==Phrack Inc.== Volume 0x0b, Issue 0x3f, Phile #0x14 of 0x14 |=-----------------------------------------------------------------------=| |=--------------------=[ W O R L D N E W S ]=--------------------------=| |=-----------------------------------------------------------------------=| *** NSA & PHRACK *** .. And in a positive way. See: http://www.nsa.gov/snac/ Which has a section specifically for routers: http://www.nsa.gov/snac/downloads_cisco.cfm?MenuID=scg10.3.1 And on page 80 Phrack is at the top of the list of references. **** QUICK NEWS **** QUICK NEWS **** QUICK NEW ***** QUICK NEWS **** **** QUICK NEWS **** QUICK NEWS **** QUICK NEW ***** QUICK NEWS **** **** QUICK NEWS **** QUICK NEWS **** QUICK NEW ***** QUICK NEWS **** And once gain ... two big companies, Cisco and ISS, try to scare free researchers to not talk about the problems in their software. Michael Lynn has shown great courage and made use of his natural-born rights: to talk. Quote from his homepage: 'People who know me will tell you I have a long history of not being afraid of people I should.' Kudos to Lynn from the Staff @ Phrack. From Michael Lynn's homepage: A dangerous culture regarding hardware based network devices as impervious to remote compromise has been allowed to exist. Mike has taken on enormous personal risk to do the right thing for the security research community by coming forward with his research and bringing this problem into focus. Cisco has consistently been on the forefront of this dangerous culture. They exercise a strategy of walling off updates and information only to those with support contracts. In many areas of critical infrastructure, engineers are often limited in their ability to utilize the latest security updates due to their IOS feature train. For years, attempting to adopt SSH as the primary method of administration for Cisco hardware has provided a perfect example of Cisco's broken security culture. Their handling of this situation is putting icing on the cake. We must encourage change in Cisco's security culture. ISS's actions to date have shown an effect of this broken security culture. ISS's handling of this critical security threat and the researcher that found it have been less then desirable. We are confident our free-market business and media environment will result in both ISS and Cisco learning lessons from this event. http://www.nicklevay.net/ http://blogs.pcworld.com/staffblog/ http://blogs.washingtonpost.com/securityfix/2005/07/update_to_cisco.html --- Welcome to Austin/Texas International Airport. Please check out our new camera system. We can spy on our employees, our citizans and even on our president. Try it out now: http://lobbycamera4.abia.org --- Microsofts goes l33t: The 31337 dictionary http://www.microsoft.com/athome/security/children/kidtalk.mspx --- This is a big fuckup of what happens if you dont watch out: 1) An attack happens 2) Politicans scare the shit out of the people and tell them it will happen again! 3) People accept to give up their rights, their freedom and their brain. 4) People get fucked by what the policticans told them would help against terror. Ladies and Gentlemen, the TSA-FUCKUP: http://www.komotv.com/stories/37150.htm I love this quote: And I said what about my constitutional rights? And they said 'not at this point ... you don't have any'." --- DVD copy software illegal in the netherlands. http://www.theregister.co.uk/2005/07/25/dvd_copy/ http://www.theregister.co.uk/2005/07/25/uk_war_driver_fined/ Wait a moment? The software? I would even protest if it would be the act of copying. But the software? What fuckup is this? 1) I buy a DVD 2) I buy software to copy DVD 3) I make a copy of my OWN DVD for MY OWN purpose 4) I make a copy of my OWN DVD for my FRIEND 5) I make a copy of my friends DVD for MY FRIEND 6) I make a copy of my friends DVD for ME 7) I make MANY copies of my friends DVD for OTHERS So where does warez trading start? Netherlands, that was a bad move. The people of the Netherlands are not stupid. They will never allow you to forbid them to make a copy of their own DVDs. And for sure you will never ever be able to forbid them to develop and research software to copy DVDs or any other software. Other countries would have sponsored smart guys who can write such software. The people of the Netherlands will fight for their rights. Free speech & free research will win in the end. --- |=-------=---------------------------------------------------------------=| |=[ Social Penetration Testing ]=----------------------------------------=| |=-------=---------------------------------------------------------------=| By Pascal Cretain (Pascal_Cretain@mail.com) I' say with certainty that the MD5 checksum of each and every one of the last, say 200 days has not been tampered with and is the same in all cases. It's yet another dull day in the office and I'm bored out of my f***ing skull. This new client not only wants an 'external blind pen test' they also want 'comprehensive static code analysis'. Why they are paying money to 'secure' this monstrosity is beyond me. It doesn't even have an authentication section. Bollocks. A DNS zone transfer request greets me cheerfully with all their internal network structure...not that I will need that since they have only asked for webserver testing but it's good to know anyway. I launch that damn nessus scan for the millionth time and I senselessly wait for the attack progress bar to complete'no joy. I fire up Nikto, Webscan, N-Stealth AND ISS at the same time enabling all dangerous plugins in an attempt to DoS this ugly webserver, certainly not running Free/GNU open source software but something proprietary and expensive starting from I and ending in IS. In addition to that I launch independent SYN FLOOD attacks and distributed teardroping to improve my chances of achieving the goal. Soon, the website falls clumsily like a non-armoured villager in the battle of Waterloo. I smile with content as the overbloated, dysmorphic, dynamic html pages are soon replaced with a plain, powerful, beautiful and snowy white 404 error. A minute of silence and peace is instantly shattered by the phone ringing. It's the operations manager. - Pascal, they people from Dorksershire_Upon_Avon just called me complaining that the website is down. Does that have something to do with the pen testing we perform? - Well , partially yes, I respond. And then, more aggressively I explain "If the client wants a penetration test to be complete they have to get their website tested against Denial Of Service Attacks, the most innocuous and common type of attack nowadays. They will thank us for that, eventually. Moreover, we had warned them about the danger of DoS when they signed the contract. Despite the fact that we take every precaution to avoid such a side-effect, DoS is a risk that comes bundled with proper testing. I clearly remember that sales guy. He'd thought that with the term DoS I meant that black, command-line pre-windows OS, the one that emptied the screen when you typed CLS. Oh well. - Thank you Pascal, I will inform them. It's already 4+30...I'd like to escape earlier today, especially now, after the DoS unfortunate 'incident' that has put a temporary pause to our duties I can't do much. The operations manager is now gone, or he might even be in the loo, who cares, now is my ultimate chance to scram. Within seconds, literally, I'm sitting right in the middle of the 'Thirsty Fox' pub. Oooh I love this place. - Pint of John Smith's please - Sure mate - Cheers - Cheers A fractal amount of ale gets spilled over the counter - Sorry - Sorry - That's all right mate - Cheers - Cheers I grab the glass and drink half of the beer in one go. Then I look around for female presence vulnerable to man in the middle attack. Equipped with my brand new 'penetration testing anyone?' t-shirt, I can't lose. There she is! Black hair, my type. I down the rest of my drink, order another pint. - Pint of John Smith's please - Sure mate - Cheers - Cheers I Grab the glass and make my move. - Hey - Hiya. - You come here often? I say with an epic voice - Yeah , quite often she responds uninterested - You know, I'm a penetration tester. My voice is deep and certainly erotic. - *Silence* - I'm a hacker, I say, and I get paid to do it. - Ha. That's interesting. Do you hack hotmail? - Of course, I respond confidently. I'm a Hotmail Hacking Certified Reverse Engineer and president of the British Open Source institute for ...mm...E-mail Compromise (HHCRE&PBOSIEC) - Wow, she says impressed. Could you offer me your valuable help then please? There is a particular email account that I have forgotten the password for and has critical information for me. The account is Brutus_Needham@hotmail.com...Would you help me hack it? - Sure, no worries. Why don't we finish these drinks and be gone, I live nearby. In my place I got 1Gb Download/512MB X-DSL access, 3 workstations and 2 mainframes running different command-line OSs. In the worst case scenario, we can always run a distributed john the ripper dictionary attack using my VERY LONG AND THICK dictionaries, I say in an attempt to impress. The girl is moving her head, looking somehow puzzled. We'll sort out your situation in a jiffy, I add to simplify things. Say, how can this be your email account, tho'? isn't that a man's name? I say while blinking at the same time. - Well. _blush_ ok you got me! It's my darn ex boyfriend and I have to find out what he has been doing! If you don' mind. - No worries, we can take care of that. I'm glad I can be of assistance. Your female friend can join us as well if she feels like a 'small penetrating class' free of charge!, I say, while making some fast, and certainly erotic & meaningful gestures. - Yeah, why not! sounds like fun! , both girls reply. - Bingo. Let's get to some real penetration testing, I think to myself while smiling. I don't own a car since I believe that it's a good idea not to acquire products that will make your life more stressful and costly. Why pay car insurance, petrol and refrain one's self from the wonderful act of drinking John Smith's when you can use public transport completely wasted, or walk, or cycle (wasted). Generally, I consider that people should only buy goods that they absolutely need. An oscilloscope, for instance, is an example of an absolutely necessary device, that's why I own two of them. Other than that, not owning things provides the luxury of being flexible, free, and ensures you tread lightly on this earth. Anywayz. So we walk home, myself in the middle , girls on both sides. - So, what's your name, hacker? One of the girls asks. - Pascal, I reply. Pascal Cretain. - Ha, this is not a very usual name. Where do you come from , Pascal? - I come from the land of Compromise. I respond, looking at the void. - You are an interesting one, Pascal. I honestly hope you're not bullshiting around with us. - As a true hacker, I will speak with actions and not with useless words, I say. Just wait till we crack that Brutus who needs ham, girl. Soon, all three of us are sitting comfortably in my messy 'IT room'. One of the girls asks: - Hey, where is your equipment mate? Didn't you say you had five computers with X-LSD internet? All I can see is a shitty laptop! What's going on? And where is the LSD? - Don't worry honey, I reply with a calm voice. My computer equipment is all here. But not quite. This laptop basically is the access point to my REAL IT infrastructure, which resides somewhere near - very near. Unfortunately, due to non-disclosure confidentiality agreements, I cannot inform you of the real location of my computers, nor show you around, tho' I'd love to - sigh. The girls are gazing at me, unconvinced - Oh well , whatever. D'you have anything we can drink then? - Sure, I got John Smith's premium Ale. They grab a can each and start chatting about online shopping. I grab a can and quickly get to work . I browse to passport.net, then reset password, choose country, type in the username....wait for the Brutus' 'Secret' question. Fuck yeah! - Hey, girl, you didn't tell me your name. I ask the 'interested party'. 'Jude' she responds..I type in the answer to Brutus's secret question, then reset the password to 'Oscilloscoped' - Mine is Gloria , the other girl says. - Hey Jude, I says. Wanna come over here? I got somethin' for you. Fact I got two. I blink. Both girls approach. I sit back and smile. It's not such a bad day after all. |=[ EOF ]=---------------------------------------------------------------=|