Malspam E-mail Leads to Ransomware Cerber/Zerber Infection TRAFFIC SAMPLE

Example of files that were encrypted and protected: The domain name ftoxmpdipwobp4qy.joa688.top was NX and not required for the purchase process. 2016-12-16 01:29:05.256362 IP 192.168.1.102.50104 > 72.167.232.152.80: Flags [P.], seq 0:303, ack 1, win 256, length 303: HTTP: GET //up1/1/4fv3b5.exe HTTP/1.1E..W..@……..fH……P.n……P…….GET //up1/1/4fv3b5.exe HTTP/1.1Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*Accept-Language: en-usUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; … Read more

Cheat Sheet How to pass the OSCP Offensive Security Certified Professional Exam Step-by-Step Guide- SQLi XSS Web App Attacks – PART 5

SQL Injection Commands SELECT * FROM Users WHERE Username=’$username’ AND Password=’$password’ A similar query is generally used from the web application in order to authenticate a user. If the query returns a value it means that inside the database a user with that set of credentials exists, then the user is allowed to login to … Read more

Cheat Sheet How to pass the OSCP Offensive Security Certified Professional Exam Step-by-Step Guide – Network Pivoting – PART 7

Network Pivoting using SSH tunneling and forwarding: Is Microsoft Network Monitor was installed? If so, depending on which version, you may have to run netmon, netcap, or nmcap, each of which has slightly different features and syntax. For example, if Network Monitor 3 is installed running, you could execute the following command at a shell prompt: C:\> NMCap … Read more