Defcon: Poking holes in hacking tools

The Shmoo Group started off Defcon on Friday wanting to make a point. Presenting in a tent packed with hackers on the grounds of the Alexis Park Resort in Las Vegas, group members announced that they had found holes in several popular hacking tools.

"Patch management is not just for users anymore," a group member proclaimed. "The general point is setting an example." And that example would be that those who create the hacking tools, should worry about security like any software maker.

The Shmoo gang warned Defcon attendees not to use Kismet in the wardrive contest at the event, or "you'll be owned." Kismet is a tool that can be used to detect and sniff wireless networks and the wardrive contest has Defcon attendees do just that. There are three unfixed, remotely exploitable vulnerabilities in Kismet that could let an attacker gain control over the victim's computer, according to the Shmoo Group.

A warning was also sent out about Metasploit, a tool that lets users check computers on networks and identify those vulnerable securtity flaws. Shmoo members found security problems in Metasploit, they said.

About the author

    Joris Evers covers security.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    Tech industry's high-flying 2014
    Uber's tumultuous ups and downs in 2014 (pictures)
    The best and worst quotes of 2014 (pictures)
    A roomy range from LG (pictures)
    This plain GE range has all of the essentials (pictures)
    Sony's 'Interview' heard 'round the world (pictures)