Datenterrorist

“Summary We have discovered remotely-exploitable vulnerabilities in Green Dam, the censorship software reportedly mandated by the Chinese government. Any web site a Green Dam user visits can take control of the PC.”

Click

“THC has discovered weaknesses in the system to (by)pass the security checks. The detection of fake passport chips does not work. Test setups do not raise alerts when a modified chip is used. This enables an attacker to create a Passport with an altered Picture, Name, DoB, Nationality and other credentials.The manipulated information is displayed without any alarms going off.The exploitation of this loophole is trivial and can be verified using thc-epassport”

Source: freeworld.thc.org/thc-epassport

Just a quick link to a Blog that lists tools that were released at this years Defcon.

Snoop is a GNU/Linux file descriptor monitoring tool inspired by FreeBSD’s ‘watch’. It goes beyond simple TTY snooping by allowing the interception of any file descriptor. You can attach on the fly to regular files, TTYs, named pipes, character devices, and pretty much anything that is represented by a file descriptor and addressable in the standard name space.
Click

“Dutch security researchers rode the London Underground free for a day after easily using an ordinary laptop to clone the “smartcards” commuters use to pay fares, a hack that highlights a serious security flaw because similar cards provide access to thousands of government offices, hospitals and schools.
[...]
Oyster Cards feature the same Mifare chip used in security cards that provide access to thousands of secure locations. Security experts say the breach poses a threat to public safety and the cards should be replaced.”
Source: Wired.com

“A flaw in the way that OpenSSL is implemented in the Ubuntu and Debian distributions of Linux have earned the software an unenviable adjective in the world of encryption: Predictable.

“All OpenSSH and X.509 keys generated on such systems must be considered untrustworthy, regardless of the system on which they are used, even after the update has been applied,”
Source: SecurityFocus

More on Packetstorm and Metasploit

“How can an attacker exploit a PL/SQL procedure that doesn’t even take user input? Or how does one do SQL injection using DATE or even NUMBER data types? In the past this has not been possible but as this paper will demonstrate, with a little bit of trickery, you can in the Oracle RDBMS.”
Click

“The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P’, automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P’. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for vulnerable programs based upon patches provided via Windows Update.

In many cases we are able to automatically generate exploits within minutes or less.”
Click

“Metagoofil is an information gathering tool designed for extracting the Meta-Data of public documents (pdf,doc,xls,ppt,etc) available on target/victim websites. It will generate a html page with the results of the Meta-Data extracted, plus a list of potential usernames.”
Download from Packetstorm