0D1N v2.6 – Web Security Tool To Make Fuzzing At HTTP/S

0d1n is a tool for automating customized attacks against web applications.You can do:Brute force login and passwords in auth formsDirectory disclosure (use PATH list to brute, and find HTTP status code)Test to find SQL Injection and XSS vulnerabilitiesOptions to load ANTI-CSRF token each requestOptions to use random proxy per requestOther functions…Old Versions:http://sourceforge.net/projects/odin-security-tool/files/?source=navbarTo run:require libcurl-dev or libcurl-devel(on rpm linux based)$ git clone https://github.com/CoolerVoid/0d1n/need libcurl to run$ sudo apt-get install libcurl-devif rpm distro$ sudo yum install libcurl-devel$ make$./0d1nRead the docsDownload 0D1N

Link: http://feedproxy.google.com/~r/PentestTools/~3/ioYkysg8i6k/0d1n-v26-web-security-tool-to-make.html

Bitcoin, WikiLeaks, & Julian Assange – Paul’s Security Weekly #600

    In the news, Bitcoin mining ban considered by China’s economic planner, Yahoo strikes $117.5 million data breach settlement, Serious flaws leave WPA3 vulnerable to hacks that steal Wi-Fi passwords, WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy, and How HTML5 Ping Is Used in DDoS Attacks. Paul’s Stories […]
The post Bitcoin, WikiLeaks, & Julian Assange – Paul’s Security Weekly #600 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/faBacxbFmh0/

Apache Bug, Cancer Hack, & Ekran – Hack Naked News #213

    In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code, Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution, Computer virus alters cancer scan images, A Serious Apache server bug gives root to baddies in shared host environments, Cybercrime Groups Are Still Rampant on Facebook, 90% of OT organizations are cyberattack […]
The post Apache Bug, Cancer Hack, & Ekran – Hack Naked News #213 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/ZHFbwDVbHPs/

FFM (Freedom Fighting Mode) – Open Source Hacking Harness

FFM is a hacking harness that you can use during the post-exploitation phase of a red-teaming engagement. The idea of the tool was derived from a 2007 conference from @thegrugq.It was presented at SSTIC 2018 and the accompanying slide deck is available at this url. If you’re not familiar with this class of tools, it is strongly advised to have a look at them to understand what a hacking harness’ purpose is. All the comments are included in the slides.UsageThe goal of a hacking harness is to act as a helper that automates common tasks during the post-exploitation phase, but also safeguards the user against mistakes they may make.It is an instrumentation of the shell. Run ./ffm.py to activate it and you can start working immediately. There are two commands you need to know about:Type !list to display the commands provided by the harness.Type SHIFT+TAB to perform tab completion on the local machine. This may be useful if you’re ssh’d into a remote computer but need to reference a file that’s located on your box.List of featuresThis hacking harness provides a few features that are described below. As they are described, the design philosophy behind the tool will also be introduced. It is not expected that all the commands implemented in FFM will suit you. Everyone has their own way of doing things, and tuning the harness to your specific need is likely to require you to modify some of the code and/or write a few plugins. A lot of effort went into making sure this is a painless task.Commands!os is an extremely simple command that just runs cat /etc/*release* to show what OS the current machine is running. It is probably most valuable as a demonstration that in the context of a hacking harness, you can define aliases that work across machine boundaries. SSH into any computer, type !os and the command will be run. This plugin is located in commands/replacement_commands.py and is a good place to start when you want to learn about writing plugins.!download [remote file] [local path] gets a file from the remote machine and copies it locally through the terminal. This command is a little more complex because more stringent error checking is required but it’s another plugin you can easily read to get started. You can find it in commands/download_file.py. Note that it requires xxd or od on the remote machine to function properly.!upload [local file] [remote path] works exactly the same as the previous command, except that a local file is put on the remote machine.!pty spawns a TTY, which is something you don’t want in most cases because it tends to leave forensics evidence. However, some commands (sudo) or exploits require a TTY to run in so this is provided as a convenience. UNSET HISTFILE is passed to it as soon as it spawns.!py [local script] executes a local Python script on the remote machine, and does so entirely in memory. Check out my other repository for scripts you might want to use. This commands uses a multiline syntax with <<, which means that pseudo-shells that don't support it (Weevely is a good example of that) will break this command quite badly.Plugins can be further configured by editing ffm.conf.ProcessorsConceptually, commands (as described above) are used to generate some bash which is forwarded to the shell. They can perform more complex operations by capturing the shell's output and generating additional instructions based on what is returned. Processors are a little different as they are rather used to rewrite data circulating between the user and the underlying bash process. While it is true that any processor could be rewritten as a command, it seemed a little cleaner to separate the two. Input processors work on whatever is typed by the user once they press the ENTER key, and output processors can modify anything returned by the shell.A good processor example can be found in processors/ssh_command_line.py. All it does is add the -T option to any SSH command it sees if it is missing. Be sure to check out its simple code if you are interested in writing a processor.Another input processor present in the framework, processors/assert_torify.py, contains a blacklist of networking commands (ssh, nc) and blocks them if they don't seem to be proxied through a tool such as torify. The harness does its best to only bother the user if it seems like the command is being run on the local machine. Obviously this should not be your only safeguard against leaking your home IP address.Finally, processors/sample_output_processor.py is a very simple output processor that highlights in red any occurrence of the word "password". As it's quite useless, it's not enabled in the framework but you can still use it as a starting point if you want to do something more sophisticated.Known issuesCTRL+R is not implemented yet and we all miss it dearly.There is currently no way to run ELFs in memory on a remote machine. This is high on the ToDo list.More problematic is the fact that the framework hangs from time to time. In 99% of the cases, this happens when it fails to detect that a command it launched has finished running. Usually, this means that the command prompt of the machine you're logged into could not be recognized as such. In that case, you can try improving the regular expression located at the very beginning of the file ffm.py, or log into that same machine with ssh -T as there won't be any problematic prompt anymore. By default, FFM will give up on trying to read the output of a command after 5 minutes (some plugins may implement different timeouts); so if the framework hangs, you'll need to wait until you see an error message (though if the underlying process is still running, you may still not be able to type in commands).Closing statementI think I've covered everything about this tool. Again, it's a little different from what I usually release as most people will probably need to modify it before it can be valuable to them.Many plugins have yet to be written, so be sure to share back any improvements you make to FFM. Feel free to open issues not only for bugs, but also if you're trying to do something and can't figure out how; this way I'll be able to improve the documentation for everyone.Download FFM

Link: http://www.kitploit.com/2019/03/ffm-freedom-fighting-mode-open-source.html

OceanLotus, Russia, & Google – Paul’s Security Weekly #599

    In the Security News, Attackers exploiting IMAP to bypass MFA on O365 and G-Suite accounts, Vietnam’s OceanLotus Group Ramps up hacking car companies, UC Browser violates Google Play Store Rules, & how Russia is spoofing GPS Signals on a massive scale! Paul’s Stories Algorithms can now find bugs in computer chips before they […]
The post OceanLotus, Russia, & Google – Paul’s Security Weekly #599 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/2aA2ZuayvmQ/

Mary Beth Borgwing, Cyber Social Club – Paul’s Security Weekly #599

This week, we welcome back Mary Beth Borgwing, President and Founder of of the Cyber Social Club, to talk about Uniting Women in Cyber! Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts             Announcements We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and […]
The post Mary Beth Borgwing, Cyber Social Club – Paul’s Security Weekly #599 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/CXN5qcvEXb0/

ASUS, Microsoft, & Tesla – Hack Naked News #212

    Zero-Days in Counter Strike client could be used to build a major botnet, huge aluminum plants hit by ‘severe’ ransomware attack, Myspace loses 50 million songs in server migration, wifi signals can reveal your password, and PuTTY in your hands: an SSH client gets patched after RSA key exchange memory vulnerability was spotted! […]
The post ASUS, Microsoft, & Tesla – Hack Naked News #212 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/VrsX9vpaVWg/

Android Q, Sirens, & Korean Hotels – Paul’s Security Weekly #598

    In the Security News, how Android Q will come with improved privacy protections, hacked tornado sirens taken offline ahead of a major storm, and how Putty released an update that fixed 8 new security flaws! Paul’s Stories Defining Your Top Security Metrics – Security Boulevard OSSEC Conference 2019 Wrap-Up | /dev/random Libssh Releases […]
The post Android Q, Sirens, & Korean Hotels – Paul’s Security Weekly #598 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/9Z-cnbM1tgE/

Marcus Carey, Tribe of Hackers – Paul’s Security Weekly #598

Marcus Carey is the Founder & CEO at Threatcare. Navy Cryptologist turned cybersecurity entrepreneur, Marcus Carey is Currently working as founder and CEO of cybersecurity company Threatcare. He joins us talk about the book that he Co-Authored, “Tribe of Hackers”! Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts             […]
The post Marcus Carey, Tribe of Hackers – Paul’s Security Weekly #598 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/HqsMt0vSu38/

Malware Sandboxing, VMRay – Paul’s Security Weekly #597

We interview Carsten Williams, Co-Founder and CEO at VMRay, discussing malware sandboxing! Carsten is the original developer of CWSandbox, a commercial malware analysis suite that was later renamed to GFI Sandbox, and now Threat Analyzer by ThreatTrack Security. To learn more about VMRay, visit: https://securityweekly.com/vmray Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts   […]
The post Malware Sandboxing, VMRay – Paul’s Security Weekly #597 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/k2mpcm7ZW5k/