Datenterrorist

“Dutch security researchers rode the London Underground free for a day after easily using an ordinary laptop to clone the “smartcards” commuters use to pay fares, a hack that highlights a serious security flaw because similar cards provide access to thousands of government offices, hospitals and schools.
[...]
Oyster Cards feature the same Mifare chip used in security cards that provide access to thousands of secure locations. Security experts say the breach poses a threat to public safety and the cards should be replaced.”
Source: Wired.com

“A flaw in the way that OpenSSL is implemented in the Ubuntu and Debian distributions of Linux have earned the software an unenviable adjective in the world of encryption: Predictable.

“All OpenSSH and X.509 keys generated on such systems must be considered untrustworthy, regardless of the system on which they are used, even after the update has been applied,”
Source: SecurityFocus

More on Packetstorm and Metasploit

“How can an attacker exploit a PL/SQL procedure that doesn’t even take user input? Or how does one do SQL injection using DATE or even NUMBER data types? In the past this has not been possible but as this paper will demonstrate, with a little bit of trickery, you can in the Oracle RDBMS.”
Click

“The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P’, automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P’. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for vulnerable programs based upon patches provided via Windows Update.

In many cases we are able to automatically generate exploits within minutes or less.”
Click

“Metagoofil is an information gathering tool designed for extracting the Meta-Data of public documents (pdf,doc,xls,ppt,etc) available on target/victim websites. It will generate a html page with the results of the Meta-Data extracted, plus a list of potential usernames.”
Download from Packetstorm

“In 2007 two lonely THC researchers set about to install a java applet onto a SIM remotely.
The SIM runs a JVM which is very powerful. It’s possible to open gprs connection, make phone calls or redirect phone calls (e.g. remote phone tapping).”
Click

“NXP developed the Mifare Classic RFID (radio frequency identification) chip, which is used in 2 million Dutch building access passes, said ter Horst. One billion passes with the technology have been distributed worldwide, making the security risk a global problem. A spokesperson for the ministry told Webwereld, an IDG affiliate, that it had not yet notified other countries.

On Monday, German researchers Karsten Nohl and Henryk Plötz, who first hacked parts of the chip last December, published a paper demonstrating a way to crack the chip’s encryption technology. The duo declined to publicly demonstrate their hack. “We want to start a discussion first, allowing people to adjust or abandon their systems,” Nohl told Webwereld last week. He added that he would provide a demonstration before June.”
Source: pcworld.com

“A security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password.
… merely by plugging in your Firewire cable and running a command”.
Click
Get the source

Hi there and greets from 24th Chaos Communication Congress.
Here’s a new release of Bluediving - The next generation Bluetooth security tool.
What’s new in 0.9?

- minor tools compile bugfixes by fireangel148
- minor compile bugfixes by niekt
- minor menu management / sound check bugfix by niekt
- make_tools.sh now compiles redfang
- Bugfixes in loop mode
- Scan for specific device type

Click && HF