Monday, July 28, 2008

iPhone:Little bit More On SpringBoard

Everybody knows that there's no SummerBoard nor Customize for Firmware 2.0 yet.
So, what we need to do if we wanna change some graphics on our iPhone, while we're waiting for SummerBoard?
Firs of all connect to your iPhone via ssh and surf in

/System/Library/CoreServices/SpringBoard.app

Here you find all the basic graphics that you would change. Following an example of different "Battery" charge icons.



So it's very easy, just replace the .png images in this folder. There's more. If you wanna change the default messages shown by iphone inside the blue cartoons; move into your language folder (like for example English.lproj) and edit your favorite strings inside SpringBoard.strings and USSD.strings . That's all !

Thursday, July 24, 2008

Hackers start to target Apple Macs

Just read this Times online paper by Bernhard Warner




... worryingly ...

Tuesday, July 22, 2008

Fixing EDGE/3G/DT on iPhone 3G

Yes folks, I've pwned my iPhone again (for research.. of course) and now I got an iPhone 1generation with firmware 2.0 w/out Installer.app. After the easy way to jailbreak it, I've seen edge connection never goes down, and you know EDGE is pretty much expensive. So, how can we switch off the edge connection ? The first step was to search into

/System/Library/Carrier Bundles

Were you find all the carriers' directories. For instance inside the TIM_Italy.boundle there's interesting stuff like, for example:

Default_CARRIER_TIM.png FSO_CARRIER_TIM.png, Info.plist, ResourceRules.plist, carrier.plist version.plist .

So, the first thing that I've done was to rewrite the carrier.plist replacing the string apnXusernameXpassword with something fake. Nothing really happened . So, I tried by editing the personal configurations preferences present inside:
/var/preferences/SystemConfiguration/preferences.plist
typing vi /var/preferences/SystemConfiguration/preferences.plist . Now, searching the string apn (/apn) I've found two different places where it's possible edit it !

The first one :




The second one:



I changed the default value af APN string from "1" to "0", blocking the Edge access by default. So far I'm not sure which is the default "apn-key" and which is the user "apn-key", so I've just replaced both . It's working well !!

Enjoy the tip.

Friday, July 18, 2008

Lynis: Useful Auditing Tool

Hi folks, today I wanna point out this interesting tool built to be a great Audit tool .
It's a kind of cool for me, let's see the little official description :

Lynis is an auditing tool for Unix (specialists). It scans the system configuration and creates an overview of system information and security issues usable by professional auditors.


So, after having downloaded it I tried to use it on MAC OS X Leopard. Yep, as the documentation says, it works great under leopard



An interactive shell starts asking to you if you're ready to go ... ... ... ... OK let me analyze my system !



After some (maybe better to say ... lots ...) [ENTER] the program returns some results. Everything seems to work rightly, and nothing infected seems to be detected .



So far, I've not tried to put a fake shell or a rootkit, so I'm not sure it works properly, BUT , you know, I've found no time to this kind of test. So, please try to do that by yourself and if it works properly --also with the last malwares-- lemme know please !!

Sunday, July 13, 2008

Talking To iBoot

Yes, it seems devTeam has done it again !






This is the command line to talk to your iPhone’s “BIOS” of sorts. It decides what gets run (if it’s signed correctly) or not. Normally it’s very restrictive. Unless it’s been pwned.

Pwnage breaks the chain of trust from the very earliest boot stage, and as the video shows, this chain has now been broken on the iPhone 3G. Given that the only thing lower than this is ROM, Apple will have to change the hardware to prevent us from getting in, and we don’t expect them to ask for your phone back so they can “fix” it.

Please note that this has been anything but trivial, and it wasn’t as easy as porting our old code to the 3G iPhone. Many of our best hackers have been working in long shifts all weekend on this, and continue to do so as I write this post.



That's amazing, it means that, it's possible to jailbreack (Unlocking is another thing...) newest iPhone 3G !!!
Stay tuned, something is changing very fast ... .. .. .. .

Saturday, July 12, 2008

It's time for looking new iPhone.

Yet, other news on iPhone 3G and Firmware 2.0 .
The new pwnage tool is coming !!!



They have specified what "released soon" means. Soon as in a few days but NOT over the weekend, unfortunately :(.
Anyway, I really wanna say thank you at these guys, they work hard they are a good crackers and everything is free ! So, on one hand I cannot wait, and knowing that pwnage-tool will be ready, probably, next week makes me very impatient, BUT they are working for free ... and for the community. SO Good Job and take all the time you need ! -money-

Sunday, July 6, 2008

Italy: You Cannot Choose Your Own Driver Plate.

Hi folks,
in italy you cannot choose your driver plate, the DMV assigns to you a regular and incremental one. So, is it happen by chance ?




One of the most famous bad-4-letters worlds .

Saturday, July 5, 2008

Let's Try A New Honeypot

Honeypot is a great tool to discover new attacks' scenarios, malware propagation, virus' infections and so forth. Unfortunately sometime installing a Honeypot results very complicated and stressful. For this reason I wanna point out Amun a very useful honeypot written in python language, and for that really fast and easy to use.
If you wanna try it, you need to installPsyco, a python light library . Take it from apt-get or if you're using OS X from port just typing :


sudo port install py25-psyco


After that, edit /config/amun.conf and configure your honeypot !
At least you need to add the external ip address to use, and the vulnerabilities to emulate. A new feature with Amun 0.1.2 is auto-submission to Anubis, an online malware sandbox; if you don't like Anubis remove the entry from config file as following.



Save the amun.conf, start ./amun_server.py, and here we go . An easy honeypot has been installed on your local machine.



Another great Amun features is the possibility to write a "Vulnerability's plugin" using a XML file, so no particular python language skills are needed. Under the ./utils/xml_vuln_creator folder you'll find a "Creator": vuln_creator.py, able to convert a xml file to a vulnerability module. Let me show a very famous example: the VNC vulnerability.

From the source :



typing :


./vuln_creator.py -f xml_vnc.xml



You'll build two files to add into the folder /vuln_modules/ :



Again, we've just finished to build our own vulnerability's module, and our honeypot has a new feature: "The VNC Vulnerability". Everything thanks to XML technologies and Python language' s union. So far the honeypot configuration was very stressfull, right now it's going to be an easy installation process.

Thanks to RWTHAACHEN University for that.

Friday, July 4, 2008

Word Clouds for Free.

How many times did you see a wonderful Word Clouds around Internet ? Someone thinks that it's a new kind of art, I have no idea about art but I think, at least, it is a cool way to represent your own blog/site. Wordle is a toy for generating “word clouds” from text that you provide. The clouds give greater prominence to words that appear more frequently in the source text. You can tweak your clouds with different fonts, layouts, and color schemes. The images you create with Wordle are yours to use however you like. You can print them out, or save them to the Wordle gallery to share with your friends. Following an example from my blog.