Our original post about KreiosC2 is here.
“KreiosC2 is a proof of concept bot which uses various unusual systems as its Command and Control channel.”
KreiosC2 version 3 has been recently released by digninja at the Shmoocon! This version adds support for channeling through LinkedIn and has been tested under Windows.
Download the KreiosC2 version 3 here and check out its home page here
{ 0 comments }
MSNPawn has been designed and developed on the .Net framework. For those who like to refresh their skill in ethical hacking and information security, MSNPawn tool will help you search, extract information of a web application.
Tools included in MSNPawn:
MSNHostFP – Supply an IP Address or IP Address range to fetch all possible virtual hosts or application running on each IP addresses.
MSNDomainFP – Supply a domain name to fetch the top 50 child domains, considering the supplied domain name as parent.
MSNCrossDomainFP – Supply an application domain to fetch the top 50 domains pointing to this particular domain on the Internet.
MSNCrawler – Supply a domain or application name to fetch all possible links crawled by the search engine.
MSNFetch – Supply a domain and rules file. The tool will run each rule in the file against the domain specified and fetch the first five results of the resultant query. This can help in assessing an application.
Search.MSN – Provides place to run your search against MSN and gather all URLs.
Any search engine database is a very powerful source of information for web applications. The Search Engine’s spiders are well-powered to run frequently on sites and capture all possible links. As an end user, however, we are more interested in the searching interface and criteria these engines provide. By using their search options, end users can craft intelligent queries against a database and fetch critical information. There are several tools out there that query the Google database and fetch this sort of security-related information about web applications. This paper describes some of the queries that can be run against SEARCH.MSN in order to fetch important information that would eventually help in web application assessment.
MSNPawn is a portable version! So you do not have to install it! Just extract and run.
Operating systems supported:
Windows XP SP2 and above
Download MSNPawn here
{ 0 comments }
We blogged about ipt_pkd in our previous posts here.
So, “ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a time-stamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.”
Now, ipt_pkd has been updated to version 1.6!
These are the changes made:
This version was updated for Linux 2.6.32 and iptables 1.4.6.
A new knock client was added, written in C# and works on both Linux and Windows and encrypts configuration data.
A pre-built kernel module, an iptables library for vyatta community edition 5, and a small install script for vyatta were added.
Download ipt_pkd version 1.6 here.
Searches leading to this post:{ 0 comments }
This is an unreleased, private 0day, which we found on an un-secure of a person who was trying to root us..
Use it on your own production environment and handle with care! We should not be held responsible for damages occurring out of the use of this source code
“OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.”
/* openssh-53p1-remote-root.c
* OpenSSH <= 5.3p1-1 Remote Root Exploit by the|one
* Email: root [at] chamillionaire [d0t] com
* Release date: Unreleased (private) / 2010
* Available Patch: No fix-patch has been issued or reported.
*
* -----------------
* Additional Notes:
* -----------------
* By using this software, you take any and/or all responsibility
* for the damage(s) caused and will not bitch to me, the|one, about it.
*
* USE THIS SOFTWARE AT YOUR OWN DISCRETION! Later skiddies. :>
*/
- SNIP -
Thanks to Cykyc thoughts to let us know that alas this exploit is FAKE. View his blog post here.
Searches leading to this post:{ 0 comments }
