Anonymous OS: Ubuntu based "malicious" OS pulled down amid panic

Earlier this week, someone created a Tumblr webpage for a new operating system called “Anonymous-OS Live.”. However Soon after the operating system became available, the @AnonOps a Twitter account that is believed to speak for Anonymous posted a message saying it was fake and "wrapped in trojans" but despite the warnings, more than 26,000 people still downloaded it.

The creators of the OS denied it was infected with viruses arguing,

In our world, in Linux and opensource world, there are no viruses.

And If any user  believe that Anonymous-OS “is wrapped in trojans” or “backdoored OS by any Law enforcement Company or Hacker” please don’t download it!

But don’t mislead the world that Linux is dangerous and has trojans!

You could download it as a torrent and via direct download, but as of today, only the former option. SourceForge pulled it down.

The 1.36 GB download is based on Ubuntu - one of the most popular versions of the Linux operating system. With Mate Desktop Environment and is pre-loaded with lots of website sniffing and security tools. The software's creators say they put it together for "education purposes to checking the security of web pages".  They also warn not to use any of the tools “to destroy any web page” because doing say may make mean you “end up in jail because is a crime in most countries!”

Here are few of the Screenshots of Anonymous OS  as posted on the tumbler page.

 

Downloading Anonymous OS

The Official Direct Download link from Sourceforge is however taken down earlier this morning but the Anonymous OS is available for download from torrents available here. Adventurous users can download and make a bootable CD/USB image of the Live iso using unetbootin tool. However it is not recommended to download and use it, keeping the warnings from top security companies in mind.

0 comments

» read more....

Hackety Hack: Ruby Programming for novices

Hackety Hack is an open source application that teaches individuals how to create software using Ruby Programming language. It combines an IDE with an extensive Lessons system. Hackety Hack is a cross-platform desktop application available for Windows, Mac and Linux, it also has integration with the website, where "Hackers" can share what they've learned, ask questions, and submit feedback.

Using Hackety Hack does not require any programming experience, and is designed for absolute starters in computer programming.

 With Hackety Hack, you can learn the Ruby programming language. Ruby is used for all kinds of programs, including desktop applications and websites.

Here is a list of programs which users have made using Hackety Hack.

Installing Hackety Hack

Download Hackety Hack from here, this will download a binary run file. Change the file permissions to executable,

• $ sudo chmod +x hacketyhack-1.0.1.run

Now you are ready to run the Hackety Hack, open the terminal and issue the following command,

• $ ./hacketyhack-1.0.1.run

 or double click the run file in the file browser.

Now you are ready to hack Hollywood style :)



Enjoy!

0 comments

» read more....

How to hack pidgin, beware pidgin password storing vulnerability

"Are you pidgin user ?", we have a tips for you ...

There is a security issue regarding passwords storing in pidgin, you should have to think back when using automatic login through "remember password" on this application. Why? Because pidgin will store your account password in plain text it's mean that pidgin save your password in clear text without any encryption. If you are using ubuntu or other distro the account settings stored in /home/<user>/.purple/accounts.xml. and for windows user the file will strored in C:\Documents and Settings\user\Application Data\.purple\accounts.xml.

Pidgin save password screenshoot

If you enable remember password, you will find tags  <password> in that file (accounts.xml) then followed by your account password. And yes, "naked" just like that..

Pidgin password stored in accounts.xml

There's still vulnerabilities regarding passwords storing in pidgin, our suggestion is don't activate automatic login using "remember password" while using pidgin, cause you have been stripped..

0 comments

» read more....

Learn How Brute-force Work, Safe your system from destructive attack

Brute-force password cracking is simply trying a password of A with the given salt, folowing by B to Z until every possible character combination is tried. It is very time consuming, but given enough time brute force cracking WILL get the password. Lerning how brute force work is very important part if you want to be/aready work in computer network and computer system field cause a failure authentication is a fatal tragedy.

In cryptography, a brute-force attack is a strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found. The selection of an appropriate key length depends on the practical feasibility of performing a brute force attack. By obfuscating the data to be encoded, brute-force attacks are made less effective as it is more difficult to determine when one has succeeded in breaking the code. The resources required for a brute force attack scale exponentially with increasing key size, not linearly. As a result, doubling the key size for an algorithm does not simply double the required number of operations, but rather squares them. Although there are algorithms which use 56-bit symmetric keys, usually 128- to 256-bit keys are standard.

learning how Brute-force work is not just talk about how to use it's (the method) to attack some commrades mechines, but it's simply way to diffense our machines form destructive method like this.

What the symtoms you are being (brute-force) attack ?
this explanation is taking form this, Since 2005 there has been an immense increase in brute force SSH attacks and though Linux  is pretty secure by default, it does not stop evil programs from indefinitely trying to login with different passwords. Without proper protection your server is a sitting duck waiting for a bot to guess the right combination and hit the jackpot. But with just 2 commands we can stop that.

Jul 28 21:32:16 impala sshd[10855]: Illegal user office from 213.191.74.219

Jul 28 21:32:16 impala sshd[10855]: Failed password for illegal user office from 213.191.74.219 port 53033 ssh2
Jul 28 21:32:16 impala sshd[10857]: Illegal user samba from 213.191.74.219
Jul 28 21:32:16 impala sshd[10857]: Failed password for illegal user samba from 213.191.74.219 port 53712 ssh2
Jul 28 21:32:16 impala sshd[10859]: Illegal user tomcat from 213.191.74.219
Jul 28 21:32:16 impala sshd[10859]: Failed password for illegal user tomcat from 213.191.74.219 port 54393 ssh2
Jul 28 21:32:16 impala sshd[10861]: Illegal user webadmin from 213.191.74.219
Jul 28 21:32:16 impala sshd[10861]: Failed password for illegal user webadmin from 213.191.74.219 port 55099 ssh2

Tips that make you stay alert is, don't forget to check the logs (system/application logs) every time, from the symtom above we conclude that our mechines is being-brute force from the ip 213.191.74.219. Notice explanation above, brute force method is trying to combine a possible character from A to Z to get the right password and when the combination is wrong our machines will give respond and write it the logs, and this is potential evidance to dig. Do you see the rate at which this is happening? Nowadays' connection speeds allow for crackers to try an enormous amount of combinations every second! It's time to stop this before someone hits the jackpot and my server is compromised.

How to deffense from brute-force attack ?
Talking about how to keep safe is not just about administrator responsibility, but all user who have an interest in the system is having responsibility to keep the system safe. There are several techniques that an admin might employ to force users to use better passwords, and several different packages that could be loaded and configured onto most Unix systems to better secure the passwords with out forgetting that password is must easy to remember, here they are several technique How to keep save from Brute-force attack :

As User
1. Make a best combination of Character, Alphabet, Number, then Lowercase and Uppercase. Ex : cR1styn4
2. Longer is good, make your password at least 6 character.
3. Change periodicaly your paassword.
4. Avoid using object name (name of parent, name of city, etc)

As administrator
1. Make several constraint that make user notice to their password.
2. Build a plated firewall.
3. Shadowed password. (i think you are if you are unix/linux user)
4. Having 3rd party application (IDS,Honeypot) is not bad.
5. Check the logs and doing action, block some potential attacker.

0 comments

» read more....

Introduction of Backtrack for Computer/Digital Forensic Tools (Part II)

Continuing our discuss in introduction backtrack for computer/digital forensic tools part I, in this part we will try to dig how deep is backtrack have a potential source as computer/digital forensic tools. Backtrack is a linux distro which can put many kit into one vessel and collaborated each other, this is an excess of backtrack which not owened by other. Talking of computer/digital forensic tools we have too clasify some parts of tool into different part besides of it's use, after i read some article with the same topic of computer/digital forensic many of them classify it's into five major classification, that is ..

1. Data Acquisition
2. Data Recovery and Carving
3. Meta Data Analysis
4. Network Forensic
5. Log File Analysis

After looking at the five major clasification of digital forensic tool above, we agree that Backtrack 4 have all candidate to meet all requirement, let peel of one by one.

Data Acquisition

Data Acquisition is set of application which is responsible to interrogate harddrive and get neccessary information from them, in this field we have some particular job like make an 'identic' copy of harddrive then analyse them without ruin the original evidance and doing File System Interrogration jobs even it NTFS/FAT/EXT3 or Other. To do a data acquisition jobs in backtrack we have such application Advanced Forensic Format Library (afflib), Automated Image and Restore (air-imager), dd, dcfl-dd, lsof, guymanager, acidlab, and RDA. All applicaton mentioned can be installed using backtrack package manager. 

Data Recovery and Carving
The Data Recovery tools is set of application which responsible to get erase data back, analyzing hidden and erase partition, and fixing a broken block of filesystem. Data carving is extracting data (files) out of undifferentiated blocks (raw data) for the purpose of file identification. We have such application like ddrescue, foremost-menu, scalpel, xpilco, allin1, and autopsy In backtrack to do Data Recovery and Carving.

Meta Data Analysis
Meta Data Analysis is looking for hidden variable behind the file and data, to do a meta data analysis we need some application which can do activity like dissassembling a file (ducument/image/audio/video) and get hidden variable like when was file last accessed, when was it modified, or simeting like when was file has been created and using what tools it's has been created, looking for meta data analysis tool we have application called libtsk1, vinetto, also image and video editor (gimp,fspot,audancity) in backtrack. 

Network Forensic
Network Forensic tools is not much different if compare with network security program, cause that is have real same algorithm eventhough we do the reverese enginnering ones. Network forensic tools covered such jobs like make an analysis of network traffic, captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging, identification network error, sniffing and loging network activity in various port (telnet, ssh, imap, pop3, smtp) and many more. This part is the specialization of backtrack, we have many network security/network forensic tools in this distro that can be use, this is the following of them : netcat, netflow, tcpdump, kismet, wireshark, and very lot of stuff.

Log File Analysis
There are components of files that may have evidentiary value including the date and time of creation, modification, deletion, access, user name or identification, and file attributes. computer-created files (log) which can be potential evidence are backup files, log files, configuration files, printer spool files, cookies, swap files,hidden files, system files, history files, temporary files,link files, event logs. All application program in every computing work has always make a log file which can be a perfect evidence if we're dig correctly, to do such log analysis job in backtrack we have such application aneteater, wflogs, sma, nulog, awstat, galleta-menu, and maltego.

Eventually we have finish our discuss in Introduction of backtrack as computer/digital forensic tools, looking to our conclusion before now we have realy agree that Backtrack linux have some potential resource to be reliable digital forensic tools. In other occasion we will discuss one by one that application above to get clear explanation how to make it and use it wisely.

0 comments

» read more....

Introduction of Backtrack for Computer/Digital Forensic Tools (Part I)

Computer/Digital Forensic has become popular lately, start form Bank Robbery, Hacking/Cracking/Hijacking up to popular scandal on the artist sex tape using this method to find the truth. Computer forensics is the generic name that we use for the analysis and reporting on our findings from the forensic analysis of all computer or digital-related media. This not only includes PC/Laptop or Server hard drives but also other storage devices such as USB drives, MP3 players, memory cards, SIMS and data gathered via network analysis. Computer/Digital Forensic is a part of computer security, computer practitioners (computer analist/computer expert)clasified this method into offensive security action which usually did after insident. Digital forensic actualy do after computer criminal insident, common Digital forensics cases include:

drug dealing, internet misuse, pornography in the workplace, rape, illegal downloads, IP theft, paedophilia, murder, virus/malware infection, fraud, email analysis, data recovery, contract negotiations, e-discovery, peer-peer activities, spyware analysis, spoofed and threatening emails, document tracking

Talking of computer security tools not separrated with the most popular computer security tool of the year 'backtrack', backtrack has so many tools and application to do such security penetration testing, security attack and also computer security action for computer/digital forensic purpose. When we first boot up the new Backtrack 4, you might have noticed something slightly different that is ...

We can see that backtrack has include 'computer/digital forensic' as main cause existence of this distro

All types of operating systems can be analysed, from DOS and Microsoft Windows-based, through to MAC, UNIX variants, and those utilising more obscure systems. If the data is stored electronically, then it can probably be forensically analysed. From other wellknown literacy, There are five basic steps to the computer forensics:

   1. Preparation (of the investigator, not the data)

   2. Collection (the data)

   3. Examination

   4. Analysis

   5. Reporting

Which one must be analyzed ?

Computer/digital forensic tools is work to analyze a digital evidence, in the computer world we know that many device can be potential evidence which help computer analyst find the truth, here some potential evidance can be found :

       images, time and date stamps, removable cartridges, memory card, video, sound

Evidence can also be found in files and other data areas created as a routine function of the various types of computer operating systems. In many cases, the user is not aware that data is being written to these areas or files. Passwords, Internet activity, deleted files and temporary backup files are examples of data that can often be recovered and examined.
Backtrack linux have some potential resource to be reliable digital forensic tools. Backtrack have so many tools to help computer analyst to do some jobs like Examine drive, Analizing drive, Recovery dive, Vulnerabilities check, Penetration testing, and File interogration. Actualy this is the end of part I, we will continue this diccuss as soon as posisble using title "Backtrack for Computer/Digital Forensic Tools Part II", See u there ..

0 comments

» read more....

Installing Backtrack 4 on USB Flash Drive

Backtrack is the most attractive security tools now days, using this swish army knive (backtrack) we have more than 300 security tools which can be use to penetrate and evaluate network security in wired or wireless network. As my tutorial before in how to install backtrack on ubuntu 10.04 here the new guidance how to install Backtrack on USB Flash Drive. Before we start, it's better if you download the latest version of backtrack first here.

Installing Backtrack on USB Flash Drive via Ubuntu  

Using Ubuntu 10.04 you have a simplest way to make backtrack running on your USB Flash Drive, just prepare the backtrack .iso image then go to System > Administration > Startup Disk Creator.

Browse the backtrack iso in "Source disk image (.iso)", chose USB Flash Drive will be use in "Disk to Use" , Then make a bootable backtrack USB Flash Drive by "Make Start Disk". All of data in your flash Drive will not erase if you not click the tab "Erase Disk" and it's better if you prepare the Flash Drive in FAT file system

Installing Backtrack on USB Flash Drive via Windows Family 

Before we start, clean all data in flash drive, then extract backtrack .iso/image file using winrar or other file extractor and copy all file into your USB Flash Drive (*note : don't copy including the folder, just file inside the folder). if all proccess complate go to terminal (cmd) then change directory into USB Flash Drive (cd) and execute bootinst.bat. If there is no error message while processing, congratulation you have backtrack running in your USB Flash Drive.

0 comments

» read more....

Running Backtrack Application in Ubuntu 10.04

Backtrack is such a linux distro (like ubuntu and fedora) specializing in computer/network security, BackTrack is
 the
 world’s
 leading
 penetration
 testing
 and
 information
 security
 auditing 
distribution.

With hundred 
of 
tools 
pre installed 
and 
configured
 to 
run 
out
 of
 the
 box,
 BackTrack
 4
 provides
 a
 solid
 Penetration
 testing
 platform
 
 ‐
 from
 Web
 application
 Hacking
 to 
RFID 
auditing
–
its 
all
 working 
in 
once 
place. Even backtrack is a separately linux distro all of application inside of backtrack can be run under ubutu or other linux distribution such fedora or redhat.

"How to run a backtrack application under ubuntu or other linux distro ?"

The guide bellow is the answer, follow the intructions bellow to add backtrack application/package in our database, so you can install or use it afterward.

1. wget -q http://archive.offensive-security.com/backtrack.gpg -O- | sudo apt-key add -ok-
2. sudo echo "deb http://archive.offensive-security.com pwnsauce main microverse macroverse restricted universe multiverse" > > /etc/apt/sources.list
3. update package database by typing "apt-get update", wait until all proccess finish.
4. open your synaptics, look "left side of your synaptics" 'you have backtrack application package now :)
   
   

if the list above can't work well, there is another instruction may help you : 

1. echo deb http://repo.offensive-security.com/dist/bt4 binary/ >> /etc/apt/sources.list

2. export http_proxy="http://myproxyserver.com:8080"
   wget http://repo.offensive-security.com/dist/bt4/binary/public-key && sudo apt-key add public-key && sudo aptitude update

3. links -dump http://repo.offensive-security.com/dist/bt4/binary/ | awk '{print $3}' | grep -i deb | cut -d . -f 1 > backtrack.txt

4. for i in $(cat backtrack.txt); do sudo aptitude -y install $i; done 

Here the are a list of backtrack application/package can  be used :

•       BackTrack
‐
Enumeration

•       BackTrack
‐
Tunneling

•       BackTrack
‐
Bruteforce

•       BackTrack
‐
Spoofing

•       BackTrack
‐
Passwords

•       BackTrack
‐
Wireless

•       BackTrack
‐
Discovery

•       BackTrack
‐
Cisco

•       BackTrack
–
Web
Applications

•       BackTrack
‐
Forensics

•       BackTrack
‐
Fuzzers

•       BackTrack
‐
Bluetooth

•       BackTrack
‐
Misc

•       BackTrack
‐
Sniffers

•       BackTrack
‐
VOIP

•       BackTrack
‐
Debuggers

•       BackTrack
‐
Penetration

•       BackTrack
‐
Database

•       BackTrack
‐
RFID

•       BackTrack
–
Python

•       BackTrack
–
Drivers


0 comments

» read more....

Safe your network connection using tux cut in Ubuntu 10.04 (lucid lynx)

 Tux cut is this is a small program to do the (netcut) job "cut the network connection from a user in the same network" running on linux operating system. Tux cut is the same program as netcut (windows) which usually running using visual basic library, this is a small and powerfull program to help us to safe and secure our internet connection from `greedy` user who consuming much bandwidth.

Download tux cut (*. deb package)
before we start download all application needed. Select *.deb program if you running on debian/ubuntu varian (kubuntu,edubuntu).

http://bitbucket.org/a_atalla/tuxcut/downloads/

download and adjust with your linux version or download the latest version TuxCut-3.1_all.deb.
Prepare supporting application

to ensure that tux cut can be running well, install supporting application needed.

* arp-scan
* arp-tables
* dsniff

install arp-scan using command :

$ sudo apt-get install arp-scan

install dsniff using command

$ sudo apt-get install dsniff

install arp-tables using command

$ sudo apt-get install arptables

installing Tux Cut-3.1
install tux cut using command :

$ sudo dpkg -i TuxCut-3.1.deb
$ apt-get install -f

Coungratulation your system already has a tux cut now, happy surffing .. :)

0 comments

» read more....