In the security space you go to sleep and BAM things blow up. The last 24hrs have been most interesting:
1: Adobe gets hit once again. This time related to flash. Actively being exploited. News article here. ISC article here. Adobe PSIRT response here. Adobe has known about it since 08?!?!
2: Vulnerability in dhclient . ISC rundown here. Sourcefire has a funny blog here about it.
3: Rob Fuller (@mubix) over at Room362.com has thrown out some good reminders on interesting tools for various things on his mubix links blog.
Pcapy, Impacket, InlineEgg, MSyslog, Uhooker, Core Force, Core Grasp, Core Wisdom, Exomind, HeapDraw, Pass-The-Hash Toolkit, SDT Cleaner, gFuzz, iPhoneDbg Toolkit.
SSH_Decoder, Middler, and ServifyThis, and more.
BeEF, Dnetj, JTR MPI patch, and more.
Metacab is a cabinet file that contains Netcat, Nmap, VNC and other remote administration utilities that need only a Windows command shell, cmd.exe, to install and use. Install and uninstall scripts are included, and work is being completed on antivirus evasion.
CeWL – Custom Wordlist Generator
By @digininja, CeWL sticks to just the site you have specified and will go to a depth of 2 links, this behavior can be changed by passing arguments. Be careful if setting a large depth and allowing it to go offsite, you could end up drifting on to a lot of other domains. All words of three characters and over are output to stdout. This length can be increased and the words can be written to a file rather than screen so the app can be automated.
Version 2 of CeWL can also create two new lists, a list of email addresses found in mailto links and a list of author/creator names collected from meta data found in documents on the site. It can currently process documents in Office pre 2007, Office 2007 and PDF formats. This user data can then be used to create the list of usernames to be used in association with the password list.
4: The Securitybsides conference is showing strength. The “unConference” is free, and will be hosted just before defcon. It has “a number of quality speakers who were rejected, not due to lack of quality but lack of space and time.” Check out @SecurityBSides Look at some of the presenters though, pretty money imo:
- Mike Kershaw (drag0rn) Author of Kismet will talk about msf/lorcon/wifi pwnage & blind/semi-blind http ownage
- HD Moore, Author of Metasploit will talk about WarVOX
- Val Smith, Founder of Attack Research. Val will be talking about global information security threats.
5: WordPress < 2.8.1 Security Bypass 0day
WordPress < 2.8.1 versions suffer from admin module configuration security bypass exploit , attackers use these urls to attack the blog.
http://xxx.com/wp-admin/admin.php?page=/collapsing-archives/options.txt
http://xxx.com/wp-admin/admin.php?page=akismet/readme.txt
http://xxx.com/wp-admin/admin.php?page=related-ways-to-take-action/options.php
http://xxx.com/wp-admin/admin.php?page=wp-security-scan/securityscan.php
It is harmful. Please update your wordpress.
6: Viruslist (aka Kaspersky Labs) Did a neat little writeup of The Economics of Botnets.
7: Jimmy Ray of Network World does a good article on diving into password cracking with CUDA
8: Andrew Waite does a nice writeup on Kon Boot.