miércoles, 31 de mayo de 2023

Video Archives Of Security Conferences And Workshops


Just some links for your enjoyment

List of security conferences in 2014

Video archives:




AIDE (Appalachian Institute of Digital Evidence)


Blackhat
Botconf
Bsides
Chaos Communication Congress
Defcon
Derbycon
Digital Bond's S4x14
Circle City Con
GrrCON Information Security Summit & Hacker Conference
Hack in the box HITB
InfowarCon
Ruxcon
Shmoocon
ShowMeCon
SkyDogCon
TakeDownCon
Troopers
Heidelberg Germany
Workshops, How-tos, and Demos

Special thanks to  Adrian Crenshaw for his collection of videos
More information
  1. Growth Hacker Tools
  2. Hacker Tools Apk
  3. Best Pentesting Tools 2018
  4. Hacking Tools For Windows
  5. How To Make Hacking Tools
  6. Hacker Tools Linux
  7. Github Hacking Tools
  8. Beginner Hacker Tools
  9. Pentest Tools For Windows
  10. Hacker Tools Software
  11. Pentest Tools Alternative
  12. Pentest Tools Linux
  13. Ethical Hacker Tools
  14. Hack Tools Pc
  15. Hacker Tools For Pc
  16. Hack And Tools
  17. Hacking Tools For Pc
  18. Hack Tools Download
  19. Hacker Hardware Tools
  20. Hacker Tools Software
  21. Blackhat Hacker Tools
  22. Pentest Box Tools Download
  23. Pentest Tools Online
  24. Hacker Tools Linux
  25. Hacking Tools For Pc
  26. Hacking Tools For Pc
  27. Hacker Tools Windows
  28. Hacking Tools Github
  29. Hacker Tools Linux
  30. Hacking Tools Github
  31. Growth Hacker Tools
  32. Pentest Tools For Ubuntu
  33. Hacker Tools Linux
  34. Hacking Tools Mac
  35. Physical Pentest Tools
  36. Pentest Tools Android
  37. Beginner Hacker Tools
  38. Hacking Tools For Windows Free Download
  39. Install Pentest Tools Ubuntu
  40. Hacker Tools Free Download
  41. Hack Tools Mac
  42. Tools For Hacker
  43. Hack Tool Apk
  44. New Hacker Tools
  45. Pentest Tools Framework
  46. Pentest Tools Download
  47. Install Pentest Tools Ubuntu
  48. Pentest Tools Online
  49. Hack Tools Pc
  50. Hacker Tools For Mac
  51. Hacking Tools Mac
  52. Easy Hack Tools
  53. Hacker Tool Kit
  54. Hacker Tools Apk
  55. Pentest Tools Linux
  56. Hack Tool Apk
  57. Hack Tools For Games
  58. Hacking Tools For Mac
  59. Hacking Apps
  60. Pentest Tools Alternative
  61. Nsa Hacker Tools
  62. Hacker Techniques Tools And Incident Handling
  63. Hacking Tools For Kali Linux
  64. Pentest Box Tools Download
  65. Pentest Tools Nmap
  66. Pentest Tools List
  67. Pentest Tools Website
  68. Best Hacking Tools 2020
  69. Hack Tools Pc
  70. Kik Hack Tools
  71. Hack Tools 2019
  72. Pentest Tools Kali Linux
  73. Hacking Tools For Windows Free Download
  74. Github Hacking Tools
  75. Hacking Tools For Pc
  76. Pentest Tools Windows
  77. How To Install Pentest Tools In Ubuntu
  78. Hack Tools Github
  79. Hacker Tools Mac
  80. Pentest Tools Review
  81. Hacking Tools Github
  82. Hacking App
  83. Hacker Tools Software
  84. Hack Tools For Pc
  85. Pentest Tools Linux
  86. Termux Hacking Tools 2019
  87. Github Hacking Tools
  88. Hacker Tools For Mac
  89. Hacking Tools For Kali Linux
  90. Hacking Tools For Pc
  91. Kik Hack Tools
  92. Hacks And Tools
  93. New Hack Tools
  94. Hacker Hardware Tools
  95. Tools 4 Hack
  96. Pentest Tools Apk
  97. Pentest Tools Linux
  98. Hacking Tools Download
  99. Nsa Hack Tools
  100. Hacker Tools Hardware
  101. Android Hack Tools Github
  102. Hacker Security Tools
  103. Pentest Tools Subdomain
  104. Hacking Tools 2019
  105. Hack Tools
  106. Hacking Apps
  107. Hacking Tools Github
  108. Kik Hack Tools
  109. Hack App
  110. Nsa Hack Tools
  111. Hacking Tools Online
  112. Hacking Tools Name
  113. Best Pentesting Tools 2018
  114. Pentest Tools Free
  115. Pentest Tools List
  116. Hack Tools Github
  117. Hack Tools For Ubuntu
  118. Pentest Tools Github
  119. Hacking Tools 2019
  120. Hacker Tools Software
  121. Pentest Box Tools Download
  122. Hack Tools 2019

USE OF CRYPTOGRAPHY IN HACKING

WHAT IS CRYPTOGRAPHY?

The Cryptography is derived from the Greek words "Kryptos". This is the study of secure communication techniques that allow only the sender and recipient of a message to view it's contents of transforming information into nonhuman readable form or vice versa is called cryptography.

As we know that information plays a vital role in running of any business and organizations etc, sensitive details in the wrong hands can leads to loss of business.

Cryptography is the science of ciphering and deciphering messages.To secure communication organizations use cryptology to cipher information .

                            Or

Cryptography is a method of protecting information and communication through the use of codes so that only those whom the information is intended can read and process it.

In Computer Science, Cryptography refers to secure information and communication techniques derived from mathematical concepts , a set of rule based calculations called algorithm to transform message in ways the hard to readable for human.

This is one of the secure way of communications for a hacker with the help of virtual private network(VPN) like Tor Browser which is also very helpful to change the IP Address(Location of the sender ) for illegal purpose to perform crime in cyberspace . I will discuss in brief about the VPN .



How to Encrypt and Decrypt the text in Cryptography?

Open this website with the help of internert surfing for encryption-"http://wwwmd5online.org" 

Open the link for Decrypt the code text-"http://www.md5online.org/md5-decrypt.html"

Type whatever you want for encryption and it will crypt in the code form, copy that code and forward to the intended person whom you want for secure communication and then he/she will Decrypt in the real form.




               
       







Continue reading

Vulcan DoS Vs Akamai

In the past I had to do several DoS security audits, with múltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.

One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.

In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.

There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol

Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.

As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking. 
Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.

I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.

The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.

Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.

And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.

Related links


  1. Hacking Tools Name
  2. Github Hacking Tools
  3. Hacking Tools Github
  4. Hacker Tools Free
  5. How To Make Hacking Tools
  6. Hack And Tools
  7. Hacker Tools Online
  8. Pentest Tools Website
  9. Hacking Tools Windows
  10. Free Pentest Tools For Windows
  11. What Are Hacking Tools
  12. Physical Pentest Tools
  13. Nsa Hacker Tools
  14. Pentest Tools Download
  15. Pentest Tools Port Scanner
  16. Bluetooth Hacking Tools Kali
  17. Pentest Tools Github
  18. What Are Hacking Tools
  19. Hacking Tools Windows
  20. Hacker Tools Windows
  21. Pentest Tools For Android
  22. How To Make Hacking Tools
  23. Tools Used For Hacking
  24. Best Pentesting Tools 2018
  25. Hacker Tools Apk
  26. Hacking Tools Usb
  27. Pentest Tools Apk
  28. Pentest Tools Online
  29. Pentest Tools List
  30. Hacking Tools For Pc
  31. Pentest Tools Framework
  32. Kik Hack Tools
  33. Best Hacking Tools 2020
  34. Pentest Tools Kali Linux
  35. Black Hat Hacker Tools
  36. Hacker Tool Kit
  37. Hacker Tools 2020
  38. Ethical Hacker Tools
  39. Hacking Tools Windows 10
  40. Tools For Hacker
  41. Pentest Tools Bluekeep
  42. Pentest Tools Port Scanner
  43. Hacking Tools Pc
  44. Hack Rom Tools
  45. Wifi Hacker Tools For Windows
  46. Pentest Tools For Windows
  47. Hacking Tools For Mac
  48. Bluetooth Hacking Tools Kali
  49. Hack Tools For Windows
  50. What Is Hacking Tools
  51. Pentest Tools Linux
  52. Hack Tool Apk
  53. Hacking Tools Free Download
  54. Pentest Reporting Tools
  55. Pentest Tools For Android
  56. Ethical Hacker Tools
  57. Pentest Reporting Tools
  58. Hack Tools For Mac
  59. Pentest Tools Kali Linux
  60. Hack Tools For Windows
  61. Hack Tools For Pc
  62. Hacking App
  63. Hacking Tools Windows
  64. Pentest Tools Framework
  65. Hacking Tools Pc
  66. Hacking Tools Windows 10
  67. Hacking Tools Usb
  68. Kik Hack Tools
  69. Hacking Tools Mac
  70. Hacker Techniques Tools And Incident Handling
  71. Hack Tools For Ubuntu
  72. Hacker Tools 2020
  73. Easy Hack Tools
  74. Hackers Toolbox
  75. Hacking Tools For Kali Linux
  76. Termux Hacking Tools 2019
  77. Pentest Tools Android

martes, 30 de mayo de 2023

Hackerhubb.blogspot.com

Hackerhubb.blogspot.comRelated links

Hacking Everything With RF And Software Defined Radio - Part 3


Reversing Device Signals with RFCrack for Red Teaming


This blog was researched and automated by:
@Ficti0n 
@GarrGhar 
Mostly because someone didn't want to pay for a new clicker that was lost LOL

Websites:
Console Cowboys: http://consolecowboys.com 
CC Labs: http://cclabs.io

CC Labs Github for RFCrack Code:
https://github.com/cclabsInc/RFCrack


Contrived Scenario: 

Bob was tasked to break into XYZ  corporation, so he pulled up the facility on google maps to see what the layout was. He was looking for any possible entry paths into the company headquarters. Online maps showed that the whole facility was surrounded by a security access gate. Not much else could be determined remotely so bob decided to take a drive to the facility and get a closer look. 

Bob parked down the street in view of the entry gate. Upon arrival he noted the gate was un-manned and cars were rolling up to the gate typing in an access code or simply driving up to the gate as it opening automatically.  Interestingly there was some kind of wireless technology in use. 

How do we go from watching a car go through a gate, to having a physical device that opens the gate?  

We will take a look at reversing a signal from an actual gate to program a remote with the proper RF signal.  Learning how to perform these steps manually to get a better understanding of how RF remotes work in conjunction with automating processes with RFCrack. 

Items used in this blog: 

Garage Remote Clicker: https://goo.gl/7fDQ2N
YardStick One: https://goo.gl/wd88sr
RTL SDR: https://goo.gl/B5uUAR


 







Walkthrough Video: 




Remotely sniffing signals for later analysis: 

In the the previous blogs, we sniffed signals and replayed them to perform actions. In this blog we are going to take a look at a signal and reverse it to create a physical device that will act as a replacement for the original device. Depending on the scenario this may be a better approach if you plan to enter the facility off hours when there is no signal to capture or you don't want to look suspicious. 

Recon:

Lets first use the scanning functionality in RFCrack to find known frequencies. We need to understand the frequencies that gates usually use. This way we can set our scanner to a limited number of frequencies to rotate through. The smaller rage of frequencies used will provide a better chance of capturing a signal when a car opens the target gate. This would be beneficial if the scanning device is left unattended within a dropbox created with something like a Kali on a Raspberry Pi. One could access it from a good distance away by setting up a wifi hotspot or cellular connection.

Based on research remotes tend to use 315Mhz, 390Mhz, 433Mhz and a few other frequencies. So in our case we will start up RFCrack on those likely used frequencies and just let it run. We can also look up the FCID of our clicker to see what Frequencies manufactures are using. Although not standardized, similar technologies tend to use similar configurations. Below is from the data sheet located at https://fccid.io/HBW7922/Test-Report/test-report-1755584 which indicates that if this gate is compatible with a universal remote it should be using the 300,310, 315, 372, 390 Frequencies. Most notably the 310, 315 and 390 as the others are only on a couple configurations. 




RFCrack Scanning: 

Since the most used ranges are 310, 315, 390 within our universal clicker, lets set RFCrack scanner to rotate through those and scan for signals.  If a number of cars go through the gate and there are no captures we can adjust the scanner later over our wifi connection from a distance. 

Destroy:RFCrack ficti0n$ python RFCrack.py -k -f 310000000 315000000 390000000
Currently Scanning: 310000000 To cancel hit enter and wait a few seconds

Currently Scanning: 315000000 To cancel hit enter and wait a few seconds

Currently Scanning: 390000000 To cancel hit enter and wait a few seconds

e0000000000104007ffe0000003000001f0fffe0fffc01ff803ff007fe0fffc1fff83fff07ffe0007c00000000000000000000000000000000000000000000e0007f037fe007fc00ff801ff07ffe0fffe1fffc3fff0001f00000000000000000000000000000000000000000000003809f641fff801ff003fe00ffc1fff83fff07ffe0fffc000f80000000000000000000000000000000000000000000003c0bff01bdf003fe007fc00ff83fff07ffe0fffc1fff8001f0000000000000000000000000000000000000000000000380000000000000000002007ac115001fff07ffe0fffc000f8000000000000000000000000000000000000000
Currently Scanning: 433000000 To cancel hit enter and wait a few seconds


Example of logging output: 

From the above output you will see that a frequency was found on 390. However, if you had left this running for a few hours you could easily see all of the output in the log file located in your RFCrack/scanning_logs directory.  For example the following captures were found in the log file in an easily parseable format: 

Destroy:RFCrack ficti0n$ cd scanning_logs/
Destroy:scanning_logs ficti0n$ ls
Dec25_14:58:45.log Dec25_21:17:14.log Jan03_20:12:56.log
Destroy:scanning_logs ficti0n$ cat Dec25_21\:17\:14.log
A signal was found on :390000000
c0000000000000000000000000008000000000000ef801fe003fe0fffc1fff83fff07ffe0007c0000000000000000000000000000000000000000000001c0000000000000000050003fe0fbfc1fffc3fff83fff0003e00000000000000000000000000000000000000000000007c1fff83fff003fe007fc00ff83fff07ffe0fffc1fff8001f00000000000000000000000000000000000000000000003e0fffc1fff801ff003fe007fc1fff83fff07ffe0fffc000f80000000000000000000000000000000000000000000001f07ffe0dffc00ff803ff007fe0fffc1fff83fff07ffe0007c000000000000000000000000000000000000000000
A signal was found on :390000000
e0000000000104007ffe0000003000001f0fffe0fffc01ff803ff007fe0fffc1fff83fff07ffe0007c00000000000000000000000000000000000000000000e0007f037fe007fc00ff801ff07ffe0fffe1fffc3fff0001f00000000000000000000000000000000000000000000003809f641fff801ff003fe00ffc1fff83fff07ffe0fffc000f80000000000000000000000000000000000000000000003c0bff01bdf003fe007fc00ff83fff07ffe0fffc1fff8001f0000000000000000000000000000000000000000000000380000000000000000002007ac115001fff07ffe0fffc000f8000000000000000000000000000000000000000



Analyzing the signal to determine toggle switches: 

Ok sweet, now we have a valid signal which will open the gate. Of course we could just replay this and open the gate, but we are going to create a physical device we can pass along to whoever needs entry regardless if they understand RF. No need to fumble around with a computer and look suspicious.  Also replaying a signal with RFCrack is just to easy, nothing new to learn taking the easy route. 

The first thing we are going to do is graph the capture and take a look at the wave pattern it creates. This can give us a lot of clues that might prove beneficial in figuring out the toggle switch pattern found in remotes. There are a few ways we can do this. If you don't have a yardstick at home you can capture the initial signal with your cheap RTL-SDR dongle as we did in the first RF blog. We could then open it in audacity. This signal is shown below. 



Let RFCrack Plot the Signal For you: 

The other option is let RFCrack help you out by taking a signal from the log output above and let RFCrack plot it for you.  This saves time and allows you to use only one piece of hardware for all of the work.  This can easily be done with the following command: 

Destroy:RFCrack ficti0n$ python RFCrack.py -n -g -u 1f0fffe0fffc01ff803ff007fe0fffc1fff83fff07ffe0007c
-n = No yardstick attached
-g = graph a single signal
-u = Use this piece of data




From the graph output we see 2 distinct crest lengths and some junk at either end we can throw away. These 2 unique crests correspond to our toggle switch positions of up/down giving us the following 2 possible scenarios using a 9 toggle switch remote based on the 9 crests above: 

Possible toggle switch scenarios:

  1. down down up up up down down down down
  2. up up down down down up up up up 

Configuring a remote: 

Proper toggle switch configuration allows us to program a universal remote that sends a signal to the gate. However even with the proper toggle switch configuration the remote has many different signals it sends based on the manufacturer or type of signal.  In order to figure out which configuration the gate is using without physically watching the gate open, we will rely on local signal analysis/comparison.  

Programming a remote is done by clicking the device with the proper toggle switch configuration until the gate opens and the correct manufacturer is configured. Since we don't have access to the gate after capturing the initial signal we will instead compare each signal from he remote to the original captured signal. 


Comparing Signals: 

This can be done a few ways, one way is to use an RTLSDR and capture all of the presses followed by visually comparing the output in audacity. Instead I prefer to use one tool and automate this process with RFCrack so that on each click of the device we can compare a signal with the original capture. Since there are multiple signals sent with each click it will analyze all of them and provide a percent likelihood of match of all the signals in that click followed by a comparing the highest % match graph for visual confirmation. If you are seeing a 80-90% match you should have the correct signal match.  

Note:  Not every click will show output as some clicks will be on different frequencies, these don't matter since our recon confirmed the gate is communicating on 390Mhz. 

In order to analyze the signals in real time you will need to open up your clicker and set the proper toggle switch settings followed by setting up a sniffer and live analysis with RFCrack: 

Open up 2 terminals and use the following commands: 

#Setup a sniffer on 390mhz
  Setup sniffer:      python RFCrack.py -k -c -f 390000000.     
#Monitor the log file, and provide the gates original signal
  Setup Analysis:     python RFCrack.py -c -u 1f0fffe0fffc01ff803ff007fe0fffc1fff83fff07ffe0007c -n.  

Cmd switches used
-k = known frequency
-c = compare mode
-f = frequency
-n = no yardstick needed for analysis

Make sure your remote is configured for one of the possible toggle configurations determined above. In the below example I am using the first configuration, any extra toggles left in the down position: (down down up up up down down down down)




Analyze Your Clicks: 

Now with the two terminals open and running click the reset switch to the bottom left and hold till it flashes. Then keep clicking the left button and viewing the output in the sniffing analysis terminal which will provide the comparisons as graphs are loaded to validate the output.  If you click the device and no output is seen, all that means is that the device is communicating on a frequency which we are not listening on.  We don't care about those signals since they don't pertain to our target. 

At around the 11th click you will see high likelihood of a match and a graph which is near identical. A few click outputs are shown below with the graph from the last output with a 97% match.  It will always graph the highest percentage within a click.  Sometimes there will be blank graphs when the data is wacky and doesn't work so well. This is fine since we don't care about wacky data. 

You will notice the previous clicks did not show even close to a match, so its pretty easy to determine which is the right manufacture and setup for your target gate. Now just click the right hand button on the remote and it should be configured with the gates setup even though you are in another location setting up for your test. 

For Visual of the last signal comparison go to ./imageOutput/LiveComparison.png
----------Start Signals In Press--------------
Percent Chance of Match for press is: 0.05
Percent Chance of Match for press is: 0.14
Percent Chance of Match for press is: 0.14
Percent Chance of Match for press is: 0.12
----------End Signals In Press------------
For Visual of the last signal comparison go to ./imageOutput/LiveComparison.png
----------Start Signals In Press--------------
Percent Chance of Match for press is: 0.14
Percent Chance of Match for press is: 0.20
Percent Chance of Match for press is: 0.19
Percent Chance of Match for press is: 0.25
----------End Signals In Press------------
For Visual of the last signal comparison go to ./imageOutput/LiveComparison.png
----------Start Signals In Press--------------
Percent Chance of Match for press is: 0.93
Percent Chance of Match for press is: 0.93
Percent Chance of Match for press is: 0.97
Percent Chance of Match for press is: 0.90
Percent Chance of Match for press is: 0.88
Percent Chance of Match for press is: 0.44
----------End Signals In Press------------
For Visual of the last signal comparison go to ./imageOutput/LiveComparison.png


Graph Comparison Output for 97% Match: 







Conclusion: 


You have now walked through successfully reversing a toggle switch remote for a security gate. You took a raw signal and created a working device using only a Yardstick and RFCrack.  This was just a quick tutorial on leveraging the skillsets you gained in previous blogs in order to learn how to analyze  RF signals within embedded devices. There are many scenarios these same techniques could assist in.  We also covered a few new features in RF crack regarding logging, graphing and comparing signals.  These are just a few of the features which have been added since the initial release. For more info and other features check the wiki. 

Related articles


Archivo del blog

Datos personales