Week 1 In Review – 2014

Resources

• Phishing Frenzy: Installing the Monster – pentestgeek.com
  If you’re not a rails guru or haven’t ever dabbled with ruby on rails, the installation process might seem overwhelming. Zeknox created this helpful video which follows the newly created wiki on how to get up and running with PF on Kali linux.
• 30c3: To Protect And Infect, Part 2 – youtube.com
  This is Jacob “@ioerror” Applebaum talks video at CCC on the militarization of the internet.
• 12 Days of HaXmas: BMC and IPMI Research and Exploitation – community.rapid7.com
  This post is the sixth in a series, 12 Days of HaXmas, where you’ll take a look at some of more notable advancements in the Metasploit Framework over the course of 2013.
• Corporate-information-security – slideshare.net
  Slideshare Presentations on corporate information security by Jarno Niemela.

Tools

• ChameleonMini – github.com
  This is the main repository of the Chameleon-Mini project, a versatile smartcard emulator. Download it from here.
• SSLyze v0.8 released – github.com
  SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.
• typofinder – github.com
  A finder of domain typos showing country of IP address, released as open source by NCC Group.

Techniques

• Sqlmap Tricks for Advanced SQL Injection – blog.spiderlabs.com
  Sqlmap is an awesome tool that automates SQL Injection discovery and exploitation processes. Christophe De La Fuente provides a basic overview of sqlmap and some configuration tweaks for finding trickier injection points.
• Getting Started with WinDBG – Part 3 – blog.opensecurityresearch.com
  In this series of blog posts Open Security Research team have walked you through getting WinDBG installed, setup, and got you started by attaching to a process and setting breakpoints. Their next step is the actual debugging part where they’re stepping through a program and looking at memory.
• 12 Days of HaXmas: Finding shell_bind_tcp_random_port with Nmap and Ndiff – community.rapid7.com
  In this post, wvu’ll explore how to use this payload with our friends Nmap and Ndiff. Let’s get hacking!

Vulnerabilities

• Fuzzing RTSP to discover an exploitable vulnerability in VLC – isecpartners.github.io
  In this post, iSEC Research Labs will describe the bug iSEC recently discovered in the Live555 library (CVE-2013-6933, CVE-2013-6934). This yielded a remote code execution vulnerability in all client and server applications that use the Live555 library, including the popular media player VLC.

Other News

• NSA Elite Hacking Team Operations Exposed – darkreading.com
  Treasure trove of tools created and used by NSA hackers for planting backdoors via Cisco, Juniper, Apple products unveiled in latest document leaks.
  • NSA Hackers Get the ‘Ungettable’ With Rich Catalog of Custom Tools – www.wired.com
    Hackers in the Tailored Access Operations division get the “ungettable” data the NSA can’t otherwise obtain from tapping undersea cables or collecting bulk data from companies like Yahoo and Google. They do this by by installing backdoors and other implants remotely or by physically intercepting hardware being delivered to customers and planting backdoors in firmware.
  • Unencrypted Windows Error Crash Reports A Treasure for NSA, Hackers Alike – threatpost.com/
    One of the revelations from latest Snowden document leaks described how the U.S. National Security Agency was able to intercept Microsoft Windows Error Reporting logs in order to fingerprint machines for potential compromise.
• Snapchat hacked: 4.6 million usernames and phone numbers lifted – gigaom.com
  4.6 million usernames and phone numbers have been scraped from Snapchat’s database and dumped online.
• FireEye buys cyber forensics firm Mandiant for about $1 billion – reuters.com
  Cybersecurity company FireEye Inc has acquired Mandiant Corp, the computer forensics specialist best known for unveiling a secretive Chinese military unit believed to be behind a series of hacking attacks on U.S. companies.