Unicode on IIS Vulnerability...Again!

Yup, you read it right.... Microsoft has a new vulnerability in IIS 6.0 which is more specifically: WebDav Unicode Remote Auth Bypass.

This means that an attacker can send malformed requests to the web server via the URL of a browser and be able to bypass passwords to download and list files on the webserver's protected folders.

Simple and easy way to hack IIS! Here are the details and links:

http://www.cgisecurity.com/2009/05/iis60-webdav-unicode-remote-auth-bypass.html

http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html

http://www.theregister.co.uk/2009/05/18/iis6_file_pilfering_bug/

Happy Hacking :)

HACKER PAGES.COM

We have secured the following domain name for UAE Hackers:

- HACKERPAGES.COM

If you are from UAE and you are interested in buying the domain name above, please let us know :) This domain will only be sold to people who will provide it with a good home!

Researchers hijack botnet, score 56,000 passwords in an hour

Researchers at the University of California Santa Barbara have published a paper (PDF) detailing their findings after hijacking a botnet for ten days earlier this year. Among other things, the researchers were able to collect 70GB of data that the bots stole from users, including 56,000 passwords gathered within a single hour.

Read more here:
http://arstechnica.com/security/news/2009/05/researchers-hijack-botnet-score-56000-passwords-in-an-hour.ars

Open Source Hardware Hackers Start P2P Bank | Gadget Lab

A Bank for open source hardware hackers... sounds good to me :) It is a do-it-yourself solution for people who want to design and build their own electronics like in the picture above.

For more info, visit:
Gadget Lab from Wired.com

MySecured.com is Blocked by Etisalat Proxy

I just found out about this today by checking my logs and noticing that no one visited me from UAE! Strange but true...

Try it for yourself:
http://www.mysecured.com

Mod Ed iPhone.com - UAE Hackers' guide to everything iPhone

modediphone.com is our new website :) Looks like UAEHackers.com but is dedicated to the iPhone and modding it! Arabic guides will be added soon inshallah :) For now, give the site a visit and give us some feedback! It has all your iPhone news, links and rss feeds in one convenient place.

iphone at uaehackers dawt com!

http://www.modediphone.com/

Dubai Hacker , Dubai Sec.com and UAE Hacker.com are now our Domains :)

We have successfully acquired the following domains names:

- UAE Hackers .com
- UAE Hacker .com
- Dubai Hackers .com
- Dubai Hacker .com
- Dubai Con .com
- Dubai Sec .com
- UAE IT .com
- UAE WWW .com
- UAE GSM .com

We even have UAE RAK .com representing all the hackers from RAK (Ras Al Khaimah!)



Some of these domains already point to uaehackers.com while others are in the process of being ported :) DubaiHacker.com is an exception as it is a stand alone site that has nothing to do with security but rather the hacking involved is Life Hacking ;)

Thanks for all the loyal readers for supporting us so far and providing us with tips on stories and upcoming events in the UAE and the Middle East region :) Also, for supporting us by clicking our sponsors' ads.

If you are interested in buying any of the domains above, please let us know :) These domains are only sold to people who will provide them with a good home though :P