Thursday, 19 July 2012

OSFClone for Computer Forensics

It was about time to have such a bootable live CD/DVD solution to clone any type of OS. You may want to get your hands on OSFClone [1] which is a free and self-booting solution. As it states on the website: 

"OSFClone enables you to create or clone exact raw disk images quickly and independent of the installed operating system. In addition to raw disk images, OSFClone also supports imaging drives to the open Advance Forensics Format (AFF). AFF is an open and extensible format to store disk images and associated metadata. An open standard enables investigators to quickly and efficiently use their preferred tools for drive analysis."

[1] http://www.osforensics.com/tools/create-disk-images.html

Sunday, 10 June 2012

KYOCERA default passwords

It is not uncommon to find KYOCERA systems while onsite conducting a penetration test. I had to find a comprehensive list of default usernames and passwords and these are the links where I could find some of the default credentials.


[1] http://blog.primaryschooltech.co.uk/2012/04/kyocera-command-center-default-admin.html


[2] http://www.gfbm.net/selfhelp_kma_copier_username_password.htm

Monday, 13 February 2012

Different options for updating your Linux Distribution (apt-get)

For some people it is not straightforward what each command does when they update their Linux Distribution. This brief blog post provides some information on the different commands being used for updating a distribution using the apt-get command.  

apt-get update
update downloads the package lists from the repositories and "updates" them to get 
   information on the newest versions of packages and their dependencies (for all 
   repositories and PPAs). It is used to re-synchronize the package index files 
   from their sources from the location(s) specified in /etc/apt/sources.list. An update
   should always be performed before any upgrade.

apt-get upgrade
upgrade is used to install the newest versions of all packages currently installed on the 
   system from the sources enumerated in /etc/apt/sources.list. Packages currently 
   installed with new versions available are retrieved and upgraded; under no

   circumstances are currently installed packages removed, or packages not already 
   installed retrieved and installed. New versions of currently installed packages that
   cannot be upgraded without changing the install status of another package will be left
   at their current version. An update must be performed first so that apt-get knows that
   new versions of packages are available.

apt-get dist-upgrade
dist-upgrade in addition to performing the function of upgrade, also intelligently
   handles changing dependencies with new versions of packages; apt-get has a "smart"
   conflict resolution system, and it will attempt to upgrade the most important packages
   at the expense of less important ones if necessary. So, dist-upgrade command may remove
   some packages. The /etc/apt/sources.list file contains a list of locations from which
   to retrieve desired package files. See also apt_preferences(5) for a mechanism for 
   overriding the general settings for individual packages.

apt-get full-upgrade
full-upgrade performs the function of upgrade but may also remove installed packages if
   that is required in order to resolve a package conflict.







Monday, 16 January 2012

Guerilla activists hack Bank of America ATMs all over San Francisco

They turned them into “Automated Truth Machines.” (Now they’re exponentially more useful than the totally useless Wells Fargo ATMs in the Mission.) Hacking! Rainforest Action Network explains how it was done.

[1] http://www.missionmission.org/2012/01/13/guerilla-activists-hack-bank-of-america-atms-all-over-san-francisco/

DEFT - Computer Forensics Live CD

DEFT Linux 7 RC1

..a very stable DEFT Linux 7 release [1], solving all problems responsible for postponing the release date for RC1. We performed several tests on different computer platforms: laptops, servers and desktop PCs. Our main focus was based on Lenovo, DELL, ASUS, Acer, Apple, IBM laptops, IBM and DELL servers as well as Acer, Lenovo and Dell desktop PCs. We tested everything both booting as a live CD and installing the distro on the test machine: compatibility tests suceded with excellent results.

From this year DEFT 7 will also add more support to mobile forensics: we added several tools that allow you to analyze files and databases used in new generation smartphones (Android and iPhone). From the next release there will be a section completely dedicated to Cyber Intelligence.

[1] http://www.deftlinux.net/