Software >> sslstrip This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below. Requirements Python >= 2.5 (apt-get install python) The python "twisted-web" module (apt-get install python-twisted-web) Setup tar zxvf sslstrip-0.9.tar.gz cd sslstrip-0.9 (optional) sudo python . Running sslstrip That should do it. How does this work? First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. At this point, sslstrip receives the traffic and does its magic. Development The current development branch can be found on github.
Strong Random Password Generator Scapy RANDOM.ORG - Password Generator <p style="background-color:#ffff90;padding: 0em .5em 0em .5em;font-size:.9em"><strong>Warning:</strong> Your browser does not support JavaScript – RANDOM.ORG may not work as expected</p> Do you own an iOS or Android device? Check out our app! This form allows you to generate random passwords. The passwords generated by this form are transmitted to your browser securely (via SSL) and are not stored on the RANDOM.ORG server. Need more options?
The Social-Engineer Toolkit (SET) The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two million downloads, SET is the standard for social-engineering penetration tests and supported heavily within the security community. The Social-Engineer Toolkit has over 2 million downloads and is aimed at leveraging advanced technological attacks in a social-engineering type environment. SET is included in the latest version of the most popular Linux distribution focused on security, Back|Track. git clone set/ Below are some videos on SET: Defcon 20 – Owning One to Rule Them All – Dave Kennedy and Dave DeSimone DerbyCon 1 – Adaptive Penetration Testing ft. Defcon 19 – Pentesting over Powerlines The Social-Engineer Toolkit v3.3 release.
John the Ripper password cracker John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. This version integrates lots of contributed patches adding GPU support (OpenCL and CUDA), support for a hundred of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc., and even things such as encrypted OpenSSH private keys, ZIP and RAR archives, PDF files, etc.), as well as some optimizations and features. Unfortunately, its overall quality is lower than the official version's. To verify authenticity and integrity of your John the Ripper downloads, please use our PGP public key. There's a wiki section with John the Ripper user community resources.
Tortilla – Un outil capable de router tout le trafic TCP/IP et DNS d’une machine Windows via TOR Tor est une invention formidable (Et Jacob Appelbaum mériterait bien un prix Nobel tiens...) et qui pourtant, sous Windows est mal exploité. En effet, à part le Tor Bundle (Tor + Firefox), qui permet de surfer de manière anonymisée, il n'existe rien d'autre. Dès qu'on sort d'un navigateur ou d'un logiciel qui supporte nativement les proxys Socks ou HTTP, il n'est plus possible d'utiliser Tor. Il n'est pas possible non plus d'utiliser Flash par exemple puisque ce dernier est un plugin étranger au navigateur... Autre exemple, les chercheurs qui analysent les malwares sous Windows se retrouvent vite dépourvus et leur IP peut rapidement se retrouver aux mains des pirates. Il est bien sûr possible de rerouter tout le trafic d'une machine pour le passer via Tor mais uniquement si on est sous GNU/Linux. C'est pourquoi, Jason Geffner a mis au point un outil qui va permettre de faire transiter par TOR, de manière sécurisée, anonyme et transparente, tout le trafic TCP/IP et DNS d'une machine.
oxid.it - Home Android malware that gives hackers remote control is on rise Remote access tools have long been a major part of targeted hacker attacks on individuals and corporate networks. RATs have been used for everything from hacking the e-mail boxes of New York Times reporters to capturing video and audio of victims over their webcams. Recently, wireless broadband and the power of smartphones and tablets have extended hackers’ reach beyond the desktop. In a blog post yesterday, Symantec Senior Software Engineer Andrea Lelli described the rise of an underground market for malware tools based on Androrat, a remote administration tool that can give an attacker complete control over devices running the Android OS. Androrat was published on GitHub in November 2012 as an open source tool for remote administration of Android devices. Packaged as a standard Android application (in an APK file), Androrat can be installed as a service on the device that launches at start-up or as a standard “activity” application. Hackers have taken Androrat’s code and run with it.
How I Cracked your Windows Password (Part 1) AdvertisementGFI LanGuard your virtual security consultant. Scan your LAN for any vulnerability and automate patch management for Windows, Mac OS & Linux. Get your FREE trial now! How Windows creates and stores password hashes and how those hashes are cracked. If you would like to read the next part in this article series please go to How I Cracked your Windows Password (Part 2). Introduction Passwords tend to be our main and sometimes only line of defense against intruders. The purpose of this article is to educate you on how Windows creates and stores password hashes, and how those hashes are cracked. How Windows Stores Passwords Windows-based computers utilize two methods for the hashing of user passwords, both having drastically different security implications. LM Password Hashes The LM hash of a password is computed using a six-step process: In practice, the password “PassWord123” would be converted as follows: Figure 1: A password transformed into an LM hash NTLM Password Hashes Conclusion
Un outil Android qui aspire les mots de passe des PCs Un outil Android qui aspire les mots de passe des PCs Je vous parlais la dernière fois des prises USB qui pouvaient aspirer le contenu de votre téléphone. Et bien voici un exemple concret de situation inverse, où c'est le téléphone qui pompe les infos de l'ordinateur. Il s'agit d'USBCleaver un outil découvert par F-Secure, qui une fois installé sur un téléphone Android, se permet d'aspirer les mots de passe des navigateurs Firefox, Chrome et Internet Explorer ainsi que les mots de passe wifi et les infos réseau du PC. Vous l'aurez compris, il faut bien évidemment que la machine soit sous Windows et que le téléphone Android soit branché sur le port USB de l'ordinateur pour que cela fonctionne. Cette application ne représente pas un énorme danger puisque sur les machines récentes, l'autorun n'est pas actif et sur les machines plus anciennes, il faut installer les drivers Android pour que le téléphone soit reconnu. L'idée reste sympa quand même. Vous avez aimé cet article ?
How I Cracked your Windows Password (Part 2) If you would like to read the first part in this article series please go to How I Cracked your Windows Password (Part 1). Introduction In the first part of this series we examined password hashes and the mechanisms Windows utilizes to create and store those values. It is always crucial to note that the techniques shown here are strictly for educational purposes and should not be used against systems for which you do not have authorization for. Obtaining Password Hashes In order to crack passwords you must first obtain the hashes stored within the operating system. There are a few different options here depending on the level of access you have to the machine you are auditing. Physical Access If you have physical access, one of the most effective methods is to boot the computer into a different operating system. If you are not quite comfortable doing this, you can use P. Figure 1: Hex output of the SAM hash Console Access Figure 2: Confirmation the Fgdump Utility Ran Correctly Network Access
SSL Survey Netcraft’s SSL Survey examines the use of encrypted transactions on the Web through extensive automated exploration of the internet. Each month it provides timely answers to questions such as: How many companies are doing encrypted transactions over the internet?How many more companies are using SSL compared to the previous 12 months? Who should buy it? Certificate authoritiesServer and hardware accelerator vendorsWeb hosting companiesBanks and financial institutionsSoftware vendors developing for the electronic commerce marketBrokerages, venture capitalists, and fund management firms investing in these companiesLegislators, Government officials, the Military, and Privacy groupsAnyone tracking the growth of ecommerce and encrypted communications on the internet Certificates Authority Share, May 2013 In May 2013, more than one third of all trusted SSL certificates were issued by the market leader, Symantec. Operating system share for SSL sites, to May 2013 What do I get? The analysis includes:
Understanding /etc/shadow file byVivek GiteonFebruary 23, 2006 last updated November 20, 2015 inBASH Shell, CentOS, Debian / Ubuntu, FreeBSD, HP-UX Unix, Linux, RedHat and Friends, Solaris-Unix, Suse, Ubuntu Linux, UNIX, User Management Can you explain /etc/shadow file format used under Linux or UNIX-like system? The /etc/shadow file stores actual password in encrypted format for user’s account with additional properties related to user password i.e. it stores secure user account information. /etc/shadow file fields (Fig.01: /etc/shadow file fields) Username : It is your login name.Password : It is your encrypted password. The last 6 fields provides password aging and account lockout features. How do I change the password? Use the following syntax to change your own password: $ passwd How do I change the password for other users? You must be root to change the password for all other users: # passwd userNameHere OR $ sudo passwd userNameHere How do I setup password again? The options are as follows: Share this tutorial on: