31 May, 2023

Snmpcheck


"snmpcheck is a free open source utility to get information via SNMP protocols. It works fine against Windows, Linux, Cisco, HP-UX, SunOS systems and any devices with SNMP protocol support. It could be useful for penetration testing or systems monitoring. snmpcheck has been tested on GNU/Linux, *BSD, Windows systems and Cygwin. snmpcheck is distributed under GPL license and based on Athena-2k script by jshaw. " read more...

Website: http://www.nothink.org/perl/snmpcheck


More information


  1. Easy Hack Tools
  2. Free Pentest Tools For Windows
  3. Hacker Tools Github
  4. Pentest Tools Windows
  5. Hacking Tools Online
  6. Pentest Tools Download
  7. Hacker Tools List
  8. Beginner Hacker Tools
  9. Hacking Apps
  10. Hacking Tools For Games
  11. Pentest Tools Github
  12. Pentest Tools Port Scanner
  13. Android Hack Tools Github
  14. Hacking Tools
  15. Pentest Automation Tools
  16. Hacking Tools For Kali Linux
  17. Hacking Tools Windows 10
  18. Hacking Tools Windows 10
  19. Pentest Box Tools Download
  20. Hacker Hardware Tools
  21. Hacking Tools Name
  22. Pentest Tools Subdomain
  23. Pentest Tools For Windows
  24. Hack Tool Apk No Root
  25. Hacker Tools Software
  26. Hacker Tools Software
  27. Hacking Tools For Mac
  28. Hack Tools 2019
  29. Hacking Tools For Kali Linux
  30. Hack Tools For Ubuntu
  31. Hacker Tools Windows
  32. Pentest Tools Website
  33. Hacker Tools Online
  34. Hacking Tools For Windows 7
  35. Growth Hacker Tools
  36. Hacking Tools Mac
  37. Top Pentest Tools
  38. Hack Tools For Ubuntu
  39. Pentest Tools Android
  40. Hacker Tools For Pc
  41. Hacking Tools For Games
  42. Pentest Tools Linux
  43. Hacker Tools Online
  44. New Hack Tools
  45. Pentest Tools Download
  46. Hacking Tools Windows
  47. Hacker Tools For Mac
  48. Computer Hacker
  49. Hack Tools Github
  50. Install Pentest Tools Ubuntu
  51. Best Pentesting Tools 2018
  52. Hacker Hardware Tools
  53. Pentest Tools Find Subdomains
  54. Pentest Tools Subdomain
  55. Hack Tools For Windows
  56. Free Pentest Tools For Windows
  57. Github Hacking Tools
  58. Hack Tools 2019
  59. Best Pentesting Tools 2018
  60. Pentest Tools Linux
  61. Pentest Tools Windows
  62. Best Hacking Tools 2020
  63. How To Make Hacking Tools
Posted by at No comments:

PHoss: A Password Sniffer


"PHoss is a sniffer. A normal sniffer software is designed to find problems in data communication on the network. PHoss is designed to know some protocols which use (or may use) clear text passwords. Many protocols are designed to use secure authentication. For fallback they define a lowest level of authentication using clear text. Many companies use this lowest fallback definition as standard setting to make the product working in many environments." read more...

Download: http://www.phenoelit-us.org/phoss/download.html

More info


Posted by at No comments:

Scanning TLS Server Configurations With Burp Suite

In this post, we present our new Burp Suite extension "TLS-Attacker".
Using this extension penetration testers and security researchers can assess the security of TLS server configurations directly from within Burp Suite.
The extension is based on the TLS-Attacker framework and the TLS-Scanner, both of which are developed by the Chair for Network and Data Security.

You can find the latest release of our extension at: https://github.com/RUB-NDS/TLS-Attacker-BurpExtension/releases

TLS-Scanner

Thanks to the seamless integration of the TLS-Scanner into the BurpSuite, the penetration tester only needs to configure a single parameter: the host to be scanned.  After clicking the Scan button, the extension runs the default checks and responds with a report that allows penetration testers to quickly determine potential issues in the server's TLS configuration.  Basic tests check the supported cipher suites and protocol versions.  In addition, several known attacks on TLS are automatically evaluated, including Bleichenbacher's attack, Padding Oracles, and Invalid Curve attacks.

Furthermore, the extension allows fine-tuning for the configuration of the underlying TLS-Scanner.  The two parameters parallelProbes and overallThreads can be used to improve the scan performance (at the cost of increased network load and resource usage).

It is also possible to configure the granularity of the scan using Scan Detail and Danger Level. The level of detail contained in the returned scan report can also be controlled using the Report Detail setting.

Please refer to the GitHub repositories linked above for further details on configuration and usage of TLS-Scanner.

Scan History 

If several hosts are scanned, the Scan History tab keeps track of the preformed scans and is a useful tool when comparing the results of subsequent scans.

Additional functions will follow in later versions

Currently, we are working on integrating an at-a-glance rating mechanism to allow for easily estimating the security of a scanned host's TLS configuration.

This is a combined work of Nurullah Erinola, Nils Engelbertz, David Herring, Juraj Somorovsky, Vladislav Mladenov, and Robert Merget.  The research was supported by the European Commission through the FutureTrust project (grant 700542-Future-Trust-H2020-DS-2015-1).

If you would like to learn more about TLS, Juraj and Robert will give a TLS Training at Ruhrsec on the 27th of May 2019. There are still a few seats left.
Related news
  1. New Hacker Tools
  2. What Are Hacking Tools
  3. Tools 4 Hack
  4. Pentest Tools For Android
  5. Top Pentest Tools
  6. Hacker Tools List
  7. Physical Pentest Tools
  8. Pentest Tools Subdomain
  9. Pentest Tools Linux
  10. Hacking Tools For Pc
  11. Hacker Tools Github
  12. Hacker Tools For Pc
  13. Pentest Tools Windows
  14. Pentest Tools Nmap
  15. Pentest Tools Open Source
  16. Hacker Tools For Pc
  17. Nsa Hacker Tools
  18. Pentest Tools Apk
  19. What Is Hacking Tools
  20. Hacker Tools
  21. Hacker Tools Online
  22. Blackhat Hacker Tools
  23. Pentest Tools For Mac
  24. Hacker Tools Linux
  25. Tools For Hacker
  26. How To Hack
  27. Hacking Tools Windows 10
  28. Hack Tools
  29. Ethical Hacker Tools
  30. Hacker Tools For Pc
  31. Ethical Hacker Tools
  32. How To Install Pentest Tools In Ubuntu
  33. Black Hat Hacker Tools
  34. Hacker Tools Free Download
  35. Hacking Tools For Kali Linux
  36. Hacker Tools Online
  37. Hack Tools Online
  38. Wifi Hacker Tools For Windows
  39. Hacker Tools Github
  40. Hack Tools For Games
  41. Hacker Techniques Tools And Incident Handling
  42. Hacker Tools Online
  43. Hacking Tools For Mac
  44. Hacking Tools For Games
  45. Hacking Tools For Windows Free Download
  46. Hacker Tools For Mac
  47. Pentest Tools For Mac
  48. Pentest Tools Port Scanner
  49. Pentest Tools Free
  50. Hak5 Tools
  51. Hacker Tools Apk
  52. Pentest Tools Windows
  53. Hacker Hardware Tools
  54. Pentest Tools Website Vulnerability
  55. Pentest Box Tools Download
  56. Pentest Tools For Ubuntu
  57. Hacking Tools And Software
  58. Hacking Tools Pc
  59. Pentest Tools Port Scanner
  60. Black Hat Hacker Tools
  61. Pentest Tools For Mac
  62. Hack Tool Apk No Root
  63. Hacker Security Tools
  64. Pentest Tools For Mac
  65. Pentest Tools Subdomain
Posted by at No comments:

30 May, 2023

Cracking Windows 8/8.1 Passwords With Mimikatz



You Might have read my previous posts about how to remove windows passwords using chntpw and might be thinking why am I writing another tutorial to do the same thing! Well today we are not going to remove the windows user password rather we are going to be more stealth in that we are not going to remove it rather we are going to know what is the users password and access his/her account with his/her own password. Sounds nice...

Requirements:


  1. A live bootable linux OS (I'm using Kali Linux)(Download Kali Linux)
  2. Mimikatz (Download | Blog)
  3. Physical Access to victim's machine
  4. A Working Brain in that Big Head (Download Here)

Steps:

1. First of all download mimikatz and put it in a pendrive.

 2. Boat the victim's PC with your live bootable Pendrive (Kali Linux on pendrive in my case). And open a terminal window

 3. Mount the Volume/Drive on which windows 8/8.1 is installed by typing these commands
in the terminal window:

 mkdir /media/win
ntfs-3g /dev/sda1 /media/win

 [NOTE] ntfs-3g is used to mount an NTFS drive in Read/Write mode otherwise you might not be able to write on the drive. Also /dev/sda1 is the name of the drive on which Windows OS is installed, to list your drives you can use lsblk -l or fdisk -l. The third flag is the location where the drive will be mounted.

 4. Now navigate to the System32 folder using the following command

 cd /media/win/Windows/System32

 5. After navigating to the System32 rename the sethc.exe file to sethc.exe.bak by typing the following command:

 mv sethc.exe sethc.exe.bak

 sethc.exe is a windows program which runs automatically after shift-key is pressed more than 5 times continuously.

 6. Now copy the cmd.exe program to sethc.exe replacing the original sethc.exe program using this command:

 cp cmd.exe sethc.exe

 [Note] We made a backup of sethc.exe program so that we can restore the original sethc.exe functionality

 7. With this, we are done with the hard part of the hack now lets reboot the system and boot our Victim's Windows 8/8.1 OS.

 8. After reaching the Windows Login Screen plugin the usb device with mimikatz on it and hit shift-key continuously five or more times. It will bring up a command prompt like this



9. Now navigate to your usb drive in my case its drive G:


10. Now navigate to the proper version of mimikatz binary folder (Win32 for32bit windows and x64 for 64 bit windows)
11. Run mimikatz and type the following commands one after the other in sequence:

 privilege::debug
token::elevate
vault::list

 the first command enables debug mode
the second one elevates the privilages
the last one lists the passwords which include picture password and pin (if set by the user)







That's it you got the password and everything else needed to log into the system. No more breaking and mess making its simple its easy and best of all its not Noisy lol...

 Hope you enjoyed the tutorial have fun :)

Related articles


Posted by at No comments:

Ask And You Shall Receive



I get emails from readers asking for specific malware samples and thought I would make a mini post about it.

Yes, I often obtain samples from various sources for my own research.

 I am sometimes too lazy/busy to post them but don't mind sharing.
If you are looking for a particular sample, feel free to ask. I might have it.

Send MD5 (several or few samples). I cannot provide hundreds/thousands of samples or any kind of feeds. If you ask for a particular family, I might be able to help if I already have it.

Unfortunately, I do not have time to do homework for students and provide very specific sets for malware with specific features as well as guarantee the C2s are still active.  Send your MD5(s) or at least malware family and I check if I have it :) If i have it, I will either send you or will post on the blog where you can download.

If you emailed me in the past and never got an answer, please remind me. Sometimes emails are long with many questions and I flag them to reply to later, when I have time and they get buried or I forget. It does not happen very often but accept my apologies if it happened to you.

Before you ask, check if it is already available via Contagio or Contagio Mobile.
1. Search the blog using the search box on the right side
2. Search here https://www.mediafire.com/folder/b8xxm22zrrqm4/BADINFECT
3. Search here https://www.mediafire.com/folder/c2az029ch6cke/TRAFFIC_PATTERNS_COLLECTION
4. Search here https://www.mediafire.com/folder/78npy8h7h0g9y/MOBILEMALWARE

Cheers,  Mila

Related posts
Posted by at No comments:

29 May, 2023

Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:


Firefox Quantum version:



The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip




The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.




Related news

Posted by at No comments:
Subscribe to: Posts (Atom)