Nmap 5.50
A primary focus of this release is the Nmap Scripting Engine, which has allowed Nmap to expand up the protocol stack and take network discovery to the next level. Nmap can now query all sorts of application protocols, including web servers, databases, DNS servers,FTP, and now even Gopher servers! Remember those? These capabilities are in self-contained libraries and scripts to avoid bloating Nmap's core engine.
inSSIDer
inSSIDer 2 will display all Wi-Fi access points within range and display their MAC address, SSID, RSSI, Channel, Vendor, Encryption, Max Rate and Network Type. Use the filters feature to quickly sort through long lists of access points. Great news for Linux users! inSSIDer 2, a very popular free/open source Wi-Fi network scanner for Windows Vista and Windows XP is now available for Linux Download inSSIDer 2 for Linux (currently alpha) - includes .deb and .rpm.
SuperTuxKart
It’s here, racing fans – a brand new version of iconic Linux game ‘SuperTuxKart’ is now available for download.
Install VirtualBox 4.0 (Stable) In Ubuntu, Via Repository
VirtualBox 4.0 has been released today. We've already covered what's new in VirtualBox 4.0 when the first beta came out so check out that post or the changelog for more info. As you probably know, starting with VirtualBox 4.0 some features are now available separately, in an extension pack. Here are the step-by-step instructions on installing both VirtualBox and the Extensions Pack in Ubuntu.
Thursday, March 3, 2011
Hexjector 1.0.7.5 Rev34 Latest Version Download
9:53 AM
H Z
“Hexjector is an open-source, multi-platform PHP script to automate site penetration tests for SQL Injection Vulnerabilities.”
This is the updated change log:
* Error_Check, HexDorker, HexaFind, HexDumper, HexaCurD, Hexdumpfile, Hexoutfile, Hexloader, and WAF_Detector have all been updated.
* HexaFind is now multithreaded(Credits tDavid Hopkins for his CURL Class).
* HexacURL removed.
* Information.php is not used anymore.
* Code is refined and organized for better view.
* Output Buffering removed.
* WAF Bypass Module Added.
* HTTP Requests are now available.
* POST
* Interface of Hexjector is changed thanks tJohnburn, and mods from me.
* A nonpersistent XSS is patched in HexDorker.
* Codename Added.
* RCE Test added.
* Troubleshoot section added taid users in solving problems.
* A new Manual Updater is added.
* News Feeds Retriever.
* Patch Retriever.
* SQL Injection Type Detection is recoded tbe more precise.
* Another Series of SQL Injection Type Detection are added.
* Single Quotes with Parenthesis
* Double Quotes
* Double Quotes with Parenthesis
* Local Md5 Cracker, Hexcracker added.
* Scripts with functions have Mod_ Prefix in the filename.
* All htmlspecialchars() are changed thtmlentities().
* Back Button now available.
* Many E_NOTICE errors are fixed.
Download Hexjector v1.0.7.5 Rev34
This is the updated change log:
* Error_Check, HexDorker, HexaFind, HexDumper, HexaCurD, Hexdumpfile, Hexoutfile, Hexloader, and WAF_Detector have all been updated.
* HexaFind is now multithreaded(Credits tDavid Hopkins for his CURL Class).
* HexacURL removed.
* Information.php is not used anymore.
* Code is refined and organized for better view.
* Output Buffering removed.
* WAF Bypass Module Added.
* HTTP Requests are now available.
* POST
* Interface of Hexjector is changed thanks tJohnburn, and mods from me.
* A nonpersistent XSS is patched in HexDorker.
* Codename Added.
* RCE Test added.
* Troubleshoot section added taid users in solving problems.
* A new Manual Updater is added.
* News Feeds Retriever.
* Patch Retriever.
* SQL Injection Type Detection is recoded tbe more precise.
* Another Series of SQL Injection Type Detection are added.
* Single Quotes with Parenthesis
* Double Quotes
* Double Quotes with Parenthesis
* Local Md5 Cracker, Hexcracker added.
* Scripts with functions have Mod_ Prefix in the filename.
* All htmlspecialchars() are changed thtmlentities().
* Back Button now available.
* Many E_NOTICE errors are fixed.
Download Hexjector v1.0.7.5 Rev34
WireShark 1.4.4 Latest Version Released
9:42 AM
H Z
What is Wireshark?
Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.
What's New
What's New
Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that Wireshark could free an uninitialized pointer
while reading a malformed pcap-ng file. (Bug 5652)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
CVE-2011-0538
o Huzaifa Sidhpurwala of the Red Hat Security Response Team
discovered that a large packet length in a pcap-ng file could
crash Wireshark. (Bug 5661)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
o Wireshark could overflow a buffer while reading a Nokia DCT3
trace file. (Bug 5661)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.
CVE-2011-0713
o Paul Makowski working for SEI/CERT discovered that Wireshark
on 32 bit systems could crash while reading a malformed
6LoWPAN packet. (Bug 5661)
Versions affected: 1.4.0 to 1.4.3.
o joernchen of Phenoelit discovered that the LDAP and SMB
dissectors could overflow the stack. (Bug 5717)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)
o Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that
large LDAP Filter strings can consume excessive amounts of
memory. (Bug 5732)
Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior
versions including 1.0.x are also affected.)
The following bugs have been fixed:
o A TCP stream would not always be recognized as the same
stream. (Bug 2907)
o Wireshark Crashing by pressing 2 Buttons. (Bug 4645)
o A crash can occur in the NTLMSSP dissector. (Bug 5157)
o The column texts from a Lua dissector could be mangled. (Bug
5326) (Bug 5630)
o Corrections to ANSI MAP ASN.1 specifications. (Bug 5584)
o When searching in packet bytes, the field and bytes are not
immediately shown. (Bug 5585)
o Malformed Packet: ULP reported when dissecting ULP SessionID
PDU. (Bug 5593)
o Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598)
o Display filter does not work for expressions of type BASE_DEC,
BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606)
o NTLMSSP dissector may fail to compile due to space embedded in
C comment delimiters. (Bug 5614)
o Allow for name resolution of link-scope and multicast IPv6
addresses from local host file. (Bug 5615)
o DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627)
o Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639)
o Various fixes to the HIP packet dissector. (Bug 5646)
o Display "Day of Year" for January 1 as 1, not 0. (Bug 5653)
o Accommodate the CMake build on Ubuntu 10.10. (Bug 5665)
o E.212 MCC 260 Poland update according to local national
regulatory. (Bug 5668)
o IPP on ports other than 631 not recognized. (Bug 5677)
o Potential access violation when writing to LANalyzer files.
(Bug 5698)
o IEEE 802.15.4 Superframe Specification - Final CAP Slot always
0. (Bug 5700)
o Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702)
o dumpcap: -q option behavior doesn't match documentation. (Bug
5716)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM
Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow,
NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP
New and Updated Capture File Support
LANalyzer, Nokia DCT3, Pcap-ng
Getting Wireshark
Wireshark source code and installation packages are available from
Wednesday, March 2, 2011
Update Nmap to Version 5.51 in Backtrack 4 r2 [ for Newbie ]
12:11 PM
H Z
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff).
How to Update Nmap to Version 5.51 in Backtrack 4 r2
Download Nmap in http://nmap.org/download.html and than Extract to desktop
And now locate to directory nmap-5.51 and type :
Wait until finish complie and with no error and type again :
And now u have new version from nmap
How to Update Nmap to Version 5.51 in Backtrack 4 r2
Download Nmap in http://nmap.org/download.html and than Extract to desktop
tar -xf nmap-5.51.tgz
And now locate to directory nmap-5.51 and type :
./configure && make
Wait until finish complie and with no error and type again :
make install
And now u have new version from nmap
Tuesday, February 22, 2011
Nikto v.2.1.4 Released
2:18 PM
H Z
This release contains a number of important bug fixes, as well as new functionality and improvements, including:
New interactive feature: press N to skip current host and move to next
Updated XML schema
Check for private IP addresses in cookies
Report certificate CN which doesn't match hostname
Allow multiple cookies to be set in the config file
Regular expressions in test database allow more accurate checks
More data in XML and HTML reports
For a full list of updates, see the CHANGELOG.txt
Download: https://cirt.net/nikto
Saturday, February 12, 2011
Nmap v.5.51 Released
11:24 AM
H Z
Download: http://nmap.org
Thursday, February 3, 2011
NiX Brute Force – Parallel Log-in Brute Forcing/Password Cracking Tool
8:42 PM
H Z
Features
Basic Authorization & FORM support in both standard and HTTPS (SSL) mode
HTTP/SOCKS 4 and 5 proxy support
FORM auto-detection & Manual FORM input configuration.
It is multi-threaded
Wordlist shuffling via macros
Auto-removal of dead or unreliable proxy and when site protection mechanism blocks the proxy
Integrated proxy randomization to defeat certain protection mechanisms
With Success and Failure Keys results are 99% accurate
Advanced coding and timeout settings makes it outperform any other brute forcer
The full changelog including the latest version is here.
You can download NiX Brute Force here: NIX_BruteForce.bz2
Blackbuntu CE 0.2 Released
8:10 PM
H Z
Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security.
Blackbuntu is Ubuntu base distro for Penetration Testing with GNOME Desktop Environment. It's currently being built using the Ubuntu 10.10 and work on reference Back|Track.
Changelog
-------------------------
- Remove acroread
- Added Start/Stop Service Menu like <- Added Videosnarf
- Added Xplico
- Added fragrouter.
- Added Nemesis.
- Added Bizploit
- Added weevely
- Added Matahari
- Added Plecost
- Added Pynject
- Added SAP script from phenoelit.de
- Added numlockx (Credit to anidear).
- Recompile Kismet-new core to support Linux Netlink(LibNL/nl80211).
- Kernel modules patched it all up for packet injection/fragmentation/channel hopping, etc for wireless(Credit to Alex Ploiter)
- Upgrade dradis 2.4.1 to 2.6
- Update and integration of all the tools previosly available in Release 0.1
- Fixed 0trace - usleep not found on the system(credit Bruno Criado)
- Fixed Pentbox menu error and directory permission.
- Fixed menu wireshark doesn't run as root.
- Enable "ctrl+alt+backspace" Key Sequence to kill the X server (Credit to anidear).
- Removed unnecessary service on statup
Download
Source : http://www.blackbuntu.com/
Posts
