Tag: Hacking

Hack a Day

Eddlogic

http://hackaday.com/2009/10/18/samsung-tv-firmware-hacking/

filed under: home entertainment hacks

[Erdem] is leading up the efforts to reverse engineer Samsung TV firmware with a project called SamyGo. Official Samsung firmware uses the Linux kernel, making it a familiar system to work with for many developers. So far they’ve implemented NFS and SAMBA for sharing files over the network, improved playback from USB devices, and unlocked the ability to use non-Samsung WiFi dongles.

In order to make changes to the system, you need to enable a telnet connection on the device. The SamyGo team accomplished this by changing an official version of the firmware in a hex editor to start the telnet daemon at boot time. This altered firmware is then flashed using Samsung’s built in upgrade system. Once telnet is enabled, non-official firmware can be manually flashed.

We’d love to see this project expand to other TV Brands in the future. In fact, we were looking for something like this back in June when we realized that our Sony Bravia runs a Linux kernel and can be updated via USB drive. Be careful if you want to try this out. We can only imagine the fallout after telling your significant other that you bricked a high-priced LCD.

Mac OS-X Malware

Eddlogic

People for many, many years thought that if you had a Apple Mac computer then you was invulnerable against virus, malware, spyware, and more types of treats!

Well they have always been wrong, for many years Apple have wanted to compete against other giants like Linux, or Windows. so when they brought out the iPad and iPhone, it increased their vulnerability because of popularity. I hope they would understand this and induce extra security and immunise their systems, even thought we all know how BAD to put it politely iShit is. So if you want to find out………………………………………………………Protect yourself by using XProtect

Malware for Mac OS does exist and it’s becoming more and more widespread. In particular OSX/Pinheard-B, as categorized by Sophos, and better known as HellRTS is a malware that gives complete remote control of the infected OS-X machine: you can take snapshots, send emails, transfer files and log keystrokes from the victim. Apple, however, seems to be pleased by this misbelief and doesn’t do anything to wake up its users to the malware call: an update to Snow Leopard included a silent update to Xprotect.plist. XProtect is, in the words of Graham Cluley Senior Security Consultant at Sophos, a rudimentary file that contains elementary signatures of a handful of Mac threats. Starting from version 10.6, OS-X users are warned when suspicious files are downloaded and executed from Entourage, Safari, Mail, Thunderbird and other browsing tools. This kind of protection is rather sloppy as malware can get through by means of Skype, BitTorrent or other tools that are currently unsupported by Mac OS-X builtin signature-based malware protection.

More info exists Here

The update schedule for Snow Leopard has been:

  • 10.6           –       August 28, 2009 (release date)
  • 10.6.1        –       September 10, 2009
  • 10.6.2        –       November 9, 2009
  • 10.6.3        –       March 29, 2010 (revised April 13, 2010)
  • 10.6.4        –       June 15, 2010

This last update included an update to XProtect to protect against OSX.HellRTS (aka OSX/Pinhead-B). This has doubled the size of the file.

Most Mac malware solutions protected against OSX/Pinhead-B by the end of April. Waiting for an OS update to protect against malware could prove costly if this backdoor steals your personal information not least because XProtect only scans download (not installed) files. So there you have it the prouf is in the pudding! so it out of it will sort YOU!

Hacking Facebok

Eddlogic1 Comment

Facebook hack #1 : How to see people’s big display picture (avatar) ; You’re looking for somebody you know,you find somebody who looks like the one you are looking for but you’re not sure if he’s the one you’re looking for since you cannot see his face very well and his profile can only be seen by his friends.To see his bigger picture(The profile we’re testing on is my profile):

Now you wonder i made “S” bold in the URL,because “S” is initial of SMALL ,which means Facebook shows his small(avatar) picture.

“N” means normal picture ,When you change “S” to “N” you will see a bigger picture.

Facebook hack #2 :How to see people’s old display pictures ; This facebook hack may take a few minutes to see ,first you need to have Flashget on your pc,open flashget and click File tab and then click “Add batch Download” and ;

Facebook hack #3 How to see people’s limited profile without adding as a friend ; You cannot see people’s profile if its limited to public.But :

  • Send a message like “Hello” to the one you want to see his/her facebook profile and wait for his/her reply.
  • When he/she replies to you you can see his/her facebook profile.

Facebook hack #4 Facebook fools you hackers not to get flooded : Lol.Yeah.Check the example below ,both url shows same thing ;

As you see Facebook creates fake folders to fool hackers.

I’m sure theres lots of hacks which are waiting for to be explored,is’not it shocking that a website that worths billion dollars is wack at security and cryptology.

Cain & Abel v4.9.35 – Password Sniffer, Cracker and Brute-Forcing Tool

Eddlogic

It’s been quite a while since we’ve written about Cain & Abel, one of the most powerful tools for the Windows platform.

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.

Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.

The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.

Most recently added is the support for Windows 2008 Terminal Server in APR-RDP sniffer filter.

You can download Cain & Abel v4.9.35 here:

ca_setup.exe

Or read more here, the online user manual is here.

Phone Password Flaw Discovered

Eddlogic

The Apple iPhone password that’s used to protect personal information can be easily circumvented, according to users.

Circumventing the password involves the use of the device’s "emergency call" keypad and amounts to only a couple of taps on the iPhone’s multitouch screen, according to reports of the flaw on the forum of the MacRumors Web site.

Once the emergency call keypad is accessed through the passcode entry screen, a person only needs to double tap the home button, which takes the user to the iPhone’s favorites section. From there, a person gets full access to the device, including applications, contact lists, and e-mail.

The apparent flaw, however, has a simple fix. Through the iPhone’s "settings" option, a person only has to disable double tapping on the home button to make the device secure once again, users reported.

Apple did not respond to a request for comment.

IPhone security is a key issue in use of the device on corporate networks. Getting businesses to adopt the iPhone was a major focus in Apple’s release of version 2.0 of the iPhone operating system over the summer. Find out what 2,000 IT professionals told InformationWeek about their plans and priorities for securing their companies’ assets. Download the report here (registration required).

Nevertheless, security issues have arisen with use of the iPhone. InformationWeek, for example, reported potential security problems in using Apple’s tools for creating custom configuration files that can be used to provision large numbers of iPhones on an enterprise environment.

In addition, the iPhone Mail and Safari applications in July were found to be vulnerable to URL spoofing. Security researcher Aviv Raff reported the problem and recommended that users not click on links to get to trusted sites, like online banks; but rather type URLs in manually until the problem is resolved.

Raff has criticized Apple for its handling of Safari security, saying the company has failed to learn from past browser design mistakes.

Hackers of the Lost Ark

Eddlogic

Anonymous writes ""Counter Hack" author Ed Skoudis presents HACKERS OF THE LOST ARK, another of his popular Crack-the-Hacker challenges. Going along with Ed’s usual flair of adventurous back-story (this one no doubt inspired by the 1981 blockbuster "Raiders of the Lost Ark") we learn that just after archeologist Indiana Jones had retrieved the all powerful Ark of the Covenant from the Nazis, it was secretly stored away in a giant warehouse by the United States Government, never to be found again… That is until of course, a group of evil Neo-Nazis hacks into the Government’s prototype server holding sensitive information of the Ark’s exact location…and suddenly a whole new adventure begins and your forensics skills are beckoned! Ed himself is offering prizes to the top three sleuths.

Zodiac Spoofing

Eddlogic

 

Zodiac is a DNS protocol analyzation and exploitation program. It is a robust tool to explore the DNS protocol. Internally it contains advanced DNS routines for DNS packet construction and disassembling and is the optimal tool if you just want to try something out without undergoing the hassle to rewrite DNS packet routines or packet filtering.

Features

  • sniffing on all kinds of configured devices (Ethernet, PPP, …)
  • capturing and decoding nearly all types of DNS packets, including packet decompression
  • nurses driven text based frontend with interactive commanding and multiple windows
  • threaded design allow more flexibility when adding your own features
  • clean code, commented and tested just fine, ready for you to extend
  • internal DNS packet filtering allows installation of pseudo DNS filters you can “select()” on a large set of DNS packet construction primitives
  • DNS name server visioning using BIND version requests
  • DNS local spoofing, answering DNS queries on your LAN before the remote NS
  • DNS jazz spoofing, exploiting a weakness within old BIND versions
  • DNS ID spoofing, exploiting a weakness within the DNS protocol itself

You can download Zodiac 0.4.9 here:

zodiac-0.4.9.tar.gaze

Or read more here.

Leave a Reply

Linux Tips and Hacks

Eddlogic

Here is some Linux hacks I will post more as the time progresses, please always remenber to BACKUP before hand and Enjoy.

How to export DISPLAY on windows comp from a linux comp which is accessible from some router linux comp(for windows users only)
Suppose you are working on 10.8.11.1 and you go to 10.8.11.3 via 10.8.11.2, then to open graphical applications of 10.8.11.3 on 10.8.11.1, follow these steps:
1. start Xwin32 (on 10.8.11.1)
2. ssh to 10.8.1.2
3. export DISPLAY=10.8.11.1:0.0
4. vncserver (it will promt for a passwd, set the passwd)
5. start remote destop connection as server 10.8.11.2:1
6. xhost + (on 10.8.11.2)
7. ssh to 10.8.11.3 from 10.8.11.2
8. export DISPLAY=10.8.11.2:1 (on 10.8.11.3)
9. start any application.

How to build an rpm
a) from SRPM
Install the .src.rpm file this way:
$ rpm -i somepackage-1.0-1.src.rpm
This will create files in /usr/src/redhat/SOURCES and a .spec file in /usr/src/redhat/SPECS.
Then go the SPECS directory and give the command to build the RPM:
$ cd /usr/src/redhat/SPECS
$ rpmbuild -bb somepackage.spec
b) from source package
When a source archive (e.g., somepackage-1.0.tar.gz) contains a .spec file, one can give the following command to build the RPM without having to deploy the archive:
$ rpmbuild -tb somepackage-1.0.tar.gz
Give the -ta option instead if you also want to build the SRPM.

To send message from linux to windows
$ smbclient -M <hostname> -I <ip-address>
And to find hostname
$ nmblookup -A <ip-address>

Tip and Tricks to XP

Eddlogic

Hello again. On regards to the last blog, if you find that a little to much then you can have a try at the tips that come a standard XP Pro and its registry, so here is one of two. however if you’ve got some ideas of your own feel free to post them. Please note that you should all ways back up your registry as well and looking into VMWare and also these tweaks do not need any 3rd party software in order to complete and I will give some long over due Linux tips next blog:

Automatic Administrator Login:
Well here’s the trick which you can use to prove that Windows XP is not at all secure as multi-user operating system. Hacking the system registry from any account having access to system registry puts you in to the administrator account.
REGEDIT 4
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
"AutoAdminLogon"="1"

Menu Delays:

Another minor and easy tweak to remove any delay from menus sliding out. For this you will need to use regedit (open regedit by going to Start -> Run…, then typing ‘regedit’ and pressing enter). The key you need to change is located in HKEY_CURRENT_USERControl PanelDesktop. The actual key is called MenuShowDelay – all you have to do is change the value to 0. Remember, you will have to re-boot your computer for this tweak to take effect.

 

Automatically Kill Programs At Shutdown:

don’t you hate it when, while trying to shut down, you get message boxes telling you that a program is still running? Making it so that Windows automatically kills applications running is a snap. Simply navigate to the HKEY_CURRENT_USERControl PanelDesktop directory in the Registry, then alter the key AutoEndTasks to the value 1.

 

Shutdown Computers Over The Network.

To make this 1. Open Notepad, 2.Type Shutdown -s -m \xxx.xxx.xxx.xxx (IP Address)
3. Save To Desktop As (Anything).bat (DONT FORGET THE .BAT)
4.Double click on the icon and wait.
5. Now there is of course other ways of doing this, read the post on the front page,
you can also open CMD and type "Shutdown -i"

The XP Prefetcher

Windows XP has a service called the Prefetcher. It basically monitors the different programs that start during startup and helps them launch faster.
To find this tool browse to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory ManagementPrefetchParameters
The important key is EnablePrefetcher. Default value for this is 3. You will want to try numbers between 1 and 6. 5 seems to work best for me but your mileage may vary.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSessionManagerMemory ManagementPrefetchParameters]
"EnablePrefetcher"="5"

Google hacks

Eddlogic

 

I people, have you ever wanted to find webcams throughout the Internet?????? I’m not talking about just the naughty and pornographic kind!! well here’s how.

Go on a new tab in your browser and go to Google.com / UK which ever.

Enter inurl:/view/index.shtml or intitle:liveapplet inurl:LvAppl and press search and SEE what you come up with!! 

You can control them, move them in all directions!!

Have fun but remember too be careful this is only what a Google hack can do so you may not be breaking the law, but you will if you go too far. Enjoy