'hacking' Category

• Backdoors available for analysis

  January 16, 2008

  Found a couple of backdoors that had been downloaded to a box of mine. They are available here for your convenience (if the links go down, I’ll put them up for download on a mirror): http://geocities.com/crewnewbie/tools/cbk.tar.gz http://geocities.com/evikhobare/chanarybot.tar.gz From my preliminary findings, they both contain the XHide process faker, one of them includes a remote-connect backdoor. […]

  posted in backdoor, forensic, forensics, hacking, xhide by Lee

• NSM-console version 0.2 release

  December 21, 2007

  I found out there is internet here, so I’m finally able to post some code changes I was working on while on the airplane. Firstly, download the files here. The static page for nsm-console is here. I finally got around to releasing the next version of the nsm-console. This version incorporates a large amount of […]

  posted in automation, framework, freebsd, hacking, hex, network, networking, nsm, nsm console, pcap, ruby, script, security by Lee

• Compile Ettercap-NG-0.7.3 natively on Leopard Fix

  November 15, 2007

  UPDATE 2: njstaticuser mentioned he would like to know where to get this file below: I believe the file should be in /opt/local/var/macports/build/ – there should be a folder called _opt_local_var_macports_sources_rsync.macports.org_release_ports_<ettercap-ng> where <ettercap-ng> will be something like “net_ettercap-ng” (I don’t know the exact name because it has been cleaned from that directory). Under this directory […]

  posted in compile, ettercap, fix, hacking, leopard, osx, security, sniffing by Lee

• aimsnarf version 0.11 released

  November 12, 2007

  Yea yea, I know, it’s only been a few hours since the first release. Well, here’s the new release with a couple of major todos taken care of: Download the script here. Read about aimsnarf in the previous post about it. Changes in this version: Trillian is now supported, as well as AOL’s AIM client. […]

  posted in dsniff, hacking, linux, mac, monitoring, pcap, programming, ruby, script, security, sniffing, tcpdump, wireshark by Lee

• Tutorial: Sniffing iSCSI traffic for a spoofing attack

  June 21, 2007

  Also known as “Why you need some kind of iSCSI security” Okay, after reading Himanshu Dwivedi’s presentation[PDF] on iSCSI security (insecure-SCSI hur hur hur) I decided to try and replicate one of the attacks that he mentioned in the presentation. Following is how I managed to get the data shown of a different machine. Firstly, […]

  posted in hacking, iscsi, linux, networking, security, spoofing, tutorials, wireshark by Lee