Sie befinden sich aktuell in den Archiven des Blogs Sleeping Sheep Hackers… für Oktober, 2009.
- 15.5.2012: Link: Check the site before you surf it
- 15.5.2012: Link: Russian Cyber Crime 2011
- 7.5.2012: Solution to wicd problem
- 12.3.2012: Hacking: Post exploitation
- 28.2.2012: Link: DDoS
- 2.2.2012: Link: Best Security Certificate
- 31.1.2012: Hacking: SQL Injection tools for free
- 31.1.2012: Link: Antivirus stuff
- 31.1.2012: The SEVER Methodology
- 30.1.2012: Humor: Yes, we did it!
Archive für Oktober 2009
Things that sometimes get overlooked
19.10.2009 von matti.
During a network assessment there should always be some investigation for public information on the Internet. This includes of course a look at the registrars.
One thing that sometimes gets overlooked is the auth method within the whois records:
http://www.ripe.net/db/news/MD5-HOWTO.html
So what could be the issue here ? 
Geschrieben in hacking | Drucken | Keine Kommentare »
Fash hacking 101
19.10.2009 von matti.
As it had been mentioned before there some standard tools that can be utilized for assessing a flash based web application.
http://www.nowrap.de/
Offers two different applications. One is flare and the other one is flasm. The first just extracts the ActionScript of a swf file. Nothing else gets extracted. The later disassembles the complete file. Therefore both should be used to get the complete picture.
http://www.owasp.org/index.php/Category:SWFIntruder
Is an OWASP project that helps with the practical application exploitation. Basically you download the flash from the web site and place it on a local running Apache web server. It must be seen more as a framework as you can define your own attacking strings and so for. There are a few exploitation strings that come along but more focused on XSS within the swf file. This should never be the only tool utilized during the assessment and more seen as an exploitation framework. The main problem is of course that you do the exploitation on your on machine and therefore the client can easily argue against it.
https://h30406.www3.hp.com/campaigns/2009/wwcampaign/1-5TUVE/index.php?key=swf
SWFScan from HP does a really good job in decompiling the swf file and analyze it for known weaknesses. This should defiantly be part of the assessment.
All this tools have of course the limitation that they do not take the communication with the database into account. SWFScan looks for insecure calls from the swf file but that does not give you a complete picture.
Therefore it is essential to perform a complete web application test. The fash application normally results in quite a lot of post requests.
The problem you are facing with such a test is that you have to scope it. The best approach from my point of view is to look at the application and make an estimate of how many interactions the user has with the application and how many calls the application does to the infrastructure (web server, database, etc.)
Geschrieben in hacking | Drucken | Keine Kommentare »
Link: from a pro perspective: should this be seen as good or bad
15.10.2009 von matti.
http://googleonlinesecurity.blogspot.com/2009/10/show-me-malware.html
Geschrieben in general | Drucken | Keine Kommentare »
Things that need to be said 2…
12.10.2009 von matti.
Geschrieben in humour, opinion, general | Drucken | Keine Kommentare »
Link: In the Future - Do related tags tell you something?
12.10.2009 von matti.
http://www.librarything.com/tag/geek,+--nerds
http://www.librarything.com/tag/nerds,+--geek
Look at the related tags on the right
And then have fun comparing…But wait:
Ok now that I think about it this is actually not a bad thing.
I just remember http://www.infosecwriters.com/hhworld/hh10/dns.htm especially dnspredict.pl for finding new DNS entries. I used it also to make educated guesses for password attacks. So here is the new idea for educated password guesses. Profile your target and enter it into a search engine that comes up with related tags. Then of course the usual stuff with appending 2 numbers and so on…
Geschrieben in humour, link, hacking, general | Drucken | Keine Kommentare »
Things that need to be said…
12.10.2009 von matti.
Geschrieben in humour | Drucken | Keine Kommentare »
Link: I like things that run in your browser
12.10.2009 von matti.
This is always fun as you can impress certain people more easily…
http://code.google.com/p/websecurify/
Although who comes up with a name like Websecurify Security Testing Framework?
Not sure but it seems that one word could go missing without reducing the meaning by a lot…
PS: Do not forget http://www.bindshell.net/tools/beef/ as it got a bit of a polish since DefCon
Geschrieben in link, hacking | Drucken | Keine Kommentare »
Link: A classic comic for educational purposes
12.10.2009 von matti.
We all know and love it…
So here is another link about the comic (worth a look):
http://bobby-tables.com/
Geschrieben in humour, link, hacking | Drucken | Keine Kommentare »
Link: check if you mail accounts has be hacked
12.10.2009 von matti.
This is in addition to all the gmail, hotmail, and other mail accounts be hacked lately:
http://beta.serversniff.de/mailaccounts
Not that I agree to the methods but it could be useful to some…
But while we are on that subject:
Some of the methods used here could also be used by the bad boys.
So basically let us assume I do want to attack someone!
It would be a good thing to know then when someone is online, right?
So using defence mechanism the other way around is always fun…
Geschrieben in link, hacking | Drucken | Keine Kommentare »
Link: a bit late but… The 2008 Top 10 Web hacks
11.10.2009 von matti.
I know I am a bit late with this… but still worth a look
http://www.slideshare.net/jeremiahgrossman/top-ten-web-hacking-techniques-2008
Geschrieben in general | Drucken | Keine Kommentare »