Chaos Computer Club breaks Apple TouchID

by admin

Sunday, September 22nd, 2013 at 3:11 pm

Using a technique he outlined over 10 years ago, starbug from CCC has broken the biometric lock on the new iPhone.
Source: ccc.de

Getting internal IP addresses via html5

by admin

Friday, September 13th, 2013 at 12:16 pm

Neat little trick to get internal IP address using HTML5 WebRTC from 2x.io blog. Which also can be used for nasty javascript to do internal attacks, on your router for instance. Check out the :::DEMO:::.

Stealing passwords every time they change

by admin

Friday, September 13th, 2013 at 10:59 am

carnal 0wnage blog has an “evil pass filter” .dll example that logs passwords to a textfile or http post every time someone changes their password on a windows box. Works on Windows 2000, XP all the way up to Windows 8 & 2012.

Nmap NSE Vulscan 1.0 Released

by admin

Tuesday, June 25th, 2013 at 9:47 am

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of different vulnerability databases.

Plesk Apache 0day by KingCope

by admin

Wednesday, June 5th, 2013 at 12:20 pm

KingCope’s 0day perl scripts for Parallels Plesk :: pleskwwwzeroday :: Affected and tested: Plesk 9.5.4 — remote PHP Code Execution

WCE v1.4beta x32/x64/universal has been released.

by admin

Friday, May 31st, 2013 at 2:30 pm

Download links:
wce_v1_4beta_universal.zip
wce_v1_4beta_x64.zip
wce_v1_4beta_x32.zip

Changelog:

version 1.4beta:
May 30, 2013
* Several Bug Fixes
* Windows 8 support
* “Universal Binary” (single executable with both versions. Detects at
runtime if it is running on a 32 bit or 64 bit version of Windows, dumps
the appropriate version of WCE and executes it)

Veil – Payload Generator to Bypass Antivirus

by admin

Thursday, May 30th, 2013 at 7:53 pm

https://www.christophertruncer.com/veil-a-payload-generator-to-bypass-antivirus/

Cain & Abel v4.9.45 released

by admin

Tuesday, May 21st, 2013 at 7:32 pm

  • Added Windows 8 support in LSA Secret Dumper.
  • Added Windows 8 support in Credential Manager Password Decoder.
  • Added Windows 8 support in EditBox Revealer.
  • Added ability to keep original extensions in fake certificates.
  • Added support for Windows 8 RDP Client in APR-RDP sniffer filter.
  • Winpcap library upgrade to version 4.1.3 (Windows8 supported).
  • OUI List updated.
  • http://www.oxid.it/cain.html

    Webroot loves illmob

    by admin

    Friday, April 19th, 2013 at 9:50 am

    Looks like Webroot picked up my source code for an article ::HERE::. This is a screen shot of my Assembly code for Robin Hood

    If it took them 2 years to ‘uncover’ source code for this, then I have no faith in their ability to protect against 0day threats.
    posted: Saturday, June 18th, 2011 at 3:42 pm

    Bitcoins…

    by admin

    Tuesday, April 9th, 2013 at 1:53 pm

    So bitcoins are up to $235 today, just a friendly reminder of some tools I made. The bitcoin_jacker.rb that is part of the metasploit repo since 2011 ::HERE:: and a stand alone version made in MASM RobinHood which you will have to edit and compile yourself. If I help make you rich please toss some coinage my way 🙂
    1KAhtigRFREAY7qnr78DKiQFLPETmwG15q

    Your IP: 172.70.34.149
    Hostname: 172.70.34.149

    You are from the area.

    We love our country, but fear our government.