Laboratory B hosted a bit of coin meetup last week and the local alt weekly (more like just awesome weekly) did a write up about it!
In Vermont, Users of “Cryptocurrency” Bitcoin Are Few But Committed
Last week, in a small, subterranean workspace near downtown Burlington, a group of tech-savvy Vermonters held an open forum on a topic that’s attracted a great deal of attention lately: Bitcoin. Early adopters of the “cryptocurrency” believe it has the potential to upend the entire global economy…..
Also Laboratory B has some cool “I use bitcoin” t-shirts if you need one.
The lack of Corporate and Governmental transparency has been a topic of much controversy in recent years, yet our only tool for encouraging greater openness is the slow, tedious process of policy reform.
Presented in the form of a Soviet F1 Hand Grenade, the Transparency Grenade is an iconic cure for these frustrations, making the process of leaking information from closed meetings as easy as pulling a pin.
Equipped with a tiny computer, microphone and powerful wireless antenna, the Transparency Grenade captures network traffic and audio at the site and securely and anonymously streams it to a dedicated server where it is mined for information. Email fragments, HTML pages, images and voice extracted from this data are then presented on an online, public map, shown at the location of the detonation.
Whether trusted employee, civil servant or concerned citizen, greater openness was never so close at hand..
…And Idea who’s time has come!
A little trick to extract stored FTP details – DigiNinja.
You are on a test and pop a box which has an FTP client on it. On investigation you find it has credentials stored but the boxes they are for aren’t in scope. Knowing the passwords could be reused on other boxes that are in scope you really want to collect them.
You could try grabbing the credentials file and trying to crack it but this might be an easier way…
Set up an FTP server on your machine then modify the hosts file on your popped box to point all the hosts with credentials to your machine. Then start a TCP sniffer on your machine and ask the client to connect.
The client will find the server and send the credentials which you can simply pull out of the packet capture.
This will also work with other plain text protocols such as HTTP basic auth and POP3 as long as you can get your own “fake” server to respond with enough initial info to trigger the details to be sent.
That is a cute little trick isn’t it!
# Country: LIBYAN ARAB JAMAHIRIYA # ISO Code: LY # Total Networks: 5 # Total Subnets: 299,008
nmap -sn -PE -PA21,23,80,3389 –traceroute 220.127.116.11/20 18.104.22.168/18 22.214.171.124/14 126.96.36.199/19 188.8.131.52/19
Always wonder what the big boys of InfoSec sound like when they are talking to each other and in the office. Now’s your chance visit the HBGary pages of Cryptome.
The publically released source code for the Stuxnet botnet has been decompiled and posted on GitHub. This stuff never ceases to amaze me!
Cryptome has broken down the HBGary data dump for review.
HBG-Anon-WL.zip HBGary Anonymous and Wikileaks February 13, 2011 (317KB)
HBG-VE-IR.zip HBGary Venezuela and Iran February 13, 2011 (697KB)
HBG-EC-APT.zip HBGary E-Crime and Advanced Persistent Threats February 13, 2011 (554KB)
HBG-JHU-APL.zip HBGary Secure Applied Physics Lab February 13, 2011 (874KB)
HBG-NSA.zip HBGary National Security Agreements February 13, 2011 (1.3MB)
HBG-TENPP.pdf HBGary Targeting Exelon Nuclear Power Plant February 13, 2011
HBG-CIRC.zip HBGary Corporate Information Spying Cell February 13, 2011 (288KB)
HBG-TMC.zip HBGary Threat Monitoring Center February 13, 2011 (792KB)
HBG-EA.zip HBGary Exploitation Assessment February 13, 2011 (712KB)
HBG-SMSR.zip HBGary Social Media Security Reset February 12, 2011 (5.5MB)
HBG-ETT.zip HBGary Emerging Threats and Trends 2011 February 12, 2011 (4.2MB)
dodi-3305-01.pdf National Intelligence University February 12, 2011
HBG-LE-Intel.zip HBGary Scoutvision Law Enforcement-Intel Cases February 11, 2011 (6.7MB)
HBG-SME.zip HBGary Social Media Exploitation February 11, 2011 (5.8MB)
HBG-APT.zip HBGary Advanced Persistent Threat February 11, 2011 (3.0MB)
HBG-Mandiant.zip HBGary Mandiant Advanced Persistent Threat February 11, 2011 (2.0MB)
HBG-McAfee.zip HBGary McAfee Integration February 11, 2011 (1.5MB)
HBG-Aurora.zip HBGary Aurora Malware Report February 11, 2011 (400KB)
HBG-Splunk.zip HBGary Splunk Brief-IT Management Is Broken February 11, 2011 (3.2MB)
HBG-TVA.zip HBGary Topological Vulnerability Analysis February 11, 2011 (2.4MB)
HBG-Fed-OA.pdf HBGary Federal Operating Agreement February 11, 2011
This isn't everything in the HBGary feed, but it certainly is interesting
The Deliverator belongs to an elite order, a hallowed subcategory. He's
got esprit up to here. Right now, he is preparing to carry out his third
mission of the night. His uniform is black as activated charcoal, filtering
the very light out of the air. A bullet will bounce off its arachnofiber
weave like a wren hitting a patio door, but excess perspiration wafts
through it like a breeze through a freshly napalmed forest. Where his body
has bony extremities, the suit has sintered armorgel: feels like gritty
jello, protects like a stack of telephone books.