Well, I wish I’d known about this technique the last time I forgot my gym lock combination.
Open a Padlock With a Coke Can
January 17, 2012
Leave a Comment » | 
Syndicated, Tools | 
Permalink
Posted by matt
WPS Flaw
January 3, 2012WPS, or WiFi Protected Setup, is a vendor-neutral scheme to make it easier for computer neophytes to securely configured a home wireless access point. Unfortunately, the PIN-based scheme it uses for authentication is easily bruteforced.
From the article:
“When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 108 to 104 + 103 which is 11,000 attempts in total.”
Leave a Comment » | Exploits | Permalink
Posted by matt
Iran Drone
December 21, 2011The recent capture of an American drone by Iranian forces has been a hot news item. Interestingly, Iranian engineers are coming forward with information on how it was captured. Rather than trying to crack the encryption on the command-and-control link to the pilot, they used spoofed GPS data to force its autopilot to land in Iran, all the while thinking it was in Kandahar. Nice hack.
Leave a Comment » | Exploits, Syndicated | Permalink
Posted by matt
Nmap Bundling
December 7, 2011Cnet’s download.com site has apparently begun bundling toolbars and spyware with nmap and other open source tools.
Leave a Comment » | Legal, Tools | Permalink
Posted by matt
Printer Attacks
November 29, 2011HP is looking into some new attacks on their Laserjet printer line, discovered by researchers at Columbia. It seems that the printers will, by default, accept unauthenticated firmware updates sent along with a print job. Uh-oh.
Leave a Comment » | Exploits | Permalink
Posted by matt
747s
November 15, 2011From a post on the Interesting People mailing list:
Craig S Wright says: “I was contracted to test the systems on a Boeing 747. They had added a new video system that ran over IP. They segregated this from the control systems using layer 2 – VLANs. We managed to break the VLANs and access other systems and with source routing could access the Engine management systems.”
https://plus.google.com/u/0/110897184785831382163/posts/5qsNxFEaiML
Leave a Comment » | Exploits, Syndicated | Permalink
Posted by matt
Columbia FOG
November 8, 2011An interesting, DARPA-funded project over at Columbia: FOG allows for false documents to be created which then “beacon” a message back to the originator when they are opened. Clearly, the intent is twofold – to seed places like Wikileaks with false information, and to ferret out people who are trading in stolen documents.
Leave a Comment » | Syndicated, Tools | Permalink
Posted by matt
BEAST
September 26, 2011Poor SSL. It’s been the standard for so long, but it’s had a rough go of it the last few months. First there were the breaches at Comodo and Diginotar, allowing intruders to generate seemingly-authentic certs to trick users, and now this.
In particular, security researchers Juliano Rizzo and Thai Duong have built a tool that’s capable of decrypting and obtaining the authentication tokens and cookies used in many websites’ HTTPS requests. “Our exploit abuses a vulnerability present in the SSL/TLS implementation of major Web browsers at the time of writing,” they said.
…
To illustrate the vulnerability they’ve discovered and automatically harvest authentication tokens and cookies, the researchers said they’ve also built a JavaScript-based tool dubbed BEAST, for Browser Exploit Against SSL/TLS. “It is worth noting that the vulnerability that BEAST exploits has been [present] since the very first version of SSL. Most people in the crypto and security community have concluded that it is non-exploitable, that’s why it has been largely ignored for many years,” Duong told Threatpost.
Leave a Comment » | Exploits, Tools | Permalink
Posted by matt
Rank My Hack
August 31, 2011The world of hacking has always been one built on boasting and prestige – but now it’s official. A new leaderboard at rankmyhack.com is tracking live exploits, awarding points based on complexity and skill, and hoping to become the definitive ranking system for the computer underground.
Someone who cracked baidu.com is at the top of the list. Impressive stuff.
Leave a Comment » | Exploits | Permalink
Posted by matt
Apache Killer
August 25, 2011A new Apache denial-of-service tool, named “Apache Killer”, has been posted on Full Disclosure and usage has been observed in the wild. Both the 1.3 and 2.0 codebases are affected – the Apache project says that a patch is upcoming. More details at the link.
Leave a Comment » | Exploits, Tools | Permalink
Posted by matt