At present we now have an integrated architecture where Industrial Control Systems are no longer isolated from traditional networking equipment. In fact, a quick search using the SHODAN search engine will reveal thousands of NiagaraAX devices accessible over the Internet. A weakness within this system could allow an attacker access to critical environmental controls.

This revelation motivated him to do a little ‘vulnerability research’ on the NiagaraAX Framework. To share his findings, he decided to create a short VIDEO CLIP illustrating how an attacker can leverage multiple weaknesses to hack into a buildings’ automation system.

sskblog.com/?p=926

QJax has shared a great hacking video showing Tridium NiagaraAX Industrial Control and Building Automation at Risk! http://vimeo.com/56069427.

Do you think these videos help raise awareness to a known security issue?

Follow him on Twitter @SSKblog

This blog post discusses the RunForestRun hack.  The tool is code that will allow you to predict the pseudo random malicious domains generated by the obfuscated script uploaded to compromised websites.

Vulnerable websites are being exploited first via the Plesk Panel vulnerability.  After a victim visits a compromised website, they will also be redirected to a malicious site and the Blackhole Exploit Kit will attempt to exploit the unsuspecting victim.

The goal of the tool is to generate the domains ahead of time and then setup URL web filters to block access.

Read the Post and enjoy the tool! http://sskblog.com/?p=771

ding! ding! ding! and Maxe the cyborg takes the lead!

#2 - Patch Management (Staying updated and patched from known vulnerabilities.)

Updating to the latest browser versions like IE8 has a built-in XSS filter.  It was disabled for the video.

#3 - Enforced Proxy (Filters malicious data, similar to an IPS system somewhat.)
Use the proxy to block outbound access to a known "Evil_IP" or Egress Filtering? So technically your proxy server answer should do the trick.

This video will demonstrate how a simple XSS vulnerability can be leveraged to gain complete control of your web-browser and eventually lead to a complete system compromise.

1) We will use a cross-site scripting vulnerability as the initial attack vector
2) Exploit XSS by redirecting the user’s browser to the Evil_IP with a JavaScript loop (every 2 secs)
3) Exploit the victim’s browser to gain system ‘root’ or ‘shell’ access
4) Elevate our privileges to system-level

QUIZ: There is at least 6 security controls that could prevent several steps in the video including vulnerabilities or user errors.  Can you spot them all? 

FREEBIE: DVWA web server & IE8 browser security settings allow unencrypted XSS attack string to be sent during an SSL session.  "Submit non-encrypted form data- ENABLED"
What else?

http://vimeo.com/26751019

Pass Policy, Over Regulation, Through Vulnerabilities, Nothing but NET!

“use complex password / frequently change”

“patch that so-called critical system” – maybe that’s why it keeps crashing FOOL!

“don’t use the same password for your personal twitter account that you use for your company Admin access” – DUMMY!

“Stop browsing the Internet from your server, especially since you are so afraid to update your IE browser to the latest version” – Mr. Fandango Movie Surfer!

“It doesn’t matter if you passed your Audit” – ASK HACKERS IF THEY GIVE A F@#$!

“Stop! Don’t spend any more money until you fix the problem from 3 years ago, which can be done with the Interns you already have…” – FOR FREE!

“Why don’t you just pay us more money so we can feel better about not caring” – OOPS SORRY THAT SLIPPED


UPDATED LINK FOR THOSE PARANOID HACKERS
http://securitystreetknowledge.com/?p=557

This is a tutorial to help you get the Cross-site Scripting Framework (XSSF) installed into MetaSploit on an Ubuntu distro.  These are excellent notes to help you get around those annoying errors like MySQL not started, incorrect version of Ruby, where to find the XSSF.zip  I hope this saves someone a few CPU cycles. 

If you have not heard of XSSF then do a GTS (Google That $hit!)

http://bit.ly/hNYgI3

Sorry but I do not know of a Windows solution yet.  I will let you know when I come across one.

I must warn you that even if you use SSL through Tor it can be stripped off.  So if you are hacking i wouldn't be so worried about a bad guy seeing your traffic but rather big brother.  If you look at some of the fastest ExitNodes they tend to be located in areas near state-owned cyber defense establishments.(Do a GeoIP on the ExitNode IP address)  If you read a lot of blogs you will hear authors say how they capture this or that attack in the wild.  Then they get credit for the exploit.  It is my guess they are monitoring their own Tor ExitNode.

I like this site very much. It has a very good list of daily RSS feeds and video selections.

http://securitystreetknowledge.com/

In certain circumstances I would use Tor for an authorized PenTest.  If anything use it to test how effective the administrators are with reviewing logs and finding offending IPs. 

Anyway, look at this recent post that will walk you through setting up your box to use Tor for a Pentesting.

http://securitystreetknowledge.com/?p=283