viernes, 2 de junio de 2023

Linux/AirDropBot Samples



Malware Must Die:  MMD-0064-2019 - Linux/AirDropBot





Links updated: Jan 19, 2023

Hashes

MD5
SHA256
SHA1
85a8aad8d938c44c3f3f51089a60ec16
1a75642976449d37acd14b19f67ed7d69499c41aa6304e78c7b2d977e0910e37
2f0079bb42d5088f1fec341cb68f15cdd447ac43
2c0afe7b13cdd642336ccc7b3e952d8d
64c0e594d4926a293a1f1771187db8cfb44a0dda80d8b25b4f0c975e1e77745c
fef65085a92654cbcf1e3e0d851c6cda8dd3b03d
94b8337a2d217286775bcc36d9c862d2
71c02b99046c3be12e31577aa6623ce47dfb7f369e67af564d2bd499080c03b6
d5deeb1b61026479acb421583b7b82d09d63e921
417151777eaaccfc62f778d33fd183ff
bf6941e644a430fef43afc749479859665a57b711d5483c2c7072049c7db17b7
f76b9447db23229edae17a3160e04df41bc35a9d
d31f047c125deb4c2f879d88b083b9d5
2785845c97a69e15c9c1535216732a9d24bcf8f7244ce7872a2b0d2d4bcb92c3
4693505ef4c029112c4b85a16762cf90f0d69c15
ff1eb225f31e5c29dde47c147f40627e
f7ab3d315961d84da43f30a186136a56f5aa1e9afe6b56a0d357accd5f0ab81a
d5f2a976b703b5e687ffc58c408e0bc880838ae7
f3aed39202b51afdd1354adc8362d6bf
fa2bc8d988c8dfbdc965f1373bd80e9f5862868397c1bcb5e84b1e9c1756e0e2
31f0bca917cfbffcc126219439d38fe80d5c8460
083a5f463cb84f7ae8868cb2eb6a22eb
d654850f7785a5adb34f0808e2952f66e3784c0a32427fab9e97c75f0a48d9f5
ed4359a2805ce69771253d2257598b5c63c36c8e
9ce4decd27c303a44ab2e187625934f3
a2a245f12ae44cca79f03a465e2dc3dfa222dfcfda1017824b16abf397f16255
710e85ae3d362d3c8f3759319c308ff9b4dcdc86
b6c6c1b2e89de81db8633144f4cb4b7d
2480be0d00193250bc9eb50b35403399ed44f53d5d919600ee5bab14ef769530
ee77141054ac8d2fad062bcd79832b5f481c7dfb
abd5008522f69cca92f8eefeb5f160e2
509299df2f6150f59ed777873d3b7c708587c68a4004b4654a8cf2a640dd50aa
15cf94828c07e080b9c455738f3219859d9ab732
a84bbf660ace4f0159f3d13e058235e9
565deb4b1a7397d2497c75c9635b81d2e3b6427f0c576e5cd3c4224660712b56
c56fea8c1c949394e539d5ab3e3df7dfd329844a
5fec65455bd8c842d672171d475460b6
121c7ebfb99d8ef39f72bf7c787be4c15e2e08b731f01172605a4d34d27f08eb
3b6ca4525c3aad0583400b911b015071a0ea6133
4d3cab2d0c51081e509ad25fbd7ff596
7f71577b63b449c1a9e9aa516fa9e4320fe5f79548a00025a430894a269ab57b
d521f25362791de4d8a82a2683f032c1dd816e74
252e2dfdf04290e7e9fc3c4d61bb3529
834fc5c0ccfde1f3d52d88355717f119221118ee2d26018b417c50d066e9e978
c8f3130e64a6f825b1e97060cf258e9086a2b650
5dcdace449052a596bce05328bd23a3b
22949a7a3424f3b3bdf7d92c5e7a7a0de4eb6bbe9c523d57469944f6a8b1d012
f2c072560559a3f112e2000c8e28ee975b2b9db3
9c66fbe776a97a8613bfa983c7dca149
18c08d3c39170652d4770b2f7785e402b58c1f6c51ba1338be4330498ef268f4
18a99ec770109357d1adbc1c2475b17d4dcca651
59af44a74873ac034bd24ca1c3275af5
1c345b5e7c7fdcc79daa5829e0f93f6ae2646f493ae0ec5e8d66ab84a12a2426
98f789e91809203fbf1b7255bd0579fc86a982ba
9642b8aff1fda24baa6abe0aa8c8b173
98165c65d83fd95379e2e7878ac690c492ac54143d7b12beec525a9d048bedae
bd447e0e77a9192b29da032db8e1216b7b97f9ed
e56cec6001f2f6efc0ad7c2fb840aceb
7a2bf405c5d75e4294c980a26d32e80e108908241751de4c556298826f0960f1
b1c271d11797baac2504916ac80fd9e6fac61973
54d93673f9539f1914008cfe8fd2bbdd
c396a1214956eb35c89b62abc68f7d9e1e5bd0e487f330ed692dd49afed37d5a
72a9b8d499cce2de352644a8ffeb63fd0edd414b
6d202084d4f25a0aa2225589dab536e7
c691fecb7f0d121b5a9b8b807c5767ad17ae3dd9981c47f114d253615d0ef171
a68149c19bfddcdfc537811a3a78cd48c7c74740
cfbf1bd882ae7b87d4b04122d2ab42cb
892986403d33acb57fca1f61fc87d088b721bdd4b8de3cd99942e1735188125b
a067a0cf99650345a32a65f5bc14ab0da97789b6

More articles
  1. Install Pentest Tools Ubuntu
  2. Hack Tools For Ubuntu
  3. Hack Rom Tools
  4. Pentest Tools Apk
  5. Pentest Recon Tools
  6. How To Hack
  7. Hack Tools
  8. Hack And Tools
  9. Nsa Hack Tools Download
  10. Hacking Tools 2019
  11. Android Hack Tools Github
  12. Hack Tools Download
  13. Hacker Tools 2019
  14. Hack Tools Download
  15. Hacks And Tools
  16. Hack Tools Download
  17. Hacker Tools 2019
  18. Pentest Reporting Tools
  19. Hacking Tools Windows
  20. Pentest Recon Tools
  21. Pentest Tools Android
  22. Hack Tools For Windows
  23. Hacker
  24. Hacking Apps
  25. Hacking Tools For Kali Linux
  26. Android Hack Tools Github
  27. Pentest Tools For Windows
  28. Hacker Tools For Windows
  29. Hacking Tools
  30. Hacking Tools Online
  31. Nsa Hacker Tools
  32. Pentest Tools Subdomain
  33. Pentest Recon Tools
  34. Hack Tools Github
  35. What Is Hacking Tools
  36. Hack Rom Tools
  37. Growth Hacker Tools
  38. Hacking Tools Pc
  39. Pentest Tools Website
  40. Hacker Tools List
  41. Bluetooth Hacking Tools Kali
  42. Hack Tools For Ubuntu
  43. Bluetooth Hacking Tools Kali
  44. Hack Tools Download
  45. Hack Tools For Ubuntu
  46. Game Hacking
  47. Hackers Toolbox
  48. Hacking Tools Kit
  49. Hacking Tools Online
  50. Hacking Tools Pc
  51. What Are Hacking Tools
  52. Pentest Tools Nmap
  53. Tools Used For Hacking
  54. Hacker Tools Apk Download
  55. Hacking Tools Online
  56. Hacker Tools Software
  57. Hacker Tools Software
  58. Hacking Tools Windows 10
  59. Hacker Tools 2020
  60. Pentest Tools Android
  61. Hacker Techniques Tools And Incident Handling
  62. Hacker Tools 2020
  63. Hacker Hardware Tools
  64. Termux Hacking Tools 2019
  65. Pentest Tools Kali Linux
  66. Pentest Tools Subdomain
  67. Best Pentesting Tools 2018
  68. Hacking Apps
  69. Hacker Hardware Tools
  70. Hacking Tools For Games
  71. Pentest Recon Tools
  72. Ethical Hacker Tools
  73. Hacking Tools Pc
  74. Hack Tools 2019
  75. Pentest Tools Port Scanner
  76. What Is Hacking Tools
  77. Hacking Tools For Windows Free Download
  78. Pentest Tools
  79. Hacking Tools For Pc
  80. Wifi Hacker Tools For Windows
  81. Game Hacking
  82. Pentest Tools For Ubuntu
  83. Hacker Tool Kit
  84. Pentest Tools For Android
  85. Hack Tools Online
  86. Ethical Hacker Tools
  87. Hack And Tools
  88. Pentest Recon Tools
  89. Hacker Tools Windows
  90. Hacking Tools Windows 10
  91. Top Pentest Tools
  92. Hack Rom Tools
  93. Pentest Tools For Windows
  94. Hacking Tools For Mac
  95. Hack And Tools
  96. Hacking Tools For Windows Free Download
  97. Hacker Tools Software
  98. Hackers Toolbox
  99. Hacking Tools Usb
  100. Install Pentest Tools Ubuntu
  101. Github Hacking Tools
  102. Hack And Tools
  103. Pentest Box Tools Download
  104. Pentest Tools Tcp Port Scanner
  105. Hacker Tools Software
  106. Hacker Tools For Pc
  107. Hacking App
  108. Hacker Search Tools
  109. Pentest Tools Find Subdomains
Publicado por en No hay comentarios:

jueves, 1 de junio de 2023

Recovering Data From An Old Encrypted Time Machine Backup

Recovering data from a backup should be an easy thing to do. At least this is what you expect. Yesterday I had a problem which should have been easy to solve, but it was not. I hope this blog post can help others who face the same problem.


The problem

1. I had an encrypted Time Machine backup which was not used for months
2. This backup was not on an official Apple Time Capsule or on a USB HDD, but on a WD MyCloud NAS
3. I needed files from this backup
4. After running out of time I only had SSH access to the macOS, no GUI

The struggle

By default, Time Machine is one of the best and easiest backup solution I have seen. As long as you stick to the default use case, where you have one active backup disk, life is pink and happy. But this was not my case.

As always, I started to Google what shall I do. One of the first options recommended that I add the backup disk to Time Machine, and it will automagically show the backup snapshots from the old backup. Instead of this, it did not show the old snapshots but started to create a new backup. Panic button has been pressed, backup canceled, back to Google.


Other tutorials recommend to click on the Time Machine icon and pressing alt (Option) key, where I can choose "Browse other backup disks". But this did not list the old Time Machine backup. It did list the backup when selecting disks in Time Machine preferences, but I already tried and failed that way.


YAT (yet another tutorial) recommended to SSH into the NAS, and browse the backup disk, as it is just a simple directory where I can see all the files. But all the files inside where just a bunch of nonsense, no real directory structure.

YAT (yet another tutorial) recommended that I can just easily browse the content of the backup from the Finder by double-clicking on the sparse bundle file. After clicking on it, I can see the disk image on the left part of the Finder, attached as a new disk.
Well, this is true, but because of some bug, when you connect to the Time Capsule, you don't see the sparse bundle file. And I got inconsistent results, for the WD NAS, double-clicking on the sparse bundle did nothing. For the Time Capsule, it did work.
At this point, I had to leave the location where the backup was present, and I only had remote SSH access. You know, if you can't solve a problem, let's complicate things by restrict yourself in solutions.

 Finally, I tried to check out some data forensics blogs, and besides some expensive tools, I could find the solution.

The solution

Finally, a blog post provided the real solution - hdiutil.
The best part of hdiutil is that you can provide the read-only flag to it. This can be very awesome when it comes to forensics acquisition.


To mount any NAS via SMB:
mount_smbfs afp://<username>@<NAS_IP>/<Share_for_backup> /<mountpoint>

To mount a Time Capsule share via AFP:
mount_afp afp://any_username:password@<Time_Capsule_IP>/<Share_for_backup> /<mountpoint>

And finally this command should do the job:
hdiutil attach test.sparsebundle -readonly

It is nice that you can provide read-only parameter.

If the backup was encrypted and you don't want to provide the password in a password prompt, use the following:
printf '%s' 'CorrectHorseBatteryStaple' | hdiutil attach test.sparsebundle -stdinpass -readonly

Note: if you receive the error "resource temporarily unavailable", probably another machine is backing up to the device

And now, you can find your backup disk under /Volumes. Happy restoring!

Probably it would have been quicker to either enable the remote GUI, or to physically travel to the system and login locally, but that would spoil the fun.
Read more

Publicado por en No hay comentarios:

Koppeling - Adaptive DLL Hijacking / Dynamic Export Forwarding


This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking" blog post. I recommend you start there to contextualize this code.

This project is comprised of the following elements:

  • Harness.exe: The "victim" application which is vulnerable to hijacking (static/dynamic)
  • Functions.dll: The "real" library which exposes valid functionality to the harness
  • Theif.dll: The "evil" library which is attempting to gain execution
  • NetClone.exe: A C# application which will clone exports from one DLL to another
  • PyClone.py: A python 3 script which mimics NetClone functionality

The VS solution itself supports 4 build configurations which map to 4 different methods of proxying functionality. This should provide a nice scalable way of demonstrating more techniques in the future.

  • Stc-Forward: Forwards export names during the build process using linker comments
  • Dyn-NetClone: Clones the export table from functions.dll onto theif.dll post-build using NetClone
  • Dyn-PyClone: Clones the export table from functions.dll onto theif.dll post-build using PyClone
  • Dyn-Rebuild: Rebuilds the export table and patches linked import tables post-load to dynamically prepare for function proxying

The goal of each technique is to successfully capture code execution while proxying functionality to the legitimate DLL. Each technique is tested to ensure static and dynamic sink situations are handled. This is by far not every primitive or technique variation. The post above goes into more detail.


Example

Prepare a hijack scenario with an obviously incorrect DLL

> copy C:\windows\system32\whoami.exe .\whoami.exe
        1 file(s) copied.

> copy C:\windows\system32\kernel32.dll .\wkscli.dll
        1 file(s) copied.

Executing in the current configuration should result in an error

> whoami.exe 

"Entry Point Not Found"

Convert kernel32 to proxy functionality for wkscli

> NetClone.exe --target C:\windows\system32\kernel32.dll --reference C:\windows\system32\wkscli.dll --output wkscli.dll
[+] Done.

> whoami.exe
COMPUTER\User

More info


  1. Hack Tools Online
  2. Hack Tools
  3. Hacker Tools Mac
  4. Hacking Tools Pc
  5. Hack Tools Mac
  6. Blackhat Hacker Tools
  7. Pentest Tools Subdomain
  8. Hacking Tools For Pc
  9. How To Make Hacking Tools
  10. Pentest Recon Tools
  11. How To Hack
  12. Pentest Tools Framework
  13. Hacker Tools Free Download
  14. Hacks And Tools
  15. Pentest Tools Bluekeep
  16. Pentest Tools Linux
  17. Hacking Tools Mac
  18. Pentest Tools Bluekeep
  19. Pentest Tools Website Vulnerability
  20. Hak5 Tools
  21. Pentest Tools Url Fuzzer
  22. Hacker Tools For Pc
  23. Hacker Tools Apk
  24. Best Pentesting Tools 2018
  25. Hacks And Tools
  26. Pentest Tools Alternative
  27. Beginner Hacker Tools
  28. Growth Hacker Tools
  29. Hacker Tools Hardware
  30. Hack Tools Download
  31. Hack App
  32. Pentest Tools Android
  33. Hacking Tools
  34. Hacking Tools 2019
  35. Hacking Tools Github
  36. Hacking Tools For Windows 7
  37. Beginner Hacker Tools
  38. What Are Hacking Tools
  39. Hacker Tools Apk
  40. Hack Tools For Ubuntu
  41. New Hack Tools
  42. Hacking Tools Download
  43. Hacking Tools For Pc
  44. Underground Hacker Sites
  45. Pentest Tools Website Vulnerability
  46. Hacking Tools Windows
  47. Pentest Tools Review
  48. Hacker Tools For Ios
  49. Beginner Hacker Tools
  50. Beginner Hacker Tools
  51. How To Hack
  52. Best Hacking Tools 2019
  53. Hacking App
  54. Hacking Tools 2020
  55. Hack Tools
  56. Best Hacking Tools 2020
  57. Hacker Tools For Mac
  58. Hack Tools Pc
  59. Kik Hack Tools
  60. Pentest Tools Website
  61. Underground Hacker Sites
  62. Kik Hack Tools
  63. Pentest Box Tools Download
  64. New Hack Tools
  65. Hacking Tools For Windows Free Download
  66. Hack Apps
  67. Pentest Tools Website Vulnerability
  68. Android Hack Tools Github
  69. Hacking Tools Name
  70. Pentest Tools Download
  71. Underground Hacker Sites
  72. Hacker
  73. Kik Hack Tools
  74. How To Make Hacking Tools
  75. Hack Tools For Games
  76. Hacker Tools For Ios
  77. Nsa Hack Tools
  78. Pentest Tools Free
  79. Nsa Hacker Tools
  80. Nsa Hack Tools Download
  81. Pentest Tools Review
  82. Pentest Tools Url Fuzzer
  83. Hack Tools For Ubuntu
  84. Tools Used For Hacking
  85. Hacking Tools Free Download
  86. Hacker Security Tools
  87. Hacking Tools Github
  88. Pentest Tools Bluekeep
  89. World No 1 Hacker Software
  90. Hacking Tools Free Download
  91. Hacking Tools For Kali Linux
  92. Growth Hacker Tools
  93. Pentest Tools Free
  94. Free Pentest Tools For Windows
  95. Pentest Tools Windows
  96. Hacking Tools Github
  97. Pentest Tools Apk
  98. Ethical Hacker Tools
  99. Hacker Hardware Tools
  100. Hacking Tools For Pc
  101. Pentest Tools Review
  102. Hacking Apps
  103. Hacking Tools Kit
  104. Usb Pentest Tools
  105. Hacking Tools Windows
  106. Tools 4 Hack
  107. Pentest Tools For Ubuntu
  108. Nsa Hacker Tools
  109. Kik Hack Tools
  110. Hacker Tools
  111. Hacking Tools Free Download
  112. Pentest Tools Kali Linux
  113. Hacker Tools 2020
  114. Growth Hacker Tools
  115. Hacking Tools Software
  116. Pentest Tools Apk
  117. Hacker
  118. Pentest Tools Url Fuzzer
  119. Hacking Tools Name
  120. Pentest Tools Find Subdomains
  121. Kik Hack Tools
  122. Hacking Tools For Pc
  123. Hack Tools For Ubuntu
  124. Hacker Tool Kit
  125. Computer Hacker
  126. What Is Hacking Tools
  127. Pentest Tools Url Fuzzer
  128. Hacker Tools Free Download
  129. Hacker Tools Free
  130. Hacking Tools Github
  131. Beginner Hacker Tools
  132. Hack Website Online Tool
  133. Hacking Tools Name
  134. Hacking Tools For Windows Free Download
  135. Usb Pentest Tools
  136. New Hacker Tools
  137. Pentest Recon Tools
  138. Pentest Tools Subdomain
  139. Pentest Tools List
  140. Hacking Tools Mac
  141. Hacking Apps
  142. Hack Tools 2019
  143. Hack Apps
  144. Pentest Tools Alternative
  145. Hack Tools Github
  146. Hacking Tools Usb
  147. Pentest Tools For Windows
  148. Pentest Tools
  149. Nsa Hack Tools Download
  150. Hacking Tools Software
  151. How To Hack
  152. Pentest Tools Alternative
  153. Wifi Hacker Tools For Windows
  154. Hacking Tools For Windows 7
  155. Android Hack Tools Github
  156. Hacker Tools Free
  157. Hacking Tools
  158. New Hacker Tools
  159. Pentest Tools Url Fuzzer
  160. Hacker Tools
  161. Hacking Tools Windows 10
  162. Pentest Tools Framework
Publicado por en No hay comentarios:

BurpSuite Introduction & Installation



What is BurpSuite?
Burp Suite is a Java based Web Penetration Testing framework. It has become an industry standard suite of tools used by information security professionals. Burp Suite helps you identify vulnerabilities and verify attack vectors that are affecting web applications. Because of its popularity and breadth as well as depth of features, we have created this useful page as a collection of Burp Suite knowledge and information.

In its simplest form, Burp Suite can be classified as an Interception Proxy. While browsing their target application, a penetration tester can configure their internet browser to route traffic through the Burp Suite proxy server. Burp Suite then acts as a (sort of) Man In The Middle by capturing and analyzing each request to and from the target web application so that they can be analyzed.











Everyone has their favorite security tools, but when it comes to mobile and web applications I've always found myself looking BurpSuite . It always seems to have everything I need and for folks just getting started with web application testing it can be a challenge putting all of the pieces together. I'm just going to go through the installation to paint a good picture of how to get it up quickly.

BurpSuite is freely available with everything you need to get started and when you're ready to cut the leash, the professional version has some handy tools that can make the whole process a little bit easier. I'll also go through how to install FoxyProxy which makes it much easier to change your proxy setup, but we'll get into that a little later.

Requirements and assumptions:

Mozilla Firefox 3.1 or Later Knowledge of Firefox Add-ons and installation The Java Runtime Environment installed

Download BurpSuite from http://portswigger.net/burp/download.htmland make a note of where you save it.

on for Firefox from   https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/


If this is your first time running the JAR file, it may take a minute or two to load, so be patient and wait.


Video for setup and installation.




You need to install compatible version of java , So that you can run BurpSuite.

More articles


  1. Hacking Tools Usb
  2. Hacker Tools Github
  3. Hacker Tools
  4. Pentest Tools Linux
  5. Hacking Tools Windows
  6. Hacking Tools For Games
  7. Pentest Tools Alternative
  8. Hacking Tools For Beginners
  9. Hacking Tools
  10. Kik Hack Tools
  11. New Hacker Tools
  12. Pentest Tools For Windows
  13. Hacking Tools For Windows
  14. Hack And Tools
  15. Pentest Tools For Windows
  16. Hacker Techniques Tools And Incident Handling
  17. Install Pentest Tools Ubuntu
  18. Hacker Tools Github
  19. Hack Tools
  20. Hacker
  21. Hack Tool Apk No Root
  22. Blackhat Hacker Tools
  23. Pentest Tools For Windows
  24. Hackers Toolbox
  25. Hacker Techniques Tools And Incident Handling
  26. Black Hat Hacker Tools
  27. Physical Pentest Tools
  28. Hacking Tools For Kali Linux
  29. Hacker Tools Apk Download
  30. Hacking Tools Software
  31. Hacker Tools For Windows
  32. Nsa Hack Tools Download
  33. Pentest Tools For Android
  34. Pentest Tools Review
  35. Termux Hacking Tools 2019
  36. Nsa Hack Tools Download
  37. Hacker Tools For Mac
  38. Pentest Tools Alternative
  39. Hacker Tool Kit
  40. Hack Website Online Tool
  41. Hacking Tools For Pc
  42. Hacker Tools
  43. Pentest Tools Port Scanner
  44. Hak5 Tools
  45. Hacking Tools Hardware
  46. Kik Hack Tools
  47. Hack Tools 2019
  48. Hack Tools Download
  49. Hacker Tools For Pc
  50. Install Pentest Tools Ubuntu
  51. Hack Tools
  52. Tools For Hacker
  53. Physical Pentest Tools
  54. Hack Tools For Mac
  55. Hacker Tool Kit
  56. Pentest Tools
  57. Blackhat Hacker Tools
  58. Hack Tools Mac
  59. Hack Tool Apk No Root
  60. Black Hat Hacker Tools
  61. Pentest Tools Find Subdomains
  62. Pentest Tools Review
  63. Hack Tools For Games
  64. Hacking Tools 2019
  65. Pentest Tools Find Subdomains
  66. Hak5 Tools
  67. Termux Hacking Tools 2019
  68. Hacking Tools Windows 10
  69. Hack App
  70. Pentest Tools Download
  71. Pentest Tools Find Subdomains
  72. Hack Website Online Tool
  73. Hacking Tools Software
  74. Pentest Tools Subdomain
  75. Pentest Tools List
  76. Hacker Tools Hardware
  77. Pentest Tools Website
  78. Hacker
  79. Hacker Tools Windows
  80. Growth Hacker Tools
  81. Tools 4 Hack
  82. Hack Tool Apk No Root
  83. Hacking Tools For Windows
Publicado por en No hay comentarios:
Suscribirse a: Entradas (Atom)