Dial DIR-ECT-IONS

19 09 2007

Check it out.

Dial DIR-ECT-IONS

Free directions when you call in and they send you a txt msg!!

Nice





Tutorial: “Unlock” Your iPhone With SuperSim via Hackint0sh

6 08 2007

So far this hack is only reported to work in Europe.  Basically all you need is a blank SIM card and a SIM card reader/writer, oh and the instruction posted at the link below:

Tutorial: “Unlock” your iPhone with SuperSim – Hackint0sh

Sure its old news, but I just thought some peeps would like to know.





NES Emulator on the iPhone

6 08 2007

Hey there iPhone lovers.  Yes, there is finally a NES emulator for the iPhone.

Find the code here: iphonenes – Google Code

And just in case you don’t believe it…

After searching around a bit I found some more links that will probably satisfy you lust for iPhoneNES emulator details:

There are alot of links out there with the Google Code for iphonenes.  Have phun.

My original source: http://popurls.com/





Mac OS X Hacking: InfoSecSellout’s “Rape.osx” Worm and ExploitingiPhone.com “iPhone Exploits”

24 07 2007

If you haven’t read about the latest (as of 7.23.07) Mac exploit/s then you either don’t care or haven’t looked at the intarwebs lately. I’ll give you the short version, with LOTS of links:

Engadget is aflame with comments on their posts, so far THREE, about the alleged “rape.osx” worm that a group of hackers, who call themselves “InfoSecSellOut“, posted some hints about on their blogspot blog as well as a link to a securityfocus.com notice about the “worm”, oh and a hint that they want money for having created the worm. There’s been way too much drama to map out here (death threats much?!?!), but lets just say its gotten out of hand and TMBBITW is totally neutral, we’re strictly grey hat and ALL homegrown Linux. No plans to release the code for the rape.osx worm have been revealed, not even a little bit.
HackZine has a little blurb up about a video that has popped up on www.exploitingiphone.com, which is really a redirect to a slashed Independent Security Evaluators URL. Obviously, ISE has an iPhone exploit on their hands, however they have notified Apple and have some good info up. There’s a truncated white paper out and they plan to reveal their code on August 2nd, at the Black Hat convention in Vegas.

For the Windows folks out there, you haven’t been left out. A win32 version of Safari was released, but hacked in ONE day.

And that’s everything in a nutshell since last wednessday. Now I’ll go on to explain all the information I could gather on all of these, what we like to call, Mac Hacks.

ALL of the malware/exploits/worms/whatever you wanna call them are executed via Safari. That means all three versions (mobile, desktop and Win32).

First is the most interesting, the iPhone exploit. Basically ISE has done a buttload of work, not to mention a bang up job creating this:

If you read the white paper that they have on their site, which is pretty exhaustive, you’ll find out the level of knowledge that this hack took to find and make into a shell script.

Here’s how they started, and what will probably be THE way to find new exploits for the iPhone:

Using jailbreak and iPhoneInterface, the binaries can be extracted from the device and statically analyzed, using a disassembler. Additionally, since the MobileSafari and MobileMail applications are based on the open source WebKit project, a source code audit of that package can be performed. Finally, dynamic analysis, or fuzzing, can be executed against the device. This involves sending malformed data to the device in an effort to cause a fault and make it crash. Such fuzzing can be performed against applications such as MobileSafari or against the WiFi or BlueTooth stack. (you can download the tools mentioned in the above excerpt by clicking on them, as for fuzzers and debuggers just use BACKTRACK and DBG)

NOTE: For a quick tut on how to “activate” an iPhone go HERE: http://www.pqdvd.com/blog/iphone/category/unlock-iPhone/

Get the one click “unlock” kit, via DVD Jon, for yer iPhone HERE: http://therealdonquixote.files-upload.com/393766/iphoneunlocktoolkit.zip.html

Now this is where it gets a bit tricky:

[…] in order to view memory and discover the way the execution flows in the application. However, in this case we were able to utilize the Mac OS X crash reporter. This daemon runs and monitors any programs for crashes. When one is detected it records a log of the crash, including relevant register values. These reports can then be transported to a desktop computer when syncing. The crash reports can also be downloaded directly off the iPhone using jailbreak and iPhoneInterface. While the CrashReporter provides register values and basic memory mapping information, it does not include direct access to the memory. In order to obtain this crucial information, it is possible to modify the iPhone in such a way that the applications will dump core files when they crash. This is accomplished by adding the file /etc/lauchd.conf containing the line “limit core unlimited”
to the iPhone using iPhoneInterface. Core files can be retrieved off the iPhone from the /cores directory, again using iPhoneInterface.

In order to generate valid opcodes for the iPhone, we first installed a Linux x86 to ARM cross compiler. This would compile our ARM assembly to bytecode which we could then extract into shellcode. Besides not having a debugger, developing iPhone shellcode also presented other challenges. Since we didn’t have access to an ARM processor with a debugger, we had absolutely no real way to test the shellcode besides trying it and using the core files obtained.

That’s pretty much where I gave up on trying to go at this on my own. ISE actually has two hacks for the iPhone where one collects data and the other can actually make your phone do whatever they want, dial, ring whatever. That’s all I got, but anyone is welcome to give iPhone hacking a whirl. All the files are linked up there.

Now on to InfoSecSellOut’s “Rape.osx”. To start it is supposed to be a worm which is deployed via Safari. From what securityfocus.com says, it seems to be based on mDNSresponder (yes, click to download). All that I can find out about it is that ISSO (InfoSecSellOut) was able to download a text file using their exploit. However, in reading the white paper for the iPhone hack, I saw that the real problem with Mac OS X (pick one) security is that all applications are run as “root” or with “admin” privilages. So that means that once you are in a Mac OS X machine, you can do whatever you want.

NOTE: Many linux OS’s use mDNSresponder as well, so be on the lookout. However, most people do know not to login as root on their linux machine, right?

I have no code, no apps, nothing on rape.osx other than the code for mDNSresponder. I do have some code for the first Mac virus, the Leap.A virus, as well as some other info I gathered in order to further the purposes of writting worms/viri/malware for Mac OS X.

DOWNLOAD HERE: MAC_osX_Malware_Data_Sourc_codes_papers..zip

The file contains the following:

macosxhacklist

As for the Win32 version of Safari, what were people thinking?!?!? Porting, what is essentially an open source Mac app to Windows? Yeah, no one is going to hack that. Stick to FireFox with all the JS, Flash, AD, PopUp, bad shit blocking extensions that you can shake a stick at.

And that’s all she wrote for now folks.

Keep on keepin on hackers of all hats. I’ll keep you updated.

*Sources – Noted and linked throughout the article, accepting VX CHAOS FILE SERVER where I get ALL my super sweet viri source codes and all the best viri, malware, trojans, RATs, you name it and AZAG has got it!!





Yak4Ever.com: “End The Rip-Off: Make Unlimited Calls from The USA”

14 05 2007

Yak4Ever.com offers free calling to TEN over seas numbers that you designate after registering your number with the service.  It is free and its unlimited, but only to those 10 numbers.

As far as I can tell its totally legit.  Now if they could only make it unlimited calls period, not just for ten numbers.

Hey, its a pretty good start though!!

Good on ya Yak4Ever!





Fidg’t: The Web 2.0 of Web 2.0

10 05 2007

What do you need for all those Social Networking sites that you use?  One site to rule them all, and in the darkness bind them, DUh!!!!  That is pretty much Fidg’t in a nutshell.  There’s an added bonus though, you can put the friends you really like on your cell along with all their media and instant connectivity.

There’s really not much more to say about it than that.  Now if only someone could do this for EVERY service we use on the web, like photobucket, megashare, Vod:Pod and assorted other sites that aren’t necessarily for “social networking” but it’d be nice to keep all that crap in one place!!

Sounds pretty cool to me.  I’ll keep an eye on this one.





EXTREMELY GRAPHIC VIDEO: Teenage Girl Stoned To Death For Honor?!?

7 05 2007

This report from aina.org, translates an account of this story: Video Captures Stoning of Kurdish Teenage Girl, that first appeared on Jebar.info.

Excerpt:

Mosul, Iraq — According to the Kurdish website Jebar.info up to 1000 men from the Yezidi Kurdish community of Mosul killed a teenager who’s only crime was running away to marry a Muslim man whom she loved and converting to his religion.For four months the girl had been given shelter by a local Muslim Sheik. It was reported that in the last few days her family persuaded her to return home, convincing her that she had been forgiven by her parents and relatives for her mistake.

In a short mobile video clip which appears to have been taken by locals at seen of the murder, the girl is seen being ambushed on her way home by a group of up to 1000 men who were waiting for her to return; the men killed her in the most brutal way possible, by throwing large stones on her head. The following clips show that while she is alive and crying for help she is taunted and kicked in her stomach until someone finishes her off by throwing a large stone on her face.

In my opinion it doesn’t get much more disgusting and depressing than that. The depths to which human kind can sink are greater and more awful than anyone could every possibly imagine. Oxymoronic titled “honor killings” like these are perhaps the worst affront to peace, love and true honor that anyone could ever perpetrate on another human being. After the murders in Virginia, one starts to wonder at just what the hell is wrong with the world. Not even Mark Twain’s quote “When we remember we are all mad, the mysteries disappear and life stands explained.” can explain acts like this.

I am posting the videos for download in their original version. There are six in total and all are in the “.3gp” format. I zipped them all together with 7zip for a faster easier download: DOWNLOAD VIDEOS

I’m not going to post this for viewing on this page, or a freehost site. It just seems wrong. The only reason I posted the videos for download, is because I do not believe in censoring any information on the net. I do however think that posting the videos to dailymotion would sadistic.

I can only hope that by exposing incidents like these, that maybe someone will be averse to joining one of these murderous mobs.








Follow

Get every new post delivered to your Inbox.

Join 54 other followers