Weaponizing the Web at Defcon 17
Shawn Moyer and Nathan Hamiel’s talk at Defcon 17, Weaponizing the Web: More Attacks on User-Generated Content, is now available on Vimeo:
Shawn Moyer and Nathan Hamiel: Weaponizing the Web (DefCon 17) from Vim EeeeOOO on Vimeo.
I just finished watching it (unfortunately missed it while I was in Vegas), and it’s very good. I’m looking forward [...]
GhostExodus, the ETA, and a Control-Systems Incident at Carrell Clinic (Part 1)
My phone has been blowing up most of the day about this. To sum it up: On the evening of the 18th, a script kiddie that was involved in a previous post on this site (“Perl Hacking is Dead”), XXxxImmortalxxXX, contacted me and began to brag about hacking a hospital’s HVAC system. Upon [...]
More links on the GE Fanuc iFIX vulnerabilities
Yesterday, I posted a link to the advisory in GE Fanuc’s knowledge base. For today, here’s some more links of interest regarding these vulnerabilities:
NERC (North American Electric Reliability Corporation) Advisory (Direct link to PDF)
CVE-2009-0216 (No information here yet, but presumably it will be updated soon)
US-CERT Vulnerability Note VU# 310355
SecurityFocus : GE Fanuc iFIX Insecure Authentication Multiple Unauthorized Access [...]
GE Fanuc releases info on iFIX vulnerabilities VU# 310355
If you’ve been looking for my slides from the SCADA Summit that included information on the GE Fanuc iFIX vulnerabilities that I discovered and reported, then you’re still out of luck, but this is just as good, really. If you’re an end-user of iFIX, or a penetration tester/red-team member testing installations of iFIX products, this [...]
Santa Claus is Hacking to Town Challenge Results
Over at the excellent ethicalhacker.net site, the results of the Santa Claus is Hacking to Town Skillz Challenge have been posted:
Santa Claus is Hacking to Town – Answers and Winners
These challenges are a lot of fun, and educational as well. Ed Skoudis puts a lot of effort into writing and judging them. There’s a whole archive [...]
Audio and video of Kaminsky’s DNS talk now available
The kind folks who run Black Hat have gone ahead and released the audio and video of Dan Kaminsky’s talk at Black Hat USA 2008, entitled “Black Ops 2008: It’s The End Of The Cache As We Know It”, or “64K Should Be Good Enough For Anyone”. This is the talk where he discusses the [...]
Beaten to the punch: DNS spoofing Ruby’s Resolv library
On the 6th, I posted hashes of a file, “the_dirt.txt”, to titillate my readership while I was busy shopping the information contained within it to TippingPoint and iDefense (in case I had a shot at monetizing it :) ). Here are the contents of “the_dirt.txt”:
the_dirt.txt
The idea here is that Ruby implements its own threading model [...]
Dan Kaminksy’s Blackhat USA 2008 slides are now available
Why So Serious – On Dan’s Blog
Everything we knew, plus some really neat tricks.
Upcoming paper on SCADA software vulnerabilities
I wasn’t going to talk about this on here for a while, since the public disclosure and paper won’t be out for another six months, probably, but my major professor is so excited about it that he just had to put out a press release:
MSU News: Computer science student uncovers software flaw
I’m going to clear [...]
Talking about DNS on the Securabyte 1 Podcast
The folks who put on the excellent Securabit podcast have decided to put together a quick and dirty episode-between-episodes on the recent DNS vulnerability. They’ve decided to call these spontaneous episodes “Securabytes”, and this is the first one:
Securabyte Episode 1: DNS Haiku
Since Dan Kaminsky doesn’t leap around the apartment to find his headset in order [...]