Archive for the ‘General’ category


OFFICIAL EC-COUNCIL STATEMENT RE: EC-Council – CEH – Unethical Behavior: A recent blog post was brought to our attention with regard to anonymous internet activity in the Feb-May 2010 timeframe with the preceding title. We are taking this matter very seriously. EC-Council in no way supports, condones, or permits this type of unethical behavior. At this time, there is a lack of conclusive evidence that suggests these postings were made or endorsed by EC-Council’s employees or affiliates. Due to the nature of these allegations an investigation is being conducted. Should any findings be conclusive, EC-Council will handle accordingly. EC-Council enforces and adheres to a strict Code of Conduct, and we expect our partners, affiliates and competitors to uphold the same standards.

Jay Bavisi Meeting Prime Minister Najib at an Exclusive Event in Washington D.C

Exploit Code for 981374

Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution
The vulnerability is a use-after-free (invalid pointer reference) vulnerability within iepeers.dll and only Internet Explorer versions 6 and 7 are vulnerable. Internet Explorer 8 and 5 are not affected.
Download the Exploit code here

Chinese University Behind Attacks

This is interesting. What can I say? I am shocked.

A series of online attacks on Google and dozens of other American corporations have been traced to computers at two educational institutions in China, including one with close ties to the Chinese military, the Chinese schools involved are Shanghai Jiaotong University and the Lanxiang Vocational School.

Oh boy. I cannot even trust University education today….

The Google Cyber Attack

It is interesting to read the developments in the recent attack against Google a.k.a. “Aurora”

What I find as perplexing is the fact that even after a recent formal protest by the US State Department to the Chinese authorities, many concede that there is little or nothing the US government can do to retaliate. Apparently, this is not the first time. According to State Department spokes person, Phillip Crowley, …”Similar concerns have been raised in the past on numerous occasions”.

So what can we really do?

This is an example of the complexities the world faces with the proliferation of the internet. While the political ramifications are many and complex, and outside the realm of the technological debate, the question that we need to pose is – “What can we do technologically ? ”

Technologically corporations need to become self reliant in matters of information security which includes everything we have been doing all these years and much more.We need to accept that  “zero days” can undo the best work we have done and put the organization at risk. How do corporations balance budgets, corporate responsibility, shareholder value and yet manage this risk effectively when there are known underground sites that openly “trade” in zero days in the name of research!

We need to avoid making security a mere  ‘checklist” requirement  but rather we need to realize that information security is tied to business and negating one means risking the other. We need to educate knowledge workers, we need to take a proactive stance for matters relating to cyber security and we need to avoid the “EQSM mentality – EQuipment based Security Mentality” that I have been advocating for years.

In addition to that, C level executives need to understand the risks that are involved and cannot expect a major incident to occur before they pay attention what many Infosec professionals have been trying to tell them for years.

In most of my global speaking engagements, one question seems to come up over and over again – “How do I convince the C level executives in my organization about the risks we face so that they will pay attention to the changes I would like to propose ?”

A panacea to this disease could be education based proactive action over and above what we are doing now and we learn painfully that equating the strength of an organization’s security posture to their IT Security budget is nothing but a placebo.

Unfortunately it is incidents like these that remind us of of the fragile state we are in and the vast amount of work that lies ahead of us.

Google’s “Aurora” Attack

Source code was stolen from some of the more than 30 Silicon Valley companies targeted in the attack, sources said. Adobe has confirmed that it was targeted by an attack, and sources have said Yahoo, Symantec, Juniper Networks, Northrop Grumman, and Dow Chemical also were targets.

The German government recommended people avoid using Internet Explorer until Microsoft Corp. provides a patch to fix a “critical” security flaw that allowed a cyber attack against Google Inc.

McAfee says references in the IE-related attack code it analyzed indicate that the attackers called the operation “Aurora” and that the attack was extremely sophisticated.

There is a lot of news coming out about the attack on Google and everyone involved is trying to figure out exactly what happened. Lot of the evidence has started pointing to the Chinese government as being behind it.

VeriSign confirms Chinese government was behind cyberattack on Google.

How were systems compromised?

When a user manually loaded/navigated to a malicious web page from a vulnerable Microsoft Windows system, JavaScript code exploited a zero-day vulnerability in Internet Explorer;  Microsoft Internet Explorer DOM Operation Memory Corruption Vulnerability.  Microsoft has released Security Advisory (979352) for this vulnerability (CVE-2010-0249).

What was the payload of the exploit?

Once a system was successfully compromised, the exploit was designed to download and run an executable from a site, which has since been taken offline.  That executable installed a remote access Trojan to load at startup.  This Trojan also contacted a remote server.  This allowed remote attackers to view, create, and modify information on the compromised system.

Microsoft says it best in their security blog:

“We have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks.”

Here is the posting from McAfee Blog –“aurora”-hit-google-others/

As with most targeted attacks, the intruders gained access to an organization by sending a tailored attack to one or a few targeted individuals. We suspect these individuals were targeted because they likely had access to valuable intellectual property. These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s Internet Explorer.

Once the malware is downloaded and installed, it opens a back door that allows the attacker to perform reconnaissance and gain complete control over the compromised system. The attacker can now identify high value targets and start to siphon off valuable data from the company.

The Aurora Attack Vector

The attack vector is that users were pointed to a web site (probably through a targeted Spam e-mail, an attack called spear phishing) containing a JavaScript that references this invalid pointer and injects the included shell code. The code below was released publicly.

Download the Attack Vector Here


Google (finally) enables default “https” access for GMail

Google has decided to deploy https by default for Gmail users. The decision follows revelations of efforts by attackers to improperly access the Gmail accounts of Chinese human rights activists.

Well done Google. You have really taken a stand against China’s censorship policies. Very well done indeed.

Windows 7 Godmode

Create a folder named eccouncil.{00C6D95F-329C-409a-81D7-C46C66EA7F33} and see what happens.
You can use any of these strings as well:
For GodMode Folder use this string

Patents Awarded

IBM earned the most U.S. patents of any company in the world, grabbing 4,914 patents in 2009. Second place Samsung took home 3,611 patents, while Microsoft batted third with 2,906 patents.

IBM has 30,000 patents under its belt. Wow!

Top 10 patent holders for 2009

Whitepapers Portal

EC-Council has launched Whitepapers portal at HackerJournals. You will be able to download tons of PDF documents on various categories from Hacking, Forensics, PenTest, Cryptography to Operating System. Have a look at