Librarian Sues Equifax Over 2017 Data Breach, Wins $600

In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information. But not Jessamyn West. The 49-year-old librarian from a tiny town in Vermont took Equifax to court. And now she’s celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach.

Link: https://krebsonsecurity.com/2018/06/librarian-sues-equifax-over-2017-data-breach-wins-600/

Burpa – A Burp Suite Automation Tool

A Burp Suite Automation Tool With Slack Integration.Requirementsburp-rest-apiBurp Suite ProfessionalslackclientUsage$ python burpa.py -h################################################### __ / /_ __ ___________ ____ _ / __ \/ / / / ___/ __ \/ __ `/ / /_/ / /_/ / / / /_/ / /_/ / /_.___/\__,_/_/ / .___/\__,_/ /_/ burpa version 0.1 / by 0x4D31 ###################################################usage: burpa.py [-h] [-a {scan,proxy-config,stop}] [-pP PROXY_PORT] [-aP API_PORT] [-rT {HTML,XML}] [-r {in-scope,all}] [-sR] [-sAT SLACK_API_TOKEN] [–include-scope [INCLUDE_SCOPE [INCLUDE_SCOPE …]]] [–exclude-scope [EXCLUDE_SCOPE [EXCLUDE_SCOPE …]]] proxy_urlpositional arguments: proxy_url Burp Proxy URLoptional arguments: -h, –help show this help message and exit -a {scan,proxy-config,stop}, –action {scan,proxy-config,stop} -pP PROXY_PORT, –proxy-port PROXY_PORT -aP API_PORT, –api-port API_PORT -rT {HTML,XML}, –report-type {HTML,XML} -r {in-scope,all}, –report {in-scope,all} -sR, –slack-report -sAT SLACK_API_TOKEN, –slack-api-token SLACK_API_TOKEN –include-scope [INCLUDE_SCOPE [INCLUDE_SCOPE …]] –exclude-scope [EXCLUDE_SCOPE [EXCLUDE_SCOPE …]]TEST:$ python burpa.py http://127.0.0.1 –action proxy-config################################################### __ / /_ __ ___________ ____ _ / __ \/ / / / ___/ __ \/ __ `/ / /_/ / /_/ / / / /_/ / /_/ / /_.___/\__,_/_/ / .___/\__,_/ /_/ burpa version 0.1 / by 0x4D31 ###################################################[+] Checking the Burp proxy configuration …[-] Proxy configuration needs to be updated[+] Updating the Burp proxy configuration …[-] Proxy configuration updated$ python burpa.py http://127.0.0.1 –action scan –include-scope http://testasp.vulnweb.com –report in-scope –slack-report################################################### __ / /_ __ ___________ ____ _ / __ \/ / / / ___/ __ \/ __ `/ / /_/ / /_/ / / / /_/ / /_/ / /_.___/\__,_/_/ / .___/\__,_/ /_/ burpa version 0.1 / by 0x4D31 ###################################################[+] Retrieving the Burp proxy history …[-] Found 4 unique targets in proxy history[+] Updating the scope …[-] http://testasp.vulnweb.com included in scope[+] Active scan started …[-] http://testasp.vulnweb.com Added to the scan queue[-] Scan in progress: %100[+] Scan completed[+] Scan issues for http://testasp.vulnweb.com: – Issue: Robots.txt file, Severity: Information – Issue: Cross-domain Referer leakage, Severity: Information – Issue: Cleartext submission of password, Severity: High – Issue: Frameable response (potential Clickjacking), Severity: Information – Issue: Password field with autocomplete enabled, Severity: Low – Issue: Cross-site scripting (reflected), Severity: High – Issue: Unencrypted communications, Severity: Low – Issue: Path-relative style sheet import, Severity: Information – Issue: Cookie without HttpOnly flag set, Severity: Low – Issue: File path traversal, Severity: High – Issue: SQL injection, Severity: High[+] Downloading HTML/XML report for http://testasp.vulnweb.com[-] Scan report saved to /tmp/burp-report_20170807-235135_http-testasp.vulnweb.com.html[+] Burp scan report uploaded to SlackDownload Burpa

Link: http://feedproxy.google.com/~r/PentestTools/~3/rH37EgRftO0/burpa-burp-suite-automation-tool.html

DNSBin – Tool To Test Data Exfiltration Through DNS (RCE and XXE)

DNSBin is a simple tool to test data exfiltration through DNS and help test vulnerability like RCE or XXE when the environment has significant constraint. The project is in two parts, the first one is the web server and it’s component. It offers a basic web UI, for most cases you won’t need more than this. The client part offers a python script which allows data to be transfered in both direction through DNS using the web service.Demohttp://dnsbin.zhack.ca/Setup and installationDNSThe current DNS setup that I have for the demo server is the following one. Do note that I did this with trial and error, so the setup may be overcomplicated or may have issues. If you are more knowledgeable feel free to open an issue.Add a “A" record for the domain "dns1.zhack.ca" that points to "192.99.55.194".Add a "A" record for the domain "ns1.zhack.ca" that points to "192.99.55.194".Add a "NS" record for the domain "d.zhack.ca" with the value "dns1.zhack.ca".Add a "NS" record for the domain "d.zhack.ca" with the value "ns1.zhack.ca".Web HostingIt’s highly recommended to start the DNS receiver and WebSocket endpoint with the Node.JS module "forever".forever start index.jsFor the frontend, the file "index.html" can be hosted on the webserver of your choice. Make sure that the WebSocket URL points to your server.ClientThe client script requires "dnspython" to be installed on both end. Whether you are sending or receiving data, you must first start the script on the machine that’s outside of the restricted zone. The script will provide you with a unique token that you must pass when running the script on the machine that’s inside of the restricted zone.Example sending dataOutside machineecho test12345 | python main.py -f- -d out -t-Inside machinepython main.py -f- -d in -t TOKEN_THE_FIRST_COMMAND_GAVE_YOUExample receiving dataOutside machinepython main.py -f- -d in -t-Inside machineecho test12345 | python main.py -f- -d out -t TOKEN_THE_FIRST_COMMAND_GAVE_YOUDownload DNSBin

Link: http://feedproxy.google.com/~r/PentestTools/~3/8_LkVpF4sSM/dnsbin-tool-to-test-data-exfiltration.html

Detecting Cloned Cards at the ATM, Register

Much of the fraud involving counterfeit credit, ATM debit and retail gift cards relies on the ability of thieves to use cheap, widely available hardware to encode stolen data onto any card’s magnetic stripe. But new research suggests retailers and ATM operators could reliably detect counterfeit cards using a simple technology that flags cards which appear to have been altered by such tools.

Link: https://krebsonsecurity.com/2018/05/detecting-cloned-cards-at-the-atm-register/

Microsoft Patch Tuesday, May 2018 Edition

Microsoft today released a bundle of security updates to fix at least 67 holes in its various Windows operating systems and related software, including one dangerous flaw that Microsoft warns is actively being exploited. Meanwhile, as it usually does on Microsoft’s Patch Tuesday — the second Tuesday of each month — Adobe has a new Flash Player update that addresses a single but critical security weakness.
First, the Flash Tuesday update, which brings Flash Player to v. 29.0.0.171. Some (present company included) would argue that Flash Player is in itself “a single but critical security weakness." Nevertheless, Google Chrome and Internet Explorer/Edge ship with their own versions of Flash, which get updated automatically when new versions of these browsers are made available.

Link: https://krebsonsecurity.com/2018/05/microsoft-patch-tuesday-may-2018-edition/