AnonOps- Anonymous-OS Is Fake & Wrapped In Trojans (Anonymous Vs. Anonymous)

AnonOps- Anonymous-OS Is Fake & Wrapped In Trojans (Anonymous Vs. Anonymous)

Yesterday we cover the release of Anonymous-OS, which was claimed to be the first Operating System made by hacker collective Anonymous. But now we are facing a complete different scenario. After the release of the OS one of the so called official twitter account of Anon tweeted about the OS "The Anon OS is fake it is wrapped in trojans". From this tweet the controversy begins which takes two direction, one saying Anonymous did not release their own operating system and other saying the OS have certain backdoors, malware & trojan installed. In a SourceForge project page this Anonymous-OS was first made available but later the SourceForge Authority said that they have removed the page and also the distribution from their server as significant concerns were raised concerning the software bundle's authenticity and possible maliciousness. According to their official blog post :- 

Yesterday we starting hearing some buzz about a new project called “Anonymous-OS” - people claiming that it was not affiliated in any way with the group referring to itself as “Anonymous". We looked at the project, and decided that although the name of the project was misleading (we see no evidence that it is connected with Anonymous) it appeared, on initial glance, to be a security-related operating system, with, perhaps, an attack-oriented emphasis. We have, in the past, taken a consistent stance on “controversial” projects - that is, we don’t pass judgement based on what’s possible with a product, but rather consider it to be amoral - neither good nor bad - until someone chooses to take action with it.

VOGH Review:-

Anonymous-OS was based on Ubuntu 11.10 with number of hacking tools like HOIC, Sqlmap, Havij, Zenmap & so on. Basically the OS was represented to be a pentest distro. But just after the time of release a controversy came while saying - is the OS safe? In this issue the previous track record of Anonymous was not good. Remember few days ago in a report Symantec have discovered that a piece of Anonymous-recommended DDoS software called Slowloris contained an insidious Trojan that was stealing financial info from people using it. In #OpMegaupload, the largest attack ever where 5,635 Anon people bring down the websites of Universal Music, the U.S. Department of Justice and the Recording Industry Association of America while using one of the world's most popular and vastly used DDoSer LOIC. But in reality thousands of people has been tricked by Anon in the named of cause and justice. Here again the history repeated. In the so it's Anon Vs. Anon.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">AnonOps- Anonymous-OS Is Fake & Wrapped In Trojans (Anonymous Vs. Anonymous)"https://www.voiceofgreyhat.com/2012/03/anonops-anonymous-os-is-fake-wrapped-in.html</a>

Script To Bypass Antivirus & Firewall By Security Labs

Security Labs Experts from Indian launch an automated Anti-Virus and Firewall Bypass Script. Its an Modified and Stable Version in order to work with Backtrack 5 distro. In order to compile the generated payload Mingw32 gcc must be installed on your system. 

Method:-

apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils

After the installation you need to move the shell-script (Vanish.sh, We have mentioned the download link below) to default Metasploit folder (/pentest/exploits/framework) and execute it. Recommended Seed Number = 7000 and Number of Encode = 14.

Note: By default Script Generates Reverse TCP Payload but you can change it some modifications in Script [vanish.sh]. Virus Scan Report of Backdoor shows that its almost undetectable by most of the Antivirus programs.

To Download The Script Click Here

Security Labs Experts also released a pastebin. Rest of other information can be found from that release. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Script To Bypass Antivirus & Firewall By Security Labs"https://www.voiceofgreyhat.com/2011/12/script-to-bypass-antivirus-firewall-by.html</a>

Facebook .EXE Attachment Vulnerability Latest Security Flaws Found in FB

A Security Researcher from securitypentest discovered a New vulnerability in Facebook file uploading feature that leads to uploading EXE files. For sending message , even you don't need to be friend.
According to Security Pentest Researchers:- 

Summary:-

When using the Facebook 'Messages' tab, there is a feature to attach a file. Using this feature normally, the site won't allow a user to attach an executable file. A bug was discovered to subvert this security mechanisms. Note, you do NOT have to be friends with the user to send them a message with an attachment.

Description :-
When attaching an executable file, Facebook will return an error message stating:
"Error Uploading: You cannot attach files of that type."

When uploading a file attachment to Facebook we captured the web browsers POST request being sent to the web server. Inside this POST request reads the line:

Content-Disposition: form-data; name="attachment"; filename="cmd.exe"

It was discovered the variable 'filename' was being parsed to determine if the file type is allowed or not. To subvert the security mechanisms to allow an .exe file type, we modified the POST request by appending a space to our filename variable like so:

filename="cmd.exe "

This was enough to trick the parser and allow our executable file to be attached and sent in a message.

Impact:-
Potentially allow an attacker to compromise a victim’s computer system.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Facebook .EXE Attachment Vulnerability Latest Security Flaws Found in FB"https://www.voiceofgreyhat.com/2011/10/facebook-exe-attachment-vulnerability.html</a>