Introduction
In a previous post, I introduced a Twitter bot called dumpmon which monitors paste sites for account dumps, configuration files, and other information. Since then, I've been monitoring the information that is detected. While you can expect a follow-up post with more dumpmon-filled data soon, this post is about how browsers store passwords.
I mention dumpmon because I have started to run across quite a few pastes like this that appear to be credential logs from malware on infected computers. It got me thinking - I've always considered it best to not have browsers store passwords directly, but why? How easy can it be for malware to pull these passwords off of infected computers? Since sources are a bit tough to find in one place, I've decided to post the results here, as well as show some simple code to extract passwords from each browser's password manager.
Thursday, June 20, 2013
Wednesday, June 5, 2013
Smash the Stack IO Level 4 Writeup
Introduction
It's been a while. I suppose finals, projects, etc. will do that. Anyway, I figured it was time to get back to posting content on here as much as possible - and I have some neat projects underway that I'm excited to share soon. For now, I'll continue the previous series covering the IO wargame on smashthestack.org.
It's been a while. I suppose finals, projects, etc. will do that. Anyway, I figured it was time to get back to posting content on here as much as possible - and I have some neat projects underway that I'm excited to share soon. For now, I'll continue the previous series covering the IO wargame on smashthestack.org.
Thursday, March 28, 2013
Introducing dumpmon: A Twitter-bot that Monitors Paste-Sites for Account/Database Dumps and Other Interesting Content
TL;DR
I created a Twitter-bot which monitors multiple paste sites for different types of content (account/database dumps, network device configuration files, etc.). You can find it on Twitter and on Github.
Introduction
Paste-sites such as Pastebin, Pastie, Slexy, and many others offer users (often anonymously) the ability to upload raw text of their choice. This is helpful in many scenarios, such as sending a crash report to someone or pasting temporary code. However, in addition to some people not being careful with what they upload (leaving passwords and other sensitive data in the text), attackers have been starting to use these sites to share post-compromise data, including user account data, database dumps, URLs of compromised sites, and more.
Since there are so many users uploading text to these sites, it's often difficult to find these interesting files manually. While techniques such as Google Alerts can be applied, the results are often a day or two old and are sometimes deleted. This prompted me to create a tool which monitors these sites in "real-time" (less than a minute of delay for the slowest sites) for specific expressions, and then automatically rank, aggregate, and post these results to Twitter for further analysis. I call this tool DumpMon.
Thursday, March 14, 2013
Installing Kali Linux in a VirtualBox Virtual Machine
Introduction
For years, Backtrack Linux, a penetration testing suite from Offensive Security has been the standard operating system for security testing professionals. However, Offensive Security has just released a new distribution based on Backtrack called Kali Linux which seems to offer quite a few improvements. In a previous post, I showed how to create a Backtrack virtual machine using the open-source virtualization software VirtualBox. I felt it would be helpful to create a similar post showing how to create a Kali Linux virtual machine. The process will be nearly identical, but hopefully will still serve as a useful reference to some. With that being said, let's get started.
For years, Backtrack Linux, a penetration testing suite from Offensive Security has been the standard operating system for security testing professionals. However, Offensive Security has just released a new distribution based on Backtrack called Kali Linux which seems to offer quite a few improvements. In a previous post, I showed how to create a Backtrack virtual machine using the open-source virtualization software VirtualBox. I felt it would be helpful to create a similar post showing how to create a Kali Linux virtual machine. The process will be nearly identical, but hopefully will still serve as a useful reference to some. With that being said, let's get started.
Monday, March 4, 2013
Automatically Enumerating Google API Keys from Github Search
Introduction
Github recently introduced its new and improved search feature. While the improvements make search for content much easier, it has certainly introduced its share of problems as well. This is just another example.
Saturday, January 26, 2013
Wireless "Deauth" Attack using Aireplay-ng, Python, and Scapy
Introduction
A couple of days ago I received my order of a nifty Alfa AWUS036H and decided it'd be a perfect time to explore a few common wireless attacks. This post will explore how to perform a common "Deauthentication Attack" both the "easy" way using a fantastic tool called aireplay-ng, as well as writing our own tool in Python to perform the attack for us using the extremely powerful Scapy module. In this post I won't be going into detail about basic wireless mechanisms, but if you'd like a very comprehensive guide to understanding the topic, I really recommend the Wireless LAN Security and Penetration Testing Megaprimer on SecurityTube. With that said, let's deauth some clients.
A couple of days ago I received my order of a nifty Alfa AWUS036H and decided it'd be a perfect time to explore a few common wireless attacks. This post will explore how to perform a common "Deauthentication Attack" both the "easy" way using a fantastic tool called aireplay-ng, as well as writing our own tool in Python to perform the attack for us using the extremely powerful Scapy module. In this post I won't be going into detail about basic wireless mechanisms, but if you'd like a very comprehensive guide to understanding the topic, I really recommend the Wireless LAN Security and Penetration Testing Megaprimer on SecurityTube. With that said, let's deauth some clients.
Alfa AWUS036H
Thursday, January 10, 2013
Distributed Port Scanning: Creating an Nmap Cluster Using DNmap
When performing a security engagement, the information gathered from port scanning is crucial. However, these scans can take a substantial amount of time when we set a reasonable timeout in an attempt to be thorough. So what happens when we need to scan a large amount of hosts? Say, an entire continent? We need to find a way to distribute the bandwidth load to multiple hosts in parallel. Fortunately, a tool has been developed which will allow us to create and manage a cluster of hosts which each have its own bandwidth dedicated to port scanning.
Subscribe to:
Posts (Atom)