Resources
- Want to break some Android apps? – carnal0wnage.attackresearch.com
@jhaddix, the newest blogger shared a bunch of Android apps hacking tools links.
Tools
- Linux Exploit Suggester – penturalabs.wordpress.com
This is a Linux Exploit Suggester, with no frills and no fancy features; just a simple script to keep track of vulnerabilities and suggest possible exploits to use to gain ‘root‘ on a legitimate penetration test, or governing examining body. - Analyzing Keychain Contents with iOSKeychain Analyzer – blog.opensecurityresearch.com
iOSKeychain Analyzer extracts and exports the contents of the keychain (on the iOS simulator) along with the associated attributes/properties. Additionally, the tool also analyzes the iOS simulator keychain contents from a security standpoint. - oclHashcat-plus v0.15 – hashcat.net
This version is the result of over 6 months of work, having modified 618,473 total lines of source code.And last but not least, lots of bugs have been fixed.- “thereisnofatebutwhatwemake”—Turbo-charged cracking comes to long passwords – arstechnica.com
The freely available password cracker ocl-Hashcat-plus is able to tackle passcodes with as many as 55 characters. It’s an improvement that comes as more and more people are relying on long passcodes and phrases to protect their website accounts and other online assets.
- “thereisnofatebutwhatwemake”—Turbo-charged cracking comes to long passwords – arstechnica.com
Technique
- The Powerloader 64-bit update based on leaked exploits – welivesecurity.com
The Win64/Vabushky dropper uses an interesting modification to the PowerLoader code. However the PowerLoader modifications are based on leaked LPE exploits for 64-bit operating systems from Carberp code.
Vulnerabilities
- Tesla Model S REST API Authentication Flaws – programming.oreilly.com
The authentication protocol in the Tesla REST API is flawed. Worse, it’s flawed in a way that makes no sense and this model suffers from the following flaws. - Researchers reverse-engineer the Dropbox client: What it means – techrepublic.com
There were doubts about being able to reverse engineer heavily-obfuscated applications written in Python. Two researchers have removed all doubt by reverse engineering the immensely popular Dropbox client.
Other News
- Details Behind Today’s Internet Hacks – blog.cloudflare.com
A researcher noticed on Tuesday that the New York Times’ website was hacked. Matthew Prince, CEO of CloudFlare, wrote in an analysis of the attack and its aftermath.- Times Site Is Disrupted in Attack by Hackers -nytimes.com
- Syrian Electronic Army Hack Results in Compromise of Domain Data for NY Times, Twitter -threatpost.com
- Register Hack at Root of NY Times and Twitter Attacs – threatpost.com
- Software Hack Lets Feature Phones Jam Calls, Texts Within 75 Miles – gizmodo.com
There’s something uniquely scary about the idea of your calls being jammed. Hackers have figured out how to turn a feature phone into a “jammer” with just a few software modifications.
Leave A Comment