Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

SQL Injection Vulnerability
Hacking Tools PenTesting Tools Software Release SQL Injection Vulnerability

sqlsus 0.7 released with Time-based Blind SQL injection support

Sqlsus is an open source MySQL injection and takeover tool, written in perl. It is used to test the vulnerability of web application. It uses stacked subqueries and an powerful blind injection algorithm to maximise the data gathered per web server hit.Using multithreading on top of that, sqlsus is an extremely fast database dumper, be it for inband or blind injection.


Sqlsus now supports time-based blind injection and automatically detects web server / suhosin / etc.. lentgh restrictions.

The official Change Log:
  • Added time-based blind injection support (added option "blind_sleep", and renamed "string_to_match" to "blind_string").
  • It is now possible to force sqlsus to exit when it's hanging (i.e.: retrieving data), by hitting Ctrl-C more than twice.
  • Rewrite of "autoconf max_sendable", so that sqlsus will properly detect which length restriction applies (WEB server / layer above). (removed option "max_sendable", added options "max_url_length" and "max_inj_length")
  • Uploading a file now sends it into chunks under the length restriction.
  • sqlsus now saves variables after each command, so that forcing it to quit (or killing it) will not discard the changes that were made.
  • Added a progress bar to inband mode, sqlsus now determines the number of rows to be returned prior to fetching them.
  • get db (tables/columns) in inband mode now uses multithreading (like everything else).
  • clone now uses count(*) if available (set by "get count" / "get db"), instead of using fetch-ahead.
  • In blind mode, "start" will now test if things work the way they should, by injecting 2 queries : one true and one false.
  • sqlsus now prints what configuration options are overriden (when a saved value differs from the configuration file).
Bug Fixes:
  • Fixed some misuse of the object returned by LWP UserAgent that could trigger a perl error.
  • Fixed a useless memory consumption in the IPC that could trigger an "out of memory" error (since 0.5RC1).
  • Removed a false error display in backdoor sql mode when using INSERT, UPDATE, DELETE, DROP, etc..
Download from Here:
http://sqlsus.sourceforge.net/download.html
Read more »
Security News
Kernel Hacks Microsoft Hacks Security Advisory Security News

Microsoft released temporary fix for Kernel 0-day Security Flaw


Few days back, Symantec and the Laboratory of Cryptography and System Security (CrySyS) discovered the zero day security flaw in windows kernel while analyzing the Duqu malware.  Microsoft released a temporary fix this problem.  Microsoft determine the problem is in the Win32k TrueType font(TTF) parsing engine.

An attacker can exploit this vulnerability and install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft is working on to fix this vulnerability with partners in Microsoft Active Protections Program (MAPP). In mean time, Microsoft released "Fix this problem" tool as a temporary solution.

This tool will disable the system access to the T2embed.dll file. The problem with that is it will prevent any applications that rely on embedded TTFs from rendering properly. This is a common practice in Microsoft Office documents, browsers and document viewers.

Read more »
Hackers News
Cyber Army Cyber Attacks Hackers News

Hackers shut Down the entire Internet and Phone service in Palestine


Hackers Attacked the  Palestinians main servers and shut down the Internet and Phone service,says  Mashour Abou Daqqa (Palestinian Telecoms minister) on Tuesday.  He alleged foreign govt behind this attack.

The attack affected Internet service across the West Bank and Gaza.The minister said hackers are using international IP servers that indicates location as Germany, China, and Slovenia . 

"Since this morning all Palestinian IP addresses have come under attack from places across the world," Mashur Abu Daqqa told AFP on Tuesday afternoon.
 
"The sites have been attacked in an organised using mirror servers.

"I think from the manner of the attack and its intensity that there is a state behind it, and it is not spontaneous."

"Israel could be involved as it announced yesterday that it was considering the kind of sanctions it would impose on us," he added.

The incident came a day after the United Nations Educational, Scientific and Cultural Organization voted to admit Palestine as a full member of the group, a move that angered Israel.

Hackers have also shut down the Internet in the Palestinian territories before. In 2002, Wired reported that the Israeli army took over the offices of the leading Palestinian Internet service provider, Palnet, and shut down its operations. Services went back up after 24 hours.After then-Egyptian President Hosni Mubarak shut down the Internet and cellphones to quell unrest early this year, he was required, along with two of his aides, to pay $90 million in fines for damaging the country’s economy.
Read more »
Hackers News
Cyber Crime Hackers Arrested Hackers News

US Man accused of Celebrity Account Hacking pleads not guilty


A US man accused of Celebrity account hacking pleads not guilty Tuesday to hacking into the email accounts of celebrities such as Christina Aguilera, Mila Kunis and Scarlett Johansson, whose nude photos eventually landed on the Internet.

Christopher Chaney, 35, made his first court appearance in California, where he's been indicted on 26 counts, including unauthorized access to a computer and wiretapping. If convicted, he faces up to 121 years in prison.

Chaney was arrested as part of a yearlong investigation of celebrity hacking that authorities called "Operation Hackerazzi."

There were more than 50 victims. Some nude photos taken by Johansson herself were posted on the Internet. Chaney offered some material to celebrity blog sites, but there wasn't any evidence that he profited from his scheme, authorities said.

U.S. Magistrate Judge Patrick Walsh denied federal prosecutors' request to remand Chaney to custody but modified his bond to $110,000, and he will wear an electronic monitoring device upon his return to Florida.

A trial has been scheduled for Dec. 27.
Read more »
Security News
Cyber Security Hackers Conference Security News

International Cyber Security Conference in London


An Internation cyber Security Conference has begun in London, 60 countries gathered to discuss about the Cyber Crime and Security. 

Experts attending the conference included EU digital supremo Neelie Kroes, Cisco's vice-president Brad Boston and Joanna Shields, a senior executive at Facebook.

Mr Hague led the opening session.

"The biggest threat to the internet is not cybercriminals, but misguided or overreaching government policy," Mr Hague said.

Ross Anderson, professor of security engineering at Cambridge University, said there had been a "great growth" in cybercrime over the past six years.

"As many as 5% of PCs are infected with malware - short for malicious software -  and there was a one in 20 risk that any given computer was sending spam without the owner's knowledge." Prof Anderson added.

UK Prime Minister David Cameron said, "We have to come together to tackle cyber crime... This costs the United Kingdom an estimated 27 billion pounds a year."
Read more »
Web Application Vulnerability
CAPTCHA Security Security Breach Vulnerability Web Application Vulnerability

CAPTCHA Security On popular sites hacked using Automated Tool


Researchers Elie Bursztein, Matthieu Martin and John C. Mitchel ,from Standford university developed an automated tool that can break the text-based anti spam test used in many popular sites. 

In order to block Spam comments and Automated registration, websites use CAPTCHA Security Test.
For example, whenever you register in forum, it will ask to enter the exact text in the image.  

They tested their tool against 15 popular websites.  13 out of 15 sites are vulnerable to Automated Attack.

Success rate on Visa's Authorize.net payment gateway is 66%. 70% success rate on Blizzard's World of Warcraft portal. Other interesting results were registered on eBay, whose CAPTCHA implementation failed 43% of the time, and on Wikipedia, where one in four attempts was successful. Lower, but still significant, success rates were found on Digg, CNN and Baidu -- 20, 16 and 5% respectively. Meguapload has success rate 93%(highest one).

The only tested sites where CAPTCHAs couldn't be broken were Google and reCAPTCHA.


After these test result come out, Authorize.net and Digg have switched to reCAPTCHA. 

The researchers, Elie Bursztein, Matthieu Martin and John C Mitchel have also developed techniques to break audio CAPTCHAs on sites like Microsoft, eBay, Yahoo and Digg, presented their latest research at the recent ACM Conference On Computer and Communication Security in Chicago.

Download Full report:
https://cdn.elie.net/publications/text-based-captcha-strengths-and-weaknesses.pdf
Read more »
Web Application Vulnerability
Google Hacks Vulnerability Web Application Vulnerability

Google Maps URL Injection Vulnerability

Google maps is vulnerable to URL Injection(redirects to another page) , discovered by Sony.

Vulnerable Link:
http://maps.google.com/m/preferences?pref=s&bl=//st2tea.blogspot.com&hl=1&safe=strict&safe=images&safe=off&gwt=on&gwt=off&lochist=on&lochist=off&sigp=pref%20bl&sig=AMctaOIRgcTAHYXz1KuVsPHwVpqFKrQCJg

or

http://maps.google.com/m/preferences?pref=s&bl=//%73%74%32%74%65%61%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D&hl=1&safe=strict&safe=images&safe=off&gwt=on&gwt=off&lochist=on&lochist=off&sigp=pref%20bl&sig=AMctaOIRgcTAHYXz1KuVsPHwVpqFKrQCJg

Demo Video:

Author:
Sony
Read more »
Hackers Meeting
Def Con Chennai Hackers Conference Hackers Meeting

Next DEFCON Chennai Meeting on January , 2012



Next DEF-CON Chennai Meeting is scheduled at the end of January ,2012(Due to lot of people having exams and semester during the months of October, November and December.). The 4th edition of our meet will be really big, we will be having more than 7 speakers and it's still counting.

We have planned for discounts for the people who are coming in teams and even T-shirts for DEF-CON Chennai is also been planned.

---------
This time , i am also coming to the meeting.
Read more »
Zero Day
Malware Attack Malware Report Microsoft Hacks OS Vulnerability Symantec Vulnerability Zero Day

Zero-day Vulnerability in Windows Kernel exploited by Duqu worm


Zero-Day Vulnerability found in Windows Kernel by Researchers at the Cryptography and System Security (CrySyS) Lab, as the result of Analyzing the Duqu malware.  CrySys immediately reported to the Microsoft about the vulnerability.

CrySys discovered the Duqu Binaries and confirmed that it is nearly identical to Stuxnet.Thus far, no-one had been able to find the installer for the threat and therefore no-one had any idea how Duqu was initially infecting systems.

As the result of Research, CrySys found the installer as Microsoft word document file(.doc) that use a previously unknown kernel vulnerability.  When the .doc file is opened, the Duqu infects the system.

W32.Duqu is a worm that opens a back door and downloads more files on to the compromised computer. It also has rootkit functionality and may steal information from the compromised computer.

Duqu Infection:

"The Word document was crafted in such a way as to definitively target the intended receiving organization. Furthermore, the shell-code ensured that Duqu would only be installed during an eight-day window in August. Please note that this installer is the only installer to have been recovered at the time of writing—the attackers may have used other methods of infection in different organizations.", Symantec Report.

Once the system infected by Duqu, the attacker can control the system and infects other organization through the Social Engineering.  In one organization, evidence was found that showed the attackers commanding Duqu to spread across SMB shares.

Even though the system didn't have the ability to connect to the Internet , the Malware  configured such that to communicate with C&C Server using other infected system that has Internet connection.

Consequently, Duqu creates a bridge between the network's internal servers and the C&C server. This allowed the attackers to access Duqu infections in secure zones with the help of computers outside the secure zone being used as proxies.

Several Countries become the victim of this Duqu malware.  According to Symantec report, there are 8 countries infected by this malware.

As the result of Analysis, the researcher discovered that malware contacts a server hosted in India.

"Microsoft is collaborating with our partners to provide protections for a vulnerability used in targeted attempts to infect computers with the Duqu malware. We are working diligently to address this issue and will release a security update for customers through our security bulletin process," Jerry Bryant, group manager of response communications in Microsoft's Trustworthy Computing group said in a statement

updated whitepaper (version 1.3) from Symantec .

Read more »
WordPress hacks
Malware Attack Malware Report Vulnerability Web Application Vulnerability WordPress hacks

TimThumb vulnerability in Wordpress leads to malware infection

Last month, Thousands of Wordpress  sites infected by malware , discovered by Armorize. Avast Researchers investigate this hack and conclude that Blackhole exploit kit made by Russian Developers and available for $1500 in black market.

The Vulnerability in non-updated TimThumb allows attackers to upload and execute arbitrary PHP code in the TimThumb cache directory which will download other malicious files. But this is not the only way for example they use stolen passwords to direct FTP changes.

In your FTP, alongside other site files, a new file will appear that looks like this: ./wp-content/w3tc/min/a12ed303.925433.js or ./wp-includes/js/l10n.js

These scripts redirects to a new site where the Black Hole exploit kit is located. The victim is then served a JAR file, that will deploy other malicious downloads to the infected system.

source:
Avast

Read more »
Subscribe to: Comments (Atom)