Difference between revisions of "Episode65"

From Security Weekly Wiki
Jump to navigationJump to search
Line 1: Line 1:
 
[http://radajo.blogspot.com/2007/03/voip-security-tools.html VoIP Security Tools] - [PaulDotCom] - A good collection of resources for VoIP security, which is really another dimension that we, as security professionals, now need to deal with.  It can't be ignored anymore... [Larry] - We mentioned this a little while back, but it is finally out now.  Funny, Cisco jsut released some patches for VOIP Vulns...
 
[http://radajo.blogspot.com/2007/03/voip-security-tools.html VoIP Security Tools] - [PaulDotCom] - A good collection of resources for VoIP security, which is really another dimension that we, as security professionals, now need to deal with.  It can't be ignored anymore... [Larry] - We mentioned this a little while back, but it is finally out now.  Funny, Cisco jsut released some patches for VOIP Vulns...
  
 +
[http://www.pcpro.co.uk/news/108769/sixyearold-installs-keylogger-on-mps-computer.html 6-yr old PWNS UK House of Commons] - [Larry] - Using a keylogger, and an unattended PC. 
  
 +
[http://www.cutawaysecurity.com/blog/archives/125 Ike-scan 1.8 Information Seepage] - [PaulDotCom] - Remember when we talked about this tool?  Well, Raul informed us that there was a phone home feature, we told cutaway about it, and he volunteered to document and research it and did a fantastic job!  He even got the scoop from the vendor, who has since removed the feature.  I think its important to send the message that we are watching for this stuff and you will be outed if you tool phones home.
  
[http://www.cutawaysecurity.com/blog/archives/125 Ike-scan 1.8 Information Seepage] - [PaulDotCom] - Remember when we talked about this tool?  Well, Raul informed us that there was a phone home feature, we told cutaway about it, and he volunteered to document and research it and did a fantastic job! He even got the scoop from the vendor, who has since removed the feature.  I think its important to send the message that we are watching for this stuff and you will be outed if you tool phones home.
+
[http://www.pcpro.co.uk/news/108769/sixyearold-installs-keylogger-on-mps-computer.html SELinux response to Trusted Solaris] - [Larry] - We mentioned the original article a few shows back, and RedHat responded. Basically, redhat agreed that they are down different paths, and that Redhat is not "Trusted" and probably never will be.
  
 
[http://www.blognoble.com/photos/uncategorized/hairball.jpg HACKING LOLZ] - [PaulDotCom] - From the dark reading room article...
 
[http://www.blognoble.com/photos/uncategorized/hairball.jpg HACKING LOLZ] - [PaulDotCom] - From the dark reading room article...
 +
 +
[http://searchsecurity.techtarget.com/columnItem/0,294698,sid14_gci1249122,00.html?track=sy160 SANS Secure Coding] - [Larry] SANS announced their new Secure Coding initiaitive and courses.  I think it is a step in the right direction, but not everyone will be going....
  
 
[http://www.darkreading.com/document.asp?doc_id=120688&f_src=darkreading_section_296 Hacking Car Nav Systems] - [PaulDotCom] - ''"hacker Daniele Bianco built tools that let an attacker inject fake messages to the navigation system, or launch a denial-of-service attack."'' HOT, come to butthead... ''" cause a denial-of-service (DOS) attack, which could crash not only a car's navigation system, but its climate control system, and stereo, too, he says."'' Okay, or, I send you to the middle on nowhere in the winter, turn off your heat, and blast "Feeling' Hot, Hot, Hot!". [Larry] - this is what happens when systems can take information form unauthorized/unauthenticated sources.
 
[http://www.darkreading.com/document.asp?doc_id=120688&f_src=darkreading_section_296 Hacking Car Nav Systems] - [PaulDotCom] - ''"hacker Daniele Bianco built tools that let an attacker inject fake messages to the navigation system, or launch a denial-of-service attack."'' HOT, come to butthead... ''" cause a denial-of-service (DOS) attack, which could crash not only a car's navigation system, but its climate control system, and stereo, too, he says."'' Okay, or, I send you to the middle on nowhere in the winter, turn off your heat, and blast "Feeling' Hot, Hot, Hot!". [Larry] - this is what happens when systems can take information form unauthorized/unauthenticated sources.
 +
 +
[http://cansecwest.com/post/2007-03-21.15:10:00.PWN_to_OWN CanSecWest 07 PWN to OWN] - [Larry] - Got the stones?  If you can exploit the MBP, you get to keep it.  Sure there are some specific rules, but what a great idea.
  
 
[http://www.darkreading.com/document.asp?doc_id=120516&f_src=darkreading_section_296 Metasploit 3.0 Released] - [PaulDotCom] - I've been playing with 3.0 for quite some time and am glad to see it officially released.  I now agree with the decision to move towards ruby, and with LORCON supporting ruby, it is now next on my list to pickup as a language. [Larry] - Not to mention, ruby and LORCON support will alegedly make it better for windows too.
 
[http://www.darkreading.com/document.asp?doc_id=120516&f_src=darkreading_section_296 Metasploit 3.0 Released] - [PaulDotCom] - I've been playing with 3.0 for quite some time and am glad to see it officially released.  I now agree with the decision to move towards ruby, and with LORCON supporting ruby, it is now next on my list to pickup as a language. [Larry] - Not to mention, ruby and LORCON support will alegedly make it better for windows too.
 +
 +
[http://www.darkreading.com/document.asp?doc_id=120247&f_src=darkreading_section_296 Hacking RFID with SQL] - [Larry] So, instead of hacking the RFID tech, go for the SQL backend...
  
 
[http://securityvulns.com/Qdocument500.html More printer hacking fun] - [PaulDotCom] - I tested this one and it works, crashed the ftp server on a printer.  The exploit?  try this: '''python /usr/lib/python2.3/ftplib.py -d [printer IP]  -l -p `python -c 'print "A"*300'`''' [Larry] - Looks like the LIST and NLIST commands will have the same effect: see [http://securityvulns.com/Gnews955.html this too].
 
[http://securityvulns.com/Qdocument500.html More printer hacking fun] - [PaulDotCom] - I tested this one and it works, crashed the ftp server on a printer.  The exploit?  try this: '''python /usr/lib/python2.3/ftplib.py -d [printer IP]  -l -p `python -c 'print "A"*300'`''' [Larry] - Looks like the LIST and NLIST commands will have the same effect: see [http://securityvulns.com/Gnews955.html this too].
 +
 +
[http://www.linuxworld.com.au/index.php/id;1955656260;fp;2;fpid;1 Secure IM - CarderIM] - [Larry] - the "carders" didn't want to get caught, so they created thier own secure IM.  Hmm...signatures? Homegrown Crypto?

Revision as of 18:09, 29 March 2007

VoIP Security Tools - [PaulDotCom] - A good collection of resources for VoIP security, which is really another dimension that we, as security professionals, now need to deal with. It can't be ignored anymore... [Larry] - We mentioned this a little while back, but it is finally out now. Funny, Cisco jsut released some patches for VOIP Vulns...

6-yr old PWNS UK House of Commons - [Larry] - Using a keylogger, and an unattended PC.

Ike-scan 1.8 Information Seepage - [PaulDotCom] - Remember when we talked about this tool? Well, Raul informed us that there was a phone home feature, we told cutaway about it, and he volunteered to document and research it and did a fantastic job! He even got the scoop from the vendor, who has since removed the feature. I think its important to send the message that we are watching for this stuff and you will be outed if you tool phones home.

SELinux response to Trusted Solaris - [Larry] - We mentioned the original article a few shows back, and RedHat responded. Basically, redhat agreed that they are down different paths, and that Redhat is not "Trusted" and probably never will be.

HACKING LOLZ - [PaulDotCom] - From the dark reading room article...

SANS Secure Coding - [Larry] SANS announced their new Secure Coding initiaitive and courses. I think it is a step in the right direction, but not everyone will be going....

Hacking Car Nav Systems - [PaulDotCom] - "hacker Daniele Bianco built tools that let an attacker inject fake messages to the navigation system, or launch a denial-of-service attack." HOT, come to butthead... " cause a denial-of-service (DOS) attack, which could crash not only a car's navigation system, but its climate control system, and stereo, too, he says." Okay, or, I send you to the middle on nowhere in the winter, turn off your heat, and blast "Feeling' Hot, Hot, Hot!". [Larry] - this is what happens when systems can take information form unauthorized/unauthenticated sources.

CanSecWest 07 PWN to OWN - [Larry] - Got the stones? If you can exploit the MBP, you get to keep it. Sure there are some specific rules, but what a great idea.

Metasploit 3.0 Released - [PaulDotCom] - I've been playing with 3.0 for quite some time and am glad to see it officially released. I now agree with the decision to move towards ruby, and with LORCON supporting ruby, it is now next on my list to pickup as a language. [Larry] - Not to mention, ruby and LORCON support will alegedly make it better for windows too.

Hacking RFID with SQL - [Larry] So, instead of hacking the RFID tech, go for the SQL backend...

More printer hacking fun - [PaulDotCom] - I tested this one and it works, crashed the ftp server on a printer. The exploit? try this: python /usr/lib/python2.3/ftplib.py -d [printer IP] -l -p `python -c 'print "A"*300'` [Larry] - Looks like the LIST and NLIST commands will have the same effect: see this too.

Secure IM - CarderIM - [Larry] - the "carders" didn't want to get caught, so they created thier own secure IM. Hmm...signatures? Homegrown Crypto?