DSploit

DSploitAfter playing with the applications installed on the Pwn Pad, I found that the most important application (at least for me) was missing from the pre-installed apps. Namely, DSploit. Although DSploit has tons of features, I really liked the multiprotocol password sniffing (same as dsniff) and the session hijacking functionality.The DSploit APK in the Play Store was not working for me, but the latest nightly on http://dsploit.net worked...

Leer Más

How To Secure Your Home Against "Internet Of Things" And FUD

TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter.IntroductionThere is rarely a day without news that another "Internet of Things" got hacked. "Smart" safes, "smart" rifles, "smart" cars, "smart" fridges, "smart" TVs, "smart" alarm systems, "smart" meters, "smart" bulbs, NAS devices, routers. These devices are getting...

Leer Más

One Reason Why InfoSec Sucked In The Past 20 Years - The "Security Tips" Myth

From time to time, I get disappointed how much effort and money is put into securing computers, networks, mobile phones, ... and yet in 2016 here we are, where not much has changed on the defensive side. There are many things I personally blame for this situation, and one of them is the security tips.The goal of these security tips is that if the average user follows these easy to remember rules, their computer will be safe. Unfortunately, by the...

Leer Más

C++ Std::Condition_Variable Null Pointer Derreference

This story is about a bug generated by g++ and clang compilers (at least)The condition_variables is a feature on the standard library of c++ (libstdc++), when its compiled statically a weird asm code is generated.Any example on the link below will crash if its compiled statically: https://en.cppreference.com/w/cpp/thread/condition_variableIn this case the condition_variable.wait() crashed, but this happens with other methods, a simple way to...

Leer Más

Hacking All The Cars - Part 2

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Helvetica Neue'} p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Helvetica Neue'; min-height: 14.0px} p.p3 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Helvetica Neue'; color: #dca10d} Connecting Hardware to Your Real Car:  I realized the other day I posted Part 2 of this series to my youtube awhile ago but not blogger so this one will be quick and mostly via video walkthrough. I often post random followup videos which may never arrive on this blog. So if you're waiting on...

Leer Más

Grok-backdoor - Backdoor With Ngrok Tunnel Support

Grok-backdoor is a simple python based backdoor, it uses Ngrok tunnel for the communication. Ngrok-backdoor can generate windows, linux and mac binaries using Pyinstaller.Disclaimer:All the code provided on this repository is for educational/research purposes only. Any actions and/or activities related to the material contained within this repository is solely your responsibility. The misuse of the code in this repository can result in criminal...

Leer Más

CEH: 10 Hacking Tools For Hackers

There are a lot of hacking tools available over the internet but mostly we need some of them. In this blog you'll learn about hacking tools which are typically used in the world of hacking by penetration testers.SmartWhois SmartWhois is an information-gathering program that allows you to find all available information about an IP address, hostname, or domain, including country, state or province, city, name of the network provider, administrator,...

Leer Más

Gridcoin - The Bad

In this post we will show why Gridcoin is insecure and probably will never achieve better security. Therefore, we are going to explain two critical implementation vulnerabilities and our experience with the core developer in the process of the responsible disclosure. In our last blog post we described the Gridcoin architecture and the design vulnerability we found and fixed (the good). Now we come to the process of responsibly disclosing our...

Leer Más