Tuesday, November 27, 2012

Hotel Cardkey Locks Said To Be Vulnerable To Bypass Hack

Locks used in more than 4 million hotel rooms can be defeated with some inexpensive hardware and some software, a security researcher demonstrates for Forbes.

You may not be as safe in your locked hotel room as you think.
Keycard door locks from Onity -- used in more than 4 million hotel rooms around the world -- are susceptible to vulnerabilities that could lead to a security bypass, according to Cody Brocious, a 24-year-old Mozilla developer and security researcher. Brocious, who is expected to present his findings at the Black Hat security conference tomorrow, showed Forbes how he is able to open hotel doors with a gadget he built with materials costing less than $50.

Brocious' device spoofs a portable programming device used to control door locks, Forbes explains. In a demonstration, Brocious shows how a plug inserted into a DC port on the underside of the lock could spring the hotel door lock.

"I plug it in, power it up, and the lock opens," he said.

However, the technique did not always work on locks installed on real hotel room doors. In fact, it only worked once and only after Brocious reprogrammed the device -- an unreliability he attributed to timing issues with how the device communicates with the lock.

The vulnerability occurs because the exposed port allows any device to read the lock's memory, where a string of data is stored that will trigger its "open" mechanism. He also said that his former employer reverse-engineered Onity's front desk system and sold it to a locksmith training company last year for $20,000.
"With how stupidly simple this is, it wouldn't surprise me if a thousand other people have found this same vulnerability and sold it to other governments," Brocious said. "An intern at the NSA could find this in five minutes."


Friday, March 16, 2012

The NSA Is Building the Countrys Biggest Spy Center (Watch What You Say)

The spring air in the small, sand-dusted town has a soft haze to it, and clumps of green-gray sagebrush rustle in the breeze. Bluffdale sits in a bowl-shaped valley in the shadow of Utah’s Wasatch Range to the east and the Oquirrh Mountains to the west. It’s the heart of Mormon country, where religious pioneers first arrived more than 160 years ago. They came to escape the rest of the world, to understand the mysterious words sent down from their god as revealed on buried golden plates, and to practice what has become known as “the principle,” marriage to multiple wives.

Today Bluffdale is home to one of the nation’s largest sects of polygamists, the Apostolic United Brethren, with upwards of 9,000 members. The brethren’s complex includes a chapel, a school, a sports field, and an archive. Membership has doubled since 1978—and the number of plural marriages has tripled—so the sect has recently been looking for ways to purchase more land and expand throughout the town.

But new pioneers have quietly begun moving into the area, secretive outsiders who say little and keep to themselves. Like the pious polygamists, they are focused on deciphering cryptic messages that only they have the power to understand. Just off Beef Hollow Road, less than a mile from brethren headquarters, thousands of hard-hatted construction workers in sweat-soaked T-shirts are laying the groundwork for the newcomers’ own temple and archive, a massive complex so large that it necessitated expanding the town’s boundaries. Once built, it will be more than five times the size of the US Capitol.

Rather than Bibles, prophets, and worshippers, this temple will be filled with servers, computer intelligence experts, and armed guards. And instead of listening for words flowing down from heaven, these newcomers will be secretly capturing, storing, and analyzing vast quantities of words and images hurtling through the world’s telecommunications networks. In the little town of Bluffdale, Big Love and Big Brother have become uneasy neighbors.
The NSA has become the largest, most covert, and potentially most intrusive intelligence agency ever.

Under construction by contractors with top-secret clearances, the blandly named Utah Data Center is being built for the National Security Agency. A project of immense secrecy, it is the final piece in a complex puzzle assembled over the past decade. Its purpose: to intercept, decipher, analyze, and store vast swaths of the world’s communications as they zap down from satellites and zip through the underground and undersea cables of international, foreign, and domestic networks. The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” It is, in some measure, the realization of the “total information awareness” program created during the first term of the Bush administration—an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans’ privacy.

But “this is more than just a data center,” says one senior intelligence official who until recently was involved with the program. The mammoth Bluffdale center will have another important and far more secret role that until now has gone unrevealed. It is also critical, he says, for breaking codes. And code-breaking is crucial, because much of the data that the center will handle—financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal documents, confidential personal communications—will be heavily encrypted. According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”

For the NSA, overflowing with tens of billions of dollars in post-9/11 budget awards, the cryptanalysis breakthrough came at a time of explosive growth, in size as well as in power. Established as an arm of the Department of Defense following Pearl Harbor, with the primary purpose of preventing another surprise assault, the NSA suffered a series of humiliations in the post-Cold War years. Caught offguard by an escalating series of terrorist attacks—the first World Trade Center bombing, the blowing up of US embassies in East Africa, the attack on the USS Cole in Yemen, and finally the devastation of 9/11—some began questioning the agency’s very reason for being. In response, the NSA has quietly been reborn. And while there is little indication that its actual effectiveness has improved—after all, despite numerous pieces of evidence and intelligence-gathering opportunities, it missed the near-disastrous attempted attacks by the underwear bomber on a flight to Detroit in 2009 and by the car bomber in Times Square in 2010—there is no doubt that it has transformed itself into the largest, most covert, and potentially most intrusive intelligence agency ever created.

In the process—and for the first time since Watergate and the other scandals of the Nixon administration—the NSA has turned its surveillance apparatus on the US and its citizens. It has established listening posts throughout the nation to collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas. It has created a supercomputer of almost unimaginable speed to look for patterns and unscramble codes. Finally, the agency has begun building a place to store all the trillions of words and thoughts and whispers captured in its electronic net. And, of course, it’s all being done in secret. To those on the inside, the old adage that NSA stands for Never Say Anything applies more than ever.

Thursday, September 22, 2011

Lilith: Perl script to audit web applications

Lilith tool analyses webpages and looks for htmltags , which often refer to dynamic pages that might be subject to SQL injection or other flaws.Lilith basic function is to spider and analyses pages, following hyperlinks, injecting special characters that have a special meaning to any underlying platform. As most of us know web applications scanner can never perform a full 100% correct audit. A manual re-check eliminates most of the false positve. Features and changes made in lilith got rid of many many false positives (that’s good) when SQL error is found, it now goes onto next var improved (i hope) scanning engine (anti) coldfusion support better cookie handling and cookie tampering omitted perl HTML::Form limitation better verbose output extensive logging detects directory indexing recursive URL dissection cleaned up this pasta code

Download Lilith Here

Aldi Bot - Buy a Botnet just in 10 Euros

Researchers of German security firm G Data have discovered that a bot builder dubbed "Aldi Bot" is currently being offered for that much on underground forums. The Aldi Bot Builder appears to be based on the ZeuS source code. The malware has nothing to do with the discount supermarket chain and it is not clear why its author chose to name the bot after Aldi – it is thought it may relate to the bot's discount pricing. Company says "We’ve encountered a bot sale, which, in case it finds followers, can cause a massive glut of malware all over. The so-called “Aldi Bot” first appeared in late August and has been sold for the initial price of €10! Parts of the bot’s code oddly look like ZeuS code…"
The Aldi Bot can read (saved) passwords from the Firefox web browser, Pidgin IM client and JDownloader download tool, and send them to a command and control server which is included in the €10 price tag. The Aldi Bot can also carry out Distributed Denial-of-Service (DDoS) attacks, as the bot's author demonstrates with a YouTube video showing an attack on the German Bundeskriminalamt (equivalent to the UK CID) web site. The bot can also be set up as a SOCKS proxy to use infected computers as proxies for protocols of the bot herder's choosing. Infecting systems with the discount malware does, however, require additional measures, such as exploit packs on infected web sites.

Alleged LulzSec member arrested in Sony breach

The FBI arrested a 23-year-old Arizona man today on charges of stealing data from Sony Pictures Entertainment earlier this year.

Cody Andrew Kretsinger of Phoenix was indicted September 2 by a federal grand jury on charges of conspiracy and unauthorized impairment of a protected computer, the FBI said in a statement. Kretsinger could not be reached for comment.

Meanwhile, Fox News reported that a hacker who is believed to be homeless was arrested in San Francisco on charges of participating in attacks allegedly carried out by activist group Anonymous on Santa Cruz County government Web sites, and that search warrants were being executed in New Jersey, Minnesota, and Montana. An FBI spokesman told CNET that the agency does not typically comment on search warrants. FBI officials in San Francisco did not immediately return a call seeking comment.

Kretsinger is accused of using proxy services via the hidemyass.com site, designed to offer anonymous Internet access, to probe Sony Pictures Entertainment's computer systems in May, according to the indictment, which was unsealed in U.S. District Court in Los Angeles today.

He and others co-conspirators looked for vulnerabilities and exploited them by means of a SQL injection attack between May 27 and June 2, the indictment says. They then allegedly compromised the Sony system, making "tens of thousands of requests for confidential data," and released the information from Sony on a public Web site and on Twitter.

Kretsinger permanently erased the hard drive of the computer he used to conduct the attack, the indictment alleges. He is due to make an initial appearance in federal court in Phoenix today. The U.S. government will request that he be transferred to Los Angeles to face prosecution. He faces up to 15 years in prison if convicted.

He is alleged to have used the hacker handle "recursion" and is believed to be a member of the LulzSec hacker group.

The LulzSec group, believed to be a spin-off of the Anonymous group of online activists, had bragged about breaking into Sony Pictures' system, posting a statement on the Pastebin on June 2 and proof of their attack. "We recently broke into SonyPictures.com and compromised over 1,000,000 users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts," the statement said. "Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 'music codes' and 3.5 million 'music coupons.'"

A week later, Sony said that actually personally identifable information of 37,500 customers had been exposed in the breach. The breach was one of a series of attacks targeting Sony and its affiliate sites globally that started in May following a legal spat Sony had with a hacker who had modified his Sony PlayStation 3.

Read more: here

Saturday, June 4, 2011

ACER hacked by Pakistan Cyber Army

Yes ! you read right , ACER hacked because of their own stupidity. Yesterday we report that Pakistan Cyber Army hacked Acer Europe Server and 40,000 Users Data, Source Codes & Server Compromised .http://www.blogger.com/img/blank.gif

Today we investigate on this and try to find out that how exactly Pakistan hackers got the FTP access . Here in above image you can see the screenshot taken by us from a ASP forum of Acer-Euro. Acer ASP Support Team posted some Hot Fix Release and give FTP access to other members , so that they can download that Hot Fix. This was posted on January 11, 2008 . Pakistan hackers got this and explore the FTP and In "PB" directory they get "Country Wise Customer Data.zip" file, which include the 40000 users data managed according to country wise.

Now this Data breach is only because of ACER's own Stupidity. The link of Forum post is "http://asp.acer-euro.com/FORUM/Topic472-8-1.aspx".

Friday, May 27, 2011

Internet Explorer vulnerable to Cookie-jacking

A security researcher has devised an attack that remotely steals digital credentials used to access user accounts on Facebook and other websites by exploiting a flaw in Microsoft's Internet Explorer browser.

Independent researcher Rosario Valotta demonstrated his “cookiejacking” proof of concept last week at the Hack in the Box security conference in Amsterdam. It exploits a flaw that's present in all current versions of IE to steal session cookies that Facebook and other websites issue once a user has entered a valid password and corresponding user name. The cookie acts as a digital credential that allows the user to access a specific account.

The proof of concept code specifically targets cookies issued by Facebook, Twitter and Google Mail, but Valotta said the technique can be used on virtually any website and affects all versions of Windows. “You can steal any cookie,” he told The Register. “There is a huge customer base affected (any IE, any Win version).”