November 26th, 2014

holi-daze

Happy holidays everyone. Not too much going on, but I thought that I’d post on a couple random things.

First, we had a good mini-meeting week before last. We got a decent amount of code out for wicrawl, and had a good time doing it. We’re well on our way, and I’m really hoping to have an alpha, or something demo-able out by shmoocon (Jan 13th-15th, check it out, we’ll be there).

This is kind of interesting. It’s the robots.txt from whitehouse.gov (in other words it’s everything that they don’t want google, or your favorite search engines to see). Nothing worth going conspiracy theory over since it’s just a public website, but interesting nontheless.

Speaking of wireless, here is some info on wi-fi hacking at 30,000 feet (wi-fi services in airplanes), but nothing really new.

This is a pretty big brother-like move for the UK. In the next year they claim they are going to start monitoring the auto traffic of _every_ car on the road and will keep those records around for two years.

That’s all for now. Have a great rest of the year.

For the kiddies

Metasploit v3 Alpha is out today! This is a complete rewrite (in ruby) from 2.0. Looks like fun. Check it out.

perl published advisory

Here is the actual advisory from Dyad on the perl format string exploit issue I posted about yesterday. A patch has been proposed, but isn’t official yet. They also mention that there are several other exploitable programs that they know about today. Hopefully anyone using webmin is smart enough to keep it firewalled off in the first place. Someone needs to audit SlashCode for this, =), they don’t look very active.

update: Here is a paper with more details, examples, and a few more vulnerable programs.

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS