Browsing articles in "Hacking"

Twitter has Denial of Service Attack

Aug 6, 2009   //   by David Bates   //   All Post, Been Hacked, Hacking, Thoughts On  //  No Comments


I was humming along nicely this morning, knee deep in an SQL stored procedure when Frank Sandoval IM’ed me and informed me that both Twitter and Facebook was down. I quickly took a look at both sites to confirm and sure enough he was correct. My instant reaction was that it was probably something like the Twitter Takeover that happened a few days ago on FaceBook. It turns out that the problem was much more sinister than that. Twitter reported on their blog that they where actually combating a denial of service attack. For those of you that don’t know what a denial of service attack is. It is when an attacker floods a url with so much information that the url can no longer recieve normal request.
I would say that Twitter will likeley have this resolved soon. so by the time you get to read this it will probably be safe to hit the tweet this button at the bottom of the post :)

Thanks for reading
David Bates

UPDATE:
Looks like twitter came online about 12:40EST but then went back down shortly thereafter. I hope they can combat the attacker.

UPDATE#2: This story made CNN! Twitter is back online but dog slow.

Make a Comment

Vista Backdoor Hack

Jul 2, 2008   //   by David Bates   //   All Post, Hacking, Software  //  1 Comment

I recently found this little gem while working on a deployment strategy for my company.
Basically, you can switch one of the apps in the ease of access suite with CMD and create a backdoor into your system that has a user of system!

I choose to use the On Screen Keyboard utility as I knew that this was the most useless to me. Any program in the Ease of Access suite will work however.

Instructions:

Make A COPY!
1. Make a copy of the original program, just in case you decide to undo this. You can do this several ways; I choose to drag the item to my desktop. osk.exe can be found in %windir%\System32\.

Change the Owner
1. Right click on the OSK.exe program in %windir%\System32\ and select properties.
2. Click the Security tab and then click on Advanced.
3. Click on the Owner tab and then click Edit. (You will have to answer a UAC prompt)
4. Now click on your username and click apply.
5. Close all dialogs.
6. Re-open Properties and Security for OSK.exe, now give yourself full control.
7. Click apply and close all dialogs.
8. Delete OSK.exe

Make CMD look like OSK
1. Copy CMD to a location that you have permission for.
2. Rename CMD to OSK.
3. Copy OSK(CMD) to %windir%\System32\ you will receive a prompt. Click Replace.

Using Your New Backdoor
You have now implemented your new backdoor. All you have to do is log off, click the Ease of Access button, and click on On Screen Keyboard. You will now be presented with a command prompt that is logged on as the system.

But Wait There?s More
If you now run explorer you will have a working taskbar and can launch any application you wish. (Remember that not all applications will run as some services have not started.)

I will take screenshots to help with this soon.

Enjoy
David Bates

Make a Comment
Pages:«12