This episode of Full Disclosure illustrates the progress of Cracking weak WPA Preshared Keys. Before you can crack the Preshared Key you must capture the four way handshake between the Access Point and a client; to accomplish this you must force the client to reconnect to the AP with the DeAuthentication attack we showed in episode 3. If you are using the Linksys WUSB54GC you will have to update your drivers to RaLink RT73 USB Enhanced Driver. In this episode we show you how to do this, and I also made a Backtrack module to automate the process. The module works in the same way as the IPWRAW Module for the Intel Pro/Wireless 3945ABG card, so you can watch that Vblog if you are having troubles.

Live Stream Here
Download Here

Download RT73 Module Here
Watch IPWRAW Vblog Here

For Full Disclosures first Modding episode, we show you how to turn your old Xbox that’s collecting dust, into a ultimate gaming/media playing/linux machine without opening the case. We use a specially crafted save game that exploits a vulnerability in Mech Assault to install a new Dashboard on the Xbox. The Xbox Media Center dashboard allows you to manage your music and videos, play your old favorite games with emulators, and it allows you to play backed up Xbox games. Furthermore, you can install various versions of Linux.

Live Stream Here
Download Here

The wait is finally over! This new episode of Full Disclosure shows you how to use a SSH Tunnel to secure your data when you are on an untrusted LAN (ex. Coffee Shop, School’s network, or Defcon). Furthermore, you can use the SSH Tunnel to bypass the LAN’s internet filters. The SSH tunnel protocol works by encapsulates your data into an encrypted payload and transmitting it to the SSH Server which is setup on a trusted LAN.

Live Stream Here
Download Here

Links:
OpenSSH for Windows, Putty, Proxifier

The other day my computer was infected by a USB Worm known as Jamesgo.dll. I received the virus when I inserted my girlfriend’s USB thumb drive. The worm modified the autorun.inf file on the thumb drive, so it was able to automatically transfer itself to all my hard disk drives (Click Here to view autorun.inf). There is little information on the internet about this virus, so I had to figure out my own way to remove it. By analyzing the autorun.inf (which the virus cleverly changed to a system hidden file, and later I found out that it modified the registry so system hidden files are never displayed) I disclovered that each drive contains the Visual Basic Script, test.vbs (Click Here to view Test.vbs). Basically what the file does is copies test.bat, test.reg, autorun.inf, autorun.ico, and itself to every hard disk in the system. Also, it runs every 60 seconds, so if you delete it from one drive in 60 seconds it will recopy itself from a different drive. Futhermore, the test.reg simply edits the registry so test.bat runs on start up and prevents system hidden files from being displayed. Test.bat runs the VB script and changes the files to system,hidden,achieved, and read-only (Click Here to view Test.reg and Click Here to view Test.bat). To remove the virus I crafted a batch file changes all the test files and autorun to normal files (attrib -s -h -r test.*, attrib -s -h -r autorun.*), and then deleted them. Since the batch file can delete all the files quickly it does not have a chance to recopy itself to all the disk drives. Also, I manually removed all entires of test.bat from the registry (Click Here to view Fix)

To prevent a USB Worm from infecting your computer:
1) Goto Start -> Run
2) Type “gpedit.msc” (This is the group policies editor)
3) Click “Administrative Templates” under Computer Configuration
4) Then click “System”
5) Select “Turn off Autoplay”
6) Set it to “Enable” and choose to “Turn off Autoplay on All Drives”


In conclusion, the Jamesgo.dll USB Worm is not a risk for your computer, but it is really annoying! Also, it is a perfect example on how easy it is to create a Worm for travels though removal media. If you want to mess around and modify the Jamesgo.dll script you can download it here. If you want to learn more on how to use Autorun and Batch files to create a “Auto Hacking USB Thumb Drive” go here.

Interesting Note: The Jamesgo.dll USB Worm was created in the Philippines which is stated in test.vbs, and the Thumb Drive that infected my computer was purchased in the Philippines and brought back to the US by my girlfriend’s mother.

Since Infinity Exists hasn’t had time to release a new episode, I decided to revamp a two part series, Exploit Hacking and Exploit Hacking 2 - Privilege Escalation, that I made a year before Infinity Exists was created. It may be a little dated, but it provides great information on how a hacker can find an vulnerability on a remote computer and exploit it to gain remote access. Also, the video shows how a hacker can raise their privileges on the remote machine to administrator. I added text throughout the video to make it easier to understand. Furthermore, Infinity Exists plans to do a more up-to-date and more detailed series of episodes on “exploit hacking.”


Full Scale Video Here
Download Here

As most of you already know, Infinity Exists’ Full Disclosure Ep. 2 Wep Cracking was featured on CBS’s 60 Minutes “High-Tech Heist” for about 10 seconds. Those few seconds on Nation Television gave us about 40,000 hits on YouTube, and about 750 unique hits on InfinityExists.com. Weeks after the 60 minutes episode aired Infinity Exists is still getting an average of 300 unique hits a day. This is pretty good compared to our 200 hit average before.



However, 60 Minutes brought Infinity Exists to the attention of a few unwanted people. For Example:



People that do not understand what it is to be a hacker, just simply think we are criminals. A Hacker truly is a computer enthusiast that enjoys exploring various computer systems in the pursuit to gain more knowledge. A hacker’s goal is never to harm anyone or anything as the media would like you to believe. The goal of Infinity Exists’ video series Full Disclosure is to inform people about specific security flaws. If there was no one to disclose this information to the general public then everyone would still being using insecure technology and would be at the mercy of criminal crackers.

So there I was, checking out tech books at Borders, when I noticed … DUN DUN DUN … the Blue Screen of Death!

CBS’s 60 Minutes ran a segment on internet insecurities and they showed the ease of finding tutorials on youtube to exploit them. They chose our video on cracking WEP to demonstrate and showed a short clip of it. The segment is up on the CBS website and you can check it out here. Thank you CBS for the free publicity!
—————————————————————————————————————————– Update - Live Stream

In this episode of Full Disclosure we are explaining the website attack known as Cross-Site Scripting (XSS). Cross-Site Scripting is a type of security vulnerability that affects web applications that do not sanitize user input properly. This kind of vulnerability allows an “attacker” to inject HTML or client side script like JavaScript into the website. Cross-Site Scripting is most commonly used to steal cookies. Cookies are used for authenticating, tracking, and maintaining specific information about users; therefore, by stealing a user’s cookies an attacker could bypass the website’s access control. There are three types of XSS attacks: Persistent, Non-Persistent, and DOM-Based. In this episode we will cover Persistent and Non-Persistent Cross-Site Scripting attacks.

Live Stream Here
Download Here

Download Cookie Catcher Here

I currently attend Southern Illinois University at Carbondale, and I am taking Digital Circuit Design with Dr. Weng who also teaches Network Processing Systems Design. Today in class he invited all his students to go a tour of SIUC’s computer network with his Network Processing Systems class. Of course I took up his often because it is not every day a regular student can walk into the core networking room and server mainframe of a large University. Basically, the network is system up on a three layer infrastructure (Core Layer, Distribution Layer, Access Layer). At the Access Layer (which is the layer that provides network access to client computers) the University uses Cisco Catalyst 2950 switches. Those switches are connected via cross-over cable to the Distribution Switch which is a Cisco Catalyst 3524. In turn, the Distribution switch connects via fiber wire to the Core Switch which is a Cisco Catalyst 6509. The entire can network runs at 1 Gigabyte; however, the internet bandwidth is capped at 300 Mb! Furthermore, only 90 Mb of bandwidth is dedicated to the Residence Halls!! All the Core Switches goto the student center where the internet point of entry is located. Also, internet traffic is filtered through a SourceFire firewall. Some more interesting networking facts: SIUC has 9 Wireless AP (I believe) which are managed by a Cisco Wireless LAN Controller, for access control they use Cisco 1111, for VPN they use Cisco VPN Concentrator 3000, and for their servers they use Sun System SunFire. A interesting security fact is that they only use SSH to configure switches remotely because the web interface has security issues. Lastly, you probably noticed that most of their networking devices are Cisco this is for compatibility reasons, they had problems in the past for using multiple vendors. Well thats about it, hope you enjoyed hearing about SIUC’s Network.

Typical Network Layout of a SIUC Building:

My Dorm’s Network Layout: