Tool Of The Week
Inprotect - A web-based GUI for Nmap and Nessus. Thank you ducksauce.
Stories for Discussion
Laptops Searched and Confiscated at U.S. Border - [Nick, Joe] - (NY Times, Slashdot) - According to the article, a knowledgeable lawyer said: "[Border guards] don't need probable cause to perform... searches under the current law. They can do it without suspicion or without really revealing their motivations." And an ACTE exective is quoted, "Potentially, this is going to have a real effect on how international business is conducted." .... Time to read Twitchy's paranoid security paper! Encrypt those drives!
Bluetooth Vulnerabilities Uncovered - [PaulDotCom] - Nice GUI to some bluetooth brute forcing applications.
Hacking contactless credit cards made easy - [Joe, Larry] - US security researchers have demonstrated how easy it might be for crooks to read sensitive personal information from RFID-based credit and debit cards [Larry] - The readers are readily available for about $120. Even still, I'm getting my RFID tag.
.Bank Domain Names - [PaulDotCom] - Is this a good idea?
Re-using Windows Hashes - [PaulDotCom] - Why bother cracking the hash when you can re-use it?
Wifi Exploits Coming to Metasploit - [Joe, Larry, Nick] - Metasploit will implement Cache's LORCON and most likely include the exploit Cache demoed at the recent Microsoft BlueHat conference. [Larry] - eWeek misreported that LORCON was written by Cache, when his website says it was Written by JoshWr1ght and Dragorn. Either way, Metasploit 3.0 is looking to be VERY promising.
MoKB starts: MOKB-01-11-2006 - Apple Airport 802.11 Probe Response Kernel Memory Corruption "The Apple Airport driver provided with Orinoco-based Airport cards (1999-2003 PowerBooks, iMacs) is vulnerable to a remote memory corruption flaw. When the driver is placed into active scanning mode, a malformed probe response frame can be used to corrupt internal kernel structures, leading to arbitrary code execution." -HDM
The Microstumbler project - [Joe] - The Microstumbler project is aimed at adding autonomous network scanning capabilities to a wireless card ; that's to say, your can scan wireless networks using just your wifi card and no computer : a LCD and a simple 3-key keypad are connected to it, and it's powered by a battery.
OW.A.S.P. Pantera - [Larry] - Looks to be a pretty cool web app testing tool. I still need to check it out, but the features look nice. Based on Python, and ther eare some good features scheduled for the future - fuzzing, etc. Looks like it will also be on the Backtrack CD soon too.
Hackers break into Water System network - [Larry] - Desn;t appear to be a targeted attack, but the hackers could have used this to raise chlorine levels in the water to unsafe levels. Two problems here - need better defense in depth on desktops, and more importantly, whay are these types of control systems internet connected? I also read somewhere this week that something like 200 of these types of systems had been compromised over tha last year, but I can't find the story...
Wireless firmware-level attacks - [Larry] - Nice job Josh and Mike. Firmware fuzzing is getting big, but it looks like they sat on this one for a long time.
Segate Tries Encrypted Drives - [Larry] - About time that this happens - drive encryption in hardware. See story number one on why this could be a good thing. Bad thing but works like it shoud) - looks like if you lose the password the drive becomes unusable. I wonder if a "reformat" would make it usable...
Sendmail enteres Messageing Security Market - [Larry] - Sendmail? Security? Isn't that ironic? Can you say "Friendly Fire" and "Millitary Intelligence"?
Other Stories of Interest
Schneier Speaking in our backyard - [Larry] November 16th at the ACLU in Providence.
UK video on wireless security - [Joe] - see if you can spot any problems in their technique... [Larry] - check out the rest of the Real Hustle videos on GooTube.
Decode the barcode in your license - [Joe] - this is pretty cool. lets make some fake ids!