Archive for the ‘cyber culture’ Category

The T50 v5.3 includes:

  1. New License: It is, finally, licensed under GPL Version 2.0. Please, refer to LICENSE document for further information.
  2. CIDR Support: Classless Inter-Domain Routing support for destination IP address, using a really tiny Calgorithm. This would allow the T50 v5.3 to simulate DDoS in a laboratory environment.

      001 netmask = ~(all_bits_on>>cidr);
      002 hostid = (int)(pow(2,(32-cidr))-2);
      003 __1st_host = (ntohl(addr)&netmask)+1;
      004 __lst_host = (ntohl(addr)&netmask)+hostid;

  3. ELEVEN NEW Protocols: ELEVEN (11) more protocols supported by T50 v5.3 (IGMPv3, EGP, DCCP, RSVP, RIPv1, RIPv2, GRE, ESP, AH, EIGRP and OSPF).
  4. Exotic Protocols: Advanced options and protocol crafting for RSVP, EIGRP, OSPF and GRE were added, allowing users to make any combination while using those exotic protocols. By the way, EIGRP is a proprietary protocol developed by CISCO Systems, Inc.
  5. TCP Options Support: TCP Options (MSS, NOP, EOL, WSCALE, TSTAMP, T/TCP CC, SACK, MD5 and TCP-AO) are supported to improve the TCP protocol.

download t50 http://www.4shared.com/file/Zja31l82/t50-245r-H2HC.html

[videolog 614528]

Advertisements

Mallory is a transparent TCP and UDP proxy. It can be used to get at those hard to intercept network streams, assess those tricky mobile web applications, or maybe just pull a prank on your friend.

In more technical terms, Mallory is an extensible TCP/UDP man in the middle proxy that is designed to be run as a gateway.

The goal is to man in the middle traffic for testing purposes. The ideal setup for Mallory is to have a “LAN” or “Victim” network that Mallory acts as the gateway for. This can be configured within a virtal machine environment using host only network interfaces. The victim virtual machines then configures the Mallory machine as the gateway by manually setting its gateway. The gateway machine will have at least one WAN interface that grants Internet access. The victim network then uses the Mallory gateway to route traffic.

Folder Structure

* ca – certificate authority files including Mallory’s private key
* certs – MiTM certs that are created on the fly
* db – directory where mallory stores all database files
* mallory – empty directory
* src – where the code lives
* scripts – scripts used to configure mallory enviorment

You can download Mallory here:

mallory-tip.tar.gz

http://intrepidusgroup.com/insight/mallory/

1. Dont assume anything. Make some time to learn about securing your system.

2. Acquire and use a reliable antivirus program. Select an antivirus that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.

3. Acquire and use a reliable firewall solution. Again, independent reviewers are your best bet for reasonable choices. Some operating systems come with a firewall which only filters incoming traffic. Use a firewall that can control both incoming and outgoing Internet traffic.

4. Do not open e-mails coming from unknown or distrusted sources. Many viruses spread via e-mail messages so please ask for a confirmation from the sender if you are in any doubt.

5. Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.

6. Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. This kind of messages is considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.

7. Avoid installing services and applications which are not needed in day-by-day operations in a desktop role, such as file transfer and file sharing servers, remote desktop servers and the like. Such programs are potential hazards, and should not be installed if not absolutely necessary.

8. Update your system and applications as often as possible. Some operating systems and applications can be set to update automatically. Make full use of this facility. Failure to patch your system often enough may leave it vulnerable to threats for which fixes already exist.

9. Do not copy any file if you don’t know or don’t trust its source. Check the source (provenance) of files you download and make sure that an antivirus program has already verified the files at their source.

10. Make backups of important personal files (correspondence, documents, pictures and such) on a regular basis. Store these copies on removable media such as CD or DVD. Keep your archive in a different location than the one your computer is in.

The Cryptohaze Multiforcer is a high performance multihash brute forcer with support for per-position character sets, and very good performance scaling when dealing with large hash lists. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on a GTX260/216SP@1.24ghz card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate – not the search rate. The search rate is 380M * 1.4M passwords per second!

Platforms

The Cryptohaze Multiforcer supports Windows, Linux, and Mac OS X. An nVidia GPU with CUDA support (8000 series, 9000 series, GTX200 series, GTX400 series) is required for this to function. Additionally, a reasonably modern driver with CUDA support will be required. However, to see good rates, a fairly powerful GPU is required. GTX200 series cards are the lowest recommended cards.

Usage

The Multiforcer takes two files as inputs: the hash file, and the character set file. The hash file is very simple: One hash per line as follows:

Hash input file

C55DC1C662628C7B3B85635A4E96262A
5F4DCC3B5AA765D61D8327DEB882CF99
0040F2ABC2CFF0C8F59883B99AE9FAB6
D41D8CD98F00B204E9800998ECF8427E

The character set file is slightly more complex. For a single character set (the same character set applied to all positions), the character set file is very simple: Just the character set in a file, followed by a newline:

Single charset file (-c parameter)

abcdefghijklmnopqrstuvwzyx0123456789

You can download CUDA-Multiforcer here:

MacOS (Intel Only) – CUDA-Multiforcer-Mac-0.72.tar.bz2
Windows (64-Bit Only) – CUDA-Multiforcer-Windows-0.72.zip
Linux – (32 & 64-Bit) – CUDA-Multiforcer-Linux-0.72.tar.bz2

Katana is a portable multi-boot security suite which brings together many of today’s best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal
. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Able, and many more.

New in V2

This version has a bunch of new stuff all around. One major addition to the project is Forge. This tool facilitates a simple point-and-click installation for adding even more distributions to Katana Bootable. This new version also adds the Computer Aided Investigative Environment (CAINE) for a live forensics environment and Kon-Boot for bypassing password. Much effort was placed on the installation of additional applications to the Katana Tool Kit. These new applications include Metasploit, NMAP, Cain & Able, John the Ripper, Cygwin, and more.

Bootable

* BackTrack
* the Ultimate Boot CD
* CAINE
* Ultimate Boot CD for Windows
* Ophcrack Live
* Puppy Linux
* Trinity Rescue Kit
* Clonezilla
* Darik’s Boot and Nuke (DBAN)
* Kon-Boot

A full list of the tools available is here.

You can download Katana v2 here:

Torrent – katana-v2.0.torrent
Direct – katana-v2.0.rar

Or read more here.

PoC to generate Reverse TCP backdoors, running Autorun or LNK USB infections, but also dumping all USB files remotely on multiple targets at the same time. USBsploit works through Meterpreter sessions with a light (27MB) modified version of Metasploit. The interface is a mod of SET (The Social Engineering Toolkit). The Meterpreter script usbsploit.rb of the USBsploit Framework can otherwise be used with the original Metasploit Framework.

usbsploit-0.3-BETA-linux-i686.tar.gz

more info