Transform your Shellcode to Assembly (ARM, ARM64, MIPS, PPC, X86) - ShellcodeToAssembly

Transform your Shellcode to Assembly (ARM, ARM64, MIPS, PPC, X86)

Replace in shellcodetoasm.py with your shellcode.

shellcode = ''

Installation

git clone https://github.com/blacknbunny/ShellcodeToAssembly.git && cd ShellcodeToAssembly/ && pip install -r requirements.txt && python2 shellcodetoasm.py

Modules manual installation

pip install -r requirements.txt

it can be

pip2 install -r requirements.txt

Usage

python2 shellcodetoasm.py [returnbit] [architecture]

For example

python2 shellcodetoasm.py 32 x86

Architectures

• ARM
• ARM64
• MIPS
• ppc
• X86

Return Bit

• 64
• 32

Assembly Flavor

• ATT
• INTEL

Download ShellcodeToAssembly

Read More

Easy-To-Use Live Forensics Toolbox For Linux Endpoints - Linux Expl0rer

Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.

Capabilities

ps

• View full process list
• Inspect process memory map & fetch memory strings easly
• Dump process memory in one click
• Automaticly search hash in public services
  • VirusTotal
  • AlienVault OTX

users

• users list

find

• Search for suspicious files by name/regex

netstat

• Whois

logs

• syslog
• auth.log(user authentication log)
• ufw.log(firewall log)
• bash history

anti-rootkit

• chkrootkit

yara

• Scan a file or directory using YARA signatures by @Neo23x0
• Scan a running process memory address space
• Upload your own YARA signature

Requirements

• Python 2.7
• YARA
• chkrootkit

Installation

1. Clone repository

git clone https://github.com/intezer/linux_expl0rer

2. Install required packages

pip install -r requirements.txt

3. Setup VT/OTX api keys

nano config.py

Edit following lines:

VT_APIKEY = '<key>'
OTX_APIKEY = '<key>'

4. Install YARA

sudo apt-get install yara

5. Install chkrootkit

sudo apt-get install chkrootkit

Start Linux Expl0rer server

sudo python linux_explorer.py

Usage

1. Start your browser

firefox http://127.0.0.1:8080

2. do stuff

Notes

• We recommend using NGINX reverse proxy with basic http auth & ssl for secure remote access
• Tested with Ubuntu 16.04

Download Linux Expl0rer

Read More

The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data - The Art of Invisibility

Overview

The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick

Be online without leaving a trace.

Your every step online is being tracked and stored, and your identity literally stolen. Big companies and big governments want to know and exploit what you do, and privacy is a luxury few can afford or understand.

In this explosive yet practical book, Kevin Mitnick uses true-life stories to show exactly what is happening without your knowledge, teaching you "the art of invisibility"—online and real-world tactics to protect you and your family, using easy step-by-step instructions. Reading this book, you will learn everything from password protection and smart Wi-Fi usage to advanced techniques designed to maximize your anonymity.

Kevin Mitnick knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening. The world's most famous—and formerly the US government's most wanted—computer hacker, he has hacked into some of the country's most powerful and seemingly impenetrable agencies and companies, and at one point was on a three-year run from the FBI. Now Mitnick is reformed and widely regarded as the expert on the subject of computer security.

Invisibility isn't just for superheroes—privacy is a power you deserve and need in the age of Big Brother and Big Data.
 

Product Details

ISBN-13:     9780316380508
Publisher:     Little, Brown and Company
Publication date:     02/14/2017
Pages:     320

 Download The Art of Invisibility

 

Read More

Linux Memory Cryptographic Keys Extractor - CryKeX

CryKeX - Linux Memory Cryptographic Keys Extractor

Properties:

• Cross-platform
• Minimalism
• Simplicity
• Interactivity
• Compatibility/Portability
• Application Independable
• Process Wrapping
• Process Injection

Dependencies:

• Unix - should work on any Unix-based OS
  • BASH - the whole script
  • root privileges (optional)

Limitations:

• AES and RSA keys only
• Fails most of the time for Firefox browser
• Won't work for disk encryption (LUKS) and PGP/GPG
• Needs proper user privileges and memory authorizations

How it works
Some work has been already published regarding the subject of cryptograhic keys security within DRAM. Basically, we need to find something that looks like a key (entropic and specific length) and then confirm its nature by analyzing the memory structure around it (C data types).
The idea is to dump live memory of a process and use those techniques in order to find probable keys since, memory mapping doesn't change. Thanks-fully, tools exist for that purpose.
The script is not only capable of injecting into already running processes, but also wrapping new ones, by launching them separately and injecting shortly afterwards. This makes it capable of dumping keys from almost any process/binary on the system.
Of course, accessing a memory is limited by kernel, which means that you will still require privileges for a process.
Linux disk ecnryption (LUKS) uses anti-forensic technique in order to mitigate such issue, however, extracting keys from a whole memory is still possible.
Firefox browser uses somehow similar memory management, thus seems not to be affected.
Same goes for PGP/GPG.

HowTo
Installing dependencies:

sudo apt install gdb aeskeyfind rsakeyfind || echo 'have you heard about source compiling?'

An interactive example for OpenSSL AES keys:

openssl aes-128-ecb -nosalt -out testAES.enc

Enter a password twice, then some text and before terminating:

CryKeX.sh openssl

Finally, press Ctrl+D 3 times and check the result.
OpenSSL RSA keys:

openssl genrsa -des3 -out testRSA.pem 2048

When prompted for passphrase:

CryKeX.sh openssl

Verify:

openssl rsa -noout -text -in testRSA.pem

Let's extract keys from SSH:

echo 'Ciphers [email protected]' >> /etc/ssh/sshd_config
ssh [email protected]
CryKeX.sh ssh

From OpenVPN:

echo 'cipher AES-256-CBC' >> /etc/openvpn/server.conf
openvpn yourConf.ovpn
sudo CryKeX.sh openvpn

TrueCrypt/VeraCrypt is also affected: Select "veracrypt" file in VeraCrypt, mount with password "pass" and:

sudo CryKeX.sh veracrypt

Chromium-based browsers (thanks Google):

CryKeX.sh chromium
CryKeX.sh google-chrome

Despite Firefox not being explicitly affected, Tor Browser Bundle is still susceptible due to tunneling:

CryKeX.sh tor

As said, you can also wrap processes:

apt install libssl-dev
gcc -lcrypto cipher.c -o cipher
CryKeX.sh cipher
 wrap
 cipher

Download CryKeX

Read More

Mr. Robot Season 3ª - 1080p Full Download

Mr. Robot is an American drama–thriller television series created by Sam Esmail. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker who suffers from social anxiety disorder and clinical depression. Alderson is recruited by an insurrectionary anarchist known as "Mr. Robot", played by Christian Slater, to join a group of hacktivists called "fsociety". The group aims to destroy all debt records by encrypting the financial data of the largest conglomerate in the world, E Corp.

The pilot premiered on multiple online and video on demand services on May 27, 2015. The first season premiered on USA Network on June 24, 2015, and the second on July 13, 2016. The 10-episode third season premiered on October 11, 2017. In December 2017, Mr. Robot was renewed for a fourth season.

Mr. Robot has received critical acclaim and has been nominated for and won multiple awards, including the Golden Globe for Best Television Drama Series and was recognized with a Peabody Award. In 2016, the series received six Emmy nominations, including Outstanding Drama Series with Malek winning for Outstanding Lead Actor in a Drama Series.

Download Mr.Robot 1080p

Read More

Mr. Robot Season 2ª - 1080p Full Download

Mr. Robot is an American drama–thriller television series created by Sam Esmail. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker who suffers from social anxiety disorder and clinical depression. Alderson is recruited by an insurrectionary anarchist known as "Mr. Robot", played by Christian Slater, to join a group of hacktivists called "fsociety". The group aims to destroy all debt records by encrypting the financial data of the largest conglomerate in the world, E Corp.

The pilot premiered on multiple online and video on demand services on May 27, 2015. The first season premiered on USA Network on June 24, 2015, and the second on July 13, 2016. The 10-episode third season premiered on October 11, 2017. In December 2017, Mr. Robot was renewed for a fourth season.

Mr. Robot has received critical acclaim and has been nominated for and won multiple awards, including the Golden Globe for Best Television Drama Series and was recognized with a Peabody Award. In 2016, the series received six Emmy nominations, including Outstanding Drama Series with Malek winning for Outstanding Lead Actor in a Drama Series.

 Download Mr. Robot 1080p

Read More

Mr. Robot Season 1ª - 720p Full Download

Mr. Robot is an American drama–thriller television series created by Sam Esmail. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker who suffers from social anxiety disorder and clinical depression. Alderson is recruited by an insurrectionary anarchist known as "Mr. Robot", played by Christian Slater, to join a group of hacktivists called "fsociety". The group aims to destroy all debt records by encrypting the financial data of the largest conglomerate in the world, E Corp.

The pilot premiered on multiple online and video on demand services on May 27, 2015. The first season premiered on USA Network on June 24, 2015, and the second on July 13, 2016. The 10-episode third season premiered on October 11, 2017. In December 2017, Mr. Robot was renewed for a fourth season.

Mr. Robot has received critical acclaim and has been nominated for and won multiple awards, including the Golden Globe for Best Television Drama Series and was recognized with a Peabody Award. In 2016, the series received six Emmy nominations, including Outstanding Drama Series with Malek winning for Outstanding Lead Actor in a Drama Series.

Download Mr. Robot 720p

Read More

Epix Original Documentary - Deep Web

Deep Web investigates the events surrounding Silk Road, the online marketplace for selling illegal drugs on the dark web that was eventually shutdown by the FBI. At its peak it had over 900,000 registered users and generated over $1.2bn in sales. This documentary covers the trial of Silk Road owner Ross Ulbricht, who operated the site under the pseudonym ‘Dread Pirate Roberts’, and explores the issues of digital and constitutional rights, cryptography, the untraceable Bitcoin currency, and the War on Drugs.

Documentary Download

Read More

Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

Unlike the initial reports suggested about Intel chips being vulnerable to some severe ‘memory leaking’ flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulnerable to the issues.
Disclosed today by Google Project Zero, the vulnerabilities potentially impact all major CPUs, including those from AMD, ARM, and Intel—threatening almost all PCs, laptops, tablets, and smartphones, regardless of manufacturer or operating system.
These hardware vulnerabilities have been categorized into two attacks, named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could allow attackers to steal sensitive data which is currently processed on the computer.

Both attacks take advantage of a feature in chips known as "speculative execution," a technique used by most modern CPUs to optimize performance.

"In order to improve performance, many CPUs may choose to speculatively execute instructions based on assumptions that are considered likely to be true. During speculative execution, the processor is verifying these assumptions; if they are valid, then the execution continues. If they are invalid, then the execution is unwound, and the correct execution path can be started based on the actual conditions," Project Zero says.

Therefore, it is possible for such speculative execution to have "side effects which are not restored when the CPU state is unwound and can lead to information disclosure," which can be accessed using side-channel attacks.

Meltdown Attack

 
The first issue, Meltdown (paper), allows attackers to read not only kernel memory but also the entire physical memory of the target machines, and therefore all secrets of other programs and the operating system.

“Meltdown is a related microarchitectural attack which exploits out-of-order execution in order to leak the target’s physical memory.”

Meltdown uses speculative execution to break the isolation between user applications and the operating system, allowing any application to access all system memory, including memory allocated for the kernel.

“Meltdown exploits a privilege escalation vulnerability specific to Intel processors, due to which speculatively executed instructions can bypass memory protection.”

Nearly all desktop, laptop, and cloud computers affected by Meltdown.

Spectre Attack

The second problem, Spectre (paper), is not easy to patch and will haunt people for quite some time since this issue requires changes to processor architecture in order to fully mitigate.
Spectre attack breaks the isolation between different applications, allowing the attacker-controlled program to trick error-free programs into leaking their secrets by forcing them into accessing arbitrary portions of its memory, which can then be read through a side channel.

Spectre attacks can be used to leak information from the kernel to user programs, as well as from virtualization hypervisors to guest systems.

“In addition to violating process isolation boundaries using native code, Spectre attacks can also be used to violate browser sandboxing, by mounting them via portable JavaScript code. We wrote a JavaScript program that successfully reads data from the address space of the browser process running it.” the paper explains.

“KAISER patch, which has been widely applied as a mitigation to the Meltdown attack, does not protect against Spectre.”

According to researchers, this vulnerability impacts almost every system, including desktops, laptops, cloud servers, as well as smartphones—powered by Intel, AMD, and ARM chips.

What You Should Do: Mitigations And Patches

Many vendors have security patches available for one or both of these attacks.

• Windows — Microsoft has issued an out-of-band patch update for Windows 10, while other versions of Windows will be patched on the traditional Patch Tuesday on January 9, 2018
• MacOS — Apple had already fixed most of these security holes in macOS High Sierra 10.13.2 last month, but MacOS 10.13.3 will enhance or complete these mitigations.
• Linux — Linux kernel developers have also released patches by implementing kernel page-table isolation (KPTI) to move the kernel into an entirely separate address space.
• Android — Google has released security patches for Pixel/Nexus users as part of the Android January security patch update.  Other users have to wait for their device manufacturers to release a compatible security update.

Mitigations for Chrome Users

Since this exploit can be executed through the website, Chrome users can turn on Site Isolation feature on their devices to mitigate these flaws.

Here's how to turn Site Isolation on Windows, Mac, Linux, Chrome OS or Android:

• Copy chrome://flags/#enable-site-per-process and paste it into the URL field at the top of your Chrome web browser, and then hit the Enter key.
• Look for Strict Site Isolation, then click the box labeled Enable.
• Once done, hit Relaunch Now to relaunch your Chrome browser.

There is no single fix for both the attacks since each requires protection independently. 

Source: The Hackers News

Read More