Week 1 in Review – 2011

Events Related:

• Derbycon
  I will admit there is limited spacing, we rented the entire second floor of the Hyatt and tickets will go fast.
  • new hacker con, hell of speaker list: DerbyCon – reddit.com
  • Derbycon Teaser Video and website launch date announced – secmaniac.com
• ShmooCon CTF Warmup 2011 – cylab.cmu.edu
  A couple of PPP members (awesie, tylerni7) participated in the ShmooCon CTF Warmup. It was lots of fun and awesie got the prize! We also figured we should post a write-up for #3.

Resources:

• Ubertooth video and news – ossman.blogspot.com
  This will be a longer presentation telling the complete story of the development of Project Ubertooth and demonstrating new capabilities of the platform (hopefully with working Ubertooth One prototypes).
• How To Deploy IPv6 Securely – readwriteweb.com
  The number of available IPv4 addresses is expected to run out in less than a year, as we’ve reported before.
• MobileSubstrate wiki – iphonedevwiki.net
  MobileSubstrate consists of 3 major components: MobileHooker, MobileLoader and safe mode.

Tools:

• SSL Diagnos is used to get information about SSL usage – sourceforge.net/projects/ssldiagnos/
  It can also be used for testing and rating ciphers on SSL clients. It has also specific support for pop3s, sip, smtp and explicit ftps.
• Nessus Viewer v1.0.0 released – vulnerabilitydatabase.com
  Nessus Viewer enables IT Security auditors and penetration testers to quickly navigate inside Nessus reports by sorting and filtering each entry.
• R-U-Dead-Yet Version 2.1 – chaptersinwebsucirity.blogspot.com
  The forms and their post action url’s are now parsed correctly. So here comes v2.1 with the bug fix.

Techniques:

• Windows UAC Bypass now in Metasploit! – secmaniac.com
  The Windows UAC bypass was committed to the Metasploit Framework today.
• Flash Player Sandbox bypass
  Unfortunately, these restrictions are not the same as, “cannot communicate with the network in any way” which is what is stated in the documentation.
  • Bypassing Flash’s local-with-filesystem Sandbox – xs-sniper.com
  • Flash Player sandbox can be bypassed – h-online.com
• Metasploit SAP Management Console AUX Modules – blog.c22.cc
  I see no ethical issue in releasing the information gathering modules that take advantage of this bug, as quite honestly, anybody with an SAP system and tcpdump could find this in a few minutes.

Vendor/Software Patches:

• Apple releases Mac OS X 10.6.6 update – h-online.com
  Apple has now posted its detailed About the Mac OS X v10.6.6 Update knowledge base article.

Other News:

• Dell Acquisition of Secureworks
  Dell announced they are acquiring SecureWorks, the MSSP, for an undisclosed sum.
  • HP(en!s) Envy: Dell Buys SecureWorks – securosis.com
  • Dell to acquire SecureWorks – h-online.com
• Car Theft thru hacking
  Car thieves of the future might be able to get into a car and drive away without forced entry and without needing a physical key.
  • Car Theft by Antenna – technologyreview.com
  • Hacking your car for fun and profit – snosoft.blogspot.com
• US revamps science, technology standard-setting efforts – networkworld.com
  The NIST has been given new marching orders: expand work with the private sector to develop standards for a range of key technologies such as cloud computing, emergency communications and tracking, green manufacturing and high performance green building construction.
• Researchers Hack Internet Enabled TVs, Discover Multiple Security Vulnerabilities – securityweek.com
  Security researchers have discovered several security flaws in one of the best-selling brands of Internet-connected HDTVs, and believe it’s likely that similar security flaws exist in other Internet TVs.
• Researcher Develops Password Hacking Software for Wi-Fi Networks Using Amazon Web Services – readwriteweb.com
  A researcher has developed software for breaking password protections used for wireless networks.