Close Panel




IPv6 Hackit – The IPv6 Army Knife

By IPSECS Admin. Posted in Exploitation, News | 1 Comment »

IPv6 is future protocol internet with rich of security features but hackers always do research and try to exploit it. Times by times, days by days, papers and presentations which explains who to defeat this protocol are widely published. Van Hauser of The Hacker Choice (THC) releases his IPv6 attack toolkit to exploit IPv6 protocol weakness. His tools can be freely downloaded on THC website. HD Moore, author Metasploit project wrote paper about Exploiting Tomorrow’s Internet Today: Penetration testing with IPv6 which can be read on His paper tells us about exploiting  IPv6 applications by proxying/relaying via IPv4.

IPSECS, unofficially releases his IPv6 Hackit on sourceforge and papers which nearly complete explains IPv6 exploitation. His papers content of :

  • Introduction to IPv6
  • Connecting to IPv6 Backbone (IPv6-in-IPv4 Tunneling using TSP)
  • An Introduction to IPv6 Socket Programming
  • IPv6 Discovery & Scanning (via ICMP, TCP, DNS)
  • Writing IPv6 Remote Exploit & Shellcoding (Stack Based Buffer Overflow, Format String)
  • IPv6 Protocol Vulnerability (Man In The Middle, Denial of Service)

You can freely download this paper on written in Indonesian. IPSECS wrote IPv6-Hackit using Perl Scripting Language which means that the tools don’t need to be compiled. Somehow, this tool needs some perl module to be installed:

  • strict
  • warnings
  • Switch
  • English
  • Net::DNS
  • Getopt::Long
  • LWP::UserAgent
  • HTTP::Message
  • IO::Socket::INET6

This tool supports to do:

  • Hosts Enumeration finding which host is up/down.
  • TCP Port scanning to find which port is open/close.
  • Googling via unix shell to find possible IPv6 domains.
  • Finding AAAA IPv6 host record from single or massive collected domains.
  • Getting shell from IPv6 binding shellcode/payload.
  • Getting shell from IPv6 reverse shellcode/payload.
  • Exploiting simple IPv6 application weakness (currently this module is still developed)
  • IPv6 Binding backdoor with authentication (currently this module is still developed)

You can easily download this IPv6 Hackit on Meanwhile you play this tools and read the paper, now we develope grid-toolkit to be released soon. So just follow and watch this website, IPSECS just gives best stuff to play with! Finally enjoy guys!





Shell Scripting – Mastering in 3 Days

By IPSECS Admin. Posted in Presentation | No Comments »

Understanding shell scripting is one step to make efficient your work with linux command. Some times we have to work with complex shell command every day and type it repetively. Without shell scripting we have to type all of that command manually and wasting our time. This paper has been presented in PT. Datacomm Diangraha at 8-10th May 2010, which contents of,

Table of Content
1. Basic Shell Scripting
a. Redirections & Pipes
i. Redirections
ii. Pipes
b. Variables
c. Conditional & Looping Statements
i. Conditional if .. then
ii. Conditional if .. then .. else
iii. Conditional switch .. case
iv. Looping for
v. Looping while
vi. Looping until
d. Introduction Bash I/O Scripting
i. Using read
ii. Using command line argument
e. Arithmetic & Strings Operations
i. Arithmetic Operations
ii. Strings Operations
2. Advanced Shell Scripting
a. Array
b. Regular Expression
i. Grep
ii. Awk
iii. Sed
c. System Administrative Command Scripting
d. Aliases
e. Functions
f. I/O Redirections
g. Using /dev & /proc
i. Using /dev
ii. Using /proc
h. Security Issues
i. Code Poetry
3. Shell Scripting in Practice
a. Creating & Scheduling Automatic Backup
b. Creating & Scheduling Automatic File Integrity Checker
c. DomainToIP Enumeration Script
d. Start & Stop GRE Tunneling Script
e. Automatic Default Routing Switcher Script
f. Start & Stop Firewall Script
g. Start & Stop Bandwith Management Script
h. Datacomm needs?? Q&A

Just download this paper at here and all bash script presented here. Oke, that’s all and hope it help! Enjoy :)





Hacker develops multi-platform rootkit for ATMs

By IPSECS Admin. Posted in News | No Comments »

One year after his Black Hat talk on Automated Teller Machine security vulnerabilities was yanked by his employer, security researcher Barnaby Jack plans to deliver the talk and disclose a new ATM rootkit at the computer security conference.

He plans to give the talk, entitled “Jackpotting Automated Teller Machines,” at the Black Hat Las Vegas conference, held July 28 and 29.

Jack will demonstrate several ways of attacking ATM machines, including remote, network-based attacks. He will also reveal a “multi-platform ATM rootkit,” and will discuss things that the ATM industry can do to protect itself from such attacks, he writes in his description of the talk, posted this week to the Black Hat Web site.

Jack was set to discuss ATM security problems at last year’s conference, but his employer, Juniper Networks, made him pull the presentation after getting complaints from an ATM maker that was worried that the information he had discovered could be misused.

The security researcher found a straightforward way of getting around Juniper’s objections, however. Last month, he took a new job as director of security research with IOActive.

ATM machines do get compromised, but in a roundabout way. Thieves often hit them by installing card skimmers on them to extract magnetic stripe data from the cards. Then, using a hidden video camera, they steal login numbers. Using all of this information, the crooks can build their own duplicate cards and empty bank accounts.

But Jack’s talk looks at a new area: bugs in the software used to run the machines.

He’s taken advantage of the extra year provided by Juniper’s ban to do more research. “Last year, there was one ATM; this year, I’m doubling down and bringing two new model ATMs from two major vendors,” Jack says in his talk description. The security researcher couldn’t immediately be reached for comment.

Jack doesn’t say which ATMs he plans to discuss, but it could be any major vendor, according to Black Hat Director Jeff Moss. “He’s got a living room full of a lot of different brands of ATMs, and they all seem to suffer from one or the other problem,” he said.

ATMs haven’t received a lot of serious scrutiny by security researchers, so Jack’s talk will break new ground, Moss said. “Apparently you can make all the money come out,” he said.






More About Computer Forensics

By IPSECS Admin. Posted in Forensics | No Comments »

Computer forensics is part of information security in finding legal evidence on computers and digital storage media. You can find more about forensics resource on internet which some of them are free, yeah it’s free!

We have Open Source Computer Forensics Manual at We also have cool article (book) entitled with “Forensic Discovery” at which published freely and completed with some tools. You can follow or read First Responders Guide to Computer Forensics at CERT.

Finally, you can download some free book about forensics and information security here.





PHPNuke 7.0/8.1/8.1.35 Remote Code Execution

By IPSECS Admin. Posted in News | No Comments »

PHPNuke is old and mature Content Management System (CMS), but once again hacker proofes us that’s nothing 100% secure. Its maturity doesn’t guarantee its security, PHPNuke is vulnerable to remote code execution which can be exploited to compromise apache user.

Most fearsome statement from the author of the exploit is that about wormable remote code execution in PHPNuke. Since PHPNuke is one of the most popular CMS used by many webmasters, then how many sites will be compromised? Well then, just take the proof of concept here.





Last minute checks for DNSSEC upgrade

By IPSECS Admin. Posted in News | No Comments »

Network admins prepare for internet security upgrade.

Network administrators are being encouraged to run some last minute checks on their DNS servers, routers and firewalls before the final cluster of the internet’s root servers are loaded up with the DNSSEC security upgrade tomorrow night.

As reported late last week on, from May 5 the DNSSEC upgrade will attach a digital signature to every response from the root servers where the DNS resolver is configured to request signed answers (via setting the DO bit in the Extensions to DNS – EDNS settings) to requests for an internet page, in order to provide an additional layer of assurance for internet users that they are connecting to the correct page.

Concerns have been raised that the upgrade might cause some problems for network administrators working with older networking equipment that is preconfigured to either not accept DNS responses over 512 bytes or not accept DNS responses split into several packets using the TCP protocol.

ICANN’s latest update on the upgrade, released yesterday, confirmed that root server cluster ‘J-Root’ is the last of 13 root server clusters to transition to DNSSEC on May 5 at 1700 – 1900 UTC.

Read more »