A company called the PWNIE Express has released one of the coolest products I have ever seen—the PWN Plug.
Apparently it comes preloaded with Ubuntu, metasploit, ettercap, and the Social Engineering Toolkit, among other awesome tools.
Put on a maintenance shirt. Walk into an office. Plug in this bad boy under someone's desk. Game over.
Friday, February 18, 2011
Teaching Reverse Engineering
One of my favorite blogs, reverse.put.as, recently re-released an awesome reverse engineering tutorial for OS X. The tutorial is very well done and fG! (the author) also links to an amazing .gdbinit file that really makes reversing much nicer in gdb. fG! originally removed the tutorial because he(or she—not sure) was concerned that some would abuse the information. He made clear in the re-release that his intent was not to abet software pirates, but to educate those with desire to learn a very important skill.
Several of the comments indicate that not all agree with him. I think what they fail to recognize, however, is that reversing is not cracking—cracking is merely one use of reversing. Reversing is necessary in the modern world: we need it to fight malware, discover and patch vulnerabilities, give software developers the freedom of interoperability, and to encourage healthy competition.
Will some people use the knowledge for evil? To be sure; anything can be misused. But others will use it to improve the world they live in. Give people information and let them decide how to live.
Several of the comments indicate that not all agree with him. I think what they fail to recognize, however, is that reversing is not cracking—cracking is merely one use of reversing. Reversing is necessary in the modern world: we need it to fight malware, discover and patch vulnerabilities, give software developers the freedom of interoperability, and to encourage healthy competition.
Will some people use the knowledge for evil? To be sure; anything can be misused. But others will use it to improve the world they live in. Give people information and let them decide how to live.
Thursday, February 17, 2011
Scrambling the Cuckoo's Egg
One of the earliest computing honeypots was created as Clifford Stoll allowed the Hannover hacker to waltz through Berkeley's network unchecked—little did the attacker know he was being watched. Using their network as a high-interaction honeynet, Stoll reverse social engineered attackers into requesting information about the fabricated SDINET project; this provided more information about the scope and severity of the attacks. Many modern attack vectors rely on social engineering. Honeypots could be rigged to provide records of fake employees—each associated with social media accounts, email addresses, and phone numbers. This falsified information would then be closely monitored so that social engineering attacks could be observed. These honeypots would require more resources than conventional honeypots: automation is difficult; and humans need to respond directly to attackers in some cases, such as phone calls. Still, the results would be interesting.
Saturday, February 12, 2011
A Clever Man
Today I'd just like to point out how clever I think this man is. I ran into his profile a while back when I was trying to get that same user name (logout). I tried several similar names but they appear to be reserved by Facebook—surprised they let him get away with it. Maybe he works there. Either way, a toast to the cleverness of Pushkar.
Friday, February 11, 2011
Russian Doll URL Shortening
Attackers have been hiding malicious URLs using shortening services like TinyURL or bit.ly for some time now. Some smarter folks, however, have plugins that automatically resolve shortened URL's for them.
For a little extra umph, what if the attacker shortened an already shortened URL? I wonder how many of these tools are prepared to unravel a chain of shortened URLs.
I haven't seen this technique yet, so hopefully I'm the inventor and everyone will call it "Russian Dolling."
p.s. On an only slightly related note, does anyone know of any services that let you edit the target URL afterwards? If so, you could create a loop in shortened URLs. That would be awesome.
UPDATE:
Diogo Mónica notified me that he has seen such attacks in the wild, and there are tools that can handle it. While not surprising in the least, I must admit I am still a little disappointed it won't be named Russian Dolling. Alas.
Diogo also pointed out that loops are possible using services such as ow.ly. Such as this one http://ow.ly/3VcCy. Don't use bit.ly though, because it will warn you of encapsulation. Be sure to check out Diogo's blog if you get the chance, it's awesome.
For a little extra umph, what if the attacker shortened an already shortened URL? I wonder how many of these tools are prepared to unravel a chain of shortened URLs.
I haven't seen this technique yet, so hopefully I'm the inventor and everyone will call it "Russian Dolling."
p.s. On an only slightly related note, does anyone know of any services that let you edit the target URL afterwards? If so, you could create a loop in shortened URLs. That would be awesome.
UPDATE:
Diogo Mónica notified me that he has seen such attacks in the wild, and there are tools that can handle it. While not surprising in the least, I must admit I am still a little disappointed it won't be named Russian Dolling. Alas.
Diogo also pointed out that loops are possible using services such as ow.ly. Such as this one http://ow.ly/3VcCy. Don't use bit.ly though, because it will warn you of encapsulation. Be sure to check out Diogo's blog if you get the chance, it's awesome.
Tuesday, February 8, 2011
Grow Up
Many jumping on the Anonymous bandwagon are teenagers with too much time and too little skill. Seeking acceptance and respect from their peers, they are seduced by an alluring sense of community—a mob with no direction, no leaders, no code of ethics, and no cause. Armed with illusions of grandeur, this hive mind trolls about the internet, brandishing the banner of freedom. They fool only themselves. Ironically, the Guy Fawkes mask they wear is intended to symbolize the fight against tyranny; they also believe this mask will hide their accountability. Notwithstanding, they are easily caught with their hands in the cookie jar.
Tuesday, February 1, 2011
Let Google do the dirty work.
Thanks to the Changelog, today I was introduced to easy_translate. This gem of a ruby gem uses Google translate to, well... translate. Awesome. We need to use Google to do more of our dirty work.
I am not one of the greatest spellers to ever have lived. As I was using a word processor the other day, I observed that when I don't know how to spell a word, I google it instead of using the built in spell checker. Google is far superior to any spellchecker. So if you're writing a word processor, save yourself some work and write a tool that uses google for spell checking.
I am not one of the greatest spellers to ever have lived. As I was using a word processor the other day, I observed that when I don't know how to spell a word, I google it instead of using the built in spell checker. Google is far superior to any spellchecker. So if you're writing a word processor, save yourself some work and write a tool that uses google for spell checking.
Subscribe to:
Posts (Atom)