Microsoft Plugs Internet Explorer Security Hole (Which was Exposed in A Contest)

Microsoft last week patched the last vulnerability in Internet Explorer (IE) used by a researcher in March to win $15,000 at the
The company had patched IE twice before to quash bugs exploited by Stephen Fewer of Harmony Security to bring down IE8 on Windows 7 at Pwn2Own. For his efforts, Fewer was awarded a cash prize of $15,000 and a Sony notebook.

Microsoft internet explorer Fewer chained three exploits , each for a different vulnerability, to bypass IE's sandbox, called "Protected Mode," and compromise IE8. Pwn2Own sponsor HP Tipping Point called the feat "impressive" at the time.
Microsoft patched the third IE bug in a multiple-flaw update to its browser, part of a 13-bulletin collection .
Although Microsoft credited Fewer in the MS11-057 bulletin for reporting the third vulnerability, it said the bug wasn't a security flaw. "Yes, this update addresses a Protected Mode bypass issue, publicly referenced as CVE-2011-1347," Microsoft said in response to an FAQ query, "Does this update contain any non-security related changes to functionality?"
At Pwn2Own, Fewer used the bypass bug to escape Protected Mode so he could circumvent the browser's sandbox, which allowed him to add a file to the machine, a task that mimicked a hacker's insertion of malware.

Fewer confirmed that last week's IE update fixed the final flaw he used at Pwn2Own.
"Yes MS11-057 patches the final bug, the protected mode bypass, that I used in my Pwn2Own exploit, the other two being a use-after-free which was patched in MS11-018 and an information leak patched in MS11-050," Fewer said today in an email reply to questions.

Earlier Flaws Addressed

MS11-018 and MS11-050 were the designations of the April and June bulletins, respectively, that patched the two other vulnerabilities he reported to Microsoft via Tipping Point's bug bounty program.
According to Aaron Portnoy, manager of TippingPoint security research team and the company's Pwn2Own organizer, Tuesday's IE update wraps up patching for the 2011 contest.
During Pwn2Own, Microsoft said that IE9, the browser that launched shortly after Fewer's hack, did not contain the bugs he exploited.
Including Tuesday's update, IE9 has been patched twice since its March launch. Of the August bugs Microsoft acknowledged as security issues, one was reported by Fewer.
"Yes, I have been doing some research into IE9 and actually my first IE9 vulnerability was also patched this Tuesday as part of MS11-057," Fewer said, referring to a separate bug he was credited with this week.
That flaw, dubbed "CVE-2011-1964," was reported via TippingPoint to Microsoft in May, and was ranked critical for IE9 when run on Vista or Windows 7.
Fewer wouldn't commit to taking on IE9 at next year's Pwn2Own, but he left the door open to a repeat performance. "I don't have any plans as of yet for next year's competition, but if I have a few new bugs handy closer to the time, who knows?"
August's security updates, including MS11-057 for IE, can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

-News Source (PC-World)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Plugs Internet Explorer Security Hole (Which was Exposed in A Contest)"https://www.voiceofgreyhat.com/2011/08/microsoft-plugs-internet-explorer.html</a>

Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed

Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed

The Redmond based software giant Microsoft issued an urgent security advisory to address vulnerabilities in its popular web-browser that is Internet Explorer.  Few of days new “zero day” security hole in IE was discovered which could potentially allow hackers to take over control of your system when all you've done is visit an infected website. The vulnerability affects IE versions 6, 7 and 8. Though the latest versions of the browser, that means IE 9 and 10, are not affected. “An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.” Microsoft said in its statement. The statement went on to say, “an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability.”

On its advisory Microsoft first issued warning of the problem, which involves how IE accesses "an object in memory that has been deleted or has not been properly allocated." The problem corrupts the browser's memory, allowing attackers to execute their own code. Security vendor Symantec described such a scenario as a "watering hole" attack, where victims are profiled and then lured to the malicious site. Last week, one of the websites discovered to have been rigged to delivered an attack was that of the Council on Foreign Relations, a renowned foreign policy think tank. 

While talking about IE and its bugs, then we would like to remind you that couple of weeks ago, Spider.io a website analytics firm has discovered a security vulnerability in all current versions of Internet Explorer that allows attackers to trace mouse cursors anywhere on users' screens even if the Internet Explorer window is minimized. That time the software giant ignored that particular issue. But here they take this one bit seriously; So if you still using the older and affected version of IE, then its time to update your browser, in order to stay safe and secure on the Internet. To update your browser or to access the security fix click Here. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed"https://www.voiceofgreyhat.com/2013/01/Vulnerability-in-Internet-Explorer-Fixed.html</a>

Internet Explorer & Firefox Also Became Victim To Hackers At Pwn2Own

Internet Explorer (IE 9) & Firefox 10.0.2 Also Became Victim To Hackers At Pwn2Own

At Pwn2Own contest the web-browsers are getting hacked in a series. First it was the turn of Google Chrome where Sergey Glazunov, a Russian security researcher has earned $60,000 by demonstrating how he could waltz past the security sandbox in Google's Chrome browser to run unauthorized code on fully-patched Windows 7 computers. Then the time came for Microsoft's Internet Explorer. A team from a French security firm managed to hack IE 9 on a fully patched Windows 7 SP1 machine. The group from Paris-based Vupen Security brought down IE9 running on Windows 7 by exploiting a pair of previously-unknown "zero-day" bugs that bypassed the operating system's defensive technologies to execute attack code, allowing that code to escape from IE's "Protected Mode," the browser's limited-rights anti-exploit system. They managed to bypass the browser's DEP and ASLR protection with a 0-day heap overflow vulnerability, and then used a separate memory corruption bug to break out of its Protected Mode, which is effectively a sandbox. According to VUPEN founder Chaouki Bekrar, these particular flows have existed in previous incarnations of the browser - all the way back to IE 6 - and will very likely work on the upcoming IE 10.

Then the turn of Firefox came. Mozilla’s Firefox is the latest browser to fall victim to hackers at this year’s Pwn2Own hacker contest. Two researchers working together – Willem Pinckaers and Vincenzo Iozzo — exploited a single zero-day vulnerability in the latest Firefox 10.0.2 on a fully patched Windows 7 SP1 PC to cart off a $30,000 cash prize.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Internet Explorer & Firefox Also Became Victim To Hackers At Pwn2Own"https://www.voiceofgreyhat.com/2012/03/internet-explorer-firefox-also-became.html</a>

IE Vulnerability Can Lead to “Cookiejacking”

An independent internet security researcher has revealed that an unpatched vulnerability across all versions of Microsoft’s web browser Internet Explorer (IE) running on any version of Microsoft’s Windows operating system can lead to attacks wherein credentials used in web browsing to access Facebook, Twitter and Gmail accounts are stolen. What’s more, Rosario Valotta, an Italian security expert, says that although his proof of concept code exploits cookies used to access Facebook, Twitter and Gmail accounts, a crafty attacker can possibly exploit the vulnerability to gain access to cookies for virtually any website. In a method he calls “cookiejacking”, Valotta said that the method can be used for “any website” and “any cookie” and that the “limit is just your imagination”, a report from Reuters says. According to the internet security researcher, using the exploit, an attacker can hijack an IE “cookie” which holds credentials to gain access to accounts. Valotta demonstrated his proof of concept code at a security conference held in Amsterdam last week, a report from U.K.’s The Register says.
According to the report, an attacker can use a special iframe tag which is embedded onto a malicious website to take advantage of the exploit. “The attack exploits a vulnerability in the IE security zones feature that allows users to segregate trustworthy websites from those they don’t know or don’t ever want to access,” the publication reports. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">IE Vulnerability Can Lead to “Cookiejacking”"https://www.voiceofgreyhat.com/2011/05/ie-vulnerability-can-lead-to.html</a>

Firefox 4 vs. Internet Explorer 9: Which is Safer???

The app frenzy is firing the browser wars and accelerating the need for browser development and updates. Chrome seems to update daily, Firefox is getting faster in response and Microsoft is talking IE 10 just IE9 gets fully out of the gate.
Because of the constant changes, it's hard to truly evaluate any given browser on any given day. Even so, there are certain key elements that distinguish one browser from another in terms of security. Here's how two of them, Firefox 4 and Internet Explorer 9, measure up:


Firefox 4
Firefox 4 is packed with security features aimed at resolving common, but difficult-to-avoid attacks such as cross site scripting (XSS), redirects from secure HTTPS webpages to plain old HTTP, and click-jacking.


Firefox 4 uses Content Security Policy (CSP) to quickly identify and block XSS attempts by simply using the server headers to tell it what kind of content to expect and, therefore, which content to block based on its lack of adherence to the server's own CSP.
This beats the heck out of comparing strings from browser and server in the remote hope of preventing XSS. Not only is the string approach akin to matching needles in thousands of remote haystacks, when it did deliver a finding, that finding was usually wrong. Developers often turned off such attempts, as found in IE 8's X-XSS-protection, out of sheer frustration.


However, CSP, though far more efficient, can also give a false positive reading if the website developer fails to sufficiently cover all the features with its policy. Still, CSP beats the string approach hands-down.


Other improvements are equally attractive from a harder to track user-agent header to a do-not-track feature that requires a simple opt-in to enable. However, the do not track feature works on an honor system: the site is notified of your desire for privacy but they don't have to comply with your request.


The strict transport security (STS) feature allows the user to force an HTTPS connection to user chosen sites. For example, the user can force an HTTPS connection-only to Facebook or other social sites thereby avoiding SSL strip attacks on those pages.
Firefox 4 also hides visited links from a hacker. The user still sees a visited link change color but the hacker doesn't. The CSS tweak hides your link viewing in the browser history from prying eyes.



Internet Explorer 9 (IE9)
IE9, says Microsoft, blocked 99 percent of socially engineered malware attacks. If the claim is true, then that's five times more than Firefox. However, both Mozilla and Google contest the interpretation as a definitive competitive edge for IE9 since the type of malware the finding applies to is not a common threat.


It is important to remember too that IE is targeted more often than Firefox simply because of economies of scale. The bad guys know that even people who use Firefox or Chrome often also have IE on their computer and use it at least occasionally. Therefore it makes tons of economic sense for hackers to target it over the competition.


In any case, IE9 is a significant upgrade from previous versions. It appears to run faster too, which is helpful.


Active X can be easily filtered and the user can choose to block or proceed accordingly.
Tracking protection is a new feature that enables users to control what they share. The Tracking Protection List, published by partners PrivacyChoice, TRUSTe, Abine and Adblock Plus, notifies companies if users don't want to be followed. However, just like with FireFox 4, the do not track feature works on an honor system; the site is notified of your desire for privacy but they don't have to comply with your request.
The download manager has an integrated SmartScreen malware protection feature. The Smartscreen Application Reputation cuts down on the aggravation factor as much as it does on security threats. It greatly reduces the number of warning prompts by dropping them entirely from frequently visited sites and warns only when the likelihood of malware is high. The "pinning" feature also helps as it allows users to "pin" frequently-visited and trusted sites to the browser toolbar, which then runs them in their own session. The pinning feature helps prevent HTTPS to HTTP redirects.
IE9 also has improved memory protection to prevent hackers from exploiting memory related vulnerabilities in the browser or any of its add-ons.
And the winner is ...
The consumer!


As of this point, security is no longer a major deciding factor in which browser you should use since both have seriously beefed-up protection. Not that you're totally safe from hackers, but at least these two browsers have finally bolted the doors and locked the windows.


A prolific and versatile writer, Pam Baker's published credits include numerous articles in leading publications including, but not limited to: Institutional Investor magazine, CIO.com, NetworkWorld, ComputerWorld, IT World, Linux World, Internet News, E-Commerce Times, LinuxInsider, CIO Today Magazine, NPTech News (nonprofits), MedTech Journal, I Six Sigma magazine, Computer Sweden, NY Times, and Knight-Ridder/McClatchy newspapers. She has also authored several analytical studies on technology and eight books. Baker also wrote and produced an award-winning documentary on paper-making. She is a member of the National Press Club (NPC), Society of Professional Journalists (SPJ), and the Internet Press Guild (IPG).

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Firefox 4 vs. Internet Explorer 9: Which is Safer???"https://www.voiceofgreyhat.com/2011/05/firefox-4-vs-internet-explorer-9-which.html</a>

Every 14 Programs Downloaded by Windows Users Turns out to be Malicious

The next time a website says to download new software to view a movie or fix a problem, think twice. There's a pretty good chance that the program is malicious.
In fact, about one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5 percent of users ignore the warnings and download malicious Trojan horse programs anyway.
Five years ago, it was pretty easy for criminals to sneak their code onto computers. There were plenty of browser bugs, and many users weren't very good at patching. But since then, the cat-and-mouse game of Internet security has evolved: Browsers have become more secure, and software makers can quickly and automatically push out patches when there's a known problem.
So increasingly, instead of hacking the browsers themselves, the bad guys try to hack the people using them. It's called social engineering, and it's a big problem these days. "The attackers have figured out that it's not that hard to get users to download Trojans," said Alex Stamos, a founding partner with Isec Partners, a security consultancy that's often called in to clean up the mess after companies have been hacked.
Social engineering is how the Koobface virus spreads on Facebook. Users get a message from a friend telling them to go and view a video. When they click on the link, they're then told that they need to download some sort of video playing software in order to watch. That software is actually a malicious program.
Social-engineering hackers also try to infect victims by hacking into Web pages and popping up fake antivirus warnings designed to look like messages from the operating system. Download these and you're infected. The criminals also use spam to send Trojans, and they will trick search engines into linking to malicious websites that look like they have interesting stories or video about hot news such as the royal wedding or the death of Osama bin Laden.
"The attackers are very opportunistic, and they latch onto any event that might be used to lure people," said Joshua Talbot, a manager with Symantec Security Response. When Symantec tracked the 50 most common malicious programs last year, it found that 56 percent of all attacks included Trojan horse programs.
In enterprises, a social-engineering technique called spearphishing is a serious problem. In spearphishing, the criminals take the time to figure out who they're attacking, and then they create a specially crafted program or a maliciously encoded document that the victim is likely to want to open -- materials from a conference they've attended or a planning document from an organization that they do business with.

With its new SmartScreen Filter Application Reputation screening, introduced in IE 9, Internet Explorer provides a first line of defense against Trojan horse programs, including Trojans sent in spearphishing attacks.
IE also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, IE's SmartScreen has blocked more than 1.5 billion Web and download attacks, according to Jeb Haber, program manager lead for SmartScreen.
Haber agreed that better browser protection is pushing the criminals into social engineering, especially over the past two years. "You're just seeing an explosion in direct attacks on users with social engineering," he said. "We were really surprised by the volumes. The volumes have been crazy."
When the SmartScreen warning pops up to tell users that they're about to run a potentially harmful program, the odds are between 25 percent and 70 percent that the program will actually be malicious, Haber said. A typical user will only see a couple of these warnings each year, so it's best to take them very seriously.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Every 14 Programs Downloaded by Windows Users Turns out to be Malicious"https://www.voiceofgreyhat.com/2011/05/every-14-programs-downloaded-by-windows.html</a>

Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned

Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned Only Safari Survived 

Couple of months ago we have talked about 'Pwn2Own 2013' hacking contest sponsored by HP TippingPoint, ZDI and Google where the most famous and widely used browsers have to face challenges. Now the result of this long awaited security competition has came which is showing that the entire browser security landscape can change in a single day, as browsers thought to be secure are proven to be otherwise. Of the Big Four browsers, only Apple's Safari has so far survived the onslaught of the browser-breakers where Chrome, Internet Explorer 10 and Firefox all fell to the mercy of the hackers. Not only browsers but also three other popular applications that is Adobe Reader, Flash Player and yet again Java fallen victim to hackers at 'Pwn2Own'. And for Java it was a true disaster as Java fell three times, though under the contest rules, only the first attacker was due to win the $20,000 prize. Vupen, a renowned security research firm based in France, cracked both Firefox and Internet Explorer. It roughly explained the attack in a tweet, “We’ve pwned Firefox using a use-after-free and a brand new technique to bypass ASLR/DEP on Win7 without the need of any ROP.” This bug hint leads them winning $100,000 for finding a huge hole. Again in a tweet, Security firm Vupen explained “We’ve pwned MS Surface Pro with two IE10 zero-days to achieve a full Windows 8 compromise with sandbox bypass.” Lastly, U.K.-based security firm MWR Labs cracked Chrome and also gained full control of the operating system, this time Windows 7. It also “demonstrated a full sandbox bypass exploit.” The company explained in a blog post that it found a zero-day in Chrome “running on a modern Windows-based laptop.” It was able to exploit the vulnerability by performing a very similar attack to what took down Facebook, Microsoft, and a number of other well-known companies: It had the laptop visit a malicious website. 

Now lets take look at the final score board of Pwn2Own 2013:

Wednesday:
1:30 - Java (James Forshaw) PWNED
2:30 - Java (Joshua Drake) PWNED
3:30 - IE 10 (VUPEN Security) PWNED
4:30 - Chrome (Nils & Jon) PWNED
5:30 - Firefox (VUPEN Security) PWNED
5:31 - Java (VUPEN Security) PWNED

Thursday:
12pm - Flash (VUPEN Security) PWNED
1pm - Adobe Reader (George Hotz) PWNED
2pm - Java (Ben Murphy via proxy) PWNED

The total damage to the prize fund comes out at a whopping $480k. With HP's announcement that everyone will get paid for each attack, the prize monies will be divvied up as follows:-

1. James Forshaw: Java = $20K
2. Joshua Drake: Java = $20k
3. VUPEN Security: IE10 + Firefox + Java + Flash = $250k
4. Nils & Jon: Chrome = $100k
5. George Hotz: Adobe Reader = $70k
6. Ben Murphy: Java = $20k

As you all know that the main motive of these contest is to make applications, software more safe and secure while figuring out hidden vulnerabilities  Here also for Pwn2Own the security holes figured out by the above experts have already been submitted and taken carefully by those organization  along with that, the expected patch for the browsers have already been released. Those who are still using the older version of those above applications are requested to update their system. So, stay tuned with VOGH and be safe on the Internet. 

-Source (HP, Naked Security) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned"https://www.voiceofgreyhat.com/2013/03/Pwn2Own-2013-Result.html</a>

Pwn2Own 2013 -Hack Major Browser, Adobe Reader, Flash or Java & Earn in Million Dollars

Pwn2Own 2013 -Hack Major Web-browser, Adobe Reader, Flash or Java & Earn in Million Dollars 

Since the last two years the Pwn2Own hacker contest has become an important fixture in the world of testing the security of software applications, operating systems and hardware devices. In last two years we have seen several hackers, security professionals have expressed their enthusiasm and joined Pwn2Own where four major and widely browser's security get compromised, in order to make applications, software more safe and secure. Last year we have reported how different hackers across the globe taken part in Pwn2Own and successfully hacked Google Chrome, IE & Firefox, and earned millions of dollars. But the contest of this year has some more twist than before as, HP TippingPoint and Google, sponsor of Pwn2Own, has made clear that it is expanding the focus of the competition beyond browsers. Also, Pwn2own 2013 will include $560,000 in prize money for demonstrations of exploits in the major web browsers, Adobe Reader, Adobe Flash or Oracle Java. 

Contest Dates:-

The contest will take place the 6th, 7th, and 8th of March in Vancouver, British Columbia during the CanSecWest 2013 conference. DVLabs blog post will be updated as the contest plays out and get real-time updates by following either @thezdi or @Pwn2Own_Contest on Twitter or search for the hash tag #pwn2own.

Rules & Prizes:-

HP ZDI is offering more than half a million dollars (USD) in cash and prizes during the competition for vulnerabilities and exploitation techniques in the below categories. The first contestant to successfully compromise a selected target will win the prizes for the category.

• Web Browser
• Google Chrome on Windows 7 ($100,000)
• Microsoft Internet Explorer, either
• IE 10 on Windows 8 ($100,000), or
• IE 9 on Windows 7 ($75,000)
• Mozilla Firefox on Windows 7 ($60,000)
• Apple Safari on OS X Mountain Lion ($65,000)
• Web Browser Plug-ins using Internet Explorer 9 on Windows 7
• Adobe Reader XI ($70,000)
• Adobe Flash ($70,000)
• Oracle Java ($20,000)

The targets will be running on the latest, fully patched version of the Windows 7, 8, and OS X Mountain Lion. All targets will be installed in their default configurations, as this is how a majority of users will have them configured. As always, the vulnerabilities utilized in the attack must be unknown and not previously reported to the vendor. If a sandbox is present, a full sandbox escape is required to win. A given vulnerability may only be used once across all categories.

Upon successful demonstration of the exploit, the contestant will provide HP ZDI a fully functioning exploit and all the details of the vulnerability used in the attack. In the case that multiple vulnerabilities were exploited to gain code execution, details about all the vulnerabilities (memory corruption, infoleaks, escalations, etc.) leveraged and the sequence in which they are used must be provided to receive the prize money. The initial vulnerability utilized in the attack must be in the registered category.

Along with prize money, the contestant will receive the compromised laptop and 20,000 ZDI reward points* which immediately qualifies them for Silver standing. 

Full contest rules can be found at http://dvlabs.tippingpoint.com/Pwn2OwnContestRules.html, and may be changed at any time without notice.

Registration:-

Contestants are asked to pre-register by contacting ZDI via e-mail at zdi@hp.com. This will allow the organizer to ensure that they have the necessary resources in place to facilitate the attack. If more than one contestant registers for a given category, the order of the contestants will be drawn at random.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Pwn2Own 2013 -Hack Major Browser, Adobe Reader, Flash or Java & Earn in Million Dollars"https://www.voiceofgreyhat.com/2013/01/Pwn2Own-2013-Hack-and-Earn-in-Million.html</a>

Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability

Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability 

Last few days the whole cyber world have gone through with so many drama of Internet Explorer's security bug, as researchers have unveiled four active exploits of a zero-day vulnerability in the browser. As expected the software giant Microsoft has released an emergency fix to get rid of these major security issues. Microsoft released a “fix it” tool for a critical security flaw in most versions of Internet Explorer 6, 7, 8 and 9  that hackers have been exploiting to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21. "While we have only seen a few attempts to exploit this issue, impacting an extremely limited number of people, we are taking this proactive step to help ensure Internet Explorer customers are protected and able to safely browse online," said Yunsun Wee, director of Microsoft Trustworthy Computing in a statement. The zero-day in IE 6-9 is a use-after-free memory corruption vulnerability, similar to a buffer overflow, that would enable an attacker to remotely execute code on a compromised machine. The original exploit payload dropped the PoisonIvy remote access Trojan (RAT) via a corrupted Flash movie file. The latest payload discovered dropped the PlugX RAT via the same corrupted Flash movie, Blasco said. He also said the new exploits are the work of the Chinese hacker group Nitro, the same group behind a pair of Java zero-day exploits disclosed in August.

Blasco also said the new exploits appear to be targeting defense contractors in the United States and India.

Microsoft recommended several workarounds Tuesday morning before announcing its intention to send out a FixIt.

• Setting Internet and local Internet security zone settings to high, which would block ActiveX Controls and Active Scripting in both zones
• Configure IE to prompt the user before running Active Scripting, or disable Active Scripting in both zones

• Use of Microsoft's Enhanced Mitigation Experience Toolkit provides mitigations as well, and would not impact website usability, as both of the first two options might.

Microsoft also said that IE running on Windows Server 2003, 2008 and 2008R2 runs in a restricted mode that mitigates the vulnerability. Outlook, Outlook Express and Windows Mail also open HTML messages in a restricted zone, mitigating the vulnerabilty but should a user click a link in a message, they could still be vulnerable to exploit.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability"https://www.voiceofgreyhat.com/2012/09/Microsoft-Issues-fixit-To-Close-IE-0day-Vulnerability.html</a>

0-Day Vulnerability in Yahoo Messenger, An Attacker Can Change The Status Update Remotely

Zero day exploit found in Yahoo messenger allowing attackers to change the status update remotely. Version 11.x of the Messenger client (including the freshly-released 11.5.0.152-us) is infected with this 0day vulnerability. The status message change occurs when an attacker simulates sending a file to a user. This action manipulates the $InlineAction parameter (responsible for the way the Messenger form displays the accept or deny the transfer) in order to load an iFrame which, when loaded, swaps the status message for the attacker's custom text. This status may also include a dubious link. This iFrame is sent as a regular message and comes from another Yahoo Instant Messenger user, even if the user is not in the victim’s contact list. The exploit delivers its payload when the attacker simulates sending a file to the user. The bogus file tricks Messenger into loading an iFrame that then swaps the status message for whatever garbage the attacker wants to load, including a potentially "dubious" link, as Bitdefender describes it. The iFrame comes over as a regular message from another Yahoo Instant Messenger user, even if the user isn't in the victim's contact list.

• Why it is so dangerous? 

Status messages are highly efficient in terms of click-through rate, as they address a small group of friends. Chances are that, once displayed, they will be clicked by most contacts who see them. One scenario: the victim's status message is swapped with an attention-getting text that points to a page hosting a zero-day exploit targeting the IE browser, the locally installed Java or Flash environments or even a PDF bug, to mention only a few. Whenever a contact clicks on the victim’s status message, chances are they get infected without even knowing it. All this time, the victim is unaware that their status message has been hijacked.
Another lucrative approach to changed status messages is affiliate marketing (ie: sites that pay affiliates for visits or purchases through a custom link). Someone can easily set up an affiliate account, generate custom links for products in campaign, then massively target vulnerable YIM victims to change their status with the affiliate link. Then, they just wait for the contact-generated traffic to kick in. There are actually a couple of services that pay YIM users to change their status with custom links as part of their business.

• Who is Safe?

You are running a Bitdefender security solution (Bitdefender Antivirus Plus, Bitdefender Internet Security or Bitdefender Total Security). We detect this threat via the HTTP scanner and block it before it reaches the Messenger application.
You have Yahoo Messenger set to “ignore anyone who is not in your Yahoo! Contacts“(which is off by default).

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">0-Day Vulnerability in Yahoo Messenger, An Attacker Can Change The Status Update Remotely"https://www.voiceofgreyhat.com/2011/12/0-day-vulnerability-in-yahoo-messenger.html</a>

Web Browser Grand Prix 5

 

Three major released have landed since our last impromptu Web Browser Grand Prix (WBGP4): Chrome 12, Firefox 5, and Opera 11.50. Can Chrome or Opera regain the WBGP championship? Will Mozilla Firefox ever overtake Microsoft's IE9 in the rankings?
If it seems like it was only weeks ago when we were compelled to test the then-new Mozilla Firefox 4 against the reigning Web Browser Grand Prix champion Microsoft Internet Explorer 9 in Web Browser Grand Prix 4: Firefox 4 Goes Final, that's because it was only a few weeks ago.
In an attempt to curb the siphoning of its user base to Google, Mozilla decided to keep pace with the frenetic development cycle of Chrome. Firefox 5 is now a reality. But will Mozilla also keep up with innovation like Google? Furthermore, will a higher integer finally allow Mozilla to overtake arch-rival Microsoft in our performance metrics? Can former speed-kings Chrome and Opera reclaim the dual domination of our WBGP crown, as they did in 2010?

We've tightened up our suite of benchmarks for this article, cutting the fat that was Google's V8 JavaScript Benchmark and the redundant two-pixel variant of the GUIMark2 HTML5 Vector Charting test. We also fleshed it out by adding Facebook's JSGameBench, as well as battery life and reliability testing. But before we get to the benchmarks, let's get caught up on the latest developments in the continuing browser wars.
Opinions:-

The release of Firefox 5 was met with harsh criticism for its apparent lack of anything new. It has been said that Firefox 5 should have been called Firefox 4.1 or 4.2. Or even 4.02.
There is also a growing concern over whether the new rapid release schedule jives with IT departments. Firefox became a viable choice for many companies during the version 2 and 3 days. Mozilla also offers the preferred development platform for most Web designers. Basically, Firefox gained the reputation of being the most stable choice. By mimicking Chrome's development cycle, Mozilla may have shot itself in the foot.
Smack Talk:-

Microsoft took a shot right across the bow of Google and Mozilla by announcing that WebGL is “harmful,” and that IE10 would not be utilizing the specification. Several experts came out in support of Microsoft's assertion, though it should be noted that Redmond may have a dog in this fight with DirectX.

Attacking Mozilla even further, the Internet Explorer development team sent the Firefox development team a cupcake to celebrate the release of Firefox 5. Mozilla also received cakes from Microsoft for the release of Firefox 3 and 4. Full cakes. Obviously, this is in response to the criticism that Firefox 5 is nothing more than a minor update to Firefox 4. The included note read: "Congratulations on shipping! Love, The IE Team". "Congratulations on shipping" might have been in reference to the frequent delays that plagued Firefox 4, which was eventually made available more than six months late. Now that's a classy way to rag on somebody. Not missing a single opportunity to slam its competition, Microsoft also capitalized on the other major criticism of Firefox 5 when an IE developer boasted Microsoft's commitment to IT.
Mozilla shot back with a blog post addressing the IT issue, although in a very non-concrete way:

"We are exploring solutions that balance these needs..."

Not to be outdone, an Opera employee also had this to say in regard to rapid release schedule:

“Despite the version number (11.50), we've packed a lot of new features into it. While other browsers rush to release whole new version numbers with small tweaks, I think we've kept traditional versioning, while simply releasing a little faster.”Obviously, this comes at an unfortunate time for Mozilla, but one cannot help but wonder if this comment was meant for Google. Opera and Google have gotten into it pretty heavily in the past, and, for a time (before IE9), Chrome and Opera swapped places on a semi-monthly basis in the performance charts.

-News Source (Tom's Hardware)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Web Browser Grand Prix 5"https://www.voiceofgreyhat.com/2011/07/web-browser-grand-prix-5.html</a>

Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET

Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET

Microsoft released June 2012 Security bulletin to close a total of 27 security holes in its products, among them 13 in Internet Explorer. The rest of the patches affect all currently supported Windows versions, the .NET Framework, Remote Desktop, Lync, Windows Kernel and Dynamics AX. The company separately announced changes to its automatic updater to block untrusted security certificates. Microsoft updated the updater tool after researchers uncovered how the Flame malware had gamed the process. The most important updates are bundled in the cumulative Internet Explorer patch (MS12-037), which includes fixes for the holes that were targeted by Pwn2Own exploits. Another urgent update is MS12-036, which concerns denial of service and remote code execution vulnerabilities in the Remote Desktop features built into all supported versions of Windows. The third critical update affects the .NET Framework (MS12-038). The remaining 4 updates are rated "important" by Microsoft and close code execution bugs in Lync and privilege escalation holes in Dynamics AX and Windows.

Through this security bulletin Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET"https://www.voiceofgreyhat.com/2012/06/microsoft-security-bulletin-june-2012.html</a>

Audio Captcha is vulnerable, it can be cracked!!

Many websites rely on CAPTCHA to distinguish genuine humans from bots and malware. Now researchers have devised software that can be trained to decipher and defeat audio CAPTCHAs. 

CAPTCHAs are those frustrating tests that ask you to type in characters that correspond to words that have been obscured or defaced by graffiti.

The idea is this task should be easy for humans and impossible for non-humans but to assist the visually impaired many CAPTCHAs offer an audio alternative, in which a computerized voice reads out letters or digits distorted by noise, and these have been proved to be vulnerable to machine recognition. Decaptcha is a system to defeat audio CAPTCHAs based on non-continuous speech (i.e. a series of digits or letters rather than spoken words). Devised by a team of computer scientists who presented their research at this week's IEEE Symposium on Security and Privacy in Oakland California, it uses audio-processing techniques to remove the noise and identify the digits. The software has to be trained, a process that takes around 20 minutes for each type of CAPTCHA, but then can solve CAPTCHAs without human assistance. The software has proved effective against the systems currently used by eBay (82% accuracy), Microsoft (49%) and Yahoo (45%) but has has much less success with reCAPTCHA which uses background conversations to obscure the digits.

Even so with a success rate of 1.5%, a machine that made hundreds of attempts would quite quickly make a correct match - and would probably have more success than humans who also find reCAPTCHA difficult to decipher.

The researchers conclude that the use of "semantic noise" - i.e. noise such as background conversations or music is the least harmful to human understanding

at levels while also being most able to hinder Decaptcha’s performance.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Audio Captcha is vulnerable, it can be cracked!!"https://www.voiceofgreyhat.com/2011/05/audio-captcha-is-vulnerable-it-can-be.html</a>

Metro Version Of Firefox Will Available on Windows 8

Metro Version Of Firefox Will Available on Windows 8

There are lots of addition and subtraction is going with the upcoming Microsoft Windows 8 & Windows on ARM.Microsoft's browser rivals to publicly commit to a Metro edition. Microsoft has said it will ship both Metro and traditional desktop versions of Internet Explorer 10. Metro is Microsoft's label for the touch-enabled interface at the center of both Windows 8 and WOA. Windows 8 will run Metro and traditional 32- and 64-bit Windows applications, but WOA will run only those third-party apps designed for Metro. Not only IE but also Firefox will follow the same trend. Mozilla confirms that it will build a "proof-of-concept" version of Firefox for Windows 8's Metro touch-first interface next quarter, then follow that with more functional editions later in the year. Mozilla Said:- "This proposal depends on Microsoft providing the same capabilities for Firefox as it does for IE -- running at the Medium level integrity process that allows us the full use of the Win32 API and what we need from Metro, or a set of APIs that allow Mozilla to port Gecko to the WinRT. For the purposes of this feature proposal, I'm assuming we'll get the first and we won't have to port the bulk of Gecko and instead will use the win32 dlls from within Metro."

Feature Overview:- 

• Windows 8 contains two application environments, "Classic" and "Metro". Classic is very similar to the Windows 7 environment at this time, it requires a simple evolution of the current Firefox Windows product. Metro is an entirely new environment and requires a new Firefox front end and system integration points.

• The feature goal here is a new Gecko based browser built for and integrated with the Metro environment.

• Firefox on Metro, like all other Metro apps will be full screen, focused on touch interactions, and connected to the rest of the Metro environment through Windows 8 contracts.

• Firefox on Metro will bring all of the Gecko capabilities to this new environment and the assumption is that we'll be able to run as a Medium integrity app so we can access all of the win32 Firefox Gecko libraries avoiding a port to the new WinRT API for the bulk of our code. (Though we will need to have a pan and zoom capability for content.)

• We will need to determine if the Firefox front end on Metro will be built in XUL, C/C++, or HTML/CSS/JS (I'm assuming for now that .Net and XAML are off the table.)

• Firefox on Metro is a full-screen App with an Appbar that contains common navigation controls (back, reload, etc.,) the Awesomebar, and some form of tabs.

• Firefox will have to support three "snap" states -- full screen, ~1/6th screen and ~5/6th screen depending on how the user "docks" two full screen apps. Our UI will need to adjust to show the most relevant content for each size.

• In order to provide users with access to other content, other apps, and to Firefox from other content and apps, we'll need integration with the share contract, the search contract, the settings contract, the app to app picking contract, the print contract, the play to contract, and possibly a couple more. We'll be a source for some, a target for some, and both for some.

• We'll need to handle being suspended by the OS when out of view.

• We may want to offer a live tile with user-centric data like friends presence or other Firefox Home information updates

• Ideally we'd be able to create secondary tiles for Web-based apps hosted in Firefox's runtime.

For More Information Click Here

-Source (Mozilla & Computer World)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Metro Version Of Firefox Will Available on Windows 8"https://www.voiceofgreyhat.com/2012/02/metro-version-of-firefox-will-available.html</a>

Social-Engineer Toolkit (SET) Version 4.0 Codenamed “Balls of Steel” Released

Social-Engineer Toolkit (SET) Version 4.0 Codenamed “Balls of Steel” Released

Social Engineer Toolkit also known as SET gets another update. Now we have Social Engineer Toolkit version 4.0 codename “Balls of Steel” is officially available for public consumption. In his official blog; Trusted Sec, the developper of SET has claimed that this version of SET is the most advanced toolkit till today. This version is the collection of several months of development and over 50 new features and a number of enhancements, improvements, rewrites, and bug fixes. 

Lets talk about some highlights and the new major features of SET 4.0- the Java Applet attack has been completely rewritten and obfuscated with added evasion techniques. All of the payloads have been heavily encrypted with a number of heavy anti-debugging tools put in place. PyInjector is now available on the Java Applet attack natively and deploys shellcode automatically through a byte compiled executable. The powershell attack vectors now support customized payload selection through the config/set_config. A new attack vector has been added called the Dell DRAC Attack Vector (default credential finder). A new teensy payload has been added from the Offensive-Security crew – the auto-correcting attack vector with DIP switch and SDcard “Peensy”. The web cloner has been completely rewritten in native python removing the dependency for wget. The new IE zero day has been included in the Metasploit Web Attack Vector. The Java Repeater and Java Redirection has been rewritten to be more reliable. Obfuscation added to randomized droppers including OSX and Linux payloads.

Full Changelog of The Social-Engineer Toolkit (SET) 4.0:- 

•  Added a new attack vector to SET called the Dell Drac attack vector under the Fast-Track menu.
•  Optimized the new attack vector into SET with standard core libraries
•  Added the source code for pyinjector to the set payloads
•  Added an optimized and obfuscated binary for pyinjector to the set payloads
•  Restructured menu systems to support new pyinjector payload for Java Applet Attack
•  Added new option to SET Java Applet – PyInjector – injects shellcode straight into memory through a byte compiled python executable. Does not require python to be installed on victim
•  Added base64 encoded to the parameters passed in shellcodexec and pyInjector
•  Added base64 decode routine in Java Applet using sun.misc.BASE64Decoder – native base64 decoding in Java is the suck
•  Java Applet redirect has been fixed – was a bug in how dynamic config files were changed
•  Fixed the UNC embed to work when the flag is set properly in the config file
•  Fixed the Java Repeater which would not work even if toggled on within the config file
•  Fixed an operand error when selecting high payloads, it would cause a non harmful error and an additional delay when selecting certain payloads in Java Applet
•  Added anti-debugging protection to pyinjector
•  Added anti-debugging protection to SET interactive shell
•  Added anti-debugging protection to Shellcodeexec
•  Added virtual entry points and virtualized PE files to pyinjector
•  Added virtual entry points and virtualized PE files to SET interactive shell
•  Added virtual entry points and virtualized PE files to Shellcodeexec
•  Added better obfsucation per generation on SET interactive shell and pyinjector
•  Redesigned Java Applet which adds heavily obfsucated methods for deploying
•  Removed Java Applet source code from being public – since redesign of applet, there are techniques used to obfuscate each time that are dynamic, better shelf life for applet
•  Added a new config option to allow you to select the payloads for the powershell injection attack. By specifying the config options allows you to customize what payload gets delivered via the powershell shellcode injection attack
•  Added double base64 encoding to make it more fun and better obfuscation per generation
•  Added update_config() each time SET is loaded, will ensure that all of the updates are always present and in place when launching the toolkit
•  Rewrote large portions of the Java Applet to be dynamic in nature and place a number of non descriptive things into place
•  Added better stability to the Java Applet attack, note that the delay between execution is a couple seconds based on the obfuscation techniques in place
•  Completely obfsucated the MAC and Linux binaries and generate a random name each time for deployment
•  Fixed a bug that would cause custom imported executables to not always import correctly
•  Fixed a bug that would cause a number above 16 to throw an invalid options error
•  Added better cleanup routines for when SET starts to remove old cached information and files
•  Fixed a bug that caused issues when deploy binaries was turned to off, would cause iterative loop for powershell and crash IE
•  Centralized more routines into set.options – this will be where all configuration options reside eventually
•  Added better stability when the Java Applet Repeater is loaded, the page will load properly then execute the applet.
•  The site cloner has been completely redesigned to use urllib2 instead of wget, long time coming
•  The cloner file has been cleaned up from a code perspective and efficiency
•  Added better request handling with the new urllib2 modules for the website cloning
•  Added user agent string configuration within the SET config and the new urllib2 fetching method
•  Added a pause when generating Teensy payloads
•  Added the Offensive-Security “Peensy” multi-attack vector for the Teensy attacks
•  Added the Microsoft Internet Explorer execCommand Use-After-Free Vulnerability from Metasploit into the Metasploit Browser Exploits Attack vectors
•  Fixed a bug in cleanup_routine that would cause the metasploit browser exploits to not function properly
•  Fixed a bug that caused the X10 sniffer and jammer to throw an exceptions if the folder already existed

To Download The Social-Engineer Toolkit (SET) 4.0 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Social-Engineer Toolkit (SET) Version 4.0 Codenamed “Balls of Steel” Released"https://www.voiceofgreyhat.com/2012/09/Social-Engineer-Toolkit-4.0-Released.html</a>

Xbox Live Has Not Been Hacked, Said Microsoft

Microsoft has denied claims that Xbox LIVE has been hacked, despite reports suggesting the online gaming service had suffered a security breach exposing user data. The company took to its official Facebook page after UK newspaper The Sun alleged gamers had lost between £100 and £20o each ($156-313); in fact, Microsoft clarified, victims had been the unfortunate quarry of a phishing scam. 

Microsoft is now apparently working with those Xbox LIVE users affected by the scams to re-secure their accounts, as well as suggesting that all gamers take care over what emails they open and what links they click on.

In a Statement Microsoft Said:-

"Xbox Live has not been hacked. Microsoft can confirm that there has been no breach to the security of our Xbox Live service. In this case, a number of Xbox Live members appear to have recently been victim of malicious 'phishing' scams  (ie. online attempts to acquire personal information such as passwords, user names and credit card details by purporting to be a legitimate company or person). The online safety of Xbox LIVE members remains of the utmost importance, which is why we consistently take measures to protect Xbox LIVE against ever-changing threats. As a result, we are currently:

Working closely with affected members who have been in touch with us to investigate and/or resolve any unauthorized changes to their accounts resulting from phishing scams;

Warning people against opening unsolicited e-mails which may contain spyware and other malware that can access personal information contained on their computer without their knowledge or permission;

Reminding all customers that they should be very careful to keep all personal information secure whenever online and never supply e-mail addresses, passwords or credit card information to strangers.

Microsoft remains vigilant at all times regarding the security of Xbox LIVE customers. As always, Xbox LIVE customers who have any queries or concerns should contact Xbox LIVE Customer Service on 0800 587 1102 or visit www.xbox.com/security."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Xbox Live Has Not Been Hacked, Said Microsoft"https://www.voiceofgreyhat.com/2011/11/xbox-live-has-not-been-hacked-said.html</a>

Motorola Plans More Hacker-Friendly Phones

Since the premiere of the Droid Two, Motorola’s Android-based smartphones have been notoriously unfriendly to modification and hacking. But the company may be changing its ways.

According to Motorola, its devices will become more mod-friendly toward the end of this year. The company plans to introduce software changes which will allow advanced users the option to modify core components of their phone’s operating system.

“Motorola will enable an unlockable/relockable bootloader, currently found on Motorola Xoom, in future software releases where carrier and operator partners will allow it,” Motorola said in a statement provided to Wired.com. “It is our intention to include the unlockable/relockable bootloader in software releases starting in late 2011.”

A locked bootloader is a big irritation for people who want to modify their Android phones’ operating systems. In short, it drastically limits the amount and type of customization a customer can accomplish on his or her phone. Popular modding software like CyanogenMod — a custom Android build that optimizes a phone’s hardware performance and adds a number of nifty flourishes — can’t be installed.

Motorola contends that it wants to strike a balance between “the operator requirement for security to the end user” or the average Joe with an Android device who doesn’t care about hacking it, one the one hand, and “the need to support developer communities in using these products as a development platform,” on the other. The option to unlock and relock the bootloader on a phone seems to fit in this middle ground, though Motorola does say this will be restricted to “the carrier and operator partners” that will allow the option.

The company hasn’t always been so diplomatic. When people complained about Motorola’s locked-down practices in the comments section of a YouTube video featuring the Atrix earlier this year, aMotorola employee shot back a less-than-warm response:

“If you want to do custom roms [i.e. modification software], then buy elsewhere, we’ll continue with our strategy that is working thanks.”

After developer uproar ensued in the wake of the comment, Motorola apologized, and gave its first sign that the locked-down quality of its phones may soon change:

“We apologize for the feedback we provided regarding our bootloader policy. The response does not reflect the views of Motorola. We are working closely with our partners to offer a bootloader solution that will enable developers to use our devices as a development platform while still protecting our users’ interests.”

Not everyone in the developer community is convinced Motorola will change its ways. Just as with the Atrix, they say they’ve been burned before. The Droid Two and Droid X models, for example, both came with locked bootloaders, despite the immense success of the Droid One.

When Android user Irwin Proud decided to buy the Atrix smartphone in February, he assumed it would ship with an unlocked bootloader.

He assumed wrong. Proud received an Atrix with a locked bootloader. As a self-proclaimed tech nerd and phone-modification enthusiast with a locked-down phone, Proud wasn’t happy.

Instead of taking it lying down, he started an online petition in late March at Groubal.com, asking Motorola to provide an unlocked bootloader solution for its current and upcoming devices. As of Wednesday, Proud’s petition has close to 9,000 signatures.

After a series of back-and-forth e-mails between Proud and customer-service representatives at Motorola, the company finally issued a statement to Proud claiming that an unlockable bootloader would be made available to its late 2011 releases.

Proud remains hopeful. “I’m optimistic that they will change,” said Proud in an interview with Wired.com, “because they have not experienced the same level of interest for any of their devices since the original Droid phone released at the end of 2009.”

Indeed, exact sales figures for the Atrix and the Xoom haven’t been released, but some analysts arecalling projections “disappointing.”

“I think they’ve tried to replicate it’s success,” said Proud, “but they haven’t had any luck. Now they need their community back.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Motorola Plans More Hacker-Friendly Phones"https://www.voiceofgreyhat.com/2011/04/motorola-plans-more-hacker-friendly.html</a>

Patator -A Multi-Purpose Brute-Forcer

Earlier we have several times talked about Brute forcer tool like THC-Hydra, Cain & Abel, Rainbow Crack and many more. Today we will discuss about Patator is a multi-purpose brute-forcer, written in pyton language, with a modular design and a flexible usage. Can be modified and rewritten as per our environment requirement. Patator is licensed GPLv2.

Modules Supported:-
ftp_login : Brute-force FTP
ssh_login : Brute-force SSH
telnet_login : Brute-force Telnet
smtp_login : Brute-force SMTP
smtp_vrfy : Enumerate valid users using the SMTP VRFY command
smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
http_fuzz : Brute-force HTTP/HTTPS
pop_passd : Brute-force poppassd (not POP3)
ldap_login : Brute-force LDAP
smb_login : Brute-force SMB
mssql_login : Brute-force MSSQL
oracle_login : Brute-force Oracle
mysql_login : Brute-force MySQL
pgsql_login : Brute-force PostgreSQL
vnc_login : Brute-force VNC
dns_forward : Forward lookup subdomains
dns_reverse : Reverse lookup subnets
snmp_login : Brute-force SNMPv1/2 and SNMPv3
unzip_pass : Brute-force the password of encrypted ZIP files
keystore_pass: Brute-force the password of Java keystore files

Features of Patator:-

• No false negatives, as it is the user that decides what results to ignore based on:

• status code of response

• size of response

• matching string or regex in response data

• Modular design

• not limited to network modules (eg. the unzip_pass module)

• not limited to brute-forcing (eg. remote exploit testing, or vulnerable version probing)

• Interactive runtime

• show verbose progress

• pause/unpause execution

• increase/decrease verbosity

• add new actions & conditions during runtime in order to exclude more types of response from showing

• Use persistent connections (ie. will test several passwords until the server disconnects)

• Multi-threaded

• Flexible user input

• Any part of a payload is fuzzable:

• use FILE[0-9] keywords to iterate on a file

• use COMBO[0-9] keywords to iterate on the combo entries of a file

• use NET[0-9] keywords to iterate on every host of a network subnet

To Download Patator Click Here 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Patator -A Multi-Purpose Brute-Forcer"https://www.voiceofgreyhat.com/2012/01/patator-multi-purpose-brute-forcer.html</a>