Tuesday, 30 June 2020

16 Best Hacking Websites to Learn Ethical Hacking From Basic

  1. NFOHump: Offers up-to-date .NFO files and reviews on the latest pirate software releases.
  2. Phrack Magazine: Digital hacking magazine.
  3. Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
  4. KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
  5. DEFCON: Information about the largest annual hacker convention in the US, including past speeches, video, archives, and updates on the next upcoming show as well as links and other details.
  6. SecurityFocus: Provides security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
  7. Offensive Security Training: Developers of Kali Linux and Exploit DB, and the creators of the Metasploit Unleashed and Penetration Testing with Kali Linux course.
  8. Hack Forums: Emphasis on white hat, with categories for hacking, coding and computer security.
  9. The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
  10. Black Hat: The Black Hat Briefings have become the biggest and the most important security conference series in the world by sticking to our core value: serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment.
  11. Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
  12. SecTools.Org: List of 75 security tools based on a 2003 vote by hackers.
  13. Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
  14. Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
  15. HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.
  16. Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
Posted by Naveed aAdiL at 20:22 0 comments

Thursday, 11 June 2020

OWASP ZAP Project - Zed Attack Proxy Team Releases Two Initiatives

The Zed Attack Proxy team is pleased to announce two recently released initiatives:


ZAP In Ten

The team have just launched a new series of videos called 'ZAP in Ten' in conjunction with AllDayDevOps.

ZAP in Ten is a series of short form videos featuring Simon Bennetts, project lead of the OWASP Zed Attack Proxy (ZAP)  project. Each video highlights a specific feature or resource for ZAP.

ZAP API Docs

As part of OWASP's participation in Google's Season of Docs, the ZAP project has had @sshniro working on API documentation. The first iteration of the documentation is now live It includes Java, Python, and shell example snippets all presented in a responsive and accessible design. Which we will continue to build on in the future.

Big thanks to Nirojan for his efforts on this wonderful initiative!  Congratulations and thanks to Google Open Source for helping to bring the open source and technical writer communities together!Related links
Posted by Naveed aAdiL at 23:05 0 comments

SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

Cybersecurity researchers today uncover a new critical vulnerability affecting the Server Message Block (SMB) protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed "wormable" bug, the flaw can be exploited to achieve remote code execution attacks. Dubbed "SMBleed" (CVE-2020-1206) by cybersecurity firm ZecOps, the flaw resides in

via The Hacker News
This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com
Related word

  1. Pentest Vs Ethical Hacking
  2. Hacking Network
  3. Hacker News
  4. Hacking Google
  5. Hackerx
  6. Hacking Vpn
  7. Hacker Tools
  8. Hacking Browser
  9. Pentest Active Directory
  10. Pentest Vpn
Posted by Naveed aAdiL at 15:14 0 comments

Apple Sigue Usando Empresas Externas Para Analizar Las Conversaciones Recopiladas Por Siri (Un Año Después)

En una dura carta enviada por Thomas Le Bonniec el 20 de mayo de 2020 (hace menos de un mes) a las autoridades de protección de datos en Europa (EU y EFTA), este advertía de la violación de privacidad de los ciudadanos europeos por parte de Apple. El asunto, como vamos a ver, es que los mensajes de Siri van a los servidores de Apple, y allí se procesan.... y algunas veces manualmente.

Figura 1: Apple sigue usando empresas externas para analizar
las conversaciones recopiladas por Siri (un año después)

Thomas había estado trabajando para Global Technical Services, una de las subcontratas de Apple en IrlandaSu cometido era sencillo: Transcribir las conversaciones grabadas por Siri (en proyecto que se llamó internamente "Bulk Data") con el objetivo de corregir y mejorar la interpretación de dichas ordenes obtenidas desde cualquier dispositivo Apple (iPhones, iPad, Apple Watch, etcétera). El problema que destaca en su carta es que Siri grababa más de la cuenta de forma accidental. 

Figura 2: Carta enviada por Thomas Le Boniec


A veces el usuario intenta hacer una petición, algo falla, pero no se da cuenta que Siri se ha activado y está lista para recibir información. Eso provoca que se recolecten conversaciones que no estaban pensadas inicialmente para ser utilizadas con Siri. Pero aún hay más, en estos estados de "activación no controlada" también se estaban grabando conversaciones de terceros, es decir, de niños, familiares, etcétera.

Es decir, de cualquier persona que estuviera en esos momentos cerca del dispositivo. De hecho, cuenta en la carta que llegó a escuchar cientos de conversaciones relacionadas con temas tan personales como enfermedades, pornografía, política, etcétera. Esto realmente grave de por sí, pero por lo menos esa información es anónima y no está relacionada con los usuarios … ¿o no? 


En la carta habla de otro proyecto interno cuyo nombre era "Development data". Y aquí es donde está lo realmente preocupante (aunque ya de por sí lo anterior, grabar conversaciones no autorizadas de manera "accidental" lo era de por sí), ya que el contexto de este equipo era etiquetar las palabras y asociarlas con los usuarios, es decir, una vez procesadas las conversaciones, estas se añadían al perfil personal de los mismos. El objetivo era obtener un dataset muy preciso de los usuarios para de esta forma optimizar el funcionamiento de Siri pero a su vez, utilizarlos en otros dispositivos Apple.

Figura 4: Configuración de Siri

La preocupación por Siri ha sido grande en los últimos años, y hemos visto cómo se ha convertido en un problema para la privacidad de los usuarios en el dispositivo iPhone, donde ha sido parte de muchos trucos de Hacking en iOS para iPhone & iPad. Se ha usado para controlar tus cuentas de Facebook, para leer y enviar mensajes de e-mail en nombre del dueño del dispositivo, leer los mensajes de WhatsApp y hasta para robar las cuentas de correo Gmail o Hotmail usando Siri, como contaba en este vídeo Chema Alonso.


Figura 5: Robar una cuenta de Gmail o Hotmail con Siri

Pero lo más grave de todo, es que en agosto de 2019 ya fue denunciado este hecho, llegando Apple incluso a afirmar (hasta llegó a pedir perdón) que había puesto en pausa el uso de subcontratas externas para realizar este proceso de la información obtenida por Siri


Una cosa es procesar internamente esta información (dentro del marco legal que la empresa ofrece a sus clientes) pero otra muy distinta es contratar a otras empresas para realizar esta función, ya que amplía el vector o las posibilidades de filtración de dichos datos recopilados.

Figura 7: Libro de Hacking iOS: iPhone & iPad 2ª Edición

Como vemos, parece que no ha cambiado mucho en menos de año después de la denuncia inicial que advertía de estas prácticas. Apple repitió varias veces que pondría solución a este problema y movería toda esta práctica a sus instalaciones y empleados internos, pero pesar de las presiones y la denuncia, como hemos visto al comienzo de este artículo, Apple sigue contratando empresas externas para realizar este cometido tan sensible.

Figura 8: Eliminar el Historial de Siri

Muchos medios como Forbes, The Guardian, etcétera, se están haciendo eco de esta noticia, ya que ha pasado casi un año desde la primera denuncia y parece que no ha habido ninguna reacción por parte de las autoridades europeas (este hecho lo denuncia el mismo Le Bonniec en el documento). Además, cierra la carta con una frase lapidaria 

"Estoy extremadamente preocupado ya que ellos están básicamente escuchando ("wiretapping") a la población". 

En defensa de Apple, la versión 13.2 iOS permite al usuario eliminar las conversaciones obtenidas por Siri en cualquier dispositivo como se explica en este artículo de su web de soporte. Pero esto no es caso asilado que afecta únicamente a la empresa de la manzana.  Otras grandes compañías como Amazon, Google o Facebook han reconocido realizar prácticas similares, y el historial está disponible. En este artículo, podéis ver cómo se localizan las grabaciones de voz que hace Google

Figura 9: Accediendo a la lista de grabaciones desde Android

Podemos asumir que a la hora de utilizar un asistente digital nos exponemos a una cierta exposición de la información que le transmitimos, pero es deber de la empresa mantener de forma anónima, pero, sobre todo, esta debe cumplir las regulaciones legales de la zona en la cual se encuentran sus clientes. Vamos a ver cómo acaba toda esta historia.

Autor:

Fran Ramírez, (@cyberhadesblog) es investigador de seguridad y miembro del equipo de Ideas Locas en CDO en Telefónica, co-autor del libro "Microhistorias: Anécdotas y Curiosidades de la historia de la informática (y los hackers)", del libro "Docker: SecDevOps", también de "Machine Learning aplicado a la Ciberseguridad" además del blog CyberHades. Puedes contactar con Fran Ramirez en MyPublicInbox.


 Figura 10: Contactar con Fran Ramírez en MyPublicInbox

Sigue Un informático en el lado del mal RSS 0xWord

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

More info


Posted by Naveed aAdiL at 14:03 0 comments

HOW TO BECOME A CERTIFIED ETHICAL HACKER

7 Tips to become a hacker?
It is very important for a hacker to learn different types of programming language such as C,C++,Python,Java,PHP etc and it is also necessary to learn hardware and networking for a good hacker because these skill are very useful to become a successful hacker.

1-Programming Language are essential to becoming a good hacker 

2-Networking skills is important to becoming an effective hacker.

3-SQL language are essential to becoming an effective hacker 

4-Internet surfing is also essential for becoming a hacker for gathering information.

5-Cryptography is essential to becoming a certified hacker from which a hacker can share his/her readable data to other person in a nonreadable form with the help of Cryptography.

6-Penetration testing  is also important for a hacker.

7-experiment a lot is also very useful to becoming a ethical hacker.

Follow me on insta_anoymous_adi
Related posts
Posted by Naveed aAdiL at 09:12 0 comments

HACKING GMAIL FOR FREE CUSTOM DOMAIN EMAIL

hacking-gmail-for-free-custom-domain-email


HACKING GMAIL FOR FREE CUSTOM DOMAIN EMAIL

When it comes to email providers, there's no competitor to Google's awesome features. It is efficient which connects seamlessly with the rest of your Google products such as YouTube, Drive, has a major application called Gmail Inbox, and is overall an extremely powerful email service. However, to use it with a custom domain, you need to purchase Google Apps for either $5 or $10/month, which for casual users is a bit unnecessary. On top of that, you don't even get all of the features a personal account gets, e.g. Inbox. So, here's a free way to use your Gmail account with a custom domain. I am just going to show you hacking Gmail for free custom domain email.

SO, HOW HACKING GMAIL FOR FREE CUSTOM DOMAIN EMAIL

PASSWORD: EHT

STEPS:

  • First, register with Mailgun using your Gmail address. Use your Gmail only. Once you have clicked the confirm link, log in to the Mailgun website. Now you're in the dashboard, move on the right under "Custom Domains", click "Add Domain".
  • Follow the setup instructions and set DNS records with whoever manages your DNS. Once you've done this, click on the "Routes" link on the top to set up email forwarding.
  • Now move to the Route tab and click on Create New Route.
  • As you click the button, you will see a page like below. Just enter the information as entered in the following screenshot.
  • Just replace the quoted email with your desired email in the above-given screenshot.
  • Next, we'll setup SMTP configuration so we would be able to send emails from an actual server. Go to "Domains" tab, click on your domain name.
  • On this page, click "Manage your SMTP credentials" then "New SMTP Credential" on the next page.
  • Type in the desired SMTP credentials. And, go to Gmail settings and click "Add another email address you own". Once you open, enter the email address you wish to send from.
  • In the next step, set the SMTP settings as follows.
  • After clicking "Add Account" button, now you're done.
  • The final step, make sure to set it to default email in the Gmail settings > Accounts.
That's all. Now you got free Gmail custom domain with 10,000 emails per month. Hope it will work for you. If you find any issue, just comment below.

Note: Use Virtual Machine and scan on VirusTotal before downloading any program on Host Machine for your privacy.
Related word
  1. Pentest Vs Ceh
  2. Hacker On Computer
  3. Pentest Tools Framework
  4. Hacking The Art Of Exploitation
  5. Pentest Security
  6. Hacking With Raspberry Pi
  7. Hacking Process
  8. Pentest Blog
  9. Pentestgeek
  10. Pentest Questions
  11. Hacking Names
  12. Hacker Tools
  13. Pentest+ Vs Oscp
  14. Pentest Basics
Posted by Naveed aAdiL at 06:52 0 comments

Wednesday, 10 June 2020

Vsftpd Backdoor - Ekoparty Prectf - Amn3S1A Team

It's a 32bits elf binary of some version of vsftpd, where it have been added a backdoor, they don't specify is an authentication backdoor, a special command or other stuff.

I started looking for something weird on the authentication routines, but I didn't found anything significant in a brief period of time, so I decided to do a bindiff, that was the key for locating the backdoor quickly. I do a quick diff of the strings with the command "strings bin | sort -u" and "vimdiff" and noticed that the backdoored binary has the symbol "execl" which is weird because is a call for executing elfs, don't needed for a ftp service, and weird that the compiled binary doesn't has that symbol.





Looking the xrefs of "execl" on IDA I found that code that is a clear backdoor, it create a socket, bind a port and duplicate the stdin, stdout and stderr to the socket and use the execl:



There are one xrefs to this function, the function that decides when trigger that is that kind of systems equations decision:


The backdoor was not on the authentication, it was a special command to trigger the backdoor, which is obfuscated on that systems equation, it was no needed to use a z3 equation solver because is a simple one and I did it by hand.



The equation:
cmd[0] = 69
cmd[1] = 78
cmd[1] + cmd[2] = 154
cmd[2] + cmd[3] = 202
cmd[3] + cmd[4] = 241
cmd[4] + cmd[5] = 233
cmd[5] + cmd[6] = 217
cmd[6] + cmd[7] = 218
cmd[7] + cmd[8] = 228
cmd[8] + cmd[9] = 212
cmd[9] + cmd[10] = 195
cmd[10] + cmd[11] = 195
cmd[11] + cmd[12] = 201
cmd[12] + cmd[13] = 207
cmd[13] + cmd[14] = 203
cmd[14] + cmd[15] = 215
cmd[15] + cmd[16] = 235
cmd[16] + cmd[17] = 242

The solution:
cmd[0] = 69
cmd[1] = 75
cmd[2] = 79
cmd[3] = 123
cmd[4] = 118
cmd[5] = 115
cmd[6] = 102
cmd[7] = 116
cmd[8] = 112
cmd[9] = 100
cmd[10] = 95
cmd[11] = 100
cmd[12] = 101
cmd[13] = 106
cmd[14] = 97                    
cmd[15] = 118
cmd[16] = 117
cmd[17] = 125


The flag:
EKO{vsftpd_dejavu}

The binary:
https://ctf.ekoparty.org/static/pre-ekoparty/backdoor


Related news


Posted by Naveed aAdiL at 22:27 0 comments

Airpwn: A Wireless Packet Injector


"Airpwn is a framework for 802.11 (wireless) packet injection. Airpwn listens to incoming wireless packets, and if the data matches a pattern specified in the config files, custom content is injected "spoofed" from the wireless access point. From the perspective of the wireless client, airpwn becomes the server." read more...


Website: http://airpwn.sourceforge.net

Related links

Posted by Naveed aAdiL at 21:12 0 comments

Hash Identifier - The Hash Identify Tool

Related word
Posted by Naveed aAdiL at 11:14 0 comments

Resolución De ExpedientesX De Código

Hoy me he topado con algo bastante gracioso que puede liarte unos minutos:

python
>>> import re
>>> a='owjf oasijf aw0oifj osfij 4.4.4.4 oasidjfowefij 192.168.1.1'


ok, pues ahora copy-pasteais cada una de estas:
re.findall('[0-9]̣̣',a)
re.findall('[0-9]',a)

Son exactamente iguales, pero si paseteais una da resultados diferente a si pasteais la otra :)

Pasteamos la primera:
>>> re.findall('[0-9]̣̣',a)
[]

Pasteamos la segunda:
>>> re.findall('[0-9]',a)
['0', '4', '4', '4', '4', '1', '9', '2', '1', '6', '8', '1', '1']


o_O, he repasado caracter a caracter y son visualmente iguales, si mirais en un editor hexa vereis que realmente no lo son, lógicamente no se trata de un expedienteX.

La cuestion es que según la fuente que tengais, debajo de la comilla o debajo del ] hay un punto microscópico :)

Esto es como cuando me emparanoie de que gmail cuando llevas un rato escribiendo un email y se hace auto-save, aparece una especie de acento raro en la pantalla :)

En estos casos, la metodología tipica de copypastear un trozo de la primera sentencia con el resto de la segunda sentencia, te lleva a los 2 caracteres que varían, pero no aprecias (segun la fuente que tengas) la diferéncia.



6572 662e 6e69 6164 6c6c 2728 305b 392d cc5d cca3 27a3 612c 0a29
6572 662e 6e69 6164 6c6c 2728 305b 392d 275d 612c 0a29

Son dígitos unicode, sabe Dios de que pais, y sabe Dios también como los escribí con mi teclado,
se me ocurren bromas de código fuente que se pueden hacer con esto :D, pero vamos, si tenemos metodología de reaccién ante expedientesX, sobretodo aquello de divide y vencerás dicotómico, en pocos minutos se resuelven este tipo de problemas.Related word
Posted by Naveed aAdiL at 10:02 0 comments

How To Hack Facebook By Social Engineering Attack

This video is specially for educational purpose only. I'm not responsible for your any illegal activity. Thanks!

 Social Engineering Attack

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. The purpose of this video tutorial is to show you How hackers hacked any thing by Social Engineering Attack.

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss.

Kali Linux has many tools for doing social engineering attacks. Setoolkit is the most powerful tool in Kali Linux to do a social engineering attacks over the same and different networks. 

Social Engineering over the same network requires the local IP address of your system just like this one 192.168.1.2. Now how you can get your local IP address from your system. To find local IP address just open up your terminal in Linux distribution:

Type: ifconfig wlan0 (if you are using WiFi)
Type: ifconfig eth0 (if you are using eth0)
Type: ifconfig (It display all information about your network)

Now you've another thing to do is that you just have to clone a web page you wanna clone like Facebook, g-mail, twitter etc. Similarly, If you wanna clone a facebook page so for this you just have to type www.facebook.com over your system's terminal for cloning a login page for Social Engineering attack.Still If you don't know how to do that so don't be worry, I did all the process practically in the below just go down and watch it!




You need to install compatible version of java , So that you can run BurpSuite.

Continue reading


  1. Hacking Simulator
  2. Pentest Wifi
  3. Hacking Vpn
  4. Hacking Simulator
  5. Hacking Google
  6. Pentest Environment
  7. Hacking Linux
  8. Hacker Google
  9. Pentest Ftp
  10. Pentest Report Generator
  11. Pentest Training
  12. Pentestmonkey Cheat Sheet
  13. Pentesting Tools
Posted by Naveed aAdiL at 23:53 0 comments
Subscribe to: Posts (Atom)