Jan 4, 2011

IP F***:The firefox addon proxy


IPFuck !

IPFuck is a firefox addon created to simulate the use of a proxy. With this addon installed and enabled, and if a lot of us use it, there will no longer be any mean to know who is using a real IP, who isn't and who was charged doing something he didn't... Basicaly : we all become anonymous !

This addon is a "proof of concept" to show anyone who isn't already aware that IP address has become obsolete and that no one should use an IP address as an evidence anymore. This plugin is just one of many ways to spoof an IP address and these spoofing could lead to outrageous accusation of innocents.

How does it work ?
You can imagine that if I could just overwrite any existing information about your IP address I would have done so (or somebody else would have a while back ago)...
But it's actually a little more tricky : when sending a request to a server you will provide several information about your IP address : three of them come from the Application Layer and the last one comes from the Transport Layer. This last one I can't modify : you wouldn't get the answer to your request if that was done. But the three others can be overwritten without any consequence to your browsing...
These three headers were created to provide information on the real IP of a person surfing through a proxy server. So when you enable IPFuck, the websites you are visiting will believe that your real IP is a proxy server and (if the website was done correctly) focus on the false IP you are sending...
A lot of websites try and figure out who is hidding behind a proxy server. And if you don't believe me (I won't mind), just check out this google search request : get real ip address php. Most of the snipplets given here will check HTTP headers (the one we overwrite) before the Transport Layer information ('REMOTE_ADDR').
Read more →

Dec 27, 2010

Owned And Exposed : When the hackers become hacked!


The group of hackers known as the publishers of the "Owned And Exposed" Magazine had released the second version of their "newsletter" in which they describ and details how they compomised the security of six sites... you'll be really shocked when you'll know the names :


All the details can be found in the paper here!

Just remember that a series of small mistakes can mean big, when your adversaries put the pieces together.
Read more →

Pentbox:The Security Command Line Suite

Pentbox is a Linux lightweight suite of command line tools to test the safety and stability of your system / network, written in ruby and also compatible windows Windows / Mac and any system that handles & supports ruby (even iOS & Android).

The tools are divided into different categories& you will get :

Base64 Encoder & Decoder
Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
Password Cracker Hash (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
Secure Password Generator
Net DoS Testing
TCP port scanner
DNS and host gathering
L33t Sp3@k Converter

The Suite is avaible here & easy to install :
1- Get the last release from the link bellow & Install Ruby : 
sudo apt-get install  ruby

2- Extract the archive:
tar -xvf pentbox_1.4.tar
cd pentbox_1.4

3-Start the suite :

Have Fun!
Read more →

Dec 25, 2010

ge.tt : Share Files using The Browser.

Bored of using the hosting sites like Rapidshare to share a file with a friend especially when he get obliged to wait a long time to download this file?

Ge.tt is a free solution that help you to share you files (Legal files of course!) with you friends using your browser, all you have to do is access the website, load your file & share the link with your friends, whom can retrieve this file directly from your computer.

The file uploaded is also sent & uploaded on Ge.tt. servers (cloud!).

Read more →

Oct 22, 2010

Apple Spies on You!


Few weeks ago before the launch of visitors series on MBC, An ad was broadcasted thought the MBC’s Group channels, with a woman that show up on a white background after losing signal on TV, and said “We Came in Peace!”.; nothing special about that, it’s just an ad!( especially for the V lovers and people whom were waiting for it), but the strange about that is that Aljazeera Tv replies by a report, that said  that the MBC channels were hacked by the MOSSAD  ( the national intelligence agency of Israel)  to show that message and to communicate with Arabian people and to try to change their minds!

Recently another information was broadcasted by the same channel, this time is about Apple and The Iphone.


The Tv report in the video (Arabic only ) aims to prove that the Iphone is used by Apple to spy on the customers and to collect informations about them, their locations and even to use the front and back cameras, the microphone and the sensors to retrieve instant pictures and conversations.

The report is based on apple patent application that describes methods that may enable the iPhone and iPad to “sense” the user, detecting voice prints, faces, activity patterns and even heartbeats. If unauthorised use is detected, then many security measures could be activated.

But what aljazzera missed up is that the informations and data collected aren’t sent to apple but to the owner’s email, to allow him to track his phone, save data remotely or wipe out the device.

Maybe Aljazeera is going to release another rumor with the lunch of HTC Sense 3 which allow the same thing (not totally!), who could know?!?
Read more →

NMAP on Android


I’ll show you in this topic how to run NMAP on your Smartphone, and exactly on Android Phone!!!

Nmap is one of the most wanted software used by pentesters, it help to gather informations about ports and services running on a machine, services fingerprinting, detecting Os version… it can run on android too by followind these steps.

First of all you need to download the cross compiled arm nmap from here.

Then connect your phone to your pc and on adb:

adb remount
adb push nmap.zip /sdcard/nmap.zip
adb shell (following on shell)
cd /data/local
mkdir bin
cd bin
cp /sdcard/nmap.zip .
unzip nmap.zip
chmod 755 *

After that you can run nmap (nmap -v -iR 5 -PN -p 80 –n) using the terminal emulator like on a normal pc!

The downloaded version is 4.0 if you want to test the 5.30beta1 have a look at this!
Read more →

Sep 12, 2010

Pentest using Android: The Iphone & N900 beat again!


After getting my new phone, an android one (The Samsung Spica i5700), I’ve started looking around on how could I use it as to pentest , the first step was to know the possibilities of the beast, so I started gathering some information about the specifications & the possibilities of The spica.

The spica comes with a 800 Mhz processor with a BCM4329 wifi chipset, which not allow the injection mode for the moment, comparing to the Apple iphone or The N900.

I forgot about the The injection mode to focus on metasploit!,

Metasploit needs to be fully ported to jRuby before it will run on the Android platform.actually We can use it and it can run on android devices offring some Basic operations (Reverse connect shells, meterpreter, etc still don't work.) but it crashes a lot! HD Moore and his stuff are making serious progress above and maybe we will have a fully ported MSF with the release of the 3.5 metasploit Framework.

Browsing the android market, i found some interesting apps like the Netscan and the Network Discovery wich allows to discover host connected trought the network and get some basic informations like ips,mac addresses, masks… Wifiscanner can help too, to get information about Wifi network and their encryption, and Port scandroid can scan ports but it’s nothing comparing to the Nmap which is avaible and compatible with android (Fully Ported!)

Other tools like ConnectBot(SSh Client) or RemoteVnc are avaible for free on the market.

Python, Perl, JRuby, Lua, BeanShell, JavaScript, Rhino are Fully/partially ported to android and runs quite well (thanks to the devs grous !)

Pentesting with Android still in his first stages comparing to the iphone and N900, that offers a complete set of fully working pentesting tools that run smoothly; but the high speed growing of the google mobile Os and the next release of android for x86 architecture will offer some interesting stuffs in the near future, and maybe , we gonna witness the birth of a fully compatible pentesting framework on Android.

But for those who don’t want to wait, they can use their android devices without android OS to pentest, by emulating a linux operating system!

How could you do this?!? Stay tuned on moroccangeek and you’ll get the full article Soon!

Read more →