begood

Microsoft’s security response team has confirmed the existence of a serious cross-site scripting (XSS) vulnerability in the Microsoft SharePoint Server 2007 product. The vulnerability, which can be exploited via the browser, could allow a malicious hacker to execute arbitrary JavaScript code within the vulnerable application. A proof-of-concept exploit has been publicly posted and Microsoft is expected to issue a formal security advisory before the end of this week to offer pre-patch workaround and mitigations. Here’s the skinny on the flaw from an alert posted to the the Full Disclosure mailing list: The vulnerability exists due to failure in the “/_layouts/help.aspx” script to properly sanitize user-supplied input in “cid0? variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. An attacker can use browser to exploit this vulnerability. On Twitter, Microsoft said it was aware of the issue and promised to issue guidance for affected customers: This isn’t Microsoft SharePoint’s first brush with XSS security problems. Back in 2007, the company shipped an “important” security patch to fix a flaw that allowed attackers to run arbitrary script that could result in elevation of privilege within a SharePoint site. http://blogs.zdnet.com/security/?p=6346

The Set-up So you’ve just spent your morning digging through web proxy logs figuring out how one of your users managed to get infected with the latest rehash of FakeAV and you’ve got a handful of malicious URLs that you need to block on your perimeter. Let’s also suppose that you hold some goodwill towards your fellow sysadmin and wish to help stop further damage. Where do you start? Depending on what vendor you use to manage your web proxy filters, you may be helping out by simply protecting yourself. That information should bubble up to their other customers and expand protection. Another way to help smaller organizations and individuals is to share this information with free security solutions. Google Safe Browsing Get the biggest bang for your buck by leveraging the Google Search engine which many folks rely on to save them from exposure to typo-squatters and other badness. URLs can be submitted here: http://www.google.com/safebrowsing/report_badware/ BlueCoat K9 Although it’s advertised as web protection for your children, I find it works for parents and grandparents too. You can submit URLs and classify them here: http://www1.k9webprotection.com/support/check-site-rating.php OpenDNS If you have an OpenDNS account you can submit a domain for tagging as malicious via their dashboard. http://isc.sans.org/diary.html?storyid=8719

Hakin9 magazine # Firewalls for Beginners Firewalls are often overlooked, but are actually one of the best deterrents against unauthorized accesses. Learn how to build a low-cost firewall with iptables. Whenever people ask me how they can be sure no one can have unauthorized remote access to their PC, my first answer is: disconnect your PC! - Antonio Fanelli # Pwning Embedded ADSL Routers This paper sheds light on the hierarchical approach of pen testing and finding security related issues in the small embedded devices that are used for local area networks. The paper is restricted to not only testing but also discusses the kinds of software and firmware used and incessant vulnerabilities that should be scrutinized while setting up a local network. - Aditya K Sood # Writing WIN32 shellcode with a C-compiler Shellcode is hard to write. That is why I worked out the method presented here to generate WIN32 shellcode with a C-compiler. To fully benefit from the content of this article, you should have some experience writing WIN32 programs in C/C++ and WIN32 shellcode, and understand the differences between both approaches. - Didier Stevens # Flash Memory Mobile Forensic This paper is an introduction to flash memory forensic with a special focus on completeness of evidences acquired from mobile phones. Moving through academic papers and industrial documents will be introduced the particular nature of non-volatile memories present in nowadays mobile phones; how they really work and which challenges they pose to forensic investigators. - Salvatore Fiorillo # Threat Modeling Basics In the world of software, security is thrown into a system somewhere at the end of the project. For many developers adding security to a system is using a login with SSL/TLS; but sadly, these two are not the security silver bullet developers are led to believe. - Timothy Kulp # ID fraud expert says... Identity Theft Protection Services – a new industry is born - Julian Evans # Interview Interview with Victor Julien, lead coder for the Open Information Security Foundation Hakin9 :: Magazine http://download.hakin9.org/en/hakin9_04_2010_EN.pdf

nu e complet, vezi aici : Anubis - Analysis Report sau sunt mai multe variante ale aceluiasi malware, sau malware-ul are o lista de nume de executabile pe care le foloseste random => reverse engineer it and then post the list of names sau sau sau.. in malware reportul de mai sus foloseste numele de net1.exe de exemplu.

de acord. ionut data viitoare ai ban.

Symantec has signed definitive agreements to acquire PGP and GuardianEdge. Symantec will buy PGP for a purchase price of approximately $300 million in cash and GuardianEdge for approximately $70 million in cash. The agreements are subject to customary closing conditions, including regulatory approvals, and are expected to close during the June quarter. By bringing together PGP and GuardianEdge’s standards-based encryption capabilities for full-disk, removable media, email, file, folder and smartphone, with Symantec’s endpoint security and data loss prevention offerings, Symantec will have the broadest set of integrated data protection solutions. Together these acquisitions will expand Symantec’s addressable security market opportunity and will position the company as a leader in the fast growing encryption market which, according to IDC, is estimated to reach $1.7 billion in 2013. Symantec also intends to integrate the PGP key management platform into the Symantec Protection Center, which simplifies security information management by providing customers consolidated access to threat, security and operational dashboards and reporting. Integrating the PGP key management platform into the Symantec Protection Center will further enhance the management of endpoint security, data loss prevention and gateway security products, which are also integrated with Symantec Protection Center, allowing customers to more seamlessly protect information. http://www.net-security.org/secworld.php?id=9217

depinde ce vrei sa faci. vrei anonimitate, atunci da.

I recently gave a presentation at WordCamp Montreal on WordPress Security. While doing research for my presentation I came across a bunch of great WordPress Security tips that all WordPress users should use. Surprisingly, a good majority of these tips are not usually followed. Below is a list of the top 5 tips that most WordPress administrators do not do, but should: 1. Don’t use the admin account – The default user account that is created with every installation of WordPress is the admin account. Unfortunately the entire world knows this, including hackers, and can easily launch a dictionary attack on your website to try and guess your password. If a hacker already knows your username that’s half the battle. It’s highly recommended to delete or change the admin account username. 2. Move your wp-config.php file – Did you know since WordPress 2.6 you can move your wp-config.php file outside of your root WordPress directory? Most users don’t know this and the ones that do don’t do it. To do this simply move your wp-config.php file up one directory from your WordPress root. WordPress will automatically look for your config file there if it can’t find it in your root directory. 3. Change the WordPress table prefix – The WordPress table prefix is wp_ by default. You can change this prior to installing WordPress by changing the $table_prefix value in your wp-config.php file. If a hacker is able to exploit your website using SQL Injection, this will make it harder for them to guess your table names and quite possibly keep them from doing SQL Injection at all. If you want to change the table prefix after you have installed WordPress you can use the WP Security Scan plugin to do so. Make sure you take a good backup before doing this though. 4. Use Secret Keys – This is probably the most followed security tip on the list, but still I’m amazed at how many people don’t do this. A secret key is a hashing salt that is used against your password to make it even stronger. Secret keys are set in your wp-config.php file. Simply visit https://api.wordpress.org/secret-key/1.1 to have a set of randomly generated secret keys created for you. Copy the 4 secret keys to your wp-config.php file and save. You can add/change these keys at any time, the only thing that will happen is all current WordPress cookies will be invalidated and your users will have to log in again. 5. htaccess lockdown – This is actually my favorite tip from my presentation. Using a .htaccess file you can lockdown your wp-admin directory by IP address. This means only IP addresses you specify can access your admin dashboard URLs. This makes it impossible for anyone else to try and hack your WordPress backend. To do this simply create a file called .htaccess and add the following code to your file, replacing xxx.xxx.xxx.xxx with your IP address: AuthUserFile /dev/null AuthGroupFile /dev/null AuthName "Access Control" AuthType Basic order deny,allow deny from all #IP address to Whitelist allow from xxx.xxx.xxx.xxx You can add multiple “allow from” lines so make sure to add any IP addresses you plan on accessing your site from (ie Home, Office, etc). Remember most ISP use dynamic IPs so your IP address might change on occasion. If you get locked out just update your .htaccess file or delete it all together. This obviously is not a good tip if you allow open registrations as you need to allow your users access to wp-admin. So, how many of these tips do you follow regularly? You can view my full WordPress Security Presentation from WordCamp Montreal below and view my slides (Canadian flags and all!) http://www.wptavern.com/top-5-wordpress-security-tips-you-most-likely-dont-follow

When facing off against a WebDAV enabled server, there are two things to find out quickly: can you upload files, and if so, can you execute code? DAVTest attempts help answer those questions, as well as enable the pentester to quickly gain access to the host. DAVTest tries to upload test files of various extension types (e.g., “.php” or “.txt”), checks if those files were uploaded successfully, and then if they can execute on the server. It also allows for uploading of the files as plain text files and then trying to use the MOVE command to rename them to an executable. Assuming you can upload an executable, a test file does you no good–so DAVTest can automatically upload a fully functional shell. It ships with shells for PHP, ASP, ASPX, CFM, JSP, CGI, and PL, and dropping a file in the right directory will let you upload any back-door you like. Features * Upload with executable extension or .txt * Checks for successful upload and execution * Supports MOVE and MKCOL * Can upload backdoor/shell or arbitrary files * Basic authentication DAVTest is written in PERL and licensed under the GPLv3. You can download DAVTest v1.0 here: http://davtest.googlecode.com/files/davtest-1.0.zip Or read more here. http://code.google.com/p/davtest/

mirrors : Multiupload.com - upload your files to multiple file hosting sites! pass rstcenter.com

NASA scientists last night unveiled compelling evidence of life on Mars. A special mission to the Red Planet has revealed the likely presence of a form of pond scum - the building blocks of life as we know it. NASA unveiled the results of the recent Opportunity and Spirit probes sent millions of miles through the solar system to discover signs of extraterrestrial life. The results are so promising boffins have already planned a host of other missions to discover whether there is extraterrestrial life in the universe. The recent missions have gathered evidence of sulphates on Mars, a strong indication there is water on the planet and therefore life. Previous missions to Mars have concluded there is probably water on the planet. But the NASA boffins said the recent missions have gone further than any others in proving there is life on Mars. They were particularly excited about the discovery of a sulphate called gypsum which, it has emerged recently, is found in large quantities among fossils in the Mediterranean. Jack Farmer, researcher at the Arizona State University, in Tempe, Arizona, said he was "optimistic" there was - or had been - life on Mars. http://www.thesun.co.uk/sol/homepage/news/2951855/Nasa-Evidence-of-life-on-Mars.html http://stirileprotv.ro/stiri/international/incredibil-nasa-extraterestrii-locuiesc-pe-marte.html

Hack Tool Repository - home

zbori piromane...

Magikfs is a highly secure steganographic filesystem with the plausible deniability feature being implemented on the linux platform particularly over an existing ext2/ext3 partition without any structural modifications. The data which is already present in the filesystem is not harmed at all. Magikfs will be user friendly, easy to install and easy to give your files the highest kind of security ever offered by filesystems that exist today. Its better than encrypted filesystems due to fact that files remain hidden in Magikfs unlike that of encrypted filesystems. Magikfs is based on a design influenced by previous design of ‘Stegfs:A steganographic filesystem’ by HweeHwa PANG, Kian-Lee TAN, Xuan ZHOU. Magikfs wil be released under the GNU public license. But even the source code is not at all enough to even attempt an attack on magikfs. Say adieu to encrypted (cryptographic) filesystems! http://magikfs.sourceforge.net/ http://sourceforge.net/projects/magikfs/

Description Ubuntu Pentest Edition is a gnome based linux designed as a complete system which can also be used for penetration testing. Ubuntu Pentest Edition has a big repository of software (Ubuntu repositories) and high customization possibilities. The system is made in a way that you can configure it to suite your needs. With Ubuntu Pentest Edition comes around 300 tools for penetration testing and set of basic services which are needed in penetration testing. Also we are preparing a repository of pentest tools so your system will be up to date at all time. Details * Website : http://www.netinfinity.org * Platform : Ubuntu based * Author : Vitomir * Contact Email : vitomir@netinfinity.org http://tools.securitytube.net/index.php?title=Ubuntu_Pentest_Edition

This is the video of the presentation "Hiding in the Familiar: Steganography and Vulnerabilities in Popular Archives Formats" given by Mario Vuksan, Tomislav Pericin & Brian Karney at Blackhat Europe 2010. Abstract: Exploiting archive formats can lead to steganographic data hiding and to processing errors with serious forensic consequences. These formats are very interesting as they are commonly found on every PC, Apple or Linux machine, and it is popularly believed that they are well understood and trusted. Can exploits ever be present in file formats that have been in use for over ten or even twenty years? Through deep format analysis, beyond fuzzing, we look at what goes wrong when the format specifications are interpreted differently. Can you trust programs that work with archives? Can you even trust your antivirus? We will answer these questions and disclose for the first time 15 newly discovered vulnerabilities in ZIP, 7ZIP, RAR, CAB and GZIP file formats revealing the impact they have on anti-malware scanners, digital forensic, security gateways and IPS appliances. This talk will include demo of ArchiveInsider, a new forensics tool that detects and extracts hidden data and fully validates vulnerable file formats. We will demonstrate file format steganography, file malformation, and even data "self destruction," all with tools that you use and trust. Thanks go out to Netinfinity, creator of Ubuntu Pentest Edition for referring this video to us. http://securitytube.net/Steganography-and-Vulnerabilities-in-Popular-Archives-Formats-%28Blackhat-2010%29-video.aspx

The buzz around the internets lately has been about NTP. Security researchers, such as HD Moore, have been doing extensive investigation on the “features” of NTP. HD Moore discovered that, by default, NTP servers allow you to query them for additional information. Some of the basic queries were listpeers, show peers, peers, sysstat, and most important monlist. Monlist is used as a diagnostic tool to provide the user the last 600 IP addresses of clients who queried that NTP server. What does this mean? This means with a single request, you can get a good feel of all the IPs in a network. Also, if there is an NTP server in the DMZ, an external attacker could potentially get the internal IPs. FYI: I haven’t been successful with attacking Windows version of NTP. SO WHAT’S THE TRICK: You can install the NTP client on your favorite nix and run: ntpdc -n -c monlist <ip address> But this seems to only work half of the time. It seems as sometimes the sequence numbers get messed up and it crashes. You can use the new auxiliary tool from metasploit (ntp_monlist) or sensepost’s python tool, but both those have issues due to payloads that do not support version 3 of ntp. They only support version 2. The best tool is included called ntp_ip_enum.py (click to view) which is a version of the sensepost script that I had modified the payloads allowing both NTP version 2 and version 3. COMMAND: NTP_IP_ENUM.PY ./ntp_ip_enum.py <ip_address of a NTP server> <optional another ip_address of a different NTP server> When this is complete, an output file is created in the directory where the ntp_ip_enum script was run labeled NTP.txt. This will include the clients that have connected to that NTP server within the last 5 minutes or last 600 requests. Give it a try: ./ntp_ip_enum.py time.euro.apple.com This will give you a list of clients that have recently contacted Apple’s Europe timeserver. Wowzers! SCRAPING THE INTERNETS NTP MAPPING TIME.EURO.APPLE.COM So I took the entire client IP’s listed from time.euro.apple.com and plotted them against Google earth. This gave us some interesting views on which countries use Apple laptops and which do not. http://i44.tinypic.com/18ghat.jpg Apple's EURO NTP Server THE FIX This could have all been averted by not allowing external users to query these types of commands. Monlist is usually used for debugging but should only be allowed locally. ADDITIONAL ATTACKS HD Moore also discussed that he had figured out a way to DDoS a system using NTP with very minimal requests. Although he has not released data on this type of DDoS, we put our heads together here on what the attack could be. When you make a monlist request, you send 1 udp packet to the NTP server and 600+ responses are returned. We think that using this request against all the NTP servers and peers, you could send hundreds of thousands of UDP packets to a victim with minimal request packets. By spoofing the source address and requesting monlists repetitively, all responses from those NTP servers will be forwarded to the victim. -Cheetz https://www.securepla.net/?p=242

http://www.ubuntu.com/getubuntu/downloadmirrors#bt a ajuns !

johnny i hack stuff google dorks damn... deja-i batran johnny

In the news : RSTi?tii la butt hunting

Intr-un final sebi_the_killer are 15 ani si voia sa-si bata joc de un alt ratat, Dan. Practic si-a facut cont pe RST folosind contul de mail a lui Dan. (silviu dan gerogescu) fanclub ID-uri baieti din Cluj - Piromanu, 15 ani profilul lui hi5 : hi5 - Piromanu' Fuck You ungaria http://www.google.com/search?q=sebi_the_killer&hl=en&filter=0 le: cica site-ul lui : http://sebiy.piczo.com/?g=39855500&cr=7

se pare ca piromanu e acelasi tip (acelasi ip) hackhrunn@yahoo.com sebi_the_killer 109.96.75.249

disable post count in "trash" and "bun venit".

dan_rapperu@yahoo.com 89.123.84.41 poate vreti sa-i trimiteti salutari