"Wii" Are Getting Fit!: June 2020

Tuesday, June 30, 2020

Ethical hacking : Top 10 best websites to learn hacking 2018

Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
SecTools.Org: List of 75 security tools based on a 2003 vote by hackers.
The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
Phrack Magazine: Digital hacking magazine.
Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.

Thursday, June 11, 2020

Amnesia / Radiation Linux Botnet Targeting Remote Code Execution In CCTV DVR Samples

Reference

Amnesia / Radiation botnet samples targeting Remote Code Execution in CCTV DVR

2017-04-06 Palo Alto Unit 42. New IoT/Linux Malware Targets DVRs, Forms Botnet

2016-08-11 CyberX Radiation IoT Cybersecurity campaign

Download

Other malware

Download. Email me if you need the password (see in my profile)

Hashes

MD5	SHA256	SHA1
74bf554c4bc30d172cf1d73ac553d766	06d30ba7c96dcaa87ac584c59748708205e813a4dffa7568c1befa52ae5f0374	3c40221177383da576b11a0b3f6b35d68a9cde74
5dd9056e5ab6a92e61822b6c04afd346	10aa7b3863f34d340f960b89e64319186b6ffb5d2f86bf0da3f05e7dbc5d9653	c865dd67853a24fd86ef74b05140827c1d5fd0bd
2b486466f4d3e30f7b22d0bc76cb68f9	175fe89bbc8e44d45f4d86e0d96288e1e868524efa260ff07cb63194d04ea575	ed62f6d1588bea33c20ababb42c02662d93d6015
3411bb2965f4c3d52c650aff04f48e52	1d8bc81acbba0fc56605f60f5a47743491d48dab43b97a40d4a7f6c21caca12a	1e0281178b4a9d8dec74f50a7850867c87837435
34f915ac414e9aad2859217169f9a3aa	2f9cd1d07c535aae41d5eed1f8851855b95b5b38fb6fe139b5f1ce43ed22df22	d66f1e47c983a8d30ad7fd30cd08db8cd29a92b0
59e08f2ce1c3e55e2493baf36c1ad3c6	327f24121d25ca818cf8414c1cc704c3004ae63a65a9128e283d64be03cdd42e	90d45b81e9a97ddcc9911122f4e8fd439ccc8fa9
f4bc173bf80d922da4e755896af0db61	37b2b33a8e344efcaca0abe56c6163ae64026ccef65278b232a9170ada1972af	fab32f8c3ce3a837e80a1d98ada41a5bf39b01e7
a253273e922ce93e2746a9791798e3fe	3a595e7cc8e32071781e36bbbb680d8578ea307404ec07e3a78a030574da8f96	99cfdec405f6a9f43d58b1856fce7ca3445395d3
335e322c56278e258e4d7b5e17ad98e6	4313af898c5e15a68616f8c40e8c7408f39e0996a9e4cc3e22e27e7aeb2f8d54	504022707609a0fec9cbb21005cb0875be2a4726
93522e5f361a051f568bd1d74d901d30	46ea20e3cf34d1d4cdfd797632c47396d9bdc568a75d550d208b91caa7d43a9b	e7fc96b2a92888572de2539f227c9a6625449f83
c86af536d87c1e5745e7d8c9f44fd25d	4b0feb1dd459ade96297b361c69690ff69e97ca6ee5710c3dc6a030261ba69e0	6ef69a683913ae650634aedc40af8d595c45cb4f
90c7c5e257c95047dbf52bbfbe011fd6	4db9924decd3e578a6b7ed7476e499f8ed792202499b360204d6f5b807f881b8	1c3a9be6ae9300aaad00fb87d5407ed6e84ec80b
7c0528e54b086e5455ef92218ea23d03	5e6896b39c57d9609dc1285929b746b06e070886809692a4ac37f9e1b53b250c	868abc912ff2fdcd733ff1da87e48e7d4c288a73
6405b42d2c7e42244ac73695bb7bfe6b	64f03fff3ed6206337332a05ab9a84282f85a105432a3792e20711b920124707	173aca65181c8da84e062c803a43a404ad49302d
6441157813de77d9849da5db9987d0bb	6b2885a4f8c9d84e5dc49830abf7b1edbf1b458d8b9d2bafb680370106f93bc3	92dff9bdb31d3b9480d9e5f72a307715859dd094
614ea66b907314398cc14b3d2fdebe79	6b29b65c3886b6734df788cfc6628fbee4ce8921e3c0e8fc017e4dea2da0fd0b	c7e71c42d391f9c69375505dbf3767ba967f9103
00fe3120a666a85b84500ded1af8fb61	885dce73237c4d7b4d481460baffbd5694ab671197e8c285d53b551f893d6c09	342ed67e08d16ab982a4012fcecdca060a5da46b
5477de039f7838dea20d3be1ae249fcb	886136558ec806da5e70369ee22631bfb7fa06c27d16c987b6f6680423bc84b0	5b19202b45e5a58cadec8c2efa40fd924b64177d
91bf10249c5d98ea6ae11f17b6ef0970	8f57ec9dfba8cf181a723a6ac2f5a7f50b4550dd33a34637cf0f302c43fd0243	682dab9ec3ff0b629cce4e16c9c74171dd2551d4
fb0a7e12d2861e8512a38a6cdef3ddf0	9351ee0364bdbb5b2ff7825699e1b1ee319b600ea0726fd9bb56d0bd6c6670cb	c077c490bb22df9886475dc5bedfc6c032061024
9b7f5a1228fa66cbd35e75fb774fdc8e	9c7a5239601a361b67b1aa3f19b462fd894402846f635550a1d63bee75eab0a2	ae89bc6c5cc1818b3136a40961462327c3dececc
5b97d54dc5001eb7cf238292405070a6	a010bf82e2c32cba896e04ec8dbff58e32eee9391f6986ab22c612165dad36a0	96d2194f5f3927de75605f6ca6110fe683383a01
642f523bb46c2e901416047dca1c5d4e	ad65c9937a376d9a53168e197d142eb27f04409432c387920c2ecfd7a0b941c8	bbf667213a446bc9bc4a5a2e54e7391752e3a9b8
c617655312c573ecb01d292b320fff2e	aeb480cf01696b7563580b77605558f9474c34d323b05e5e47bf43ff16b67d6a	de102a6f35e08f18aa0c58358f5b22871eb0a45f
c8835a3d385162ae02bd4cb6c5ebac87	b113ec41cc2fd9be9ac712410b9fd3854d7d5ad2dcaac33af2701102382d5815	831eb9cf0dcd57a879c04830e54a3b85fe5d6229
1497740fa8920e4af6aa981a5b405937	b13014435108b34bb7cbcef75c4ef00429b440a2adf22976c31a1645af531252	8d6b90f0b88b1ad5dcc87d377e6a82dc6ac64211
5e925e315ff7a69c2f2cf1556423d5af	b3d0d0e2144bd1ddd27843ef65a2fce382f6d590a8fee286fda49f8074711545	64fe900b3a2b030c28211404afa45703c6869dea
951ec487fb3fece58234677d7fe3e4dc	bdefa773e3f09cdc409f03a09a3982f917a0cc656b306f0ece3dd1a2564a8772	0b03d9471522590530dd90ad30b2d235ec98b578
3e84998197fc25cbac57870e3cdeb2de	c03b403d5de9778a2ec5949d869281f13976c2fc5b071e0f5f54277680c80902	0b9eb6d931dc6b226a913e89bb422f58228de0d0
c3a73d24df62057e299b6af183889e6b	cb2382b818993ef6b8c738618cc74a39ecab243302e13fdddb02943d5ba79483	6a683ef6f7653e5ee64969cbbbe4403601ae9ded
d428f50a0f8cd57b0d8fe818ace6af20	ce61dcfc3419ddef25e61b6d30da643a1213aa725d579221f7c2edef40ca2db3	9bd832256b94e43546dfb77532f6d70fcd1ce874
e1d6d4564b35bb19d2b85ca620d7b8f2	d0bda184dfa31018fe999dfd9e1f99ca0ef502296c2cccf454dde30e5d3a9df9	c1af00d3263893b5d23dbf38015fe3c6a92cefaf
e9502ae7b0048b9ea25dd7537818904c	e7d6b3e1fba8cdf2f490031e8eb24cd515a30808cdd4aa15c2a41aa0016f8082	0e080ac0130ab3f7265df01b8397e4abd13c38cb
8eb34e1fb7dd9d9f0e1fef2803812759	eb54dc959b3cc03fbd285cef9300c3cd2b7fe86b4adeb5ca7b098f90abb55b8a	5310a99f0f8c92bfa2f8da87e60c645f2cae305a
ca0fc25ce066498031dc4ca3f72de4b8	f23fecbb7386a2aa096819d857a48b853095a86c011d454da1fb8e862f2b4583	7f4d97eea294fc567b058b09cc915be56c2a80e1
5a2fcfff8d6aab9a0abe9ca97f6093ed	f6af2fa4f987df773d37d9bb44841a720817ce3817dbf1e983650b5af9295a16	f4ddf49fbf23edb23f50be62637a4a688e352057
ed98e8fa385b39ca274e0de17b1007e6	f7a737cb73802d54f7758afe4f9d0a7d2ea7fda4240904c0a79abae732605729	a69d4c2b88bfe3a06245f8fbfb8abe5e9a894cec
320db5f1230fcfe0672c8515eb9ddcfc	f7cf1e0d7756d1874630d0d697c3b0f3df0632500cff1845b6308b11059deb07	8d40dbf34a02dd43a81e5cdc58a0b11bfa9f5663
18d6af9211d0477f9251cf9524f898f3	f97848514b63e9d655a5d554e62f9e102eb477c5767638eeec9efd5c6ad443d8	b0e76be186fd609d5a8a33d59d16ffa3bdab1573

Linux.Agent Malware Sample - Data Stealer

Research: SentinelOne, Tim Strazzere Hiding in plain sight?
Sample credit: Tim Strazzere

List of files

9f7ead4a7e9412225be540c30e04bf98dbd69f62b8910877f0f33057ca153b65 malware
d507119f6684c2d978129542f632346774fa2e96cf76fa77f377d130463e9c2c malware
fddb36800fbd0a9c9bfffb22ce7eacbccecd1c26b0d3fb3560da5e9ed97ec14c script.decompiled-pretty
ec5d4f90c91273b3794814be6b6257523d5300c28a492093e4fa1743291858dc script.decompiled-raw
4d46893167464852455fce9829d4f9fcf3cce171c6f1a9c70ee133f225444d37 script.dumped

malware_a3dad000efa7d14c236c8018ad110144
malware fcbfb234b912c84e052a4a393c516c78
script.decompiled-pretty aab8ea012eafddabcdeee115ecc0e9b5
script.decompiled-raw ae0ea319de60dae6d3e0e58265e0cfcc
script.dumped b30df2e63bd4f35a32f9ea9b23a6f9e7

Download

Download. Email me if you need the password

Continue reading

Learning Web Pentesting With DVWA Part 2: SQL Injection

In the last article Learning Web Pentesting With DVWA Part 1: Installation, you were given a glimpse of SQL injection when we installed the DVWA app. In this article we will explain what we did at the end of that article and much more.

Lets start by defining what SQL injection is, OWASP defines it as: "A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands."

Which basically means that we can use a simple (vulnerable) input field in our web application to get information from the database of the server which hosts the web application. We can command and control (at certain times) the database of the web application or even the server.

In this article we are going to perform SQL injection attack on DVWA, so let's jump in. On the DVWA welcome page click on SQL Injection navigation link. We are presented with a page with an input field for User ID.

Now lets try to input a value like 1 in the input field. We can see a response from server telling us the firstname and surname of the user associated with User ID 1.

If we try to enter a user id which doesn't exist, we get no data back from the server. To determine whether an input field is vulnerable to SQL injection, we first start by sending a single quote (') as input. Which returns an SQL error.

We saw this in the previous article and we also talked about injection point in it. Before diving deeper into how this vulnerability can be exploited lets try to understand how this error might have occurred. Lets try to build the SQL query that the server might be trying to execute. Say the query looks something like this:

SELECT first_name, sur_name FROM users WHERE user_id = '1';

The 1 in this query is the value supplied by the user in the User ID input field. When we input a single quote in the User ID input field, the query looks like this:

SELECT first_name, sur_name FROM users WHERE user_id = ''';

The quotes around the input provided in the User ID input field are from the server side application code. The error is due to the extra single quote present in the query. Now if we specify a comment after the single quote like this:
'-- -
or
'#
we should get no error. Now our crafted query looks like this:

SELECT first_name, sur_name FROM users WHERE user_id = ''-- -';

SELECT first_name, sur_name FROM users WHERE user_id = ''#';

since everything after the # or -- - are commented out, the query will ignore the extra single quote added by the server side app and whatever comes after it and will not generate any error. However the query returns nothing because we specified nothing ('') as the user_id.

After knowing how things might be working on the server side, we will start to attack the application.
First of all we will try to determine the number of columns that the query outputs because if we try a query which will output the number of columns greater or smaller than what the original query outputs then our query is going to get an error. So we will first figure out the exact number of columns that the query outputs and we will do that with the help of order by sql statement like this:

' order by 1-- -

This MySQL server might execute the query as:

SELECT first_name, sur_name FROM users WHERE user_id = '' order by 1-- -';

you get the idea now.
if we don't get any error message, we will increase the number to 2 like this:

' order by 2-- -

still no error message, lets add another:

' order by 3-- -

and there we go we have an error message. Which tells us the number of columns that the server query selects is 2 because it erred out at 3.

Now lets use the union select SQL statement to get information about the database itself.

' union select null, version()-- -

You should first understand what a union select statement does and only then can you understand what we are doing here. You can read about it here.
We have used null as one column since we need to match the number of columns from the server query which is two. null will act as a dummy column here which will give no output and the second column which in our case here is the version() command will output the database version. Notice the output from the application, nothing is shown for First name since we specified null for it and the maria db version will be displayed in Surname.
Now lets check who the database user is using the user() function of mariadb:

' union select null, user()-- -

After clicking the submit button you should be able to see the user of the database in surname.

Now lets get some information about the databases in the database.
Lets determine the names of databases from INFORMATION_SCHEMA.SCHEMATA by entering following input in the User ID field:

' union select null, SCHEMA_NAME from INFORMATION_SCHEMA.SCHEMATA-- -

This lists two databases dvwa and information_schema. information_schema is the built in database. Lets look at the dvwa database.
Get table names for dvwa database from INFORMATION_SCHEMA.TABLES

' union select null, TABLE_NAME from INFORMATION_SCHEMA.TABLES-- -

It gives a huge number of tables that are present in dvwa database. But what we are really interested in is the users table as it is most likely to contain user passwords. But first we need to determine columns of that table and we will do that by querying INFORMATION_SCHEMA.COLUMNS like this:

' union select null, COLUMN_NAME from INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = 'users'-- -

We can see the password column in the output now lets get those passwords:

' union select user, password from users-- -

Of-course those are the hashes and not plain text passwords. You need to crack them.
Hope you learned something about SQL injection in this article. See you next time.

References:

1. SQL Injection: https://owasp.org/www-community/attacks/SQL_Injection
2. MySQL UNION: https://www.mysqltutorial.org/sql-union-mysql.aspx
3. Chapter 25 INFORMATION_SCHEMA Tables: https://dev.mysql.com/doc/refman/8.0/en/information-schema.html

More info

How To Fetch Data From The Database | Tutorial 4

Welcome to my another PHP and MYSQL tutorial. In the previous I've discussed about the data insertion into database by using PHP and MYSQL. So i did successfully in the previous video.

In this video tutorial I'll discuss How to fetch data from the database called as data fetching. It's really a simple thing to access your data which is in database. You just have to do a little work for this. For fetching data you have follow some steps.

How to Fetch Data from Database

Step 1:

Make a connection with your database which i did in the previous blog.

Step 2:

If you wanna fetching a values in "form" or in a table so just have to create a form, table or whatever you want in HTML. I've created a table where I'll show you how to fetch data in table form.

Step 3:

Write a query SELECT * FROM table_Name;

Step 4:

Create a Loop for fetching all the data on a single click.

Step 5:

Create variables for the sake of storing a different values from the combined values in the loop variable like:

//while loop to fetch all the values from the database and stored in the variable named "row".

while($row = mysql_fetch_array(mysql_query($conn,$query))){

$name = $row['username']; //$name will save all the username values from the loop variable 'row'.

$pass = $row['password']; //$pass will save the password values from the loop variable 'row'.

}

Now watch the video for better understanding.

"Wii" Are Getting Fit!