illmob

It is hard to identify files containing Conficker because the executable are packed and encrypted. When Conficker runs in memory it is fully unpacked. Our memory disinfector scans the memory of every running process in the system and terminates Conficker threads without touching the process it runs in. This helps to keep the system services running.

The tool itself and the source code can be downloaded here:

And here is a tool to remove the registry entries

regnfile.exe 599 K

More info can be found here

Dan Kaminsky packaged a nice standalone .exe by the researchers with the HoneyNet Project (Tillmann Werner and Felix Leder) , that scans for infected conficker computers on the network. They recently discovered an easy way to identify infected systems remotely. Conficker attempts to patch the MS08-067 vulnerability during infection. A flaw in the patch causes the machine to respond differently than both an unpatched system and an officially patched system. Their scanner uses this knowledge to scan and identify the infected computers. McAfee, nCircle, Nmap, Qualys, and Tenable (Nessus) and most have already incorporated, or are about to incorporate, Conficker sigs for their scanners, but for now you can get

Dan’s .exe ::Here::

More info on the python script ::HERE::

Ashton Kutcher got an online buzz with his sneak pic of his wife’s ass on twitter
http://twitpic.com/2bj58 I guess it’s almost as good as the ones we stole from his phone

damn you’re getting old , we should call you petrified_wood

even though they made shitloads of money off their older versions before a bunch of open source alternatives finallycame, l0pht isgoing back to their roots and releasing a newer version, no word of whatupdates itcontains but check out l0phtcrack.com for more info

New code found for the internet explorer 7 exploit making the rounds http://milw0rm.com/exploits/8077 add your own un-escaped shellcode with this tool ::HERE:: and you’re good to go.

Her Twitter account was owned ::Screenshot:: Just like her gmail and youtube accounts before.

The newest beta of Backtrack is available fordownload

head over to http://remote-exploit.org to download it

If you’re like me an have an older laptop that doesnt have a cd/floppy drive or the BIOS doesn’t support booting from a USB device (thumbdrive,etc), you can boot your computer from USB or CDROM using PLoP.

The PLoP Boot Manager is a small program to boot different operating systems. You can boot the operating systems from harddisk, floppy, CD/DVD or from USB. You can start the boot manager from floppy, CD, network and there are many more ways to start the boot manager. You can install the boot manager on your harddisk. There is no extra partition required for the boot manager.

The install is super simple, you just copy 2 files to the root of your cd drive ,run a command, add a PLoP entry to your boot.ini and you’re done. Now you can run all your favorite linux-on-a-stick like BackTrack3 or Barts without the need for vmware etc. More Info ::HERE::