. The file is a trojanised version of the Jimm mobile ICQ client, infected with Trojan-SMS.AndroidOS.Jifake.f which sends a number of SMS messages to a $6 a message premium rate service.
Once installed, the Trojan will send a number of SMS messages to premium-rate numbers, which will end up costing the victim some money, depending on how quickly she is able to find and remove the Trojan.
Kaspersky’s Denis Maslennikov reports that the malware itself is a Trojanized Jimm application (mobile ICQ client) which sends several SMS messages to premium rate number 2476 (US$6.00 each).
Once installed, the Trojan will send a number of SMS messages to premium-rate numbers, which will end up costing the victim some money, depending on how quickly she is able to find and remove the Trojan.
Kaspersky’s Denis Maslennikov reports that the malware itself is a Trojanized Jimm application (mobile ICQ client) which sends several SMS messages to premium rate number 2476 (US$6.00 each).
Whisker - Linux
Am Monday, 3. Oct 2011 im Topic 'Pentest'
Whisker is an advanced CGI vulnerability scanner. It is scriptable and has many good features, such as querying for system type and basing scans on the information gathered (ie, determining between IIS and Apache webservers)
Download
ftp://ftp.usa.openbsd.org/pub/OpenBSD/distfiles//whisker-2.1.tar.gz
Download
ftp://ftp.usa.openbsd.org/pub/OpenBSD/distfiles//whisker-2.1.tar.gz
... ältere Einträge