Archive | August, 2008

PuttyHijack V1.0 – Hijack SSH/PuTTY Connections on Windows

Keep on Guard!


PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection.

This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a
callback connection that is then used for input/output redirection.

It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.

Details

1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords

Some basic commands in this version include;

!disco – disconnect the real putty from the display
!reco – reconnect it
!exit – just another way to exit the injected shell

You can download PuttyHijack V1.0 here:

PuttyHijackV1.0.rar

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking

Topic: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


HD Moore’s Company BreakingPoint Suffers DNS Attack

Outsmart Malicious Hackers


It’s somewhat ironic that shortly after the Kaminsky DNS bug went wild and almost immediately got ported into Metasploit that it was then used to attack HD Moore’s very own company BreakingPoint.

It happened just a couple of days ago, it doesnt seem to have been a targeted attack though more like mass spammers/scammers leveraging on this flaw (as expected) to divert people to scam sites.

It happened on Tuesday morning, when Moore’s company, BreakingPoint, had some of its Internet traffic redirected to a fake Google page that was being run by a scammer. According to Moore, the hacker was able to do this by launching what’s known as a cache poisoning attack on a DNS server on AT&T’s network that was serving the Austin, Texas, area. One of BreakingPoint’s servers was forwarding DNS (Domain Name System) traffic to the AT&T server, so when it was compromised, so was HD Moore’s company.

When Moore tried to visit Google.com, he was actually redirected to a fake page that served up a Google page in one HTML frame along with three other pages designed to automatically click on advertisements.

It seems more of a problem with the ISP than BreakingPoint itself, but it still shows, if you rely on your ISPs DNS servers you don’t know what kind of fake content is getting served up to you.

Better safe than sorry right?

The flaw has to do with the way that DNS programs share information over the Internet. In a cache poisoning attack, the attacker tricks a DNS server into associating malicious IP addresses with legitimate domains, such as Google.com. Security experts say that this type of flaw could lead to very successful phishing attacks against Web surfers whose ISPs have not patched their servers.

Because of the nature of the AT&T hack, Moore doesn’t believe that he was targeted by the hackers. Even BreakingPoint employees didn’t realize that their internal DNS server had been configured to use the AT&T machine. Instead, he thinks that the hackers were simply trying to make a quick buck.

AT&T representatives were not immediately available to comment on the incident.

Moore believes that this type of attack may be going on at other ISPs as well.

I wonder if they managed to con anyone? And I wonder if AT&T has fixed this problem yet? It’s surprising that such a large ISP is still susceptible to this flaw after the amount of publicity the DNS bug has gotten.

Just be on the watch out!

Source: InfoWorld (Thanks Navin)

Posted in: Exploits/Vulnerabilities, Networking Hacking, Spammers & Scammers

Topic: Exploits/Vulnerabilities, Networking Hacking, Spammers & Scammers


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


July Commenter of the Month Competition Winner 2008!

Keep on Guard!


Competition time again!

As you know we started the Darknet Commenter of the Month Competition on June 1st 2007 and it’s been running since then! We have just finished the fourteenth month of the competition in July and are now in the fifthteenth, starting a few days ago on August 1st – Sponsored by GFI.

We’ve successfully been holding this contest for a year now!

We are offering some pretty cool prizes including a £50 Amazon Gift Voucher, along with cool GFI merchandise like shirts, keyrings and mugs.

And now the winner will also get a soft copy of the Ethical Hacker Kit.

GFI Goodies

Keep up the great comments and high quality interaction, we really enjoy reading your discussions and feedback.

Just to remind you of the added perks, by being one of the top 5 commenter’s you also have your name and chosen link displayed on the sidebar all month on every page of Darknet, with a high PR5 (close to 6) on most pages (5000+ spidered by Google).

So announcing the winner for July…it’s zupakomputer!

Comments for July were pretty active, more so than June and really picked up towards the end of the month. zupakomputer has been leaving some very interesting and lengthy comments so I feel he really does deserve this prize. Navin actually had the most comments for 2 months in a row (the first time so far) but can’t win the prize twice, so keep up the good comments Navin!

Commenter July

There were some really really really LONG discussions in July and I hope they continue into August (which it looks like they will)! I’d like to thank you all for your participation! I hope it keeps getting better as 2008 develops with more interesting news and tools. Keep up the excellent discussions, it’s very interesting reading especially on some of the more controversial topics.

Thanks to everyone else who commented and thanks for your links and mentions around the blogosphere!

Feel free to share Darknet with everyone you know :)

Keep commenting guys, and stand to win a prize for the month of August!

A mailing address + telephone number will be requested from the winner for the sole purpose of sending out the gifts. The details will not be used from promotional purposes, and will not be sold.

Winner for June 2007 was Daniel with 35 comments.
Winner for July 2007 was backbone with 46 comments.
Winner for August 2007 was TheRealDonQuixote with 53 comments.
Winner for September 2007 was Sandeep Nain with 32 comments.
Winner for October 2007 was dre with 19 comments.
Winner for November 2007 was dirty with 38 comments.
Winner for December 2007 was Sir Henry with 84 comments.
Winner for January 2008 was goodpeople with 66 comments.
Winner for February 2008 was eM3rC with 122 comments.
Winner for March 2008 was Pantagruel with 66 comments.
Winner for April 2008 was fever with 44 comments.
Winner for May 2008 was Bogwitch with 37 comments.
Winner for June 2008 was Navin with 45 comments.

Posted in: Site News

Topic: Site News


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


UK Hacker Gary McKinnon to Fight Extradition

Keep on Guard!


For some of the long time readers, you might remember we’ve been covering the case of the UK Hacker Gary McKinnon for quite some time. The last post was about a year ago though in August 2007 when he Won Right to Lords Appeal Extradition Hearing.

The first post on the case was over 2 years ago in April 2006 when it was found out that British Hacker Gary McKinnon Fears Guantanamo.

Mr McKinnon, 42, first lost his case at the High Court in 2006 before taking it to the highest court in the UK, the House of Lords. He was arrested in 2002 but never charged in the UK.

The US government claims he committed a malicious crime – the biggest military computer hack ever. The authorities have warned that without his co-operation and a guilty plea the case could be treated as terrorism and he could face a long jail sentence.

Mr McKinnon, now living in north London, told BBC Radio 5 Live he was “pretty broken up” by the Law Lords’ ruling, although he had expected the outcome.

He lost the case in Lords’ by the looks of it so now he’s in pretty hot soup. It looks like if he pleads guilty he might get a lot lighter sentence and more lenient treatment.

But that’s what they always say isn’t it? Until you actually say you are guilty then they lock you up for life and throw away the key. He better be careful with whatever he’s planning, very careful indeed.

The Law Lords were told by Mr McKinnon’s lawyers that extraditing him would be an abuse of proceedings.

US authorities had threatened him with a long jail sentence if he did not plead guilty, they said.

If the case was treated as terrorism it could result in a sentence of up to 60 years in a maximum security prison, should he be found guilty on all six indictments.

With co-operation, he would receive a lesser sentence of 37 to 46 months and be repatriated to the UK, where he could be released on parole and charges of “significantly damaging national security” would be dropped.

A Home Office spokesman said Mr McKinnon would have 14 days in which to seek appeal at the European Court of Human Rights.

I don’t think it’s really a human rights case, but then it’s debatable. I think saying it’s terrorism is way out of line though, it’s a guy who did a bit of hacking on the wrong systems…he should pay for it yes, but now with 60 years in a maximum security facility in the US.

Maybe a few months in a UK prison then parole.

Source: BBC News (Thanks razta)

Posted in: Legal Issues

Topic: Legal Issues


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


SIPcrack – SIP Login Dumper & Hash/Password Cracker

Keep on Guard!


SIPcrack is a suite for sniffing and cracking the digest authentication used in the SIP protocol.

The tools offer support for pcap files, wordlists and many more to extract all needed information and bruteforce the passwords for the sniffed accounts.

If you don’t have OpenSSL installed or encounter any building problems try ‘make no-openssl’ to build with integrated MD5 function (which is slower than the OpenSSL implementation).

Usage

Use sipdump to dump SIP digest authentications to a file. If a login is found, the sniffed login is written to the dump file. See ‘sipdump -h’ for options.

Use sipcrack to bruteforce the user password using the dump file generated by sipdump. If a password is found, the sniffed login in the dump file is updated See ‘sipcrack -h’ for options.

You can download SIPcrack here:

SIPcrack-0.3pre.tar.gz

Or read more here.

Posted in: Hacking Tools, Networking Hacking, Password Cracking

Topic: Hacking Tools, Networking Hacking, Password Cracking


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.