Darknet - The Darkside

Jailbroken iPhone Users Get Rickrolled

Darknet — Wed, 11 Nov 2009 05:28:41 +0000

The ‘big’ news this week was the first self-replicating worm hit the iPhone, it only seemed to be spreading in Australia though and only worked under a specific set of circumstances. It only effects iPhone users that have jailbroken their phone and have the SSH software installed with a default password of alpine. Thankfully it’s...

Read the full post at darknet.org.uk

Turbodiff v1.01 BETA Released – Detect Differences Between Binaries

Darknet — Tue, 10 Nov 2009 06:59:57 +0000

Turbodiff is a binary diffing tool developed as an IDA plugin. It discovers and analyzes differences between the functions of two binaries. Requirements “Turbodiff 1.01 beta release 1″ works with IDA starting from v5.0. Instructions For the binaries: Download the plugin and store it at the directory “..\IDA\plugins”. If...

Read the full post at darknet.org.uk

Facebook Used By Whitewell Trojan To Communicate

Darknet — Mon, 09 Nov 2009 07:49:45 +0000

Facebook has had it’s fair share of security woes and the latest is the discovery of a new Trojan that uses Facebook to communicate. Interesting that it’s using the Facebook notes feature to communicate depending on title/subject of the note. The actual malware itself is spread through doc/pdf exploits and not through any flaws in...

Read the full post at darknet.org.uk

Binging (BETA) – Footprinting & Discovery Tool (Google Hacking)

Darknet — Fri, 06 Nov 2009 07:51:23 +0000

It’s been a while since I’ve seen a tool of this type, back in the heydays of Google Hacking (which became the generic term for information gathering via search engines) there were multiple tools such as Gooscan and Goolag. Binging is a simple tool to query Bing search engine. It will use your Bing API key [...]

Read the full post at darknet.org.uk

Windows 7 UAC (User Access Control) Ineffective Against Malware

Darknet — Thu, 05 Nov 2009 08:09:25 +0000

There have been a few stories about Windows 7, even one about Windows 7 UAC before and now it’s officially on sale I’d expect there to be many more. As always malware and mass infections is a numbers game so the bad guys will always target the most popular and prolific operating systems to increase their [...]

Read the full post at darknet.org.uk

UCSniff 3.0 Released – VoIP/IP Video Sniffing Tool

Darknet — Wed, 04 Nov 2009 09:30:53 +0000

UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C/C++, and available on Linux and Windows, the software is free...

Read the full post at darknet.org.uk

Using Cloud Computing To Crack Passwords – Amazon’s EC2

Darknet — Tue, 03 Nov 2009 10:07:29 +0000

Now this is interesting a proper mathematical calculation for using cloud computing to crack passwords, now Amazon has opened up their EC2 (Elastic Compute Cloud) the cost of massive parallel processing power has come right down. And guess what, someone thought of using it to crack passwords. It seems the cut-off would be a 12 character [...]

Read the full post at darknet.org.uk

RATS – Rough Auditing Tool for Security

Darknet — Mon, 02 Nov 2009 09:57:06 +0000

RATS – Rough Auditing Tool for Security – is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and...

Read the full post at darknet.org.uk

Illegal File Sharers To Be Cut Off By 2011

Darknet — Fri, 30 Oct 2009 08:27:20 +0000

It was 2008 when the UK government originally proposed disconnecting pirates from the Internet, then a few months later Australia followed suit. The latest is that it’s really going to be legislated and will come into force by April 2010 under the Digital Economy Bill. I’ve noticed this trend picking up lately, a few companies are...

Read the full post at darknet.org.uk

KrbGuess – Guess/Enumerate Kerberos User Accounts

Darknet — Thu, 29 Oct 2009 07:16:52 +0000

KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you to do this by studying the response from a TGT request to the KDC server. The tool works against both Microsoft Active Directory, MIT and Heimdal Kerberos implementations. In addition [...]

Read the full post at darknet.org.uk