detect flashback mac

F-Secure  has created a free tool that automates the detection and removal of the widespread Flashback Mac OS X malware.

How to use the tools:

1) Download FlashbackRemoval.zip to the Mac machine you want to scan. 2) Double-click the zip package to unzip it in the current folder. 3) Double-click the FlashBack Removal app to run the tool. 4) Follow the instructions to check . . . → Read More: detect flashback mac

Honeynet honeywall howto

Honeynet/Honeywall Implementation

Routing of malicious traffic and forensic analysis

Steve Stonebraker

11/22/2010

 

A detailed implementation of a full interaction honeypot and honeywall in a virtualized VMWare environment is presented.   The benefits and drawbacks of this type of this type of implementation are explained.  The importance of proper . . . → Read More: Honeynet honeywall howto

decoding sql injection attempts

Background

SQL Server has a function called CAST, that converts an ASCII codes array to text. Hackers can use this function to obfuscate the SQL Injection payload, and bypass filters that block SQL commands or hazardous characters. Here is an example to an attack that uses this technique:

DECLARE @S CHAR(4000); SET @S=CAST(0x The ASCII . . . → Read More: decoding sql injection attempts

FTDNS example

Here is an FTDNS example (File Transfer via DNS) from Johannes B. Ullrich, Ph.D.  (http://isc.sans.edu/diary.html?storyid=10306):

File transfer via DNS

For pentesters, this is helpful as it will first of all sneak past many firewalls, and secondly you do not need to install any special tools that may be picked up by anti-malware.

First, we convert . . . → Read More: FTDNS example

Flood network with random MAC addresses with macof tool

Background

Before you can be a badass hacker you need to understand what exactly it is your doing.  Today’s Lesson is on flooding a network with random MAC addresses.

Switch Behavior If you fill up a switches table with random mac addresses different vendors switches will behave differently.

Cisco switches will keep original MAC address . . . → Read More: Flood network with random MAC addresses with macof tool

Top Security Hacking Tools & Utilities

Top Security Hacking Tools Penetration Testing

Tools:

Metasploit Project – open-source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development Netwag – Graphical front end for netwox which contains 223 tools Netcat – Computer networking service for reading from and writing network connections using TCP or . . . → Read More: Top Security Hacking Tools & Utilities

GNS3 – Graphical Network Simulator Train for CCNA, CCNP, CCIP, CCIE, JNCIA, JNCIS, JNCIE

GNS3 is a graphical network simulator that allows simulation of complex networks.

To allow complete simulations, GNS3 is strongly linked with :

Dynamips, the core program that allows Cisco IOS emulation. Dynagen, a text-based front-end for Dynamips. Qemu, a generic and open source machine emulator and virtualizer.

GNS3 is an excellent complementary tool to . . . → Read More: GNS3 – Graphical Network Simulator Train for CCNA, CCNP, CCIP, CCIE, JNCIA, JNCIS, JNCIE

Attacks on Spanning Tree Protocol with Yersinia

Recent Spanning Tree Protocol (STP) attack:

Tool being shown: http://www.yersinia.net/ Attack 1: Taking over the root bridge Never set the TC-ACK bit when receiving TCN BPDUs–> unnecessary flooding Keep switching between root bridge and other roles – excessive load on processor

Countermeasures

Root guard BPDU-guard Root ownership attack countermeasure – Root guard Ensures that the . . . → Read More: Attacks on Spanning Tree Protocol with Yersinia

Flood network with random MAC addresses with macof tool

Background

Before you can be a badass hacker you need to understand what exactly it is your doing.  Today’s Lesson is on flooding a network with random MAC addresses.

Switch Behavior If you fill up a switches table with random mac addresses different vendors switches will behave differently.

Cisco switches will keep original MAC address . . . → Read More: Flood network with random MAC addresses with macof tool

Firesheep Makes wifi Hacking Facebook, Twitter, Google, Flickr a Breeze

Firesheep Quickstart – windows xp: Click here to download firesheep-0.1-1.xpi straight from github.. Install latest version of winpcap Update your Firefox to at least 3.6.12 FAQ

Q: How do i fix Couldn’t open device x: Error opening adapter: the system cannot find the device specified?

A: Select a different interface and restart firefox (see screenshot . . . → Read More: Firesheep Makes wifi Hacking Facebook, Twitter, Google, Flickr a Breeze