SombrerosBlancos.com

Study: nature > cities as mental restorative

RSS — Tue, 06 Jan 2009 22:14:00 +0000

A recent study suggests that viewing natural scenery—even if only a photograph of it—can help restore some advanced cognitive functions. Unfortunately, it's not clear that the theory behind this makes any sense.

The Microsoft Windows 7 Upgrade Program

RSS — Tue, 06 Jan 2009 21:34:32 +0000

Tech ARP has a collection of dates regarding Microsoft's update program. The upgrade program concerns upgrade paths from Windows Vista to Windows 7, and basically entails that when you buy a Windows Vista machine after July 1 2009, you will get a free upgrade to Windows 7 once it's released. The data also confirm a number of versions for Windows 7.

(05/01/2009) Acceso a la raíz del sistema de archivos en Samba

RSS — Tue, 06 Jan 2009 21:16:10 +0000

Se ha anunciado una vulnerabilidad en Samba por la que un usuario remoto autenticado podría llegar a acceder a determinados archivos del sistema.

UIQ Files for Bankruptcy

RSS — Tue, 06 Jan 2009 21:06:23 +0000

Amidst the hubbub over MacWorld 2009, El Reg quietly noted that the company UIQ, the joint venture of Sony Ericsson and Motorola and eponymous creator of the UIQ interface layer for the Symbian smartphone OS, has filed for bankruptcy in the Swedish courts.

Mac OS X Server Turns 10

RSS — Tue, 06 Jan 2009 20:57:56 +0000

At the MacWorld Expo today in San Fransisco, Apple announced new versions of iWork and iLife, as well as an updated 17" MacBook Pro, which promises a battery life of 7-8 hours. More interesting, however, is the fact that yesterday was Mac OS X Server's 10th birthday.

Judge: transcoding doesn’t block Veoh “safe harbor” defense

RSS — Tue, 06 Jan 2009 20:23:00 +0000

Universal Music Group says that user-generated content sites like Veoh can't dock in a "safe harbor" if they do anything except store videos—even transcoding destroys immunity. A judge is having none of it.

Apple, labels both win with DRM-free iTunes, tiered pricing

Erica Sadun — Tue, 06 Jan 2009 19:48:00 +0000

Apple has apparently crafted a compromise with the major record labels, dropping DRM and introducing tiered pricing.

Rosoft Media Player 4.2.1 Local Buffer Overflow Exploit

RSS — Tue, 06 Jan 2009 19:40:50 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Goople 1.8.2 (frontpage.php) Blind SQL Injection Exploit

RSS — Tue, 06 Jan 2009 19:40:50 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Judge doesn’t buy state secrets privilege, OKs wiretap suit

RSS — Tue, 06 Jan 2009 19:31:00 +0000

An Islamic charity has established its right to sue the government over warrantless surveillance, a federal court ruled Monday.

AMD’s Neo processor debuts in HP notebook

RSS — Tue, 06 Jan 2009 19:01:00 +0000

AMD talked up its new ultra-portable lineup in November and is partnering up with HP to showcase actual products at CES this year. The companies have designed an ultra-portable that's gunning for the narrow space between netbook and notebook, with features they hope will appeal to users wanting just a bit more power, or those wanting to save money without compromising weight, screen size, and features.

Newer PCAPs for BETA testing

RSS — Tue, 06 Jan 2009 18:41:00 +0000

New set of PCAPs.

NMAP PCAPs

New Web Browser Sploits

New Random Sploits

Kindly, download the PCAPs, test it and let us know your reviews at contact.fingers @ gmail.com.

- EF

Apple reveals 17″ MacBook Pro, iTunes going DRM-free

RSS — Tue, 06 Jan 2009 18:23:00 +0000

Apple today announced a handful of new products at Macworld Expo '09 in San Francisco. It may be the company's last time attending the trade show, but Apple had a collection of both new software and hardware products to show off on stage.

China comienza una campaña contra los grandes de Internet

Raúl — Tue, 06 Jan 2009 17:42:00 +0000

Acusó a 19 buscadores, entre ellos Google y Baidu, de no suprimir contenido "vulgar" y no hacer caso de las advertencias de los censores.

China lanzó una campaña contra las principales páginas webs cuando el país entra en un año políticamente sensible, y en ella las autoridades acusan a buscadores líderes como Google y Baidu de expandir la pornografía y la vulgaridad.

Un informe aparecido en una web oficial de noticias (www.china.com.cn) dijo que los infractores reincidentes y aquellos que tienen una "influencia maligna" deben ser denunciados, castigados y clausurados.

El Ministerio de Seguridad Pública y otras seis agencias gubernamentales anunciaron la campaña en una reunión el lunes, informó la televisión estatal, mostrando imágenes de retirada de equipo digital de una oficina no identificada.

La reunión "decidió lanzar una campaña en todo el país para limpiar la actual vulgaridad de Internet y dio a conocer un gran número de casos en los que se violaba la moralidad pública y se dañaba la salud mental y física de niños y adolescentes", dijo la información periodística, citada por la agencia Reuters.

Los 19 operadores de Internet y páginas web nombradas en la reunión fracasaron en suprimir el contenido "vulgar" y no han hecho caso de las advertencias de los censores.

Baidu domina los buscadores chinos y el mercado de publicidad con aproximadamente dos tercios de la audiencia. Google, el líder del mercado mundial, ocupa un distante segundo puesto en China.

Cui Jin, del área de relaciones públicas de Google en la oficina de Pekín, dijo que no iba a comentar la información, pero añadió que la compañía respeta las leyes.

"Si (los usuarios) encuentran contenido que es contrario a la ley china, pueden informar de ello a Google. Y si entendemos que es verdaderamente ilegal, lo trataremos de acuerdo con la ley", señaló.

Sun Yao, representante de Baidu, declinó hacer comentarios cuando Reuters se puso en contacto con ellos, diciendo que la empresa estaba preparando una declaración pública.

El Partido Comunista en el poder recela de las amenazas a su estricto control de la información y lanzó muchos intentos de censura, centrándose en la pornografía, las críticas políticas y las estafas por Internet. Pero esta vez las autoridades han decidido ir más lejos.©

Fuente: iProfesional.com

RiotPix 0.61 (Auth Bypass) SQL Injection Vulnerability

RSS — Tue, 06 Jan 2009 17:38:54 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Más espacio para el Eee PC

admin — Tue, 06 Jan 2009 17:31:48 +0000

Tras haber aumentado la memoria RAM (dicen que con resultados mucho más espectaculares en XP que en Linux, donde sólo aprecio mejoras en la reproducción de vídeo), otra de las escaseces de nuestro pequeño maquinón es el espacio de almacenamiento, ya que 3 de los 4 GB con que cuenta el disco SSD del 701 se esfuman fácilmente tras cualquier instalación de una distro Linux en condiciones. Pero lo cierto es que cuando no queremos renunciar a la última versión de Firefox u OpenOffice hemos de dejar de lado el fabuloso -pero limitado- Xandros original y pensar seriamente en instalar otra cosa (en mi caso particular, primero me incliné por Mandriva 2009, que luego sustituí por Eeebuntu Base 2.0 como pilar fundamental de un sistema construido a la medida de mis necesidades). Las posibilidades de aumentar el espacio disponible tras instalar una distro "seria" son varias, pero una de las que me pareció más atractiva fue mover todo el directorio home a una tarjeta SDHC (en mi caso de 4 GB, por poco más de 10 euros). De este modo (además de disponer de un nuevo y mayor espacio de almacenamiento para nuestros ficheros, a la vez que liberamos un espacio interesante del disco SSD), siempre podremos contar además de una copia de seguridad, completa y extraíble, de nuestro home. Vamos a ello...

Conference: Black Hat DC 2009

GSOFeeder — Tue, 06 Jan 2009 17:30:03 +0000

Training: February 16-17
Briefings: February 18-19

More information on the event can be found on the organizer web site.

* DTV Transition: Facts and Fallacies *

RSS — Tue, 06 Jan 2009 17:28:34 +0000

If you live in the United States, then it's almost certain you've heard about this big digital switch that public television is making due to a new US law. If you live outside of the US, I bet you've heard of it anyway since we like to let people know what we're up to. The big day that's coming up -- February 17th, 2009 -- that magical date when all television stations will historically abandon the infamous analog broadcasting for greener, digital pastures -- didn't strike fear into the hearts at my household. We rarely utilize the antenna, and then only two to four times a year for a special program. Nonetheless, we got our hands on one of those nifty coupons anyway and went out to purchase a digital converter for the sake of those few intrinsic public broadcats. Read on for the whole story. Read more on this exclusive OSNews article...

Debian GNU/Linux XTERM (DECRQSS/comments) Weakness Vulnerability

RSS — Tue, 06 Jan 2009 17:11:18 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

ezPack 4.2b2 (XSS/SQL) Multiple Remote Vulnerabilities

RSS — Tue, 06 Jan 2009 17:01:00 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Macworld.Ars: Macworld 2009 Keynote live on Ars

RSS — Tue, 06 Jan 2009 16:49:00 +0000

Ars Technica will be reporting live from the 2009 Macworld Phil Schiller keynote. A full running transcript of the event will appear here once the event starts.

Whitix 0.2 Released

RSS — Tue, 06 Jan 2009 16:43:10 +0000

Despite what the project name's suffix might imply, Whitix is in fact not a Linux distribution. Whitix is a new operating system, written from scratch, and aims to combine the stability of UNIX with the user friendliness of other platforms. "It will offer a consistent, clear interface and a new way to navigate the desktop while basing the fundamentals on proven system technology updated for the twenty-first century." The project released version 0.2 today.

RiotPix 0.61 (forumid) Blind SQL Injection Exploit

RSS — Tue, 06 Jan 2009 16:24:18 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

PHPAuctionSystem Multiple Remote File Inclusion Vulnerabilities

RSS — Tue, 06 Jan 2009 16:24:18 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit

RSS — Tue, 06 Jan 2009 16:10:32 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit

RSS — Tue, 06 Jan 2009 16:10:32 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit

RSS — Tue, 06 Jan 2009 16:10:32 +0000

Feel free to discuss about this proof-of-concept code

Download:exploit

Troyano DRAT 2009

admin — Tue, 06 Jan 2009 16:02:15 +0000

Buenas, DRAT es un troyano de origen Chino, programado por DST, al parecer en Delphi.
Este posee mutiples funciones, las basicas de un troyano y alguna que otra interesante… Tambien soporta plugins, ya hay varios en su Pagina Oficial. Incluye una opcion para trabajar con todas las victimas o las seleccionadas, a la vez; puede abrirle una direccion en el navergar predeterminado, descargarle y ejecutar archivo o tambien opciones de energia (reiniciar, apagar, cerrar sesion, etc).

Su interfaz esta disponible en Ingles para los que no saben chino xD y bueno, un troyano mas espero que les guste…

Informacion:
El server al ejecutarse se copia al directorio (c:\windows\system32) con el nombre system64.dll y se inyecta en cada inicio en el proceso svchost.exe (c:\windows\system32\svchost.exe)… Por lo que no tendran problemas con el proceso :P.

Descarga:

DRAT 2009 Pagina Oficial
DRAT 2009 RapidShare

Rogue LinkedIn Profiles Lead To Malware

GSOFeeder — Tue, 06 Jan 2009 15:29:24 +0000

LinkedIn is a popular social networking site where you can manage business contacts online. Since you can set up a profile with links to your own website, it seems to attract criminals’ attention as well. A Google search reveals that several hundred fake LinkedIn profiles from nude “Kirsten Dunst” to nude “Hulk Hogan” exist already. The rogue profiles look all alike, with a picture of the celebrity and three links to the parts of the “nude video” like shown in the following picture.

Comcast starts new year with new network management system

RSS — Tue, 06 Jan 2009 15:01:00 +0000

As promised, Comcast has turned off its "P2P specific technique" throughout its network, the company says. Now, it will handle congestion by identifying the problem, not the protocol.

Custom Encryption - No Thank You!

bspirovski — Tue, 06 Jan 2009 14:37:47 +0000

A lot of companies think that they can make the full solution from scratch, including all technical mechanisms for security and encryption. The enterprise customer should tread very lightly when evaluating solutions with custom encryption.

Security update for Samba file server

GSOFeeder — Tue, 06 Jan 2009 14:28:57 +0000

By specifying an empty share name, in the right circumstances, it is possible to access the root directory of a Samba file server

Microsoft Moves Macs Closer to PC Parity

RSS — Tue, 06 Jan 2009 13:53:02 +0000

Microsoft has announced two products designed to provide users of Office 2008 for Mac with improved access to existing server-based Microsoft services. The first of the two, Microsoft Entourage for Exchange Web Services, will be a free upgrade to Entourage 2008 for Mac that will enable that email, contacts, and calendaring client to more fully benefit from the Exchange Web Services built into Exchange Server 2007. The second, Microsoft Document Collaboration Companion for Mac, will be a free Cocoa-based companion app to Microsoft Office 2008 for Mac that's designed to improve document-management control for Mac users of Microsoft's SharePoint Server document-sharing technology. The app will work whether document sharing is provided by enterprise SharePoint Servers, third-party leased or subscription-based SharePoint services, or Microsoft's free (for now, at least) consumer and small-business oriented Office Live Workspace.

Debian 5 Release Approaches… Binary Blobs Included

RSS — Tue, 06 Jan 2009 13:48:33 +0000

"The developers behind the Debian Linux distribution are preparing for the upcoming release of Debian 5, which is codenamed Lenny. The decision to move forward with the release follows a contentious vote over whether to permit the inclusion of binary blobs in the new version of the distribution. Consensus coalesced around a controversial proposal to "assume blobs comply with the GPL unless proven otherwise."

MediaSentry may be gone, but RIAA tactics will live on

RSS — Tue, 06 Jan 2009 13:20:00 +0000

While the RIAA has dropped long-time P2P investigator MediaSentry, the music industry actually needs such services now more than ever. Denmark-based DtecNet will be handling the P2P identification chores in future.

Nuevos contenidos en la Red Temática CriptoRed (diciembre de 2008)

Raúl — Tue, 06 Jan 2009 13:18:00 +0000

Nuevos contenidos en la Red Temática CriptoRed (diciembre de 2008)

Breve resumen de las novedades producidas durante el mes de diciembre de 2008 en CriptoRed, la Red Temática Iberoamericana de Criptografía y Seguridad de la Información.

1. NUEVOS DOCUMENTOS Y SOFTWARE PARA DESCARGA LIBRE DESDE CRIPTORED Y DISI 2008

* DISI 2008: Adventures in Network Security (Vídeo, inglés, Radia Perlman, 75 minutos)
http://www.criptored.upm.es/paginas/docencia.htm#catedraDISI2008Perlman
Diapositivas (PDF, inglés, 95 páginas)
http://www.criptored.upm.es/descarga/RadiaPerlmanDISI2008.zip

* DISI 2008: La Investigación en Seguridad (Vídeo, Arturo Ribagorda, 70 minutos)
http://www.criptored.upm.es/paginas/docencia.htm#catedraDISI2008Ribagorda
Diapositivas (PDF, 27 páginas)
http://www.criptored.upm.es/descarga/ArturoRibagordaDISI2008.zip

* Ciberdefensa: Iniciativas en la OTAN (Vídeo, Daniel Acuña, 27 minutos)
http://www.criptored.upm.es/paginas/docencia.htm#catedraDISI2008Acuna
Diapositivas (PDF, 17 páginas)
http://www.criptored.upm.es/descarga/DanielAcunaDISI2008.zip

* Tecnologías Antiforense (Vídeo, Fernando Fernández, 24 minutos)
http://www.criptored.upm.es/paginas/docencia.htm#catedraDISI2008Fernandez

* Investigación del Cibercrimen (Vídeo, Juan Salom, 23 minutos)
http://www.criptored.upm.es/paginas/docencia.htm#catedraDISI2008Salom

* Guía Metodológica para el Análisis Forense Orientado a Incidentes en Dispositivos Móviles GSM (Carlos Castillo, Rafael Andrés Romero; dirección Jeimy Cano, PDF, 163 páginas, Colombia)
http://www.criptored.upm.es/guiateoria/gt_m142h1.htm

* Evaluación de las Predicciones en Seguridad Informática para el 2008 y el Riesgo de las Predicciones para el 2009 (Jeimy Cano, PDF, 5 páginas, Colombia)
http://www.criptored.upm.es/guiateoria/gt_m142i1.htm

* Actualización del Archivo Exámenes Resueltos Asignatura Seguridad Informática EUI - UPM (Jorge Ramió, Word, 187 páginas, España)
http://www.criptored.upm.es/examen/e_eui_upm.htm

2. NUEVOS DOCUMENTOS RECOMENDADOS PARA SU DESCARGA LIBRE DESDE OTROS
SERVIDORES

* Informe de la Red de Sensores de INTECO del Mes de Noviembre de 2008
(España)
https://ersi.inteco.es/informes/informe_mensual_200811.pdf

* Presentaciones y Artículos de la VIII Jornada Nacional de Seguridad Informática ACIS 2008 (Varios autores, Colombia)
http://www.acis.org.co/index.php?id=1259

* Infosecurity White Paper sobre Lowering Network Risk with Geo-location and Reputation Filtering (Elsevier Infosecurity)
http://mail.elsevier-alerts.com/go.asp?/bEEA001/qC75CT8/x1L8LT8

3. CONGRESOS Y SEMINARIOS POR ORDEN CRONOLOGICO DE CELEBRACION

* Febrero 9 al 13 de 2009: IX Seminario Iberoamericano de Seguridad en Tecnologías de la Información (La Habana, Cuba)
http://www.informaticahabana.com/?q=listeventos_es&e=16&id=es

* Febrero 25 al 29 de 2009: IADIS International Conference e-Society 2009 (Barcelona, España)
http://www.esociety-conf.org/

* Marzo 25 al 27 de 2009: International Conference on Practical Applications of Agents and Multiagent Systems (Salamanca, España)
http://paams.usal.es/

* Abril 20 al 24 de 2009: 18th International World Wide Web Conference WWW 2009 (Madrid, España)
http://www2009.org/

* Abril 23 al 25 de 2009: Cuarto Congreso Colombiano de Computación 4CCC (Bucaramanga, Colombia)
http://serverlab.unab.edu.co/4ccc

* Mayo 6 al 10 de 2009: 7th International Workshop on Security In Information Systems WOSIS 2009 (Milán, Italia)
http://www.iceis.org/Workshops/wosis/wosis2009-cfp.htm

* Junio 10 al 12 de 2009: 2nd International Symposium on Distributed Computing and Artificial Intelligence (Salamanca, España)
http://dcai.usal.es

* Junio 17 al 19 de 2009: IX Jornada Nacional de Seguridad Informática ACIS 2009 (Bogotá, Colombia)
http://www.acis.org.co/index.php?id=1246

* Julio 5 al 8 de 2009: 14th IEEE Symposium on Computers and Communications ISCC 09 (Sousse, Túnez)
http://www.comsoc.org/iscc/2009/

* Julio 8 al 10 de 2009: XV Jornadas de Enseñanza Universitaria de la Informática (Barcelona, España)
http://jenui2009.fib.upc.edu/
CONGRESOS ANUNCIADOS EN LA IACR:

* International Association for Cryptologic Research IACR Calendar of Events in Cryptology:
http://www.iacr.org/events/

4. CURSOS DE POSTGRADO, ESPECIALIDAD Y FORMACIÓN EN SEGURIDAD
* Puedes encontrar los enlaces en:
http://www.criptored.upm.es/paginas/eventos.htm#Cursos

5. NOTICIAS SELECCIONADAS DEL MES DE DICIEMBRE DE 2008
Para ampliar las noticias:
http://www.criptored.upm.es/paginas/historico2008.htm#dic08

* Gira de Seguridad de Microsoft TechNet para el Año 2009 (España)
http://technet.microsoft.com/es-es/default.aspx
http://www.informatica64.com

* CFP 7th International Workshop on Security In Information Systems WOSIS 2009 (Milán, Italia).
http://www.iceis.org/Workshops/wosis/wosis2009-cfp.htm

* 2nd International Symposium on Distributed Computing and Artificial Intelligence DCAI 09 (Salamanca, España).
http://dcai.usal.es/

* Segunda Sesión Anual Abierta de la Agencia Española de Protección de Datos en Madrid (España)
https://www.agpd.es/portalweb/jornadas/2_sesion_abierta/index-ides-idphp.php

* Página de Estadísticas de la Red de Sensores de INTECO (España)
https://ersi.inteco.es/

* Vídeos y presentaciones del DISI 2008 (Madrid, España)
http://www.criptored.upm.es/paginas/docencia.htm#catedraDISI2008

6. OTROS DATOS DE INTERES EN LA RED

* Número actual de miembros en la red: 734
198 universidades y 276 empresas representadas
http://www.criptored.upm.es/paginas/particulares.htm

* Estadísticas estimadas: 20.000 visitas, con 80.000 páginas solicitadas y 32,00 GigaBytes servidos en diciembre de 2008.
En los próximos días se actualizará el apartado estadísticas del sitio Web para incluir el resumen del año 2008.
http://www.criptored.upm.es/paginas/estadisticas.htm

Más Información:
diciembre de 2008
http://www.criptored.upm.es/paginas/historico2008.htm#dic08

Fuente: http://www.hispasec.com/unaaldia/3724

Cisco Press Conference at CES 2009

RSS — Tue, 06 Jan 2009 12:36:48 +0000

Cisco will unveil new consumer products and initiatives during a press conference at the 2009 International Consumer Electronics Show (CES) in Las Vegas on Jan. 7, 2009. Cisco Chairman and CEO John Chambers will be joined by key Cisco executives responsible for the company’s consumer strategy to discuss how Cisco is enabling the connected life through a new class of compelling communication and entertainment experiences that are more visual, more social and more personal.

CISCO CES press conference details

Who:

John Chambers, chairman and chief executive officer, Cisco
Ned Hooper, senior vice president of corporate development, Cisco Consumer Business Group
Dan Scheinman, senior vice president and general manager, Cisco Media Solutions Group
Tony Bates, senior vice president and general manager, Cisco Service Provider Group

What: Chambers and other senior executives will discuss Cisco’s vision for connected consumer experiences and introduce several new products in support of this vision.

When: The Cisco press conference will take place on Wednesday, Jan. 7, from 1:00 to 1:45 p.m. PST.

Where: Press, analysts and bloggers at CES are invited to attend the press conference at the Venetian Hotel, Venetian Titian Room 2206. Appropriate credentials (e.g., badge or business card) will be required.
Press, analysts, bloggers and interested parties not in Las Vegas can attend via a live webcast at http://event.ciscowebseminars.com/clients/cisco/CES2009 (Registration is required to attend this event).

In this video, Ken Wirt, vice president of consumer marketing at Cisco, tell more about what Cisco has planned for consumers.

More info: http://newsroom.cisco.com/dlls/2009/prod_010509.html

Debian 5 release approaches… binary blobs included

RSS — Tue, 06 Jan 2009 12:35:00 +0000

The developers behind the Debian Linux distribution have voted to proceed with the release of the next major version despite ongoing controversy over the inclusion of binary firmware in the kernel.

“Micro-blogging site Twitter had to temporarily suspend accounts belonging to …”

GSOFeeder — Tue, 06 Jan 2009 12:29:20 +0000

"Micro-blogging site Twitter had to temporarily suspend accounts belonging to Barack Obama, Britney Spears and other celebrities after they were hijacked by miscreants and used to spread scandalous and false information that appeared to come from their owners."–Twitter's veracity chewed up by Britney's four-foot vagina

“Another good rule is to only choose security vendors who also perform Vulnera…”

GSOFeeder — Tue, 06 Jan 2009 12:28:47 +0000

"Another good rule is to only choose security vendors who also perform Vulnerability Research and Development ("R&D"). That is to say that the vendor must frequently perform security research against technology, identify vulnerabilities in that technology, create exploits for those vulnerabilities and must release formal security advisories. If they don't then chances are they don't know how to do it, but why is R&D important?

Constable HaX0r loose in the UK? Well, yes and no

RSS — Tue, 06 Jan 2009 11:30:00 +0000

ZOMG, did you hear about how British cops are elite haxx0rz in ur base killing all ur d00dz!!!1! Let's all take a deep breath, shall we?

Embedded Theme for Windows XP and 2003 - Official Theme

RSS — Tue, 06 Jan 2009 11:10:10 +0000

I found this recently and checked it out, it’s really nice, great color, works like a charm. The theme is an official MS theme I suppose, signed by them. Heres a screeny. Go ahead and download the zip archive official_embedded_theme_for_windows_xp_and_2003 and simply run the file inside, then change your theme to the new one, [...]

d4rk-c0de News!

H_acktivis_T — Tue, 06 Jan 2009 11:05:24 +0000

Hello there!

We are glad to announce the launch of our New Forum and IRC Chat.

Join us on our Forum:

Make sure to register - it’s free and very quick! You have to register before you can post and participate in our discussions.

Read more: http://d4rk-c0de.org/d-forum/

Join us on IRC:

Server: irc.securitychat.org
Channel: #d4rk-c0de

ETA no se fía de PGP

admin — Tue, 06 Jan 2009 10:50:57 +0000

Al menos eso dice el diario La Razón, supongo que con algo más de fiabilidad que sus comentarios técnicos respecto a la criptografía de clave pública. Según ese diario, ETA encargó a un técnico el estudio de "nuevas alternativas" de cifrado, ante su progresiva desconfianza en la resistencia de PGP. Otros medios apuntan a la colaboración fundamental de servicios extranjeros de inteligencia "con la capacidad tecnológica para hacerlo" en las últimas detenciones de líderes de ETA, colaboración que podría estar generando cierto descontento en la Policía, debido a que parece que esa ayuda sólo suele llegar a manos de la Guardia Civil.

WITOOL - SQL injection tool

H_acktivis_T — Tue, 06 Jan 2009 10:42:26 +0000

WITOOL is SQL injection tool by .NET (2.0)

- For SQL Server, Oracle
- Error Base and Union Bas

Features:

ORACLE Injection
Injection Auto script
Save XML from data
Inquery (View, Function object)

Download: Here

Wavestumbler v1.2

H_acktivis_T — Tue, 06 Jan 2009 10:33:47 +0000

WaveStumbler is console based 802.11 network mapper for Linux. It reports the basic AP stuff like channel, WEP, ESSID, MAC etc. It has support for Hermes based cards (Compaq, Lucent/Agere, … ) It still in development but tends to be stable.

It consist of a patch against the kernel driver, orinoco.c which makes it possible to send the scan command to the driver viathe /proc/hermes/ethX/cmds file. The answer is then sent back via a netlink socket. WaveStumbler listens to this socket and displays the output data on the console.

The patch should be applied agains linux-2.4.17. It patches the whole linux/drivers/wireless to version 2.4.18-pre7 + the apscan code in orinoco.c. This is a 100% experimental patch, but it seems to work quite good with my Orinoco Silver Card, so feel free to try it out.

RootKit Hunter 1.3.4

H_acktivis_T — Tue, 06 Jan 2009 10:24:35 +0000

Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files