Top
Search
Subscribe
Social Media - Mubix
Login
Archives

Entries in references (5)

Tuesday
Aug032010

resources for railgun development

DateTuesday, August 3, 2010 at 10:19AM

Metasploit’s Railgun is awesome, but getting things to work correctly can be a pain. Here are some of the resources that have helped me out:

  1. System Error Codes – This is hands down the best resource you have, it will tell you what that stupid “5” or “1314” means in your return value. Keep this tab open to circumvent crazed bovine attacks.
  2. theForger’s Win32 API Programming Tutorial – A really good place to start when you are getting to know the Windows API and the frustrations that come along with it. I highly recommend going through it first.
  3. MS Windows API Reference – Gigantic, and not the easiest to navigate, but really good for knowing what calls were added with each version of Windows as well as a basic (alphabetic) list of calls. Good if you know where you are going.
  4. The Undocumented Functions – Win NT/2k/XP/2k3 – A really old link but has good references to undocumented functions that have helped circumvent some of the stupidity of other more complicated functions.
  5. WineAPI Documentation – A great resource of API calls that mimic the Microsoft ones (Undocumented and Documented).

Hope this helps and I look forward to seeing what you come up with...

 

 

AuthorRob Fuller | Comment3 Comments |
tagged ,
Thursday
Sep172009

GPU Hash / Password Cracking

DateThursday, September 17, 2009 at 9:44PM

I recently upgraded my video card and had a rough time finding programs that fit the hype of GPU password cracking, so here is what I found so that you won’t have as hard a time.

Ivan Golubev’s SHA1/MD5/MD4 cracker:
http://www.golubev.com/hashgpu.htm

Ivan Golubev’s RAR pass cracker:
http://www.golubev.com/rargpu.htm

CUDA Multiforcer (down at the time of this posting)
http://www.cryptohaze.com/bruteforcers.php

BarsWF – MD5 Cracker:
http://3.14.by/en/md5

GPU MD5 Crack: (Included in BackTrack 4 repos “gpu-md5-crack”)
http://bvernoux.free.fr/md5/index.php

Distributed Hash Cracker:
http://rpisec.net/projects/show/hash-cracker
” This is an interesting one as it has a PHP front end and is agent based, so you can use one or a dozen computers, and it will use the CPUs and GPUs available”

Pentoo Live CD with a bunch of GPU cracking goodness built in:
http://pentoo.blogspot.com/

Extreme GPU Bruteforcer (39.95 Euro)
http://www.insidepro.com/eng/egb.shtml

ElcomSoft Distributed Password Recovery ($599 for 1st lvl – 20 hosts)
http://www.elcomsoft.com/edpr.html

ax0n from http://www.h-i-r.net/ shot me an email stating that BT4 has some more GPU tools added to it:

Just FYI, BT4 also added some CUDA GPU cracking functionality a while
back ago. IIRC It includes Pyrit and CUDA-Multiforcer -- maybe a few
others. Pyrit is a cuda-enabled WPA-PSK cracker that you may also be
interested in.

Pyrit - WPA/PSK - WPA2/PSK GPU cracker
http://code.google.com/p/pyrit/

AuthorRob Fuller | Comment4 Comments |
tagged , , in
Friday
Jun122009

Getting your fill of Reverse Engineering and Malware Analysis

DateFriday, June 12, 2009 at 2:46PM

Matt, from the Exotic Liability forums, posed a suggestion for a episode: "Getting started [in] reverse engineering hardware drivers?". I thought this was an interesting topic to attack so, I dug a bit into my RSS feed pile of goo and compiled this list of links. Hope this helps Matt.

Individuals ---




Skywing - http://www.nynaeve.net/
Egypt - http://0xegypt.blogspot.com/
Yoni - http://blogs.msdn.com/michael_howard/
Raymond Chen - http://blogs.msdn.com/oldnewthing/
Sia0 - http://blogs.msdn.com/michkap/
Rob P - http://geekswithblogs.net/robp/Default.aspx
Quantam - http://qstuff.blogspot.com/
Phn1x - http://hamsterswheel.com/techblog/
Halavar Flake - http://addxorrol.blogspot.com/
Pedram - http://pedram.redhive.com/blog
Tyler Shields - http://www.donkeyonawaffle.org/
Wesley Shields - http://www.atarininja.org/
Peter Wieland - http://blogs.msdn.com/peterwie/
Michael Howard - http://blogs.msdn.com/michael_howard/
Doron Holan - http://blogs.msdn.com/doronh/
Nico Waisman - http://eticanicomana.blogspot.com/
Dmitry Vostokov - http://www.dumpanalysis.org/blog/
Nicolas Sylvain - http://nsylvain.blogspot.com/
Alex Ionescu - http://www.alex-ionescu.com/
Mattheiu Suiche - http://www.msuiche.net/
Larry Osterman - http://blogs.msdn.com/larryosterman/
Koby Kahane - http://kobyk.wordpress.com/
Jason Geffner - http://malwareanalysis.com/communityserver/blogs/geffner/default.aspx
Ero Carrera - http://blog.dkbza.org/
Dino Dai Zovi - http://blog.trailofbits.com/
Ilja - http://blogs.23.nu/ilja/
Nate Lawson - http://rdist.root.org/
Mark Russinovich - http://blogs.technet.com/markrussinovich/
Jose Nazario - http://www.wormblog.com/
Jonathan Morrison - http://blogs.msdn.com/itgoestoeleven/
John Robbins - http://www.wintellect.com/cs/blogs/jrobbins/default.aspx
Ilias Tsigkogiannis - http://blogs.msdn.com/iliast/
Daniel Reynaud - http://indefinitestudies.org/
Joanna Rutkowska - http://theinvisiblethings.blogspot.com/
Matthieu Kaczmarek - http://www.loria.fr/~kaczmare/index.en.htm
Silvio Cesare - http://silviocesare.wordpress.com/
Philippe Beaucamps - http://www.loria.fr/~beaucphi/
Debugging Toolbox - http://blogs.msdn.com/debuggingtoolbox/

Fravia's saved works (RIP) - http://www.woodmann.com/fravia/index.htm

Groups ---


Offensive Computing - http://www.offensivecomputing.net/
The Cover of Night - http://www.thecoverofnight.com/blog/
LHS - http://lhs.loria.fr/
NT Debugging - http://blogs.msdn.com/ntdebugging/
Hex Blog - http://www.hexblog.com/
Engineering for Fun - http://blog.engineeringforfun.com/

Company ---


OpenRCE - http://www.openrce.org/articles/
DV Labs - http://dvlabs.tippingpoint.com/blog/
Matasano - http://www.matasano.com/log/
VeraCode - http://www.veracode.com/blog/
Trend Micro - http://blog.trendmicro.com/

Forums ---


Reverse Engineering - http://community.reverse-engineering.net/index.php
OpenRCE - http://www.openrce.org/forums/
Assembly Forums - http://www.asmcommunity.net/board/

Sandboxing and Analysis ---


Joe Box - http://www.joebox.org/
Virus Total - http://www.virustotal.com/
Wepawet - http://wepawet.cs.ucsb.edu/
F-Secure -http://www.f-secure.com/en_US/security/security-lab/
Anubis - http://anubis.iseclab.org/
Jotti - http://virusscan.jotti.org/en
Sunbelt CWSandbox - http://www.sunbeltsecurity.com/Submit.aspx?type=cwsandbox&cs=A41CD150B37359889A553671CBFD2360

Misc ---


Code Breakers Journal - http://www.codebreakers-journal.com/
The Art of Assembly - http://webster.cs.ucr.edu/AoA/DOS/AoADosIndex.html
Intel Processor Instruction Set A-M/N-Z - http://www.intel.com/products/processor/manuals/
WASM.ru with translation - http://66.196.80.202/babelfish/translate_url_content?lp=ru_en&url=http://www.wasm.ru&.intl=us

AuthorRob Fuller | Comment9 Comments |
tagged , in
Friday
May292009

Getting your fill of Security

DateFriday, May 29, 2009 at 3:35PM

I recently posted a blog post to Exotic Liability’s website with the same title, and I realized that it would make a great thing to post to here, and update regularly, or just put it on the wiki I keep saying that I get going here. Enough rambling, here is how you can get your fill of security:

Podcasting:
GetMon - http://www.getmon.com/ - This is a great site because you can download or listen to any of the security podcasts right from their site if you want to.
HackerMedia - http://www.hackermedia.org/ - They put together like podcasts into different categories, and they overlap. So if you want the "Linux" feed, you'll get podcast A, B, and C. But maybe podcast C does Linux security, so if you subscribe to the "Security" feed, you might get C, E, and G. You can also get the everything feed

Bloggers (RSS Feeds):
Security Bloggers Network - http://www.securitybloggers.net/ - A consolidated feed of a HUGE list of security blogs

Twitter:
Security Twits - http://www.security-twits.com/ - A long list of security related twitter accounts. From people to events, to companies.

Places to learn:
The Academy Pro - http://www.theacademypro.com/
Learn Security Online - http://www.learnsecurityonline.com/
Free IT Security Training - http://www.freeitsecuritytraining.com/
Virtual Training Environment by Carnegie Mellon - https://www.vte.cert.org/vteweb/

Challenge Sites and Sites that are OK to attack:
(Make sure you know which is which before you haul off and start attacking though)
(Most of these stolen from Chris Nickerson’s reply to Show 17 Links blog post)

http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
http://testasp.acunetix.com/Default.asp
http://test.acunetix.com/
http://hackme.ntobjectives.com/
http://www.foundstone.com/us/resources/proddesc/hacmeshipping.htm
http://www.foundstone.com/us/resources/proddesc/hacmecasino.htm
http://www.foundstone.com/us/resources/proddesc/hacmebooks.htm
http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm
http://lampsecurity.org/capture-the-flag-5
http://zero.webappsecurity.com/
http://www.hackertest.net/
http://www.hackthissite.org/
http://www.mavensecurity.com/WebMaven.php
http://ha.ckers.org/challenge/
http://ha.ckers.org/challenge2/
http://demo.testfire.net/
http://scanme.nmap.org/
http://www.hellboundhackers.org/
http://www.overthewire.org/wargames/
http://roothack.org/
http://heorot.net/
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately...
http://wocares.com/xsstester.php
https://how2hack.net
http://hax.tor.hu/
http://www.bright-shadows.net/
http://www.dareyourmind.net/
http://hackergames.net/
http://www.hackquest.com/
http://www.darkmindz.com/
http://www.caesum.com/game/
http://www.net-force.nl/
http://www.osix.net/
http://www.mibs-challenges.de/
http://projecteuler.net/
http://uva.onlinejudge.org/
http://ace.delos.com/usacogate

So now you have absolutely ZERO reason to have one moment of time on your hands ;-)
Know of another good resource? Post a comment.

UPDATE: ethicalhack3r from http://www.ethicalhack3r.co.uk pointed me to his project called “Damn Vulnerable Web App”. You can find it on Sourceforge here: http://sourceforge.net/projects/dvwa/

AuthorRob Fuller | Comment3 Comments |
tagged , in
Thursday
Feb122009

ShmooCon Tools

DateThursday, February 12, 2009 at 10:58AM
It figures that someone who didn’t go actually made a list of tools. (Probably because they didn’t have to suffer the ShmooFlu)

Check out: http://blog.security4all.be/2009/02/shmoocon-2009-overview-collection-of.html 

Thanks to Security4all for posting it up!

If you see something that he doesn’t have, pictures, videos, links, or tools, please let him know.

FireTalks / PodCasters Meetup audio can be found here soon: http://pcm.libsyn.com/
AuthorRob Fuller | CommentPost a Comment |
tagged , , in