Posted on Thursday, 10th June 2010 by Michael
MJSIP: Automating the Magic Jack SIP retrieval What is it: MJSIP is a simple Perl script written by a co-worker and myself. This script uses regular expression matching to automate the finding of your SIP password in the dump file. MJSIP has been tested on over 50 Jacks that were purchased and registered this month [...]
Posted in Papers | Comments (9)
Posted on Wednesday, 9th June 2010 by Michael
Can you pop me now? Like most programs Asterisks offers the ability to launch system commands from with inside the application. This means it is possible for either a developer or a malicious person to execute system commands by simply editing the dial plan and making a phone call. This is nothing new the ability [...]
Posted in Papers | Comments (0)
Posted on Wednesday, 5th May 2010 by Michael
Overcoming SIP over NAT On most of the Asterisk based PBX forums on the internet one of the top help related questions posted is “the phone rings and I can answer it but there is no voice” or one of many variants of that question. The issue is most likely due to the fact you [...]
Posted in Papers | Comments (0)
Posted on Thursday, 11th March 2010 by Michael
Hacking the Magic Jack in 2010 for use on Trixbox or any other SIP device The concept and art of hacking the Magic Jack is actually really old. The reason I am writing this is that over the last year the process has become much harder. There is definitely ample information available online that if [...]
Posted in Papers | Comments (47)
Posted on Friday, 5th March 2010 by Michael
Vista Antivirus 2010 Quick removal Vista 2010 is a rogue anti-virus program that is usually advertised through the use of pop ups and fake security alerts that state that your computer is infected and that you should run an online anti-malware scan. Once the rogue program is installed, it will claim to scan your computer [...]
Posted in Papers | Comments (2)
Posted on Monday, 8th February 2010 by Michael
BlueCoat Web Proxy Bypass Several months ago an organization I work for implemented BlueCoat Web Proxy but they did not purchase a SSL offload card (required for organizations of our size as a license alone would bog down the rest of the box) or a SSL License. This basically limited the ability for us to [...]
Posted in Papers | Comments (4)
Posted on Tuesday, 26th January 2010 by Michael
Using your web server logs to find compromised web servers Some people use Google and Google hacking Database to find their targets and others use their own servers to find potential compromised boxes. In this quick little update I am going to give you a basic idea on how to use your web server’s access [...]
Posted in Papers | Comments (0)
Posted on Monday, 25th January 2010 by Michael
Poison Ivy Revisited Over a year ago I wrote a post on the Poison Ivy Trojan (Tool) by the team over at http://poisonivy-rat.com. The original post can be found here http://digitaloffensive.genxweb.net/2009/09/fun-with-poison-ivy/. I wanted to take a few minutes to add another function I discovered at the last CCDC that made this tool that much better. [...]
Posted in Papers | Comments (1)
Posted on Saturday, 26th September 2009 by Michael
A little command line FU for you. Small but effective Free IPS and Firewall. First off here are a few caveats that I need to mention before I get bombarded by people complaining that it does not always work. This requires a state full connection IE. icmp will not get detected. The connection may get [...]
Posted in Papers | Comments (1)
Posted on Wednesday, 23rd September 2009 by Michael
BlackBerry Firewall guide A few months ago I wrote for Informit.com and had my buddy Seth Fogie publish my article that I wrote on the BlackBerry Firewall. You can find the article here: http://www.informit.com/guides/content.aspx?g=security&seqNum=348
Posted in Papers | Comments (0)