The tool is is BackTrack, but there is an interesting floppy, CD or USB version:
http://home.eunet.no/~pnordahl/ntpasswd/
It boots quickly and it is straightforward to follow the step by step instructions.
Thursday, 28 February 2008
Wednesday, 27 February 2008
CAPATCHA Goooooootcha
It looks like gooles capatcha is under attack with a 20% success rate: http://www.websense.com/securitylabs/blog/blog.php?BlogID=174
That's a lot of accounts to send me stock tips or enlargement pill ads. The more interesting thing would be if the bots could do something cool with all that storage! Say that this process is yeilding 1 account per minute, thats 1440 accounts a day and around 525600 accounts a year. With 6Gb of storage space per account that is 3.2 PB of distributed storage.
check out these tools to mount a single account
http://www.sizlopedia.com/2007/08/11/utilities-to-use-gmail-space-as-google-drive/
If they are clever enough to crack the captcha, they should be clever enough to create something that would mount all of these counts together as some sort of distributed file store with redundancy and resiliency.
Cool.
That's a lot of accounts to send me stock tips or enlargement pill ads. The more interesting thing would be if the bots could do something cool with all that storage! Say that this process is yeilding 1 account per minute, thats 1440 accounts a day and around 525600 accounts a year. With 6Gb of storage space per account that is 3.2 PB of distributed storage.
check out these tools to mount a single account
http://www.sizlopedia.com/2007/08/11/utilities-to-use-gmail-space-as-google-drive/
If they are clever enough to crack the captcha, they should be clever enough to create something that would mount all of these counts together as some sort of distributed file store with redundancy and resiliency.
Cool.
Friday, 22 February 2008
Cool sites
found these, thought they were cool:
GNUCitizen
The Hacker Webzine
please feel free to add more cool links in the comments
GNUCitizen
The Hacker Webzine
please feel free to add more cool links in the comments
Mobile Phone Sniffing: smells kind of cheesey!
Apparently a couple of guys at the black hat conference over in DC have demonstrated a GSM crypto cracking system in 1/2 and hour and $1,000 of storage.
Take me >>
As dD is impoverished and busy attendendance was not an option. However, the good old blackhat folks will be making the whole things available in there archive in a couple of weeks. Groovey!
Take me >>
As dD is impoverished and busy attendendance was not an option. However, the good old blackhat folks will be making the whole things available in there archive in a couple of weeks. Groovey!
Cold Hacking: what we leave behind
It seems that DRAM is not so forgetful after all! It would seem that some plucky researchers over at Princeton have demonstrated how to obtain critical cryptographic keys for disk encryption systems such as BitLocker and TrueCrypt by cold booting a system an having a look at what is left in memory.
They even have a video of the talk and a paper. This is another example of side attacks on cryptosystems which the great might big boss Bruce has been mentioning for some time now.
They even have a video of the talk and a paper. This is another example of side attacks on cryptosystems which the great might big boss Bruce has been mentioning for some time now.
Thursday, 21 February 2008
Monday, 18 February 2008
iFrames of Doom! So say Google
Google has now made it offical: iFrames are bad for you! Although they have some figures, and graphs to back this up. Time to show your CIO if you have one, or the dustbin man if you don't.
Let the drive by raids commence!
dD
Let the drive by raids commence!
dD
Wireless: Its a threat official!
Friends of dD will already know our disdiain for all things wireless. However it is now official! It would appear though that dD is at odds with the big boss himself Bruce Schneier himself! bummer.
dD
dD
Hack and Trade: US only version
It seems that stealing insider trading info and then trading on it is ok in the US (at the moment). However, deceiving someone to obtain it is illegal! hmm! Fortunately, the Europeans have already sorted this by declaring that trading on insider information - however it is obtained - is illegal.
Go Team US of A!
dD
Go Team US of A!
dD
CISCO's "Security" agent driver's unfortunate buffer overflow...
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a008090a445.html
"Cisco Security Agent contains a vulnerability when it processes a specially crafted Server Message Block (SMB) packet. This vulnerability can be exploited remotely without authentication and without end-user interaction. Successful exploitation of this vulnerability may allow arbitrary code execution, cause the affected device to crash, or result in a denial of service (DoS) condition. The attack vector for exploitation is through SMB packets using TCP port 139 and TCP port 445."
"Cisco Security Agent contains a vulnerability when it processes a specially crafted Server Message Block (SMB) packet. This vulnerability can be exploited remotely without authentication and without end-user interaction. Successful exploitation of this vulnerability may allow arbitrary code execution, cause the affected device to crash, or result in a denial of service (DoS) condition. The attack vector for exploitation is through SMB packets using TCP port 139 and TCP port 445."
Friday, 15 February 2008
The Onion on security (fun)
It had been a while since I had checked out The Onion, so I am glad to have come accross this:
We Must All Do Our Part To Preserve This Climate Of Fear, by M. Willard Thornton http://www.theonion.com/content/opinion/we_must_all_do_our_part_to?utm_source=onion_rss_daily
We Must All Do Our Part To Preserve This Climate Of Fear, by M. Willard Thornton http://www.theonion.com/content/opinion/we_must_all_do_our_part_to?utm_source=onion_rss_daily
Thursday, 14 February 2008
Vista "Lite": Strip out the unwanted stuff
http://www.vlite.net/
Useful tool for:
1. Reducing a Vista box's attach surface,
2. Speed up the OS.
There is also a version for Windows XP:
http://www.nliteos.com/
Useful tool for:
1. Reducing a Vista box's attach surface,
2. Speed up the OS.
There is also a version for Windows XP:
http://www.nliteos.com/
OpenID
The big boys are now playing nice with OpenID, as IBM, Google, Verisign, Microsoft and Yahoo! (soon to be Microhoo! ?) have joined the board:
http://openid.net/
http://openid.net/
New version of TrueCrypt
This free open-source disk encryption software works on the following platform: Windows Vista/XP, Mac OS X, and Linux!
You can create virtual encrypted disks, encrypt whole partitions AND even the Windows boot/systems drive. So who needs BitLocker??
http://www.truecrypt.org/
You can create virtual encrypted disks, encrypt whole partitions AND even the Windows boot/systems drive. So who needs BitLocker??
http://www.truecrypt.org/
Get infected by your anti-virus maker's web site!
This has to be rather embarrasing:
http://annysoft.wordpress.com/2008/02/06/antivirus-company-website-is-infected/
Also covered at The Register:
http://www.theregister.co.uk/2008/02/08/indian_av_site_compromise/
Another case of the evil iFrame striking, but this time from a "security" company...
http://annysoft.wordpress.com/2008/02/06/antivirus-company-website-is-infected/
Also covered at The Register:
http://www.theregister.co.uk/2008/02/08/indian_av_site_compromise/
Another case of the evil iFrame striking, but this time from a "security" company...
Should UK parents get compensation from HMRC?
Alternative Dispute Resolution Services is a Newcastle-based legal firm which is offering a £5.99 pack to help pursue a claim against the government for breach of the Data Protection Act. They claim that 14,000 people have registered with them so far.
The pack is available at:
http://www.compensationpack.com/
News coverage is here:
http://www.thisismoney.co.uk/disc-claim
Don't get too excited: the estimated payout is likely to be between £50-£300, which is way below any losses that may be suffered if the data is in the wrong hands. The interesting question though is whether or not the government actually breached the DPA.
The pack is available at:
http://www.compensationpack.com/
News coverage is here:
http://www.thisismoney.co.uk/disc-claim
Don't get too excited: the estimated payout is likely to be between £50-£300, which is way below any losses that may be suffered if the data is in the wrong hands. The interesting question though is whether or not the government actually breached the DPA.
Sophos statistics on spam relaying by countries
The USofA are at the top of the list, followed by Russia:
http://www.sophos.com/pressoffice/news/articles/2008/02/dirtydozfeb08.html
http://www.sophos.com/pressoffice/news/articles/2008/02/dirtydozfeb08.html
Happy Valentine and watch that electronic evidence, just in case...
Electronic evidence is increasingly being used in divorce cases:
http://www.gpsdaily.com/reports/Nation_Top_Divorce_Lawyers_Note_Dramatic_Rise_In_Electronic_Evidence_999.html
Wether it is electronic or not, it is just "evidence" after all. It is interesting to note the use of GPS data: yes we can prove you were there...
http://www.gpsdaily.com/reports/Nation_Top_Divorce_Lawyers_Note_Dramatic_Rise_In_Electronic_Evidence_999.html
Wether it is electronic or not, it is just "evidence" after all. It is interesting to note the use of GPS data: yes we can prove you were there...
Monday, 11 February 2008
God Bless America and their border cops!
I hope that I never get stopped with my phone, laptop, cd bag, notebook, flash drives as 20hours of questioning will seem like a holiday! Just one more reason not to go to the leading light of the free world!
I know something you don't know
It seems the vulnerability disclosure is taking on a new slant. All the previous reports I've seen on this subject have largely been about those researchers who disclose vulns get hammered by law enforcement agencies or big companies. However, this one takes on a new twist. RealPlayer11 has a bug and Evgeny Legerov has found it. However, it appears this guy has a group of "customers" who he sells bugs to but won't disclose to the original developer. In the daniweb blog the author discribes this as blackmail. I'm certain it's not blackmail, but ethically it's difficult. But why should I be ethically bound to notify people of their screw ups? Maybe the fact that big companies carry on producing chronic code is because people find their cock ups and tell them about it. Perhaps this new type of militant action by security researchers will start to force a shift in software development as companise will no longer be able to rely on independants working it out for them.
Firefoxed
Firefox 2.0.0.12 is vulnerable out of the box using a directory traversal! Good lord what is happening here!?
http://www.0x000000.com/index.php?i=515
According to the site listin the vulnerability this will allow you to potentially view every file in the Mozilla directory. Solution a) use another browser b)install a plug in!
Most vulnerabilities are delivered by third party plugins on fixed by them!
http://www.0x000000.com/index.php?i=515
According to the site listin the vulnerability this will allow you to potentially view every file in the Mozilla directory. Solution a) use another browser b)install a plug in!
Most vulnerabilities are delivered by third party plugins on fixed by them!
Subscribe to:
Posts (Atom)