Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Web Application Scanner
Software Release Web Application Scanner

Web-Sorrow v1.3.6 : a remote web scanner

A perl based tool used for checking a Web server for misconfiguration, version detection, enumeration, and server information. I will build more Functionality in the future. what is's NOT: Vulnerably scanner, inspection proxy, DDoS tool, exploitation framework. It's entirely focused on Enumeration and collecting Info on the target server.


CURRENT functionality:

-S - stands for standard. a set of Standard tests and includes: indexing of directories testing, banner grabbing, language detection (should be obvious), robots.txt, and 200 response testing (some servers send a 200 ok for every req)

-auth - looks for login pages with a list of some of the most common login files and dirs and admin consoles. don't need to be very big list of URLs because what else are going to name it? notAlogin.php???

-Cp - scan with a huge list of plugins dirs. the list is a bit old (2010)

-I - searches the responses for interesting strings

-Ws - looks for web services such as hosting provider, blogging services, favicon fingerprinting, and cms version info

-Fd - look for generally things people don't want you to see. The list is generated form a TON of robot.txt so whatever it finds should be interesting.

-Fp - FingerPrint server based on behavior (unrefined as of yet)

-ninja - A light weight and undetectable scan that uses bits and peaces from other scans

-Sd - BruteForce Sub Domains

-Db - BruteForce Directories with the big dirbuster Database

-ua - use a custom UserAgent. PUT UA IN QUOTES if theres spaces

-proxy - send all http reqs via a proxy. example: 255.255.255.254:8080

-e - run all the scans in the tool

web-sorrow also has false positives checking on most of it's requests (it pretty accurate but not perfect)

EXAMPLES:

basic: perl Wsorrow.pl -host scanme.nmap.org -S

look for login pages: perl Wsorrow.pl -host 192.168.1.1 -auth

CMS intense scan: perl Wsorrow.pl -host 192.168.1.1 -Ws -Cp all -I

most intense scan possible: perl Wsorrow.pl -host 192.168.1.1 -e -ua "I come in peace"

Download it from here:
http://code.google.com/p/web-sorrow/downloads/list
Read more »
DDOS Attacks
Anonymous Hackers Anti Anonymous DDOS Attacks

Anti-Anonymous hacker takes credit for The Pirate Bay DDoS attack

After 72 hours of being hit with a massive Distributed Denial of Service (DDoS) attack, the Pirate Bay is back and Wikileaks are back to online. An Anonymous hater who goes by the name AnonNyre took credit for the attack.

It was initially thought that the hacktivist group Anonymous is responsible for the attack , because The Pirate Bay openly criticized Anonymous' DDoS attacks against Virgin Media, a UK ISP that blocked access to the popular torrent site.But Anonymous denied it, and The Pirate Bay confirmed that they were not on its Facebook page.

Now, an Anonymous hater has claimed he is behind the attack.

" You must be wondering why did I attacked The Pirate Bay.. I am Nyre. I am highly against Anonymous. I do not support Anonymous anymore. I sometimes help the feds. The Pirate Bay was a press-release website for Anonymous, then I had a idea, why not take it down? Why not make it impossible for Anonymous? " Hacker explained in the pastebin.

Hacker doesn't doesn’t mention anything about Wikileaks, which was also under a DDoS attack, and for much longer. Now, The Pirate Bay and Wikileaks are back online.
Read more »
XSS Vulnerability
XSS Vulnerability

xss vulnerability found in more than 120 sites

Indian hacker Akshay discovered XSS vulnerability in more than 100 websites and listed the POC in tinypaste.

The vulnerable sites includes IndiaTimes,wikia.com, seagate, placementindia. After analyzing the paste, most of the sites are subdomain of wikia website.

Some other sites that are vulnerable to xss attack are dialabook.in, junglee.com, antya.com,t3.com,independent.co.uk

In past, he found xss vulnerability in lot of high profile sites.

http://pastebin.com/tLXTZDvP
Read more »
Nyro Hacker
Nyro Hacker

5 sites hacked by nyro hacker and shorty 420 from indian cyber pirates

5 sites hacked by nyro hacker and shorty 420 from indian cyber pirates.
list of defaced sites and mirrors given below

sites
http://education4students.com/
http://royalstandardevents.com/
http://www.berthuriel.com/
http://singleserve-coffemachines.com/
http://healingmybrokenheart.com/

Mirrors
http://arab-zone.net/mirror/89784/healingmybrokenheart.com/
http://arab-zone.net/mirror/89783/berthuriel.com/
Read more »
Anonymous Hackers
Anonymous Hackers

Anonymous take down Department of Telecomm & other Govt. sites : #opindia

 

Anonymous hackers launched cyber attack against the Indian Government sites to protest Internet Censorship.

Hackers take down the site of Department of Telecomm(dot.gov.in) & copyrightlabs.in All India Congress Committee ( aicc.org.in) , Indian Supreme court(supremecourtofindia.nic.in).

Indian Internet service providers (ISP) have started timidly with torrent sites, Vimeo and Pastebin, but now they’ve extended the blockades to DailyMotion, and even Xmarks, a harmless bookmark sync service.

“Namaste India - We see you've met some of the #Anonymous battle fleet's infamous cannon fire. Tsk tsk for censoring #TPB & others. ,” Anonymous hacktivists wrote on Twitter.
Read more »
Malware Report
Malware Report

Worm distributed via Facebook PMs and Instant Messengers(IM)

Trend Micro researchers recently received a report about the malicious link distributed via Facebook Private messages. A shortened URL pointing to an archive file called "May09-Picture18.JPG_www.facebook.com.zip".

This archive contains a malicious file named “May09-Picture18.JPG_www.facebook.com” and uses the extension “.COM”(an executable file format).

Once executed, this malware terminates services and processes related to antivirus software, effectively disabling AV software from detection or removal of the worm.


Trend Micro solution detect this malware as WORM_STECKCT.EVL. this worm downloads and executes another worm, one detected as WORM_EBOOM.AC.


WORM_EBOOM.AC is capable of monitoring an affected user’s browsing activity such as message posting, deleted posted messages and private messages sent on the following websites such as Facebook, Myspace, Twitter, WordPress, and Meebo. It is also capable of spreading through the mentioned sites by posting messages containing a link to a copy of itself.

"Facebook and IM applications are tools to share and connect. Cybercriminals’ use of these tools is nothing new, but there are users who fall prey to these schemes. We recommend users to be conscious with their online behavior, in particular on social media sites." The Trend Micro report reads.
Read more »
Security News
Security News

Sophos released Free AntiVirus application for Android

Sophos have published a mobile security for Android after they found that 39% of its users are using smartphone running Android.

Sophos Mobile Security is avialable in Google Play as a Beta version.

what does this app actually do?
  • Scans apps you install to ensure they don’t contain malicious code
  •  Scans previously installed apps both on your device or on an SD card
  •  Gray-lists apps which could pose a potential threat
  •  Uses our SophosLabs threat intelligence from the cloud with up-to-the-minute information.
  • Lock or locate a device which is lost or stolen
  •  Performs a remote lock on any Android device which you have lost or stolen
  •  Uses tracking technology to attempt to find your device (optional feature)
  • Use our Privacy Advisor to stay safe
  •  Detect apps which access personal data such as your address book or your short messages
  •  Lets you easily identify apps which could create costs by sending text message or making calls
Requested permissions:
  • SEND SMS MESSAGES: When you do a remote lock or locate, the app sends a confirmation that thelock was successful or an SMS with the position (latitude/longitude) of your device.
  • READ CONTACT DATA: Access to contacts is required as you can specify which other phone numbers you want to use to remotely lock/locate your missing Android device. This permission allows you to choose those numbers from your contacts.

The Sophos mobile security[BETA] detects even the recent fake anti-virus nasty, which attempts to send expensive SMS messages to premium-rate services .

Read more »
Security News
Security News

More than 600 High profile sites listed in Google malware blacklist

Google safe browsing is one of the most popular malware blacklist. While visiting an infected site , browser such as Firefox , chrome, safari displays malware warning based on the Google blacklist. The service is very helpful for internet users to stay secure. But, what happens when a legitimate site infected? It is nightmare for legitimate sites when they blacklisted. If Google display a warning message , it results in loss of traffic and reputation.

Zscaler researcher have scanned the top 1 million websites according to alexa rank. He found that more than 600 websites has been blacklisted by google.

The high profile site such as totalpad.com, creativebookmark.com,subtitleseeker.com, has been compromised to serve malicious contents.



According to the report, Most of the blacklisted sites are hosted in the US. Western Europe (especially Germany, France and the Netherlands) is number two, followed by China (8%).
Read more »
Database Leaked
Database Leaked

Arizona State Legislature website (azleg.gov) hacked by MalSec

 Hackers from Malicious Security, or MalSec, have managed to breach the systems of the Arizona State Legislature (azleg.gov), leaking more than 300 record sets from a table called “standing transactions.”

The data consists of bill numbers, descriptions, document names, document types, FTP URLs, HTTP URLs, session IDs and other information.

While this may not exactly look like sensitive data, the hackers also leaked a couple of user names, IDs, and their associated passwords (in clear text.)

According to the message posted by the hackers, this breach is a form of protest against the US government.

[Expletive] u, and [expletive] ur gov! We still are Anonymous! We do not forgive. We do not forget! U should have expected us!” they wrote next to the data dump.
Read more »
UGNazi
Database Leaked UGNazi

Government of Anguilla Hacked By #UGNazi Hackers Team

The Hackers group "UGNazi", break into the Government of Anguilla website (www.gov.ai).  The attack carried out and announced by @UG.

Hacker dumped the database details in the pastebin(http://pastebin.com/Bm46PQZL).

The leaked data contains server/network information and contains user and administration details including email id, username, encrypted passwords.

The user accounts appear to belong to different divisions of the government as well as some other sites and providers as well.



"By trusting any government is the same as working for the CIA for the USA, We distrust every form of government in the world." – UGNazi Hackers said.

Hackers also claimed in the twitter that cia.gov and visa.com is down.
Read more »
Hackers Meeting
DEF CON Bangalore DefCon Hackers Meeting

DEF-CON Bangalore September 2012 Meet-Call for Papers


September 2012, DEF-CON Meet (Bangalore Chapter) is the platform for the presentation of new advances and research results in the fields of theoretical, experimental, and applied Computer Technology and Science. The paper presentation held as part of The Meet attracts some of the best minds from all over the country. Participants are invited to present papers spanning various research topics pertaining to the different branches of engineering.

Topics of interest for submission include, but are not limited to:

  • New Vulnerabilities and Exploits/0-days
  • Open Source Security&Hacking Tools
  • Antivirus/Firewall/UTM Evasion Techniques
  • Software Testing/Fuzzing
  • Network and Router Hacking
  • Malware analysis & Reverse Engineering
  • Mobile Application Security-Threats and Exploits
  • Advanced Penetration testing techniques
  • Web Application Security & Hacking
  • Browser Security
  • Hacking virtualized environment
  • WLAN and Bluetooth Security
  • Lockpicking & physical security
  • Honeypots/Honeynets
  • Exploiting Layer 8/Social Engineering
  • Cloud Security
  • Critical Infrastructure & SCADA networks Security
  • National Security & Cyber Warfare
  • Cyber Forensics, Cyber Crime & Law Enforcement

PS: This is just a sample, the topics can be anything and everything related to computer science and security engineering.

Procedure for submitting your papers:-

Your submissions should follow the following format.

1. Author name
2. Title of the Paper
3. Email Address
4. Mobile Number
5. Provide Supporting Materials for your paper in form of PDF or Links
6. Presentation Format must be in PDF for submission.

Send your submissions to: defconbangalore@gmail.com

Important Dates

Date for Abstract Submission : 29th June 2012

Date for Notification of Selection : 8th July 2012

Date for Final submission of full paper : 15th August 2012
DEF-CON Bangalore Meet Scheduled on: 9th September 2012
Read more »
Subscribe to: Comments (Atom)