Posted by Avik Sarkar
On 5/09/2013 04:30:00 pm
Debian Linux 7.0 Code Named 'Wheezy' Released & Added Multiarch Support, Several Specific Tools
Once it was
one of the most popular Linux distribution which have drawn the maximum
attention, yes you are right I am talking about none other than Debian Linux. Now
a days the craze of this flavor has became little fade but as
the foundation for other, more popular Linux distributions, such as Mint, Ubuntu and few Pen
Testing Distro, still the value of Debian exist. So
the up-gradation and new release of this Linux flavor is
still very much important. And today I will talk about the new release
of Debian Linux
version 7.0 code named 'Wheezy'. After many months of constant development, the developers at Debian
project proudly announced the
general availability of the next version of this major Linux which is
Debian 7.0 aka 'Wheezy'. According to the release note - This new version of Debian includes various interesting
features such as multiarch
support, several specific
tools to deploy private clouds, an improved installer, and a complete set of multimedia
codecs and front-ends which remove the need for third-party repositories. Multiarch support,
one of the main release goals for Wheezy
, will allow Debian users to install packages from multiple
architectures on the same machine. This
means that you can now, for the first time, install both 32- and 64-bit
software on the same machine and
have all the relevant dependencies correctly resolved, automatically. The installation process has been greatly improved: Debian
can now be installed using software speech, above all by visually impaired
people who do not use a Braille device. Thanks to the combined efforts of a
huge number of translators, the installation system is available in 73 languages, and
more than a dozen of them are available for speech synthesis too. In addition, for the first time, Debian supports installation and booting
using UEFI for new 64-bit PCs (amd64), although there is no support for Secure Boot yet.
This Release Includes Numerous Updated Software Packages, Such as:-
- Apache 2.2.22
- Asterisk 1.8.13.1
- GIMP 2.8.2
- An updated version of the GNOME desktop environment 3.4
- GNU Compiler Collection 4.7.2
- Icedove 10 (an unbranded version of Mozilla Thunderbird)
- Iceweasel 10 (an unbranded version of Mozilla Firefox)
- KDE Plasma Workspaces and KDE Applications 4.8.4
- kFreeBSD kernel 8.3 and 9.0
- LibreOffice 3.5.4
- Linux 3.2
- MySQL 5.5.30
- Nagios 3.4.1
- OpenJDK 6b27 and 7u3
- Perl 5.14.2
- PHP 5.4.4
- PostgreSQL 9.1
- Python 2.7.3 and 3.2.3
- Samba 3.6.6
- Tomcat 6.0.35 and 7.0.28
- Xen Hypervisor 4.1.4
- The Xfce 4.8 desktop environment
- X.Org 7.7
Along with these more than other 36,000 ready-to-use software packages, built from nearly 17,500 source packages also included in Debian Linux 7.0. So after reading all those cool features, what you are waiting for lets download the installation image via bittorrent (the recommended method), jigdo, or HTTP.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 5/05/2013 03:11:00 pm
Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites to Serve Blackhole Exploit
ESET one of the world renowned security firm headquartered in Bratislava have figured out what it called a malicious cyber rampage targeting millions of
cPanel-based servers. Since last few months security experts have been tracking server level compromises that have been utilizing malicious
Apache modules to inject
malware into websites and redirecting some of its requests to the infamous
Blackhole Exploit packs. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and this new
malware has been dubbed
"Linux/Cdorked.A." Several analysis reveals that it is a sophisticated and stealthy
backdoor meant to drive traffic to malicious websites. According to the official
blog post of ESET - Linux/Cdorked.A is one of
the most sophisticated Apache backdoor's we have seen so far. The backdoor leaves no traces of compromised hosts on the hard drive other than its modified httpd binary, thereby complicating forensics analysis. All of the information related to the backdoor is stored in shared memory. The configuration is pushed by the attacker through obfuscated HTTP requests that aren't logged in normal Apache logs. This means that no command and control information is stored anywhere on the system.
This malicious
cyber rampage was first detected by another security firm named
'Sucuri' and later ESET published a detailed analysis of the issue. But still there are thoughtful matter as already thousands of websites get infected. The attack is particularly dangerous as Apache web servers are among the most well-known and widely-used in the world and are used by numerous companies. This means that a successful security breach can affect numerous different businesses across a diverse range of industries.
As this malware also known as Linux/Cdorked.A has already been spotted in the wild, so on behalf of
cyber media, we urge all the concern system administrator, security analyst to take care of the above issue while to checking their servers and verify that they are not affected by this threat. Detailed instructions to perform this check are provided in the
ESET blog.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 3/31/2013 03:20:00 pm
Jadavpur University Official Website is Vulnerable to Sql Injection
An
ethical hacker from
India named
Chirag Singh have figured out serious
loopholes in the official website of
Jadavpur University -one of the most renowned and prestigious university of India. Chirag find blind
Sql injection vulnerability which can be exploited by malicious purpose in order to harm the website and gain access. From the vulnerability report submitted by the hacker, it has been found that the web-server of Jadavpur University is using
Red Hat Enterprise Linux 5 (Tikanga) where the web application technologies are Apache 2.2.3 and PHP 5.1.6; along with the back-end database is
PostgreSQL. The hackers also managed to dump
11 database with more than
215 tables as shown in the picture below
This issue has already been reported to the concern person and the webmaster of Jadavpur University, and due to security and privacy we are not exposing and mention the vulnerable link and dumped database.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 9/10/2012 05:52:00 pm
Ubuntu 12.10 Codenamed "Quantal Quetzal" Beta 1 Released !!
After the release of two Alpha version (
Alpha1 &
Alpha 2), now its time for beta; and as expected both
Canonical and the
Ubuntu developer team has released the first beta of version
12.10 of their Ubuntu Desktop, Server, Cloud, and Core products, code named
"Quantal Quetzal". Ubuntu 12.10 Beta 1 uses a Linux kernel which is based on the recent
3.5.3 Linux kernel, the current stable version of
Linux 3.5.
12.10 continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, introducing new features and fixing bugs. For the client, this release now has a consolidated Ubuntu image. There is no longer a traditional CD sized image, DVD or alternate image, but rather a single 800MB Ubuntu image that can be used from USB or DVD. This change does not affect Ubuntu Server, which remains a traditional CD sized image. With Ubuntu 12.10, Kubuntu, Edubuntu, Lubuntu, and Ubuntu Studio also reached Beta 1 status today. These images, along with Xubuntu will continue to have daily updates for the remainder of the release. The final version of Ubuntu 12.10 is expected to be released on October 18, 2012.
Key Features at a Glance:-
- The consolidated client images now support the logical volume manager (LVM) as well as full disk encryption.
- Update Manager has been renamed Software Updater and now checks for updates when launched.
- A new X.org stack has been introduced which includes xserver 1.13 candidate versions, mesa 9.0, and updated X libs and drivers.
- Unity has been updated to version 6.4 including support for dash previews and coverflow view. Now that compiz with GLES support has landed, unity-3d works again on the pandaboard.
- The Ubuntu desktop has begun migrating from Python 2 to Python 3. Most Python applications included in the desktop is now using Python 3, and most Python modules that are included by default are available for both Python 2 and Python 3.
Changes in Ubuntu Server and Cloud Images:-
- ARM hard float (armhf) cloud images are now available.
- OpenStack folsom testing packages are available. Openstack instance architecture testing support has been added, as has a heterogenous scheduler for ARM.
- Apache Tomcat 7 is now the default supported version. Ceph has updated to 0.48.1 (upstream argonaut stable release), and includes RADOS Gateway (S3 and Swift Compatible), as well as performance improvements.
- Floodlight (Openflow Network Controller) and mininet (Network Simulation) packages are now available.
According to the project's release schedule, the beta release will be followed by a second beta on 27 September. The current stable release is
Ubuntu 12.04.1 LTS, the first point update to the Long Term Support (LTS) edition of the distribution.
To Download Ubuntu 12.10 Beta 1 (Both Ubuntu Desktop and Ubuntu Server) Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 5/22/2012 10:34:00 pm
Nmap 6 Released With Full IPv6 Support, Better Web Scanning & 289 New Scripts
Earlier we have discussed several times about
Nmap. Now the Nmap Project is pleased to announce the immediate, free availability of the Nmap Security Scanner
version 6.00. According to the project release - this product of almost three years of work, 3,924 code commits, and more than a dozen point releases since the big
Nmap 5 release in July 2009. Nmap 6 includes a more powerful Nmap Scripting Engine, 289 new scripts, better web scanning, full IPv6 support, the Nping packet prober, faster scans, and much more.
Top 6 improvements in Nmap 6:-
- 1. NSE Enhanced
- The Nmap Scripting Engine (NSE) has exploded in popularity and capabilities. This modular system allows users to automate a wide variety of networking tasks, from querying network applications for configuration information to vulnerability detection and advanced host discovery. The script count has grown from 59 in Nmap 5 to 348 in Nmap 6, and all of them are documented and categorized in our NSE Documentation Portal. The underlying NSE infrastructure has improved dramatically as well.
- 2. Better Web Scanning
- As the Internet has grown more web-centric, Nmap has developed web scanning capabilities to keep pace. When Nmap was first released in 1997, most of the network services offered by a server listened on individual TCP or UDP ports and could be found with a simple port scan. Now, applications are just as commonly accessed via URL path instead, all sharing a web server listening on a single port. Nmap now includes many techniques for enumerating those applications, as well as performing a wide variety of other HTTP tasks, from web site spidering to brute force authentication cracking. Technologies such as SSL encryption, HTTP pipelining, and caching mechanisms are well supported.
- 3. Full IPv6 Support
- Given the exhaustion of available IPv4 addresses, the Internet community is trying to move to IPv6. Nmap has been a leader in the transition, offering basic IPv6 support since 2002. But basic support isn't enough, so we spent many months ensuring that Nmap version 6 contains full support for IP version 6. And we released it just in time for the World IPv6 Launch. We've created a new IPv6 OS detection system, advanced host discovery, raw-packet IPv6 port scanning, and many NSE scripts for IPv6-related protocols. It's easy to use too—just specify the -6 argument along with IPv6 target IP addresses or DNS records. In addition, all of our web sites are now accessible via IPv6. For example, Nmap.org can be found at 2600:3c01::f03c:91ff:fe96:967c.
- 4. New Nping Tool
- The newest member of the Nmap suite of networking and security tools is Nping, an open source tool for network packet generation, response analysis and response time measurement. Nping can generate network packets for a wide range of protocols, allowing full control over protocol headers. While Nping can be used as a simple ping utility to detect active hosts, it can also be used as a raw packet generator for network stack stress testing, ARP poisoning, Denial of Service attacks, route tracing, etc. Nping's novel echo mode lets users see how packets change in transit between the source and destination hosts. That's a great way to understand firewall rules, detect packet corruption, and more.
- 5. Better Zenmap GUI & results viewer
- While Nmap started out as a command-line tool and many (possibly most) users still use it that way, we've also developed an enhanced GUI and results viewer named Zenmap. One addition since Nmap 5 is a “filter hosts” feature which allows you to see only the hosts which match your criteria (e.g. Linux boxes, hosts running Apache, etc.) We've also localized the GUI to support five languages besides English. A new script selection interface helps you find and execute Nmap NSE scripts. It even tells you what arguments each script supports.
- 6. Faster scans
- In Nmap's 15-year history, performance has always been a top priority. Whether scanning one target or a million, users want scans to run as fast as possible without sacrificing accuracy. Since Nmap 5 we've rewritten the traceroute system for higher performance and increased the allowed parallelism of the Nmap Scripting Engine and version detection subsystems. We also performed an intense memory audit which reduced peak consumption during our benchmark scan by 90%. We made many improvements to Zenmap data structures and algorithms as well so that it can now handle large enterprise scans with ease.
For detailed information click here. And to download
Nmap 6 for Windows, Linux and many UNIX platforms (Solaris, Free/Net/OpenBSD, etc.) included Zenmap, the GUI frontend Click
Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 4/28/2012 03:15:00 pm
PHP 5.3.11 & PHP 5.4.1 With Apache 2.4 support, Debug info Handler
Couple of Months ago we got
PHP 5.3.10 and that release closes some serious security holes like denial of service & remote code execution. Now the PHP development team announces the immediate availability of
PHP 5.3.11 and
PHP 5.4.1. These releases focuses on improving the stability of the current PHP branches with over
60 bug fixes, some of which are security related.
Brief About PHP:- PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.
Security Enhancements for both PHP 5.3.11 and PHP 5.4.1:
- Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172).
- Add open_basedir checks to readline_write_history and readline_read_history.
Security Enhancement affecting PHP 5.3.11 only:
- Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831).
Key enhancements in these releases include:
- Added debug info handler to DOM objects.
- Fixed bug #61172 (Add Apache 2.4 support).
For a full list of changes in PHP 5.3.11 and PHP 5.4.1, see the
ChangeLog. For source downloads please visit our
downloads page, Windows binaries can be found on
windows.php.net/download/. All users of PHP are strongly encouraged to upgrade to PHP 5.3.11 or PHP 5.4.1.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 3/09/2012 05:50:00 pm
Armageddon (DDoS Botnet) Started Integrating Apache Killer Exploit
The latest version of Denial of Service Bot (DDoS) named Armageddon integrates a relatively new exploit known as Apache Killer. Armageddon is a Russian malware family exclusively designed to launch DDoS attacks. Because it is sold as a toolkit on underground forums, there is more than one Armageddon-powered botnets on the Internet. Aside from the Apache Killer exploit, the latest Armageddon version also incorporates other application-layer DDoS techniques that target popular Internet forum platforms like vBulletin or phpBB, however these are not particularly ground-breaking.
The Apache Killer exploit was released in August 2011. It exploits a vulnerability in the Apache Web server by sending a specially crafted
"Range" HTTP header to trigger a denial-of-service condition. The attack is particularly dangerous because it can be successfully executed from a single computer and the entire targeted machine needs to be rebooted in order to recover from it. The vulnerability exploited by Apache Killer is identified as CVE-2011-3192 and was patched in Apache HTTPD 2.2.20, a week after the exploit was publicly released. Apache 2.2.21 contains an improved fix.
Recommendation:-
System administrators should upgrade their Apache servers to the latest available version or should implement known work arounds. "There is an update to the
Apache mod_security module that attempts to address this type of attack by filtering requests with 'Range' headers that are too large.
-Source (PC World)
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 2/02/2012 08:45:00 pm
Apple Released OS X Lion v10.7.3 & Closes Security Hole
As expected Apple has released
security update 2012-001 for
Mac OS X 10.7.3 and, for
Mac OS X 10.6.8 Snow Leopard. In this release they have addressed a number of vulnerabilities in the company's desktop and server operating systems. According to Apple through this release they have patched more than 50 security holes such as remotely execute arbitrary code on a victim's system, gain access to private information or cause a denial-of-service (DoS).
The Client and Server updates fix issues in
Address Book, ColorSync, CoreAudio, CoreMedia, CoreText, CoreUI, OpenGL, Internet Sharing, ImageIO, and in the QuickTime media player and various libraries used by Mac OS X. Other problems addressed include vulnerabilities in
Apache, the
libpng reference library, the
PHP scripting language, Subversion and
X11. Security Update 2012-001 also corrects problems in
Tomcat and
SquirrelMail.
For security issue all the users are advised to update their system as early as possible.
-Source (Apple, The-H)
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 1/25/2012 11:33:00 pm
The Apache Struts 2.3.1.2 Released & Closes Remote Command Execution Vulnerability
The Apache Struts group today officially declared that
Struts 2.3.1.2 is available as a "General Availability" release. This closes a critical hole in versions of Struts from 2.0.0 to 2.3.1.1 that allowed for remote command execution. The vulnerability makes it possible for the protection around OGNL, an expression language used for getting and setting properties of Java objects, to be bypassed and arbitrary expressions be evaluated.
Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed to streamline the full development cycle, from building, to deploying, to maintaining applications over time.
This release includes some important security fix:
- ParameterInterceptor vulnerability allowed remote command execution
To Download The Apache Struts 2.3.1.2 Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 1/20/2012 09:13:00 pm
Developers of OpenSSL has released their new version 1.0.0g and 0.9.8t of OpenSSL to address a denial of service issue introduced by one of the six fixes included in the version they released earlier this month. The problem was created by the fix for a critical vulnerability in the CBC ("Cipher block chaining") encryption mode which enabled plaintext recovery of OpenSSL's implementation of DTLS (Datagram TLS). Accordingly, the
advisory notes that the DoS flaw only affects users using DTLS applications that use OpenSSL 1.0.0f and 0.9.8s. The developers credit Antonio Martin of Cisco Systems for discovering the bug and preparing the fix for it.
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.
OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.
To Download The Source Code Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 1/08/2012 05:40:00 pm
We all are very familiar with Distributed Denial Of Service (DDoS) attack where a massive number of computers are used (and often hijacked) in order to barrage a website with requests & huge traffic load and effectively shut it down or send it offline. What you may not know is that there are denial of service (DoS) methods that don't need to be so distributed. So says security researcher Sergey Shekyan, who has developed a proof of concept that is a "Slow HTTP DoS." The "slow" method essentially makes an HTTP request to a server but does so in a way that can cause the server to hang. This method means that thousands of PCs may not be needed in order to execute a DoS attack. Sheykan describes it with our favorite kind of analogy, the kind involving burgers:-
"Imagine a line at a fast food restaurant that serves two types of burgers, and a customer at the cashier is stuck for a while deciding what he wants to order, making the rest of the line anxious, slowing down the business. Now imagine a line at the same restaurant, but with a sign saying "think ahead of your order," which is supposed to speed things up. But now the customer orders hundreds of burgers, pays, and the line is stuck again, because he can take only 5 burgers at time to his car, making signs ineffective"
The bad news, Sheykan says, is that the default configurations for popular webserver software like Apache, nginx, IIS 6 & 7, and lighttpd are all vulnerable. However, there are steps that server administrators can take to minimize exposure and it's just a proof of concept right now, not an in-the-wild attack.
To Know in details click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 12/17/2011 11:59:00 pm
Tor 0.2.3.9-alpha introduces initial IPv6 support for bridges, adds a "DisableNetwork" security feature that bundles can use to avoid touching the network until bridges are configured, moves forward on the pluggable transport design, fixes a flaw in the hidden service design that unnecessarily prevented clients with wrong clocks from reaching hidden services, and fixes a wide variety of other issues.
Features:-
- Clients can now connect to private bridges over IPv6. Bridges still need at least one IPv4 address in order to connect to other relays. Note that we don't yet handle the case where the user has two bridge lines for the same bridge (one IPv4, one IPv6). Implements parts of proposal 186.
- New "DisableNetwork" config option to prevent Tor from launching any connections or accepting any connections except on a control port.
- Bundles and controllers can set this option before letting Tor talk to the rest of the network, for example to prevent any connections to a non-bridge address. Packages like Orbot can also use this option to instruct Tor to save power when the network is off.
- Clients and bridges can now be configured to use a separate "transport" proxy. This approach makes the censorship arms race easier by allowing bridges to use protocol obfuscation plugins. It implements the "managed proxy" part of proposal 180 (ticket 3472).
- When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode implementation. It makes AES_CTR about 7% faster than our old one (which was about 10% faster than the one OpenSSL used to provide). Resolves ticket 4526.
- Add a "tor2web mode" for clients that want to connect to hidden services non-anonymously (and possibly more quickly). As a safety measure to try to keep users from turning this on without knowing what they are doing, tor2web mode must be explicitly enabled at compile time, and a copy of Tor compiled to run in tor2web mode cannot be used as a normal Tor client. Implements feature 2553.
- Add experimental support for running on Windows with IOCP and no kernel-space socket buffers. This feature is controlled by a new "UserspaceIOCPBuffers" config option (off by default), which has no effect unless Tor has been built with support for bufferevents, is running on Windows, and has enabled IOCP. This may, in the long run, help solve or mitigate bug 98.
- Use a more secure consensus parameter voting algorithm. Now at least three directory authorities or a majority of them must vote on a given parameter before it will be included in the consensus. Implements proposal 178.
Major Bugfixes:-
- Hidden services now ignore the timestamps on INTRODUCE2 cells.
- They used to check that the timestamp was within 30 minutes of their system clock, so they could cap the size of their replay-detection cache, but that approach unnecessarily refused service to clients with wrong clocks. Bugfix on 0.2.1.6-alpha, when the v3 intro-point protocol (the first one which sent a timestamp field in the INTRODUCE2 cell) was introduced; fixes bug 3460.
- Only use the EVP interface when AES acceleration is enabled, to avoid a 5-7% performance regression. Resolves issue 4525; bugfix on 0.2.3.8-alpha.
Privacy/Anonymity Features (bridge detection):-
- Make bridge SSL certificates a bit more stealthy by using random serial numbers, in the same fashion as OpenSSL when generating self-signed certificates. Implements ticket 4584.
- Introduce a new config option "DynamicDHGroups", enabled by default, which provides each bridge with a unique prime DH modulus to be used during SSL handshakes. This option attempts to help against censors who might use the Apache DH modulus as a static identifier for bridges. Addresses ticket 4548.
To Download Tor 0.2.3.9-alpha Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 11/27/2011 09:15:00 pm
Previously we have talked about the
KillApache, the DDoS exploit which can kill the vulnerable Apache web server by performing massive denial of service of attack. Recently, Miroslav Å tampar one of the co-authors of the awesome sqlmap tool programmed a Python variant of the same attack with a few more options and called it KillApachePy.
KillApachePy is a Python version of the tool, which aims to be more user friendly and has few program workflow enhancements, like automatic usage of maximum (system) allowed thread number, setting custom HTTP method (GET/HEAD/…), custom target page for retrieval, proxy support, etc. As it always has been with his code, it is small, efficient and highly optimized.
For More Information & to Download The Source Code Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 10/25/2011 03:42:00 pm
After
killapache success yet another POC on apache for DDOS tools. Apache Server 2.3.14 Denial of Service (DDOS) Vulnerability exploit. Latest version of Apache Server 2.3.14 fails. The Egyptian Hacker and Exploit writer
“Xen0n” discovered this Vulnerability and Develop an perl exploit for (DDOS) Vulnerability. The script is written in perl can be easily modified.
To Download POC Apache Server 2.3.14 Click
Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 10/17/2011 02:36:00 pm
Department of Homeland Security (DSH) released a new bulletin A-0011-NCCIC -120020110914 (U//FOUO) saying that Anonymous and Associated hackers groups are developing and deploying new cyber attack tools. The bulletin contains brif of Anon, Their attacks on the Internet, cyber attack tools, exploits (LOIC, #RefRef, Apache Killer, URGE, Anonware) and so on.
For More information and to download the bulletin Click
Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 10/14/2011 06:30:00 pm
Apple has released
Mac OS X 10.7.2 and, for Mac OS X 10.6.8 Snow Leopard users who have yet to upgrade to Lion,
Security Update 2011-006; these updates address a number of security vulnerabilities in the company's desktop and server operating systems. According to Apple, more than
70 holes have been closed by the updates, many of which could be exploited by an attacker to
remotely execute code with elevated privileges, gain access to private information, or cause a denial-of-service (DoS).
Mac OS X 10.7.2 and Security
Update 2011-006 fix issues in the QuickTime media player, iChat Server, CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, and the kernel, as well as IOGraphics, MediaKit and Open Directory. Other problems addressed by the update include security vulnerabilities in Apache, the Application Firewall, the BIND DNS server, PHP, Python, the SMB File Server, Tomcat and X11. Various root certificates were also added or updated.
Apple also released an update for its Safari web browser for Windows and Mac OS X. Version 5.1.1 of Safari corrects a total of 43 security vulnerabilities, most of which are memory corruption issues in the WebKit browser engine that could be exploited to execute arbitrary code. Directory traversal, policy, and uninitialised memory access issues have also been fixed.
To Download Safari 5.1.1 Click Here
To Download Mac OS X Lion 10.7.2
To Download Security Update 2011-006
-News Source (Apple & The H)
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 10/10/2011 05:45:00 pm
Vulnerability found by TEAM T!g3R on the official website of Ministry of Culture & Tourism and British Chamber of Commerce, Indonesia.
Vulnerable Website:-
http://www.budpar.go.id
http://www.britcham.or.id
Vulnerability:-
SQL-i
TEAM T!g3R also hacked into the database of these two websites and exposed sensitive data like server details, DB name, user name, password, admin details and so on.
Ministry of Culture & Tourism Indonesia:-
Admin Deatils:-
user pass
admin d3affb50918890deaf19360c7c?1d28
dadi 1601642654c68e2b?975be78915c8c7e
Database Name:-
Current DB:- budpar
Current DB:- information_schema
Web-Server:- Apache/2.2.14 (Fedora)
Hack Proof:-
For More information Click Here
British Chamber of Commerce Indonesia:-
Server Details:-
Target:- http://www.britcham.or.id
Host IP:- 202.67.9.74
Web Server:- Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
Powered-by:- PHP/5.2.17
DB Server:- MySQL
Resp. Time(avg):- 2744 ms
Current User:- britcham_user1@localhost
Sql Version:- 5.0.51a-community
Current DB:- britcham_database
System User:- britcham_user1@localhost
Host Name:- asterix.serverku.com
Installation dir:- asterix.serverku.com
Installation dir:- /
DB User:- 'britcham_user1'@'localhost'
Admin Deatils:-
Data Found: user_name=britcham
Data Found: user_password=0b176060ef08c8d37d8aa756075c52ad
Data Found: user_id=1
Data Found: user_name=admin
Data Found: user_password=admin
Data Found: user_id=1
Hack Proof:-
For More information Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 10/04/2011 03:47:00 pm
Earlier we have talked about killapache (DDOS Tool For Apache Web Server) it was coded by kingscope’s , re-edited and coded by “S4(uR4″ , which kills apache and still many websites are vulnerable.
Difference Between Old and New Modified Exploit:-
40c40
< $p = “HEAD / HTTP/1.1rnHost: $ARGV[0]rnRange:bytes=0-$prnAccept-Encoding: gziprnConnection: closernrn”; — > $p = “HEAD “.($ARGV[2] ? $ARGV[2] : “/”).”HTTP/1.1rnHost: $ARGV[0]rnRange:bytes=0-$prnAccept-Encoding: gziprnConnection: closernrn”;
56c56
< $p = “HEAD / HTTP/1.1rnHost: $ARGV[0]rnRange:bytes=0-$prnAccept-Encoding: gziprnConnection: closernrn”; — > $p = “HEAD “.($ARGV[2] ? $ARGV[2] : “/”) .” HTTP/1.1rnHost: $ARGV[0]rnRange:bytes=0-$prnAccept-Encoding: gziprnConnection: closernrn”;
73c73
< if ($#ARGV > 1) {
—
> if ($#ARGV > 0) {
How the code works:-
killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.
There is no patch yet released for this vulnerability on apache, but a few work arounds have been found we have also discussed about it in our previous post. These have been posted by The Apache Software Foundation and can be used until a stable fix is released.The vulnerability works by exploiting a feature in web servers that gives you the ability to pause and resume your downloads. These days if you have to stop downloading something part-way through you can generally pick up where you left off and you don’t have to start again from scratch.
To Download the new version Click
Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 9/18/2011 02:24:00 pm
Oracle, the giant enterprise database company - and, of course, owner of the erstwhile Sun Microsystems - has just published an out-of-band security update. This is only the fifth time Oracle has issued an alert outside its routine quarterly patch cycle since introducing its own version of Patch Tuesday at the start of 2005.
Description:-
This security alert addresses the security issue CVE-2011-3192, a denial of service vulnerability in Apache HTTPD, which is applicable to Oracle HTTP Server products based on Apache 2.0 or 2.2. This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. A remote user can exploit this vulnerability to impact the availability of un-patched systems.
Affected Products and Versions:-
- Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0
- Oracle Application Server 10g Release 3, version 10.1.3.5.0 (Only affected when Oracle HTTP Server 10g based on Apache 2.0 has been installed from Application Server Companion CD)
- Oracle Application Server 10g Release 2, version 10.1.2.3.0 (Only affected when Oracle HTTP Server 10g based on Apache 2.0 has been installed from Application Server Companion CD)
Please note that Oracle Enterprise Manager includes the Oracle Fusion Middleware component that is affected by this vulnerability. Oracle Enterprise Manager is affected only if the affected Oracle Fusion Middleware version (noted above) is being used. Since a vulnerability affecting Oracle Fusion Middleware versions may affect Oracle Enterprise Manager, Oracle recommends that customers apply the fix for this vulnerability to the Oracle Fusion Middleware component of Oracle Enterprise Manager. For information on what patches need to be applied to your environments, refer to
Security Alert CVE-2011-3192 Patch Availability Document, My Oracle Support Note 1357871.1.
Patch Availability:-
Patches and relevant information for protection against this vulnerability can be found
HereDue to the threat posed by a successful attack, Oracle strongly recommends that customers apply Security Alert fixes as soon as possible.
-News Source (Oracle)
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 9/10/2011 12:35:00 am
The official website of Office of President (Nepal Govt.) is vulnerable to SQL-i, their entire database has been hacked by w3bd3f4c3r, n3ll@!s4mur@!, !nd!@nRuBuk, 5!l3nt k!ll3r, r00t, burn3r (Team T!g3R). The hacker group exposed sensitive credentials like admin details, server info, db user name & password, Tables nad lots more.
Host IP: 202.166.216.235
Web Server: Apache/2.2.11 (Unix) DAV/2 mod_ssl/2.2.11 OpenSSL/0.9.8k PHP/5.2.9 mod_apreq2-20051231/2.6.0 mod_perl/2.0.4 Perl/v5.10.0
Powered-by: PHP/5.2.9
DB Server: MySQL >=5
Current DB: dbpresident
Current User: root@localhost
Sql Version: 5.1.33
Current DB: dbpresident
System User: root@localhost
Host Name: eroc.presidentofnepal.gov.np
Installation dir: /opt/lampp/
Db User & Pass: root:*4CA67FA19DAB93064ACF48DD5B62C638C79E9424:localhost
Db User & Pass: root:*4CA67FA19DAB93064ACF48DD5B62C638C79E9424:linux
Db User & Pass: ::localhost
Db User & Pass: ::linux
Db User & Pass: pma::localhost
Admin Details:-
admin_id=1
user_name=admin
pass_word=deb4ad7b764f33a331a8b722323ad257
user_level=1
Here are some Screen shots Submitted by The Hacker To prove the Data Breach:-
For more info and to see the hacked DB click
Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
