Archive | February, 2011

Penetration Testing Course Pro 1.1 – New Version & New Module

Keep on Guard!


Penetration Testing Course Pro 1.1 release aims at addressing all of the suggestions collected in the first 6 months of activity and adds 1 new module and 50 minutes of video training on Social Engineering Toolkit. As reviewed by us before (eLearnSecurity – Online Penetration Testing Training) this course is becoming a very popular choice for Penetration Testing Training.

eLearnSecurity

In the first 6 months of the course there has been an unexpected success and eCPPT, first born as a proof of attendance of the course, is now in the certification path of a lot of students in 2011 as a preparatory course for more advanced courses.


As for the changes and the additions, as you should know the area of Social Engineering has changed in the last 2-3 years and social networks and the Social Engineer Toolkit have boosted the number of targeted and advanced attacks against people.

Students of eCPPT will now learn everything about SET and will be introduced to Social Engineering with nice real world scenarios and the use of social networking tools for advanced attacks.

The great thing is that the existing students got this update for free and they will continue to get new updated for free until 2.0 release.

The course developers also realized that the most important feature for their students was the opportunity of getting their exam report reviewed by an instructor and to recieve real feedback. So the certification is felt by the student as a final test on the skills acquired as well as yet another opportunity to learn more about the business and professional aspects of being a pentester.

They also have a lot of cool new projects going on under the radar and they will give word soon, through the Darknet community.

Posted in: Advertorial, Hacking News

Topic: Advertorial, Hacking News


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


Proxocket – DLL Proxy For Winsock

Keep on Guard!


Proxocket is a dll proxy project for the main Winsock functions which allows to capture any type of packet and data sent/received by a specific software of your choice and optionally modifying its content or the connect, bind and accept functions through a custom dll very easy to create.

Proxocket handles the following functions for both ws2_32.dll and wsock32.dll:

  • WSAStartup,
  • socket,
  • WSASocketA,
  • WSASocketW,
  • closesocket,
  • connect,
  • WSAConnect,
  • bind,
  • accept,
  • WSAAccept,
  • recv,
  • recvfrom,
  • WSARecv,
  • WSARecvFrom,
  • WSARecvEx,
  • send,
  • sendto,
  • WSASend,
  • & WSASendTo.

It has also specific support for TCP, UDP, ICMP, IGMP and RAW packets with handling of SOCK_STREAM, SOCK_DGRAM and SOCK_RAW on both incoming and outgoing data.

The project is divided in two parts:

  1. monitoring/sniffing: a CAP file in tcpdump format will be generated for any captured packet, this is the default operation
  2. user’s custom manipulation of the captured data: through a custom myproxocket.dll edited and created by the same user is possible to have control over the captured data like creating a rudimental firewall for a specific software or editing the data which will be passed to the main program on the fly or creating a decompressor/decrypter/protocol_analyzer and so on

Read the text file inside for more information and if you want to write a plugin take a look at the source code ofthe myproxocket.c example.

The following are some “example plugins” the author wrote for proxyfying the main program and or doing some things:

NOTE: If you have Vista and the local ws2_32/wsock32 dlls are not loaded try to set the registry key “HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Image File Execution Options\DevOverrideEnable” to 1.
NOTE: The exported functions of myproxocket.dll MUST be declared as CDECL, this is default on Mingw but not on other compilers.
NOTE: Do NOT use Cygwin for compiling the myproxocket plugins.

There’s some good information on how to use Proxocket here.

You can download Proxocket here:

proxocket.zip

Or read more here.

Posted in: Hacking Tools, Networking Hacking, Windows Hacking

Topic: Hacking Tools, Networking Hacking, Windows Hacking


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


Canadian Dating Site PlentyofFish Hacked – Passwords Leaked

Keep on Guard!


Something which caused some kind of stir last week was the hacking of the Canadian dating site PlentyofFish Hacked (sometimes known as PoF) which rose to fame on the Webmaster forums for SEO due to a picture of Markus Frind holding an Adsense cheque for $132,000 for two months earning.

Canadian Dating Site PlentyofFish Hacked - Passwords Leaked


For anyone not familiar with the site, it’s a kind of craigslist for dating – simple oldskool interface, no charges, no premium memberships and finally a place for all the other dating sites to advertise.

PlentyOfFish Hacked – Passwords Leaked in Plain Text

The news started to come out that there were some major flaws in the site and hackers had managed to download the whole member database including plain text passwords as no hashing was using (shocker).

What do you do when you find out that someone has hacked into your Website and possibly stolen the personal information of thousands of users?

If you’re Markus Frind, you email the hacker’s mother.

It’s all part of a bizarre story involving an Argentinian hacker, a Vancouver Website owner, a former Washington Post reporter, threatening phone calls and alleged attempted extortion.

On Sunday night, Mr. Frind, the founder and chief executive of the popular free online dating website PlentyOfFish.com — which is headquartered in Vancouver — posted a note on his personal blog telling a story about how a hacker from Argentina allegedly tapped into the Plenty of Fish database and stole the emails, usernames and passwords of the site’s users.

In the 990-word blog post, Mr Frind details his account of what happened.

Source: Financial Post

Markus Frind went on to rant about the hacker Chris Russo and some kind of extortion scheme that was going on, plus he made some kind of underhanded swipe (which he later took back) that Brian Krebs was involved in it.


This is not a statement from Plentyoffish, I’ll post something in the morning. This is a personal post about what it feels like to be hacked /extorted and the intense pressure and stress you are put under. Not to mention how annoying it is to have someone constantly harassing and trying to scare your wife at all hours of the day. I think a slept a total of 2 hours a night for a week….. Plentyoffish was hacked last week and we believe emails usernames and passwords were downloaded. We have reset all users passwords and closed the security hole that allowed them to enter.

Source: The PoF Blog

Krebs of course also reported on things from his side.

Hackers have breached the database of online dating site PlentyOfFish.com, exposing the personal and password information on nearly 30 million users. In response, the company’s founder has implied that the editor of KrebsOnSecurity.com was involved in an elaborate extortion plot.

Source: Krebs

We at Darknet also received an e-mail from someone identifying himself as Chris Russo last week, the e-mail is reproduced in full below:

E-mail From Chris Russo – PlentyofFish Hacked

From: Chris Russo
Subject: 30,000,000 users exposed on www.plentyoffish.com and a death threat from Mr Markus Frind; please help.

Message Body:
Hi, I’m a security researcher from Buenos Aires, Argentina.

The Last Friday 21 of January, we discovered a vulnerability in PlentyOfFish Hacked exposing users details, including usernames, addresses, phone numbers, real names, email addresses, passwords in plain text, and in most of the cases, PayPal accounts, of more than 28,000,000 (twenty-eight million users). This vulnerability was under active exploitation by hackers.

My team decided to notify about this circumstance to Mr Markus Frind, the founder and CEO of PlentyOfFish Inc. as soon as possible in order to stop any potential damage which could be done, by the exploitation of this vulnerability.

The flaw was reported the same night to Annie Kanciar, his wife, who was very thankful with us and contacted one of their developers in order to inform about this flaw.

The vulnerability was fixed and they remain in contact with us since they were interested in hiring us as security professionals in order to make an analysis of the platforms.

While we were creating the legal documents in order to proceed, Markus Frind got progressively more aggressive and unresponsive with us and told us to speak with their employees, Kate and Jay, because there was a serial killer, murdering people from the website.

We arrange to send the documents about the vulnerability we had found, a business plan, and the CVs of the personnel working with us by Monday 31 of January.

The vulnerability was properly documented by our team, without exposing any confidential user information. This was an error based MSSQL injection, that could allow any attacker to make a full backup of the databases used by the web server, and or gain direct access to the site.

By the nightfall of Sunday 30, Mr Markus Frind sent me an email accusing us to steal his whole user database without a single proof, based on supposed information that “20 employees of him told him”, and a web link from www.freelancers.com asking for users information of POF. Here’s is the email itself:

http://www.freelancer.com/projects/zeesales_929663.html?utm_source=web&utm_medium=twitter

If this data goes public I am going to email every single effected
user on Plentyoffish your phone number, email address and picture.
And tell them you hacked into their accounts.

Then I’m going to sue you In Canada, US and UK and Argentina. I am
going to completely destroy your life, no one is ever going to hire
you for anything again, this isn’t pirate bay and we definately aren’t
fooling around.

Markus.

Right after that, There was 3 phone calls, wich the local police is trying to recover, where he clearly said several times, that my people stole his user database, and he mentioned that there was organized crime or mafias behind sites like the one he runs.

I explained him several times that we were only reporting an error, but he refused to understand and keep accusing us, over the telephone communication he clearly threat me again, saying that he was going to do something, just before mentioning about this criminal organizations.

In conclusion:

Plentyoffish.com exposes 30,000,000 users information, we reported that, and we got in troubles, and threats, directly by his founder Mr Markus Frind.

There’s a video recorded showing the vulnerability itself, and the new’s reporter Brian Krebs verified this vulnerability the last week himself (www.krebsonsecurity.com). All the communications by email are also recorded and stored, in case it’s needed.

In addition, there’s a big chance that there was a real attack on the website, which may put in risk usernames, passwords, full names, email addresses, and financial related information such as PayPal account, credit cards, and others, of millions of users, which Mr Markus Frind refused to advise to their users.

Sincerely yours;
Chris Russo.
from Insilence

for more information:
skype: chrusso99
email: chris.russo99@gmail.com

So, we leave it to your discretion as to what you make of this whole fiasco about the Plenty of Fish password hack.

A similar story would be Cupid Media Hack Exposes 42 Million Passwords In Plain Text.

Posted in: Hacking News

Topic: Hacking News


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


Happy Chinese New Year 2011

Keep on Guard!


To all those celebrate – we wish you a healthy, happy and prosperous new year of the Rabbit.

Happy Chinese New Year 2011

Gong Hey Fat Choy/Gong Xi Fa Cai

Posted in: Site News

Topic: Site News


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


NiX Brute Force – Parallel Log-in Brute Forcing/Password Cracking Tool

Keep on Guard!


NiX Brute Forcer is a tool that uses brute force in parallel to log into a system without having authentication credentials beforehand. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of NiX is to support a variety of services that allow remote authentication such as: MySQL, SSH, FTP, IMAP. It is based on NiX Proxy Checker.

Features

  • Basic Authorization & FORM support in both standard and HTTPS (SSL) mode
  • HTTP/SOCKS 4 and 5 proxy support
  • FORM auto-detection & Manual FORM input configuration.
  • It is multi-threaded
  • Wordlist shuffling via macros
  • Auto-removal of dead or unreliable proxy and when site protection mechanism blocks the proxy
  • Integrated proxy randomization to defeat certain protection mechanisms
  • With Success and Failure Keys results are 99% accurate
  • Advanced coding and timeout settings makes it outperform any other brute forcer

The full changelog including the latest version is here.

You can download NiX Brute Force here:

NIX_BruteForce.bz2

Or read more here.

Posted in: Hacking Tools, Networking Hacking, Password Cracking

Topic: Hacking Tools, Networking Hacking, Password Cracking


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.