Twitter Phishing at its best

Botnets..Ddos..and Now Phishing..

Yup,everybody’s favorite microblogging service Twitter is now under a phishing attack.Recently,Twitter has been Twitter Phishing at its bestnotoriously attacked by malicious hackers worldwide,It was uncovered recently that it was being used as a Botnet Control Channel, shortly before that it was subjected to a DoS attack. Phishers are now targeting Twitter users in a new attack which involves sending direct messages to Twitter users which contain a link to a site requesting usernames and passwords.

As usual..once the attackers have that, they can take over the account of the victim and use it to send out more messages. However..I’m not exactly sure why the hell anyone would want to steal Twitter accounts?

Possibilities -

  • To monetize them by sending tweets using those accounts in order to spam and spam some more about referrals and affiliate schemes.
  • Perhaps in future tweeting a link to a virus site which might lead to outbreak of a new virus like Conficker.
  • Just for fun’s sake..duh

The cornerstones of social engineering in phishing attacks after all humans are the weakest link in the chain of security.

If you are using Twitter you should follow @spam and keep up to date with what is happening on the network.

 

In the mean time,You can Join Prohack at Twitter

 

Keep Learning

 

POSTED BY XERO . ALL RIGHTS RESERVED.

 

Secure your Web tech using Websecurify

With lots of application testing frameworks like Acunetix and Saint available,its quite difficult to make a mark in the Websecurifysecurity market,however when it comes to secure your web technologies,Websecurify does a pretty good  job.Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies. 

Key Features

JavaScript – Websecurify Security Testing Framework is the first tool of its kind to be written entirely in JavaScript using only standard technologies adopted by the leading browsers.

Multiple Environments – The core technology can run in normal browsers, xulrunner, xpcshell (command line), inside Java or as part of a custom V8 (Google Chrome‘s JavaScript Engine) build. The core is written with extensibility in mind so that more environments can be supported without changing even a single line of code.

Multi-platform – The tool is available and successfully runs on Windows, Mac OS, Linux and other operating systems.

Automatic Updates – Every single piece of the tool is subjected to automatic updates. Secure your Web tech using Websecurify - rdhacker.blogspot.comThis means that newer and more advanced versions of the tool can be shipped to your front door without you lifting your finger. This however is completely optional. The automatic update can be turned off if needed.

Extensions – Because the tool comes wrapped in xulrunner by default (keep in mind that we can support any other JavaScript environment) we benefit from all cool features that Firefox has, such as extensions. Extensions are easy to write and maintain and can customize every single aspect of the tool and there are already tones of resources and documentation, including books and what not, out there to teach you exactly how to do that. We will be providing documentation as well.

You can download Websecurify 0.3 here:

  1. Windows
  2. Linux
  3. Mac

The official blog claims to have a pro version in pipeline which looks promising too.

 

Posted by XERO . ALL RIGHTS RESERVED.

 

LYNX - Surfing Internet the Old School way

Internet Browsing has changed a great deal in the past 15-20 years,I remember getting my hands on Internet Explorer 4.0 in late 90’s when I was a small kid (I was a not-so-stupid kid :P) .I was in retro mood last week,and being a LYNX - Surfing Internet the Old School way - rdhacker.blogspot.com dedicated netizen,I spent hours and hours on reading wikis and researching about the web browsers. Being curious, I later installed Windows 95 to get an authentic look and feel of web browsing in retro way and got my hands on Internet Explorer 1.0 and Netscape Navigator. It was fun..but I got bored soon :P

Sill later while I was surfing on Backtrack 3 through Mozilla Firefox, I became quite curious about the text based browsers,and voila,I got my hands on Lynx – the great grand father of all the web browsers available today. The brainchild of the folks at University of Kansas,Lynx became publicly available in 1993, around the same time browsers such as Mosiac and Cello were released.

The most popular browsers today include Firefox 3, Opera, Safari, and Google Chrome,Internet Explorer (?) but Lynx has retained a solid share.Google tests and certifies its webs pages and results LYNX compatible and experienced SEO guru’s will tell you to test your website on Lynx for checking its visibility and usability online.Basically, if you want to make sure your high tech website can be fully crawled by very basic search engine bots and crawlers, Lynx does an excellent job. Website designers often fire up a Lynx browser to make sure that people who surf the web with images turned off can still navigate their sites.

here is PROHACK running on lynx -

Yep..Thats PROHACK on Lynx :) pretty cool huh ?

However..Because lynx does not support graphics, web bugs that track user information are not sent, and emails can be read without the invasion of privacy of HTML enabled web browsers. So that means lynx offers better security if you run it under a good environment ( and if you are nerd enough to use it :P ).

Lynx does support HTTP cookies, which can be used to track user information. But like most browsers, cookie support can be disabled.

The best part..Yep..You guessed it right - Lynx is free under GNU GPL. What else a geek want..

You can get retro too and Download Lynx from here -

Download Lynx

 

K33p L34rning

 

POSTED BY XERO. ALL RIGHTS RESERVED.

Rabid Neurosis Takedown – Pirates Busted

Seems like the decade is proving hard for the black hats,pirates and phishers are busted down by the eminent feds for some serious jailtime. The spree continues when Rapid Neurosis,better known as RNS in the late 90’s/early 2000s RNS is no more... - rdhacker.blogspot.com scene was stung by the whip of law.Six men have been accused of running one of the world’s most prolific music piracy ring, an online crew federal prosecutors allege delivered more than 25,000 copyrighted albums, often before they were officially released.RNS was quite popular in the scene with the group releasing more than 25000 music albums on P2P. RNS occasionally used the tagline "Rabid Neurosis - Spread The Epidemic.".RNS was sometimes believed to have started the mp3 scene. After their group was mentioned in an MTV News article about the early leak of the Eminem album Encore, RNS stopped including their initials in filenames and ID3 tags.They stopped around 2007 though, I guess that’s when Bit Torrent and p2p was really taking off.
With the demise of popular clans (remember aXXo ? anyone?) I am beginning to wonder if the scene is being ripped out of itself.
25,000 albums is a serious number and I bet they will be fined ridiculously.
The next bet for the aftermath - 6 more people filling for bankruptcy.
They had an impressive network of contacts with people from retail outlets, cd printing factories and radio stations. All the people who get tracks and whole albums before they hit the streets.
Are the days of h4x0r5 over ?

Update - Houston Jury Finds Member of World's Largest Alleged Internet Music Piracy Group Not Guilty
You can read more @ http://www.earthtimes.org/articles/show/houston-jury-finds-member-of,1214284.shtml

 -
POSTED BY XERO .ALL RIGHTS RESERVED.

The Stoned Bootkit – NO ONE IS SECURE !

A bootkit is a type of boot virus that is able to hook and patch Windows kernel , and thus getting unrestricted accessAS usual..Windows is Ownd Again to the entire computer hence compromising it . The "Stoned" bootkit, a MBR rootkit was presented by Austrian  software developer Peter Kleissner at the Black Hat Technical Security Conference USA 2009 and has been taken quite seriously at the circles at Redmond. It is even able to bypass full volume encryption, because the master boot record (MBR) (where Stoned is stored) is not encrypted and as the master boot record contains the decryption software which encrypts and decrypts the harddrive using a password. This is a potential weak point as MBR if compromised,can be used to pwn your whole system. Forget your antiviruses..No one’s secure!

Who is interested in Stoned Bootkit ?

  1. Black Hats
  2. Law enforcement agencies
  3. Microsoft

Why is Stoned something new? Because it is the first boot-root-kit that -

  • Attacks Windows XP, Sever 2003, Windows Vista, Windows 7 with one single MBR
  • Attacks TrueCrypt full volume encryption (forget about data security :P)
  • Has integrated FAT and NTFS drivers
  • Provides support and an integrated structure for plugins and boot time applications (for future development,ethical or unethical)

As Robert Hensing quotes about bootkits -

A bootkit is a rootkit that is able to load from a master boot record and persist in memory all the way through the transition to protected mode and the startup of the OS. It’s a very interesting type of rootkit.”

You can download Stoned Bootkit here:

Open Source Framework – Stoned Bootkit Framework.zip
Infector file – Infector.exe

 

Keep Learning..

 

POSTED BY XERO.ALL RIGHTS RESERVED.Source

Learn Web hacking using DVWA

With lots of curious readers asking me how to practice hacking and from where to start,Damn Vulnerable Web App Untitled-1(DVWA) is great application to plunge yourself in.DVWA is a PHP/MySQL web application that is damn  vulnerable..literally. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit and it successfully achieves those :P . And frankly it can be used to learn or teach the art of web application security.
The DVWA is bundled with the following  type of vulnerabilities-
  • SQL Injection
  • XSS (Cross Site Scripting)
  • LFI (Local File Inclusion)
  • RFI (Remote File Inclusion)
  • Command Execution
  • Upload Script
  • Login Brute Force
WARNING !!
(Shamelessly ripped off from official statement :P )
It should come as no shock..but this application is damn vulnerable! Do not upload it to your hosting provider’s public html folder or any working web server as it will be hacked. It’s recommend that you download and install XAMP onto a local machine inside your LAN which is used solely for testing.
You can download DVWA 1.0.4 here:
Download DVWA

Keep learning..

POSTED BY XERO . ALL RIGHTS RESERVED