I wrote a small article on writing malicious macros for Word/Excel using metasploit. This article basically narrates about converting the metasploit shellcode into vba and then uses it as macro.
Hope that is helpful.
Penetration Testing | w0lf | November 14, 2008 | 
Comments (1)
Firefox has released new version 3.0.4. Well functionality is nearly the same but they have patched the security fixes.
Well I know this is very simple but most of us including me were really confused while adding an exploit or updating svn in Metasploit. Adding an exploit in Metasploit version 2.X was simple. It was as simple as adding .pm exploit file to exploit folder. Now Metasploit has migrated to ruby. Just adding .rb file to exploit does not solve the purpose. You can follow below steps. It worked in my case.
Penetration Testing | w0lf | November 13, 2008 | Comments (2)
Security researchers at BT labs found that around 66% of the used HDD sold on E-Bay contain more then just memory space. They contain sensitive information such as corporate secrets and so. They reveal good amount of info enough for bad guys to steal your identity.
Information Security | w0lf | November 11, 2008 | Comments (0)
Well this has nothing to do with Obama’s illegal links with underworld hacker community. But this has certainly to do with innocence of people w.r.t good security practices. Obama’s win has been used (rather misused) by hackers and Malware authors to social engineer people into clicking a link claiming to be a webpage containing details of Obama’s acceptance speech. But actually those webpages were some hacked websites used to distribute malicious rootkits
According to Mr. Singh the attackers had hacked into a well known travel site. It was then used to host an information-stealing Trojan Horse downloader file called ‘BarackObama.exe’. ‘BarackObama.exe’ executed and unpacked phishing kits locally..
Evil particles, Information Security | w0lf | November 8, 2008 | Comments (0)
Many of us use gmail because of it’s simple design & feature set it has to offer us. Google has introduced a new security feature for gmail, remote lagout. Many of use more than two computers to login to gmail. If you take my example, I login to gmail from home & office. Some times we often leave the browser opened & not being logged out of gmail, if the computer is at office or any public place your account might be mis-used. Now sitting at home computer you can logout of gmail in office computer or any other computer.
Footer in gmail contains your session details, when you last logged in & from which IP.
You can click on “Details” link which shows you a pop-up having details about your last sessions.
Check for all the sessions, see all are yours or somebody else is logging into your account! Click on “Sign out all other sessions” to sign out of gmail at all other places exept the current.
Information Security | Mayank | November 4, 2008 | Comments (2)
Just happened to come across this interesting article (PDF Format) discussing how in today’s world, we (BANK preferably) need to continue business with customers even though their systems are infected with different malwares. This paper discusses many of the best practices businesses can adopt for their Web application design and back-office support processes in order to minimize this growing threat, along with helping to reduce several of the risks posed with continuing to do business customers likely to be operating infected computers.
Mobile Phone Network auditor
NeoPwn is the first network auditing distribution for a mobile phone which loads Backtrack off a MicroSD card to perform penetration testing (pentesting). NoePwn has modified the OpenMoko Neo FreeRunner to act as a network security penetration testing device.
Technology lines, Wireless Security | w0lf | November 3, 2008 | Comments (0)
Toilet Surfing
A recent study shows that about 10% of the people surf while using toilet due to growing use of Wi-Fi networks in home and offices. According to the study, 10 per cent of web users have used their laptops to log onto the internet during a trip to the toilet either at work or home. A further 35 per cent admitted to surfing the internet in bed, instead of reading a book, while 40 per cent of those interviewed said they preferred to use the internet on their laptops in the living room, with just 20 per cent confining their online browsing to the study.
