Tag Archives: Exploits/Vulnerabilities

Four Year Old libssh Bug Leaves Servers Wide Open

Post Syndicated from Darknet original https://www.darknet.org.uk/2018/10/four-year-old-libssh-bug-leaves-servers-wide-open/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Four Year Old libssh Bug Leaves Servers Wide Open

A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn’t that big as neither OpenSSH or the GitHub implementation are affected.

The bug is in the not so widely used libSSH library, not to be confused with libssh2 or OpenSSH – which are very widely used.

There’s a four-year-old bug in the Secure Shell implementation known as libssh that makes it trivial for just about anyone to gain unfettered administrative control of a vulnerable server.

Read the rest of Four Year Old libssh Bug Leaves Servers Wide Open now! Only available at Darknet.

SCADA Hacking – Industrial Systems Woefully Insecure

Post Syndicated from Darknet original https://www.darknet.org.uk/2018/06/scada-hacking-industrial-systems-woefully-insecure/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

SCADA Hacking – Industrial Systems Woefully Insecure

It seems like SCADA hacking is still a topic in hacker conferences, and it should be with SCADA systems still driving power stations, manufacturing plants, refineries and all kinds of other powerful and dangerous things.

The latest talk given on the subject shows with just 4 lines of code and a small hardware drop device a SCADA based facility can be effectively DoSed by sending repeated shutdown commands to suscpetible systems.

Read the rest of SCADA Hacking – Industrial Systems Woefully Insecure now! Only available at Darknet.

XXE Injection Attacks – XML External Entity Vulnerability With Examples

Post Syndicated from Darknet original https://www.darknet.org.uk/2017/10/xxe-injection-attacks-xml-external-entity-vulnerability-examples/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

XXE Injection Attacks – XML External Entity Vulnerability With Examples

XXE Injection Attacks or XML External Entity vulnerabilities are a specific type of Server Side Request Forgery or SSRF attack relating to abusing features within XML parsers.

The features these attacks go after are widely available but rarely used and when trigged can cause a DoS (Denial of Service) attack and in some cases much more serious escalation like extraction of sensitive data or in worst case scenarios RCE or Remote Code Execution.

Read the rest of XXE Injection Attacks – XML External Entity Vulnerability With Examples now! Only available at Darknet.

UACMe – Defeat Windows User Account Control (UAC)

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/K8gCPhG8--Y/

UACme is a compiled, C-based tool which contains a number of methods to defeat Windows User Account Control commonly known as UAC. It abuses the built-in Windows AutoElevate backdoor and contains 41 methods. The tool requires an Admin account with the Windows UAC set to default settings. Usage Run executable from command line: akagi32 [Key]…

Read the full post at darknet.org.uk

US Voting Machines Hacked At DEF CON – Every One

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/2jfq8D4XaNo/

US Voting Machines Hacked, some in minutes at this year’s DEF CON “Voting Village” – not something you want to hear really. Especially with the results of recent elections that the World is currently dealing with the consequences from. Of course with physical access, most machines can be dominated in some way or another – […]

The post US…

Read the full post at darknet.org.uk

CrackMapExec – Active Directory Post-Exploitation Tool

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/r7Om66Zbxck/

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS…

Read the full post at darknet.org.uk

EvilAbigail – Automated Evil Maid Attack For Linux

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/BiIauhKWLqY/

EvilAbigail is a Python-based tool that allows you run an automated Evil Maid attack on Linux systems, this is the Initrd encrypted root fs attack. An Evil Maid attack is a type of attack that targets a computer device that has been shut down and left unattended. An Evil Maid attack is characterized by the […]

The post EvilAbigail –…

Read the full post at darknet.org.uk

All You Need To Know About Cross-Site Request Forgery (CSRF)

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/nBF_Xjl7rQw/

Cross-Site Request Forgery is a term you’ve properly heard in the context of web security or web hacking, but do you really know what it means? The OWASP definition is as follows: Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re […]

The post All You Need…

Read the full post at darknet.org.uk

Another Week Another Mass Domain Hijacking

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/vUbvLnf_9qw/

Following shortly after the .io domain cock-up that left thousands vulnerable to domain hijacking, this week more than 750 domains were jacked via registrar Gandi. Seems like some pretty sloppy administration going on, but that’s how business goes sadly security is still a very much reactive trade. People don’t enable strict controls and audit…

Read the full post at darknet.org.uk

DJI Firmware Hacking Removes Drone Flight Restrictions

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/WrLMjVOTRig/

Drones have been taking over the world, everyone with a passing interest in making videos has one and DJI firmware hacking gives you the ability to remove all restrictions (no-fly zones, height and distance) which under most jurisdictions is illegal (mostly EU and FAA for the US). It’s an interesting subject, and also a controversial…

Read the full post at darknet.org.uk

GnuPG Crypto Library libgcrypt Cracked Via Side-Channel

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/NsgNol1ZoHY/

Some clever boffins including Internet software pioneer djb have gotten libgcrypt cracked via a Side-Channel attack which has to do with the direction of a sliding window carried out in the library. Patches have already been released so update your Linux servers ASAP, even though honestly it seems like a fairly theoretical attack (this…

Read the full post at darknet.org.uk

NotPetya Ransomeware Wreaking Havoc

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/0IfKiBP5jIo/

The latest splash has been made by the Petya or NotPetya Ransomware that exploded in Ukraine and is infecting companies all over the World. It’s getting some people in deep trouble as there’s no way to recover the files once encrypted. The malware seems to be trying to hide it’s intent as it doesn’t really […]

The post NotPetya Ransomeware…

Read the full post at darknet.org.uk

Winpayloads – Undetectable Windows Payload Generation

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/y3Szx2PyNH4/

Winpayloads is a tool to provide undetectable Windows payload generation with some extras running on Python 2.7. It provides persistence, privilege escalation, shellcode invocation and much more. Features UACBypass – PowerShellEmpire PowerUp – PowerShellEmpire Invoke-Shellcode Invoke-Mimikatz Invoke-EventVwrBypass Persistence – Adds payload…

Read the full post at darknet.org.uk

TheFatRat – Massive Exploitation Tool

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/A3ozOmH4BDE/

TheFatRat is an easy-to-use Exploitation Tool that can help you to generate backdoors and post exploitation attacks like browser attack DLL files. This tool compiles malware with popular payloads and then the compiled malware can be executed on Windows, Linux, Mac OS X and Android. The malware that is created with this tool also has […]

The…

Read the full post at darknet.org.uk

South Korean Webhost Nayana Pays USD1 Million Ransom

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/jTy5T4S7TZQ/

So far this Nayana payout is the biggest ransomware payment I’ve seen reported, there’s probably some bigger ones been paid but kept undercover. Certainly a good deal for the bad actors in this play, and well using an outdated Kernel along with PHP and Apache versions from 2006 you can’t feel too sorry for Nayana. […]

The post South Korean…

Read the full post at darknet.org.uk

pyrasite – Inject Code Into Running Python Processes

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/3M0qvPvkkas/

pyrasite is a Python-based toolkit to inject code into running Python processes. pyrasite works with Python 2.4 and newer. Injection works between versions as well, so you can run Pyrasite under Python 3 and inject into 2, and vice versa. Usage [crayon-5947fd3c82613308190200/] You can download pyrasite here: pyrasite-2.0.zip Or read more…

Read the full post at darknet.org.uk

OneLogin Hack – Encrypted Data Compromised

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/Wna-TVQtB3U/

The OneLogin hack is blowing up now it seems like whoever got access can also decrypt encrypted customer data which is just about AS BAD as it can get for a password/identity management service. Now I’m a HUGE supporter of password management tools as I’ve mentioned many times here, so anyone who signed up for […]

The post OneLogin Hack…

Read the full post at darknet.org.uk

Windows XP Too Unstable To Spread WannaCry

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/j_usdwvHhp4/

Not a super serious article this one, but I found it very entertaining – apparently, Windows XP has a BSOD (Blue Screen of Death) when faced with a WannaCry infection. There’s a very extension analysis of WannaCry here where this information comes from WannaCry: Two Weeks and 16 Million Averted Ransoms Later. Yes, WannaCrypt can […]

The…

Read the full post at darknet.org.uk

Sn1per – Penetration Testing Automation Scanner

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/7u7rGmLhYJc/

Sn1per is a penetration testing automation scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning…

Read the full post at darknet.org.uk

WannaCry Ransomware Foiled By Domain Killswitch

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/ASy1wNCVg7I/

Whilst I was away on a tropical island enjoying myself the Infosec Internet was on fire with news of the global WannaCry ransomware threat which showed up in the UK NHS and was spreading across 74 different countries. The Ransomware seems to be the first that is P2P using an SMB exploit from the NSA […]

The post WannaCry Ransomware Foiled…

Read the full post at darknet.org.uk