Archive for June, 2008
iPhone “exploit development” support toolkit released
Core Security Technologies has launched an iPhone debugger for native iPhone processes and libraries. Here’s the email sent out to the Securityfocus mailing lists:
———- Forwarded message ———-
From: Nicolas A. Economou <lists@corest.com>
Date: Tue, Jun 17, 2008 at 6:09 PM
Subject: iPhoneDbg Toolkit
To: pen-test@securityfocus.com, full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com, focus-apple@securityfocus.comHello!
We are proud to announce the release of the iPhoneDbg Toolkit, an effort towards iPhone exploit development.
You can find it here:
http://oss.coresecurity.com/projects/iphonedbg.html.- What is the iPhoneDbg Toolkit?
This set of tools will enable you to delve into iPhone Binary Reversing.
* The iPhone Debugger allows you to debug running or newly-created native processes inside iPhone (iphonedbg).
* The Library Loader Patcher will allow to debug iPhone libraries (dyld_patcher).
* You can also build a tunnel from your PC to your iPhone through USB (iphone_tunnel.exe).Thanks!
Nicolas (*)Open Source Software
Core Security Technologies—–
(*) I am a semi-senior exploit writer at Core Security Technologies. I’ve being working in computer security for 3 years and I am specialized in Windows exploits, mostly, and the development of exploit writing tools. I also developed some exploits for Linux and MacOS X.
Unexpected results when port scanning AS/400
Penetration testers often use port scanning as a first step to discover active hosts and to map-out active network services. This is often done without any hesitation once the written formalities are completed. That’s exactly what I did in one of my assignments that included AS/400 (now iSeries) systems, and things did not turn out as expected.
I issued an nmap service version and OS detection scan on the target network:
nmap -sV -O -iL case_4301_hosts_1.txt
All seemed to go well and I got my results, until about an hour later when the test subjects started to crawl and did not accept new requests. The system administrator ended up rebooting the affected systems which restored everything back to the way it was supposed to be. Good for me that it was a planned activity and no one was affected by it. Read the rest of this entry
Middle East property developer’s customer info leaked on eBay
Damac Properties, the “largest private real estate developers in Middle East”, saw their customer database go up for sale on eBay UK for £750. This was confirmed by Damac who have since launched an investigation in to the matter.
The seller, “dubaigoods1” appears to be persistent about selling as many copies of the database; the item was reposted on eBay as “DUBAI PROPERTY/DEVELOPER INVESTOR DATABASE” without mention of Damac Properties, after the original item was removed by eBay. The below screenshot was taken a few minutes ago:
Pheonix Mars Mission website compromised
As the Mars Lander vehicle touched down on Mars last Sunday in search for signs of life, back home on Earth the news took down the Phoenix Mars Mission website earlier today after it was compromised and led visitors to an external website.
It was the blogs section of the website that was compromised as it was vulnerable to Injection flaws that led the hacker “VITAL” adding a main blog entry as shown below:
