Samurai WTF is a liveCD aimed at web application hacking/testing. I haven't tried it yet, and from the version number it looks like it's still in it's infancy, but I thought it might deserve one more inward facing link.
Check it out at: SourceForge
The team working on the Android mobile platform project have recently published an introduction to Full Disclosure and other security outlets. The team made a great move here toward encouraging hackers to responsibly disclose security issues.
The post mentions one item that many researchers value a great deal...transparency throughout the remediation process. The guys and gals at Android seem to "get it", I'm hoping it works out for them.
So, if you haven't seen the details for the DNS flaw you can take a look here: http://www.ri0tnet.net/dns.html
Check out the information leak of the year. Oh, and patch those DNS servers. WWDKD?
Metasploit is a tool that has forever changed the information security landscape. One would be hard pressed to find a tool as versatile, powerful and as supported in the hacking community today. On top of all that good mojo, it comes free of charge!
I get excited about Metasploit (who wouldn't). I wanted this book to match that excitement; To dive into Metasploit in new and exciting ways. It didn't. This book is written by some very smart guys, but goes about as deep as the average user guide. There's nothing new here really and most of what's discussed could be better absorbed through a few hours of playing with the application itself.
Overall this was a disappointment, one that could have been a whole lot better.
This year's Defcon event is well under way. The speakers list has been finalized and I'm already thinking about what talks I want to make it out to.
Here's my hit list so far, which I'm guessing will get totally screwed by the time slots.
Additionally, the EFF and All Your Sploits Are Belong to Us panels might be fun. Oh, and whatever Dan Kaminsky has to talk about will most certainly pack the house.
Boys and Girls, Defcon XVI is just around the corner and it's time to start thinking about what to take, were to stay, speakers to see, and skills to hone. I thought I'd drop my extensive con knowledge. If you've never been to Vegas or Defcon maybe this'll be helpful. For a much better post, check out the official "Be Prepared" thread on the Defcon.org blog.
So, I've been to Las Vegas and Defcon a total of 1 times, so I'm an expert. Let's start with the location.
The Riviera (the Riv as the vets call it) is a great place for a convention and a fairly crappy place to stay. That said, first timers may benefit from being on top of Defcon at all times. Once was enough for me. The rooms are slightly less comfortable than a college dorm and for the money, you could wrangle something much nicer down the strip.
Other issues with the Riv is the food. There really isn't a good place to grab a bite. There is a food court with Pizza-Hut, Quiznos, etc., but you'll not find a world class buffet or other typical Vegas eateries.
What to take:
What not to take:
Defcon should be sweet this go round, make the most of it. Crash parties, social engineer and make some friends!
Tip: Do Vegas stuff if you can find time. See the fountains, Fremont Street and gamble a bit. All the videos will be online in a few months anyway!
In this episode of The Decision, I cover some of the issues that people run into as they start experimenting and exploring stack-based buffer overflows on Linux. Stack smashing is an interesting and rewarding exercise for security enthusiasts. It perfectly illustrates the idea of what can go wrong when trusting user input.
Hopefully with a handful of tips on the "gotchas" we can make it a bit less frustrating at the start. Read the rest of this entry »
Script kiddies rejoice! Metasploit 3.1 is out on the streets. This version comes boxed with a generous helping of attack modules (450+) prepared for your pwning pleasure.
Very cool stuff for your pen testing needs!
If you haven't already heard Aaron Weaver has published a paper on "Cross Site Printing". Re-purposing printers isn't a new concept by any means, but this is a clever little attack.
What happens is that network printers are typically listening on port 9100 for some raw data. By providing a web page that attempts to connect to a resource on that port we establish a connection, push data, and as soon as the browser closes or timeout occurs we disconnect. The printer happily puts this to paper and out it comes.
Mr. Weaver demonstrates some rather creative ways of putting POST to use and the possibilities of pushing straight PCL to get a more professional look.
The spam is on the way, and the potential for this attack to be worked in conjunction with some of the recent DNS pinning attacks is interesting.
Read the paper, play with it on your LAN (there's something strangely satisfying about this simple little hack) and then tie the printer down to the print server.
Fuzzing: Brute Force Vulnerability Disclosure takes you to the edge of Application Testingville and kicks you 30ft outside city limits. The methods used to vulnerability test software in an automated way have never been so clearly conveyed. This book becomes family for anyone stalking the elusive 0-day. Like a second cousin really, but still you hold it near and dear. Read more...
