Domain: sectools.org
Stories and comments across the archive that link to sectools.org.
Comments · 13
-
I am Spartacus!
https://en.wikipedia.org/wiki/Spartacus_(film) Well I am!
So how does the US defend or any other Country for that matter against a syn ack or my deep packet inspection back to GCHQ http://www.gchq.gov.uk/Pages/homepage.aspx I don't even work for them, as I am better and they use BT Integrated Accommodation Services Ltd.
That is a company for spying! Nothing you do is private; but can I penetrate as a hacker? Maybe, and If I said I was a CDC member Cult of the Dead Cow and do anything illegal? No. Philosophy states; if I want in as a hacker; you would have never seen me coming and pulling an rm-rf of
/var/logs is not where the real log files are stored!Thanks to my friend fydor http://www.sectools.org/ | might go unseen, but a true hacker... maybe he is spartacus. Remember it only takes 1 to get in! binary finary
:P -
Just remember the environment
If you pay a qualified expert, they ought to be able to point you in the right direction. I would want to meet them physically though.
That story you mention sounds like the Jarlsberg one. The idea is you learn to secure your web application by exploiting a demonstrably weak one, so you learn your lesson. If you have the time, I definitely recommend working through it all. (story Jarlsberg homepage)
Another area to look at is simply your web server configuration. Your web application never runs in isolation. You have databases, web servers, sever side languages and other web applications that you use that are exploitable. Try to do as much checking as you scan for any obvious flaws, use tools to help you.
Run configuration file scanners for Apache, PHP*. Although I must stress I have not tried any of these, I just know they exist. I found these by just searching 'php scanner' and 'apache configuration scanner'.
Obviously they do not replace simply being careful or a whitehat's opinion and not trusting tools blindly. (A black hat probably doesn't release all his tools) Also try some generic vulnerability scanners which look for insecure installations that your web host may have installed like web mail and phpMyAdmin.
Just remember the environment.
-
Picking Legitimate TargetsIt seems a little odd to me that they picked an image hosting site (especially one a few steps above rapidshare in usefulness) to attack first. One of their stated goals from their website:
http://romeo.copyandpaste.info/-----[ Check list / Goals: Take down every public forum, group, or website that helps in promoting exploits and tools or have show-off sections. Publish exploits rigged with
/bin/rm to whitehats, let them rm their own boxes for you. Spread the anti-security movement. Revive pr0j3ct m4yh3m.I understand that imageshack might get people's attention and spread your message, but if you stated goal is to attack sites that host tools and disclose exploits, wouldn't something like Sectools.org be more appropriate? Or maybe they couldn't handle something legitimate... Also, it seems likely that they would use tools distributed from just such a site to exploit an OpenSSH vulnerability.
-
Re:Let me be the first to say:
But, somebody already has. Here is a list of 100 great Security tools. (It says "Network Security", but the tools are usually able to do more than just network processes.)
-
Open Source Competitors
When the submitter referenced "open source alternatives that go by similar names", he was referring to ophcrack. Similar features are also available from Cain and Abel, and John the Ripper.
I maintain a list of top password crackers and sniffers as part of my SecTools.Org site.
While the submitter is correct that they have much more competition now, I still wish to congratulate the former L0pht guys on the new release!
-
Open Source Competitors
When the submitter referenced "open source alternatives that go by similar names", he was referring to ophcrack. Similar features are also available from Cain and Abel, and John the Ripper.
I maintain a list of top password crackers and sniffers as part of my SecTools.Org site.
While the submitter is correct that they have much more competition now, I still wish to congratulate the former L0pht guys on the new release!
-
Open Source Competitors
When the submitter referenced "open source alternatives that go by similar names", he was referring to ophcrack. Similar features are also available from Cain and Abel, and John the Ripper.
I maintain a list of top password crackers and sniffers as part of my SecTools.Org site.
While the submitter is correct that they have much more competition now, I still wish to congratulate the former L0pht guys on the new release!
-
Good Web Security Resources
I personally suggest Hacking Exposed: Web Applications This is an excellent book that got me into testing web security. OWASP is terrific for tools and best practices (I suggest WebScarab. If you read the aforementioned book, you will be well on your way to understanding web security! As for someone to test your site I wouldn't trust anyone to do it that wouldn't cost you an arm and a leg; however, there are some good network scanners out there (Nikito for one). You can also find many useful tools at sectools.org. NOTE: don't merely trust the output of these tools! They are useful for finding the obvious stuff, but seasoned hackers/security experts will routinely find holes that these miss! Good luck!
-
Let them create their own games
Give them the first five applications on this list.
;) -
Additionnal malware detection tools
In addition to the other tools mentionned by
/.ers, there are 2 root-kit checking tools that are worth mentioning :
- chkrootkit
- rkhunter
They are scripts that scan the system for known root kits, weird behaviours and hidden files in unusual places.
They can both be used to scan an offline system (booted from a live-cd and the system mounted under some directory),
and a live online system (they check the system for suspicious behaviour that may reveal a root-kit trying to hide it self - for example the "ps" command doesn't show the same processes as the "/proc" directory could mean a root-kitted "ps").
They are available in a lot of distributions (Debian Etch has them in the repository - probably the corresponding Ubuntu has them too) and the packages usually come with "cron" entries that can automatically scan the system and email a report to the administrator.
They are also downloadable and installable from their websites and feature configuration files that cover the most frequent distributions.
You should install them, run some initially check, (eventually edit the script to remove some false positive, i.e.: hidden files about which the script complains but which are normal part of the system), and add crontab entries to do daily checks and e-mail you positive results.
This will help you against having your server rootkited.
-----------------------
Another tool worth mentioning is ClamAV.
That's an open-source signature-based virus scanner, whose maker have been praised for their very fast response time in case of new emerging threats.
You could set it up to periodically check files in the directories that are served. (/srv/www, /srv/ftp, etc.)
The scanner is not very fast, but supports some specialized-hardware acceleration (it might be worth considering it if the server is rather important, and gets significant mail-traffic too). Some teams are also working on GPGPU hardware acceleration (mentioned in nVidia's book "CPUGems 3").
This will help you get some protection against website that you're hosting that may have been hacked into (with bugs in PHP pages, for exemple) and are now serving malwares.
-----------------------
Because the way malware evolve, you may have to upgrade the above softwares to later versions than those shipped with your OS.
Some distribution propose it in their security updates.
For Debian, keep in mind that this kind of "later version requirement" packages go in the "volatile" repository and not the "security" one, modify your sources accordingly.
("security" : we keep the exact same version for stability reasons and only patch critical errors.
"volatile" : for security reasons, some packages (mostly various scan engines) may require updating to a later versions.
"volatile-sloppy" : warning, the packages are really different. b0rkage of config files may ensure (mostly software like gaim/pidgin).
This is a page with a top 100 of various security tools which may also inspire you (for example they mention a webserver scanner called Nikto).
Also, always keep in mind that a compromised machine is not a machine that you can trust. Thus in addition to creating new entries in you crontab, you should also test your machine offline as part of the security checks.
For example, occasionnaly, when you have to take your server offline for planned updates (rebooting to newer kernel version or non hot-plugable hardware upgrades) you may want to scan your system while booting on a LiveCD in case the root-kit are efficient enough to go undetected once they are active.
(That is, if the conditions allow you to perform such a scan : the machine is physically accessible, you can plan in the -
As the author of Nmap ...As the author of Nmap, I'm more than a little concerned about this law. It could mean that I can never again visit Germany, which is a shame because I have many friends there. But I don't want to risk a year in prison or the Halvar treatment. Many of these articles state as a matter of fact that the creation or distribution of Nmap (mentioned by name in TFA) is illegal now. If true, what does that mean for all the Linux distributors who include Nmap and other security tools?
Does anyone have a link to a good English translation and legal analysis of the new law? The Phenoelit page translates the law as affecting "computer programs whose aim is to commit a crime". That doesn't cover Nmap, which I designed for security professionals. But of course some blackhats use it too, and I don't want to bet my freedom on being able to convince a technologically illiterate judge in Germany of my intent.
I hope groups like the CCC (which is apparently quite powerful in Germany) are able to get this overturned! If legitimate German admins are afraid to use Nmap and other security tools while the crackers retain full access to them, that won't be a pretty sight!
-Fyodor
Insecure.Org
-
Better for Slashdot.If you are as bored at work as I and havn't looked over the Top 100 Security Tools your time will be much better spent with those downloads than these.
o/t: Is this a porly concieved Slashvertisement???
-
Re:open source hacking
How about here ?