Datenterrorist

“In 2007 two lonely THC researchers set about to install a java applet onto a SIM remotely.
The SIM runs a JVM which is very powerful. It’s possible to open gprs connection, make phone calls or redirect phone calls (e.g. remote phone tapping).”
Click

“NXP developed the Mifare Classic RFID (radio frequency identification) chip, which is used in 2 million Dutch building access passes, said ter Horst. One billion passes with the technology have been distributed worldwide, making the security risk a global problem. A spokesperson for the ministry told Webwereld, an IDG affiliate, that it had not yet notified other countries.

On Monday, German researchers Karsten Nohl and Henryk Plötz, who first hacked parts of the chip last December, published a paper demonstrating a way to crack the chip’s encryption technology. The duo declined to publicly demonstrate their hack. “We want to start a discussion first, allowing people to adjust or abandon their systems,” Nohl told Webwereld last week. He added that he would provide a demonstration before June.”
Source: pcworld.com

“A security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password.
… merely by plugging in your Firewire cable and running a command”.
Click
Get the source

Hi there and greets from 24th Chaos Communication Congress.
Here’s a new release of Bluediving – The next generation Bluetooth security tool.
What’s new in 0.9?

- minor tools compile bugfixes by fireangel148
- minor compile bugfixes by niekt
- minor menu management / sound check bugfix by niekt
- make_tools.sh now compiles redfang
- Bugfixes in loop mode
- Scan for specific device type

Click && HF

Chaosagent is a tool for automating (and filtering) searches with Yahoo, converting search results to RSS feed, collecting a list of RSS feeds, filter them for regexp and generate a new feed or for just looking up the weather outside.
Chaosagent can present results in text and speech mode (using festival). It can read search results and if you like download all found urls and dump them to your disk.
Click

Very interessting paper from pdp (GNUCITIZEN) about exploiting and abusing Web 2.0 technologies.
Click

Masses of XSS exploits for Axis IP cameras, some of them being used to install a new root account, steal the password file or overwrite the live video stream with your own content.
Click

Some more links about Axis IP camera security:

http://packetstormsecurity.org/0305-exploits/core.axis.txt
http://packetstormsecurity.org/0305-advisories/axis.conf.txt
http://packetstormsecurity.org/0705-advisories/sa25093.txt
http://www.securityfocus.com/archive/1/304191
http://www.securityfocus.com/archive/1/316184
http://www.securityfocus.com/archive/1/374778
http://www.securityfocus.com/advisories/5416
http://www.securityfocus.com/bid/11011
http://www.securityfocus.com/bid/6987
http://www.securityfocus.com/bid/7652
http://www.securityfocus.com/bid/971
http://www.securityfocus.com/archive/1/372643

DNS rebinding attacks convert browsers into open network proxies.
Click

“Reportedly, the Bluetooth flaw occurs when malicious Service Discovery Protocol (SDP) packets are handled; any attacker that is within Bluetooth range can exploit it remotely,” wrote DeepSight analyst Anthony Roe in the alert. “Successful exploits are reported to allow the attacker to execute arbitrary code.”
Source: pcworld.com

“GPF is a fuzzer that provides developers, security researchers, and quality assurance professionals the capability to quickly search for bugs/vulnerabilities in the exposed interface of networked applications. GPF uses captured packet sessions (from libpcap) to construct a protocol description from real traffic. Users can then configure various types of injected faults, manually modify the capture file, and define custom functions to deal with dynamic data.”

Click