11 Jun

Stealing iCloud Passwords made easy!

IOS-Mail.app Inject-Kit

jansoucek found a bug in the Apple IOS 8.3 Mail.app, resulting in „meta http-equiv=refresh HTML tag in email messages not being ignored. This bug allows remote HTML content to be loaded, replacing the content of the original email message. With simple HTML and CSS its possible to build a functional password „collector“.

This bug was published to Apple on 15.01.2015 but the fix is not delivered till now

Source and Proof of concept code is available on github.

Demo:

06 Jun

Let´s Encrypt: Freies SSL für Alle

Let´s Encrypt ist eine freie, automatisierte und offene certificate authority (CA) und frei verfügbar für alle.
Gestartet und betrieben wird das ganze Mitte 2015 von der Internet Research Group (ISRG).

Wie funktioniert das ganze?
Es könnte nicht einfacher sein:
Um unter Linux für seinen Webserver SSL zu aktivieren reicht wohl folgendes aus:

$ sudo apt-get install lets-encrypt

$ lets-encrypt example.com

mehr unter letsencrypt.org

05 Jun

Exploit Pack: Pentesting-Tool


ExploitPack kommt mit einer übersichtlichen Benutzeroberfläche und bietet derzeit ca. 300 Exploits
Mit ExploitPack ist es möglich Systeme auf Sicherheitslücken zu untersuchen und in diese einzudringen.
Es stehen ca. 300 Exploits für Windows, Linux und Mac OS X zur Verfügung.
Und natürlich ist es möglich eigene Angriffs Module dafür zu entwerfen.

Noch kein Ersatz für Metasploit, jedoch sehr vielversprechend.
Platform: Linux, Windows, OS X – min. Java8 – GPLv3
Url: exploitpack.com

03 Jun

OWASP Zed Attack Proxy (ZAP)

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

With its automated scanner and powerful REST API, ZAP fits seamlessly into your continuous integration environment, allowing you to automate the finding of common issues while you’re still in development.

Source: OWASP

03 Jun

How to Fix iPhone / iPad / AppleWatch Crash Text Message Bug

iPhone´s and Apple Watches are vulnerable to get crashed when the phone receives a special crafted string of characters via text message, snapchat, and twitter.

Here’s a three-step process to combat the issue:

You can do this simple workaround in the meantime before Apple patches the bug in order to open your Messages app:

1. Ask Siri to „read unread messages.“
2. Use Siri to reply to the malicious message. After you reply, you’ll be able to open Messages again.
3. If the issue continues, tap and hold the malicious message, tap More, and delete the message from the thread.

Following these simple steps would let you successfully access your Messages again. However, this procedure will provide only a temporary fix for the iPhone crash text bug.

03 Jun

OMD – checkmk: CentOS – Repo based Installation

omd installation centos 6.4:

# install centos 6.4 and update
installation centos 6.4
yum update
yum upgrade

#install vmware tools
cd /
mkdir data
cd data/
cp /media/VMware\ Tools/VMwareTools-xxxxx.tar.gz ./
ls
tar -xvzf VMwareTools-xxxxx.tar.gz
rm VMwareTools-xxxx.tar.gz
cd vmware-tools-distrib/
./vmware-install.pl

shutdown -r now

#add omd repo
wget -O – http://labs.consol.de/OMD/rh6/stable/consol-labs.repo > /etc/yum.repos.d/omd.repo
yum search omd-

#add rpmforge repo
rpm –import http://apt.sw.be/RPM-GPG-KEY.dag.txt
wget http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -K rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -i rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

#install fping
yum install fping

#install and enable repo priorities:
yum install yum-priorities -y
cat /etc/yum/pluginconf.d/priorities.conf

[main]
enabled = 1

#change repo priorities
vim /etc/yum.repos.d/CentOS-Base.repo

[root@nagios agents]# cat /etc/yum.repos.d/CentOS-Base.repo
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#

[base]
name=CentOS-$releasever – Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=1

#released updates
[updates]
name=CentOS-$releasever – Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=1

#additional packages that may be useful
[extras]
name=CentOS-$releasever – Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=1

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever – Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=2

#contrib – packages by Centos Users
[contrib]
name=CentOS-$releasever – Contrib
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=2

#install epel repo:

wget http://mirror.de.leaseweb.net/epel/6/i386/epel-release-6-8.noarch.rpm
rpm –import https://fedoraproject.org/static/0608B895.txt
rpm -i epel-release-6-8.noarch.rpm

# change epel repo priorities to 10
vim /etc/yum.repos.d/epel.repo

[root@nagios agents]# cat /etc/yum.repos.d/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 6 – $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
priority=10

[epel-debuginfo]
name=Extra Packages for Enterprise Linux 6 – $basearch – Debug
#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/debug
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
gpgcheck=1
priority=10

[epel-source]
name=Extra Packages for Enterprise Linux 6 – $basearch – Source
#baseurl=http://download.fedoraproject.org/pub/epel/6/SRPMS
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
gpgcheck=1
priority=10

#install omd
yum install omd-1.00.x86_64