Microsoft U.K. website was recently attacked and defaced by a hacker known as rEmOtEr. The hacker has successfuly gained access to the website and altered a webpage, creating one with two images and multiple references to the kingdom of Saudi Arabia.
It is known that the attacker gained access by using a common attack known as SQL injection. Contributing to the succes was the fact that the webserver was allowed to return error messages. By studying the error message (and equipped with relavent knowledge) one can slowly work his way in, causing the webserver to return information that it is not meant to access.
This hack has been around for almost a month and according to Microsoft’s WGA Team, they are putting it as a least priority issue to be dealt with at the moment.
Alex Kochis, Microsoft’s Product Managers noted on the WGA’s blog that “It’s worth noting we also prioritize our responses, because not every attempt deserves the same level of response. Our goal isn’t to stop every “mad scientist” that’s on a mission to hack Windows. Our first goal is to disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims.”
So I supposed that this is a good news for whoever using or planning to use such hack.
It is already known that WLAN’s WEP isn’t secured. Back in 2001, it was shown that the method of cracking the crypto system RC4 can also be used in cracking the WEP encryption. Then, it needed an estimated of 4,000,000 to 6,000,000 WEP packets in order to crack the secret key used in the encryption. Until recently, the best method requires about 500,000 to 2,000,000 WEP packets which usually takes 10 to 40 minutes.
Now, a group of researchers from Technical University of Darmstadt has managed to bring the figure down to 10% of that. With just 40,000 packets, they are able to achieve a success probability of 50% in obtaining the key. Upping the number of packets to 85,000, they get a staggering 95% success probability.
The researchers has published their report at their website, including the WEP cracking program. They had used and improved on the attack method developed by Andreas Klein in 2005.
Due to the weak security of WEP, the Wi-Fi Alliance had introduced WPA which based partly of the IEEE 802.11i. Later, WPA2 which uses AES encryption was introduced and made mandatory for all new Wi-Fi devices that is Wi-Fi certified.
A hacker by the screen name “Computer User” had recently announce on some internet forum that he had created a crack program, that allows one to search and obtain a legal Vista product key. The crack simply tries to inject product keys into the OS until it finds keys that are accepted by Vista. The crack is able to search through 20000 keys in an hour.
A few days after, “Computer User” announced that the crack was a hoax, and should not work as he had added codes in the crack that causes it to generate invalid product keys. However, some users who had used his crack claimed that they had obtained some legitimate product keys. One user had even posted a video clip showing the entire process.
Alex Kochis, a senior licensing manager from the WGA team had acknowledged the possibility of such an attack, but attempts to downplay it.“The attack randomly searches for legit keys. This is called a brute force attack because there really isn’t much intelligence involved and the goal is to just randomly cycle through key after key after key until a legit one is found. One report indicates that the script written to perform this attack goes through about a thousand keys every half an hour; frankly, that’s a pretty slow brute force attack.”, according to Kochis.
Also from him, if a legitimate customer was affected due to the product key he got was activated by the brute force crack; such issue can be dealt at the customer service level.
iDefense Labs (part of the Verisign company) has just issued a new challenge to the white and black hats, to discover security vulnerabilities within the mentioned products, which can be remotely exploited. iDefense will be awarding US$8000 for each vulnerabitity submitted, to a maximum of six payments of $8000. On top of the $8000, $2000-$4000 will also be awarded for each working exploit codes that exploits the submitted vulneralbility.
WIBU-Systems USA, Inc. will give $40,000 to the first person who can hack into and remove their anti-piracy software from a protected application. Techies will have six weeks to try, starting Jan. 31. Registration for the challenge kicks off at MacWorld Expo next week in San Francisco.
Just as Microsoft is fixing up the previous RTM cracks (frankenbuild & KMS crack), hackers managed to get one more crack again. This time by modifying the count down timer.
*no guide will be provided as I have no wish to have this as a cracking/hacking website.