Blogs

dSploit, Android network penetration suite

The BackBox team is proud to announce the release of dSploit, an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device.

Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing (with common protocols dissection), real time traffic manipulation, etc.

Download the apk file or visit the official page on github.

BackBox Linux version 3 will be delayed

The BackBox Team was planning to release the new version (3.0) of distro in September 2012 as scheduled.
 
Unfortunately, this release will be delayed due to some unplanned changes and technical problem that we've encountered. Our team is working actively in order to release as soon as possible BackBox v3.
 
Sincere apologize for delay and thanks in advance for your patience.
 
We will post notification and keep you up to date shortly.
 
BackBox Team!

Alice Gate AGPF: CSRF reconfiguration vulnerability

Emilio Pinna, BackBox community member, discover a high severity vulnerability on the router Telecom ADSL Alice Gate VoIP 2 Plus Wi-Fi.

A huge number of ADSL broadband Italian users are vulnerable to connection wiretapping and phishing. The most widely distribuited italian ADSL router Alice Gate 2 Plus Voip Wi-Fi (AGPF), product by Pirelli and based of openrg middleware software, suffers a CSRF attack that allows an attacker to modify internal router configuration like DNS servers, traffic routing, VoIP configurations, DHCP parameters, etc, of a vulnerable user, leading to completely takeover the user ADSL connection. The technique is also useful to enable hidden feature and telnet/ftp/tftp/web extended admin interface.

More info on official blog.

Pages

Subscribe to RSS - blogs