Metasploit Unleashed Back Online

November 12, 2009

Metasploit Unleashed Wiki is back online!

The Offsec Exploit database will be online by the end of the week

Filed under: Security — vvlaski @ 3:36 am

Secret copyright treaty leaks. It’s bad. Very bad.

November 11, 2009


The internet chapter of the Anti-Counterfeiting Trade Agreement, a secret copyright treaty whose text Obama’s administration refused to disclose due to “national security” concerns, has leaked. It’s bad. It says:

    That ISPs have to proactively police copyright on user-contributed material. This means that it will be impossible to run a service like Flickr or YouTube or Blogger, since hiring enough lawyers to ensure that the mountain of material uploaded every second isn’t infringing will exceed any hope of profitability.

    That ISPs have to cut off the Internet access of accused copyright infringers or face liability. This means that your entire family could be denied to the internet — and hence to civic participation, health information, education, communications, and their means of earning a living — if one member is accused of copyright infringement, without access to a trial or counsel.

    That the whole world must adopt US-style “notice-and-takedown” rules that require ISPs to remove any material that is accused — again, without evidence or trial — of infringing copyright. This has proved a disaster in the US and other countries, where it provides an easy means of censoring material, just by accusing it of infringing copyright.

    Mandatory prohibitions on breaking DRM, even if doing so for a lawful purpose (e.g., to make a work available to disabled people; for archival preservation; because you own the copyrighted work that is locked up with DRM)

The ACTA Internet Chapter: Putting the Pieces Together

Filed under: Piracy, Technology — vvlaski @ 1:29 am

Offensive Security Web Server Hacked

For the past couple of weeks they were having escalating DOS attacks against their web server, specifically against the Metasploit Unleashed Wiki. Their analysis showed that their web server was compromised through a vulnerability in the wiki software we use for the free Metasploit course. The compromise occurred on Nov 6th,and went unnoticed for around 28 hours. A php shell was uploaded to the wiki through an obscure vulnerability, and from there on, it got messy. The attack was mitigated early enough to prevent any critical damage to their systems. Hopefully the wiki goes online soon! I’m almost done with the course. Great stuff!

Filed under: Security, Technology — vvlaski @ 1:16 am