http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2012-12-12 17:41:12 - 0x80 : I had some free time lately and decided to write a following unfollowing tool for twitter It s at its very early stage but it does the job The code can be found at github here Abusing such tool is against Twitter s TOS so be nice when using it For now all it does is getting a list of http://www.secuobs.com/revue/news/416604.shtmlhttp://www.secuobs.com/revue/news/416604.shtml Secuobs.com : 2012-10-03 11:02:17 - 0x80 - I haven t had the time recently and missed participation in CSAW CTF I have obtained some of the challenges and will talk about exp 400 It s a format string exploitation challenge, and we ll analyze how it works and how to exploit it Let us start from the main It calls tcp_setup that s all http://www.secuobs.com/revue/news/403252.shtmlhttp://www.secuobs.com/revue/news/403252.shtml Secuobs.com : 2012-06-13 22:34:58 - 0x80 - I will provide some information benchmarking a trifire setup running Radeon 6990 and Radeon 6970 under arch x86_64 the benchmark will be based on oclhashcat_lite_64 output The cards are stock I have used a script from The Password Project If you re going to use the same script or the one I ll http://www.secuobs.com/revue/news/381427.shtmlhttp://www.secuobs.com/revue/news/381427.shtml Secuobs.com : 2012-06-10 03:25:17 - 0x80 - I have finally finished building my new PC Here are some pictures What s in it CPU i7-2600 CPU 340GHz OC d at 36 MHz Graphic Cards Radeon 6990, Radeon 6970 not yet xfire d I lost the bridge and waiting for a new one RAMs 4x Corsair Vengeance Blue 16GB DDR3 Dual Channel Mobo http://www.secuobs.com/revue/news/380637.shtmlhttp://www.secuobs.com/revue/news/380637.shtml Secuobs.com : 2012-04-21 14:50:04 - 0x80 - Terminal Multiplexer I used screen for a really long time, but then I descovered tmux which is activiely developed not like screen which it s development kind of stopped I don t really use tmux s features that aren t available in screen much I just wanted to move to something newer and activily http://www.secuobs.com/revue/news/371253.shtmlhttp://www.secuobs.com/revue/news/371253.shtml Secuobs.com : 2012-03-07 04:31:28 - 0x80 - Emacs is a very old editor, and most of the people think it s hard to use or to move to They might be right, but it worth the time and it will show how beneficial the move is when you get used to the editor I will not explain how to use Emacs, but I ll show some plugins and will link who ever http://www.secuobs.com/revue/news/361853.shtmlhttp://www.secuobs.com/revue/news/361853.shtml Secuobs.com : 2012-01-17 01:23:05 - 0x80 - WhatsAPP is a cross-platform app for phones that is used by thousands of people around the world, I ve used it couple times, but not anymore, not when I knew it transfers almost everything in plaintext and rarely uses HTTPS only for changing status and in the registration process I decided to http://www.secuobs.com/revue/news/352378.shtmlhttp://www.secuobs.com/revue/news/352378.shtml Secuobs.com : 2012-01-11 16:59:35 - 0x80 - When a process opens a file it creates a file descriptor which can be found at proc PID fd these file descriptors are integers that goes as follow 0 - stdin 1 - stdout 2 - stderr and any extra file descriptor opened will take the next number 3,4,etc The file descriptor can be socket, http://www.secuobs.com/revue/news/351494.shtmlhttp://www.secuobs.com/revue/news/351494.shtml Secuobs.com : 2011-10-23 06:38:05 - 0x80 - After using bash for many years I finally decided to move to zsh forever It s pure amazing compared to all the shells out there If you re searching for a nice zshrc to start with try this http grmlorg zsh Also, this link contain a summary of some of the awesome features zsh have http://www.secuobs.com/revue/news/336382.shtmlhttp://www.secuobs.com/revue/news/336382.shtml Secuobs.com : 2011-09-01 06:19:31 - 0x80 - So I was bored as usual and while surfing the wild internets I found a vulnerable server on corelan sbe website he wrote to write a tutorial about exploitation on windows It can be found here Anyway, I decided to take that code and write a function to uppercase the received buffer just to make it http://www.secuobs.com/revue/news/326423.shtmlhttp://www.secuobs.com/revue/news/326423.shtml Secuobs.com : 2011-08-23 05:54:20 - 0x80 - I have created a simple script on a subdomain it can be reached at sec0 80org or by clicking on Sec on the toolbar It s is hosting a list of interesting blogs websites RSSs and updates them every 60 minutes using a cronjob A list of these websites Email me if you have other interesting http://www.secuobs.com/revue/news/324577.shtmlhttp://www.secuobs.com/revue/news/324577.shtml Secuobs.com : 2011-08-19 01:26:13 - 0x80 - I have ported the exploit discussed on the previous post to metasploit framework It s more stable than the python code for sure, and it s universal on all windows XP due the use of a jmp eax from sfswebdll which ships with solarftp Also, some tiny changes have been added to the skeleton of the exploit http://www.secuobs.com/revue/news/323980.shtmlhttp://www.secuobs.com/revue/news/323980.shtml Secuobs.com : 2011-08-17 18:57:19 - 0x80 - Continuing on exploit-db found a remote exploit on solarftp v211 PASV command POC So I decided to give the vendor s website a visit and see if they patched this issue They ve released v212 and patched both a vulnerability in PASV and USER commands which causes a crash they say Here s the changelog of that version http://www.secuobs.com/revue/news/323693.shtmlhttp://www.secuobs.com/revue/news/323693.shtml Secuobs.com : 2011-08-16 02:00:39 - 0x80 - I went to exploit-db and found this remote-exploit on an ftp server called BisonFTP so I decided to check it out and exploit it On a windows XP SP2 The app can be downloaded from here Anyway, after installing the application and fuzzing it I ve created this simple code to figure out what is http://www.secuobs.com/revue/news/323230.shtmlhttp://www.secuobs.com/revue/news/323230.shtml Secuobs.com : 2011-08-15 08:31:55 - 0x80 - Since the university is starting soon, and I ll be back to studying stuff that are most probably boring I bought what called Nook which is kind of a PDA with the Elink monitor that stores PDF files to be read Really awesome I ve loaded it with many books related to security, social engineering, exploitation, http://www.secuobs.com/revue/news/323051.shtmlhttp://www.secuobs.com/revue/news/323051.shtml Secuobs.com : 2011-08-13 06:10:58 - 0x80 - I just got a word that I have successfully passed OSCE When I took OSCP I though ohh this is a kind of a hard course, and now I look back and after the suffering with OSCE I think OSCP was a peace of cake comparing to this I m not comparing the contents, I m comparing http://www.secuobs.com/revue/news/322885.shtmlhttp://www.secuobs.com/revue/news/322885.shtml Secuobs.com : 2011-08-11 18:38:07 - 0x80 - I m done with installing the Vortech supercharger on my jeep srt8 going 75 psi Can t have enough of this power Very stable kit and I m really happy that I got it rather than getting the turbo which is fun too You might look at the dyno sheet and wounder about the low numbers That s http://www.secuobs.com/revue/news/322543.shtmlhttp://www.secuobs.com/revue/news/322543.shtml Secuobs.com : 2011-08-11 18:38:07 - 0x80 - While spending some time online I came across this new, simply amazing service and technology Called Cloudflare Simply it s a CDN with the ability to protect you from many attacks such us email harvesting, known threats, SQL injections, XSS, and many others It also has cool features, such as blocking specific countries, and http://www.secuobs.com/revue/news/322542.shtmlhttp://www.secuobs.com/revue/news/322542.shtml Secuobs.com : 2011-08-11 18:38:07 - 0x80 - Some Random Pictures Taken by me at the 6th Annual Car show in Philadelphia I was driving around and found it by mistake, didn t know what was going on Just parked my car and acted like one of them Didn t even pay for the registration thing Anyway, there were awesome cars, restaurants, good http://www.secuobs.com/revue/news/322541.shtmlhttp://www.secuobs.com/revue/news/322541.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - Finally after suffering for almost two months, I m proud to say that I have passed OSCP PWB course from offensive security and will receive my certificate soon It took me 45 days to get ready for the exam, and the exam took me 12 hours out of 24 hours I recommend everyone who s interested in offensive security to take http://www.secuobs.com/revue/news/314962.shtmlhttp://www.secuobs.com/revue/news/314962.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - I re-wrote an exploit for apache mod_jk v1220 just to see how ruby works , even though there s already a public exploit available for it, and also there s a metasploit module for this exploit Some methods on this code were taken from metasploit thanks usr bin ruby apache mod_jk v1220 remote exploit qnix at 0x80 dot org some lines in the http://www.secuobs.com/revue/news/314961.shtmlhttp://www.secuobs.com/revue/news/314961.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - I would love to share this exploit with you guys There are already public exploits but none of them works under windows server 2003, but this one does The JMP is from NTDLLdll it s not stable because it differ from ServicePack to another BugtraqID 21320 CVE CVE-2006-6184 Published Nov 27 2006 12 00AM Credits http://www.secuobs.com/revue/news/314960.shtmlhttp://www.secuobs.com/revue/news/314960.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - Just signed up for OSWP course from offensive security So far it look easier than I ve imagined It covers WPA WEP cracking, and it mostly talking about aircrack-ng suite Also, it briefly talked about other tools such as airsnarf and kismet OSWP doesn t cover GPU cracking, pyrit, or aircrack-ng-gpu, but I m pretty sure these will http://www.secuobs.com/revue/news/314959.shtmlhttp://www.secuobs.com/revue/news/314959.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - So I was bored the other day, and I found this website called Omegle Simply it s a website that makes you talk with strangers, so I decided to write a python code to annoy all of them http pastebincom PBg912ye usr bin env python import urllib2 as url import urllib import time filename msgstxt counter 0 http://www.secuobs.com/revue/news/314958.shtmlhttp://www.secuobs.com/revue/news/314958.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - Hello again, I ve just passed the OSWP course and wanted to say that it was amazing The test was not that hard, but what I liked about it was the contents of it Specifically, The first couple chapters which will get you really bored, yet they contain many details about wireless and how things http://www.secuobs.com/revue/news/314957.shtmlhttp://www.secuobs.com/revue/news/314957.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - Hashfinder is a python script I ve written to search for a given md5 hash in various md5 reverse lookup websitesI wrote it to make things easier since I work mostly within a shell and opening a browser and visiting these websites will time This code only contains this list of websites md5passinfo http://www.secuobs.com/revue/news/314956.shtmlhttp://www.secuobs.com/revue/news/314956.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - I have just installed backtrack 5 on one of the boxes to test it out It ran perfectly from the USB stick, but when I did a HD installation and rebooted I couldn t see grub or boot Went back to the USB stick to see what was the problem I thought first it was a http://www.secuobs.com/revue/news/314955.shtmlhttp://www.secuobs.com/revue/news/314955.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - Just for a change, something out of the blog s topics Some pictures of cam installation on my Jeep srt8 Soon, I ll post some picture on installation of the vortech I ve ordered it last night and it s estimated to be here in a week or two, then another week max for installation Will post a http://www.secuobs.com/revue/news/314954.shtmlhttp://www.secuobs.com/revue/news/314954.shtml Secuobs.com : 2011-07-03 19:14:02 - 0x80 - This is a tutorial on how to get rpcminer-cuda working for Nvidia users under linux who wants to mine with their CUDA GPUs here s the way I found this patched version here of bitcoin with the rpcminer had some problems with compiling it at the beginning, but then followed the compilation errors, and http://www.secuobs.com/revue/news/314953.shtmlhttp://www.secuobs.com/revue/news/314953.shtml Secuobs.com : 2009-12-16 15:21:37 - 0x80 - I brought you a good series of videos that has a lot of useful information The Academy Free videos cover everything from firewalls, penetration testing, IDS IPS to NAC and anti-spam SecurityTube A massive database of videos related to Security Hacking from all over the net Penetration Testing and Vulnerability Analysis This is the course website for Penetration Testing and http://www.secuobs.com/revue/news/172778.shtmlhttp://www.secuobs.com/revue/news/172778.shtml Secuobs.com : 2009-10-23 06:16:56 - 0x80 - I wrote a new python tool that encode decode spam messages, it operates and does it job from the spammimiccom website I wrote this tool so you can do your spam messages from the command-line Explanation of SpamMIMIC There are terrific tools like PGP and GPG for encrypting your mail If somebody along the way looks at the http://www.secuobs.com/revue/news/153263.shtmlhttp://www.secuobs.com/revue/news/153263.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - What is Psyco Think of Psyco as a kind of just-in-time JIT compiler,a little bit like what exists for other languages, that emit machinecode on the fly instead of interpreting your Python program step bystep The difference with the traditional approach to JIT compilers isthat Psyco writes several version of the http://www.secuobs.com/revue/news/90642.shtmlhttp://www.secuobs.com/revue/news/90642.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - I was watching some hak5 videos, where they started to talk aboutOpenDNS service they reminded me of an old account i have there soi stopped the view went straight to opendnscom logged in andconfigured my account added it to my router and now i’m using a better, faster more http://www.secuobs.com/revue/news/90641.shtmlhttp://www.secuobs.com/revue/news/90641.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - Sorry guys for being away of the blog , i was busy with life… i havenothing new to write here than a list of things i want to get OQOmodel e2 : its a full PC that fits in your pocket, with a real nicefeatures from http://wwwoqocom/ HyperLink 24GHz 145 Yagi Antenna :HyperGain® 15 dBi http://www.secuobs.com/revue/news/90640.shtmlhttp://www.secuobs.com/revue/news/90640.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - Related PostsNo related postshttp://www.secuobs.com/revue/news/90639.shtmlhttp://www.secuobs.com/revue/news/90639.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - In this tutorial we are going to create an evil wifi access point whensomeone connects to it and uses some services like“pop3,imap,ftp,smtp,http,https,dns” these services will be tested forall the expoits that maches them in the metasploit framework 3 andtries to exploit each one , when one of them successly exploited ahttp://www.secuobs.com/revue/news/90638.shtmlhttp://www.secuobs.com/revue/news/90638.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - Sorry guys for being away all that time and write nothing, but i’m reallybusy with life i almost don’t even have a time for my self tobreath but i’ll be back soon with new things and posts :- so waitfor me if you are one of my fans heheh Thanks RelatedPostsHelloBlogHello guys http://www.secuobs.com/revue/news/90637.shtmlhttp://www.secuobs.com/revue/news/90637.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - Hello again guys ,, sorry for being away all that time… anyways i’ll getinto the subject directly i bough a wireless card “gb” that uses r8187driver and i pluged it with an antenna , the maximum TX-power theregular linux driver can be increased to 12 or 15 as far as i rememberbut http://www.secuobs.com/revue/news/90636.shtmlhttp://www.secuobs.com/revue/news/90636.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - While i was surfing the internet for something interesting i found aprogramming language called BrainFucked i tried it and i liked it it’skinda challenging anyways i wrote a code that will just print “0×80″on stdout +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ That’sthe code complicated right i’ll write it with comments ++++++++++int cell 0 to 10 http://www.secuobs.com/revue/news/90635.shtmlhttp://www.secuobs.com/revue/news/90635.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - RT0×80org is a new project to host rainbow tables for these algorithms11 tables for LM algorithm 40 tables for MD5 algorithm 40 tables forNTLM algorithm 4 tables for FASTLM algorithm 4 tables for HALFLMCHALLalgorithm 6 tables for Rarred_Indexes algorithm 16 tables SHA1algorithm All these rainbow tables are generated fromFreerainbowtables Project almost all of them are in custom formathttp://www.secuobs.com/revue/news/90634.shtmlhttp://www.secuobs.com/revue/news/90634.shtml Secuobs.com : 2009-04-30 19:30:15 - 0x80 - Hello guys, the RT project is up and running there are almost1,145,780,338,571 bytes of rainbowtables all are available for free athttp://rt0×80org/ feel free to download them or do anything withthem if you need anything or having a problem just ask for moreinformation visit the previous post about the rainbowtables EnjoyRelated http://www.secuobs.com/revue/news/90633.shtmlhttp://www.secuobs.com/revue/news/90633.shtml