DefCon Day 2: Patching Your Hacker Toolkit
LAS VEGAS, July 30 -- New research released at the DefCon conference suggests that not only is it important to apply patches to fix security flaws in commonly used computer software, but that patch installation is important for the very tools hackers and security professionals frequently use to break into (or test the security of) computer networks.
According to new findings by the venerable hacker ninjas known as the Shmoo Group, some of the most popular tools used by hackers and security professionals to infiltrate and test the security of targeted networks contain serious flaws that defenders could use to turn the tables on hackers.
Metasploit, a sort of Swiss Army knife of free attack software that automates the search for systems vulnerable to dozens of known software flaws, contains a critical vulnerability that could allow a person defending a network being probed by the Metasploit toolkit to seize control over the machine doing the actual probing. Same goes for "Canvas," another tool widely used by penetration testers and Black Hat hackers alike. (Canvas is a product sold by the folks at ImmunitySec, one of several companies I wrote about recently that pays hackers who find security flaws in commercial software.)
The Shmoo guys also found major flaws in Kismet, one of the most widely used tools for finding unsecured wireless computer networks. "It's time to download the latest patches for your 'sploits folks," Shmoo Group member Brian Caswell said yesterday at a Defcon briefing. "If you are thinking about using Kismet here at DefCon folks, don't, because you will get owned."
In my wanderings in and out of the various DefCon briefings yesterday, I saw dozens of people using Kismet to compete in the conference's war driving and capture the flag competitions, and plenty of those folks were still using the software after the Shmoo Group's talk was finished. I'm guessing quite a few of those guys are now wishing they'd attended that talk.
Posted by: ShmooFooey | August 3, 2005 1:22 PM | Report abuse
Posted by: infosuck | August 4, 2005 9:40 AM | Report abuse
Posted by: ShmooFooey | August 4, 2005 2:21 PM | Report abuse
Posted by: P | August 4, 2005 4:14 PM | Report abuse
Posted by: Anonymous | August 4, 2005 5:20 PM | Report abuse
Posted by: ShmooFooey | August 5, 2005 12:59 PM | Report abuse
Posted by: email | August 11, 2005 12:00 AM | Report abuse
The comments to this entry are closed.