Teoria da conspiração - Obama usou pomada especial para chorar?

Presidente norte-americano chorou ao falar sobre crianças mortas em massacre (Foto: AFP)
Rodou o mundo na última terça-feira (5) a imagem do presidente dos Estados Unidos, Barack Obama, indo às lágrimas ao falar sobre o massacre na escola primária de Sandy Hook, em 2012. Mas… E se as lágrimas fossem “de crocodilo”?
Pois bem, isso é o que está sendo insinuado na internet por conta de uma sequência de fotos. De acordo com John Nolte, jornalista do conceituado Washington Post, as lágrimas são fruto de uma pomada mentolada chamada Bengay — Bengué no Brasil.

 
Conhecido militante dos republicanos nos EUA, Nolte foi além. Depois de afirmar que Obama passou Bengay nos olhos para forçar as lágrimas, fez uma referência bastante pesada: “Essa era uma tática que Adolf Hilter utilizava bastante”.
As “provas” apresentadas pelo jornalista republicano foram colocadas em seu Twitter. As imagens mostram Obama passando as mãos nos olhos poucos minutos antes de começar a chorar ao falar do massacre de crianças em 2012.
Até o momento, a Casa Branca não se pronunciou sobre as acusações do jornalista, que se proliferam na internet. E, se o protocolo for seguido, nem Obama e nem seus assessores deverão comentar o assunto, a não ser que sua repercussão ultrapasse os limites esperados.

 
O discurso de Obama na última terça era um anúncio na mudança da política de venda de armas dos Estados Unidos. O presidente utilizou o exemplo do massacre para justificar que o controle da venda desse tipo de armamento significa um passo importante contra esses atentados.

Fonte: Yahoo Noticias

By OffensiveSec

Read More

Sawef - Send Attack Web Forms

SAWEF - Send Attack Web Forms

DESCRIPTION

The purpose of this tool is to be a Swiss army knife 
for anyone who works with HTTP, so far it she is basic, 
bringing only some of the few features that want her to have, 
but we can already see in this tool:

- Email Crawler in sites
- Crawler forms on the page
- Crawler links on web pages
- Sending POST and GET
- Support for USER-AGENT
- Support for THREADS
- Support for COOKIES

REQUERIMENTS

 ----------------------------------------------------------
Import:
threading
time
argparse
requests
json
re
BeautifulSoup

permission          Reading & Writing
User                root privilege, or is in the sudoers group
Operating system    LINUX
Python              2.7
 ----------------------------------------------------------

INSTALL

git clone http://github.com/danilovazb/SAWEF

sudo apt-get install python-bs4 python-requests

HELP

usage: tool [-h] --url http://url.com/
            [--user_agent '{"User-agent": "Mozilla/5.0 Windows; U; Windows NT 5.1; hu-HU; rv:1.7.8 Gecko/20050511 Firefox/1.0.4"}"]
            [--threads 10] [--data '{"data":"value", "data1":"value"}']
            [--qtd 5] [--method post|get]
            [--referer '{"referer": "http://url.com"}']
            [--response status_code|headers|encoding|html|form|links|emails]
            [--cookies '{"__utmz":"176859643.1432554849.1.1.utmcsr=direct|utmccn=direct|utmcmd=none"}']
            [--modulo crawler]

optional arguments:
  -h, --help        show this help message and exit
  --url http://url.com/
                    URL to request
  --user_agent '{"User-agent": "Mozilla/5.0 (Windows; U; Windows NT 5.1; hu-HU; rv:1.7.8) Gecko/20050511 Firefox/1.0.4"}"
                    For a longer list, visit:
                    http://www.useragentstring.com/pages/useragentstring.php
  --threads 10      Threads
  --data '{"data":"value", "data1":"value"}'
                    Data to be transmitted by post
  --qtd 5           Quantity requests
  --method post|get
                    Method sends requests
  --referer '{"referer": "http://url.com"}'
                    Referer
  --response status_code|headers|encoding|html|form|links|emails
                    Status return
  --cookies '{"__utmz":"176859643.1432554849.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)"}'
                    Cookies from site
  --modulo crawler  Carrega modulo adcional

EXAMPLE

*Send 1 SMS anonymous to POST [in BR]:
-------------
$:> python sawef.py --url "https://smsgenial.com.br/forms_teste/enviar.php" --data '{"celular":"(11) XXXX-XXXXX","mensagem":"Teste","Testar":"Enviar"}' --threads 10 --qtd 1 --user_agent '{"User-agent":"Mozilla/5.0 Windows; U; Windows NT 5.1; hu-HU; rv:1.7.8) Gecko/20050511 Firefox/1.0.4"}'

*List Form attributes:
-------------
$:> python sawef.py --url "https://smsgenial.com.br/" --method post --response form
OUTPUT:

--------------------------------
NOME_FORM[None]
URL[http://paineldeenvios.com/painel/app/login/login.php]
METHOD[post]

email:Digite Seu Login        (text)
passwd:Senha        (password)
Entrar:Entrar        (submit)

--------------------------------
NOME_FORM[form1]
URL[/forms_teste/criaruser.php]
METHOD[post]

action:criarconta        (hidden)
nome:<NONE>        (text)
celular:<NONE>        (text)
email:<NONE>        (text)
Testar:Criar        (submit)
Testar:Enviar        (hidden)

--------------------------------
NOME_FORM[None]
URL[/forms_teste/enviar.php]
METHOD[post]

celular:<NONE>        (text)
Testar:Enviar        (submit)

* Get email web pages
$:> python sawef.py --url "http://pastebin.com/ajaYnLYc" --response emails
[...]
[+] EMAIL = manothradevi@yahoo.com
[+] EMAIL = fantaghiroaziera@yahoo.com
[+] EMAIL = naqibjohari@yahoo.com
[+] EMAIL = azliey3036@yahoo.com
[+] EMAIL = azlin_4531@yahoo.com.my
[+] EMAIL = urshawal96@yahoo.com
[+] EMAIL = weeta_aida88@yahoo.com.my
FOUND = 3065

* Get links on web pages
$:> python sawef.py --url "http://terra.com.br" --response links
[...]
[+] LINK = http://uol.com.br/https://pagseguro.uol.com.br/vender
[+] LINK = http://www.uolhost.com.br/registro-de-dominio.html
[+] LINK = http://noticias.uol.com.br/arquivohome/
[+] LINK = http://noticias.uol.com.br/erratas/
[+] LINK = http://uol.com.br/#
[+] FOUND = 360

* Crawling site

$:> python sawef.py --url "http://www.100security.com.br" --modulo "crawler"
Emails: 

[+] marcos@aulasdeti.com.br
[+] marcos@100security.com.br
[+] danilovazb@gmail.com
[+] cve@mitre.org
[+] cve-id-change@mitre.org
[+] devon@digitalsanctuary.com
[+] g5382139@trbvm.com
[+] editor@www.com
[+] support@senderbase.org
[+] 0x0ptim0us@gmail.com
[+] ramiro.caire@gmail.com
[+] fgmassa@vanguardsec.com
[+] crime.internet@dpf.gov.br
[+] cgpre@dpf.gov.br
[+] dpat.dcor@dpf.gov.br
[+] dicof.cgcsp@dpf.gov.br
[+] coain.coger@dpf.gov.br
[+] dprev.cgpfaz@dpf.gov.br
[+] dicat@pcdf.df.gov.br
[+] nureccel@pc.es.gov.br
[+] devir@pc.ms.gov.br
[+] comunicacao@policiacivil.pa.gov.br
[+] cibercrimes@pc.pr.gov.br
[+] policiac@fisepe.pe.gov.br
[+] drci@policiacivil.rj.gov.br
[+] drci@pcerj.rj.gov.br
[+] drci@pc.rs.gov.br
[+] 4dp.dig.deic@policiacivil.sp.gov.br
[+] marcos@marcoshenrique.com
[+] contato@fabricadeaplicativos.com.br
[+] email@mail.com.br
[+] lcm@lcm.com.br
[+] luizwt at gmail.com
[+] luizwt@gmail.com
[+] geoff@deconcept.com
[+] revista@espiritolivre.org
[+] email@email.com
[+] s**********s@gmail.com
[+] //iriok@hotmail.com

Download Sawef

Read More

Vuvuzela - Private Messaging System That Hides Metadata

Vuvuzela is a messaging system that protects the privacy of message contents and message metadata. Users communicating through Vuvuzela do not reveal who they are talking to, even in the presence of powerful nation-state adversaries. Our SOSP 2015 paper explains the system, its threat model, performance, limitations, and more. Our SOSP 2015 slides give a more graphical overview of the system. 

Vuvuzela is the first system that provides strong metadata privacy while scaling to millions of users. Previous systems that hide metadata using Tor (such as Pond ) are prone to traffic analysis attacks. Systems that encrypt metadata using techniques like DC-nets and PIR don't scale beyond thousands of users.

Vuvuzela uses efficient cryptography ( NaCl ) to hide as much metadata as possible and adds noise to metadata that can't be encrypted efficiently. This approach provides less privacy than encrypting all of the metadata, but it enables Vuvuzela to support millions of users. Nonetheless, Vuvuzela adds enough noise to thwart adversaries like the NSA and guarantees differential privacy for users' metadata.

Screenshots

A conversation in the Vuvuzela client

In practice, the message latency would be around 20s to 40s, depending on security parameters and the number of users connected to the system.

Noise generated by the Vuvuzela servers

Vuvuzela is unable to encrypt two kinds of metadata: the number of idle users (connected users without a conversation partner) and the number of active users (users engaged in a conversation). Without noise, a sophisticated adversary could use this metadata to learn who is talking to who. However, the Vuvuzela servers generate noise that perturbs this metadata so that it is difficult to exploit.

Usage
Follow these steps to run the Vuvuzela system locally using the provided sample configs.

1. Install Vuvuzela (assuming GOPATH=~/go , requires Go 1.4 or later):
   

   $ go get github.com/davidlazar/vuvuzela/...
   

   The remaining steps assume PATH contains ~/go/bin and that the current working directory is ~/go/src/github.com/davidlazar/vuvuzela .
   
2. Start the last Vuvuzela server:
   

   $ vuvuzela-server -conf confs/local-last.conf
   

3. Start the middle server (in a new shell):
   

   $ vuvuzela-server -conf confs/local-middle.conf
   

4. Start the first server (in a new shell):
   

   $ vuvuzela-server -conf confs/local-first.conf
   

5. Start the entry server (in a new shell):
   

   $ vuvuzela-entry-server -wait 1s
   

6. Run the Vuvuzela client:
   

   $ vuvuzela-client -conf confs/alice.conf
   

The client supports these commands:

• /dial <user> to dial another user
• /talk <user> to start a conversation
• /talk <yourself> to end a conversation

Deployment considerations
This Vuvuzela implementation is not ready for wide-use deployment. In particular, we haven't yet implemented these crucial components:

• Public Key Infrastructure : Vuvuzela assumes the existence of a PKI in which users can privately learn each others public keys. This implementation uses pki.conf as a placeholder until we integrate a real PKI.
  
• CDN to distribute dialing dead drops :Vuvuzela's dialing protocol (used to initiate conversations) uses a lot of server bandwidth. To make dialing practical, Vuvuzela should use a CDN or BitTorrent to distribute the dialing dead drops.
  

There is a lot more interesting work to do. See the issue tracker for more information.

Download Vuvuzela

Read More

CenoCipher - Easy-To-Use, End-To-End Encrypted Communications Tool

CenoCipher is a free, open-source, easy-to-use tool for exchanging secure encrypted communications over the internet. It uses strong cryptography to convert messages and files into encrypted cipher-data, which can then be sent to the recipient via regular email or any other channel available, such as instant messaging or shared cloud storage.

Features at a glance

• Simple for anyone to use. Just type a message, click Encrypt, and go
• Handles messages and file attachments together easily
• End-to-end encryption, performed entirely on the user's machine
• No dependence on any specific intermediary channel. Works with any communication method available
• Uses three strong cryptographic algorithms in combination to triple-protect data
• Optional steganography feature for embedding encrypted data within a Jpeg image
• No installation needed - fully portable application can be run from anywhere
• Unencrypted data is never written to disk - unless requested by the user
• Multiple input/output modes for convenient operation

Technical details

• Open source, written in C++
• AES/Rijndael, Twofish and Serpent ciphers (256-bit keysize variants), cascaded together in CTR mode for triple-encryption of messages and files
• HMAC-SHA-256 for construction of message authentication code
• PBKDF2-HMAC-SHA256 for derivation of separate AES, Twofish and Serpent keys from user-chosen passphrase
• Cryptographically safe pseudo-random number generator ISAAC for production of Initialization Vectors (AES/Twofish/Serpent) and Salts (PBKDF2)

Version History (Change Log)

Version 4.0 (December 05, 2015)

• Drastically overhauled and streamlined interface
• Added multiple input/output modes for cipher-data
• Added user control over unencrypted disk writes
• Added auto-decrypt and open-with support
• Added more entropy to Salt/IV generation

Version 3.0 (June 29, 2015)

• Added Serpent algorithm for cascaded triple-encryption
• Added steganography option for concealing data within Jpeg
• Added conversation mode for convenience
• Improved header obfuscation for higher security
• Increased entropy in generation of separate salt/IVs used by ciphers
• Many other enhancements under the hood

Version 2.1 (December 6, 2014)

• Change cascaded encryption cipher modes from CBC to CTR for extra security
• Improve PBKDF2 rounds determination and conveyance format
• Fix minor bug related to Windows DPI font scaling
• Fix minor bug affecting received filenames when saved by user

Version 2.0 (November 26, 2014)

• Initial open-source release
• Many enhancements to encryption algorithms and hash functions

Version 1.0 (June 10, 2014)

• Original program release (closed source / beta)

Download CenoCipher

Read More

Tails 1.7 - The Amnesic Incognito Live System

Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:

• use the Internet anonymously and circumvent censorship;
  all connections to the Internet are forced to go through the Tor network;
• leave no trace on the computer you are using unless you ask it explicitly;
• use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.  

Tails, The Amnesic Incognito Live System, version 1.7, is out.
This release fixes numerous security issues. All users must upgrade as soon as possible.

New features

• You can now start Tails in offline mode to disable all networking for additional security. Doing so can be useful when working on sensitive documents.
  
• We added Icedove, a rebranded version of the Mozilla Thunderbird email client.
  Icedove is currently a technology preview. It is safe to use in the context of Tails but it will be better integrated in future versions until we remove Claws Mail. Users of Claws Mail should refer to our instructions to migrate their data from Claws Mail to Icedove.
  

Upgrades and changes

• Improve the wording of the first screen of Tails Installer.
  
• Restart Tor automatically if connecting to the Tor network takes too long. (#9516)
  
• Update several firmware packages which might improve hardware compatibility.
  
• Update the Tails signing key which is now valid until 2017.
  
• Update Tor Browser to 5.0.4.
  
• Update Tor to 0.2.7.4.
  

Fixed problems

• Prevent wget from leaking the IP address when using the FTP protocol. (#10364)
  
• Prevent symlink attack on ~/.xsession-errors via tails-debugging-info which could be used by the amnesia user to bypass read permissions on any file. (#10333)
  
• Force synchronization of data on the USB stick at the end of automatic upgrades. This might fix some reliability bugs in automatic upgrades.
  
• Make the "I2P is ready" notification more reliable.
  

Download Tails 1.7

Read More

SIMP - System Integrity Management Platform Lydecker Black

SIMP is a framework that aims to provide a reasonable combination of security compliance and operational flexibility.

The ultimate goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide Project and industry best practice.

Though it is fully capable out of the box, the intent of SIMP is to be molded to your target environment in such a way that deviations are easily identifiable to both Operations Teams and Security Officers.

Supported Operating Systems

The following Operating Systems are supported:

• Red Hat Enterprise Linux
  • 6.6
  • 7.1
• CentOS
  • 6.6
  • 7.1-1503-01

Technology components

SIMP uses Puppet to manage and maintain the configuration of the various component systems.

Though there are many possible configurations, out of the box SIMP provides:

• Management
  • Puppet Server
  • PuppetDB
  • MCollective
• Authentication
  • OpenLDAP
• Kickstart/Update
• YUM
• DNS
• DHCP
• TFTP

SIMP Provided Materials

Build Materials

• simp-core
• simp-doc
• simp-rsync

Puppet Modules

• pupmod-simp-acpid
• pupmod-simp-activemq
• pupmod-simp-aide
• pupmod-simp-apache
• pupmod-simp-auditd
• pupmod-simp-autofs
• pupmod-simp-backuppc
• pupmod-simp-cgroups
• pupmod-simp-clamav
• pupmod-simp-common
• pupmod-simp-concat
• pupmod-simp-dhcp
• pupmod-simp-elasticsearch
• pupmod-simp-freeradius
• pupmod-simp-functions
• pupmod-simp-ganglia
• pupmod-simp-gfs2
• pupmod-simp-iptables
• pupmod-simp-jenkins
• pupmod-simp-kibana
• pupmod-simp-krb5
• pupmod-simp-libvirt
• pupmod-simp-logrotate
• pupmod-simp-logstash
• pupmod-simp-mcafee
• pupmod-simp-mcollective
• pupmod-simp-mozilla
• pupmod-simp-multipathd
• pupmod-simp-named
• pupmod-simp-network
• pupmod-simp-nfs
• pupmod-simp-nscd
• pupmod-simp-ntpd
• pupmod-simp-oddjob
• pupmod-simp-openldap
• pupmod-simp-openscap
• pupmod-simp-pam
• pupmod-simp-pki
• pupmod-simp-polkit
• pupmod-simp-postfix
• pupmod-simp-pupmod
• pupmod-simp-rsync
• pupmod-simp-rsyslog
• pupmod-simp-site
• pupmod-simp-selinux
• pupmod-simp-shinken
• pupmod-simp-simp
• pupmod-simp-snmpd
• pupmod-simp-ssh
• pupmod-simp-sssd
• pupmod-simp-stunnel
• pupmod-simp-sudo
• pupmod-simp-sudosh
• pupmod-simp-svckill
• pupmod-simp-sysctl
• pupmod-simp-tcpwrappers
• pupmod-simp-tftpboot
• pupmod-simp-tpm
• pupmod-simp-upstart
• pupmod-simp-vnc
• pupmod-simp-vsftpd
• pupmod-simp-windowmanager
• pupmod-simp-xinetd
• pupmod-simp-xwindows
• rubygem-simp-rake-helpers
• rubygem-simp-cli

Forked External Modules

Most forks are simply to fit the materials into our build processes but some have modifications that we are looking to push back upstream when possible.

• augeasproviders
• augeasproviders_apache
• augeasproviders_base
• augeasproviders_core
• augeasproviders_grub
• augeasproviders_mounttab
• augeasproviders_nagios
• augeasproviders_pam
• augeasproviders_postgresql
• augeasproviders_puppet
• augeasproviders_shellvar
• augeasproviders_ssh
• puppet-elasticsearch
• puppetlabs-apache
• puppetlabs-postgresql
• puppetlabs-stdlib
• puppetlabs-inifile
• puppetlabs-puppetdb
• puppetlabs-mysql
• puppetlabs-java
• puppet-gpasswd
• augeasproviders_sysctl
• puppet-datacat
• puppetlabs-java_ks
• puppet-memcached

Download SIMP

Read More

Snitch - Information Gathering via dorks

Snitch is a tool which automate dorking process for specified domain. Using build-in dork categories, this tool helps gather informations about domain which can be found using search engines. It can be quite useful in early phases of pentest.

Examples

devil@hell:~/snitch/$ python snitch.py

                       _ __       __  
           _________  (_) /______/ /_ 
          / ___/ __ \/ / __/ ___/ __ \ 
         (__  ) / / / / /_/ /__/ / / /
        /____/_/ /_/_/\__/\___/_/ /_/ ~0.2   

Usage: snitch.py [options]

Options:
  -h, --help            show this help message and exit
  -U [url], --url=[url]
                        domain(s) or domain extension(s) separated by comma *
  -D [type], --dork=[type]
                        dork type(s) separated by comma *
  -O [file], --output=[file]
                        output file
  -S [ip:port], --socks=[ip:port]
                        socks5 proxy
  -I [seconds], --interval=[seconds]
                        interval between requests, 2s by default
  -P [pages], --pages=[pages]
                        pages to retrieve, 10 by default
  -v                    turn on verbosity

Dork types:
  info  | Information leak & Potential web bugs
  ext   | Sensitive extensions
  docs  | Documents & Messages
  files | Files & Directories
  soft  | Web software
  all   | All

Examples:
  snitch.py -I5 -P3 --dork=ext,info -U gov -S 127.0.0.1:9050
  snitch.py --url=site.com -D all -O /tmp/dorks

devil@hell:~/snitch/$ python snitch.py -U gov -D ext -P20 -S 127.0.0.1:9050
[+] Target: gov
[!] Using SOCKS5 (IP - XX.XX.XX.XX)
[!] Pages limit set to 20

[+] Looking for sensitive extensions

http://www.seismic.ca.gov/pub/CSSC_1998-01_COG.pdf.OLD
http://greengenes.lbl.gov/Download/Sequence_Data/Fasta_data_files/CoreSet_2010/formatdb.log
http://www.uspto.gov/web/patents/pdx/permitting_access.pdf_2010may17.bak
http://www.dss.virginia.gov/tst.log
http://appliedresearch.cancer.gov/nhanes_pam/create.pam_perday.log
ftp://ftp.eia.doe.gov/pub/oil_gas/natural_gas/feature_articles/2006/ngshock/ngshock.pdf.bak
http://appliedresearch.cancer.gov/nhanes_pam/create.pam_perminute.log
https://igscb.jpl.nasa.gov/igscb/station/mgexlog/nya2_20130905.log
http://www.swrcb.ca.gov/losangeles/board_decisions/adopted_orders/index.shtml.old
https://trac.mcs.anl.gov/projects/mpich2/attachment/ticket/83/config.log
https://tcga-data.nci.nih.gov/docs/index.html.bak
https://software.sandia.gov/trac/canary/attachment/ticket/3917/Pike_Hach%26SCAN_Oracle.edsx_convert.log
http://www.glerl.noaa.gov/metdata/2check_all.log
http://ft.ornl.gov/eavl/regression/configure.log
http://airsar.jpl.nasa.gov/airdata/PRECISION_LOG/hd1883.log
http://www.antd.nist.gov/pubs/Sriram_BGP_IEEE_JSAC.pdf.old
http://www-esh.fnal.gov/pls/default/itna.log
http://www.lanl.gov/wrtout/projects/tscattering/nano/Output//Defaults/ellipsoid.log
http://maine.gov/REVENUE/netfile/WS_FTP.LOG
http://mls.jpl.nasa.gov/lay/UARS_MLS.LOG
http://airsar.jpl.nasa.gov/airdata/PRECISION_LOG/hd1469.log
http://www.modot.mo.gov/_baks/indexalt.htm.0001.b041.bak
ftp://ftp.hrsa.gov/ruralhealth/FY04RAEDGuidance.pdf.bak
https://www.health.ny.gov/health_care/medicaid/nyserrcd.ini
http://www.thruway.ny.gov/business/contractors/expedite/bid.ini
http://www.star.bnl.gov/~pjakl/documents/configuration.cfg
http://www.wpc.ncep.noaa.gov/html/ecmwf0012loop500_ak.cfg
https://fermilinux.fnal.gov/documentation/security/krb5.conf
http://mirror.pnl.gov/macports/release/ports/security/fail2ban/files/pf-icefloor.conf
https://svn.mcs.anl.gov/repos/ZeptoOS/trunk/BGP/ramdisk/CN/tree/etc/syslog.conf
http://cmip-pcmdi.llnl.gov/cmip5/docs/esg.ini
https://security.fnal.gov/krb5.conf
http://collaborate2.nws.noaa.gov/canned_data/data_files/pqact.conf

[+] Done!

Download Snitch

Read More

Perigo para Sociedade - (Danger of the society)

Open Your Mind

By OffensiveSec

Read More