http://www.blackhat.org.il Researching, Hacking, Cracking, Reverse Engneering, Programming, Technology Thu, 09 Oct 2008 09:23:55 +0000 http://backend.userland.com/rss092 en TorSwitch is basiclly a wrap around Tor module which i wrote in order to make my life easier while automating some of my mayhem ;). it could be use for those who want to combain their scripts with Tor anonymity plus the ability to auto switch Tor's circuit chain while automating somthing this ... http://www.blackhat.org.il/index.php/the-torswitchpm-module/ Google's has lunched their new browser called Chrome in its very early BETA version(0.2.149.27) and ofcourse everyone is on the race for 0day exploits. So far only few vulnerability has been found most of them are low severity exploits and non of them are a real use for massive 0wnage or ... http://www.blackhat.org.il/index.php/ready-set-chrome/ lately i've been wondering about this so called "Blackhat" conference which is talking place once in every couple of years. this year the conference took place in Vegas at the 2-7 of August. and of course as expected all the big names of the security industry showed up, but whats really bothering me is ... http://www.blackhat.org.il/index.php/the-whitehats-blackhat-confrence-in-vegas/ Definition of a perfect hack: So, what exactly is a perfect hack?, well my definition is a clean in, taking whatever you came for, and taking off without having anyone notice, without leaving tracks as if it never happend. The real world: ofcourse in the real world this scenerio wont always be possible, for couple of ... http://www.blackhat.org.il/index.php/thoughts-of-the-perfect-hack/ I've decided to change a bit the look of BlackHat to make it more human-readable. so people wont die trying to read the text over the black background. in addition, the upcoming israeli (shame) conference called OWASP "Security" will take place at August 14 probably the quality of the talks wont even come ... http://www.blackhat.org.il/index.php/new-theme-upcoming-owasp/ another old implementation of vigenere encryption combained with logical xor operator. # Xignere: ## this script is an implementation of vignere encryption ### underlying xor logical operator mutated into Xignere :) (was bored) #### useage: Xigenere-v1.0 <-e|-d> if(@ARGV < 3) { &usage; } if($ARGV[2] eq "-e") { $fileCont = loadFile($ARGV[0]); $crypt = xigenereCrypt($fileCont,$ARGV[1]); open(FILE,">$ARGV[0]"); print FILE $crypt; print "Encryption completed, results ... http://www.blackhat.org.il/index.php/xigenere-cypher/ after reading the story about Dan kaminskys DNS cache posioning attack and watching his ridiculous youtube cornflakes commercial i decided to trace the source of this vulnerability. so in order to understand how kaminsky attack is any diffrent from the traditional dns cache posioning i started digging into some RFCs/documentations and playing with ... http://www.blackhat.org.il/index.php/simple-dns-plus-5041-remote-denial-of-service-exploit/ Today i kinda got really bored, so i've decided to dig into some advisories and see what i can find during my search i've found the following advisory and since i didnt have anything better to do and it doesnt require much of a thinking i came up with the following exploit: #!/usr/bin/perl # uTorrent ... http://www.blackhat.org.il/index.php/webiu-range-header-denial-of-service-exploit/ 1. Overview: Desert Scroll is an old project of mine which i wrote in perl couple of years ago and basicly its an implementation of a Book encryption 2. How does it work: 2.1. Loading && Mapping the key file: at first before every encryption/decryption of plain text a key is being loaded into the ... http://www.blackhat.org.il/index.php/desert-scroll-v10/ So they had to drag me all the way down south just to tell me that its okay and i can pass on the military training... its not that i'm not happy about it but for fuck sakes!, i drove 4 hours today because they couldnt just decide sucha simple ... http://www.blackhat.org.il/index.php/mission-abort/