Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Reading Room’ Category

Jihadi Hacking Tutorials: Irhabi 007’s Text and More….

with 2 comments

I recently posted some preliminary findings on files found on Jihadist websites for hacking. Actual full tutorials on how to hack that ended up with actually useful data and tools for the jihadi’s to hack in the name of Allah. In looking at those files I also ran across a section of .pdf files that included a text, that if I read correctly, is from Younis Tsouli aka “Irhabi 007” (Terrorist 007) Like the autorun/distro like tutorials from earlier, these pdf’s run the gauntlet of current hacking attacks that are the hack-du-jour. PHP hacking, SQL, Linux/*NIX hacking, Database hacking of various kinds etc. Much of this data has been taken from other sites like MILW0RM and others, translated into Arabic with notations and put into the pdf format for dissemination on jihadi sites and or, certain Arabic hacking group sites like XP10.

With each tutorial though, the hackers had to add their own personal emails on there, so I have about 10 or so addresses to put into Maltego and Google. So far, “metoovet”, who created the tutorial on hacking that I posted about last, seems to be rather open in using his hotmail address on other sites including a business site for programming. The site is ostensibly his and via a whois I was able to get another address of his. The sum of the data points toward his being not only a hacker programmer, but he also claims to be a medical student.

Heh.

I will continue the poking about on this, but I thought these files would be interesting for you all to see. They were uploaded to the megashare a while back and I am sure have proliferated all over.

The Files

On the 007 text though, I need a good way to translate the pdf file. His stuff was pretty comprehensive too…

More soon.

CoB

Malware Stego With Proper English

with one comment

Hackers could evade most existing antivirus protection by hiding malicious code within ordinary text, according to security researchers.

One of the most common ways of hijacking other people’s computers is to use “code-injection” attacks, in which malicious computer code is delivered to and then run on victims’ machines. Current security measures work on the assumption that the code used has a different structure to plain text such as English prose.

Now a team of researchers has highlighted a potential future theatre in the virus-security arms race by working out how to hide malware within English-language sentences.

Though this is a hard exploit to pull off because of all the groundwork that needs to go into it, it is a novel approach for say, a nation state actor such as China to try huh? Of course they would have to work a bit harder at using English properly and not go for the pidgin English that they are known for now in coding sites and malware at times. Imagine just getting infected from a grammatically correct http page on the internet eh?

This exploit would be classic steganography though. Lets see if this exploit shows up somewhere in the future….

“English Shell Code”

Written by Krypt3ia

2009/11/28 at 12:48

New Docs in the Reading Room

leave a comment »

Terrorism: http://tinyurl.com/nfk5u2

Polemic to follow soon….

Written by Krypt3ia

2009/09/22 at 16:34

Posted in Reading Room, Terrorism

Reading Materials

leave a comment »

Recently I have been googling for interesting files and came across from pdf files you all might like. I am thinking I will just set up a lending library on the server…

Here

Enjoy

Written by Krypt3ia

2009/06/14 at 13:03