Intercepter-Ng - Pocket Sniffer For Android

Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of several famous separate tools and more over offers a good and unique alternative of Wireshark for android.

The main features are:

• network discovery with OS detection
• network traffic analysis
• passwords recovery
• files recovery

Runs on Android >=2.3.3 with root+busybox
Looks better on high resolution, but completely comfortable on 480x720.
 

Homepage: http://sniff.su

[jSQL Injection] Java based automated SQL injection tool

jSQLi is java based free SQL Injection Tool. It is very easy for user to retrieve database information from a vulnerable web server.

SQL Injection features:

• GET, POST, header, cookie methods
• normal, error based, blind, time based algorithms
• automatic best algorithms detection
• data retrieving progression
• proxy setting
• evasion
• for now supports MySQL

Download it from here:
http://code.google.com/p/jsql-injection/downloads/list

Wireshark corrige 11 vulnerabilidades

Se ha publicado la versión de Wireshark 1.8.4/1.6.12 que soluciona once vulnerabilidades relacionadas con impactos de tipo denegación de servicio o revelación de información.

 

Wireshark es una aplicación de auditoría orientada al análisis de tráfico en redes. Su popularidad es muy elevada, puesto que soporta una gran cantidad de protocolos y es de fácil manejo. Además Wireshark es software libre (sujeto a licencia GPL) y se ejecuta sobre la mayoría de sistemas operativos Unix y compatibles, así como en Microsoft Windows.

 

Se han encontrado once vulnerabilidades en Wireshark que podrían provocar que la aplicación dejara de responder, causando una denegación de servicio o revelar información sobre el host en que se utiliza.

 

Las vulnerabilidades que como impacto conllevan una denegación de servicio de manera remota, están relacionadas con los disectores USB (CVE-2012-5593),  sFlow (CVE-2012-5594), SCTP (CVE-2012-5595), EIGRP (CVE-2012-5596),  iSCSI (CVE-2012-5598), WTP (CVE-2012-5599), RTCP (CVE-2012-5600), RTCP (CVE-2012-5600),  ICMPv6 (CVE-2012-5602), y finalmente ISAKMP (CVE-2012-5597).

 

Mientras que la vulnerabilidad de revelación de información, de tipo local, se relaciona con el modo de gestión de múltiples ficheros 'pcap-ng' (CVE-2012-5592), que podría dar como resultado el descubrimiento de información sobre el host.

Todas las vulnerabilidades podrían ser realizadas a través de la inyección de paquetes en la red, o convenciendo a un usuario para que abriese un fichero de captura de tráfico especialmente manipulado. 

 

Las actualizaciones para las diferentes ramas 1.8.x y 1.6.x se encuentran ya disponibles en:

http://www.wireshark.org/download.html

 

Más información:

 

Wireshark 1.8.4 is now available

http://www.wireshark.org/lists/wireshark-announce/201211/msg00000.html

 

Wireshark 1.6.12 is now available

http://www.wireshark.org/lists/wireshark-announce/201211/msg00001.html


Fuente: http://unaaldia.hispasec.com/2012/12/wireshark-corrige-11-vulnerabilidades.html

[Nmap 6.25] 85 new NSE scripts

After five months NMAP team release latest version of open source utility for network exploration or security auditing - NMAP 6.25 .

It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Updates:

• integration of over 3,000 IPv4 new OS fingerprint submissions, over 1,500 service/version detection fingerprints, and of the latest IPv6 OS submissions and corrections
• better IPv6 traceroute support
• new poll and kqueue I/O engines for improved performance on Windows and BSD-based systems including Mac OS X
• added support for Unix domain sockets
• 85 new NSE scripts
• 12 new protocol libraries
• Windows 8 improvements
• targets-sniffer is now capable of sniffing IPv6 addresses
• a number of bugs affecting the software's security, stability and productiveness fixed.

Download Nmap 6.25

[Xenotix] XSS Exploit Framework 2013 v2 Released

Xenotix XSS Exploit Framework is a penetration testing tool to detect and exploit XSS vulnerabilities in Web Applications. This tool can inject codes into a webpage which are vulnerable to XSS. It is basically a payload list based XSS Scanner and XSS Exploitation kit. It provides a penetration tester the ability to test all the XSS payloads available in the payload list against a web application to test for XSS vulnerabilities. The tool supports both manual mode and automated time sharing based test modes. The exploitation framework in the tool includes a XSS encoder, a victim side XSS keystroke logger, an Executable Drive-by downloader and a XSS Reverse Shell. These exploitation tools will help the penetration tester to create proof of concept attacks on vulnerable web applications during the creation of a penetration test report.

Features: 

• Built in XSS Payloads
• XSS Key logger
• XSS Executable Drive-by downloader
• Automatic XSS Testing
• XSS Encoder
• XSS Reverse Shell (new)

Download Xenotix XSS Exploit Framework 2013 v2

Google Chrome 23.0.1271.91 corrige 7 vulnerabilidades

Google ha actualizado la nueva rama 23 de su navegador Chrome con la versión 23.0.1271.91, para todas las plataformas (Windows, Mac, Linux y Chrome Frame) que corrige siete nuevas vulnerabilidades con un nivel de gravedad medio-alto.

Las vulnerabilidades específicas de Chrome son las siguientes según el nivel de impacto:

• Dos vulnerabilidades marcadas con un impacto alto: CVE-2012-5133 descubierta por @miaubiz y relacionada con los filtros gráficos SVG, y la otra CVE-2012-5134, relacionada con la librería libxml y reportada por Jüri Aedla (Google Chrome Security Team).
      
• Tres de carácter medio: CVE-2012-5130 a través del motor grágico 2D "Skia", descubierta por Atte Kettunen del equipo universitario OUSPG. CVE-2012-5135 que afectaba al módulo de impresión, reportada por Fermín J. Serna (Google Security Team). Y el CVE-2012-5136, relacionada con la gestión de elementos de entrada HTML (Google Chrome Security Team).
      
• Finalmente, una vulnerabilidad de gravedad baja (CVE-2012-5132) relacionada con el método de transmisión "Chunked transfer encoding" y descubierta por Attila Szász.

Google recuerda como viene siendo habitual, que parte de las vulnerabilidades solucionadas fueron detectadas a través de su proyecto público de detección de errores en memoria para aplicaciones escritas en C/C++: AddressSanitizer

(http://code.google.com/p/address-sanitizer/wiki/AddressSanitizer)

 

Esta actualización está disponible a través del propio navegador vía Chrome Update automáticamente o desde el sitio oficial de descarga:

http://www.google.es/intl/es/chrome/

 

Más información:

Stable Channel Release and Beta Channel Update

http://googlechromereleases.blogspot.ro/2012/11/stable-channel-update.html

 

Source: http://unaaldia.hispasec.com/

[TOR v0.2.3.25] Virtual Network Tunneling Tool

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release reduces directory overhead, provides enormous crypto performance improvements for fast relays on recent hardware, a new v3 TLS handshake protocol that can better resist fingerprinting, support for protocol obfuscation plugins, better scalability for hidden services, IPv6 support for bridges, performance improvements like allowing clients to skip the first round-trip on the circuit ("optimistic data") and refilling token buckets more often, a new "stream isolation" design to isolate different applications on different circuits, and many stability, security, and privacy fixes. 

DOWNLOAD TOR v0.2.3.25