Events Related
- Highlights from the 28th Chaos Communications Congress – advocacy.globalvoicesonlne.org
The Chaos Communications Congress is the annual meetup of Germany’s Chaos Computer Club, one of the oldest hacker collectives in the world. It takes place in Berlin every year at the height of the holiday season between Christmas and New Year’s Eve, a time when only the dedicated European computer obsessive would leave their family and friends to spend four days in a conference centre with like-minded hackers and geeks. - 28th Chaos Communication Congress & Berlin Sides or a tough week in Berlin – secnerd.blogspot.com
We carried out the same procedure as every year; Stormbringer and I meet on December 26th around 7pmish at the airport in Zürich for a beer or two. Unfortunately he was late, so I had to drink alone. No harm was done as I still had to finish the slides for my talk. - BSidesDFW 2011 Schedule – securitybsides.com
Resources
- Mixed voltage interfacing for design and hacking – rdist.root.org
Modern digital systems involve a wide array of voltages. Instead of just the classic 5V TTL, they now use components and busses ranging from 3.3V down to 1.0V. Interfacing with these systems is tricky, especially when you have multiple power sources, capacitive loads, and inrush current from devices being powered on.
Tools
- Technitium MAC Address Changer v6.0 – www.technitium.com/tmac/index.html#download
Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. - Nmap 5.61TEST4 released – 51 New Scripts, web spidering, vuln library, and more! – seclists.org
Hello folks, and happy new year! I’d like to start 2012 off right–with a new version of Nmap. So I’m happy to release 5.61TEST4. The version number may not sound that different than the previous 5.61TEST2, but we’ve made many big improvements in the last three months. - Reaver Now Goes To 11 – devttys0.com
The decision has been made to open source the Reaver command line tool. The commercial version will contain the all the features the open source command-line tool has along with a web based client, support, and service options.
Techniques
- (UAC) User Assisted Compromise – room362com
A number of times during tests I’ve actually run into those mythical creatures called “patched windows machines”. At DerbyCon Chris Gates and I released the “Ask” post module (which I had failed to publish). This module very simply uses the ShellExecute windows function via Railgun with the undocumented (but very well known) operator of ‘runas’. - Heap Overflows For Humans 103 – net-ninja.net
Hi guys! Once again I’m back and here to discuss yet another important technique for heap exploitation that I do not want to see get buried in the sands of time. Lucky for me I have some time off over Christmas/New years so I can cover more of this topic. - Targeting and Hacking a WordPress Site – resources.infosecinstitute.com
The answer to this question may be difficult to determine, simply because there are so many ways to hack a site. Our aim in this article to show you the techniques most used by hackers in targeting and hacking your site! - A technique for bypassing request header restriction of XMLHttpRequest – lists.webappsec.support
Do you know that Apache HTTP Server and Lighttpd replace non-alnum characters with underscore in name of environment variables? This might be useful to bypass restrictions of XMLHttpRequest. - New Meterpreter Extension Released: MSFMap Beta – blog.securestate.com
Today SecureState is releasing a new extension for Metasploit’s Meterpreter called MSFMap. This new utility provides an NMap-like port scanner from within the context of a Meterpreter session. This gives penetration testers an easily deployable and flexible port scanning utility. - Blind WebSQL and Storage extraction for HTML5 Apps – sheeraj.blogspot.com
HTML5 is having two important data points – WebSQL and Storage. They are controlled by well defined RFCs and specifications. These APIs can be accessed using JavaScript. Assuming we get an entry into DOM then also we are completely blind with WebSQL table names and storage keys. Here is a way to enumerate that data during pen-testing and assessments. - Anatomy of a SCADA Exploit: Part 1 – From Overflow to EIP – poppropet.org
SCADA applications and appliances have been receiving a lot of media attention lately for all the security problems they’re causing, most infamously being the root of the Stuxnet outbreak in 2010. If you spend more than a few minutes looking at the applications that power our infrastructure and the systems they run on, you’ll realize it’s time to get a little nervous. - The CSRF That Almost Was – blog.c22.cc
A lot of the research I did into the SAP Management Console was about what an attacker could do accessing it from the internet, or directly when on the local LAN segment. Although there’s probably a lot more attackers could do with this stuff, the protections that SAP have rolled out should be enough to deter most casual attackers.
Vulnerabilities
- Apple iOS 501 hacked, untethered via to security holes – zdnet.com
Using two different security vulnerabilities in Apple’s flagship mobile operating system, a security researcher has released a tool to untether devices running iOS 5.0.1.
Other News
- Indian Military Backdoor Access
In a tweet early this morning, cybersecurity researcher Christopher Soghoian pointed to an internal memo of India’s Military Intelligence that has been liberated by hackers and posted on the Net. The memo suggests that, “in exchange for the Indian market presence” mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as “RINOA”) have agreed to provide backdoor access on their devices. - Have RIM, Nokia, and Apple provided Indian military with backdoor access to cellular comm? – zdnet.com
- Indian Intelligence Internal Memo On Backdoor Access To Mobile Devices – apple.slashdot.org
- Symantec Hacking Announcement on Facebook – facebook.com
Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued. The code involved is four and five years old. This does not affect Symantec’s Norton products for our consumer customers. - Is Android Really Safe Enough for the DoD? – novainfosecportal.com
I think the only anti-iOS arguments that stand on their own are the first two. Well maybe the government could create a special jailbroken version of iOS that meets their requirements since that seems to be legal after last year’s DMCA adjustments. At least they could knock the second criticism out. - Lilupophilupop tops 1 million infected pages – isc.sans.org
When I first came upon the attack there were about 80 pages infected according to Google searches. Today, well as the title suggests we top a million, about 1,070,000 in fact (there will be duplicate URLs that show up in the searches. Still working on a discrete domain list for this). - Analysis of STRATFOR Passwords Reveals Shoddy Security – threatpost.com
Using the leaked password list from STRATFOR, the open source intelligence service that was hacked last month, reporters from The Tech Herald were able to decipher over 80,000 of the hashed passwords, around 10% of the more than 800,000 passwords stolen in the attack. The analysis showed that trivial passwords like 123456, 11111111 and 123123 were common among STRATFOR customers. - Hacking For Privacy: 2 days for amateur hacker to hack smart meter, fake readings – networkworld.com
In other words, smart meters do have privacy implications that translate into consumer identification. On the bright side, they showed it takes an amateur hacker only two days to hack a home energy meter and fake the smart meter readings — which could result in a utility bill showing absolutely no power consumption at all.
Leave A Comment