There is a record number of people hacking up a storm here at the Labb tonight!
It’s so cool! Such a good idea! Paint/hack the planet!!!! [Link Here]
Oh goody! DD-WRT routers potentially vulnerable to a DNS rebinding attack. Not to mention disclosing internal network information at ‘/Info.live.htm’. [Link Here]
An old but hugely overlooked issue. Many appliance vendors ship their units with a default private key for SSL communications. Even if you reissue a new certificate, your appliance could still be using the same private key as everyone else’s.. and it’s typically bundled within the firmware packages publicly distributed by the application vendor. This affects everything from DD-WRT to enterprise class VPN appliances, tape libraries, and firewalls.
Well, someone has finally begun cataloguing these into a searchable database:
Just lookup the device in question, point the lookup tool to a running appliance, or feed it a packet capture or live network interface and it will provide any known private keys. Once the private key is obtained, you can decrypt the SSL stream with tshark:
tshark -nn -t ad -r <pcap_file> -o ssl.keys_list:<HTTPS_server_IP>,443,http,”<private_key.pem>” -V -R http
SANS Internet Storm Centers Summary of Black Tuesday updates from the Microsoft Beast. [Link Here]
Oh yes! Karmetasploit, wepbuster, aircrack, and kismet on a Sheevaplug microserver!
ms10_xxx_ie_css_clip with AV bypass? Yeah, you’re on the pwnie express.
7 Days Newspaper publish an cover story article last week about the developing digital forensics culture in Vermont. [LINK HERE]