Indian Hacker group threatens Symantec to release AV source code

Symantec is investigating an Indian hacking group's claims that it accessed source code used in the company's flagship Norton Antivirus program. 

A spokesman for the company on Thursday said that one claim by the group was false, while another is still being investigated.
Meanwhile, the Indian group, which calls itself Lords of Dharmaraja, has threatened to publicly disclose the source code shortly.

On Wednesday, the group posted on Pastebin what it claimed was confidential documentation related to Norton AntiVirus source code. A review of the material showed what appears to be a description of an application programming interface (API) for Symantec's AV product.

Related Content

The group also posted what it claimed was the complete source code tree file for Norton Antivirus. That document appears to have been taken down.

'Yama Tough,' the hacker who posted the documents, released at least two more on Google+ allegedly related to Symantec source code. One of the documents appears to be a detailed technical overview of Norton Anti-Virus,



The document explains how the software is designed to work, but includes no actual source code, the spokesman said.
"However, a second claim has been made by the same group regarding additional source code and we're currently investigating that," he said. "For that one, we don't have any information to provide as of yet." the spokesman said.
Rob Rachwald, director of security strategy at security vendor Imperva said it is hard to know what to make of the hacking group's claims.
"We don't know how much of this is chest thumping" on the part of the hackers, Rachwald said. The source code tree file posted on Pastebin suggests the group has some potentially useful information related to Symantec's AV product, he said. "It is a good indicator, but not a perfect one.

Read More

Crack WPA/WPA2 Using Wifite - Latest

purpose

to attack multiple WEP and WPA encrypted networks at the same time. this tool is customizable to be automated with only a few arguments. wifite can be trusted to run without supervision.  

features

• this project is available in French: all thanks goto Matt² for his excellent translation!
• sorts targets by power (in dB); cracks closest access points first
• automatically deauths clients of hidden networks to decloak SSIDs
• numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
• customizable settings (timeouts, packets/sec, channel, change mac address, ignore fake-auth, etc)
• "anonymous" feature; changes MAC to a random address before attacking, then changes back when attacks are complete
• all WPA handshakes are backed up to wifite.py's current directory
• smart WPA deauthentication -- cycles between all clients and broadcast deauths
• stop any attack with Ctrl+C -- options: continue, move onto next target, skip to cracking, or exit
• switching WEP attack methods does not reset IVs
• intel 4965 chipset fake-authentication support; uses wpa_supplicant workaround
• SKA support (untested)
• displays session summary at exit; shows any cracked keys
• all passwords saved to log.txt
• built-in updater: ./wifite.py -upgrade

requirements

• linux operating system (confirmed working on Ubuntu 8.10 (BT4R1), Ubuntu 10.04.1)
• tested working with python 2.4.5 and python 2.5.2; might be compatible with other versions,
• wireless drivers patched for monitor mode and injection: backtrack4 has many pre-patched drivers,
• aircrack-ng (v1.1) suite: available via apt: apt-get install aircrack-ng or by clicking here,
• xterm, python-tk module: required for GUI, available via apt: apt-get install python-tk
• macchanger: also available via apt: apt-get install macchanger
• pyrit: not required, optionally strips wpa handshake from .cap files

execution

download the latest version:

wget -O wifite.py http://wifite.googlecode.com/svn/trunk/wifite.py

change permissions to executable:

chmod +x wifite.py

execute:

python wifite.py

or, to see a list of commands with info:

./wifite.py -help

snapshot

console mode:

gui mode (default):

examples

the program contains lots of interactivity (waits for user input). these command-line options are meant to make the program 100% automated -- no supervision required.
to crack all WEP access points:

./wifite.py -all -nowpa

to crack all WEP access points with signal strength greater than (or equal to) 50dB:

./wifite.py -p 50 -nowpa

to attack all access points, use 'darkc0de.lst' for cracking WPA handshakes:

./wifite.py -all --dict /pentest/passwords/wordlists/darkc0de.lst

to attack all WPA access points, but do not try to crack -- any captured handshakes are saved automatically:

./wifite.py -all -nowpa --dict none

to crack all WEP access points greater than 50dB in strength, giving 15 minutes for each WEP attack method, and send packets at 600 packets/sec:

./wifite.py --power 50 -wepw 15 -pps 600

to attempt to crack WEP-encrypted access point "2WIRE752" endlessly -- program will not stop until key is cracked or user interrrupts with ^C):

./wifite.py -e "2WIRE752" -wepw 0

thanks to google code 

Read More