Irregular Expressions


April 22, 2012  11:11 PM

FBI Response to hacker network



Posted by: Dan O'Connor
PIXIE DNS FBI, rogue DNS server. FBI DNS

Very interesting response to taking down the network.  I am thinking that there would be a limited amount of people that are going to know to even look at this.

http://www.dailymail.co.uk/news/article-2133134/Hundreds-thousands-lose-access-internet-July-result-hackers-advertising-scam.html

I can see why they proceeded as they did, I sure hope the bad guys were nice enough to specify a secondary DNS server.

TL;DR;

Go here and make sure you are not infected.

http://www.dcwg.org/

http://www.dcwg.org/

April 18, 2012  11:40 PM

Smash The Stack Logic Level 1 * Spoiler *



Posted by: Dan O'Connor
logic level 1, smash the stack, smashthestack, smashthestack logic level 1, smashthestack logic level1, smashthestack solution level 1

I had a bit of time so I thought I would take a look at Level 1 on Logic.

Not much of an introduction.. http://logic.smashthestack.org:88/

We don’t have shell access and only have the link to the uploader.  If you submit a file the next page is PHP, so we know the site is PHP enabled.

First thing I tried was a basic hello php script, just to see what would happen.

Ta-da it worked, we got a hello back.

Next I tossed some ‘ls’ commands at various directories to see what was going on.

Not much stands out, just the README file left in the level1 home directory.

Congrats on getting to the shell. Now you must find the password for level2.
Once you have found the password you can reconnect to the server as the level2 user:
ssh -p 2227 logic.smashthestack.org -l level2
You need not look far from home

So now what? lets take another look at the home directory with a ‘ls -alh’.

There is one more file to look at, a .bash_history.

ls
who
cat README
ach3sa6F
clear
su level2

Yay for fat fingers, there is the password.


March 31, 2012  12:05 AM

A statement on post 9/11 security



Posted by: Dan O'Connor

I hate flying, I hate going through security have to open my pants in the middle of an air port because I have a rocking belt buckle. I hate tearing my bag open and have to fiddle with my laptop and camera then wonder what the last guy that had the loaner laptop was doing in his garage. That I really worry about I have worked around a lot of farms and worried about fertilizers setting off that sniffer becaus I know they use them still. I had all but given up wearing shoes with laces when I travel.

Then we got the body scanners oh how I loath those. I really do enjoy people who make a fuss about them, and I really enjoy the people the walk right past them when no one is looking.

Bruce did a great debate over post 9/11 security and posted his closing comment on his blog.

http://www.schneier.com/blog/archives/2012/03/harms_of_post-9.html

Did I mention how much I hate flying?


March 30, 2012  11:52 PM

It’s March 31st do you know where your DNS is?



Posted by: Dan O'Connor

Chances are that you do, in the sense that my previous sentence made no sence and the Internet is working just fine for you.

http://www.cricketondns.com/post.cfm/could-a-ddos-attack-against-the-roots-succeed

There was a threat to take down the root name servers and at the time I did not think much of it, it’s more complicated then you would think. The link does a great job of explaining.


March 30, 2012  11:44 PM

Massive payment processor breach



Posted by: Dan O'Connor

http://krebsonsecurity.com/2012/03/mastercard-visa-warn-of-processor-breach/

Numbers appear to be more then 10 million.

Nothing on the technical bits yet, press conference on Monday April 2.


March 30, 2012  1:18 AM

Facebook Forensics



Posted by: Dan O'Connor
facebook, Forensics

Yay for forensics.

http://www.wired.com/threatlevel/2012/03/facebook-ownership-forensics/

Faking forensic data seems simple from the outside but when you really get to the nitty gritty it is not the simplest problem to solve.
This case revolves around a contract that gives him half owner ship of Facebook.

The details are in the story. The main point here is that files just don’t appear on a system. Also if you want to clean your drive reinstalling windows just does not cut it.


March 30, 2012  1:01 AM

Sealand Data Hosting



Posted by: Dan O'Connor
havenco, Sealand

I have followed any news about Sealand for a very long time. I also remember the failed attempt of hosting on it.
Here is a great outline;

http://arstechnica.com/tech-policy/news/2012/03/sealand-and-havenco.ars/1

I can’t imagine the technical issues of running a datacenter seven miles off the coast on cement pontoons tweety five off the ocean. Never mind keeping it powered up, connectivity would be a nightmare. Fiber? Yea I guess so, good luck with that. Satellite, better but expensive. Microwave is a good option, but anyone you pick has to go somewhere and that is the main problem. You can start your own nation but whats the use if no one wants to talk to you.


March 22, 2012  9:54 PM

Verizon Data Breach Report



Posted by: Dan O'Connor

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012-press_en_xg.pdf

That time of year again.


March 21, 2012  11:44 PM

Will Exploit For Food err Profit.



Posted by: Dan O'Connor
encryption as munitions, exploits as munitions, vulnerabilities as munitions

I can’t say I am comfortable with this.

http://www.forbes.com/sites/andygreenberg/2012/03/21/meet-the-hackers-who-sell-spies-the-tools-to-crack-your-pc-and-get-paid-six-figure-fees/

But regrettably it is the nature of people, someone wants to buy a weapon, someone will sell it to them.

If encryption is listed as a munition then by no stretch then should exploits or the knowledge to create a specific exploit a vulnerability.

With a national budget to spend, it is not inconceivable that you could create something with far more impact then Stuxnet.  In fact this makes me rethink where those Stuxnet vulnerabilities came from.

I see no difference between this and arms running.


March 20, 2012  1:16 AM

Megaupload



Posted by: Dan O'Connor
megaupload google, torrentfreak google hotfile megaupload

Keep an eye on the Megaupload story for a little while, it appears that the wrong paper work was filed.

http://www.bbc.co.uk/news/technology-17428612

http://torrentfreak.com/megaupload-seizure-order-null-and-void-says-high-court-120318/

This happened a few days ago, but we are starting see updates.

Basically the police involved filed out the paper work for the wrong type of seizure. Also using information from the first ‘errored’ raid, addition evidence was uncovered and seized.

The courts will be ruling if the property should be returned soon.

Also google is involved in another relevant case that could effect this.

http://torrentfreak.com/google-defends-hotfile-and-megaupload-in-court-120319/


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: