Search This Blog

Tuesday, January 25, 2011

The first virus Brain is now 25 years old!

Remember the good old days...
http://www.f-secure.com/weblog/archives/00002087.html

IPv4 may be fully exhausted on 11 Feb 2011...

According to this calculation anyway...
http://www.potaroo.net/tools/ipv4/index.html

Better grab it while you can... I see 2% IANA left, I bet you its less when you see it now.

THC Hydra 6.0 Released

http://freeworld.thc.org/thc-hydra/


CHANGELOG for 6.0 (development and new features)
================================================

  • Added GPL exception clause to license to allow linking to OpenSSL - debian people need this
  • IPv6 support finally added. Note: sip and socks5 modules do not support IPv6 yet
  • Bugfix for SIP module, thanks to yori(at)counterhackchallenges(dot)com
  • Compile fixes for systems without OpenSSL or old OpenSSL installations
  • Eliminated compile time warnings
  • xhydra updates to support the new features (david@)
  • Added CRAM-MD5, DIGEST-MD5 auth mechanism to the smtp-auth module (david@)
  • Added LOGIN, PLAIN, CRAM-(MD5,SHA1,SHA256) and DIGEST-MD5 auth mechanisms to the imap and pop3 modules (david@)
  • Added APOP auth to POP3 module (david@)
  • Added NTLM and DIGEST-MD5 to http-auth module and DIGEST-MD5 to http-proxy module (david@)
  • Fixed VNC module for None and VLC auth (david@)
  • Fixes for LDAP module (david@)
  • Bugfix Telnet module linemode option negotiation using win7 (david@)
  • Bugfix SSH module when max auth connection is reached (david@)

Thursday, January 06, 2011

Geohot release PS3 Test Homebrew

From : http://geohot.com/
There is a sample homebrew created as a real signed SELF.

Download the SELF :
http://www.fileserve.com/file/4QTEugw

PS3 Tools from fail0verflow

Team fail0verflow release some tools for packing / unpacking PUP and PKG files. It also enable you to sign / unsign SELF which is essential what people are using to patch Grand Turismo 5 etc. You can download a copy of the tools from my mirror below:


Linux : http://www.fileserve.com/file/mkRkupZ
Windows : http://www.fileserve.com/file/F98bEaA


If you like the Fileserve service, you can sign up via:
SignUp






Wednesday, January 05, 2011

Which OS Poll Results

I had been running this for quite a while and this is the final result before I put it offline:

10 Ways to (Get Hacked By) Getting the Most Out of Technology

Reference:
10 Ways to Get the Most Out of Technology
http://www.nytimes.com/2010/12/30/technology/personaltech/30basics.html?_r=1

This is my first angry post of the year. The above article is probably the most retarded advice someone (who claim he is technical) can give (to someone who probably know nothing much about technology). People can hacked everyday, you know why? Because they listen to dumb advice like these!

Ok, maybe I am being a bit extreme since the article said nothing about security... It is PURELY just do it (and I do not care if you get hacked). So. let me explain to you WTF is wrong with the article.

GET A SMARTPHONE
Yes, it is almost like a fucking invitation to get hacked. Mobile hacking usually relies on technology too. Phone that cannot run applications has lower risk. Phone that doesn't even have bluetooth cannot received files from other people. And this article is telling people who is probably not too highly technical judging from the tone. Highly technical people probably already know what they are doing with a smartphone. Let me introduce you to Mobile Spy:
http://www.mobile-spy.com/
This is a commercial spyware that can be use to trace SMS logs, GPS location, call details whatever. And it works on all smartphones. Yeah. Now we know why mobile phone (amateur) porn is on the rise.


STOP USING INTERNET EXPLORER
Yes, wise ass. It is still ok when they ask people to switch to Google, which has issue with privacy since it tracks you, but thats another (long) story altogether. But guess what? They have to introduce FireFox to replace IE. Now, tell me how many high or critical vulnerabilities were fixed in 2010? You don't know. Neither do I cos I had lose count. There are tons each update. In my opinion, Firefox has lost is somewhere although they started off trying to make security right. Now, they are just another poorly written open source cheese for the taking. Ok, this may be personal, but at least IE bugs get fixed.


UPLOAD PHOTOS TO THE CLOUD
Yes, and get it circulated around. Once anything goes onto the cloud, it is out of your control. And you wonder how leaked (nude) photos works. While it is good to have it off site, just randomly choosing a cloud provider and post all your personal photos there is one fucking way to invite trouble. For a start, there may be fine prints that clearly indicate that any photo uploaded is copyright by the provider (and no longer yours). This was and probably still is the case with Facebook. So if they choose to use your half naked holiday photo to be the cover for PlayGirl, don't come crying at your lawyer. Consider using a local HDD to backup and pass it to your parents. The old fashion way is probably better unless your folks has the habit of showing off your photos to their neighbors etc.


GET MUSIC OFF YOUR COMPUTER
Similar issue as above. And to make it 1000% more fucking retarded, they choose to use Apple as the example. Just WTF is wrong with them? Doesn't they know what Apple is one of the most selfish device even invented? You CANNOT copy files off your iPod / iPhone because they are broken into chunks and stored in a real confusing way due to something they call DRM. The main purpose is to prevent you from playing and copying the music out? What is the talk about freeing the imprisoned music? Go get yourself a fucking made-in-(South)Korea player that is too cheap to support DRM and we are talking freedom then. Oh yes, don't forget they even ask you to install a REMOTE APP to control you Apple device! Yeah, save me the fucking trouble to install a rootkit on your Apple! 


BACK UP YOUR DATA
Oh, this type of advice could never go wrong. Unless they advice you to backup your data with another 3rd party online in the cloud again. Not only is the whole procedure dangerous (especially if its not using HTTPS since its slow and most provider just can't fucking afford a SSL cert). If a hacker is able to tap into any part of the network in between the backup server and the user, its like doing a fucking backup straight to the hacker's hard disk. Now isn't that cool (for the hacker)? Again, I am not slamming online backup, but do ensure it is a trusted one and they take the business of protecting your data seriously. The recommended sosbackup.com (FREE) uses the most fucking safe way to do your backup possible. Wait, let me quote this:
"Backup through FTP (File Transfer Protocol)"
http://sosbackup.com/sos-free.asp
and yes, this too:
"Control by e-mail"
Even my grandma can hack this (if she is still alive anyway).


GET FREE ANTIVIRUS SOFTWARE
Normally, this is so awesome. FREE Antivirus software. And for once, the recommended one is not as bad. Avast. Well, at least they did not try to sell Rising (China AV company that also created spyware - No, I did not typo. Its SPYWARE, not ANTI-SPYWARE) which had a good headlines:
http://www.wilderssecurity.com/showthread.php?t=288773
But again, if the article is used to educate not so technical people, at least give them good warning that almost 90% of the so call FREE Antivirus are truly Viruses themselves. Ya, that includes all the Super Antivirus 2011, Total Win 7 Security, PC-Clean Pro and whatever fuck they can come up with. See this list for a good start:
http://en.wikipedia.org/wiki/List_of_rogue_security_software
Although I do not work for Microsoft, I will add that I would recommend Windows Security Essential as well:
http://www.microsoft.com/security_essentials/


SET UP A FILE-SHARING SERVICE
Again, online security and privacy cannot be stressed. Most of the leaked information come from some sort of share service. Its online 24x7 and can be accessed anywhere in the world with the right credentials. So can the hacker once he managed to guess your password, which I know is usually sent by email at some point of time and is likely the same password for your Yahoo or Google account etc. Application errors and faults also often gives you access to other people's data sometimes, intentionally or not. I remembered I used to have a link to (open) my ex-college's Lotus emails due to a gitch. No, don't email me and ask me how I did it. I won't tell.


GET A BETTER DEAL FROM YOUR CABLE, PHONE AND NET PROVIDER
OK, I do not even want to debate on this one. Maybe they got this one right. But always bare in mind that usually they over promise. And be careful of what they give you, especially free service for a limited amount of trial period. Forget to cancel it and you pay for more than you asked for.



CALIBRATE YOUR HDTV
Yes, its probably a good idea. But seriously, do you need to even to mention this? Who doesn't tune their TV when they first got it? And calibrating it is never a right or wrong, it all depends on what you like.


BUY A LOT OF CHARGING CABLES
Yes, this is probably a good idea, until they suggest you get some cheap oem ones. These are one way tickets to burn down the house, especially if you decided to charge stuff over night when you sleep. Charging heats up the cables and put it to stress test. If they are of poor quality, they may melt and catch fire.  Well, maybe you can afford to leave these in office and use it in day time. Always get good reliable cables when you are doing it in the night. 


Well, it feels a lot better to get that off my mind. The above article had been published in so many places that I am sure misleads quite a big bunch. Sorry if I had to slam some providers here, but face it, if you are not up to it, then you are not. 


Last piece of advice, DO NOT TRUST EVERYTHING you read from the internet. Yes, maybe not even this article I wrote because I wrote it and food to me may fucking be poison to others. Thats especially true when it comes to Browsers etc. I hate Firefox, but you don't need to (but you can).

Sunday, January 02, 2011

PS3 MD5 PSHasher v0.1

Features: 

1. Show you the MD5 of the .pup file you chose. 
2. Show you which firmware is in the .pup file. 
3. Tell you if the firmware is Jailbreakable or downgradeable. 
4. Built-in updater. 

http://www.fileserve.com/file/UXms5q5

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008 nemesisv.blogspot.com, All rights reserved.