Hackers looking to bite the Apple in Computer Security
November 8, 2006
The Apple community has, since the beginning of time or well… atleast since its inception, has largely been immunie to attacks that regularly plague the internet community. Remember Nimda, Blaster, Slammer… yup. While you spend your time cursing Microsoft or your not so smart Anti Virus solution so prone to failure from zero day attacks, the Apple fanboys respond — they don’t have to worry about such nonsense. Apple’s general lack of concern towards viruses and malware was based on solid grounds. Their core kernel, based on secure Unix components for its underlying Operating System foundation, in itself makes the mac less vulnerable to malicious code. The other significant factor was that the Apple base wasn’t simply big enough for hackers to devote their attention to. Hackers crave attention … they want headlines also if possible bring in some moolah through their efforts among other things. The Apple community comprised of less that 5% of the overall PC market,so why not spend as much time, maybe even less creating something that will affect the remaining 95%.
However that is all changing. The iPod craze is translating into more customers for Apple. According to Apple’s most recent earning statement, Apple sold a bit north of 830,000 Macs in their last quarter, up 6% from their previous quarter. Apple’s market share is still in the single digits, but I can say for a fact that Apple is back. Thus, the slow but steady growth in the number of Mac users, is starting to make it an attractive target for malicious hackers.
And, we are starting to see this happen. This interest is translating into the discovery of more system vulnerabilities. Security vendor Internet Security Systems found that there were three times as many vulnerabilities found for the Macintosh in May of this year as there. Security supplier McAfee found that the number of vulnerabilities for the Macintosh went up 228 percent, compared to a 78 percent increase for Microsoft Windows, from 2003 to 2005.
In February 2006, the first worm designed for Mac OS X appeared. Named “OSX/Leap.A,” it is an instant messaging worm capable of infecting Mac applications. In addition, a handful of other attacks, focusing on items such as the Apple’s Safari browser and the Mac’s Bluetooth connectivity, have taken place.
In November 06, we see the release of a new worm for Apple named ‘Opener’. As first reported on The Mac Observer October 25, security experts discovered the virus entitled ‘Opener’, or ‘Renepo’ (opener spelled backwards), disguising itself as a shell script.
If you liked this article, click here to buy me a beer!Dear visitor, if you enjoyed reading this post, you may want to subscribe to my RSS feed. Thanks for visiting!
How to obtain free answers from Experts-Exchange.com
October 20, 2006
Method # 1: Using Google Cache
For demonstration, I am trying to look on how to covert C code into Assembly. Now, if I enter this query in Google, I get some pretty decent results. Now, we are trying to look for a solution at Experts Exchange. So, I go to google.com and type in covert c code to assembly site:experts-exchange.com. The ’site:’ is an advanced operator in google which limits our search results to that particular website and in this case, it is experts-exchange. [Read more]
How to bypass BIOS passwords
October 20, 2006
BIOS can also be said to be a coded program embedded on a chip that recognises and controls various devices that make up the computer.
BIOS passwords can be add extra layer of security for desktop and laptop computers, and are used to either prevent a user from changing the BIOS settings or to prevent the PC from booting without a password. BIOS passwords can also be a liability if a user forgot their passwords, or if a malicious user changes the password. Sending the unit back to the manufacturer to have the BIOS reset can be expensive and is usually not covered in an a typical warranty. However, there are a few known backdoors and other tricks of the trade that can be used to bypass or reset the BIOS password on most systems.
Many BIOS manufacturers have provided backdoor passwords that can be used to access the BIOS setup in the event you have lost your password. These passwords are case sensitive, so you may wish to try a variety of combinations.
WARNING: Some BIOS configurations will lock you out of the system completely if you type in an incorrect password more than 3 times. Read your manufacturers documentation for the BIOS setting before you begin typing in passwords.
Award BIOS passwords: ALFAROME BIOSTAR KDD ZAAADA ALLy CONCAT Lkwpeter ZBAAACA aLLy CONDO LKWPETER ZJAAADC aLLY Condo PINT 01322222 ALLY d8on pint 589589 aPAf djonet SER 589721 _award HLT SKY_FOX 595595 AWARD_SW J64 SYXZ 598598 AWARD?SW J256 syxz AWARD SW J262 shift + syxz AWARD PW j332 TTPTHA AWKWARD j322 awkward
AMI BIOS Backdoor Passwords: AMI BIOS PASSWORD HEWITT RAND AMI?SW AMI_SW LKWPETER CONDO
Phoenix BIOS Backdoor Passwords: phoenix PHOENIX CMOS BIOS
Misc. Common Passwords ALFAROME BIOSTAR biostar biosstar CMOS cmos LKWPETER lkwpeter setup SETUP Syxz Wodj
Other BIOS Passwords by Manufacturer Manufacturer Password
VOBIS & IBM merlin Dell Dell Biostar Biostar Compaq Compaq Enox xo11nE Epox central Freetech Posterie IWill iwill Jetway spooml Packard Bell bell9 QDI QDI Siemens SKY_FOX TMC BIGO Toshiba Toshiba
Toshiba BIOS Most Toshiba laptops and some desktop systems will bypass the BIOS password if the left shift key is held down during boot
IBM Aptiva BIOS Press both mouse buttons repeatedly during the boot
Other options to remove/reset the BIOS password if the default passwords don’t work
Using the Motherboard “Clear CMOS” Jumper or Dipswitch settings : This could also be used to clear CMOS password on Dell machines. Many motherboards feature a set of jumpers or dipswitches that will clear the CMOS and wipe all of the custom settings including BIOS passwords. The locations of these jumpers / dipswitches will vary depending on the motherboard manufacturer and ideally you should always refer to the motherboard or computer manufacturers documentation. If the documentation is unavailable, the jumpers/dipswitches can sometimes be found along the edge of the motherboard, next to the CMOS battery, or near the processor. Some manufacturers may label the jumper / dipswitch CLEAR – CLEAR CMOS – CLR – CLRPWD – PASSWD – PASSWORD – PWD. On laptop computers, the dipswitches are usually found under the keyboard or within a compartment at the bottom of the laptop.
Removing the CMOS Battery The CMOS settings on most systems are buffered by a small battery that is attached to the motherboard. (It looks like a small watch battery). If you unplug the PC and remove the battery for 10-15 minutes, the CMOS may reset itself and the password should be blank. (Along with any other machine specific settings, so be sure you are familiar with manually reconfiguring the BIOS settings before you do this.) Some manufacturers backup the power to the CMOS chipset by using a capacitor, so if your first attempt fails, leave the battery out (with the system unplugged) for at least 24 hours
How to crack a 128 bit WEP key using OS X and KISMAC
October 20, 2006
WEP is one of the ways through which users try to implement encryption on their wireless networks. Most students going into their college dorms for the first time, go the nearest Circuit City or Best Buy, get the latest wireless router and plug it in. Either they leave it open or they go with the default WEP key. Some tech savvy users still go with WEP as their Wireless encryption protocol, just because their laptops might be couple of years old and their wireless adapters might not support better wireless security protocols like WPA or WPA2+TKIP/ WPA+AES.
Even if you use WPA, it doesn’t matter if you have SSID turned on or off, because better cracking programs are coming out every day with better dictionaries. Some help can be obtained through the good folks at GRC where they have a free strong pass phrase generation tool. While MAC address filtering would be an okay complement to your wireless protection, they do not complement your security by much. MAC addresses are actually not encrypted when sent over the air, since they are the only reliable way of identifying a peer. Getting them from network traffic is trivial and only needs a couple of frames. Also, MAC addresses are also trivial to spoof.
To show all you folks why WEP does not provide any security, check out this video from Shawn Hogan. Shawn here cracks two 128 bit WEP keys in around 60 seconds. He uses a publicly available tool called KISMAC available for a Macintosh. After doing some reading, an “ultra-secure” password/MD5 seed would be relatively useless anyway… all it would do is force the attacker to spend 10 minutes on it instead of 10 seconds (see this FAQ and this FAQ), all of which is easily done from the kismac Network menu. It doesn’t even matter if you setup your wireless network to be public or not, because kismac can see it even if the base station isn’t showing the SSID publicly. So here goes hacking with KISMAC on OS X
http://video.google.com/videoplay?docid=8373973529570869716&
If you liked this article, click here to buy me a beer!Excellent JS based English to LEET translator
October 20, 2006
Leet is a phrase often used on the Internet, some being online games, message boards, and chat rooms. It comes from the word “elite”, meaning “above everyone else”. It’s most commonly written as “1337″ or “l33t”. It can also be written differently, the numbers 1, 3 and 7 standing for L, E and T respectively.
A Leet Speak Alphabet
* A—4,/-\,/_\
* B—8,|3 and very uncommonly 13
* C—<,{,[,(
* D---|>,|),|},|]
* E—3
* F—|=,ph
* G—[,-
* H---|-|,[-].{-},|=|,[=],{=}
* I—1,|
* J—usually the J is untouched
* K—|< ,1 <
* L---|_,|,1_
* M---|\/|,^^
* O---0,(),[],{}
* P---|o,p,|O
* Q---O, or 9
* R---|2,12
* S---5,$
* T---7,+
* U---|_|
* V---\/
* W---\/\/,(/\), \^/
* X---><,
* Y---j
* Z---Z
Numbers for letters
One of the qualities of leet speak is using numbers to replace letters. Many words have numbers leet speak.
* 1 — L, I (I is more often shown as |, and sometimes as ][)
* 2 — Z (not in common usage)
* 3 — E
* 4 — A
* 5 — S
* 6 — G (not in common usage)
* 7 — T (can also be L)
* 8 — B
* 9 — G
* 0 — O (Occasionally represented by “()”)
Below is a simple javascript I wrote to translate English into leet.
Hijacking a MacBook in 60 Seconds or Less
October 20, 2006
For more information, Washington Post has an in depth article on this Mac Book Hijacking presented by these two security researchers.
How to crack a WEP key using Ubuntu
October 20, 2006
After the article on cracking a WEP key using a MAC, many users have requested similar *testing* of their security procedures using a popular LINUX distro and WinXP. This article delves into cracking a WEP key and a WEP key force using the most popular and user friendly LINUX distro out there : UBUNTU. All you need is a laptop with a wireless card and a copy of Ubuntu Linux. NOTE: Most of the Intel wireless adapters that come in built in most laptops these days should work.
Ubuntu (IPA pronunciation: /u’buntu/) is a Linux distribution offering an operating system predominantly targeted at desktop computers. Based on Debian GNU/Linux, Ubuntu concentrates on usability, freedom from restriction of use, regular releases, and ease of installation. Ubuntu is sponsored by Canonical Ltd., by South African Mark Shuttleworth; the name of the distribution comes from the African concept of ubuntu (roughly, “humanity towards others”).
First step, obviously, is to install Ubuntu. Just boot from the CD and follow the directions. If you have problems or need help installing UBUNTU, follow this guide straight from Ubuntu. Once you have the OS installed and configured/customized to your liking we can proceed with the first step. I’d suggest performing the following steps in order, otherwise you may have problems.
Next, install the extra repositories and all the programs that Ubuntu doesn’t preinstall. Make sure your machine is able to establish a connection to the Internet. If you can only connect via wireless and are having problems, there is a package called Wi-Fi radar that is helpful. To install the extra repositories, open a terminal window and type the following:
If you liked this article, click here to buy me a beer!
Recent Comments