Wubi

Description: In this video you will learn how to how to perform memory forensics using Volatility tool. They are explained various commands and plugins of volatility that command can be used in memory forensics. This video is helpful for incident response and malware analysis tasks. Volatility : - The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. https://www.volatilesystems.com/default/volatility/ Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source:

Description: In this video you will learn how to Disable an ati-Debugger method. Sometimes you are doing reverse engineering on some program or exe files so you can’t patch that exe file because that file is protected by anti-debugger process. So in this video you will learn how to disable that and how to execute your patch on that exe. For best guide also refere this papers so you can understand what anti-debugger and how to disable it. http://www.alex-ionescu.com/dbgk-1.pdf http://www.alex-ionescu.com/dbgk-2.pdf Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source:

Skype Could Intercept Conversations, Doesn’t Confirm It July 23rd, 2012, 10:01 GMT · By Ionut Arghire Skype, the popular VoIP service, has reportedly performed a series of changes to its architecture that would enable it to more easily intercept calls. The company has long resisted to taking part in online surveillance actions, although many governmental entities have requested that. In fact, Skype’s encryption and complex peer-to-peer network connections were considered to be almost impossible to intercept, which caused headaches to many agencies. But all that might have changed recently, hackers report. According to a recent article on ExtremeTech, following the purchase of Skype, Microsoft has moved some of the “supernodes” that create the network (users are seen as “nodes,” but some become “supernodes,” influencing data traffic) to dedicated Linux servers, under its direct control. By doing so, the company gained the position in which it could easily “wiretap” conversations. In fact, Microsoft is said to be re-working these supernodes to ensure that law enforcement has access to monitoring calls. The nodes and supernodes in the Skype peer-to-peer network create the connection between users. Thus, data traffic appears between the peers that are having the conversations. Since Microsoft has been centralizing the Skype supernodes, it would have the possibility to route voice data of the calls through monitored servers, which automatically makes the call unsecure. This approach is similar with a man-in-the-middle attack, the news site notes. Since Skype has been used lately by a large number of criminals, although it is also part of the lives of ordinary people and business men, law enforcement agencies have been looking to find means to tap into monitoring Skype conversations. However, Microsoft wouldn’t admit to this. Mark Gillett, Skype’s Corporate VP of Product Engineering & Operations told ExtremeTech that they were merely enhancing the user experience with moving supernodes to their own servers. “As part of our ongoing commitment to continually improve the Skype user experience, we developed supernodes which can be located on dedicated servers within secure datacenters,” he said. “This has not changed the underlying nature of Skype’s peer-to-peer (P2P) architecture, in which supernodes simply allow users to find one another (calls do not pass through supernodes). We believe this approach has immediate performance, scalability and availability benefits for the hundreds of millions of users that make up the Skype community.” http://news.softpedia.com/news/Skype-Could-Intercept-Conversations-Doesn-t-Confirm-It-282628.shtml

Black Hat explains fake password reset e-mail sent to 7,500 security experts Summary: 7,500 Black Hat USA 2012 attendees may have been surprised to get a fake password reset e-mail sent to accounts they used to register for the conference. Black Hat has apologized and explained the lame phishing spam attempt. By Emil Protalinski for Zero Day | July 23, 2012 -- Updated 03:54 GMT (20:54 PDT) Earlier today, thousands of Black Hat attendees received a very dubious password reset e-mail with a suspicious URL. The e-mail had the subject "Your admin password" and claimed to come from "BlackHat 2012" but was really sent out by someone with the e-mail address "gleach@itn-international.com." The e-mail, which was sent to some 7,500 security experts, looked something like this (also pictured on the right): This is a note from BlackHat 2012. You have requested a new password. Here are your details: Username: Password: To sign in, please go to this URL: https://svel1023/BH12/Admin/ Talk about a poor phishing attempt (includes a username and password in a plaintext e-mail, asks you to sign in to a website that isn't Black Hat, and doesn't even try to spoof a Black Hat e-mail address). Were the phishers really hoping that because the username and password were missing, the recipients would try to log into the fake website with their correct credentials? Nah, I think someone was just really bored (after all, the link isn't even a proper URL). Conference organizers quickly apologized for the mishap, which they blamed on a volunteer, in a blog post titled Black Hat USA mass reg email. Here's the crux of their explanation: The link provided in the email is to an onsite host on our registration network. We have reviewed the server logs, we know the user, host, and have spoken with the volunteer who has emailed each of you this morning. Our most valued assets at Black Hat are our delegates and their privacy. We work very hard to maintain that. We want everyone to come to Black Hat to learn and enjoy their time without fear of having their personal or professional information compromised. We are happy to report there are no signs of compromise. The email this morning was an abuse of functionality by a volunteer who has been spoken to. This feature has since been removed as a precautionary measure. The good news is that Black Hat wasn't hacked (although I wouldn't be surprised given the potential glory) and attendee e-mails were not stolen. This is a perfect example of the risk you take when you outsource your accountability. While this type of faux pas can indeed happen to anyone, it is particularly embarrassing for an organization like Black Hat. After all, they just allowed a fake e-mail to try to dupe some of the world's top security gurus. For those who aren't aware, Black Hat Briefings is a security conference with attendees that include federal agencies, corporations, and hackers (of course). Black Hat USA 2012 began Saturday (yesterday) and runs until Thursday. Our very own Ryan Naraine is on the scene and will be bringing you news and analysis throughout the week. http://www.zdnet.com/black-hat-explains-fake-password-reset-e-mail-sent-to-7500-7000001357/

.

Hacker going to demonstrate open source tool to crack Hashes with speed of 154 Billion/sec Posted On 7/23/2012 09:22:00 AM By THN Security Analyst Bitweasil lead developer going to Demonstrate an open source Tool called "Cryptohaze" at DEF CON 20. The Cryptohaze Multiforcer supports CUDA, OpenCL, and CPU code (SSE, AVX, etc). All of this is aimed at either the pentester who can't spray hashes to the internet, or the hacker who would rather not broadcast what she obtained to pastebin scrapers. "Yes, that's 154B - as in Billion. It was done entirely with AMD hardware, and involved 9x6990, 4x6970, 4x5870, 2x5970, and 1x7970 - for a total of 31 GPU cores in 6 physical systems." BitWeasil posted. WebTables is a new rainbow table technology that eliminates the need to download rainbow tables before using them, and the new Cryptohaze Multiforcer is an open source, GPLv2, network enabled platform for password cracking that is easy to extend with new algorithms for specific targets. Bitweasil Bitweasil is the primary developer on the open source Cryptohaze tool suite, which implements network-clustered GPU accelerated password cracking (both brute force & rainbow tables). He has been working with CUDA for over 4 years (since the first public release on an 8800GTX), OpenCL for the past 2 years, and enjoys SSE2 as well. Bitweasil also rescues ferrets. Cryptohaze tools are aimed at providing high quality tools that run on any platform - Windows, Linux, or OS X. The tools run on all platforms that support CUDA or OpenCL (currently Windows, Linux, OS X). If you don't have a GPU - the OpenCL code will run just fine on your host CPU! The releases are now combined into single releases. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on a GTX260/216SP@1.24ghz card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate - not the search rate. The search rate is 380M * 1.4M passwords per second! The latest version of the Cryptohaze Multiforcer can be download from here. Hacker going to demonstrate open source tool to crack Hashes with speed of 154 Billion/sec : The Hacker News ~ http://thehackernews.com/2012/07/hacker-going-to-demonstrate-open-source.html

Bitweasil lead developer going to Demonstrate an open source Tool called "Cryptohaze" at DEF CON 20. The Cryptohaze Multiforcer supports CUDA, OpenCL, and CPU code (SSE, AVX, etc). All of this is aimed at either the pentester who can't spray hashes to the internet, or the hacker who would rather not broadcast what she obtained to pastebin scrapers. Cryptohaze tools are aimed at providing high quality tools that run on any platform - Windows, Linux, or OS X. The tools run on all platforms that support CUDA or OpenCL (currently Windows, Linux, OS X). If you don't have a GPU - the OpenCL code will run just fine on your host CPU! The releases are now combined into single releases. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on a GTX260/216SP@1.24ghz card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate - not the search rate. The search rate is 380M * 1.4M passwords per second! CHANGELOG Added GTX680 support to the builds. Put the right DLL in the Windows build. All tools: Build against CUDA 4.2 Multiforcer: Add IP address cracking scripts Multiforcer: Fix issue that could prevent finding all hashes in certain cases Download Cryptohaze 1.31a - Crack hashes with speed of 154 Billion/sec : The Hacker News ~ http://tools.thehackernews.com/2012/07/cryptohaze-131a-crack-hashes-with-speed.html

^ Ce zici tu ar veni cam asa nu? Client <-> Nginx:80 <--> Apache-HTTP:80 Corecteaza`ma daca gresesc.

root@bt:~# wget http://termineter.googlecode.com/files/termineter-v0.1.0.tar.bz2 root@bt:~# tar xjvf termineter-v0.1.0.tar.bz2 root@bt:~# cd termineter root@bt:~/termineter# sh install.sh root@bt:~/termineter# python termineter.py Ruleaza pe Python >= 2.6 PySerial (Welcome to pySerial’s documentation — pySerial v2.6 documentation) >= 2.3.1 Pentru Windows nu e nevoie de nicio instalare, doar intri in directorul termineter, si folosesti python ca sa rulezi termineter.py

http://www.youtube.com/watch?v=i47ssfrskKQ&feature=player_embedded Description: Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: OS shell with sqlmap tool on BackTrack 5 R2 - YouTube

Open Source Smart Meter Hacking Framework can Hack into the Power Grid Posted On 7/23/2012 03:25:00 AM By THN Security Analyst A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters. Dubbed 'Termineter,' the framework would allow users, such as grid operators and administrators, to test smart meters for vulnerabilities. It claims will let security researchers and penetration testers verify the security of electric utility smart meters being installed in millions of homes around the country. Termineter uses the serial port connection that interacts with the meter's optical infrared interface to give the user access to the smart meter's inner workings. The user interface is much like the interface used by the Metasploit penetration testing framework. It relies on modules to extend its testing capabilities. Spencer McIntyre, of the SecureState Research & Innovation Team, will perform the first live public demonstration of the Termineter framework during his presentation, "How I Learned To Stop Worrying and Love the Smart Meter" at Security B-Sides Vegas on Wednesday, July 25, 3 pm at The Artisan Boutique Hotel. The release of the tool is two-fold: on one hand, it will make auditing and flaw detection easier for utility companies but, on the other hand, it might facilitate unauthorized access to the system. By modifying consumption data, a hacker can inflict financial loss on the provider, but will also invalidate data related to demand. The electricity meters are also a sensitive issue, as they are used for more than taxing and demand estimation: it allows the police to detect unusual spikes in consumption and identify households that illegally farm marijuana. The Termineter Framework can be downloaded here. Open Source Smart Meter Hacking Framework can Hack into the Power Grid : The Hacker News ~ http://thehackernews.com/2012/07/open-source-smart-meter-hacking.html

A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters. Dubbed 'Termineter,' the framework would allow users, such as grid operators and administrators, to test smart meters for vulnerabilities. It claims will let security researchers and penetration testers verify the security of electric utility smart meters being installed in millions of homes around the country. Termineter uses the serial port connection that interacts with the meter's optical infrared interface to give the user access to the smart meter's inner workings. The user interface is much like the interface used by the Metasploit penetration testing framework. It relies on modules to extend its testing capabilities. Termineter is a framework written in python to provide a platform for the security testing of smart meters. It implements the C12.18 and C12.19 protocols for communication. Currently supported are Meters using C12.19 with 7-bit character sets. Termineter communicates with Smart Meters via a connection using an ANSI type-2 optical probe with a serial interface. Download http://tools.thehackernews.com/2012/07/termineter-smart-meter-hacking.html

Reabilitare psihosociala ar trebui sa scrie pe tine.

Apple to block in-app purchase hack in iOS 6, offers interim fix Summary: Apple has announced it iOS 6 will block the hacking of its In-App Purchase program. The company has also offered a temporary fix for app developers. if your app is affected, don't wait around for iOS 6. By Emil Protalinski for Zero Day | July 20, 2012 -- Updated 21:50 GMT (14:50 PDT) Last week Russian developer Alexey Borodin hacked Apple's In-App Purchase program for all devices running iOS 3.0 or later, allowing iPhone, iPad, and iPod touch users to circumvent the payment process and essentially steal in-app content. Apple confirmed the workaround and said it was investigating the issue. This week, Cupertino tried to block the hack but failed. Now the company is finally outlining a proper solution, albeit temporary, as it also revealed that iOS 6 will finally and completely block this hack. In a document titled "In-App Purchase Receipt Validation on iOS" on iOS Developer Library, Apple finally outlines the problem, and promises to fix it: A vulnerability has been discovered in iOS 5.1 and earlier related to validating in-app purchase receipts by connecting to the App Store server directly from an iOS device. An attacker can alter the DNS table to redirect these requests to a server controlled by the attacker. Using a certificate authority controlled by the attacker and installed on the device by the user, the attacker can issue a SSL certificate that fraudulently identifies the attacker’s server as an App Store server. When this fraudulent server is asked to validate an invalid receipt, it responds as if the receipt were valid. iOS 6 will address this vulnerability. If your app follows the best practices described below then it is not affected by this attack. Wait a minute Emil, you told us previously to use store receipts and then found out this method does not work. What gives? Well, Apple this week quietly started including unique identifiers in the validation receipts for in-app purchases (developers have started seeing new receipts which include a field called "unique_identifer"). Now that you know, here are the official details from Apple: My app performs validation by connecting to my own server. How am I affected? If your app follows best practices and performs receipt validation by sending the receipt to your server and having your server perform the validation with the App Store server, your app is not affected by this attack because it does not connect to the App Store server. However, it may be vulnerable to similar attacks when connecting to your server. Use the appropriate cryptographic techniques to ensure that your app is actually connected to your server, and that your server is actually connected to the App Store server. You can use the mitigation strategy outlined in this document as a starting point. For more information, see Security Overview. My app performs validation by connecting to the App Store server directly. How am I affected? The best practice for validating receipts is to send the receipt to your server, and have your server perform the validation with the App Store server. If your app connects to the App Store server directly from the device, your app may be affected by this vulnerability. You can address this vulnerability as follows: Check that the SSL certificate used to connect to the App Store server is an EV certificate. Check that the information returned from validation matches the information in the SKPayment object. Check that the receipt has a valid signature. Check that new transactions have a unique transaction ID. How can I validate transactions that have already completed? Consumables If you have saved the receipts, either on the device or on your server, revalidate the receipts after implementing your mitigation strategy. If you have not saved the receipts, you cannot validate these past transactions; you should not take any action. Nonconsumables Set aside the current receipts, perform a restore operation, and validate the new receipts. Avoid redownloading content that is already on the device during this process. The worst part about this hack is that iOS developers had no way of protecting their apps. Using store receipts didn't work as Borodin's service simply needed a single donated receipt, which it could then use to authenticate anyone's purchase requests. His circumvention technique relied on installing certificates (for a fake in-app purchase server and a custom DNS server), changing DNS settings to allow the authentication of "purchases," and finally emulating the receipt verification server on the Apple App Store. Affected iOS apps treat Borodin's server as an official communication because of how Apple authenticates a purchase. Until recently, there was nothing that ties the purchase directly to a customer or device, meaning a single purchased receipt could be used again and again. In short, this hack meant in-app purchase requests were being re-routed as well as approved. Now developers can thwart the approval process. Still, Cupertino is transmitting its customers' Apple IDs and passwords in clear text (Apple assumed it would only ever be communicating with its own server). The following information is transferred from your device to Borodin's server: app restriction level, app id, version id, device guid, in-app purchase quantity, in-app purchase offer name, app identifier, app version, your language, and your locale. Whoever operates in-appstore.com could easily be gathering everyone's iTunes login credentials (as well as unique device-identifying data) in a classic man-in-the-middle attack. My guess is Apple will address this part of the hack in iOS 6. http://www.zdnet.com/apple-to-block-in-app-purchase-hack-in-ios-6-offers-interim-fix-7000001319/

Woman strips in public to protest e-book pirates (NSFW video) Summary: What's the best way to protest e-book piracy? Brazilian author Vanessa de Oliveira believes it's scribbling the phrase "NO TO PIRACY" on your chest and back in red ink, and then proceeding to strip naked outside the Governmental Palace. By Emil Protalinski for Zero Day | July 21, 2012 -- Updated 21:10 GMT (14:10 PDT) http://www.youtube.com/watch?v=lxrVaj3_HSA&feature=player_embedded#! Vanessa de Oliveira, a former international call girl and Brazilian author of five books, on Thursday stripped in front of the Governmental Palace in Lima, Peru. Her reason was simple: she's tired of eBook pirates and wants her voice to be heard. Oliveira arrived at the Plaza de Armas in the back of a truck. She then jumped out, stood in front of the Government Palace, and peeled back a long dark coat revealing the words "NO A LA PIRATERIA" (NO TO PIRACY) strayed across her chest and back in red ink. Here's what Oliveira said, according to El Comercio (I'm paraphrasing based off what Google Translate spits out in Chrome): I'm doing this so my book is not pirated anymore anywhere in the world. A country is built with culture, with books. Pirating books endangers culture. This is the first country where I've see this phenomenon. In Brazil, there are no pirated books. What I'm seeing here is a disgrace. Oliveira had more to say on her website (again, rough translation): Some people will find it crazy, others will condemn, some say that a lone protest accomplishes nothing (really?), There will be those who applaud the act and there are those who will sprinkle me ... No matter, after all, what I did today on behalf of others' opinions? Nothing. And so I intend to continue. And believe me, the last thing I do is remain silent in the face of an injustice and if no one else will I go alone, because if I see a hope of changing a situation there is no fear that intimidates me, I am away or exhaustion overwhelmed me drop. The author goes on to explain how all her books had already been pirated when she arrived in Peru. Oliveira said the launch of her most recent book was the last straw. 14 hours after the debut at the International Book Fair, it was already being sold illegally on the street. She complained that going to the police was a waste of time as was asking pirates nicely to stop. That's when the redhead decided to take a more radical approach that would actually have an effect. TorrentFreak put it best: And for those cynics thinking that this was just some sort of sexually motivated anti-piracy publicity stunt to sell more books, wash your dirty minds. The fact that Oliveira is appearing today at the Chamber of Commerce in Lima with a presentation titled "Seduce Clients" has absolutely no connection to what happened Thursday. Something tells me Oliveira will see an increase in both sales and the piracy of her books. I wonder how exactly she'll feel about that. http://www.zdnet.com/woman-strips-in-public-to-protest-e-book-pirates-nsfw-video-7000001329

Google Acquires Sparrow the Popular Mac and iPhone Email App Maker July 21st, 2012, 11:03 GMT · By Lucian Parfeni Google has bought Sparrow, a small company that makes the email app of the same name. Sparrow has been very popular with iPhone and Mac users and the app is considered an upgrade over the stock Gmail app Google provides for the iPhone. Granted, the stock Gmail app for iOS is pretty bad and basic. The Paris-based Sparrow team will be joining Google and will start working on "new projects" aka on Gmail, most likely for iOS though maybe for other platforms (Android) as well. The Sparrow app, which is paid, will continue to be maintained, but it will get no new features. This is both bad news and good news for iOS users. On the one hand, if they've paid for Sparrow, they may feel a bit betrayed knowing that it will no longer be developed. On the other hand, there's a good chance that the iOS Gmail app is going to get a lot better in the next few months. Mac users aren't so lucky. "We're excited to announce that Sparrow has been acquired by Google! We care a lot about how people communicate, and we did our best to provide you with the most intuitive and pleasurable mailing experience," Sparrow announced. "Now we're joining the Gmail team to accomplish a bigger vision — one that we think we can better achieve with Google," it said. "While we’ll be working on new things at Google, we will continue to make Sparrow available and provide support for our users. We had an amazing ride and can't thank you enough," it added. Google has had no interest in building a desktop client and still doesn't. So the people that have been using Sparrow on their Macs are the most affected as it's unlikely that version of the app will be seeing any improvements. Google wants people using the online version. Things are a bit different on the mobile front. There is a rumor that Sparrow had an iPad app in the works. That may or may not see the light of day. But it is a given that Google will put the Sparrow team to work on a new iOS version of the Gmail app. Anything they can come up with will be much better than what Google currently offers. http://news.softpedia.com/news/Google-Acquires-Popular-Mac-and-iPhone-Email-App-Maker-Sparrow-282497.shtml

De ce sa nu fie si Pentesting, e la egalitate cu Linux ca numar de voturi, 16.06%. Se pot spune multe in acest domeniu. De exemplu, bazele BackTrack. Serviciile de baza, DHCP, Apache, SSHD, Tftpd, VNC Server. Bazele Bash Scripting. Netcat, Bind&Reverse shell. Folosirea WireShark, Sniffing&Injecting, Filtre, TCP Streams. Apoi putand trece pe partea de web, invatand cate ceva despre "Google Hacking". Operatori avansati ai Google, cautarea de servere vulnerabile cu ajutorul Google si Google API. Port Scanning. Bazele TCP/UDP Port Scanning. Nmap, scanarea dincolo de retea si Unicornscan. ARP Spoofing, incepand cu teoria, urmata de o lectie "hardcore" despre "Victim&Gateway Packet". Folosirea Ettercap in DNS Spoofing. Buffer overflow Exploitation (Win32), incepand cu un prezentare generala. Urmata de cautarea bug-urilor. Fuzzing. Controlarea EIP impartita in, Binary Tree analysis si Trimiterea unui string unic. Gasirea spatiului necesar pentru Shellcode. Redirectionarea fluxului de executie. Folosirea OllyDbg. Crearea propriului Shell. Imbunatatirea stabilitatii exploit-ului. Apoi, se poate trece pe partea de lucru cu exploit-uri. Cautarea dupa un exploit in BackTrack folosind exemplul RPC DCOM si Wingate. Cautarea dupa exploiti pe partea de web, axand pe securitate. Milw0rm si Exploit-DB. Transferul de fisiere. Folosirea TFTP, FTP, Inline transfer, folosind echo si DEBUG.exe. Apoi, de ce nu, exploatarea framework-urilor. Pentru inceput Metasploit, interfata command line a Metasploit (MSFClI) Consola Metasploit (MSFCONSOLE) Interfata web Metasploit(MSFWEB) Cateva Payload-uri interesante, Meterpreter, PassiveX si Binary. Ar mai fi modulele auxiliare ale Framework 3. Urmate de atacurile Client-Side. Prezentarea generala a atacurilor client-side, apoi punerea lor in actiune. Apoi de ce nu, o mica joaca cu port-urile, Redirectionare, incapsulare SSL(Stunnel). HTTP CONNECT Tunneling, Proxy TUnneling. Password Attacks. Online Password Attacks, Hydra, bruteforce FTP, POP3, SNMP, Microsoft VPN, Hydra GTK. Ciudateniile din Windows, Registry Backdoors. Rootkits, Aphex, HXDEF, R.I.P. Nu vad de ce nu am profita de ocazie, sa includem si Pentesting pe lista cursurilor. E un domeniu frumos, cu un continut foarte interesant si "stufos".

Dupa ce ai luat BSSID-ul, vezi daca si CH-ul (channel-ul) l`ai luat corect. airodump-ng -c (CH) --bssid (BSSID) -w (fisier) (interfata) Deci, din cate inteleg problema e la trimiterea Auth Request-ului. Cel mai probabil sintaxa e de vina, aireplay-ng -1 0 -a (BSSID) -e (ESSID(numele SSID-ului acces point-ului) ) -h (MAC-ul tau) (interfata)

Bun, deci ai aflat BSSID din airodump-ng interfata. Apoi ai capturat informatii folosind BSSID-ul copiat anterior dupa care ai creat trafic in router cu aireplay-ng pentru a colecta destule date ulterior pentru aircrack. Apoi problema e la aircrack? Verifica sintaxa, aircrack-ng -b (BSSID-ul) (Fisier.cap) Sau specifica la ce comanda mai exact te`ai impotmolit.

Kevin Mitnick joins the Zimperium team Posted On 7/20/2012 07:09:00 AM By THN Security Analyst Security firm Zimperium developer of Android app zANTI (Android application Toolkit) now have World Best Hacker "Kevin Mitnick" in their Team. In a Press Release ,Itzhak “Zuk” Avraham said "Zimperium is honored and excited to announce our newest member of the advisory board, world renowned hacker Kevin Mitnick.We are thrilled to have Kevin on board and feel that his leadership and consultancy will help Zimperium to get to the next level,through corporate efficiency, brand recognition and better quality solutions for our clients!" Zimperium Ltd. is a privately owned start-up located in Tel Aviv, Israel; whichdesigns and develops cutting edge Intellectual Property in the field ofinformation security and mobile technology. The company was founded in 2010. "Mobile devices are the new target-rich environment. Based on lessons learned in the early days of the personal computer,businesses should adopt a proactive approach to mobile security so they don't repeat the same mistakes that resulted in billions of dollars in economic loss.” Mitnick said. Mitnick joined Zimperium team to support the effort of providing advanced security protections for enterprises facing modern mobile threats,those threats were mismanaged and exposed enterprises to cyber-espionage, Mitnick also added: "It's an honor and privilege to join Zimperium to help innovate solutions in the mobile security space. It will be a new exciting and challenging pursuit ahead." Zimperium will introduce its smartphone security solution, zCore IPS, for enterprises and mobile carriers at the Blackhat event next week.Between Blackhat & DEFCON conferences, Zimperium will host a private event named "Compile n' Crash Bash" featuring Kevin Mitnick, Zuk and the rest of Zimperium's team together with the latest Pentester's Worldcup Winner. Kevin Mitnick joins the Zimperium team : The Hacker News ~ http://thehackernews.com/2012/07/kevin-mitnick-joins-zimperium-team.html

Madi Malware: Another Trojan Targets Organizations from the Middle East July 18th, 2012, 07:35 GMT · By Eduard Kovacs Researchers from Symantec, Kaspersky and Seculert have all come across Madi (Madhi), a relatively new piece of malware that mainly targets organizations from the Middle East. Before we take a look at Madi and compare it to other infamous Trojans such as Stuxnet, Duqu, or Flame, let’s take a quick look at its name. According to Wikipedia, Mahdi is considered to be the redeemer of Islam who will rid the world of tyranny, injustice and wrongdoings. So, will this malware be able to rule for seven, nine or nineteen years before the Day of Judgment as some prophecies say? Let’s see what the experts believe. First observed in December 2011, Madi has mainly targeted computer systems from Iran, Israel, Saudi Arabia and Afghanistan, but also from other parts of the globe such as United States, New Zealand and Greece. The organizations attacked with the aid of the Trojan include government agencies, financial houses, critical infrastructure engineering firms, oil companies, and think tanks. After it’s installed on a device, Madi is able to take screenshots, record audio, retrieve disk structures, delete data, and update the backdoor. As expected, it also has keylogging functionality that allows it to collect all sorts of sensitive data. While the locations of the targets indicate that this may be a state-sponsored campaign, other evidence found by Symantec leads researchers to believe that the attacks may actually be conducted by a “Farsi-speaking hacker with a broad agenda.” However, there is something far more interesting about this virus. Unlike Flame, Duqu or Stuxnet – which leveraged zero-day exploits and other advanced techniques – Madi mainly relies on social engineering to infect machines. The attacks start with enticing content such as news articles, religious images, controversial videos, and PowerPoint presentations that unleash the nasty Trojan. So far, experts identified a number of 800 victims, communicating with four command and control servers. http://news.softpedia.com/news/Madi-Malware-Another-Trojan-Targets-Organizations-from-the-Middle-East-281808.shtml

Skype Source Code Leaked, Experts Say It’s Old Reverse Engineering Project July 18th, 2012, 11:50 GMT · By Eduard Kovacs An Anonymous-affiliated hacker that goes by the name of Stun, claims to have leaked Skype’s source code and the de-obfuscated binaries as a form of protest against the “governmental backdoor.” “After Microsoft acquiring Skype for 8.5 billion dollars and proceeding to add back doors for government to the program, the software has been hacked and it's source code released,” Stun wrote next to links that point to three files hosted on The Pirate bay. The hacktivist motivates his actions by pointing to articles that show that Skype is utilized as a medium to spread viruses onto the computers of activists from Syria. However, experts state that the source code published by the hacker is actually the one leaked some time ago by a researcher who reverse engineered the Windows binaries. Security researcher Janne Ahlberg says that the same files have been distributed already earlier this year. Furthermore, he believes that they’re part of the reverse engineering case in which Skype pursued the researcher, accusing him of “unauthorized use of their application for malicious activities.” “I managed to get a copy of the file ‘skype55_59_deobfuscated’ from May. It is not Skype source code, but a reverse engineered version of the Windows binaries. The tool used in reverse engineering seems to be IDA disassembler/debugger,” Ahlberg told Softpedia in an email. “Stun's tweet seems to be based on this reverse engineering project,” he concluded. So there you have it. It seems that this is nothing more than a classic case of a hacker that takes the work of others and publishes it as his own. Sophos researchers have analyzed the reverse engineering case of the Skype protocol. Head of Technology Paul Ducklin presented a detailed scenario of what would happen if the popular application’s source code actually got leaked. http://news.softpedia.com/news/Skype-Source-Code-Leaked-Experts-Say-It-s-Old-Reverse-Engineering-Project-281892.shtml

Open letter to the Australian people from Mother of Julian Assange Posted On 7/19/2012 09:25:00 PM By THN Security Analyst There have been numerous public statements made about WikiLeaks and its editor-in-chief Julian Assange that are factually inaccurate.Prime Minister Julia Gillard said about WikiLeaks, "It's illegal." Attorney General Nicola Roxon said my son "fled Sweden." The media repeatedly states, "Assange is charged or facing charges" in relation to Swedish sex allegations. There have been numerous public statements made about WikiLeaks and its editor-in-chief Julian Assange that are factually inaccurate.Prime Minister Julia Gillard said about WikiLeaks, "It's illegal." Attorney General Nicola Roxon said my son "fled Sweden." The media repeatedly states, "Assange is charged or facing charges" in relation to Swedish sex allegations. If you want to know The Truth About Julian Assange And Wikileaks , Please read our previous Story "One Man Fights for 7 Billion People, One Mother Battles to Wake Them Up" Letter is as below, To read complete Press Release (Click Here) Dear Member of Parliament, We (Wikileaks Australian Citizens Alliance) are writing to you on behalf of Christine Assange, (Julian Assange's mother) who is currently in the UK, waiting for the UK Supreme Court Ruling on her son's appeal against extradition to Sweden. This ruling will be handed down later today (EST) and we, like Christine and many other Australian citizens are deeply concerned and disappointed at the lack of public support and diplomatic support being offered to Julian Assange by the Australian Government. Julian Assange is an award winning Australian journalist who has not been charged with any crime in any country and yet he has been held under house arrest for 540 days! If Julian is extradited to Sweden he will be placed in solitary confinement, incommunicado with no opportunity for bail and then trialled in secret. Extradition to Sweden also places Julian's life and liberty in jeopardy with the likely result being a 'fast track' onward extradition to the USA, under Sweden's temporary surrender regime which is part of their bilateral extradition agreement with the USA. Once in the USA Julian may be held indefinitely in a military prison, while the USA builds a case against him for the release of US diplomatic Cables. In publishing these cables Wikileaks and Julian Assange as Editor-in-Chief have done no more than hundreds of other media organisations have done around the globe and yet the pursuit of Julian Assange and Wikileaks (including staff and supporters) has been relentless by the USA Government. We urge you to read Christine's open letter to the Australian people and to act immediately to protect a fellow Australian; to ensure his human rights and citizenry rights are upheld. sincerely, Sam Castro & Kaz Cochrane WACA WikiLeaks Australian Citizen’s Alliance Open letter to the Australian people from Mother of Julian Assange : The Hacker News ~ http://thehackernews.com/2012/07/open-letter-to-australian-people-from.html

FACT : One in five Microsoft logins controlled by hackers Posted On 7/18/2012 01:18:00 AM By THN Security Analyst About 20 percent of Microsoft Account logins are found on lists of compromised credentials in the wake of hack attacks on other service providers, Eric Doerr, Group Program Manager for Microsoft's Account system said. A significant proportion of compromised credentials Microsoft sees from other services have the same username and password on the Microsoft account system (formerly Windows Live ID) logins, which cover services such as Hotmail, Messenger and SkyDrive. These logins have not been compromised from the Microsoft server, but are instead based on login information leaked from other sites. "These attacks shine a spotlight on the core issue people reuse passwords between different websites," We Request to Readers, DON’T REUSE YOUR PASSWORDS! FACT : One in five Microsoft logins controlled by hackers : The Hacker News ~ http://thehackernews.com/2012/07/fact-one-in-five-microsoft-logins.html

Skype privacy bug that can Send Messages To The Wrong Contacts Posted On 7/18/2012 01:02:00 AM By THN Security Analyst What if when you sent a message to someone, it had a very good chance of going to someone else in your contact list? That would be pretty scary right? That what some Skype users are reporting. The bug was first discussed in Skype’s user forums, and seems to have followed a June 2012 update of the Skype software. Skype has confirmed the bug existence and that a fix is in the works. However, the company characterizes the bug as “rare.” Purchased by Microsoft last year for $8.5 billion, the Luxemburg company which has as many as 40 million people using its service at a time during peak periods, explained that messages sent between two users were in limited cases being copied to a third party, but did not elaborate further on the matter. Five other individuals of the Microsoft-owned program confirmed they were also seeing instant messages being sent to the wrong person from their contact list. Sometimes it's just a few messages, while other times it's a whole conversation. Skype has, on its blog, confirmed the issue of a bug sending instant messages to wrong contacts and has promised a fix. Addressing the issue, Skype wrote, "Based on recent Skype customer forum posts and our own investigation over the past couple of days, we have identified a bug that we are working hard to fix." Skype privacy bug that can Send Messages To The Wrong Contacts : The Hacker News ~ http://thehackernews.com/2012/07/skype-privacy-bug-that-can-send.html