Quantcast
Channel: BOT24
Viewing all 8064 articles
Browse latest View live

MaltegoVTPublic

March 16, 2015, 5:13 am
$
0
0
A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

more here.......https://github.com/jiachongzhi/MaltegoVTPublic
Search

UK Bank Tests Out Electronic Wristbands that Use Customers’ Heartbeats for Authentication

March 16, 2015, 6:13 am
$
0
0
Halifax, a bank based in the UK, is testing out electronic wristbands that use customers’ heartbeats for authentication in an effort to make online banking safer.

The test relies on the Nymi Band, an electronic wristband that measures a registered user’s heartbeat and uses those signals as a means of online verification.

read more here........http://www.tripwire.com/state-of-security/latest-security-news/uk-bank-tests-out-electronic-wristbands-that-use-customers-heartbeats-for-authentication/

Kekeo

March 16, 2015, 6:45 am
$
0
0
kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun) here.....https://github.com/gentilkiwi/kekeo

PowerShellCookbook

March 16, 2015, 6:46 am
$
0
0
Scripts for the PowerShell Cookbook module here..........https://github.com/LeeHolmes/PowerShellCookbook

Hacking SQL Server Procedures – Part 4: Enumerating Domain Accounts

March 16, 2015, 7:56 am
$
0
0
n SQL Server, security functions and views that allow SQL logins to enumerate domain objects should only be accessible to sysadmins. However, in this blog I’ll show how to enumerate Active Directory domain users, groups, and computers through native SQL Server functions using logins that only have the Public server role (everyone). I’ll also show how to enumerate SQL Server logins using a similar technique. To make the attacks more practical I’ve also released PowerShell and Metasploit modules to automate everything via direct connections and SQL injection.

This blog should be interesting to pentesters, developers, and DevOps looking to gain a better understanding of what the practical attacks look like. I’ve also provided a lab setup guide, but I recommend skipping it unless you’re interested in trying this out at home.

more here...........https://blog.netspi.com/hacking-sql-server-procedures-part-4-enumerating-domain-accounts/

Metasploit and MSGRPC

March 16, 2015, 7:58 am
$
0
0
I wanted to automate connecting to MSGRPC

more here..........http://carnal0wnage.attackresearch.com/2015/03/metasploit-and-msgrpc.html

Paper: Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS

March 16, 2015, 8:01 am
$
0
0
Abstract
Despite recent high-profile attacks on the RC4 algorithm in TLS, its usage is still running at
about 30% of all TLS traffic. This is attributable to the lack of practicality of the existing attacks,
the desire to support legacy implementations, and resistance to change. We provide new attacks
against RC4 in TLS that are focussed on recovering user passwords, still the pre-eminent means
of user authentication on the Web today. Our attacks enhance the statistical techniques used in
the existing attacks and exploit specific features of the password setting to produce attacks that
are much closer to being practical. We report on extensive simulations that illustrate this. We
also report on two “proof of concept” implementations of the attacks for specific application
layer protocols, namely BasicAuth and IMAP. Our work validates the truism that attacks only
get better with time: we obtain good success rates in recovering user passwords with around 226
encryptions, whereas the previous generation of attacks required 234 encryptions to recover an
HTTP session cookie.

more here.............http://www.isg.rhul.ac.uk/tls/RC4passwords.pdf

Exploit Kits and Malvertising: A Troublesome Combina

March 16, 2015, 8:03 am
$
0
0
In the past few weeks we’ve noticed a problematic pattern developing: the increasing use of exploit kits in malvertising. In particular, zero-day exploits (usually seen first in targeted attacks) are now being deployed in malicious ads right away, instead of first being used in targeted attacks against enterprises or other large organizations.

read more here........http://blog.trendmicro.com/trendlabs-security-intelligence/exploit-kits-and-malvertising-a-troublesome-combination/
Search

The Andromeda/Gamarue botnet is on the rise again- Attackers use complex multi-stage macro dropper to deliver malware

March 16, 2015, 8:05 am
$
0
0
Attacks carried out with documents pepped up with macros seem to become in vogue again. G DATA’s security experts have analyzed several cases within the last weeks, in which active content in documents triggers an infection. The experts want to explain two different approaches for the same current goal: infect the user with malware that enlists the machine as zombie PC in the Andromeda/Gamarue botnet.
Please refer to the chapter “What is a macro?” at the bottom of the article to read about macros and the default settings in Windows operating systems. You can also find all hashes of the samples involved in the two cases at the very end of this article.

more here..........https://blog.gdatasoftware.com/blog/article/the-andromedagamarue-botnet-is-on-the-rise-again.html

Equation: The Death Star of Malware Galaxy

March 16, 2015, 8:10 am
$
0
0
"Houston, we have a problem"

One sunny day in 2009, Grzegorz Brzęczyszczykiewicz1 embarked on a flight to the burgeoning city of Houston to attend a prestigious international scientific conference. As a leading scientist in his field, such trips were common for Grzegorz. Over the next couple of days, Mr Brzęczyszczykiewicz exchanged business cards with other researchers and talked about  the kind of important issues such high level scientists would discuss (which is another way of saying "who knows?").  But, all good things must come to an end; the conference finished and Grzegorz Brzęczyszczykiewicz flew back home, carrying with him many highlights from a memorable event. Sometime later, as is customary for such events, the organizers sent all the participants a CDROM carrying many beautiful pictures from the conference. As Grzegorz put the CDROM in his computer and the slideshow opened, he little suspected he had just became the victim of an almost omnipotent cyberespionage organization that had just infected his computer through the use of three exploits, two of them being zero-days.

more here..........https://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy/

Paper: Protecting Data on Smartphones and Tablets from Memory Attacks

March 16, 2015, 11:04 am
$
0
0
Abstract
Smartphones and tablets are easily lost or stolen. This makes them
susceptible to an inexpensive class of memory attacks, such as coldboot
attacks, using a bus monitor to observe the memory bus, and
DMA attacks. This paper describes Sentry, a system that allows
applications and OS components to store their code and data on
the System-on-Chip (SoC) rather than in DRAM. We use ARMspecific
mechanisms originally designed for embedded systems,
but still present in today’s mobile devices, to protect applications
and OS subsystems from memory attacks

more here..........http://research.microsoft.com/en-us/um/people/alecw/asplos-2015.pdf

WPScan black box WordPress vulnerability scanner 2.7 released!

March 16, 2015, 11:31 am
$
0
0
You can find the download here.......https://github.com/wpscanteam/wpscan/releases/tag/2.7
and the changelog  which includes what is new like:
Detects version in release date format
Copyrights updated
WP version detection from stylesheets
New license
Global HTTP request counter
Add security-protection plugin detection
Add GHOST warning if XMLRPC enabled
Update databases from wpvulndb.com
Enumerate usernames from WP <= 3.0 (thanks berotti3)

more here........https://github.com/wpscanteam/wpscan/blob/master/CHANGELOG.md

Volatility Plugins

March 16, 2015, 12:04 pm
$
0
0
Plugins

uninstallinfo.py - Dumps HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall from memory

prefetch.py - scan memory for prefecth files and dump filename and timestamps

idxparser.py - scan memory Java IDX files and extract details

and more here..........https://github.com/superponible/volatility-plugins

SANS: TMon - Internet Threat Monitor

March 16, 2015, 12:15 pm
$
0
0
TMon is a small tool which monitors the current online threat levels. It has a green, yellow, red level indicator, and information about top 10 attacked ports and countries. It also provides information about the top 20 unique attacking sources (IPs)

The script gathers its information from the DShield API provided by SANS.

more here.......https://github.com/oaass/tmon

Nimbus Protocol Enumeration With Nmap

March 16, 2015, 12:18 pm
$
0
0
CA Unified Infrastructure Management, previously known as Nimsoft, is a powerful IT monitoring solution that allows for management of numerous servers across a Nimsoft domain. This solution communicates using a closed source protocol known as “nimbus”. The complexity of a Nimsoft domain can be high, but the basic idea is to deploy Robots (the software agent) on all of the servers you want to be part of the Nimsoft domain in order to remotely manage them.

more here..........http://blog.gdssecurity.com/labs/2015/3/16/nimbus-protocol-enumeration-with-nmap.html
Search

ApkProtect

March 16, 2015, 12:47 pm
$
0
0
Pay through the shield of the first generation of open source security reinforcement plan
APK security reinforcement depth security protection services for mobile applications, you can put a layer of "soft hedgehog armor" for your APP, a full range of security protection for your application via encryption, packers, RPC, dynamic loading technology effectively prevent reverse engineering, decompiling, embedded viruses, and other malicious acts of illegal deductions.

more here.........https://github.com/SharkTeam/ApkProtect

and Introduction to RawDexClassLoadercustom package ClassLoader, used in a manner substantially similar DexClassLoader here......https://github.com/SharkTeam/ApkProtect/tree/master/RawDexClassLoader

PS: This is obviously in Chinese, so try and utilize the best translation software available unless of course you can read the language. Than its a moot point!

2015-03-16 - EXAMPLES OF NUCLEAR EK PUSHING KELIHOS

March 16, 2015, 5:01 pm
$
0
0
I've noticed a recent trend on Threatglass, where Nuclear EK is pushing what EmergingThreats is identifying as Kelihos malware. Kelihos is a well-publicized botnet, easy to search for on Google.

more here........http://www.malware-traffic-analysis.net/2015/03/16/index.html



Analyzing Queries on a Honeypot Name Server for Better DNS Log Quality

March 17, 2015, 1:31 am
$
0
0
Honeypots are an easy and popular way to get statistics on the “Internet noise.” Getting more knowledge on Internet noise gives you more insight into what is out there and is one of the sources that helps in getting better security analytics. I was curious what kind of traffic a honeypot name server receives in a public cloud; my research follows here......http://securityintelligence.com/analyzing-queries-on-a-honeypot-name-server-for-better-dns-log-quality/#.VQfl3o7F-Sp

Microsoft: Improperly Issued Digital Certificates Could Allow Spoofing

March 17, 2015, 1:42 am
$
0
0
Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

more here........https://technet.microsoft.com/en-us/library/security/3046310.aspx

Cisc0wn - Cisco SNMP Script

March 17, 2015, 2:00 am
$
0
0
Cisco SNMP enumeration, brute force, config downloader and password cracking script.
Tested and designed to work against Cisco IOS Switches and Routers.

more here...........https://github.com/nccgroup/cisco-SNMP-enumeration
Viewing all 8064 articles
Browse latest View live
Search