Saturday, June 30, 2012

John the Ripper 1.7.9-jumbo-6! released

Newer version John the Ripper 1.7.9-jumbo-6 was made available! This is a “community-enhanced” version, which includes many contributions from JtR community members! It’s been half a year since 1.7.9-jumbo-5, which is a lot of time, and a lot has been added to Jumbo since then. Since it’s last release,John the Ripper code grew by over 1 MB, or by over 40,000 lines of code!

The biggest new thing is integrated GPU support, both CUDA and OpenCL – although for a subset of the hash and non-hash types only, not for all that aresupported on CPU. The other biggest new thing is the addition of support for many more “non-hashes” and hashes. Just so you know, support for the now (in)famous Raw-SHA1-LinkedIn hashes has also been added!

“John the Ripper is a fast password cracker, currently available for many flavors of Unix,Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unixpasswords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes.”
Official change log for John the Ripper 1.7.9-jumbo-6:

New non-hashes:
Mac OS X keychains [OpenMP] (Dhiru) – based on research from extractkeychain.py by Matt Johnston
KeePass 1.x files [OpenMP] (Dhiru) – keepass2john is based on ideas from kppy by Karsten-Kai Koenig http://gitorious.org/kppy/kppy
Password Safe [OpenMP, CUDA, OpenCL] (Dhiru, Lukas)
ODF files [OpenMP] (Dhiru)
Office 2007/2010 documents [OpenMP] (Dhiru) – office2john is based on test-dump-msole.c by Jody Goldberg and OoXmlCrypto.cs by Lyquidity Solutions Limited
Mozilla Firefox, Thunderbird, SeaMonkey master passwords [OpenMP] (Dhiru) – based onFireMaster and FireMasterLinux http://code.google.com/p/rainbowsandpwnies/wiki/FiremasterLinux
RAR -p mode encrypted archives (magnum) – RAR -hp mode was supported previously, now both modes are

New challenge/responses, MACs:
WPA-PSK [OpenMP, CUDA, OpenCL] (Lukas, Solar) – CPU code is loosely based on Aircrack-ng http://www.aircrack-ng.org & http://openwall.info/wiki/john/WPA-PSK
VNC challenge/response authentication [OpenMP] (Dhiru) – based on VNCcrack by Jack Lloyd http://www.randombit.net/code/vnccrack/
SIP challenge/response authentication [OpenMP] (Dhiru) – based on SIPcrack by Martin J. Muench
HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512 (magnum)

New hashes:
IBM RACF [OpenMP] (Dhiru) – thanks to Nigel Pentland (author of CRACF) and Main Framed for providing algorithm details, sample code, sample RACF binary database, test vectors
sha512crypt (SHA-crypt) [OpenMP, CUDA, OpenCL] (magnum, Lukas, Claudio) – previouslysupported in 1.7.6+ only via “generic crypt(3)” interface
sha256crypt (SHA-crypt) [OpenMP, CUDA] (magnum, Lukas) – previously supported in 1.7.6+ only via “generic crypt(3)” interface
DragonFly BSD SHA-256 and SHA-512 based hashes [OpenMP] (magnum)
Django 1.4 [OpenMP] (Dhiru)
Drupal 7 $S$ phpass-like (based on SHA-512) [OpenMP] (magnum)
WoltLab Burning Board 3 [OpenMP] (Dhiru)
New EPiServer default (based on SHA-256) [OpenMP] (Dhiru)
GOST R 34.11-94 [OpenMP] (Dhiru, Sergey V, JimF)
MD4 support in “dynamic” hashes (user-configurable) (JimF) – previously, only MD5 and SHA-1 were supported in “dynamic”
Raw-SHA1-LinkedIn (raw SHA-1 with first 20 bits zeroed) (JimF)

Alternate implementations for previously supported hashes:
Faster raw SHA-1 (raw-sha1-ng, password length up to 15) (Tavis)

OpenMP support in new formats:
Mac OS X keychains (Dhiru)
KeePass 1.x files (Dhiru)
Password Safe (Lukas)
ODF files (Dhiru)
Office 2007/2010 documents (Dhiru)
Mozilla Firefox, Thunderbird, SeaMonkey master passwords (Dhiru)
WPA-PSK (Solar)
VNC challenge/response authentication (Dhiru)
SIP challenge/response authentication (Dhiru)
IBM RACF (Dhiru)
DragonFly BSD SHA-256 and SHA-512 based hashes (magnum)
Django 1.4 (Dhiru)
Drupal 7 $S$ phpass-like (based on SHA-512) (magnum)
WoltLab Burning Board 3 (Dhiru)
New EPiServer default (based on SHA-256) (Dhiru)
GOST R 34.11-94 (Dhiru, JimF)

OpenMP support for previously supported hashes that lacked it:
Mac OS X 10.4 – 10.6 salted SHA-1 (magnum)
DES-based tripcodes (Solar)
Invision Power Board 2.x salted MD5 (magnum)
HTTP Digest access authentication MD5 (magnum)
MySQL (old) (Solar)

CUDA support for:
phpass MD5-based “portable hashes” (Lukas)
md5crypt (FreeBSD-style MD5-based crypt(3) hashes) (Lukas)
sha512crypt (glibc 2.7+ SHA-crypt) (Lukas)
sha256crypt (glibc 2.7+ SHA-crypt) (Lukas)
Password Safe (Lukas)
WPA-PSK (Lukas)
Raw SHA-224, raw SHA-256 [inefficient] (Lukas)
MSCash (DCC) [not working reliably yet] (Lukas)
MSCash2 (DCC2) [not working reliably yet] (Lukas)
Raw SHA-512 [not working reliably yet] (myrice)
Mac OS X 10.7 salted SHA-512 [not working reliably yet] (myrice) – we have already identified the problem with the above two, and a post 1.7.9-jumbo-6 fix should be available shortly – please ask on john-users if interested in trying it out

OpenCL support for:
phpass MD5-based “portable hashes” (Lukas)
md5crypt (FreeBSD-style MD5-based crypt(3) hashes) (Lukas)
sha512crypt (glibc 2.7+ SHA-crypt) (Claudio) – suitable for NVIDIA cards, faster than the CUDA implementation above http://openwall.info/wiki/john/OpenCL-SHA-512
bcrypt (OpenBSD-style Blowfish-based crypt(3) hashes) (Sayantan) – pre-configured for AMD Radeon HD 7970, will likely fail on others unless WORK_GROUP_SIZE is adjusted in opencl_bf_std.h and opencl/bf_kernel.cl; the achieved level of performance is CPU-like (bcrypt is known to be somewhat GPU-unfriendly – a lot more than SHA-512) http://openwall.info/wiki/john/GPU/bcrypt
MSCash2 (DCC2) (Sayantan) – with optional and experimental multi-GPU support as a compile-time hack (even AMD+NVIDIA mix), by editing init() in opencl_mscash2_fmt.c
Password Safe (Lukas)
WPA-PSK (Lukas)
RAR (magnum)
MySQL 4.1 double-SHA-1 [inefficient] (Samuele)
Netscape LDAP salted SHA-1 (SSHA) [inefficient] (Samuele)
NTLM [inefficient] (Samuele)
Raw MD5 [inefficient] (Dhiru, Samuele)
Raw SHA-1 [inefficient] (Samuele)
Raw SHA-512 [not working properly yet] (myrice)
Mac OS X 10.7 salted SHA-512 [not working properly yet] (myrice) – we have already identified the problem with the above two, and a post 1.7.9-jumbo-6 fix should be available shortly – please ask on john-users if interested in trying it out

Several of these require byte-addressable store (any NVIDIA card, but only 5000 series or newer if AMD/ATI). Also, OpenCL kernels for “slow” hashes/non-hashes (e.g. RAR) may cause “ASIC hang” on certain AMD/ATI cards with recent driver versions. We’ll try to address these issues in a future version.

AMD XOP (Bulldozer) support added for:
Many hashes based on MD4, MD5, SHA-1 (Solar)

Uses of SIMD (MMX assembly, SSE2/AVX/XOP intrinsics) added for:
Mac OS X 10.4 – 10.6 salted SHA-1 (magnum)
Invision Power Board 2.x salted MD5 (magnum)
HTTP Digest access authentication MD5 (magnum)
SAP CODVN B (BCODE) MD5 (magnum)
SAP CODVN F/G (PASSCODE) SHA-1 (magnum)
Oracle 11 (magnum)

Other optimizations:
Reduced memory usage for raw-md4, raw-md5, raw-sha1, and nt2 (magnum)
Prefer CommonCrypto over OpenSSL on Mac OS X 10.7 (Dhiru)
New SSE2 intrinsics code for SHA-1 (JimF, magnum)
Smarter use of SSE2 and SSSE3 intrinsics (the latter only if enabled in the compiler at build time) to implement some bit rotates for MD5, SHA-1 (Solar)
Assorted optimizations for raw SHA-1 and HMAC-MD5 (magnum)
In RAR format, added inline storing of RAR data in JtR input file when the original file is small enough (magnum)
Added use of the bitslice DES implementation for tripcodes (Solar)
Raw-MD5-unicode made “thick” again (that is, not building upon “dynamic”), using much faster code (magnum)
Assorted performance tweaks in “salted-sha1″ (SSHA) (magnum)
Added functions for larger hash tables to several formats (magnum, Solar)

Other assorted enhancements:
linux-*-gpu (both CUDA and OpenCL at once), linux-*-cuda, linux-*-opencl, macosx-x86-64-opencl make targets (magnum et al.)
linux-*-native make targets (pass -march=native to gcc) (magnum)
New option: –dupe-suppression (for wordlist mode) (magnum)
New option: –loopback[=FILE] (implies –dupe-suppression) (magnum)
New option: –max-run-time=N for graceful exit after N seconds (magnum)
New option: –log-stderr (magnum)
New option: –regenerate-lost-salts=N for cracking hashes where we do not have the salt and essentially need to crack it as well (JimF)
New unlisted option:
–list (for bash completion, GUI, etc.) (magnum)
–list=[encodings|opencl-devices] (magnum)
–list=cuda-devices (Lukas)
–list=format-details (Frank)
–list=subformats (magnum)
New unlisted option: –length=N for reducing maximum plaintext length of a format, mostly for testing purposes (magnum)
Enhanced parameter syntax for –markov: may refer to a configuration file section, may specify the start and/or end in percent of total (Frank)
Make incremental mode restore ETA figures (JimF)
In “dynamic”, support NUL octets in constants (JimF)
In “salted-sha1″ (SSHA), support any salt length (magnum)
Use comment and home directory fields from PWDUMP-style input (magnum)
Sort the format names list in “john” usage output alphabetically (magnum)
New john.conf options subsection “MPI” (magnum)
New john.conf config item CrackStatus under Options:Jumbo (magnum)
xNN escape sequence to specify arbitrary characters in rules (JimF)
New rule command _N to reject a word unless it is of length N (JimF)
Extra wordlist rule sections: Extra, Single-Extra, Jumbo (magnum)
Enhanced “Double” external mode sample (JimF)
Source $JOHN/john.local.conf by default (magnum)
Many format and algorithm names have been changed for consistency (Solar)
When intrinsics are in use, the reported algorithm name now tells which ones (SSE2, AVX, or XOP) (Solar)
benchmark-unify: a Perl script to unify benchmark output of different versions of JtR for use with relbench (Frank)
Per-benchmark speed ratio output added to relbench (Frank)
bash completion for JtR (to install: “sudo make bash-completion”) (Frank)
New program: raw2dyna (helper to convert raw hashes to “dynamic”) (JimF)
New program: pass_gen.pl (generates hashes from plaintexts) (JimF, magnum)
Many code changes made, many bugs fixed, many new bugs introduced (all)
Download John the Ripper 1.7.9-jumbo-6:
John the Ripper 1.7.9-jumbo-6:
Unix – Sources: john-1.7.9-jumbo-6.tar.gz/john-1.7.9-jumbo-6.tar.bz2- http://www.openwall.com/john/
Windows Binaries: john179w2.zip – http://www.openwall.com/john/g/john179w2.zip
at No comments:

WATOBO - THE Web Application Toolbox



WATOBO is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. We are convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.
WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only.
„Ok, how does it work?“


WATOBO works like a local proxy, similar to Webscarab, Paros or BurpSuite.
Additionally, WATOBO supports passive and active checks. Passive checks are more like filter functions. They are used to collect useful information, e.g. email or IP addresses. Passive checks will be performed during normal browsing activities. No additional requests are sent to the (web) application.
Active checks instead will produce a high number of requests (depending on the check module) because they do the automatic part of vulnerability identification, e.g. during a scan.
„So why should I use WATOBO instead of other web application auditing tools?“


The most important advantages are:
  • WATOBO has Session Management capabilities! You can define login scripts as well as logout signatures. So you don’t have to login manually each time you get logged out.
  • WATOBO can perform vulnerability checks out of the box.
  • WATOBO supports Inline De-/Encoding, so you don’t have to copy strings to a transcoder and back again. Just do it inside the request/response window with a simple mouse click.
  • WATOBO has smart filter functions, so you can find and navigate to the most interesting parts of the application easily.
  • WATOBO is written in (FX)Ruby and enables you to define your own checks
  • WATOBO is free software ( licensed under the GNU General Public License Version 2)
  • It’s by siberas ;)

Supported operating systems

WATOBO is written in (FX)Ruby which should run on many different operating systems.
WATOBO is developed primarily on Windows systems. Anyway, since version 0.9.2 WATOBO has also been tested successfully on:
  • Windows (XP..Win7)
  • Linux (Backtrack4, Ubuntu, openSUSE) - thanks to Dirk Wetter for Ubuntu and openSUSE notes
  • Mac OS.
The README.txt file contains all the installation notes.

Licensing

WATOBO is licensed under the GNU General Public License Version 2.

Documentation

We made some videos about the installation and basic usage of WATOBO.

Installation

Since version 0.9.8 WATOBO can be installed as a gem.

Windows 7/Vista/XP

Please install Ruby (>= 1.9.2) first before you continue. You can get the installer here
After the installation open a command prompt. Then type the following command to install the watobo gem:
gem install watobo

BackTrack 5

gem install --user-install selenium-webdriver
gem install --user-install watobo
Add the following line to your ~/.bashrc file:
export PATH=$PATH:/root/.gem/ruby/1.9.2/bin/

You can download older versions of WATOBO at http://sourceforge.net/projects/watobo/ or by checking out the svn repo with the following command
svn co https://watobo.svn.sourceforge.net/svnroot/watobo watobo

Usage

In your command prompt start WATOBO with the command:
watobo_gui.rb
After starting WATOBO you create a new session. Afterwards the interception proxy is listening on localhost:8081.
Configure your browser to use WATOBO as its proxy and visit the site you want to audit.

Q&A

If you have any questions please read the FAQ first. In case that you didn't find an answer, write an email to (watobo #at siberas #dot de).

WATOBO in the wild

  • Great write up at PenTestIT
  • Very good manual at Corelan by Fancy
  • Complete documentation of WATOBO with multiple lessons at aldeid by Sébastien Damaye

Author

WATOBO is developed by Andreas Schmidt, siberas (http://www.siberas.de).
With special thanks to:
  • Sebastian Apelt
  • Dominic Koeder aka Fancy
for alpha/beta-testing and new ideas.
Visit website -
for more information -
Screenshot 

at No comments:

Linux Mint 13 “Maya” Xfce RC released!


Linux Mint 13 “Maya” Xfce RC released! It a great news for those who love Linux.

Linux mint is open source Linux OS . It is debian type distro. This time Linux Mint 13 “Maya” Xfce RC comes with some awesome feature

New features at a glance:
Xfce 4.10
mintMenu and MATE applets
MDM
Artwork improvements
Search engines

For a complete overview and to see screenshots of the new features,
visit: “What’s new in Linux Mint 13 Xfce“.

Important info:
mintMenu in Xfce
Xfwm margins
Xfce trash in live mode
Boot hangs on systems with b43 wireless cards
Moonlight

Make sure to read the “Release Notes” to be aware of important info or known issues related to this release.
System requirements:
x86 processor (for both 32 & 64-bit versions)
x86_64 compatible processor (for the 64-bit version)
256 MB of system memory (RAM)
5 GB of disk space for installation
Graphics card capable of 800×600 resolution
CD-ROM drive or USB port 


Download -
Md5 sum:
  • MATE 32-bit: 43ca0be4501b9d1a46fea25ec2cd556e
  • MATE 64-bit: 2d84f671ad77a8019dfa6e1d00572d82
  • Cinnamon 32-bit: 913fd6c76730dac0aff87d565cbdb737
  • Cinnamon 64-bit: e0f3dbee947630d1eada01a3583d3b96
Torrents:
Download from here
Download all versions of Linux Mint from Here

Source -
http://www.linuxmint.com/
For more information -
Read the Linux Mint User Guide
See what's new in Linux Mint 13
Read the release notes
at No comments:

Friday, June 29, 2012

Artillery 0.5.1 Alpha released


Artillery: Powefull Linux Protection tool
Artillery is a combination of a honeypot, file monitoring and integrity, alerting, and brute force prevention tool. It is light weight, has multiple different methods for detecting specific attacks and eventually will also notify you of insecure nix configurations. Artillery is coded in python.


“Artillery is a combination of a honeypot, monitoring tool, and alerting system. Eventually this will evolve into a hardening monitoring platform as well to detect insecure configurations from nix systems.”

Official change log for Artillery 0.4 Alpha:
added the ability to specify a NIC interface (thanks Niel)
fixed a bug when banlist.txt was not found, artillery would crash

Artillery 0.5 Alpha was also released in the past. 
This is its change log:
added OSX support for setup.py installation (thanks for the help Giulio Bortot)
Download Artillery:
Artillery 0.5.1 Alpha can be downloaded from the SVN at the following link:
svn co http://svn.secmaniac.com/artillery artillery/

How to install Artillery
./install.py

This will add artillery to bootup and start Artillery. To give a run down of some of the features.

How to check Artillery is running

netstat -antp | grep LISTEN

tcp 0 0 0.0.0.0:135 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:5800 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:3306 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:5900 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:110 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:10000 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:8080 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:53 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:21 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:22 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:25 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:1433 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:1337 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:44443 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:1723 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:3389 0.0.0.0:LISTEN 29310/python
tcp 0 0 0.0.0.0:445 0.0.0.0:LISTEN 29310/python

How does Artillery works

As per above example If anyone decides to port scan or touch those ports, they are blacklisted immediately and permanently. It’s multi-threaded and can handle as many connections thrown at it. Author did some testing on his own site. And results where amazing. In the first 3 days, it blocked over 387 individuals.

In addition to the monitoring, it will also monitor file integrity leveraging sha-512 database where it keeps track of all system files and if anything changes, will email you with the change. By default it monitors /etc/ and /var/www. Artillery also monitors the SSH logs, and the event of abrute force attack, blacklists the host forever.

By default artillery installs in /var/artillery and the config file is located at /var/artillery/config

Visit Website -
at No comments:

Clonezilla Live 1.2.12-67 released 

Clonezilla is a partition or disk clone tool similar to Norton Ghost®. It saves and restores only used blocks in hard drive. 
Two types of Clonezilla are available, Clonezilla live and Clonezilla SE (Server Edition).





Features




    

  • Filesystem supported: ext2, ext3, ext4, reiserfs, xfs, jfs of GNU/Linux, FAT, NTFS of MS Windows, HFS+ of Mac OS, UFS of BSD, and VMFS of VMWare ESX. Therefore you can clone GNU/Linux, MS windows and Intel-based Mac OS, no matter it's 32-bit (x86) or 64-bit (x86-64) OS. For these file systems, only used blocks in partition are saved and restored. For unsupported file system, sector-to-sector copy is done by dd in Clonezilla
    • 

  • LVM2 (LVM version 1 is not) under GNU/Linux is supported.
    • 

  • Multicast is supported in Clonezilla SE, which is suitable for massively clone.
    • 

  • Based on partclone, and dd to clone partition. However, clonezilla, containing some other programs, can save and restore not only partitions, but also a whole disk.
    • 





This release of Clonezilla live (1.2.12-67) includes minor enhancements and bug fixes.
ENHANCEMENTS and CHANGES
  - The underlying GNU/Linux operating system was upgraded. This release is based on the Debian Sid repository (as of 2012/Jun/20).
  - Linux kernel was updated to 3.2.20-1.
  - Package drbl was updated to 1.12.14-1drbl, and package clonezilla was updated to 2.5.42-1drbl.
  - Partclone was updated to 0.2.49.
  - Gdisk was updated to 0.8.5-1.1drbl.
  - Booting on uEFI machine via CD is supported in this release.
  - Package ddrescue was removed because it's no more in Debian Sid, and
we already have gddrescue. 
Ref:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677101
  - //NOTE// From Clonezilla live 1.2.6-24, if you manage the boot
parameters by yourself, you have to put the extra boot parameter
"config" or "live-config" to make live-config to work.
  - //NOTE// From Clonezilla live 1.2.6-24, due to the change in
Live-boot, the boot parameter to assign static IP address has been
changed. The new format is:
  - ip=**[DEVICE]:[CLIENT_IP]:[NETMASK]:[GATEWAY_IP]:[NAMESERVER]
[,[DEVICE]:[CLIENT_IP]:[NETMASK]:[GATEWAY_IP]:[NAMESERVER]]***::
  - e.g.
  - ip=eth0:192.168.100.1:255.255.255.0:192.168.100.254:8.8.8.8,eth1:192.168.101.1:255.255.255.0::

BUG FIXES
   - Bug fixed: The restored Fedora 17 failed to boot via grub 2. Thanks
to Robert Weir for reporting this issue.
-- Steven Shiau <steven _at_ nchc org tw> <steven _at_ stevenshiau org>
National Center for High-performance Computing, Taiwan.
http://www.nchc.org.tw
Public Key Server PGP Key ID: 1024D/9762755A
Fingerprint: A2A1 08B7 C22C 3D06 34DB  F4BC 08B3 E3D7 9762 755A
Download clonezilla-live-20120620-precise.iso (131.1 MB)
Download other version files click here

at No comments:

Oracle Linux 6.3 released



Oracle has announce the general availability of Oracle Linux 6.3 for x86 (32 bit) and x86_64 (64 bit) architectures.

Oracle Linux 6.3 ships with two sets of kernel packages: * Unbreakable Enterprise Kernel [kernel-uek-2.6.39-200.24.1.el6uek]
o Installed and booted by default * Red Hat Compatible Kernel [kernel-2.6.32-279.el6] o Installed by default

By default, both the Unbreakable Enterprise Kernel and the Red Hat Compatible Kernel are
installed.Unbreakable Enterprise kernel Release 2 shipped in this update has following
driver updates:

Network Drivers updates
* Updated be2net to version 4.2.220o
 * Updated bnx2 to version 2.2.1 
 * Updated bnx2x to version 1.72.00-0
 * Updated cnic to version 2.5.10
 * Updated cxgb3 to version 1.1.4-ko
 * Updated cxgb4 to version 1.3.0-ko 
 * Updated e100 to version 3.5.24-k2-NAPI 
 * Updated e1000 to version 7.3.21-k8-NAPI 
 * Updated e1000e to version 1.9.5-k 
 * Updated igb to version 3.2.10-k 
 * Updated igbvf to version 2.0.1-k 
 * Updated ixgbe to version 3.6.7-k 
 * Updated ixgbevf to version 2.2.0-k 
 * Updated netxen_nic to version 4.0.78 
 * Updated qlcnic to version 5.0.28.1 
 * Updated qlge to version 1.00.00.30 
 * Updated r8169 to version 2.3LK-NAPI 
 * Updated tg3 to version 3.122 

 Storage Drivers updates
* Updated be2iscsi to version 4.2.162.0o 
 * Updated bnx2fc to version 1.0.10 
 * Updated lpfc to version 8.3.5.68.4p 
 * Updated mptsas to version 3.04.19 
 * Updated mpt2sas to version 13.100.00.00 
 * Updated qla2xxx to version 8.04.00.03.39.0-k 

 For more information, please refer to the online release notes available at: http://oss.oracle.com/ol6/docs Software Accessibility
All packages are available on the Unbreakable Linux Network (http://linux.oracle.com). Installable binary and source ISO images will available on Oracle Software Delivery Cloud (http://edelivery.oracle.com/linux) shortly. If ISO images are needed before they are available on Oracle Software Delivery Cloud, please request these via a My Oracle Support service request.

See the release announcement for a full list of updated network and storage drivers.

Download:
OracleLinux-R6-U3-Server-i386-dvd.iso (2,957MB, SHA1),
OracleLinux-R6-U3-Server-x86_64-dvd.iso (3,505MB, SHA1).
at No comments:

gui-for-sqlmap -open source penetration testing tool

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

To make it work get and install python 2.7 and download the last version of sqlmap-dev:
svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev

latest version GUI (linux, windows) -
Visit -
at No comments:

The Mole v0.3 Released - automatic SQL Injection exploitation tool

The Mole is an automatic SQL Injection exploitation tool. All you need to do is provide a vulnerable URL and a valid string on the site you are testing and The Mole will detect the injection and exploit it, either by using the union technique or a boolean query based technique.
Features
  • Support for injections using MySQL, MS-SQL Server, Postgres and Oracle databases.
  • Command line interface.
  • Auto-completion for commands, command arguments and database, table and columns names.
  • Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
  • Exploits SQL Injections through GET/POST/Cookie parameters.
  • Developed in Python 3.
  • Exploits SQL Injections that return binary data.
  • Powerful command interpreter to simplify its usage.
You can download The Mole v0.3 here:
Windows – themole-0.3-win32.zip
Linux – themole-0.3-lin-src.tar.gz
Download other version 
Documentation
Installing The Mole
Versions and Releases

for more information click here


at No comments:

Thursday, June 28, 2012

webvulscan V0.12- Web Application Vulnerability Scanner


WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found.
After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited.


The vulnerabilities tested by WebVulScan are 
  • Reflected Cross-Site Scripting
  • Stored Cross-Site Scripting
  • Standard SQL Injection
  • Broken Authentication using SQL Injection
  • Autocomplete Enabled on Password Fields
  • Potentially Insecure Direct Object References
  • Directory Listing Enabled
  • HTTP Banner Disclosure
  • SSL Certificate not Trusted
  • Unvalidated Redirects
Features:
  • Crawler: Crawls a website to identify and display all URLs belonging to the website.
  • Scanner: Crawls a website and scans all URLs found for vulnerabilities.
  • Scan History: Allows a user to view or download PDF reports of previous scans that they performed.
  • Register: Allows a user to register with the web application.
  • Login: Allows a user to login to the web application.
  • Options: Allows a user to select which vulnerabilities they wish to test for (all are enabled by default).
  • PDF Generation: Dynamically generates a detailed PDF report.
  • Report Delivery: The PDF report is emailed to the user as an attachment.

Version History

8th June 2012 - Version 0.12
  • Emailing PDF report is now optional. Therefore, you can just view it in your scan history if you wish instead of having it emailed to you.
  • Crawling a URL at the start of the scan is now optional. Therefore, you can now test a single webpage for the various vulnerabilties instead of scanning an entire website.
  • Issues fixed that some users were having when running WebVulScan on Linux (static path references and case sensitivity). Now tested on Windows (XAMPP 1.7.4 running on Vista) and Linux (XAMPP 1.7.4 running on Ubuntu 12.04).
  • Added information about Linux permissions to instructions.
  • Instructions now in .docx and .txt format

30th April 2012 - Version 0.11

  • First release of WebVulScan.
Download 
Older version
Our post regarding WebVulScan
Screenshot 










at 2 comments:

Wasclist - Web Application Security Check List

Web Application Security Check List is a documentation project of OWASP Turkey. It provides 61 security controls that need to be integrated within web applications. It targets mainly auditors but is helpful for application developers, IT-architects, project managers, system administrators and database administrators as well. The security controls are integrated within an Excel-tool with graphical representation support.

The first version of the check list was published in 2010 in Turkish whereas the second and current version of the check list was published with many enhancements in January 2012 in Turkish and English.

The main characteristics of the check list are as follows:
  • Each security control has Category, Responsible Person, ASVS (Application Security Verification Standard) Category, Risk Level and Status sections.
  • The categories of the check list are based on the categories of OWASP Testing Guide.
  • For each security control in the checklist, a verification requirement from OWASP ASVS is assigned.
  • Risk levels (Critical-High-Medium-Low) are used for defining criticality of each security control.
  • A tool in Excel was implemented for the check list. A status flag (Yes/No/---) is used for tracking activation status of each security control.
  • The security flag enables to display the security status of an IT-system visually with graphics for different categories as well as for overall system. If a security control is out-of-scope for the relevant system (e.g. web services are not implemented within the system), its status is assigned as "---" and it would not be evaluated for graphics.
Download -

Visit website -















at No comments:

Zenoss Core - Enterprise IT Monitoring

Zenoss Core is an open source IT monitoring product that delivers the functionality to effectively manage the configuration, health, performance of networks, servers and applications through a single, integrated software package.

It could collect data via SNMP, SSH, WMI, JMX and Syslog. Virtual and Cloud Infrastructure Monitoring and Management is possible. It manages events from various sources like syslog, SNMP trap, Windows Event log. It has secured web portal to visualize the data in the graphical charts. Reports could be scheduled and send it to Admin via EMail.

Zenoss Core is an enterprise network and systems management application written in Python. Zenoss provides an integrated product for monitoring availability, performance, events and configuration across layers and across platforms.
Features
·         Application, Network and Systems Monitoring and Management
·         Alerting and Automatic Remediation
·         System Log Monitoring and Event Management
·         Automated Inventory Discovery and Change Tracking
·         Data Collection via SNMP, SSH, WMI, JMX and Syslog
·         200+ Community Extensions (ZenPacks)
·         Virtual and Cloud Infrastructure Monitoring and Management
·         Reporting
·         Alerting via Email and SNMP
·         Integration with Configuration Management Tools
·         VMware ESX monitoring

Download -
Download zenoss-3.2.1-x86_64.vmware.zip (828.1 MB)
Download other version files

Before installing or using Zenoss, read the latest Release Notes.
Looking for Zenoss Service Dynamics documentation? Find it here.
Product Guides
New to Zenoss? Read one of our in-depth procedural or reference guides:

·         Zenoss Installation - Detailed procedures to help you install Zenoss
·         Getting Started with Zenoss - Instructions for initial setup tasks and basic information for using the system
·         Zenoss Administration - Comprehensive information about using Zenoss
·         Zenoss Extended Monitoring - Extend Zenoss to monitor a wide range of devices

Advanced Documentation
More advanced users may want to check out:
·         Zenoss Developer's Guide - In-depth architecture and information useful for extending the product
·         Zenoss Source & JSON API Documentation - Source code, and JSON API documentation and examples for development with Zenoss
·         Community Day training materials - Slides from Zenoss training sessions

Community Documentation
Looking for community-created documentation?
·         Zenoss Wiki - Recipes and best practices contributed by Zenoss users
·         Zenoss Users Forum FAQ
·         Zenoss Users Forum FAQ (Part 2)

Books
Want to read books published by third parties? Consider these resources:
·         Zenoss Core 3.x Network and System Monitoring by Michael Badger for Packt
·         Zenoss Core (2.x) Network and System Monitoring by Michael Badger for Packt

 Visit Website - 
http://sourceforge.net/projects/zenoss/
http://community.zenoss.org/index.jspa
Screenshot -


at No comments: