FantaGhost

The right place for a safer Net

Heartbleed Testing and Detecting

by 1 Comment

A critical vulnerability has been identified in OpenSSL versions 1.0.1 – 1.0.1f (CVE-2014-0160) and it is well explained on HeartBleed website. Exploiting the HeartBleed vulnerability. Basically, an attacker can exploit this vulerability to access memory data up to 64Kb and perform many attacks:

  • Read SSL private keys (and use it to decrypt past, present and future encrypted traffic)
  • Retrieve clear text username and passwords
  • Access source code

There are many resources available online to better understand how the bug works and how to fix it (upgrading to OpenSSL version 1.0.1g or newer) as explained on OpenSSL website.

  • Upgrade to OpenSSL 1.0.1g
  • Regenerate your private keys and consider it as compromised
  • Replace SSL certificates
  • If possible upgrade to Perfect Forward Secrecy (PFS)

How can I test if my systems are vulnerable ?

[Read more…]

In-depth malware analysis of mmpifmxnth..vbs

by 3 Comments

Last week I was asked to check a Windows 7 x64 laptop due an extremely poor performances, so as first step I run a complete scan with AntiMalwareBytes free and Avira Antivirus. This two great free software made a great works cleaning more than 170 infected objects!! After the reboot another scan has been started just to be sure that everything was fine and the results confirmed the clean status.
Two days ago the same laptop starts to create strange links on every USB stick plugged so I start a manual analysis of the behavior (unfortunately my Cuckoo Sandbox is building up and not ready yet): using a clean just formatted pen-drive I copied a test folder on the USB and after few seconds that folder was hidden and replaced by a link with the same folder name addressing the following command:
C:\Windows\system32\cmd.exe /c start mmpifmxnth..vbs&start explorer <folder_name>&exit
[Read more…]

SANS Holiday Challenge 2013 Report

by Leave a Comment

The SANS Holiday Challenge is an high-skilled Ethical Hacking technical exercise sponsored by SANS Cybercon and organized by Counterhack team.
The 2013 edition is the tenth annual installment and the biggest and best ever organized by Ed Skoudis, Josh Wright, & Tom Hessman.

During Christmas Holidays me and Giacomo started to work to the Challenge reading the history and downloading the PCAP file provided by CounterHack team (You can find details and PCAP file on SANS Pen Testing web site). We spent several hours and nightly funny moments investigating the file, producing a detailed analysis of attacks and creating a report that we submit to CounterHack team for validation. We would like also to thank you Mr. GaraNews helped us with Bro and Snort analysis of the PCAP file during my stay in Germany!! 🙂

Today a blog post on SANS Pen Testing Web Site announce winners and “honorable mentions” of the Holiday Challenge 2013: our report has been referred to as “honorable mention” for the following reasons:

“Andrew and Giacomo had an excellent technical write-up with beautiful formatting, and even went the step further to ask “why” for each of the attacks (correctly citing that Mr. Potter wants to encourage the rapid growth of dental disease in Bedford Falls through manipulating drinking water fluoride levels). The team-of-two even went so far as to evaluate datestamp information in the “Firmware Update” phishing attack, identifying the 5-hour window between the upload of the ab-qfe.exe executable and the retrieval by Don Sawyer.”

[Read more…]

FGscanner is available for Download

by Leave a Comment

Hi All!
I finally completed FGscanner  🙂
FGscanner is a perl script useful for finding directories that are not indexed, hidden pages, development or test folders on a webserver. The script works in dictionary attack mode using two files (fg_dirs and fg_pages) and can be redirect via proxy or tor network if there is a tor daemon running on your system.

The project is hosted on GitHub and you can download it here.

This is the initial release and any comment, contribution or suggestion is more than welcome ! 🙂

 

Latest Posts

Latest Tweets

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Posts Archive

css.php