How To Protecting Critical DNS Infrastructure Against Attack

How To Protecting Critical DNS Infrastructure Against Attack

DNS is a critical infrastructure of the Internet as every web transaction involves a DNS service provided by an ISP.

What is DNS DDOS Attack?
A DNS amplification attack is a reflection-based distributed denial of service (DDos) attack. Here attacker can sends a DNS lookup request by using the spoofed IP address to the vulnerable DNS servers. This is most popular attack in the history

This white paper outlines the recent DDoS attacks on DNS services and challenges of mitigating those attacks.

Learn how:

• DNS DDoS attacks take advantage of weaknesses in the DNS protocol
• Attackers launch a high bandwidth sophisticated attack on their victim
• Attackers use amplification effect
• Securing DNS service requires rethinking on perimeter security with dedicated tools to identify and mitigate these new breed of attacks on DNS services.

You can download this book as free offered by Radware Inc.

Download Now

BTS PenTesting Lab - Open Source vulnerable Web Application Platform

BTS PenTesting Lab - Open Source vulnerable Web Application Platform.

Are you a Penetration Tester, an Information Security Specialist and/or simply a Learner in Cyber Security?

This might be the right Pentesting Platform for perform your Penetratration Tests and Upgrade your Skillz! This is BTS Pentesting Lab an Open Source vulnerable Web Application Platform developed by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to perform and learn all about many different types of web application vulnerabilities.

Currently, the App Contains the following Types of Vulnerabilities:

*SQL Injection

*XSS (includes Flash Based xss)

*CSRF

*Clickjacking

*SSRF

*File Inclusion

* Code Execution

*Insecure Direct Object Reference

*Unrestricted File Upload vulnerability

*Open URL Redirection

*Server Side Includes(SSI) Injection

 and more...

Direct Download Link:

-) Download

More details are available here:

-) https://www.owasp.org/index.php/Top_10_2013-Top_10

-) http://sourceforge.net/projects/btslab/

About the Author :
Christian Galeone is a Cyber Security Researcher from Italy, he's currently studying to I.I.S.S. Marco Polo ( Vocational Technical Institute | Vo-Tech ) attending the IT Programming Class.
He has been Acknowledged by the TOP 5 Companies including Yahoo!, Microsoft, AT&T, Sony etc.  He is currently working with HOC as author of Cyber Security & Critical Tools Research Articles.

Use Jack For ClickJacking Development Assistance Tool

Use Jack For ClickJacking Development Assistance Tool.

Clickjacking POC development tool. Jack is a static HTML and JavaScript web-based tool. To get Jack up and running, serve the index.html file in a manner of your choice and ClickJack away. Be sure to check your browser settings when PoC'ing HTTPS based targets as most browsers will not allow embedding HTTPS resources into iFrames.

Download 

Exploiting CISCO Linksys Router WAG200G

Exploiting CISCO Router... Linksys WAG200G!

If you think that your Router can't be locally exploited, i will give you a hit!.

The OLD Modems can be easily exploited such as mine (Linksys WAG200G).

I've found this Great Exploit (valid also for other CISCO/Linksys Routers) developed by Eloi Vanderbeken :D

Let's now see what can we do with it!:

PoC Tool Link:

https://github.com/elvanderb/TCP-32764/archive/master.zip

How it works?

First of all we need thus Requirement(s):

Python (for run the Script) & ZenMap (for do a quick Scan of our open ports!)

After we have them into our System, we can run ZenMap Port Scanning tool using the following Command:

nmap -p 1-32764 192.168.1.1

We can see that (after a while...) for thus who has this Router the Vulnerable Port :32764 will comes up as:

"Unknown Service"

Okay, now let's run the PoC.py Script using the following Command:

PoC.py Command:

--ip 192.168.1.1 --get_credentials

With this command you will be able to gather your Router Credentials without need to change the Password or having a direct access into it! (Good for *geek kids* that would have an access to teh internet when their parents blocks it!.)

But...you can do even more than discover your Router Credentials!

Into the PoC.py Command Script, there's an option for enter directly into the Shell of our Local Target!

You can use this string (into the PoC.py Script):

--ip 192.168.1.1 --shell

This is our Result!

After we are inside it, of course, we can also deface it.

What can i say... HAPPY HACKING! ;-)

POC Video:




More Details:

Security Article -->
https://github.com/elvanderb/TCP-32764


Technical Presentation -->
https://github.com/elvanderb/TCP-32764/blob/master/backdoor_description.pptx

Brought to you By Christian Galeone, full credits goes to Eloi Vanderbeken - Thanks Dude for your finding!.
--------------------------------------------------------------------------------------

About the Author :
Christian Galeone is a Cyber Security Researcher from Italy, he's currently studying to ITCL Marco Polo ( Vocational Technical Institute | Vo-Tech ) attending the IT Programming Class.
He has been Acknowledged by the TOP 5 Companies including Yahoo!, Microsoft, AT&T, Sony etc.
He is currently working with HOC as author of Cyber Security & Critical Tools Research Articles.

-----------------------------------------------------

iSniff GPS Passive Sniffing Tool of iOS devices For WiFi location Data

iSniff GPS Passive Sniffing Tool of iOS devices For WiFi location Data.

iSniff GPS passively sniffs for SSID probes, ARPs and MDNS (Bonjour) packets broadcast by nearby iPhones, iPads and other wireless devices. 

The aim is to collect data which can be used to identify each device and determine previous geographical locations, based solely on information each device discloses about previously joined WiFi networks.

iOS devices transmit ARPs which sometimes contain MAC addresses (BSSIDs) of previously joined WiFi networks, as described in [1]. iSniff GPS captures these ARPs and submits MAC addresses to Apple's WiFi location service (masquerading as an iOS device) to obtain GPS coordinates for a given BSSID. If only SSID probes have been captured for a particular device, iSniff GPS can query network names on wigle.net and visualise possible locations.

By geo-locating multiple SSIDs and WiFi router MAC addresses, it is possible to determine where a device (and by implication its owner) is likely to have been.

Components

• iSniff GPS contains 2 major components and further python modules:

• iSniff_import.py uses Scapy to extract data from a live capture or pcap file and inserts it into a database (iSniff_GPS.sqlite3 by default).

• A Django web application provides a browser-based interface to view and analyse the data collected. This includes views of all detected devices and the SSIDs / BSSIDs each has probed for, a view by network, Google Maps views for visualising possible locations of a given BSSID or SSID, and a pie chart view showing a breakdown of the most popular device manufacturers based on client MAC address Ethernet OUIs.

• wloc.py provides a QueryBSSID() function which looks up a given BSSID (AP MAC address) on Apple's WiFi location service. It will return the coordinates of the MAC queried for and usually an additional 400 nearby BSSIDs and their coordinates.

• wigle.py provides a getLocation() function for querying a given SSID on the wigle.net database and returns GPS coordinates. It must be configured with a valid wigle.net auth cookie. Please respect the wigle.net ToS in using this module.

Instructions

To use the web interface:

Install required Python modules by running pip install -r requirements.txt.
Initialise an empty database by running ./manage.py syncdb.
Start the web interface by running ./manage.py runserver 127.0.0.1:8000.

To sniff wifi traffic:

Install Scapy
Import data from a wifi pcap capture by running ./run.sh -r <chan11.pcap>
For live capture, bring up a wifi interface in monitor mode (usually mon0) so that airodump-ng shows traffic.

Start live sniffing with ./run.sh -i mon0.

To solicit ARPs from iOS devices, set up an access point with DHCP disabled (e.g. using airbase-ng) and configure your sniffing interface to the same channel.

Once associated, iOS devices will send up to three ARPs destined for the MAC address of the DHCP server on previously joined networks. On typical home WiFi routers, the DHCP server MAC address is the same as the WiFi interface MAC address, which can be used for accurate geolocation. On larger corporate WiFi networks, the MAC of the DHCP server may be different and thus cannot be used for geolocation.

Download now

Find Out All Detailed Info Of Twitter User Activity By TinfoLeak

Find Out All Detailed Info Of Twitter User Activity By TinfoLeak. Its working on python platform where its grab all the information of any Twitter users

Tinfoleak is a simple Python script that allow to obtain:

• basic information about a Twitter user (name, picture, location, followers, etc.)
• devices and operating systems used by the Twitter user
• applications and social networks used by the Twitter user
• place and geolocation coordinates to generate a tracking map of locations visited
• show user tweets in Google Earth!
• download all pics from a Twitter user
• hashtags used by the Twitter user and when are used (date and time)
• user mentions by the the Twitter user and when are occurred (date and time)
• topics used by the Twitter user

You can filter all the information by:

1. start date / time
2. end date / time
3. keywords

Download link

Source link

Use Harvester For Information Gathering And Penetration Testing

Use Harvester For Information Gathering And Penetration Testing. The Harvester is a tool for information gathering of e-mail accounts, sub domain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, PGP key servers). 

Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet.

Important Addons built inside:

-> PGP: pgp key server - www.rediris.es/keyserver/

-> Linkedin: google search engine, specific search for Linkedin users

-> Shodan: Shodan Computer search engine, will search for ports and banner of the discovered hosts  (http://www.shodanhq.com/).
SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.


-> vhost: Bing virtual hosts search

New Features:

> Time delays between request

> All sources search

> Virtual host verifies

> Active enumeration (DNS enumeration, Reverse lookups, TLD expansion)

> Integration with SHODAN computer database, to get the open ports and banners

> Save to XML and HTML

> Basic graph with stats

Download

Hack Your iPhone Untethered Jailbreak For iOS 7.1 And iOS 7.1.1 Available

Pangu released Untethered Jailbreak For iOS 7.1 and iOS 7.1.1. Pangu team members are all security researchers belong from China. Team released its first Jailbreak for iOS. Pangu untethered jailbreak is compatible with iPhone 5s, iPhone 5c, iPhone 4S, iPhone 4, iPad Air, iPad 4, iPad 3, iPad 2, iPad mini, Retina iPad mini and iPod touch 5G running iOS 7.1-iOS 7.1.1.

What is Jailbreak:
Jailbreak is an process to removing iOS limitation. We can modify the operating system running on Apple devices. If you jailbreak the device you can take advantage to install third party apps in your phone.

Steps to follow:

-> Make sure you have iTunes installed. 
-> Edit your iPhone's date to June 2, 2014 
-> Open the PanGu.exe file 
-> Click the black button to the right (also UNCHECK THE CHECKMARK where you see random characters and the "PP") 
-> As soon as the "brush stroke" loading bar fills to 20%, the PanGu app will appear on your phone 
-> Tap it Select Continue 
-> It will fill the loading brush stroke until 80% and your iTunes will open (it will only open IF you have iTunesHelper.exe on your Windows Taskbar) 
-> Close iTunes 
-> Your device will reboot
 -> When it opens again, wait for the brush stroke to complete to 100% 
-> Your device will reboot once more 
-> The process will be finished 100%
 -> The PanGu app will be replaced with Cydia 
-> Do your usual stuff by opening Cydia and continue with what you want to install by then.
 -> For precautionary measures, install Complete PPSync Remover (on http://cydia.angelxwind.net repo) because even though you uncheck the "PP" on step 4, it installs it anyway (internally without the app showing)

Compatible Devices:
This Untethered Jailbreak is compatible with following devices running iOS 7.1-iOS 7.1.1: 
-> iPhone 5s
 -> iPhone 5c 
-> iPhone 4S 
-> iPhone 4
 -> iPad Air 
-> iPad 4 
-> iPad 3 
-> iPad 2 
-> iPad mini 
-> Retina iPad mini 
-> iPod touch 5G

Video:

 
Download
For Mac 
For Windows

How to Use Network Monitor (Netmon Tutorial)

Microsoft's Network Monitor is a tools that allow capturing and protocol analysis of network traffic. Network Monitor 3 is a protocol analyzer. It enables you to capture, to view, and to analyze network data. You can use it to help troubleshoot problems with applications on the network. This article contains download and support information, installation notes, and general usage information about Network Monitor 3. Network Monitor 3.4 is the latest version.

Network Monitor 3 is a complete overhaul of the earlier Network Monitor 2.x version. Some key features of Network Monitor 3 include the following:

• Script-based parser model with frequent updates
• Concurrent live capture sessions
• Support for Windows 7
• Support for 32-bit platforms and for 64-bit platforms
• Support for network conversations and process tracking
• API to access capture and parsing engine
• Wireless Monitor Mode Capturing

Supported Operating System ::

Windows 7, Windows 8, Windows Server 2003 Service Pack 2, Windows Server 2003 Service Pack 2 x64 Edition, Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 R2 for Itanium-based Systems, Windows Server 2012, Windows Vista 64-bit Editions Service Pack 1, Windows Vista Service Pack 1, Windows XP 64-bit, Windows XP Service Pack 3

Hardware ::
• 1 GHz or greater CPU
• 1 GB or greater memory
• 60 MB free hard disk space plus extra room for capture files

Tutorials ::

 

Installation Instruction :: 

The Network Monitor core engine has been decoupled from the parser set. To install the full Network Monitor 3.4 product:

• Run the setup.exe for the platform you are installing.
• You will be prompted first to install the core engine. Follow the installation directions. Make sure you close existing instances of netmon.exe, nmcap.exe and any running NMAPI applications.
• Next you will be prompted to install the parser package. Follow the installation directions:

To uninstall the full Network Monitor 3.4 product ::

• Go to Add/Remove Programs in Control Panel
• Uninstall both Microsoft Network Monitor 3.4 and Microsoft Network Monitor: Network Monitor Parsers 3.4

Network Monitor Blog :: Click Here
Network Monitor Blog :: Click Here

Video Tutorial ::  Click Here

Download ::

Windows :: Network Monitor 3.4 (x86) | Network Monitor (x64)

Official Website :: http://www.microsoft.com/en-us/download/details.aspx?id=4865