※ 주의사항아래 공격 코드는 허가 받지 않은 공간에서는 테스트를 절대 금지합니다.악의 적인 목적으로 이용할 시 발생할 수 있는 법적 책임은 자신한테 있습니다. 이는 해당 글을 열람할 때 동의하였다는 것을 의미합니다.


RC Trojan is also known as Remote Control Trojan is an aplication that permits the control of a computer remotely in a WAN/LAN. 

This trojan should be install in c:\ 

After extraction/instalation, run 
c:\RC\NanoWeb.exe 
c:\RC\Start Server.lnk 

And use your browser to access it... 

Download: 
http://ge.tt/9Y83esP1 

Virus Scan: 
https://www.virustotal.com/en/file/9c746db9dc1a5b7366e8abf01cde60ba438543fbf40d80cdafc98e3a67501181/analysis/1394447594/


원문출처 : http://sla.ckers.org/forum/read.php?15,52130,52130#msg-52130



저작자 표시 비영리 변경 금지
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

트위터는 총리가 국가의 불안 단속을 시도로 터키 차단 될 것으로 보인다. 그러나 사용자가 트위터 자체가 메시지가 사이트를 통해 얻을 수 있도록하는 전략을 홍보와 함께, 금지를 어김 있습니다.

로이터는 트위터에 액세스를 시도하는 터키 사람들이 체프 타이 이프 에르도 간 총리의 명령에 따라, 현재 사이트에 대한 액세스를 방지 법원의 명령을 인용의 통신 레귤레이터에서 문을 충족 함을보고했다.

"트위터는 최후의 수단으로 우리 시민들에게 미래의 손상을 방지하기 위해 예방 조치로 차단되었습니다,"문은 보도했다.

액세스를 차단하려는 시도는 유럽위원회 (European Commission) 부사장 Neelie Kroes는 검열에 지나지 않았다 주장으로, 광범위하게 항의를 만났다되었습니다

Turkey map

Twitter appears to be blocked in Turkey as the prime minister attempts to clamp down on unrest in the country. However, users are flouting the ban, with Twitter itself publicising tactics to ensure messages can get through to the site.

Reuters reported that people in Turkey attempting to access Twitter were met with a statement from its telecoms regulator citing court orders that now prevent access to the site, under the orders of prime minister Recep Tayyip Erdoğan.

“Twitter has been blocked as a preventive measure in order to prevent future damage to our citizens as a last resort,” the statement reportedly said.

The attempt to block access has been met with widespread protest, with European Commission vice president Neelie Kroes claiming it was nothing more than censorship.

Furthermore, users have been finding workarounds to the ban, seemingly by using a function that uploads Twitter posts via text message, with Twitter's own policy accounts informing users of this capability.

In another odd twist on the situation, the president of Turkey Abdullah Gül  took to Twitter to say the prime minister is wrong to try and implement the ban.

The incidents underline the power of social media platforms and the concern they cause leaders in many nations. Many governments attempted to stop communications tools such as Twitter and Facebook, as well as text messages, from being used during unrest in the 2011 Arab Spring uprisings.

The UK government even considered blocking such tools in the aftermath of the riots that hit the UK in the summer of 2011, although these plans appear to have cooled over time.

저작자 표시 비영리 변경 금지
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

If you are like most people who use their computers in what I will refer to as “the modern fashion,” or just letting it go to sleep without actually restarting and using a single browser window with 500 tabs open; it might be time to do a reboot.

Last week at the CanSecWest convention (covered extensively by my comradeJerome Segura) the annual Pwn2Own competition took place, where hundreds of thousands of dollars were up for grabs by security teams who were willing to discover new zero-day exploits in common software.

photo 4

The take away from the contest was $400,000, which means that there were a lot of exploits revealed at the end of last week, but what does that mean to you, the average user?

It means that pretty soon, all of your common software is going to need to be updated to patch the holes discovered during the competition.

All in all this is great news because it means you will be more secure.

The problem is that a lot of people hate updating, it usually requires restarting your browser (at the very least) and that means you have to close the 10 articles from Cracked you wanted to read as well as all the Buzzfeed quizzes you were “going to take but haven’t got around to yet”.

Office life

If this was just an update that made the software a little more processor efficient, fine, you could wait on that.

For these particular updates headed your way, you need to update ASAP!

While the explicit details haven’t been revealed to the public as to how the discovered vulnerabilities can be exploited, it lets cyber criminals around the world know that something is there and even gives them a few clues on how to find it.

Reading tweets, looking at the pictures, reading research papers and blog posts by the security folks who found the vulnerabilities; all can be used to determine the best way to find the vulnerabilities.

codesnippet

Irrelevant exploit code snippet is relevant

When they do find them, it’s only a matter of time (short amount of time) before we see these same exploits popping up in exploits kits used for drive-by attacks, malicious phishing attacks and even new types of malware.

So it’s in your best interest to not only update your own system but also tell everyone you know that they should update as soon as they can.

Hopefully the products that were found vulnerable will completely patch the holes soon, but even if they can’t, they have at least sent out a few band aids to reinforce security in the mean time.

The applications that were found vulnerable were:

  • Internet Explorer
  • Firefox
  • Chrome
  • Safari
  • Adobe Flash

Here are a few links to help you ensure your browser software is up to date:

Thanks for reading and safe surfing!

저작자 표시 비영리 변경 금지
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

Over the last couple of months people from the Tor Project have been trying to get Apple to remove a fake Tor app from the App Store with no success.

The Tor Browser is a popular program for anonymous Internet browsing, the name has also became mainstream since the rampant reports of surveillance taking place.  With Tor or any other anonymity tool, they help to hide your tracks while you surf, so prying eyes won’t be able trace back to you.

The fake Tor app was first reported to Apple in December with Apple responding that they are going to give the developer “a chance to defend their app.”

faketor02

The app itself costs $0.99 and reportedly contains adware and spying functionality. Adware in a paid app, shady, but that doesn’t necessarily point to maliciousness or that it is fake.

The red flag with this app is that it is not developed by Tor, is using Tor’s name to get installs, and the description fails to mention that it is not affiliated with the Tor Project.

People with Tor are not happy with the results of direct emails with Apple and have taken to Twitter in attempt to get their attention.

faketor01

Whether this fake Tor app can be trusted to keep you anonymous is unknown at this time, but with the attention it is now getting it might not be around much longer—with its current branding at least.

At the time of this write-up the app is currently still in the App Store.

저작자 표시 비영리 변경 금지
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

Researchers at Indiana University Bloomington and Microsoft released a paper detailing a new set of vulnerabilities in the Android Operating System dubbed Pileup flaws; where Pileup means “privilege escalation through updating”.

These flaws exist within Android’s Package Management System (PMS) and could allow malware to “upgrade” its privileges simultaneously with a system upgrade.

“Our research brought to light a new type of security-critical vulnerabilities, called Pileup flaws, through which a malicious app can strategically declare a set of privileges and attributes on a low-version operating system (OS) and wait until it is upgraded to escalate its privileges on the new system”

The paper goes on to say they confirmed the existence of the Pileup flaws on every official version of Android and on over 3000 custom versions. In addition, the paper documents several of the exploits used against the Pileup vulnerabilities.

Our research also identified hundreds of exploit opportunities the adversary can leverage over thousands of devices across different device manufacturers, carriers and countries.

While this may sound scary, big vulnerabilities have appeared on Android in the past.

Last July, for example, Bluebox Security reported on the Master Key vulnerabilitythat affected some 99 percent of Android devices. The flaw was quickly addressed in many custom versions of android, like CynaogenMod, however, it took some time for carriers to get it fixed, likely due to fragmented updates.

However, when news of big name security flaws like this are released, it tends to pose the question: is Android really secure?

Well, as for securing the Pileup vulnerabilities, the same researchers have already done that work, as seen in their paper.

We also developed a new detection service, called SecUP, which deploys a scanner on the user’s device to capture the malicious apps designed to exploit Pileup vulnerabilities.

According to the paper, SecUP provides a scanner app that looks at Android packages (APKs) and determines if privilege escalation will occur during an update. With this information, the program builds a database that records all of the Pileup vulnerability opportunities.

Architecture of SecUP, the service designed to mitigate Pileup vulnerabilities.

Architecture of SecUP, the service designed to mitigate Pileup vulnerabilities.

Even still, despite the availability of immediate mitigation, it seems doubtful this will be enough to silence the numerous critics of Android’s security in the days to come.

Android, while remaining the most used mobile OS worldwide, is often criticized for its “openness”, allowing users to load custom versions of the OS onto their devices, called roms, that improve functionality and add features.

Such modifications themselves usually require users to exploit their devices to acquire “root”, which in itself could be considered a possibly security risk.

In addition, Android is often cited for its slow updates due to fragmentation, although some of this should be addressed with Google’s new updating strategy.

But despite the claims against it, Android is still beloved by many for the very same reasons, and many users gladly choose Android over its more restrictive counterparts, such as Windows Mobile or Apple’s iOS.

Whichever side of the fence you’re on, news of this vulnerability shouldn’t frighten Android users too much; as long as they’re practicing safe habits with their device, they shouldn’t be exposed to much, if any, malware.

To read the entire research paper, click here. As always, please list any thoughts and comments below.

저작자 표시 비영리 변경 금지
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

티스토리 툴바