Here are a couple of videos I put together for my employer Assurance.com.au. The first one is cracking WEP using the AirCrack Suite on Linux.
The second one is cracking WPA PSK using the AirCrack Suite on Linux.
Thanks to Snare (Loukas) from Rex Banner for allowing me to use a couple of their tracks in the vidz.
It’s been a while since I did some sharing, so here you go…I’ve started using this web application fuzzing tool recently called wfuzz:
http://www.edge-security.com/wfuzz.php
It is a cool application for fuzzing parameters in web applications, including login forms. An example of of wfuzz syntax attempting to brute force a web application login form (in this case a Cisco VPN admin page (wishful thinking : P)):
wfuzz -c -z file -f /wordlists/big.txt –hc 404 –html -d “login=admin&password=FUZZ&ok=Login” https://10.10.10.10/admin.html 2 > cisco_vpn_admin.txt
You enter FUZZ in the parameter you wish to fuzz. Pretty simple once you get the hang of it…
It looks like the Liberal Party’s official website has been hacked to make it look like Prime Minister John Howard enjoys “smoking the bone”. In the image below it reads, “The Liberal Party of Australia, John Howard Says “I like to suck dick!”. This has been achieved through the use of XSS.
A spokesman for the Liberal Party’s federal secretariat said that officials were investigating the matter.”It appears to be a hoax, but we’re checking it out,” the spokesman said.
Microsoft has officially released a build of Windows XP SP3. It is reported to have 1073 patches/hotfixes and several new features. Windows XP SP3 does ship with a few new features, the majority of which have been backported from Windows Vista.
Oh dear! The Solaris 10/11 telnet daemon has been exploited. Kcope posted the exploit to Full-Discloser (local mirror) this morning, and the worst part about it is that it doesn’t require any skill. If you can execute a command on the command line, you can exploit this vulnerability, which also means that it can easily be scripted. All you need to do is pass a ‘-fusername‘ as an argument to the –l option you get full access to the OS as the user specified except ‘root’. Here is a command line example:
telnet -l “-fbin” target_address
In my experience, I have seen the telnet daemon enabled on a lot of hosts that I have reviewed even if ssh is used.
I hear the sound of system administrators frantically disabling the telnet daemons throughout their Solaris environments. : )
At Macworld this year, Apple has released the iPhone. There has been a lot of hype around this release, but it seems that reality has out done the hype for a change.
A couple of the highlights are:
Check out the full write up on ZDNet.
As I thought, Apple has joined Google and Microsoft in the race for world domination…
I am adding this blog entry to help people get some answers about KisMac. I am getting several emails a week, sometimes asking the same questions. While I do my best to answer each email, it is starting to be time consuming.
If you have a question about KisMac please read the comments on this blog entry before emailing me…
Also check out the following resources:
Secunia has released a vulnerability advisory about a new ‘Zero Day’ vulnerability that is currently being exploited by malicous websites. It seems that Microsoft beat everyone to the punch on this one, and released the original advisory. Internet Explorer 6 and 7 is one of the attack vectors, so stay away from any dodgy websites if you insist on using IE.
Bought a video iPod made after the 12th of September 2006? It may have shipped with a trojan virus. Check out the full story here.
Can Apple get anything right at the moment???
Gizmodo is currently running a contest to develop Windows drivers for the iSight webcam. It has been going since July 2006 so hopefully there will be a positive outcome soon.
Check out the site here.
You are currently browsing the archives for the Hacking category.