Learning to Hack | TechSNAP 56

Learning to Hack | TechSNAP 56

In Barnes and Noble attempt to censor a magazine article about hacking, that have propelled it into the spotlight. We’ve got the details on this great write up!

PLUS: Moving big files around the world, faster torrents, and Microsoft’s hotmail flaw.

All that and more, in this week’s TechSNAP!

Thanks to:

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Limited time offer:

New customers 25% off your entire order, code: 25MAY7
Expires: May 31, 2012


Direct Download:

HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | Torrent File

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed

Support the Show:

Show Notes:

OpenSSL fixes land for most distros

Barnes and Noble pulls magazine for article on how to hack

  • Issue #154 of Linux Format magazine has been pulled off shelves at Barnes and Noble stores in the US after complaints about the cover article, ‘Learn To Hack’
  • The content of the article has been posted online
  • The article walks the user through using the BackTrack Linux, the Penetration Testing distribution in order to exploit a virtual machine, specifically the ‘Metaspoitable’ image, which was setup specifically to contain vulnerabilities for the user to test against and exploit
  • The tutorial then walks the user through exploiting a PHP vulnerability to get a shell, and then further exploiting the Debian SSH Key weakness to gain root access to the virtual machine
  • The tutorial then moves on from attacking servers to attacking desktop machine
  • If you have physical access to a machine, is it trivial to boot from a live cd/usb and access the files on the disks, however if the user has encrypted their home directory (a simple option in newer versions of Ubuntu), then you need to be a bit more devious
  • The tutorial walks through using the LiveCD to creating a reverse-tcp shell to allow you to access the system at a later time, once the user has mounted their encrypted /home partition, giving you access to the files
  • The tutorial goes on to explain using WireShark to capture unencrypted HTTP credentials and quite a bit more
  • Metasploit Testing Lab Setup Instructions
  • Metasploitable VM Image

Microsoft patches widely exploited 0-day flaw in hotmail password reset system

  • Researchers discovered a problem with the way hotmail handles password resets
  • When you reset a hotmail password, they provide you with a token that allows you to set a new password on the account, the issue is that their code did not properly check the token, and pretty much any non-null value allowed any user to reset any other users’ password
  • Microsoft was notified of the flaw on April 20th and responded with a fix within hours, but not before the flaw was widely exploited
  • It can be particularly difficult to recover your account from an attack like this if the attacker changed the secret answer questions, removing your further ability to reset the password
  • Flaw was discovered by Vulnerability-Lab.com


In this week’s feedback segment, we discuss how ScaleEngine handled the unique challenges of delivering large video files to a global audience in both the short and long term.

Round Up:

Question? Comments? Contact us here!