Results tagged “news” from Just Another Hacker

I am stealing an idea from the Perl community, and bringing it to the information security community: The advent calendar. http://secadvent.com will be publishing one security related article each day from December 1 - 25. In order to ensure that the content is diverce and entertaining I have put out a call for participation. If you have an idea, a funny picture, a super one line shell script or something completely different that you wish to share then please submit it!

For full details on submissions see the CFP at http://secadvent.com/cfp.html

Well April sped past like a bullet. I missed updates to the blog as I migrated to yet another hosting provider. By now I have done it so many times that the core shift only takes about 10 minutes work and some rsync commands. As usually I forget a few bits and pieces. If you have had any email bounces to me then please resend to the usual wireghoul address.

So here is a quick roundup of April:
  • charmunge.pl was the April addition to Jason
  • Graudit gets closer to 2.0 release
  • My first 2011 advisory went out (JAHx111)
  • No April tutorial happened.
And that is it for April. For the remainder of May there will be another update to Jason, two tutorials, more graudit updates, one or more advisories and if you're going to AusCERT and want to catch up for a beer/coffee let me know!

Graudit 1.8 released

|
The next (long overdue) graudit version is out! Just in time for those who wants to do some hacking during the holidays.
  • -L operator does vim friendly line numbers
  • Man pages and documentation updates
  • PHP signature updates
  • JSP signature updates
  • Dotnet signature updates
  • Perl signature updates and bug fixes
  • Python signature updates
  • Bug fixes for aux/ scripts
  • More aux/ scripts
  • Fixed ignore CVS directories by default

Package maintainers should note that graudit now has a man page. The install section of the Makefile does not currently place it anywhere, so please patch for the appropriate location. I will add more distro neutral updates to the makefile for next release.This release fixes some of the broken whitespace neutral rules I added last release. For the perl users, I'm sorry.

Big thanks to the people who contributed with patches, bug reports and feedback. Keep them coming!

You can download the latest version from the graudit download page.
Happy christmas!

It is time for another graudit release, and this time it includes some big changes.
  • New PHP signatures
  • Improved C signatures for fewer false positives
  • Improved dotnet signatures
  • Whitespace neutrality for all signatures
  • -l operator lists available databases
  • -x operator for excluding files
  • configure script added to make chain
  • Makefile install targets changed, install is now server wide
Package maintainers should take note of the last change. The make file currently supports the old style home directory install (make user install), but that is deprecated and will be dropped as ./configure --prefix /home/user/bin --dbdir /home/user/.graudit;make install does the same thing.
I have also added some scripts from my talks, you can find them in the aux directory. There are no install rules for them so they are only available from within the graudit-1.7_src tarball. My thanks to the people who contributed with patches and bug reports, keep them coming.

You can download the latest version from the graudit download page.
I am presenting at this months Ruxcon Monthly Meetup.

Date: Friday, 25th June
Time: 6:00PM
Location: RMIT University, City Campus
https://my.rmit.edu.au/portal/page/portal/RMITPortal/campusmaps?dsize=max
Room: Building 8, Level 9, Room 42 (008.09.042)

RMIT Building 8 entrance is off Swanston Street (just past Swanston and
La Trobe). Please take the lift to Level 9 and make your way to Room 42.
We will have directions posted up in the building.

Presentations
=============

Unsanitary Web Activities - Tim Noise (MovingData)

In the land of the internet, web developers are constantly rolling out
new applications and letting them free into the Internet. Many with
little knowledge or experience in security. They assume the users will
provide data in a manner they expect. This talk will cover webapp
security basics and commonplace attacks, showing you the effect this
oversight can have, and how to prevent it.

Pownage Coquillage: Real World Tales From The Trenches - Sash Biskup
(Stratsec)

In this talk the presenter will discuss various security incidents he
has been involved in during the course of his career. Starting with old
school bof through to modern day malware and blackmail. This isn't a
deep technical analysis of each incident but an overview of the
charateristics of each of the attacks and what the repurcussions were to
the organisation or individual.

Static analysis with Graudit - Eldar Marcussen

Graudit is a rough audit tool, that can be used to find vulnerabilities
in source code (C, ASP, .NET, JSP, PHP, Perl and Python). In this
presentation I will show how to get the most out of graudit.

After a short hiatus I am happy to deliver the next graudit release. Version 1.6 introduces three new databases, c, dotnet and "all". The all database is a combined database of all the distributed signatures so you can easier scan multi language projects. The rough database has also been deprecated. As usual there are some new features, bug fixes and signature tweaks, see the changelog for the full details.

You can download the latest version from the graudit download page.
Please note that with the current changes to the test suite there is no development (.src.tar.gz) release. If you are a package maintainer or otherwise wish to use the development release you can either clone the git repository or wait for the upcoming 1.7 release.
In the spirit of openness the Apache foundation has released an excellent post mortem write up of their recent compromise. It started with a XSS attack leveraged through the issue tracking software they use (JIRA) and ended with complete root access on one server, limited access to another and a number of passwords compromised.

Read the entire story at https://blogs.apache.org/infra/entry/apache_org_04_09_2010

From Chris Spencer on the ruxcon mailing list:

As part of a new initiative, the Ruxcon Team in conjunction with RMIT Information Security Collective, have established a monthly meeting in Melbourne. The aim of the meeting is to encourage individuals to perform a short presentation on computer security or a related topic in front of a small audience. The monthly meetings are open to everyone and free to attend.

The presentations are intended to be short (between 5-20 minutes), a projector and screen will be provided. We encourage participation from everyone and hope to see a variety of presentations over the coming months. Any topic is welcome, a presentation could be as simple as speaking for 5 minutes about a project you are currently working on, or day to day work tasks within your given field.

If you are interested in participating please email us at ruxcon ruxcon org au.

Please join us on Friday and help make the kickoff a success!

Details for the kickoff:

Date: Friday, 23rd April
Time: 6:00pm
Location: RMIT University, City Campus
https://my.rmit.edu.au/portal/page/portal/RMITPortal/campusmaps?dsize=max
Room 008.09.041 (Building 8, Level 9, Room 41)

Presentations:

  • SQL Injections 101 - Louis Nyffenegger (@snyff)
  • Malware Analysis for Incident Response - Ash Fox
  • Binary Analysis Basics - Chris Spencer

Ruxcon 2010

|
My favourite con is back! Ruxcon 2010 will be held in Melbourne (FOR TEH WIN!) at RMIT campus on December 4 & 5. The call for paper is out, deadline for submissions is 30th of July.

Please see http://www.ruxcon.org.au for more details.
smp Capture The Flag (CTF), 2010 Hacker Olympics, is a contest designed by "hackers" and "security enthusiasts" for the like to battle it out against each other over a highly sugar induced weekend. In the smpCTF Hacker Olympics teams and individuals are put up against other teams from around the globe in the same environment with the same objectives and a mission to accomplish.

Do you have what it takes to compete...?

More details at http://www.smpctf.com/ dates and times have not yet been decided.

Unless you're living under a rock, you should have heard of the Common Weakness Enumeration (CWE)/SANS top 25 list. The second annual list was released some time ago and is always worth a read. The guys over at the application security street fighter blog is honouring this years list with a run down of the vulnerabilities and applicable solutions. As usual it's a no nonsense approach to describing the problem and solutions without going too far in depth. I would recommend this blog to any developer, so go have a read...right now :) Number #1 is cross site scripting (XSS),

http://blogs.sans.org/appsecstreetfighter/

Worlds greatest shave

|
I'm taking part in the Leukaemia Foundation's World's Greatest Shave 2010. Please sponsor me! The funds we raise will help the Leukaemia Foundation to provide practical care and support to patients and families living with leukaemias, lymphomas, myeloma and related blood disorders.

As you may or may not have noticed, I have blacked out my blog. It's an hour before midnight, but I'd like to get some sleep so I started a little early. If you haven't blacked out your website or blog yet then I recommend that you do it now.

http://www.internetblackout.com.au/websites/

Happy wintereenmas (2010)

|
It is that time of the year again and as a member of the nintendo generation I am planning to celebrate wintereenmas with some solid gaming sessions. I will also be posting some game related articles on the blog. However as I am participating in the internet blackout during the week of wintereenmas I have decided to move the gaming extravaganza forward. So over the next week I will be making early wintereenmas posts and spreading wintereenmas cheers.

I'll start by plugging these websites;

http://blog.oarsum.com/
A gaming oriented blog run by a former colleague and friend. Topics range from board games to online games.

http://www.leaguecraft.com/
League of Legends website with detailed guides, hero, items and recipe info and more.



Welcome to the new decade

|
It's a new year, a new decade and already it's had it's ups and downs. I still haven't completed my redesign, but it's coming together slowly and should be ready soon.

The Australian government's mandatory censorship is still a big concern for me. The biggest activist event this month is the Australian internet blackout protest and Australia day protest parties. The January 30th capital city protests were moved to Saturday March 6th (As noted on the facebook event page http://www.facebook.com/event.php?eid=200213317223).

I strongly encourage you to participate in the internet blackout and other protests. For more details on the internet blackout, go to http://www.internetblackout.com.au/

Stopping the cleanfeed

|
If you, like me is concerned about the governments proposed cleanfeed, then TAKE ACTION.

Visit http://nocleanfeed.com

Vote in smh's poll
http://www.smh.com.au/polls/politics/form.html

Sign this petition
http://act.ly/1jk

Add Conroy to Santa's naughty list
http://www.thegiftofcensorship.com/

Write to a minister and get them to take action
http://www.crikey.com.au/2009/12/16/dont-waste-your-time-waste-theirs-a-guide-to-writing-to-ministers/

Sign this petition too;
http://www.getup.org.au/campaign/SaveTheNet/442

Participate in the online and offline blackout protest
http://www.internetblackout.com.au/

Add a twibbon to your twitter avatar
http://bit.ly/6u7Uxy

Chime in at BorB, get the attention of ACS
http://beastorbuddha.com/2009/12/15/internet-filtering-trial-and-report-flawed/

She might be with the ALP, but she is listening. Leave a comment on kate Lundy's blog;
http://www.katelundy.com.au/2009/12/21/further-thoughts-on-the-filter/

For further calls to action and news, stay tuned at http://www.somebodythinkofthechildren.com/

Check back here for some more tools and filter bypass tutorials in the new year

Graudit version 1.5 released

|
The latest version of graudit is out. Notable changes are;
        New features for server wide install
        Source distro file for package maintainers
        Signature bug fixes
        New php, python and perl signatures
        Deprecating the rough signature set
        Fixed graudit usage text
        Improved documentation
        Several color modes supported
You can obtain the latest version from the graudit download page.
No Clean Feed - Stop Internet Censorship in Australia
Creative Commons License
This weblog is licensed under a Creative Commons License.