Hack-tualité by G-echo - Security : hacks, exploits, protection, tools - Semaine 2019/3

Security : hacks, exploits, protection, tools - Semaine 2019/3

Improved Fallout EK comes back after short hiatus
Fri, 18 Jan 2019 17:50:49 GMT
After a short hiatus in early January, the Fallout exploit kit is back in business again with some new features for the new year. During its absence, …
A Deeper Look into XSS Payloads
Fri, 18 Jan 2019 06:52:30 GMT
Over time, the type of vulnerabilities seen in the web app landscape changes. One that has persisted year in, year out, is cross-site scripting. It’s …
Awesome YARA
Fri, 18 Jan 2019 06:50:33 GMT
InQuest
README.md<p>A curated list of awesome YARA rules, tools, and resources. Inspired by awesome-python and awesome-php.<p>YARA is an ancronym for: YARA: …
Malboxes
Thu, 17 Jan 2019 21:18:17 GMT
GoSecure
README.adoc<p><b>Project health</b><p>Builds malware analysis Windows virtual machines so that you don’t have to.<p>https://github.com/gosecure/malboxes<p>Table of …
How To: Use Ettercap to Intercept Passwords with ARP Spoofing
Wed, 16 Jan 2019 07:35:50 GMT
Kody
ARP spoofing is an attack against an Ethernet or Wi-Fi network to get between the router and the target user. In an ARP spoofing attack, messages …
PRETty - "PRinter Exploitation Toolkit" LAN Automation Tool
Mon, 14 Jan 2019 22:24:25 GMT
PRETty is useful when a large number of printers are present on a network. Instead of scanning, logging, and manually running PRET againt each …
Introduction
Mon, 14 Jan 2019 07:38:44 GMT
corkami
This part of the repository is focused on hash collisions for MD5 and SHA1.<p>This is a collaboration with Marc Stevens.<p>The idea is to explore existing …
Blowing the Dust off of an IBM AS/400 Server
Sun, 13 Jan 2019 20:52:24 GMT
by: Tom Nardi
If you’ve never seen an IBM AS/400 machine, don’t feel bad. Most people haven’t. Introduced in 1988 as a mid-range server line, it used a unique …
Intro to NFC Payment Relay Attacks
Sun, 13 Jan 2019 15:30:27 GMT
<b>Disclaimer</b><p>This is a simple intro to relay attacks using NFC payment data. I will add different types of relays during next year.<p><b>Intro</b><p>A NFC payment …
Dump iOS apps in Javascript (Part I)
Sat, 12 Jan 2019 22:58:32 GMT
codecoloristBlockedUnblockFollowFollowing<p>Jan 12<p>The very first step of iOS app penetration is to dump decrypted binary from app store, with a …
Z-WASP attack: hackers used Zero-Width spaces to bypass Office 365 protections
Sat, 12 Jan 2019 14:30:51 GMT
Pierluigi Paganini
<b>Z-WASP attack: Phishers are using a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces and deliver</b> …
Introduction
Sat, 12 Jan 2019 07:07:30 GMT
AxtMueller
Windows Kernel Explorer (you can simply call it as "WKE") is a free but powerful Windows kernel research tool. It supports from Windows XP to Windows …
Spoofing: RFID and SMS
Thu, 10 Jan 2019 21:21:13 GMT
Spoofing, in Simple Terms<p>First, let’s start with a definition – What is Spoofing?<br>According to ForcePoint, “Spoofing is the act of disguising a …
New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
Thu, 10 Jan 2019 15:23:39 GMT
January 10, 2019
Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, …
Heartbreaking Emails: "Love You" Malspam, Author: Brad Duncan
Thu, 10 Jan 2019 09:36:27 GMT
SANS Internet Storm Center
<i>Introduction</i><p>Malicious spam (malspam) using zipped JavaScript (.js) files as email attachments--this is a well-established tactic used by cyber …
Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
Wed, 09 Jan 2019 20:21:20 GMT
Stretcher is a tool to search for open elasticsearch servers. <b><br>Installation</b><p><b>Disclaimer</b><br>Code samples are provided for educational purposes. Adequate …
Advance XSS Persistence With Oauth
Tue, 08 Jan 2019 07:55:16 GMT
dxa4481
README.md<p>When you ask "What's the worst thing that an attacker can do with Cross Site Scripting" in an interview setting, one of the first answers …
ZERODIUM - How to Sell Your 0day Exploit to ZERODIUM
Mon, 07 Jan 2019 19:57:19 GMT
Program Overview<p><b>ZERODIUM is the leading exploit acquisition platform</b> for premium zero-days and advanced cybersecurity capabilities. <b>We pay BIG</b> …
2018-20512 - EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, c - CVE-Search
Fri, 04 Jan 2019 08:05:53 GMT
http://github.com/pidgeyl/cve-search - cve-search
Summary<p>EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies.
Using your BMC as a DMA device: plugging PCILeech to HPE iLO 4
Thu, 03 Jan 2019 23:04:49 GMT
2018 has been a really tough year for BMCs! Although their attack surface was not something new (IPMI has been studied by Dan Farmer back in 2013, …
ss7MAPer – A SS7 pen testing toolkit
Mon, 31 Dec 2018 08:58:59 GMT
by Daniel Mende
While running some SS7 pentests last year, I developed a small tool automating some of the well-known SS7 attack cases. Today I’m releasing the first …
Windows Zero-Day Bug Allows Overwriting Files with Arbitrary Data
Mon, 31 Dec 2018 08:56:43 GMT
Ionut Ilascu
A security researcher has disclosed exploit code for a fourth zero-day vulnerability in Windows operating system in just as many months. The bug …
Basic Static Analysis (Part 1)
Sun, 30 Dec 2018 18:11:39 GMT
As mentioned in my prior post (https://medium.com/@tstillz17/introduction-to-malware-analysis-b98d895fb50), I’ve found that malware analysis can be …
Writing a Basic Keylogger for macOS in Python
Sun, 30 Dec 2018 18:11:02 GMT
A brief look at how to covertly log user activity on macOS<p>Andrew ScottBlockedUnblockFollowFollowing<p>Sep 5<p>⚠️<b>This post is for educational purposes only</b>⚠️<p>…
Beware of Deserialisation in .NET Methods and Classes + Code Execution via Paste!
Sat, 29 Dec 2018 23:12:58 GMT
In light of practical exploitation for deserialisation issues in the .NET Framework [1] [2] [3], we thought it might be useful to identify .NET …
By G-echo