hackers

Hacker may refer to: read more at WikiPedia

  • This is the kind of geek stuff that put a big smile on my face when I read it... a portable ladtop capable of listening 300 wireless networks and hacking WEP keys in 5 minutes....

    A small security firm has made a portable computer that is capable of scanning 300 networks simultaneously. Dubbed the "Janus Project", the computer also has a unique "Instant Off" switch that renders the captured data inaccessible.

    At first glance, the Janus computer looks like a ladtop, but Williams said it is much more powerful than that. Inside the rugged yellow case sits a mini-computer motherboard powered by a 1.5 GHz VIA C7 processor and an Acer 17" LCD screen. Ubuntu 6.0 Linux runs the eight Atheros a/b/g Gold mini-PCI cards which continuously scan wireless networks. [....]

    In addition to scanning for wireless traffic, Williams says the computer can break most WEP keys very quickly by focusing all eight wireless cards on the access point. Using a combination of common utilities like airreplay, airdump and aircrack, Willams said, "When I use all 8 radios to focus in on a single access point, [the WEP key] lasts less than five minutes." However, he added that some retail wireless access points will "just die" after being hit with so much traffic... read more here

  • logo_acunetix

    I will use it on my host very soon, if you have your own root server, this tool must be part of your administrator toolbox. Joomla! team use it to test the core framework, so we should be on the safe side, unfortunately we are are all using too many plug-ins that may be unsecure.. Here is how a report generated using Acunetix WVS look like (PDF - 1.5MB).

    Acunetix Web Vulnerability Scanner automatically scans your web applications / website (shopping carts, forms, dynamic content, etc.) and web services for vulnerabilities such as SQL injection, Blind SQL Injection, Cross site scripting, Google hacking, CRLF Injection & other web attacks. Acunetix crawls and analyzes websites including flash content, AJAX / Web 2.0. Also includes reporting for PCI Compliance, OWASP & more

    Out of the 100,000 websites scanned by Acunetix WVS, 42% were found to be vulnerable to Cross Site Scripting. XSS is extremely dangerous and the number of the attacks is on the rise. Hackers are manipulating these vulnerabilities to steal organizations’ sensitive data. Can you afford to be next?

    Cross Site Scripting allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data. Exploited Cross Site Scripting is commonly used to achieve the following malicious results:

    • Identity theft
    • Accessing sensitive or restricted information
    • Gaining free access to otherwise paid for content
    • Spying on user’s web browsing habits
    • Altering browser functionality
    • Public defamation of an individual or corporation
    • Web application defacement
    • Denial of Service attacks

    Scan your website for Cross Site Scripting Vulnerabilities at no cost NOW

    Get an insight into Acunetix Manual


  • The hacker “Muslix64” who cracked HD DVD strikes again by defeating Blu-ray Disc encryption!!!

    The HD-DVD hack is a java based command line utility (source code is AVAILABLE!) that decrypt video files (.evo) from a disk that you own, to your hard drive and you can play them back...

    Basically on Blu-ray disk, “Muslix64” is using a plain text attack on data... ”

    This is a very basic, but [powerful] crypto attack that I have used to decrypt both [HD DVD and Blu-ray] formats,” he wrote.

     “After reading posts of people trying to get the keys in memory, I realized, I have a different way of looking into the problem…A lot of people try to attack the software, I'm attacking the data!” ” So I spent more time analysing the data, to look for patterns or something special to mount my known-plaintext attack,”

    Muslix64 explains. “Because I know the keys are unprotected in memory, I can skip all the [painful] process of code reversal. ” read more at http://dailytech.com/Bluray+Encryption+Defeated/article5795.htm



     

  • chkrootkit is a tool to locally check for signs of a rootkit. chkrootkit is a common unix-based program intended to help system administrators check their system for known rootkits. It works by using several mechanisms, including comparison of file signatures to known rootkits, checking for suspicious activity (processes listed in the proc filesystem but not in the output of the 'ps' command.
    Log to the server with ssh as root user

    Download 
    chkrootkit.
    # wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

    Unpack the chkrootkit you just downloaded.
    # tar xvzf chkrootkit.tar.gz

    go to that  directory
    # cd chkrootkit

    Compile
    # make sense

    Run
    # chkrootkit

     
    •Receive e-mail everyday with the result chkrootkit
    For Root user
    # crontab -e
    For any user
    # crontab -e -u username

    and add

    •0 3 * * * (./usr/sbin/chkrootkit 2>&1 | mail -s "chkrootkit output" -c This email address is being protected from spambots. You need JavaScript enabled to view it.,This email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it.)

    * the correct path can be found with which chkrootkit
    This will run chkrootkit at 3:00 am every day, and e-mail the output to This email address is being protected from spambots. You need JavaScript enabled to view it. and copies to This email address is being protected from spambots. You need JavaScript enabled to view it. and This email address is being protected from spambots. You need JavaScript enabled to view it.

    False alarms:
     "Checking `bindshell'... INFECTED (PORTS: 465)" This is normal and  NOT really a rootkit.

    Nota
    If you ever get a positive alarm, you can try to remove the rootkit, but all professionals would advice you to reinstall the server from scratch, and restore a previous backup (that mean saving nothing from server as soon as the rootkit is revealed....)

    Links
    chkrootkit
  • {moslistsub id=12/}
    You want to surf anonymously? here are some tools:
    • JAP (Java) is based on a set of trust node which mix all http connection and add a level of encryption (ssl) till nobody can say who watch what
    • Peekabooty, "Peekabooty is software run by "global-thinking, local-acting" people in countries that do not censor the Internet. A user in a country that censors the Internet connects to the ad hoc network of computers running Peekabooty. A small number of randomly selected computers in the network retrieves the Web pages and relays them back to the user.
    • ENTROPY stands for Emerging Network To Reduce Orwellian Potency Yield and as such describes the main goal of the project.

      • ENTROPY is developed as a response to increasing censorship and surveillance in the internet. The program connects your computer to a network of machines which all run this software. The ENTROPY network is running parallel to the WWW and also other internet services like FTP, email, ICQ. etc.
      • For the user the ENTROPY network looks like a collection of WWW pages. The difference to the WWW however is that there are no accesses to central servers. And this is why there is no site operator who could log who downloaded what and when. Every computer taking part in the ENTROPY network (every node) is at the same time server, router for other nodes, caching proxy and client for the user: that is You.
      • After you gained some experience with the ENTROPY network, there are command line tools for you to insert whole directory trees into the network as a ENTROPY site. So ENTROPY does for you what a webspace provider does for you in the WWW - but without the storage and bandwidth costs and without any regulation or policy as to what kind of content you are allowed to publish. Everyone can contribute his own ENTROPY site for everybody else to browse through. The contents is stored in a distributed manner across all available and reachable nodes and no one can find out about who put up what contents into the network [1]. Even if your node is not actively running, your contents can be retrieved by others -- without knowing that it was actually you who published the files. Of course this is only true if you do not publish your name (or leave your name or other personal data in the files you publish)
    As far the censoring firewall is concerned, the user is simply accessing some computer not on its "banned" list. The retrieved Web pages are encrypted using the de facto standard for secure transactions in order to prevent the firewall from examining the Web pages' contents. Since the encryption used is a secure transaction standard, it will look like an ordinary e-business transaction to the firewall."
  • Freenet (Java) is distributed encrypted storage node network so nobody can delete a document or know who is hosting it) are all project that try to bypass the nation-wide censorship of internet. The FAQ o freenet is very instructive and help to learn a lot about anonymity services...
  • I personnaly use JAP and Freenet sometimes...

    I fund an interesting portal discussing of legal news concerning information technology: "geeks, laws, everything in between"
    furthermore do not forget to read also: Why a "distributed cloud" of peer-to-peer systems will not be able to circumvent Internet blocking in the long run

  • My provider encounter an internal hacker attack (around 12.08.2004), this lead to the destrcution of 75 homepage, including mine. Fortunately, I've made a backup the day before because of Mambo's installation....My objective is to transform this monolithical homepage into something more attractive and dynamic while not sacrifying it's content. So since I can not do both, I wont add any interesting content until next month.