It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Multiple top-security sites hacked (zf05)

page: 1
2

log in

join
share:

posted on Jul, 29 2009 @ 03:14 PM
link   

Multiple top-security sites hacked (zf05)


blog.sucuri.net

If you follow the full disclosure mailing list, you are probably aware that many sites of top security professionals were hacked (including Kevin Mitnick, Robert Lemos from Security Focus, Dan Kaminsky, etc).

I know how easy it is to forget your own security and don't execute what you preach. But these hacks are a big eye opening for everyone in the industry to take their own security seriously.

This is a mirror of the document. A MUST READ for all security professionals.
(visit the link for the full news article)




posted on Jul, 29 2009 @ 03:14 PM
link   
*** Warning Graphic Language ***

So, as far as a conspiracy goes, this tops the list for me. We have a huge community of "Whitehat Hackers" (Known as good guys) and we also have Black Hats... (known as bad guys).

This is an example of when Blackhats attack. They have been targeting the very people who are icons of the Information Security Industry.

And today they released a 'zine which documents the extent to which they have "0wned" several prominent white hats.

With this comes personal emails, passwords to common things like twitter and facebook, entire filesytems which also have accounts for other whitehats thus exposing them as well... and client information.

In reality though, there is *nothing* anyone can do about a so-called "Zero day" or "0day" exploit, because there are no known remedies, nor is there any advanced information that would provide you the ability to protect against it.

At the end of the day, these people were targeted not because their security was lax (although in some situations it was), but because ZF0 aims to discredit the entire InfoSec Industry.


This is a macabre look at the scene which surrounds those who try to use their powers for good.




blog.sucuri.net
(visit the link for the full news article)



posted on Jul, 29 2009 @ 03:16 PM
link   
I wonder if this is related to the post a few weeks ago about how everyone should stop posting exploits for the whitehacks to fix...

hmm



posted on Jul, 29 2009 @ 03:19 PM
link   
reply to post by warrenb
 


It very well might be... something like this pops up every so often.

The last one that I recall was Project Mayhem and el8...

Lots of people lost their jobs last time.



posted on Jul, 29 2009 @ 05:10 PM
link   
As somebody who has been working with penetration testing and system security for the last twelve years, hopefully I can provide a bit of information on how, and why these things happen.

In the world of hackers, crackers, black hats, and whatever other name you want to give them, its very easy to get access to what we call "zero day" code. Basically, a zero day exploit is something that the manufacturers do not know about, nor does anybody else. This is basically a personal back door into any system you and your buddies want to hack.

How does one get zero day code? Surprisingly easy.

With the advent of fuzzing, finding buffer overflow, race conditions, sql injections, and any other vulnerabilities is easier then ever. Basically what a fuzzer does, is automate the process of overflowing buffers and other aspects of a program with generated strings. This makes finding out where the program may have problems with bounds checking, unsafe functions, unsafe system calls, and so on. When you overflow a buffer, you usually crash the program. What also happens, is the reason for this crash, is that some of your input that was too big to fit in the buffer was now written to system memory that is not owned by the program. This is usually random, but using a debugger such as gdb (gnu debugger) you are able to see where in memory you overwrote, and how much more memory you have to write to reach critical spots in memory that allow you to execute your own code.

(Keep in mind this is all very simplified for most people who dont have experience working with programming, memory registers, and so on)

When you find a program you can exploit like this, you basically have a free pass into ANY computer you want that is running that program. Lets say you find a buffer overflow or race condition in the Universal Plug and Play service that runs on every windows system, and you have the appropriate shell code (commands written in assembly passed directly onto the stack at the eip register, which allows it to be executed with permissions of whoever is running the program being exploited). You are able to basically hack into any system you want to. Actually, you dont even need to know any of the programming or debugging if you have the right friends
.

So we have the zero day exploits that are in the hands of very select people who created them, and since nobody else knows about them they are impossible to patch. This allows one person to basically hack any website they want and with no effort what-so-ever. If I showed you how easy it was to get a remote console on somebody elses system (depending on operating system) you would never keep any important information on your PC again.

So, I would probably say this was the work of either one person, or him and his friends, with the use of zero day code. Nothing spectacular, but also no way to stop it. This is the beauty of zero day, as well as the beast of it.

There are plenty of vulnerabilities found every day, that only require somebody with a bit of programming knowledge to exploit.

For example.



Microsoft Internet Explorer (CVE-2009-1919) Uninitialized Memory Remote Code Execution Vulnerability

Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions.


www.securityfocus.com

This was just recently found. Once somebody figures out how to write an exploit for it, then they have a backdoor into every system running Internet Explorer.

Anyway, I just wanted to point out how easy it would be for somebody to do this. Hopefully you all learned a little about how easy it is to possibly hack into a specific server, and please make sure you keep all important data encrypted. Thanks for reading!



posted on Jul, 29 2009 @ 05:13 PM
link   
I'd like to know why they don't do something a little more productive and go after the same kind of info Gary McKinnon found and release it to the world.

IMHo that would be more productive than black/whitehat squabbling



[edit on 29-7-2009 by warrenb]



posted on Jul, 29 2009 @ 05:20 PM
link   

Originally posted by warrenb
I wonder if this is related to the post a few weeks ago about how everyone should stop posting exploits for the whitehacks to fix...

hmm









Mod Note: One Line Post – Please Review This Link.

[edit on 29/7/2009 by Sauron]



posted on Jul, 29 2009 @ 05:58 PM
link   
Also to add,

If they did not release the exploits then the problems would never get fixed. The worst security vulnerabilities are the ones that are kept underground, and do huge amounts of damage.

By releasing the exploits, they are forcing the programmers to fix them. I would much rather have somebody releasing the exploits then keeping them amongst themselves to wreak havoc on any system they desire.

It would be MUCH worse if they were not released at all. Trust me.



posted on Jul, 29 2009 @ 08:41 PM
link   
reply to post by deadline527
 


Deadline, thank you so much for those contributions.

That was probably the most comprehensive, yet uncomplicated way of putting that, and perfect for ATS.



It's amazing how fragile our entire networking infrastructure really is. It both scares the hell outta me yet gives me a sense of security all at the same time...



posted on Jul, 29 2009 @ 08:42 PM
link   

Originally posted by warrenb
I'd like to know why they don't do something a little more productive and go after the same kind of info Gary McKinnon found and release it to the world.

IMHo that would be more productive than black/whitehat squabbling



[edit on 29-7-2009 by warrenb]


Agreed, the squabbling has never seemed like something as productive as some of the stuff from the past... however, at the same time, these scenarios do disrupt complacency on the part of all of us... at least for a little while...



posted on Jul, 29 2009 @ 09:59 PM
link   

Originally posted by HunkaHunka
reply to post by deadline527
 


Deadline, thank you so much for those contributions.

That was probably the most comprehensive, yet uncomplicated way of putting that, and perfect for ATS.



It's amazing how fragile our entire networking infrastructure really is. It both scares the hell outta me yet gives me a sense of security all at the same time...



Exactly. Buffer overflows have been the bane of system security for over a decade now. And now, with this new thing called "fuzzing", it is much easier to scan large amounts of code for potential overflows. I have recently just started reading up on it and maybe in the near future when I find a vulnerability I will give ATS a demonstration (on my own systems of course) of how easy it is to gain access without so much as a login or password. I think it would go well with the Science and Technology section, and how fast we have evolved in not only ease of use with technology, but ease of hacking as well.

Years ago, you used to have to know a LOT about programming (multiple languages), system architecture, memory registers, and program execution to write a security exploit. These days, with a few tools which I will not name here, you could potentially find one in a few days. Now, not all buffer overflows are exploitable. Some times you may only be able to write 4 bytes of data after the buffer, while other times possibly 200. Its both a bit of luck and ingenuity. Sometimes somebody can do something with 20 bytes that somebody else couldn't think of. But nowadays they have databases of shell code that you can basically cut and paste from. No need to convert the assembly to hex for use in your program, just find the correct code based on how many bytes you can use and your set.

Even somebody with very little computer knowledge, if they had their hands on zero day code, basically has a free pass into whatever system they want. If you were able to fit enough bytes after the buffer and you were able to use the shell code to run a remote shell you're set. All it would be is basically..

======
user@hostname$ ./exploit
exploit is running...
[Checking target] OK
[Determining OS] OK
[Sending Payload] OK

Payload successful. Remote shell on port 4444.
======

And thats it. No computer knowledge needed. All they need is that little program that somebody else wrote. The term for people who do this are "script kiddies", since basically all they do is run a script which isnt really "hacking" per say. They usually have very little knowledge, and most try to keep their code away from these people.

Now if you want some tips for securing your home network, I'll give you a few.

Use a router that also functions as a hardware firewall. Unless you need people connecting to your home computer, I would disallow incoming TCP connections. UDP is often used for streaming video so I would keep that allowed. As a second line of defense, use a software based firewall with packet logging. This will let you keep an eye on data going in and out of your network. You cannot always see when somebody is inside your system depending on how they got there, but its impossible to hide the network traffic. If they were to try to ftp something to your system, you would see it instantly. If you are a Linux user, learn how to use ipchains, ipfw as well as tcp wrappers. Also, make sure to use ssh instead of telnet so the connection is encrypted.

Always encrypt important data. This cannot be stressed enough. If you have any important information you want to store on your computer in a text file, I highly suggest using... www.fourmilab.ch... ... It is a very straightforward encryption/decryption tool for text using the AES (Advanced Encryption Standard) and a 256 bit key. As long as you keep your passkey secret, your data is very safe. Nobody would waste the time trying to crack some text file stored on a home computer.

Its getting late, but wanted to add a few more things to the thread. Hope you all find the information useful


[edit on 7/29/2009 by deadline527]



posted on Jul, 29 2009 @ 10:45 PM
link   
This was done to expose certain individuals who are praised when they should not be and who don't practice what they preach. This happens all the time to certain people in the field, they act like Gods and this upsets many people. Mitnick had his site on non secure servers so the 0day isn't of value in this case because it was so easy for them to find vulnerabilities. If he knew what he was doing his site would have been more secure and finding 0days would take a lot more effort.



posted on Jul, 30 2009 @ 07:22 PM
link   

Originally posted by DraconianKing
This was done to expose certain individuals who are praised when they should not be and who don't practice what they preach.




Let me say this again... no one can protect against zero day...

I don't care how good you are... you can't protect against zero day....



posted on Jul, 30 2009 @ 10:26 PM
link   

Originally posted by HunkaHunka

Originally posted by DraconianKing
This was done to expose certain individuals who are praised when they should not be and who don't practice what they preach.




Let me say this again... no one can protect against zero day...

I don't care how good you are... you can't protect against zero day....


Exactly. The only way you can protect against 0-day is if you were to find the vulnerability and patch it before anybody else even finds out about it. Which, I must add, the odds are incredibly small.

Think of it like this, you have a house with a lock on it. Somebody gets an exact copy of your key without your knowledge. The only way you could stop them from opening your door is to know about it first before they can open your door on you.

The chances of two people finding the exact same zero day vulnerability before its released to the public is VERY small.

Once I toss Linux back on this computer this week I will be fuzzing a great deal of code, seeing what I can come up with. If I can find a zero day (even if its just a denial of service) I'll be sure to show ya guys how they work, how easy they are to code, and how absolutely dangerous they can be.

This is a reason I believe anybody who says they have found secret UFO files on a government network is lying. No way in hell would any person with a background in security put ANY classified files on a public accessible network. They are most likely stored on a private LAN, with NO internet connection to it what-so-ever. The only hope of finding that data would be locally through the console, which only somebody working there would have access to. And even then I bet the security standards are VERY strict. I use a fingerprint scanner to log in to my box, with strong encryption as well - so I could only imagine what kind of crazy stuff the government has.

So yep. Zero protection against 0-day. None. Zip.

Even some of the newer exploits, the non-zero-day ones, are still very effective against MANY systems. You would be surprised how slow some of these vendors are to patch their products, even when you e-mail them saying you basically have a backdoor into their software. But then, that's what separates a good company from a horrible company. Their customer concern, support, and reliability.

Also, open source software is usually much better then proprietary for this reason. Bugs, vulnerabilities, and such get fixed much faster when you have open source code. Plus its free
Software you pay for such as Windows is often very slow to fix their security bugs, and also you must rely on THEM to fix it instead of the community. Open source is the way to go. If you have never ventured into the open source side of software then I highly recommend it and think you will be pleasantly surprised. Even Linux these days has came a VERY long way. The install is GUI based, most devices are plug and play now, and while its much easier to install, setup, and use - it still provides the very complexity that people choose the operating system for. But it is just as easily used as Windows for 99% of a general users needs, just with more security, stability, and less cost.

I ramble too much when I talk about this stuff, lol. Thanks for reading if you made it this far



posted on Jul, 31 2009 @ 04:09 PM
link   
Would like to post some information but since it is against T&C then as my previous post was limited to a thumbs up and a smile for obvious reasons i will quote my previous post.

As for the warning, well, it was interesting to say the least. (edit spelling)



[edit on 31-7-2009 by tristar]




top topics



 
2

log in

join