Inj3ct0r Team Hacked ExploitHub, Stole Private Exploits Worth $242333

Inj3ct0r team, which provides the ultimate database of exploits and vulnerabilities and serves as a great resource for vulnerability researchers and security professionals, has hacked ExploitHub.com, the site similar to inj3ct0r and stolen several private exploits worth $242333.

In the post from inj3ct0r team, they have provided the details for motivation of hack and the process of hack. At the time of writing this, ExploitHub.com seems to be down.

The post gives the process to accomplish the hack as below: I am very much surprised when he learned of Magento eCommerce Software and search /install/ 1) We scan server and site 2) We reinstall Magento CMS https://www.exploithub.com/install/ <= We reinstall Magento CMS 3) Upload shell and phpinfo https://www.exploithub.com/phpinfo.php 4) Back all files and database. 5) Upload piece of the database https://www.exploithub.com/export/ 6) Increased privileges


Read more...

DNS Rebinding Attack Using Rebind

Rebind is a tool that implements the multiple A record DNS rebinding attack. Although this tool was originally written to target home routers, it can be used to target any public (non RFC1918) IP address.

Rebind provides an external attacker access to a target router's internal Web interface. This tool works on routers that implement the weak end system model in their IP stack, have specifically configured firewall rules, and who bind their Web service to the router's WAN interface. Note that remote administration does not need to be enabled for this attack to work. All that is required is that a user inside the target network surf to a Web site that is controlled, or has been compromised, by the attacker.

Important Links

Download rebind

Tested Routers (Affected + Not affected)

Rebind FAQ

Defcon Slides



Kind of interesting vector and I guess many are vulnerable out there.


Read more...

Nmap 6.25 Holiday Season Released

After five months of the release of NMAP 6.01, a newer version 6.25 has been released yesterday.

Nmap 6.25 contains hundreds of improvements, including 85 new NSE scripts, nearly 1,000 new OS and service detection fingerprints, performance enhancements such as the new kqueue and poll I/O engines, better IPv6 traceroute support, Windows 8 improvements, and much more! It also includes the work of five Google Summer of Code interns who worked full time with Nmap mentors during the summer.

Nmap 6.25 source code and binary packages for Linux, Windows, and Mac are available for free download from:

http://nmap.org/download.html

Release details


Read more...

PHP 5.5 To Include Simple And Secure Password Hashing API

Few days ago, we saw the release of PHP 5.5.0 Alpha 1 to the public. The PHP development team is serious about addressing all the criticism it gets time and again. With the recent leaks of several high profile sites, a simple to use yet secure password hashing API has been introduced now.

Here's the RFC for simple password hashing API proposed by ircmaxell and now it has been implemented as a PHP core in 5.5.0 Alpha 1 release and will continue to be part of the PHP core in future releases.

In case you would like to use the API functions in older releases, there's a compatible PHP library for PHP >= 5.3.7. The reason for this is that PHP prior to 5.3.7 contains a security issue with its BCRYPT implementation.



Basically the idea behind simple password hashing API is that most of the PHP developers either don't understand or don't think worth the effort the whole concept of strong password hashing. By providing a simple API that can be called, which takes care of all of those issues for you, hopefully more projects and developers will be able to use secure password hashing.

Using the API is quite simple. All you have to do to get the hash is:

$hash = password_hash($password, PASSWORD_BCRYPT);

Verifying the password is also quite simple.

if (password_verify($password, $hash)) {
    // pass is correct :)
} else {
    // pass is correct :/
}

The simple password hashing API provides sets of password_* functions for the developers to make use of strong password hashing.

Reading materials

RFC for simple password hashing API

Designing an API

PHP 5.5.0 Alpha 1 released


Read more...

Think Like A Hacker For Better Security Awareness

52% of businesses experienced more malware infections as a result of employees on social media. This whitepaper provides an insight on how to think like a hacker for better security awareness.

Security awareness is mostly about common sense, and thinking like the hackers to understand what security weaknesses they look for. But like other security precautions, it's easy to let down your guard.

Security awareness education can arm your staff with the skills to practice safe Internet usage - to reduce malware and other cyber threats. The whitepaper entitled Takes One to Know One: Think Like a Hacker for Better Security Awareness is a must read for making yourself aware of security in this digital world.

In this paper, find out:

• Best ways to deliver a security awareness program
• What you should teach your staff
• How to make security awareness a priority

Download The Whitepaper

Read more...

Disable Guest Account Login In Ubuntu 12.04

Security is an important issue and I do not want anyone to access my machine, not even as the guest. Like almost every operating systems, I could see guest logon option in Ubuntu 12.04 which was turned on by default. This post provides the steps to enable or disable the guest account login in Ubuntu 12.04.

Fire up your terminal and type the following command:

samar@samar-Techgaun:~$ sudo nano /etc/lightdm/lightdm.conf

Now add a new line at the end containing the string as below:

allow-guest=false

Now reboot your system or type the following in your terminal:

samar@samar-Techgaun:~$ sudo /etc/init.d/lightdm restart

The guest account will no longer be active. If you want to enable the guest login again, just remove the line you added or change the value to true. I hope this helps :)


Read more...

Hack Attack The Networks With Yersinia

Yersinia is a network attack tool that takes advantages of inherent weaknesses of several protocols to attack the network using different attack vectors. Yersinia can prove as a solid tool for analyzing and testing the deployed networks and systems for possible weaknesses.

The protocols implemented for testing using Yersinia are:

• Spanning Tree Protocol (STP)
• Cisco Discovery Protocol (CDP)
• Dynamic Trunking Protocol (DTP)
• Dynamic Host Configuration Protocol (DHCP)
• Hot Standby Router Protocol (HSRP)
• IEEE 802.1Q
• IEEE 802.1X
• Inter-Switch Link Protocol (ISL)
• VLAN Trunking Protocol (VTP)

Yersinia supports number of attacks in all of the above listed network protocols and hence can be used (or misused) to test any network.

The tool works on several operating systems such as OpenBSD 3.4 (with pcap libraries >= 0.7.2), Linux 2.4.x and 2.6.x, Solaris 5.8 64bits SPARC, Mac OSX 10.4 Tiger (Intel), etc.

Installation on ubuntu: Fire up the terminal and type:

sudo apt-get install yersinia

To download yersinia for other distros, go through the Download section of yersinia.


Read more...

Check Your Plugins To Keep Firefox Updated and Safe

Mozilla foundation is now providing an online tool to check if the plugins you've installed are up to date or not using simple interface. The objective of this service is to keep your third-party plugins up to date which helps Firefox run safely and smoothly.

The service lets you check all the plugins and update the outdated ones from a simple UI in two major steps:

Step 1: Click Update to update a plugin.
Step 2: Complete all recommended updates before restarting your browser.

Head on to Firefox Browser Plugin Check & Updates.

Stay safe :)


Read more...