Darknet - The Darkside

Microsoft Confirms First Windows 7 0-Day Vulnerability

Darknet — Thu, 19 Nov 2009 10:29:15 +0000

So a pretty serious remote vulnerability has been discovered in Windows 7, as usual Microsoft is downplaying the problem asking you to block the ports on your firewall rather than fixing the issue. I’d imagine the problem would only really be a big issue inside networks as who exposes SMB ports to the outside world anyway [...]

Read the full post at darknet.org.uk

Katana v1 (Kyuzo) – Portable Multi-Boot Security Suite

Darknet — Tue, 17 Nov 2009 09:46:28 +0000

The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite [...]

Read the full post at darknet.org.uk

SSL Renegotiation Bug Succesfully Used To Attack Twitter

Darknet — Mon, 16 Nov 2009 08:20:18 +0000

When this SSL Renegotiation bug hit the news, most people said it was a theoretical attack and was of no practical use in the real world. But then people tend to say that about most things don’t they until they get pwned up the face. It turns out the rather obscure SSL flaw can be used to [...]

Read the full post at darknet.org.uk

Cain & Abel v4.9.35 – Password Sniffer, Cracker and Brute-Forcing Tool

Darknet — Thu, 12 Nov 2009 06:47:31 +0000

It’s been quite a while since we’ve written about Cain & Abel, one of the most powerful tools for the Windows platform (back in 2007 here). Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using...

Read the full post at darknet.org.uk

Jailbroken iPhone Users Get Rickrolled

Darknet — Wed, 11 Nov 2009 05:28:41 +0000

The ‘big’ news this week was the first self-replicating worm hit the iPhone, it only seemed to be spreading in Australia though and only worked under a specific set of circumstances. It only effects iPhone users that have jailbroken their phone and have the SSH software installed with a default password of alpine. Thankfully it’s...

Read the full post at darknet.org.uk

Turbodiff v1.01 BETA Released – Detect Differences Between Binaries

Darknet — Tue, 10 Nov 2009 06:59:57 +0000

Turbodiff is a binary diffing tool developed as an IDA plugin. It discovers and analyzes differences between the functions of two binaries. Requirements “Turbodiff 1.01 beta release 1″ works with IDA starting from v5.0. Instructions For the binaries: Download the plugin and store it at the directory “..\IDA\plugins”. If...

Read the full post at darknet.org.uk

Facebook Used By Whitewell Trojan To Communicate

Darknet — Mon, 09 Nov 2009 07:49:45 +0000

Facebook has had it’s fair share of security woes and the latest is the discovery of a new Trojan that uses Facebook to communicate. Interesting that it’s using the Facebook notes feature to communicate depending on title/subject of the note. The actual malware itself is spread through doc/pdf exploits and not through any flaws in...

Read the full post at darknet.org.uk

Binging (BETA) – Footprinting & Discovery Tool (Google Hacking)

Darknet — Fri, 06 Nov 2009 07:51:23 +0000

It’s been a while since I’ve seen a tool of this type, back in the heydays of Google Hacking (which became the generic term for information gathering via search engines) there were multiple tools such as Gooscan and Goolag. Binging is a simple tool to query Bing search engine. It will use your Bing API key [...]

Read the full post at darknet.org.uk

Windows 7 UAC (User Access Control) Ineffective Against Malware

Darknet — Thu, 05 Nov 2009 08:09:25 +0000

There have been a few stories about Windows 7, even one about Windows 7 UAC before and now it’s officially on sale I’d expect there to be many more. As always malware and mass infections is a numbers game so the bad guys will always target the most popular and prolific operating systems to increase their [...]

Read the full post at darknet.org.uk

UCSniff 3.0 Released – VoIP/IP Video Sniffing Tool

Darknet — Wed, 04 Nov 2009 09:30:53 +0000

UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C/C++, and available on Linux and Windows, the software is free...

Read the full post at darknet.org.uk