Saturday, December 27, 2008

ClubHack2008 Presentations now online!


ClubHack2008 presentations are online.


Apologies for delay in videos, they will follow soon :)


http://clubhack.com/2008/Presentations


thanks


team ClubHack

OllyDbg 2.0 Beta in the wild

More info: http://www.ollydbg.de
Tons of new features and fixes! w00t!

ShmooCon Tickets Round 2.1

2008-12-27 02:48:59 : The news you've been waiting for...

Ticket
Sales Round 2.1 will open this Sunday, Dec 28 at noon EST. The cart has
been revamped, the server updated, and we're confident (enough) to go
ahead and try again.

A limited amount of tickets will be available. Exact numbers are still TBD - we'll post that information tomorrow.

Should you miss out on this round there's still Round 3 on Jan 1. At noon people. Eastern Standard.

Sunday, December 14, 2008

Metasploit Decloaking Engine

Check it out at: http://metasploit.com/data/decloak/

This tool demonstrates a system for identifying the real IP address of a web user, regardless of proxy settings, using a combination of client-side technologies and custom services. No vulnerabilities are exploited by this tool. A properly configured Tor setup should not result in any identifying information being exposed.

POP3 via Command Line

Ok, so you've done SMTP via Telnet and spoofed yourself some funny emails. Here is how you can retrieve those emails, and maybe delete a few ;-)
http://klingonwarrior.com/cms/?p=43

Ubuntu Administrator

Taking administration / use of a Ubuntu box to the next level:
http://ubuntuadministrator.com/

Burp Suite v1.2 Released

Yes, it's true, it's here: http://blog.portswigger.net/2008/12/burp-suite-v12-released.html

Burp Suite v1.2 is now available to download. This is a major upgrade with a host of new features, including:

  • Site map showing information accumulated about target applications in tree and table form

  • Suite-level target scope configuration, driving numerous individual tool actions

  • Display filters on site map and Proxy request history

  • Suite-wide search function

  • Support for invisible proxying

  • Fully fledged web vulnerability scanner [Pro version only]

  • Ability to save and restore state [Pro version only]

The series of posts below this one describe the new features in more detail.

Many thanks to everyone who helped with the beta testing and gave me their feedback - this was much appreciated.

Have fun!

Bacon Bowl - Yes it's that cool

Get your picture based turn by turn at the below address:
http://picasaweb.google.com/isaactr/BaconBowlFilledWithPoutine#

Friday, December 5, 2008

Newpaper for your RSS feeds

Print your RSS feeds to paper in a readable format:

http://feedjournal.com/

Thanks Post_Break (http://www.iamthekiller.net/)

Monday, December 1, 2008

Self Publish with Amazon

If you are an author, musician, filmmaker, publisher, or studio, check out complete on-demand self-publishing, print on demand, and disc on demand services through BookSurge and CreateSpace, members of the Amazon group of companies. These services allow you to self-publish and sell your book, CD or DVD without inventory.
http://www.amazon.com/gp/seller-account/mm-summary-page.html?ie=UTF8&ld=AZFooterSelfPublish&topic=200260520

Saturday, November 29, 2008

Pi to the millionth place

The Other Half of "Artists Ship"

This will probably make it to my blog but I wanted to get it saved somewhere first. This is a great read and dead on true.
http://www.paulgraham.com/artistsship.html

Wiki Article on Web Attacks

Doesn't beat the OWASP wiki, but a very interesting read non the less.
http://www.ossec.net/wiki/index.php/WebAttacks_links

Friday, November 28, 2008

Security Database Tools Watch

If you didn't know about it already, this is a pretty good site for finding out about new tools that are getting released. Not a daily reader, but definitely an RSS.
http://www.security-database.com/toolswatch/

Introverted Intuitive Thinging Judging

I saw someone post something (yes that is all I can remember) about INTJ's. So I looked up what it was, and I have come to the conclusion that most people in the Info Sec realm are this type of person, but please look around and see if you fit something else:
http://typelogic.com/intj.html

Tuesday, November 25, 2008

Mina the translator

She takes obfuscated javascript and give you beautiful shiny code that you can read:

RT @s7ephen: Video of "The Mina" Javascript Malware Deobfuscator tool at work: http://tinyurl.com/69vfeg (big flash) http://tinyurl.com/69sep9 (youtube)

Netifera now available on public beta! w00t

Sunbelt's VIPRE AV Black Friday Pricecut

One of the most under hyped av product on the market. It runs with less resources than bloated Symantec or McAfee and catches more than NOD32. For 9.95 you can't really beat it. But it goes back up to 30 bucks soon after black friday so get your copy.

http://sunbeltblog.blogspot.com/2008/11/black-friday-pricing.html


Sunday, November 23, 2008

Clickjacking the iPhone

Logging into your bank via your handy dandy iphone is no longer save.
http://ejohn.org/blog/clickjacking-iphone-attack/

Saturday, November 22, 2008

Diet Coke + Mentos

If you haven't seen this video yet, it's awesome and I revisited today and thought I would share:

Nick Farr's lonely site

One of the most influential people in Hacker Spaces hasn't made one change to his site since 2004. And if you can read the sign you'll get a kick out of it.
http://nickfarr.org/

Friday, November 21, 2008

The BFNG - A must have for Cube Warfare

Bypassing AV with Metasploit VIDEO - By Joe Strand

Dropped off the face of the Earth

So except for a couple updates, I have really dropped this page to the side for a bit due to some other projects but it's coming. Sorry for the lack of updates.

Thursday, November 13, 2008

You get signal

This is a great site for a good many things like:
  • Whois
  • Port-Forwarding Tester
  • IP Geo mapping
  • Phone # Geo mapping
http://www.yougetsignal.com

Friday, October 31, 2008

MetaSploit Timeline

Ever wanted to know what exactly changed? Check out the following link:
http://metasploit.com/dev/trac/timeline

Thursday, October 30, 2008

10 Linux Desktop Themes

These are pretty sweet. I know I have been slacking on the security links and I swear this is the last frufru for a while.
http://www.linuxhaxor.net/2008/10/10/10-finger-licking-linux-desktopthemes/

Tuesday, October 28, 2008

Malware Challenge Answer

More than you ever wanted to know about what you can do with Malware without executing it:
http://hype-free.blogspot.com/2008/10/solution-to-malware-challenge.html

Hosting Co. 2.0 - Sevo

Pretty awesome small company that treats their customers personally.
http://www.serverevo.com/

CD Burning on the Road

Who still burns CDs? Well, if you do, keep this program handy on your USB stick. It does DVDs and CDs alike and can handle most formats:
http://cdburnerxp.se/

Thursday, October 23, 2008

Fail Whale

Nothing can compare the the level of "Fail" shown here:
http://www.flickr.com/photos/44124451045@N01/2783265768/

Terry Tate is back and ANNNGGRRRY

The PAIN TRAIN was coming, you didn't believe me, but now it's HERE and you better be ready! 'cause it's coming for YOU

http://returnofterrytate.com/

Wednesday, October 22, 2008

The Zone-H of XSS

http://www.xssed.com/

And if you don't know what Zone-H is: http://www.zone-h.org/content/view/76/86/
It's an archive, but some would say a "leader board" of defaced web sites.

Fonera Hacks

For all your Fon Hacking needs
http://fonerahacks.com/

Tuesday, October 21, 2008

Chuck Norris - THIS IS TEXAS

A little something for iPhone fanboys

Yes, I am one of them and I still thought this was hilarious:
http://dilbert.com/strips/comic/2008-10-20/

Infinity Exists

An interesting video blog that goes into some pretty deep topics. They are a bit young and are into the "underground", but great content.
http://infinityexists.com/

Monday, October 20, 2008

Synergy on Steroids

Yup, that's right, someone made a better virtual KVM. Here is the problem, it's only for Winders
http://www.inputdirector.com/

Sunday, October 19, 2008

SQL Injection for the Boss

I asked the question on twitter a while ago and Daniel Miessler posted about it (There are some really good comments):
http://dmiessler.com/blog/how-does-one-explain-sql-injection-to-a-non-techie

Michael Mcintyre

Wednesday, October 15, 2008

Tuesday, October 14, 2008

Don't Use Default Passwords

You tell your users to not use default passwords. Now you can check to see if they are doing as you asked.

http://midnightresearch.com/pages/depant-your-network/

Thursday, October 9, 2008

Wednesday, October 8, 2008

Doing great things

These are a bunch of leading edge guys doing great things. Check out Episode 11 of Securabit to get filled in.
Defcon Group 949

ratproxy

Try running all of your traffic for the day through this baby. You will be surprised how many sites you no longer trust with your information.
ratproxy - Google Code

Sickurity.com

Security / Tech RSS feeds on crack:
Sickurity.com is Keepin ya updated!

List of useable bluetooth dongles

Give Me Too!

Imagine Cain and Able's arp spoofing coupled with Network Miner's ability to reconstruct packets.
SpyArsenal.com - spy software free download page - Family Key Logger, Home Free Keylogger download, Internet Spy, network sniffer.

Ignore the rest of the crap on the page.

ShareMyApps.org

Not exactly sure that I like the idea of sharing what apps I have on my system but it a great resource ;-)
Share My Apps ( Home )

Latest and greatest Linux wireless stuff

Right here, go dev if you dare.
Documentation - Linux Wireless

Netbook that is hacker ready

The HP 2133 tweaked to be a pentester/hackers dream. BUY TODAY!
iPwn Mobile Security - Products

Network Security Toolkit VM

Haven't had the chance to play with this but it looks sweet. Network Security in a box, what could go wrong.
Network Security Toolkit (NST) Virtual Machine | Virtual Appliance Marketplace

Smoothwall for the WRT Family

Well not exactly, but it's pretty awesome none the less. Does a lot more than OpenWRT as far as a real firewall/ips/ids.
PacketProtector.org: security solution for wireless routers

RSS Change

Don't know if ya'll will see a difference, but I am now on feedburner at
http://feeds.feedburner.com/MubixsLinks

So if you are here because you stopped getting the feed, this is why.

Tuesday, October 7, 2008

Clickjacking finally revealed

Alex Eckleberry's Keynote

Alex's keynote which was basically a state of the union address via the virus world. Horrible video quality but content is what you are watching for.
http://sunbeltblog.blogspot.com/2008/10/virus-bulletin-2008-keynote-address.html

Sweet Windows mod

Work in progress as of now to get my desktop to look like this except for the wallpaper.

http://lifehacker.com/5058949/windows-vista-with-a-live-thumbnail-sidebar

shell fu

This is definitely something you want in your RSS feed and probably a weekly site visit:
http://www.shell-fu.org/

Monday, October 6, 2008

New Registry Analysis Tool

I have no idea why this guy is so excited about this tool but I'm sure someone out there will benefit from it.
Windows Incident Response: New Registry Analysis Tools

Another Google Chrome binge - SSL Indexing

Seriously, and I just read a article by a Google employee stating that it holds up better than any other browser while surfing malicious sites. (Great, but what if one gets through and can now access my clear text passwords and indexed SSL surfing)
http://www.readwriteweb.com/archives/chrome_password_protected_web.php

Firewall and IDS Testing Tool

This was mentioned on a PaulDotCom blog post, I haven't tried it out yet.
http://dev.inversepath.com/trac/ftester

Chrome stores password in clear text

Do no evil my ass, next we'll find out that they index it as well.
http://www.whatsmypass.com/?p=275

Capture Filters for Wireshark

Great resource for capture filters
http://home.insight.rr.com/procana/

The State of the Union

You will be surprised at what people said and searched for during the VP debates... Wow.. just wow..
Official Google Blog: The VP debate: Candidates, questions, and queries

Sunday, October 5, 2008

Usefull Wallpapers 2

CoinStar Hacking

Sticking it to the man and his 9% cut: ;-) Disclaimer, this may be illegal, don't do it.. seriously, don't... really.. no... stop..
The ultimate users guide to hacking a CoinStar machine

Please check your phone at the door

Metasploit on the iPhone doesn't hold a candle to this ubergadget. Might have to get your company to pay for it at the prices they are asking. (I can't blame them though, it's awesome)
http://neopwn.com/

It would be great if they would send me a demo! ;-)

Saturday, October 4, 2008

Don't Vote

Believe it or not this video pushed me to put the registration in the mail.

AppleTV as Boxee and XBMC

If you don't have a Boxee invite already just ping me and I will get one for ya, but I really wish I had a AppleTV now:
http://code.google.com/p/atvusb-creator/

Wednesday, October 1, 2008

Richard Mogull

http://securosis.com/ - his site.. currently talking about a huge TCP flaw that could DoS anything that uses TCP.. interesting.

Presentation Zen

So before you send you stuff to http://shmoocon.org/cfp.html you might want to check out http://www.presentationzen.com/

Web App Guru

Remember I asked for a Web App Sec Guru (WASG? Sounds like a stupid Cert), well this guy is one that finally decided to start posting to a blog. Don't hate on him yet. Let him get his feet wet in the blogisphere first.
http://jack-mannino.blogspot.com/
Definitely worth adding to your RSS feed reader. (Just in case he posts ever again...)

Greasemonkey Text Area Backup script

This awesome little script keeps your text area from disappearing into /dev/null when Firefox decides to crash in the middle of an extremely long post that you had been working on for weeks and didn't save anywhere else other than in that stupid text area..... but I'm not mad..
http://lifehacker.com/photogallery/LH-Top-10|-Greasemonkey-User-Scripts/1682268

Blackhat Forums

Another one of those, if you don't know you don't need to be there:
http://www.blackhat-forums.com

let me add Ryan1918 to the mix to so I don't have to post again.

EC-Council Portal

Even though I have a C|EH now, this place still alludes my grasp as it takes them forever to do ANYTHING except take your money:
http://portal.eccouncil.org/forum/login_user.asp

Any good webapp sec gurus out there wanna help me out ;-)

SurftheChannel is still there

Great way to stur up media guys, but they are still here, and still a great site to watch TV at work.. I mean, online..
http://www.surfthechannel.com/

Great PDF on Clientside attacks via milw0rm

BSoDomizer

No description needed:
http://www.bsodomizer.com/

McGoo

If have had the unfortunate luck of not coming across Mr. McGrew's website yet, then I am here to help in the fulfillment of your life. You can either google for "Killer Coding Ninja Monkey looks like Ulysses S. Grant" or simply click the link below:
http://www.mcgrewsecurity.com/


T-Shirt Search engine

Got a shirt idea, want to know if it is original, search it first:
http://pleasedress.me/

Great non-govvie Security Site

Great site that tells it like it is, most of the time:
http://www.governmentsecurity.org/

Attrition.org

If you can't figure out what it's about, you don't need to be on it:
http://attrition.org/

Department of Homeland Stupidity

90 Day Botnet Count from Shadow Servers

Finally decreasing. People getting smarter or are dumb bot hearders getting caught?
http://www.shadowserver.org/wiki/pmwiki.php?n=Stats.BotCount90-Days

John McCain

No, I am not a McCain hater, but damn is this funny:
http://i169.photobucket.com/albums/u220/jack603ny/John_Balls.jpg

Mozilla Ubiquity

Still don't know exactly what this does:
http://www.crn.com/software/210201078

Packet-o-Matic

Real-time packet processor - In other words it drumps useable STUFF from dumps.
http://www.packet-o-matic.org/

Installing XP from USB

Fived - A Layer Five Daemon

If anyone can tell me what this actually does, that would be great.... mmmkay..
http://fived.capelis.dj/

Malware Challenge

See if you have the stuff of LEGEND:
http://www.malwarechallenge.info/challenge.html

Tuesday, September 30, 2008

Backtrack 3 Teaser PWNS all

I realize BT3 is out, but this is an awesome video to get the word out a bit on what it can do. MUST SEE

http://www.offensive-security.com/movies/bt3teaser/bt3teaser.html

Skype 4.0 fixes it's self

Finally the new version allows you to go into "Classic Compact View". Might download it and install it tonight. Anyone wanna give it a test?
Skype 4.0 beta 2 gives you more say | Software news, tips and opinions from Download.com editors - Download.com

Updates to Process Monitor and Zoomit. Sweet

Mark's stuff is awesome. Yes, even though he works under the corporate umbrella of Microsoft.

Sysinternals Site Discussion : Updates: Process Monitor v2.0, ZoomIt v2.11, Sigcheck v1.54, Contig v1.55 | A new Mark's Blog post: The Case of the Sloooow System | New Vista Springboard webcast

Process Monitor v2.0:
This major update to Process Monitor adds real-time TCP and UDP
monitoring to its existing process, thread, DLL, file system and
registry monitoring. You can now see the TCP and UDP activity processes
performed, including the operation (e.g. connect, send, receive), local
and remote IP addresses and DNS names, and operation transfer lengths.
On Windows Vista, Process Monitor also collects thread stacks for
network operations.

Yes you can see Russia from Alaska

Dual Xeons for 165.. Time to go dedicated

Shmoo Mailing Lists

Find a roomate at ShmooCon, find DC Geeks, or work on HostAP
https://lists.shmoo.com/mailman/listinfo

Clickjacking

Finally I found a good description of Clickjacking, and find it hilarious that I used to play this game on people in High School making it impossible for them to push the button. This is just a reversal of that concept plus invisibility.

Snipped from:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9115818&intsrc=hm_ts_head

What is clickjacking? Good question. Getting to an answer, though, is a little tough, since Hansen and Grossman are keeping virtually all details confidential, at least for now. Here's how Grossman put it to Computerworld last Friday:

"Think of any button on any Web site that you can get to appear between the browser walls. Wire transfers on banks, Digg buttons, CPC advertising banners, Netflix queue.... The list is virtually endless, and these are relatively harmless examples. Next, consider that an attack can invisibly hover these buttons below the users' mouse, so that when they click on something they visually see, they actually are clicking on something the attacker wants them to."

Yet another saved password location

SQL Server 2005 Management password extraction - Easy as pie... Apple pie
http://blog.didierstevens.com/2008/09/29/quickpost-sql-server-2005-management-studio-and-password-management/

Monday, September 29, 2008

Make an video avatar

Make a video avatar suitable for any forum. Just submit, time and download:
http://www.vtubetools.com/gifmaker/

Apple Ultracompact USB Power Adapter Exchange Program

Broke it already? Well, they have a recall going on. Check it out.

https://supportform.apple.com/200809/

MobaLiveCD - Portable LiveCD Virtualization

Boot a LiveCD anywhere on any windows box, without having to install VMware:
http://mobalivecd.mobatek.net/en/index.php

Step by step - Make your own Wordpress theme

This post is geared to a few friends who I know are currently in a transitional period:
http://themetation.com/2008/07/14/how-to-create-wordpress-themes-from-scratch-part-1/

RSnake's XSS Cheatsheet

Sensepost's List of tools

Awesome tools that get so little attention:

http://www.sensepost.com/research_tools.html

Video about Social Networking Privacy

Useful Wallpaper

Virus Total

If you haven't been here yet, it's a great place to check a file to see if it is a virus, you can also see some basic PE data:
http://www.virustotal.com/

Separate Feeds on Blogspot

Youtube now allowing 1GB files. Woot

Not like I actually posted Youtube videos, but hey. Cool beans

http://lifehacker.com/5056485/youtube-bumps-video-clip-upload-size-to-1gb

(IN)SECURE Magazine Issue 18 is out

Started printing this on Friday not realizing that it's over 100 pages of color... Oops, glad it's not my dime... Thank you 700 billion dollar bailout. ;-)

http://www.net-security.org/insecuremag.php

Numb3rs returns October 3rd at 10pm et/pt

SecApps and GHDB

GNUCITIZEN - Google Hacking Database
http://www.secapps.com/

Automated? SQL Injection Framework

Something I don't like about the word Automated and "SQL Injection" together.
http://www.darknet.org.uk/2008/09/bsql-hacker-automated-sql-injection-framework/

Old Article on Packers and Unpackers

Authentication-less File Copy (SAM?)

Random Futurama Quote from Slashdot Trolls

Phreaknic Twitter Search

IP Address Regular Expression

http://riskable.com/2008/09/17/tip-regular-expression-to-match-any-ip-address-in-foxyproxy

https?://[1-9][0-9]?[0-9]?.[0-9][0-9]?[0-9]?.[0-9][0-9]?[0-9]?.[0-9][0-9]?[0-9]?.*

Pyrit

http://code.google.com/p/pyrit/

Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK,
the protocol that today de-facto protects public WIFI-airspace. The
project's goal is to estimate the real-world security provided by these
protocols. Pyrit does not provide binary files or wordlists and does
not encourage anyone to participate or engage in any harmful activity. This is a research project, not a cracking tool.

Pyrit's implementation allows to create massive databases,
pre-computing part of the WPA/WPA2-PSK authentication phase in a
space-time-tradeoff. The performance gain for real-world-attacks is in
the range of three orders of magnitude which urges for re-consideration
of the protocol's security. Exploiting the computational power of GPUs,
Pyrit is currently by far the most powerful attack against one of the world's most used security-protocols.

Wednesday, September 24, 2008

My Links

So this is where I will blog about things I find on the internet that I think is interesting and it won't contain much more than a link, embed and maybe a few comments.