Category Archive

Do you live in the United Arab Emirates? Are you a hacker? Then this site is made for you! Get the latest hacking news, exploits, links, pod casts and more through this easy to use website.

Feel like you want to contribute to the site? Then drop us a line at: (hackers) at {marwan} dot [com].

http://WWW.UAEHACKERS.COM

Here are two guides to SIM unlock your iPhone for free:

http://www.freeiphoneunlock.com/guide/

http://iphone.unlock.no/

Download and read it! It is not small though about 8-10MB. News, articles, intreviews, book releases, software walk-throughs, and more.

Link: http://www.insecuremag.com

Here are the details on How to do it (according to the hacker) :

1. Get the required hardware and softwares: (these are the ones I have used): An Infinity USB unlimited SIM reader/writer, a silvercard, SIM-EMU 6.01, and WoronScan 1.09
2. Get the IMSI, Ki of your carrier using WoronScan (I will call them IMSI-b, Ki-b)
3. Use SIM-EMU and create 2 files (1 Flash and 1 EEPROM) using the ICCID of the AT&T sim (ICCID-a), IMSI-b and Ki-b
4. Then use these 2 files to create a sim using the infinity usb unlimited reader/writer
5. Put this sim into a normal unlocked phone and make some calls/receive calls/data services
6. Then use SIM-EMU to change the IMSI of the original Flash file to IMSI of AT&T sim (IMSI-a)
7. Again write the silvercard with the new flash and eeprom files
8. Put this sim into the iphone
9. Activate using the Cingular method as descirbe in Hacktheiphone.com

This is not a true unlock. It is a hack that enables you to make calls with the iphone but does not enable you to recieve calls or use Telstra’s network to browse the Internet. At least not yet

Links:

http://www.smh.com.au/news/phones–pdas/iphone-hacked-for-australia/2007/07/30/1185647803146.html

http://www.theinquirer.net/default.aspx?article=41343

http://blogs.smh.com.au/mashup/archives/014782.html

Read the following articles for more details on the case:

• To a new kind of sleuth, phones leave a rich trail
• Minnesota football player sex assault caught on cell phone
• Jones charged with sexual misconduct

If you don’t already have this one, please download and read this Computer Security Division NIST Interagency Report (IR). It was published in March 2007:

• http://csrc.nist.gov/publications/nistir/nistir-7387.pdf
• Zipped version of the pdf: http://csrc.nist.gov/publications/nistir/nistir-7387-pdf.zip

It is an update and complement to NIST Reports:

• Guidelines on Cell Phone Forensics (Special Publication 800-101):
• http://www.mysecured.com/?p=67
• Cell Phone Forensic Tools: An Overview and Analysis (NISTIR 7250):
• http://csrc.nist.gov/publications/nistir/nistir-7250.pdf

I have received many visits to this site searching for “Nokia Hidden Codes”. So, I decided to include some more Here is a list of codes and some links to get some more codes:

*#06# Gets you the Serial Number/IMEI.

*#0000# Gives you the software version (e.g. V 5.27.0 / 28-06-04 / NHL-10) The NHL-10 is important and makes your life easier when you try to use flashers!

*#2820# Gives you the Bluetooth device address
xx# - Quick contact access (xx = location number, e.g. : 17#)

*#62209526# Gives you the MAC address of the WLAN adapter, this information is only available on the new models (S60 3rd edition) which have wireless connectivity.

To get some more codes (some of which can do damage to your phone and/or data residing on it, approach the codes on these sites with caution:

• N-Gage codes: http://www.gamefaqs.com/portable/ngage/code/915353.html
• In polish (Patryk, please translate!): http://www.eplay.yoyo.pl/viewpage.php?page_id=79
• From GSM-Hacks: http://www.gsmhacks.com/forums/mobile-technologies/1429-codes-s60.html

Again, please exercise caution.

Some of the topics discussed in the site might not be legal in some places! So, you’ve been warned. It has tips and tricks for mobile phones of all makes and models with a community supported hacks and forum discussions:

http://www.cellphonehacks.com/

 
Picture from MobileFanatic

The article below discusses issues that law enforcement agencies have with intercepting VOIP calls on Mobile phone networks and whether traces are left on the devices about the phone calls taking place.

Link: The Australian Newspaper.

A very helpful pdf documents from SEARCH : The National Consortium for Justice Information and Statistics. It highlights some of the hardware and software solutions that can be added to the investigator’s arsenal along with how much each of them costs. The document can be found here:
http://www.search.org/files/pdf/CellphoneInvestToolkit-0806.pdf

The “Cryptography, Law Enforcement, and Mobile Communications ” article in IEEE’s Security and Privacy magazine sheds some light on the use of flashers in mobile forensics as well as the use of tools such as XRY. The article also mentions the use and importance of Faraday cages.

Here is a link to the full article:
Link.

Thanks to Mike for the following two part series of documents on working with flashers:

Part 1:
http://mobileforensics.files.wordpress.com/2007/04/hex-primer-pt-1.pdf

Part 2:
http://mobileforensics.files.wordpress.com/2007/04/hex-primer-pt-ii.pdf

Make sure that you visit his blog to learn more about advanced mobile device forensics:
http://mobileforensics.wordpress.com/

Read what Prof. Rick Mislan said about the use of Phone Flasher Technologies and their role in the acquisition stage of mobile phone forensics and their use by students in digital forensics courses at Purdue University in the US.

http://www.physorg.com/news95611284.html

Matt’s Blog is not frequently updated but his site crypto.com is an excelent resource for all kinds of information. Make sure you check it out.

The Mobile Forensics blog by Michael Harrington has useful information on: SMS forensics, phone flashers, Faraday cages, forensics seizure procedures and much more. The site also includes posts on the forensic examination of BlackBerry devices. The blog was created in February 2007.

You can visit the blog here:

http://mobileforensics.wordpress.com/

The blog is frequently updated and links to Michael’s http://www.mobile-examiner.com/ website.  This site has online training and on-location training and it also has mobile forensic tools and a forum.

Visit the google-translated Japanese website below to see the Internet from a Japanese prespective. http://64.233.179.104/translate_c?hl=en&u=http://internet.watch.impress.co.jp/&prev=/search%3Fq%3Dmarwan%2Bal-zarouni%26start%3D40%26hl%3Den%26rls%3DGGLJ,GGLJ:2006-50,GGLJ:en%26sa%3DN

News, exploits, papers, views, and releases from information security enthusiasts. Has links to major hacker related security events as well. http://www.thc.org/

The site provides a unique insight and commentary on the information security marketplace. It brings together some of the top minds from a variety of risk-based disciplines. Please visit the site for more information.

Just when you thought mobile phones, USB storage devices, wireless access, and ADSL modems were a threat to your corporate data, here comes a story to make you even more paranoid!

A researcher released a paper describing a way to hide malicious code (rootkits) on graphics and network cards. The paper basically shows how to use Advanced Configuration and Power Interface (ACPI) functions available on almost all motherboards to store and run a rootkit. Sceptical? read the full story and download the PDF here.

CertMag has releaed their latest reveiw of certifications. They rated certifications from 1-10 according to certian criterias. To read the article go here:

http://www.certmag.com/articles/templates/CM_gen_Article_template.asp?articleid=2401&zoneid=1

Thanks again Clement and Nathalie from http://www.cccure.org/ :)

The guide was written by Karen Kent, Suzanne Chevalier, Tim Grance, and Hung Dang.

The guide presents forensics from an IT view, not a law enforcement view. It is written for incident response teams; forensic analysts; system, network, and security administrators; and computer security program managers who are responsible for performing forensics for investigative, incident response, or troubleshooting purposes.

It also has a wide array of resources for further reading.  Highly recommended read and reference for IT professionals.

Download it here:
http://csrc.ncsl.nist.gov/publications/nistpubs/800-86/SP800-86.pdf

Read more about it in here:
http://www.cccure.org/modules.php?name=News&file=article&sid=1023

NIST also released the following four security related guides:

• Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist
• Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities
• Assessment of Access Control Systems
• Guide to Computer Security Log Management

Read more about them here:
http://www.govtech.net/magazine/channel_story.php/101708

Last but not least, it is worth mentioning that last month, NIST released a document about RFID. Read about it here:
http://www.fcw.com/article96300-10-03-06-Web

Thanks Clement

Are LNG facilities an issue? Here in Italy I am living in an area that should host two new LNG facilities. Opponents to these projects come from different layers of the society and all group around the www.offshorenograzie.it web site. They have also set an electronic sign in the city to advertise their concern. Well, I have done some research on the topic and prepared a wide dossier mainly focusing on two aspects of the problem: effects of spill in case of accidental or man-made disaster and effects of industrial process on fishery and environments. The report were based on some of the best available scientific sources. I proposed it to different people: local newspaper, political parties, and even to free observer. Nobody seems like it, to say more: nobody wants even read it. This wonder me…. Is it a case of information warfare where all playing from the same side?

Well if you like the topic I will be happy to share some documents, but the best one you should read is ”Beliefs and Emotionality in Risk Appraisals” an article from A. Thalmann and P. Wiedemann published on Journal of Risk Research. The paper focus on effects of  hot (emotional) words in risk analysis. It is a worthy reading.

The document is available from Ingenta Connect and if you will read it I would like your comments.

Here are some interesting Japanese security blogs for your reading enjoyment:

http://d.hatena.ne.jp/tessy/

http://a.hatena.ne.jp/kawakoya/

The article below talks about the things you can do to advance your career in infosec. It includes certifications, books to read, and many other things you can do to further your career. Read it, don’t skim through it!

http://www.microsoft.com/technet/community/columns/secmvp/sv0706.mspx

The US National Institute of Standards and Technology (NIST) released the draft version of “Guidelines on Cell Phone Forensics” on August 31st. I found out about it today!  Here it is:
http://csrc.nist.gov/publications/drafts/Draft-SP800-101.pdf

Just like Hard Disks, selling your used mobile phone can be dangerous. It can reveal potentially unsafe and secretive information about you or your business.  Sometimes, following manufacturers’ data erase instructions is not enough as the article below shows.

Links:
Sydney Morning Herald Article 1
Sydney Morning Herald Article 2
A post I published on Marwan.com in 2004:
http://www.marwan.com/2004/09/think-twice-before-selling-your-mobile.php
Sorry, the link to the Khaleej Times article is outdated.

UPDATE:
Hard Disks Still Discarded

National Vulnrabilities Database’s upcoming sister project, the National Checklist Program (NCP), will be offering a repository of security configuration guidance for popular software. These checklists will be provided in standards-based machine readable formats ingestible by compliant COTS vulnerability scanning tools as well as in English prose.

Link:
http://www.cccure.org/modules.php?name=News&file=article&sid=1004

I found this article on the Phone Magazine Site.  Here are some snippets from it:

The number of households relying on mobile phones (one in ten) has equalled the number of those who use landlines.

While incidences are currently low, smarter phones and the adoption of standard internet technologies leave users vulnerable to attack.

It goes on to say that the answer to all of this lies in operators introducing measures to safeguard records held on mobile phones.  This is done in the form of anti-spam and anti-virus, anti-abuse and blacklisting. 

Using antispam and antispoof technology, operators can detect abnormal patterns in messaging traffic, confirm legitimate senders, filter content, and block suspicious messages. Filtering content also helps the fight against the spread of viruses and trojans. Mobile operators can use technology to share spam control with their subscribers by providing solutions to black-list certain phone numbers and block messages coming from these phones. As an industry there is much we can do to fight fraud. Many of us think we are doing all we can but there are always ways to improve on this to ensure confidence in the mobile industry. Due diligence and taking advantage of new technologies are major contributors to controlling fraud.

This magazine has been published in seven different languages for a long time.  Finally, an English version will be available through book stores in Spetember.

hakin9 is a bimonthly technical magazine about IT security and hacking. It offers an in-depth look at both attack and defence techniques and concentrates on difficult technical issues.  hakin9 is useful for all of those interested in securing network infrastructure and systems - both professionals and hobbyists.

While searching for “Mobile Phone Forensics”, I came across the “Security & Forensics wiki” site.  I was pleasantly surprised.  It was inline with what I was already doing in my research.  I was sad though at the fact that no site that I knew of linked to them! I know that Wiki is not considered by many as a good source for information but so aren’t blogs, are they… We still consider blogs as legitimate sources of information and always link to them.  We even link to forum posts too, and ‘ahum… bugtraq posts’… so why not wikis? Links:
SecuriWiki Main Page:
http://polya.computing.dcu.ie/wiki/index.php/Main_Page
Mobile Phone Forensics Page:
http://polya.computing.dcu.ie/wiki/index.php?title=Mobile_Phone_Forensics
Email Analysis Page:
http://polya.computing.dcu.ie/wiki/index.php/Email_Analysis

Contains links to tools, websites and articles on the subject.  To jump to articles click HERE.

Link: E-Evidence.info

Yeah, this is another post on sensemaking. The reason I’m stressing the area is because think it will be the next field of confrontation. Professionals working in infowarfare, infosec or knowledge management will soon or later have to deal with complexity and how knowledge spreads over networks. The paper, by C. F. Kurtz and D. J. Snowden, “The new dynamics of strategy: Sense-making in a complex and complicated world” is interesting also because will introduce you to the Cynefin project.

Some of you could find interesting the Karl Weick’s paper ”The collapse of sensemaking in organizations: The Mann Gulch disaster” and it is available Here. It is a worthy reading, whatever you do.