Tutorial: “Unlock” Your iPhone With SuperSim via Hackint0sh

6 08 2007

So far this hack is only reported to work in Europe.  Basically all you need is a blank SIM card and a SIM card reader/writer, oh and the instruction posted at the link below:

Tutorial: “Unlock” your iPhone with SuperSim – Hackint0sh

Sure its old news, but I just thought some peeps would like to know.





NES Emulator on the iPhone

6 08 2007

Hey there iPhone lovers.  Yes, there is finally a NES emulator for the iPhone.

Find the code here: iphonenes – Google Code

And just in case you don’t believe it…

After searching around a bit I found some more links that will probably satisfy you lust for iPhoneNES emulator details:

There are alot of links out there with the Google Code for iphonenes.  Have phun.

My original source: http://popurls.com/





Point n’ Click Gmail hacking With Wi-Fi (via) TG Daily and Blackhat

3 08 2007

For everyone out there that keeps commenting on “How To Hack Gmail, Hotmail, Yahoo, etc etc”  (MOM), here’s a great article on hacking into a gmail account WITHOUT using fake login screens or any of that pesky hard work.  TG Daily has this great article, “Point and click Gmail hacking at Black Hat” that gives you a peek into the latest and greatest way to get into someone else’s email account.

Here’s an excerpt:

[...] The attack is actually quite simple. First Graham needs to be able to sniff data packets and in our case the open Wi-Fi network at the convention fulfilled that requirement. He then ran Ferret to copy all the cookies flying through the air. Finally, Graham cloned those cookies into his browser – in easy point-and-click fashion – with a home-grown tool called Hamster.

[...] But if that wasn’t scary enough, Graham told us that he can even log in the next day or possibly several days later into the Gmail account.  “I can just copy the data to a file and replay it later.  I’ve been able to log into Gmail accounts one day later,” said Graham.

Since the attack relies on sniffing traffic, using SSL or some type of encryption (like a VPN tunnel) would stop Graham in his tracks.  However, many people browsing at public wireless hotspots don’t use such protections.

“You’re an idiot if you use T-Mobile hotspot,” said Graham.

I personally love the last comment there from Graham… just sayin.

In my mind I see this type of hack working on any web based email client that uses cookies to auto-login.  Also, you can probably just use FireFox’s “Add-n-Edit” cookies, instead of Grahams app called Hamster.  As for Wi-Fi sniffing, if you don’t know how to do this or what apps to do it with, just use Google to search it out, or visit Remote Exploit and grab a copy of BackTrack2.

One last note, read the friggin article. CLICK THE SOURCE – PLZ kthx.

There, let’s hug it out bitches!!!





W32.Deletemusic – Erases Your MP3’s No Matter Where You Store Them

3 08 2007

Another great article from ARS Technica entitled, “Average PC is a smorgasboard for a new MP3-eating trojan” points out that all your MP3’s may be in danger.

Source – ARSTechnica

[...] an avid MP3 collector in the butt if a new worm makes its way into their computers. A newly-uncovered worm called W32.Deletemusic does exactly what its name implies—it goes through a PC and deletes all MP3 files in sight. And that’s it. Simultaneously low-threat and highly annoying, the worm makes its way from computer to computer by spreading itself onto all attached drives of a given PC, including flash drives and removable media.

Obviously the W32 prefix leaves us Linux and Mac users in the clear, but the Windows folks out there should keep their guard up.  Make sure you have your anti-vir apps up to date with the latest definitions and, as always, watch what you download and which emails you open.

Keep it secret.  Keep it safe!





On: Tech Republic’s “10 Things You Can Do When Windows XP Won’t Boot”

1 08 2007

Tech Republic has a great little article, even if its a bit old, for those of us that need a little help when it comes to WinXP. The article, entitled “10 things you can do when Windows XP won’t boot” written by Greg Shultz, is just what it claims to be.  My article here will dive a little deeper into the instructions posted in Shultz’s article, including some insights of my own and some extra tools that might help.

To be perfectly honest, I have learned all I know about “Windows troubleshooting” from trial and error while poking around WinXP for shits n giggles.  This means that I made alot of self imposed of cock ups, wasted months of time, experienced hair pulling frustration, and had too many complete drive reformats and re-installations to number.  Hence the interest in this article for anyone out there, who doesn’t have the time or patience to dick around with Windows for hours on end.

Here’s a peek at Greg Shultz’s list of ten. (My Comments are in parenthases)

Source – Tech Republic

  1. Use a Windows startup disk (The article was written in ’06.  So replace “floppy disc” with USB stick, or any removable media that you don’t mind wiping clean to use as a boot device and “startup disk”, including a CD-R if you want to waste one.)
  2. Use Last Known Good Configuration (Ok, I dunno about you, but I have never seen regular old OEM PC, WinXP boot screen with this text on it, “Please select the operating system to start“.  Most OEM systems (PC’s like Dell, HP, anything that you didn’t build yourself) will start with a screen that shows their logo while the BIOS is telling your system what to do.  Usually in this screen, before you see the Windows Logo/boot screen, you get a logo in the center and some F# options, like F8, that you can use before the system executes the boot sequence set in the BIOS.  Note: Some OEM systems do have different selections for different buttons, but they will tell you what they do on the screen.  You will see them, the options, either in the upper right hand corner of the screen or at the bottom, usually in gray letters)
  3. Use System Restore (Note: Sometimes Ctrl-Alt-Del won’t work to restart your system, you may have to do a “hard restart” by holding down the “power button” either on your tower or wherever it is on your laptop, and hold it until the system powers down.  There may even be times when a hard restart won’t work, which means you are pretty screwed, the absolute last resort is to pull the power plug.  However, most modern PC’s will succumb to the hard restart.)
  4. Use Recovery Console (This is really just a start point for many of the following “Things You Can Do“, as there is no explanation of what to do after you get the recovery console started.)
  5. Fix A Corrupt Boot.ini (Note: Won’t work if you F’d up a GRUB bootloader by wipeing a partition without fixing the GRUB partition map first, a personal experience of mine.)
  6. Fix A Corrupt Partition Boot Sector  (The functionality of this one may depend on just how many partitions you have.  Windows doesn’t allow for more than 9 (I think), and if you have more than two OS’s… lets just say I had a problem with this one. GRUB problem can also screw this one up.)
  7. Fix A Corrupt Master Boot Record (Same problems as 5 and 6)
  8. Restore From Backup (In my opinion, this is your best option.  Of course, not all people regularly backup their systems with Norton Ghost or whatever back up software anyone likes.  However, even if you haven’t been backing up your windows partition, you can still retrieve information, or even copy whole partitions, with a live CD like UBCD, Hiren’s Boot CD, or even a linux distro like BackTrack2)
  9. Disable Automatic Restart (Damn good idea.)
  10. Perform An In-Place Upgrade (Also known as a repair install.  You might get full functionality back with this and you may not, but at least you will have access to your data.  Oh, and depending on how up to date your Windows XP install disc is, you might wind up having to re-update to SP2 as well as other updates that were applied that are not on your disc.  Note: The GRUB problem described before will also screw this up.)

*I mentioned a couple tools up there in my comments, I’ll supply links after the jump.

From what I can tell there doesn’t seem to be any order of which things you should try first when your XP won’t boot.  In my opinion your easiest point and click options, in the order of what you should probably try first, are numbers 2, 3 and 10.  Number 9 is really just a good thing to do.  Now if you are a bit more adventurous, or knowledgeable, you can try the other options.  Number one is really just to get access to your windows partition.  However, if the start disk works, you will know that the files you copied from another  system (boot.ini, NTLDR and ntdetect.com) are involved with the problem on your system AND that your MBR (master boot record) is probably ok.  So then you’ll wanna try fixing your boot.ini file, number 5 in the list, which requires that you know how to do number 4.  However, if your start disc from number one doesn’t work, then you will have to delve into numbers 6, 7 and 8.  Number 8, backup restore, is really a great way to go, if you have your system backed up, including your boot sector.  This is all hindsight, but its a good idea to keep a system backup handy on some sort of removable media.  One thing to think of when you first install Windows, or right after you get your new PC or laptop, is to partition your hard drive so that the core system files reside on the default partition “C” with the minimum possible size allowed for a WinXP.  This will make it alot easier to back up your core system, because that “C” partition will be ALOT smaller than say your whole hard drive, and only contain files that your system needs to run.  You can use the other partition/s as storage for documents, videos, whatever you want.  If you don’t have partition magic, you can use Parted Magic or Gparted on a live cd.  Lastly, if you don’t remember your Administrator password, which is fairly common, you can use Offline NT PW & Reg-Edit Bootdisk to reset the admin password to blank.

That’s all I have to say about that one.  Remember, for links and info on the tools I mentioned in this article follow the jump.  Happy troubleshooting!!

Read the rest of this entry »





“Mario Worm Targets Retro Gamers” via The Register

31 07 2007

Check it.  Beware emails bearing games or links to games.

Mario worm targets retro gamers via The Register

The infected emails actually harbour the Romario-A worm , which in addition to launching a game starring the linguine-loving Italian plumber, also attempt to infect other unprotected computers by mass-mailing copies of itself.The worm is also capable of spreading via removable shared drives.

That’s the meat of the article but there’s more to it than just Romario-A, read the rest of the article.

Anyway, I was just impressed with the Romario-A worm’s ability to spread itself WHILE you get to play Mario!!  evil banana

But seriously, don’t be an idiot and open spam.  Even if the email is from someone you know, don’t just click any forwarded link or media that your pals send you.  Hell I don’t even open fwd’s from my mom!





STORM WORM: LARGEST ATTACK IN TWO YEARS, BUT WHY?

26 07 2007

If you haven’t heard already there’s an old worm in town with several new variants.  This is not w32.storm.wrom, so don’t get all confused by the name.  As per some recent articles, here is just how naughty this little worm is (my comments in RED):

The “Official” Definition:

1st The Wiki:  The Storm Worm (dubbed so by Finnish company F-Secure, alias: Trojan-Downloader.Win32.Small.dam, Trojan.Downloader-647, Trojan.DL.Tibs.Gen!Pac13[1]; other names, given by antivirus vendors: Downloader-BAI (McAfee), Troj/Dorf-Fam (Sophos), Trojan.Peacomm (Symantec), TROJ_SMALL.EDW or CME-711 (Trend Micro), Win32/Nuwar.N@MM!CME-711 (Windows Live OneCare)) is a backdoor[2][3] Trojan horse, identified as Small.dam,[1][4][5] discovered on January 17, 2007.[1] The Storm Worm infected thousands of computers (mostly private) in Europe and the United States on Friday, January 19, 2007 using a topical e-mail message with the subject “230 dead as storm batters Europe”.[6][7] During the weekend there were six subsequent waves of the attack.[8] As of Monday, January 22, the Storm Worm accounted for 8% of all infections globally.[9]

[...]When an attachment is opened (!not anymore! see the Information Week article below), the malware installs the wincom32 service, and injects a payload, passing on packets to destinations encoded within the malware itself. According to Symantec, it may also download and run the Trojan.Abwiz.F trojan, and the W32.Mixor.Q@mm worm.[11]

2nd Symantec

Discovered: January 19, 2007

Updated: January 19, 2007 6:52:29 PM

Also Known As: Small.DAM [F-Secure], CME-711 [Common Malware Enumeration], Troj/Dorf-Fam [Sophos], Downloader-BAI!M711 [McAfee], TROJ_SMALL.EDW [Trend], W32/Tibs [Norman], Troj/Dorf-J [Sophos]

Type: Trojan

Infection Length: 29,347 bytes; 30,720 bytes; 32,387 bytes; 34,816 bytes (varies)

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

Trojan.Peacomm is a Trojan horse that drops a driver program file to download another program (AGAIN !not anymore! see IW article below). It is reportedly attached to spammed email. It may also be dropped by W32.Mixor.Q@mm.

The Kinda Old News:

For 24 hours in mid-January, stock-fraud investigation site StockPatrol disappeared from the Internet, overwhelmed by a massive flood of Web requests coming from thousands of sources.

[...] Highlighting another trend, bot nets created with the program use peer-to-peer communication to make shutting down the illicit networks much more difficult. Typically, bot nets last no more than a day after their command-and-control server is identified. The peer-to-peer component of the Storm Worm enables its bot nets to reconstitute themselves after the central server is taken down.   (SecurityFocus 2007-02-16)

The New..ish News:

Storm worm authors are blasting the Internet with two types of attacks ( mainly spam: e-Cards and Phoney Virus Alerts), and both are aimed at building up their botnet.

[...] The viruses are not embedded in the e-mails or in attachments. The e-mails, many of them otherwise empty, contain a link to a compromised Web site where machines are infected with a generic downloader. (TOLD YA. NOTE THE BIG CHANGE IN TACTICS. No malware in the e-mail, means no virus filtering problem.)  This helps pull the computers into the malware authors’ growing botnet, while also leaving them open for further infection at a later date.  (InformationWeek 2007-07-24)

The Latest: In all honesty, who knows?  However…

 An interesting happening this week, some ISP’s have been jacking the DNS entries for certain IRC networks to crack down on zombie/bot infections. (Darknet: TimeWarner DNS Hijacking IRC Servers to Stop DDoS Attacks)

Read that whole article from Darknet and you’ll get my drift.  I see a connection between ISP’s trying to block “zombie/bot infections” and the last I heard on storm.worm varients.

Anyway, its obvious that whoever is running this game must be hell bent on something, but what?

I will keep everyone updated and post the source code for all the related malware to the “Storm Worm” as soon as I can find it.  If you happen to find it before me, please post a link in the comments.

Peace








Follow

Get every new post delivered to your Inbox.

Join 45 other followers