This was discussed at DefCon 18 in a talk by Sammy Kamkar, but as far as I know, Sammy didn’t release his code, so I had to come up with something on my own. First, one big difference. His version of this uses the Google Location Services API. I’ve opted to use the Skyhook service [...]
Archive for September, 2010
Geolocation Using BSSID
Posted: 22nd September 2010 by Matt in code, hacks, news, securityTags: attack, BSSID, DefCon, demo, Geolocation, GPS, mac, Skyhook, SSID, war, WiFi
17
Really, Adobe?
Posted: 20th September 2010 by Matt in code, hacks, news, securityTags: 0day, Acrobat, Adobe, cooltype, corporate, dll, exploitation, information, own, PDF, penetration, SING, software, strncat, SumatraPDF, vulnerability, Xpdf
So, I’ve come across a lot more information regarding the no-longer-0day Adobe vulnerability (oh, wait, that’s right.. there have been like, 12 in the last 30 days.. I’m referring just to the SING table one). Anyway, a penetration testing company named Ramz Afzar has released an unofficial patch to fix the Adobe vulnerability, because apparently [...]
Anti-US Hacker Takes Credit For “Here you have” Worm
Posted: 13th September 2010 by Matt in newsTags: Anna Kournikova, hacker, here you have, Joe Stewart, malware, Robert McMillan, Terry Jones
(Source: Computer World) IDG News Service – A hacker who claims he was behind a fast-spreading e-mail worm that crippled corporate networks last week said that the worm was designed, in part, as a propaganda tool. The hacker, known as Iraq Resistance, responded to inquiries sent to an e-mail address associated with the “Here you [...]
0day “Here you have” Worm – Prevention at the Gateway
Posted: 10th September 2010 by Matt in code, hacks, news, securityTags: gateway, infect, INPUTMSG, mimedefang, perl, Prevention, protect, rule, rules, script, sendmail, spam, virus, worm
“…that we all feared might happen someday…”? Where has this chick been? ANYWAY….. Whenever I hear about an email worm going around an infecting people left and right, I kind of chuckle to myself. These are absurdly easy to block, yet no one seems to do it. I’m in charge of all the network operations [...]
Vendor Response to Backdoor in Accton Switches Post
Posted: 10th September 2010 by Matt in news, securityTags: Accton, Accton-based, attack, backdoor, fix, hack, hacked, lan, network, owned, password, passwords, risk, secure, security, SNMP, vlan, vulnerable, workaround
A few days ago I posted an article that was circulating regarding a backdoor in to Accton based switches. You can read that post here. Shortly after, a person by the name of “CK”, who apparently works for the vendor, responded with the company’s side of the story. I then issued my response, and CK [...]
An Open Letter to Microsoft
Posted: 8th September 2010 by Matt in news, securityTags: Apache, Blaster, Boink, Bonk, code, Code Red, company, computer, Conficker, crash, denial of service, denial of service attack, exploits, Frag, IIS, ILOVEYOU, irc, Land, Linux, Microsoft, MyDoom, Nestea, NewTear, Nimda, Sandmind, Sasser, Sircam, Slammer, SoBig, Sping, spyware, SQL, TearDrop, vulnerability, vulnerable, Windows, WinNuke, worm
Dear Microsoft, I have watched you develop as a company, starting with Windows 3.1. It was most peoples first experience with a PC and considering that there was really no other marketed OS (Linux was brand new and not really totally “usable” yet. I ran it, but it was not for the faint of heart. [...]
Compromising Hosts With SNMP
Posted: 3rd September 2010 by Matt in hacks, securityTags: change, community, MIB, msfcli, nmap, OID, read, set, SNMP, snmpget, snmpset, snmpwalk, value, write
First, if you’ve never fully researched SNMP (Simple Network Management Protocol), I suggest you go do that now because you’re doing yourself a major disservice by not knowing/using the information that’s available through the use of this protocol… not to mention the amount of remote control you have over a machine if you’re able to [...]