The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for September, 2005

Chimpanzee Hackers

Posted by Xavier Ashe on September 29, 2005

Diebold claimed their
audit log “can't be altered by any human.” Baxter is a chimpanzee, not
a human, but alter the audit log he did, using a real Cobb County vote
file and the GEMS central tabulator program from Diebold Election

My nomination for most idiotic quote: Scripps-Howard reporter, who said
(in seriousness) “but — elections officials would know if a chimpanzee
got into the voting machine room.”

Funny stuff from the guys at Black Box Voting.  It's funnier cause I used to live in Cobb County.


Posted in For Fun | Leave a Comment »

Too damn cute

Posted by Xavier Ashe on September 29, 2005

High quality 100% cotton onesies. Each is equipped with a touch
sensitive scroll wheel; responsive to your every nudge, tickle and
Only $15.95. Available in 3 sizes: 6, 12, and 18 months.

Also avaliable in Nano black on  Too bad my little girl is too old for this.  I think I might make my own for her this Holloween.

Posted in For Fun | Leave a Comment »

Crack your XP – RockXP

Posted by Xavier Ashe on September 29, 2005

RockXP allows you to retrieve and change your XP product key that you
used when you installed Windows XP. This can come very handy if you
need to reinstall but have misplaced or lost the CD cover with the
serial sticker. In addition, the program also lets you save the product
activation to a file, enables you to recover usernames and passwords
contained in the Windows Secure Storage, recover your Microsoft Windows
Products keys and have password generator.  Use it:

–  To retrieve and change your XP Key
–  To retrieve all Microsoft Products keys
–  To save your XP activation file
–  To retrieve your lost XP system passwords
–  To retrieve your lost RAS (Remote Access Settings) passwords
–  And to generate new passwords

Useful little tool from  (scroll down to the bottom).  This little gem was featured on TechTV on G4 (web article or divx download).

Posted in Security, Tools | Leave a Comment »

Tax breaks for cybersecurity firms?

Posted by Xavier Ashe on September 28, 2005

Congress may offer tax breaks to companies that adopt good
cybersecurity standards, the chairman of a House of Representatives
subcommittee said Tuesday.

Lungren said the U.S. House of Representatives cybersecurity
subcommittee, which he chairs, is working on crafting an “overall view
of ways we can work with the private sector” to develop cybersecurity
tools, including the possibility of creating an incentive-based system.

Lawmakers also plan to address liability concerns, he said, as they
want to allow companies to take some risks in coming up with new
cybersecurity tools without having to worry about being sued if they
fall short.

Read the full article on C|Net  This would be very interesting if it came to light.

Posted in Security | Leave a Comment »

JiWire Releases Firefox Wi-Fi Toolbar

Posted by Xavier Ashe on September 27, 2005

JiWire released a free Firefox toolbar that promotes their SpotLock VPN
service, but also provides a large variety of useful information,
including network status and signal strength as well as the security of
Web sites (it notes when SSL is active for a given page). It’s a
hotspot finder using JiWire’s directory, and the “i” (info) button
shows you a large amount of information about your adapter and the
access point to which you’re connected.

The toolbar is for Windows Firefox only for now, but JiWire promises versions for Mac Firefox and Safari and Windows IE.

Download the JiWire Firefox Toolbar.  Found on Wi-Fi Net News.  Should
be a nice tool since I travel a good bit.  Now if I could just
find a tool to help me find FREE Wi-Fi!  Now I look for the
closest Panera Bread, Atlanta Bread Company, Barnes and Nobles… they
seem to have free Wi-Fi.  I usually have about 30 minutes to kill
and it's not worth $6-10 bucks to check my email.

Posted in Other Technology, Tools | Leave a Comment »

LM password cracking refinement

Posted by Xavier Ashe on September 27, 2005

Password cracking/auditing tools like John or LC4 are able to crack in
a very short time the majority of the passwords, given these are
relatively simple. Those tools deal with all the hashes, no matter the
OS, in the same way. So if the Windows hashes are treated in their
specificity, it is possible to get better results, profiting by the
Windows authentication algorithm. This is possible with Lepton's Crack
appropriately implemented.

Original Lepton's Crack home page is at A local copy of the original project is here, and here is a copy of the original README.
I added some features to Lcrack: LM cracking, password prefix/suffix,
native Win32 project and executable, and maybe more in the future. You
can find the latest release of my project at

Great article
for anyone who does penetration tests or authors security
policies.  You may need to rethink password requirements.  I
have always suggested passphrases to replace passwords.

Posted in Security, Tools | Leave a Comment »

Testing and Evaluation of Virus Detectors for Handheld Devices

Posted by Xavier Ashe on September 27, 2005

By pinpointing weaknesses in the current antivirus software,
improvements can be made to properly protect these devices from a
future tidal wave of viruses. This research tests four currently
available antivirus solutions for handheld devices. Ten tests were
administered; nine involved the modification of source code of a known
virus for handheld devices. The test results produced an overall false
negative rate of 42.5%. This high rate shows that current solutions
find it difficult to identify modified versions of a virus. The virus
is left unidentified and capable of spreading, infecting and causing

Get the full PDF here.  Apparently, the paper's authors, Jose Andre
, Peter J. Clarke, and Yi Deng, are going to appear in the proceedings of the Workshop on Software Security
Assurance Tools, Techniques, and Metrics.
November 7-8 2005 at Long Beach, California co-located with the 20th 1EEE/ACM International
Conference on Automated Software Engineering.  I am going ping the the guys at F-Secure to see if they've seen it yet.

Posted in Security | Leave a Comment »

2005 Eisenhower National Security Series

Posted by Xavier Ashe on September 26, 2005

This year's Eisenhower National Security Conference is the
culmination of the 2005 Dwight D. Eisenhower National Security Series,
a full year of programs and activities that address the critical
security issues of our time. This conference will provide a broad and
diverse forum for discussing contemporary and future national security
issues. Our theme this year is Shaping National Security—National Power in an International World.

theme reflects an increasingly globalized world with evolving national
and international responsibilities and expectations. Through the rapid
advance of global communications, national economies have grown
progressively more intertwined; successful diplomacy has become
increasingly interdependent; even local traditions and cultures have
permeated far-away lands. Correspondingly, the definition of power is
changing. It is now possible for individuals, groups and organizations
to attain the destructive powers once reserved solely for nations. In
this context, free nations must determine how to secure their
populations and apply their national power.

The conference is on the 27th and 28th of this month.  They will be providing a live webcast.  Take a look at the agenda and schedule some time.  It will interesting to see how things are developing with National Security.

Posted in Security | Leave a Comment »

The Always Amusing Euphemism Generator

Posted by Xavier Ashe on September 25, 2005

I use google sometimes for my spell checker.  As I was looking up
the word “euphemism” (I spelled it correctly the first time!), I found
the The Always Amusing Euphemism Generator.

The last time I saw him, he was

killing the husky.

Man, I'm gunna gave fun with this one…

Posted in For Fun | Leave a Comment »

Beer Can Padlock Shim

Posted by Xavier Ashe on September 25, 2005

Previously we wrote an article on how to make a “Masterlock Master Key
using a fuse box cover to open a padlock.  I received hundreds of
emails stating that people couldnt get it to work right, and basically
you were requesting help.  While I was at Defcon 13  I met a guy named
Deviant Ollam who showed me how to build a better padlock shim using a
very special hacker tool…  A beer can.

Before you get started you should probably know EXACTLY what a retail
shim looks like, since that is what you are essentially going to build.
I have taken some close up pics to help show you what you are going to

Another entertaining way to pass your time on

Posted in For Fun, Security | Leave a Comment »

Cracking Passwords With Only Physical Access

Posted by Xavier Ashe on September 24, 2005

This manual explain [sic] how script kiddie
cracking [sic] Windows and Linux password with only physical access. I won’t
be covering into [sic] the internal structure of LM / NTLM hashes in Windows
or shadow file in Linux. Try Google for them.

Notes: This is the manual (not article) because it does not need any
knowledge and not a new idea. Cracking Windows & Linux password has
been widely written and used in the wild.

Published by F-13 Labs (PDF is published on Astalavista). 
This isn't breakthrough knowledge, but shows the level of knowledge
needed hack local machines.  Isn't much…  Sections include:

  • Cracking Windows XP Password with a Bootable Floppy Disk
  • Cracking Windows XP Password with a Auditor Boot CD
  • Cracking Linux Password With Linux Rescue CD
  • Cracking BIOS I
  • Cracking BIOS II

Posted in Security | Leave a Comment »

Call to Arms: Rita Scams

Posted by Xavier Ashe on September 24, 2005

This is a notice from MWP, the malicious websites and phishing research & operational mailing list. Over the next few days some of us are going to process information about sites that will probably be used for Rita scams.  Through MWP resources and ISP connections we are going to make sure these sites are taken off-line as soon as we detect them.

via reg-ops, an operational list for registrars, we are going to see if
we can get the domains terminated at the registrar level.  To accomplish this we don’t want to rely only on our sources, but rather issue a Call to Arms to the public.

To report a Rita Phishing Scam to the MWP Call to Arms Rita Task Force, please contact:


hope to get the cooperation of several incident response mechanisms
both in the US and abroad. We will update you as we proceed and when we
are done.

If you run an incident response team that can handle Internet abuse and would like to take part, please contact us as well.

Found on SecuriTeam Blogs.  Also check here: to find the real sites.

Posted in Security | Leave a Comment »

Exploiting MD5 collisions (in C#)

Posted by Xavier Ashe on September 23, 2005

In my previous article Good Bye MD5 I
introduce you about the current findings on cryptology and about MD5
collisions detection. A debate started, and a lot of people think this
findings are not a serious issue.

Microsoft agree this is an important issue.

“Microsoft is banning certain cryptographic functions from
new computer code, citing increasingly sophisticated attacks that make
them less secure, according to a company executive.

The Redmond, Wash., software company instituted a new
policy for all developers that bans functions using the DES, MD4, MD5
and, in some cases, the SHA1 encryption algorithm, which is becoming
“creaky at the edges,” said Michael Howard, senior security program
manager at the company, Howard said.”


We now have some proofs of concept, like a pair of X.509 colliding certificates.
And one  spectacular example of a pair of postscript documents, with
the same MD5 hash value, you can read about this in the excellent paper
Attacking Hash Functions by Poisoned Messages “The Story of Alice and her Boss”.

Read the full article on The Code Project.

Written by Eduardo Diaz.

Posted in Security | Leave a Comment »

I am now two days old!.jpg

Posted by Xavier Ashe on September 23, 2005

Posted in Audrey | Leave a Comment »

I am 24 hours old!.jpg

Posted by Xavier Ashe on September 23, 2005

Posted in Audrey | Leave a Comment »

In the recovery room.JPG

Posted by Xavier Ashe on September 23, 2005

Posted in Audrey | Leave a Comment »

cutest girl in the world.jpg

Posted by Xavier Ashe on September 23, 2005

Posted in Audrey | Leave a Comment »

Audrey's Ultrasound.jpg

Posted by Xavier Ashe on September 23, 2005

Posted in Audrey | Leave a Comment »

Stupid Spammers

Posted by Xavier Ashe on September 22, 2005

I have been attacked with Blog Spammers and have turned off anonymous
comments.  Stay tuned for details and please don't link on any of
the links until I get it all cleaned up.

Posted in Main Page | Leave a Comment »

Firefox 1.0.7 security and stability update

Posted by Xavier Ashe on September 22, 2005

We've got a security update for Firefox 1.0.x users. Please download and install the new version ASAP. This version includes several security and stability fixes including:

  • Fix for a potential buffer overflow vulnerability when loading a
    hostname with all soft-hyphens. (The IDN bug that we offered a
    workaround for a few days ago.)
  • Fix to prevent URLs passed from external programs from being parsed by the shell. (A Linux only bug that was made public today.)
  • Fix to prevent a crash when loading a Proxy Auto-Config (PAC)
    script that uses an “eval” statement. (Fixing a PAC crasher that was
    introduced in 1.0.5/6.)
  • Fix to restore InstallTrigger.getVersion() for Extension authors.

From Asa Dotzler's blog.  Get localised versions here.

UPDATE:  According to Brian Krebs, it seems there is active exploit available for the security holes listed above.  PATCH TODAY.

Posted in Security | Leave a Comment »

%d bloggers like this: