After demonstrating and still tweaking the nervously expected BackTrack 4 beta at shmoocon, it is now available for download from some number of official mirrors. There are several torrents named bt4 but believe they are full of malware. The Remote-Exploit encourages you to download it directly from them. They have made a big decision on this version – moved from from Slackware to (as we have seen) an Ubuntu server with
Security archiv číslo 3
There is a nice modified version of aircrack-ng I found on their website aircrack-ng.org. It is optimized for CPUs with the SSE2 instruction set (what is SSE2?). For classic dictionary attack on WPA key, it is able to speed things up to 500% compared a not optimized version. I made a test using BackTrack 3 with CPU Intel Core2Duo P8400 2.26 GHz, cowpatty 4.3, aircrack-ng 1.0 rc1 and aircrack-ng-wpa-sse2. For this test I will use a dictionary and a handshake (wpapsk-linksys.dump) from Cowpatty package. The results are on the screenshots.
Hi everyone. The financing system and the cooperatin surprisingly started to work for you. Thanks to this there was bought or handed few wifi cards so now you can read a comparison of wireless cards in this text. Hopefully it will save you some money in future investments. Buying another hardware is coming soon. So before starting to write I ask you, devoted portal, forum or IRC channel users to stay tuned. More stuff is coming. Tested wireless card, metodic, 5dB omni & 17dB yagi wireless antenna..
Cross Site Scripting by Anton Rager. XSS is typically perceived as a minimal threat by many developers and security professionals. There have been some good papers in the past that should have woken folks up to the potential risks of XSS, but the problem is still prevalent and most security folks are not interested in the issue and its ramifications. I hope to change that perception with this paper and the release of a tool called XSS-Proxy that allows XSS attacks to be fully controlled by a remote attacker.
Security conference PACSEC 2008 that will be held in japanese Tokyo on 12th and 13th November 2008 has a great attraction. There will be presented a security research from Mark Tew as a next (not brute force), new implementation of the WPA-TKIP attack. WPA-TKIP security based on the dynamic key generation was supposed to be by laicks and professionals as unbreakable. Much more safe then funny WEP encription.
Can your CPU do this? The idea is, I have a notebook and I want to extend the time of working on the nootbook without being pluged into the electric outlet. There are many possibilities how to do it. It definitely means that you have installed linux based operating system. You can save something by taking away modules that are unnecessary for hardware or by reducing the backlight of LCD. And what is the second biggest time glutton right after LCD?
Every press on the keyboard pruduces a small impuls of electromagnetic radiation. This radiation can be captured and easy (quickly) decoded. Even though the described attack effects only some keyboard models it is worth mentioning. Before the penetration test there was done a verification of eleven different keyboards. Each one was reciptive to one of four different methods of availabe attacks. As result see the videos bellow.
We were able to get pictures of USB wireless card Edimax EW-7318 USg taken to pieces. As you can see on the picture the hack antenna on the modele without connector for external antenna will be trivial. The mother board is at all models the same. If you have an older or “non-antenna” USB WiFi adapter Edimax you can go ahead doing modifications.No need to write more. The card without the driver modification works and injects almost at every Linux distribution.
