ICANN gets PWNED

June 30, 2008 — Giannella

In the past couple of days, reports have surfaced on the hijacking of the domains for ICANN and IANA attributed to the group NetDevilz. According to news articles, an ICANN spokesman stated they were unaware of the events. The total time for the redirection before the entry was corrected was about twenty minutes. However it will take 24 to 48 hours after the correction to ensure all the DNS entries are updated. In that time, users were redirected to a site that stated the follow:

“You think that you control the domains but you don’t! Everybody knows wrong. We control the domains including ICANN! Don’t you believe us? haha :) (Lovable Turkish hackers group)”

What triggered the changing of the DNS entries has not been disclosed that I have found. Dancho Danchev’s blog shows an email address listed in the updated records and note the email address in the entry called “foricann1230@gmail.com” as well as the date they were updated as June 26. Regardless of how it happened (though I’m sure everyone would like to know) there is a big concern here. Nothing on the internet is safe and if this can happen to these folks, it can happen to anyone…. (and maybe it already has, in which case they better run to their national government and get some retroactive law enacted.)

Source: SANS ISC.

Posted in Security. Tags: , , . 1 Comment »

MAC OS X Hacked in 2 minutes

March 28, 2008 — Giannella
OSX LeopardMac PWNED in 2 minutes flat when Charlie Miller managed to Breach MacBook Air (definition) in less than 2 minutes.In the first day of the challenge, no computer could be breached, as the organizers only allowed attacks over a network. The second day of the hacking contest allowed attackers to visit Web pages or open messages in e-mail clients.

Charlie Miller who also hacked the iPhone back in 2007, breached Mac through the zero-day vulnerability (definition).

Apple … say that they “are working on it“.

I <3 Charlie

Charlie Brown

Detailed information? Read here.

Posted in Hacks, OS. Tags: , , , . No Comments »

PS3 - Hacking has started

February 20, 2008 — Giannella
I’ve learnt:

“The greatest enemy to PS3 “security” is the PS3 itself.”

We all remember PSP and ISO’s, the hack came out somewhat quickly. Apparently it’s not that smooth for PS3, Sony thought they have learnt their lesson, however our friends, the ethical experts have discovered that a PS3 has an AdvanceMAME binary that allows the system to emulate arcade games through Linux (hmmmmm…)

PS3 ConsoleYep, thanks to that handy OS named Linux, which conveniently comes prepped for the console, we’re already seeing some pretty nifty things being done with the PS3, and now it’s being put to good use to siphon data off of those nifty Blu-ray discs.
So far nothing more than a straight transfer has been achieved, but it appears the PS3 game file structure is similar to that of the PSP.

(Note that this is exactly how the PSP backup scene got started, the PS3 file structure closely resembles the one used in PlayStation Portable games.)

It’s not sure yet how well on the way this puts us towards the ability to create “backup” discs of PS3 games, but at least it’s a start.

Some Jap Company plugged in an external hard drive containing two 750 GB in RAID 0, 1 configuration is attached to the PS3 unit via special SATA cable. Still on show (but if the Japs can do it why shouldn’t we?!)
Read more about it here.

Anyways for some hackz you can check out this site:

Posted in Articles, Linux. Tags: , , , , , . 6 Comments »