illmob

For those wanting more secure SMS convos, TextSecure has been added to CyanogenMod :::More Info Here:::

Utilite Pro is a quad core ARM cortex-A9 machine with up to 4 GB of RAM, up to 512 GB mSATA SSD, HDMI and DVI-D output, dual (2x) 1GB nics, a built in wireless card and 4 USB ports. The guys from OffSec show you how to build your Arm image to run on it. Not too bad for a $200 dropbox that you can use on site during pentests.

For Win2k/XP you can use this modified GINA stub. More information about how GINA works can be found in his excellent blog post.
For Vista/7 you can use this custom credential provider More information can be found in his blog post.

So we linked our IRC with the guys who are starting a new Sub7 project. irc.illmob.org #subseven

Kingcope droppin’ a new 0day, the vulnerability is present in the default install
of the php5-cgi package. http://www.exploit-db.com/exploits/29290/

WHMCS, a popular client management, billing and support application for Web hosting providers, released an emergency security update for the 5.2 and 5.1 minor releases, to patch a critical vulnerability that was publicly disclosed. Leaseweb, PureVPN were owned within a few hours.
POC HERE

The Dread Pirate Roberts has been caught UlbrichtCriminalComplaint.pdf

Ross William Ulbricht, a 29-year-old graduate of the University of Pennsylvania School of Materials Science and Engineering known by the online alias “Dread Pirate Roberts,” was arrested by the Federal Bureau of Investigation on Tuesday for his alleged involvement in the Silk Road online marketplace, according to court papers published this week.
Seems like DPR used his real name on some stackoverflow questions and used the same forum signature in two different spots

Derbycon ended on Sunday but the videos were being finished and uploaded almost the very same day by Irongeek.
Check ’em out.

It’s that time of year for Derbycon \0/ most of the illmob crew will be down there partying all weekend. See you there!

In April 2013, a piece of malware was found embedded in Freedom Hosting’s darknet server that would exploit a security hole in a particular web browser and execute code on the user’s computer. This code gathered some information about the user and sent it to a server in Virginia and then crashed – it had no obvious malicious intent that is so characteristic of malware. It was therefore theorised that the FBI, who have offices in Virginia, and who have ‘form’ for writing malware, may have authored it – this now appears to be true.
http://oweng.myweb.port.ac.uk/fbi-tor-malware-analysis/