Wednesday, 27 May 2015

Hack In Paris 2015 Invites All Hackers .

Namaste! Good Morning,

Woahh!!! Hold on hackers !!! Hack In Paris is here and this is the 5th time Hack In Paris is ready to Rock Paris .

Intrusion attempts are more and more frequent and sophisticated, regardless of their targets (states or corporations).It's in this context that international hacking events are multiplying. A few events take place in France, but until now, no one had covered hacking practices with a technical approach including both professional training and information aspects.It is this gap that Hack In Paris aims to fill. 

After the success of last year, with more than 400 attendees, this 5 days corporate event will be held at the Academie Fratellini Paris. 

Hack In Paris will let its attendees discovering the concrete reality of hacking, and its consequences for companies. The program includes the state of the art of IT security, industrial espionage, penetration testing, physical security, forensics, malware analysis and countermeasures.

Hack In Paris will be held from June 15th to 19th, 2015 and livened up exclusively in English :

  • Training : June 15 to 17, three days of trainings by 12 security officers (CISOs, CIOs) and technical experts  
  • Talks : June 18 to 19, two days of talks given by a variety of international speakers and highly technical experts
  • NEW ! : A gala-evening is organized by Sysdream on Thursday 7 P.M., June 18th, 2015 at the Academy Fratellini. More information :
You can register into the training session you like to know and learn and later research about . You will get chance to clear your concepts.

Grab your seats as soon as possible, the event will be houseful in no time.

Read More »

Wednesday, 18 March 2015

Now Unlock Apple iPhone By Brute Forcing Using IP Box

Namaste! Good Morning,

Apple iPhone has many ways to Unlock the screen which includes Fingerprint scanning, Pattern, and Secret PIN. One thing common in this is that all such methods require human interaction .

But now there is no need of human interaction to unlock the screen of iOS devices with secret PIN. 
with some of the tools like IP Box which is connected via USB, a Sensor to check the status of the screen in case of entering the correct password and change the image.

Actually, that brute force PIN-code is only effective if the device is disabled Erase Data in the settings ( Touch ID & Passcode screen ), which has been deleted from the device after ten attempts to enter the wrong.

Researcher's initial analysis indicates that the IP Box is able to bypass this restriction by connecting directly to the iPhone’s power source and aggressively cutting the power after each failed PIN attempt, but before the attempt has been synchronized to flash memory. As such, each PIN entry takes approximately 40 seconds, meaning that it would take up to ~111 hours (that is, four and a half days) to bruteforce a 4 digit PIN.
  • 5 digits - 1.5 months
  • 6 digits - 1.25 years
  • 7 digits - 12.5 years
  • 8 digits - 125 years
Researcher's have tested the attack on an iPhone 5s running iOS 8.1

Further research suggests this could be the issue detailed in CVE-2014-4451 but this has yet to be confirmed.

It turns out that the most efficient algorithm cracker action will be: 

  1. Try to find out the real PIN-code by analyzing the state of the coating of the screen. 
  2. Manually enter the 9 most popular of PIN-codes from the list of the most popular of PIN-codes. 
  3. Restart the phone. 
  4. Start automatic brute force for the other passwords. There is also better to use the dictionary the most popular combinations, introducing them in the first place.

Read More »

Saturday, 14 February 2015

Windows Security Bypass 10 With One Bit

Namaste! Good Morning,

In the last set of patches from Microsoft for February 2015 was closed not only notorious JASBUG , but also the vulnerability CVE-2015-0057 with the same maximum risk rating (total in the February set three critical bug). 

The vulnerability allows for escalation of privileges to gain complete control over a victim's computer and bypass all security mechanisms Windows. The bug is in the GUI-component core - module Win32k.sys. Namely, in the structure information about the scroll bars in windows on the screen.

There is a function xxxEnableWndSBArrows , which determines whether to display a scroll bar or show the scroll bar. This is where the hidden "bug", which is found by static code analysis. At some point freed memory bits, where he kept the flags of states scrollbars. These bits we use (Use After Free). 

At first glance it seems a minor vulnerability. But if it is right unleash a chain, it's in your hands full control of any system from Redmond. Exploit reliably works in all versions of Windows, from Windows XP and up to 10, with all the included security mechanisms. 

The author believes that the attackers will be successfully exploit this vulnerability for a long time.
Read More »

Thursday, 22 January 2015

Annomymous Hacker Sentenced for 5 years by Federal Judge in Dallas

Namaste! Good Morning,

Barret Brown is sentenced to 63 Months in prison by a federal judge in Dallas, including the 31 months he has already served.

Brown, 33, was pleaded guilty in April to being an accessory after the fact for attempting to assist a hacker, hiding two computers from FBI agents who were executing a search warrant and threatening an FBI agent in a video.

The accessory after the fact charge relates to an incident in December 2011 when someone Brown knew as "o" hacked the computer network of Austin, Texas-based private intelligence firm Stratfor and obtained confidential information, including credit card details, according to court papers.

Brown knew that the incident harmed Statfor's website and removed confidential data, according to court documents.

He also attempted to communicate with Stratfor's top official on behalf of the hacker to minimize damage, the papers said.

In a statement read in court on Thursday, Brown said his role was to post a link which had already been made public.

He said the government "exposed me to decades of prison time for copying and pasting a link to a publicly available file that other journalists were also linking to without being prosecuted."

Brown expressed regret for some of some of his actions, including threats made in online videos.

"The videos were idiotic, and although I made them in a manic state brought on by sudden withdrawal from Paxil and Suboxone, and while distraught over the threats to prosecute my mother, that's still me in those YouTube clips talking nonsense about how the FBI would never take me alive," he said.

Attempts to reach Brown's attorneys were unsuccessful.

 Listen Barrett Brown  in Youtube

Read More »

Hacker Arrested for Leaking Songs From Madonna's New Album Rebel Heart

Namaste! Good Morning,

Police in Israel have arrested a 39 year old man on suspicion of hacking into Madonna's compute and leaking songs from her new album "Rebel Heart".

The hacker was detained by members of the country's crime-fighting unit.

Officers are investigating allegations the suspect "broke into the personal computers of several international artists over the past few months and stole promotional final-cut singles which have yet to be released and traded them online for a fee". 

The Investigation by a security firm traced the breach of Madonna's computer to Israel. Her songs are leaked before its release date. 

"I'm profoundly grateful to the FBI, the Israeli Police investigators and anyone else who helped lead to the arrest of this hacker," Madonna, above, said in a statement.  

"Like any citizen, I have the right to privacy. This invasion into my life - creatively, professionally, and personally - remains a deeply devastating and hurtful experience, as it must be for all artists who are victims of this type of crime."

Hacking into Stars Personal Computers and into getting into their Account and stealing important data is getting easier these days. Seeing the rate of hacking into this personalities it seems that either the stars are not that good with protecting their own stuff of the hackers are becoming smarter day by day. 

Read More »

Friday, 17 October 2014

Nullcon Goa 2015 is Here Pirates! | Time to Set Sail Toward Goa

Namaste! Good Morning,

"Nullcon 2015" sets green flag to Call For Papers. This is the sixth year of Nullcon . Nullcon was founded in 2010 with the idea of providing an integrated platform for exchanging information on the latest attack vectors, zero day vulnerabilities and unknown threats. 

Motto of Nullcon is "The neXt security thing!" drives the objective of the conference i.e. to discuss and showcase the future of information security and the next-generation of offensive and defensive security technology.

nullcon goa 2015

The idea started as a gathering for researchers and organizations to brain storm and demonstrate why the current technology is not sufficient and what should be the focus for the coming years pertaining to information security.

In addition to security, one of the section of the conference called Desi Jugaad (Hindi for "Local Hack") is dedicated to hacking where we invite researchers who come up with innovative security/tech/non-tech solutions for solving real life challenges or taking up new initiatives.

 Nullcon is managed and marketed by Payatu Technologies. The idea of nullcon emerged out of null - The open security community, a registered not-for-profit society and the largest active security community in India with over 8 chapters in major cities - Bangalore, Mumbai, Chennai, Pune, Hyderabad, Mysore, Trivandrum and Delhi.

As a tribute to the community nullcon funds null to further null's cause and supports all of its initiatives.

While submitting the research paper remember that it's yours on research work . Also the abstract must be detailed and it must not just contain the mere introduction to the research/hacks. And any Paper/research that is more of marketing based and promoting its company may be rejected.

Important Dates:
  • CFP Opens: 6th Aug 2014
  • 1st round of Speaker list Online: 6th Sept 2014
  • CFP Closing Date: 1st Nov 2014
  • Final speakers List online: 6th Nov 2014
  • Detailed Paper submission by selected speakers: 6th Jan 2015
  • Training Dates: 4th-5th Feb 2015
  • Conference Dates: 6th-7th Feb 2015
More details related to CFP of Nullcon 2015 can be read from here.

The Venue Details

Venue: The Bogmallo Beach Resort, Goa, India
Contact: +91 - 99229 00657
For Inquiries:
For Sponsorship:
Registrations Open: Sep '14

This is the rare chance to meet your old friend and make new friends. You get to meet like minded peoples and an environment you would love to work in. Good luck for the event
Read More »