domingo, 30 de agosto de 2020

OWASP-ZSC: A Shellcode/Obfuscate Customized Code Generating Tool


About OWASP-ZSC
   OWASP ZSC is open source software written in python which lets you generate customized shellcodes and convert scripts to an obfuscated script. This software can be run on Windows/Linux/OSX with Python 2 or 3.

   What is shellcode?: Shellcode is a small codes in Assembly language which could be used as the payload in software exploitation. Other usages are in malwares, bypassing antiviruses, obfuscated codes...

   You can read more about OWASP-ZSC in these link:
Why use OWASP-ZSC?
   Another good reason for obfuscating files or generating shellcode with OWASP-ZSC is that it can be used during your pen-testing. Malicious hackers use these techniques to bypass anti-virus and load malicious files in systems they have hacked using customized shellcode generators. Anti-virus work with signatures in order to identify harmful files. When using very well known encoders such as msfvenom, files generated by this program might be already flagged by Anti-virus programs.

   Our purpose is not to provide a way to bypass anti-virus with malicious intentions, instead, we want to provide pen-testers a way to challenge the security provided by Anti-virus programs and Intrusion Detection systems during a pen test.In this way, they can verify the security just as a black-hat will do.

   According to other shellcode generators same as Metasploit tools and etc, OWASP-ZSC  using new encodes and methods which antiviruses won't detect. OWASP-ZSC encoders are able to generate shell codes with random encodes and that allows you to generate thousands of new dynamic shellcodes with the same job in just a second, that means, you will not get the same code if you use random encodes with same commands, And that make OWASP-ZSC one of the best! During the Google Summer of Code we are working on to generate Windows Shellcode and new obfuscation methods. We are working on the next version that will allow you to generate OSX.

OWASP-ZSC Installation:
   You must install Metasploit and Python 2 or 3 first:
  • For Debian-based distro users: sudo apt install python2 python3 metasploit-framework
  • For Arch Linux based distro users: sudo pacman -S python2 python3 metasploit
  • For Windows users: Download Python and Metasploit here.
   And then, enter these command (If you're Windows user, don't enter sudo):
DISCLAIMER: THIS SOFTWARE WAS CREATED TO CHALLENGE ANTIVIRUS TECHNOLOGY, RESEARCH NEW ENCRYPTION METHODS, AND PROTECT SENSITIVE OPEN SOURCE FILES WHICH INCLUDE IMPORTANT DATA. CONTRIBUTORS AND OWASP FOUNDATION WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.

An example of OWASP-ZSC

Related news


  1. Hacking Tools Hardware
  2. Tools 4 Hack
  3. Hacker Tools For Mac
  4. Beginner Hacker Tools
  5. Github Hacking Tools
  6. Hacker Tools For Mac
  7. Hack Tools Pc
  8. Hacker Tools 2020
  9. Termux Hacking Tools 2019
  10. Hacking Tools Windows
  11. Hacking Tools Windows 10
  12. What Are Hacking Tools
  13. Pentest Tools Open Source
  14. Pentest Reporting Tools
  15. Black Hat Hacker Tools
  16. Black Hat Hacker Tools
  17. Pentest Tools For Windows
  18. Hacking Tools Windows
  19. Hack Tools
  20. Pentest Reporting Tools
  21. Hacker Tools For Windows
  22. Hack Tools 2019
  23. Hack App
  24. Pentest Tools Subdomain
  25. Hacker Security Tools
  26. Tools 4 Hack
  27. Hacker
  28. Pentest Tools List
  29. Hacking Tools For Windows
  30. Tools 4 Hack
  31. Hacker Tools
  32. Hackers Toolbox
  33. Hacker Search Tools
  34. Github Hacking Tools
  35. Hackers Toolbox
  36. How To Install Pentest Tools In Ubuntu
  37. Hacking Tools Hardware
  38. Hacking Tools Software
  39. Hack Website Online Tool
  40. Pentest Tools For Windows
  41. Hack Tools Mac
  42. Hack Tools Github
  43. Hacking Tools Windows 10
  44. Hack App
  45. What Is Hacking Tools
  46. Pentest Tools Alternative
  47. Hacking Tools For Pc
  48. Pentest Tools Url Fuzzer
  49. Hacking Tools Software
  50. Pentest Tools For Android
  51. Nsa Hack Tools Download
  52. Hack And Tools
  53. Pentest Tools Alternative
  54. Hacking Tools For Mac
  55. Pentest Tools Linux
  56. Nsa Hack Tools

Subvenciones para empresas

Subvenciones a fondo perdido

Subvenciones públicas a fondo perdido.

  • Gestionamos todo tipo de subvenciones para Pymes .
  • Líneas europeas (H2020), nacionales y de las CC.AA.
  • Vigilancia 24/7 para localizar cualquier subvención que se ajuste a las necesidades de tu empresa.
  • Gestión y preparación de la documentación a presentar.
Quiero saber más sobre subvenciones

Somo expertos en gestionar subvenciones, podemos conseguir la tuya.

Contáctanos de 9 a 16 horas
en el 981 90 49 49

o te contactamos nosotros

Déjanos tus datos

Sobre nosotros

Somos un socio estratégico para tu empresa. Atendemos a empresas y autónomos de toda España.

Servicios genéricos

Plan económico
Arbitraje financiero
Factoring sin recurso
Tramitación de avales
RAI/ASNEF

Otros servicios

Subvenciones
Marketing
Fiscal laboral y contable
Hacienda y S.S.
Análisis de clientes

Hacking Windows 95, Part 2

In the Hacking Windows 95, part 1 blog post, we covered that through a nasty bug affecting Windows 95/98/ME, the share password can be guessed in no time. In this article, I'm going to try to use this vulnerability to achieve remote code execution (with the help of publicly available tools only).

The first thing we can do when we have read access to the Windows directory through the share, is to locate all the *.pwl files on the c:\windows directory, copy them to your machine where Cain is installed, switch to Cracker tab, pwl files, load the pwl file, add username based on the filename, and try to crack it. If you can't crack it you might still try to add a .pwl file where you already know the password in the remote windows directory. Although this is a fun post-exploitation task, but still, no remote code execution. These passwords are useless without physical access.


One might think that after having a share password and user password, it is easy to achieve remote code execution. The problem is:
  • there is no "at" command (available since Windows 95 plus!)
  • there is no admin share
  • there is no RPC
  • there is no named pipes
  • there is no remote registry
  • there is no remote service management
If you think about security best practices, disabling unnecessary services is always the first task you should do. Because Windows 95 lacks all of these services, it is pretty much secure!

During my quest for a tool to hack Windows 95, I came across some pretty cool stuff:
LanSpy

But the best of the best is Fluxay, which has been written by chinese hackers. It is the metasploit from the year 2000. A screenshot is worth more than a 1000 words. 4 screenshot > 4 thousand words :)





It is pretty hard to find the installer, but it is still out there!

But at the end, no remote code execution for me.

My idea here was that if I can find a file which executes regularly (on a scheduled basis), I can change that executable to my backdoor and I'm done. Although there is no scheduler in the default Windows 95, I gave it a try. 

Let's fire up taskman.exe to get an idea what processes are running:


Looks like we need a more powerful tool here, namely Process Explorer. Let's try to download this from oldapps.com:


LOL, IE3 hangs, can't render the page. Copying files to the Win95 VM is not that simple, because there are no shared folders in Win95 VM. And you can't use pendrives either, Win95 can't handle USB (at least the retail version). After downloading the application with a newer browser from oldapps, let's start Process Explorer on the test Windows 95.


Don't try to download the Winsocks 2 patch from the official MS site, it is not there anymore, but you can download it from other sites

Now let's look at the processes running:


After staring it for minutes, turned out it is constant, no new processes appeared.
Looking at the next screenshot, one can notice this OS was not running a lot of background processes ...


My current Win7 has 1181 threads and 84 processes running, no wonder it is slow as hell :)

We have at least the following options:
  1. You are lucky and not the plain Windows 95 is installed, but Windows 95 Plus! The main difference here is that Windows 95 Plus! has built-in scheduler, especially the "at" command. Just overwrite a file which is scheduled to execution, and wait. Mission accomplished!
  2. Ping of death - you can crash the machine (no BSOD, just crash) with long (over 65535 bytes) ICMP ping commands, and wait for someone to reboot it. Just don't forget to put your backdoor on the share and add it to autoexec.bat before crashing it. 
  3. If your target is a plain Windows 95, I believe you are out of luck. No at command, no named pipes, no admin share, nothing. Meybe you can try to fuzz port 137 138 139, and write an exploit for those. Might be even Ping of Death is exploitable?
Let's do the first option, and hack Windows 95 plus!
Look at the cool features we have by installing Win95 Plus!


Cool new boot splash screen!


But our main interest is the new, scheduled tasks!


Now we can replace diskalm.exe with our backdoor executable, and wait maximum one hour to be scheduled.

Instead of a boring text based tutorial, I created a YouTube video for you. Based on the feedbacks on my previous tutorialz, it turned out I'm way too old, and can't do interesting tutorials. That's why I analyzed the cool skiddie videoz, and found that I have to do the followings so my vidz won't suck anymore:
  • use cool black windows theme
  • put meaningless performance monitor gadgets on the sidebar
  • use a cool background, something related with hacking and skullz
  • do as many opsec fails as possible
  • instead of captions, use notepad with spelling errorz
  • there is only one rule of metal: Play it fuckin' loud!!!!
Read more

RECONNAISSANCE IN ETHICAL HACKING

What is reconnaissance in ethical hacking?
This is the primary phase of hacking where the hacker tries to collect as much information as possible about the target.It includes identifying the target ip address range,network,domain,mail server records etc.

They are of two types-
Active Reconnaissance 
Passive Reconnaissance 

1-Active Reconnaissance-It the process from which we directly interact with the computer system to gain information. This information can be relevant and accurate but there is a risk of getting detected if you are planning active reconnaissance without permission.if you are detected then the administration will take the severe action action against you it may be jail!

Passive Reconnaissance-In this process you will not be directly connected to a computer system.This process is used to gather essential information without ever interacting with the target system.
More information
  1. Hack Tools Pc
  2. Hacker Tools Apk
  3. World No 1 Hacker Software
  4. Hacking Tools Github
  5. Ethical Hacker Tools
  6. Install Pentest Tools Ubuntu
  7. Beginner Hacker Tools
  8. Hack Tools 2019
  9. Pentest Tools Tcp Port Scanner
  10. Hacking Tools
  11. Hacking Apps
  12. Bluetooth Hacking Tools Kali
  13. Hacker Tool Kit
  14. Hacker
  15. Game Hacking
  16. Best Pentesting Tools 2018
  17. Best Hacking Tools 2019
  18. Pentest Tools For Ubuntu
  19. Hacking Tools Windows 10
  20. Pentest Tools Subdomain
  21. Hacking Tools 2020
  22. Hack Website Online Tool
  23. Hacking Tools For Beginners
  24. Pentest Tools Linux
  25. Hacker Tools Free
  26. World No 1 Hacker Software
  27. Hacker Tool Kit
  28. Kik Hack Tools
  29. Hacker Tools Github
  30. Nsa Hack Tools Download
  31. Hacking Tools 2019
  32. Pentest Reporting Tools
  33. Hack Rom Tools
  34. Pentest Tools For Windows
  35. Hack Tools Github
  36. Best Pentesting Tools 2018
  37. Hacker Tools
  38. Hacking Tools Pc
  39. Ethical Hacker Tools
  40. Pentest Tools Port Scanner
  41. How To Hack
  42. Growth Hacker Tools
  43. Hacking Tools Windows 10
  44. Pentest Tools Linux
  45. Android Hack Tools Github
  46. Pentest Tools Framework
  47. How To Hack
  48. Hacker Tools 2020
  49. Hacking Tools 2020
  50. Hacker Tools Software
  51. Hack Tools Mac
  52. Hacker Tools Linux
  53. Hacker Tools For Windows
  54. Pentest Tools For Android
  55. Hacker Search Tools
  56. Hack Tools 2019
  57. Hacking Tools For Windows
  58. Wifi Hacker Tools For Windows
  59. How To Install Pentest Tools In Ubuntu
  60. Nsa Hack Tools
  61. Hacking Tools Mac
  62. Pentest Tools Online
  63. Hack App
  64. Hacking Tools Windows 10
  65. Hacks And Tools
  66. Hacker Tools Hardware
  67. Kik Hack Tools
  68. Wifi Hacker Tools For Windows
  69. Hack Tools
  70. Pentest Tools Framework
  71. Pentest Tools Review
  72. Pentest Tools Linux
  73. Hacker Tools For Pc
  74. Pentest Tools Windows

sábado, 29 de agosto de 2020

RFCrack Release - A Software Defined Radio Attack Tool

RFCrack uses the following hardware with RFCat libraries:
YardStick One: 
https://goo.gl/wd88sr

I decided to cleanup my RF testing harness and release it as a tool named RFCrack
Mostly because it has been pain to set up use-case scenarios from scratch for every device I am testing. Rather then release a tool no one knows how to use. The below video will be a quick but comprehensive tutorial to get you started If you've been following the blogs, this will greatly simplify your testing, in the following ways:
  • RFCrack handles all of your data conversions. 
  • It allows you to capture, replay and save payloads for use anytime 
  • It will handle rolling code bypass attacks on your devices. 
  • You can jam frequencies and fuzz specific values 
  • It will also allow you to scan specific frequencies in discovery mode or incrementally probe them 
  • RFCrack will hopefully have keyless entry & engine bypass support in the near future

This is the first release, everything works as intended but there will be plenty of updates as I continue to do research and find reasons to add features needed for testing. I am still making changes and making it more flexible with modifiable values and restructuring code.  If you have any legitimate use case scenarios or need a specific value to be modifiable, hit me up and I will do my best to update between research, if its a legitimate use case.

You can reach me at:
Twitter: @Ficti0n
http://cclabs.io , http://consolecowboys.com

GitHub Code for RFCrack:

https://github.com/cclabsInc/RFCrack

Full RF Hacking Course in Development:

Not all of the attacks in the tool have been covered in the RF hacking blog series and a few more are in research mode, as such, not yet added to the tool but will probably be covered in a full length online class on Hacking with RF which includes all targets and equipment.  Send an email to info(at)cclabs.io if your interested.



Walkthrough Training Video:




Until Next time: 

Cheers, and enjoy the tool for your personal use testing devices, feedback and bug reports are appreciated.  I have another RF blog coming out shortly based on my friends research into hacking garages/gates and creating keyfobs.  I will post when its ready. 
More articles
  1. Easy Hack Tools
  2. Blackhat Hacker Tools
  3. Hacking Tools For Windows 7
  4. Hacking Tools Download
  5. Pentest Tools Download
  6. Pentest Tools For Windows
  7. Hacker Tools Online
  8. Usb Pentest Tools
  9. Pentest Tools List
  10. Hacking Tools Name
  11. Hack Tools Download
  12. Hacker Tools Free
  13. Bluetooth Hacking Tools Kali
  14. Hacker Tools Online
  15. World No 1 Hacker Software
  16. Pentest Reporting Tools
  17. Hacking Tools Hardware
  18. Hacker Tools
  19. Pentest Tools Online
  20. Hacker Tools For Pc
  21. Pentest Tools Website Vulnerability
  22. Pentest Tools Online
  23. Hackrf Tools
  24. Hackrf Tools
  25. Hacker Tools Online
  26. Pentest Automation Tools
  27. Hacks And Tools
  28. Kik Hack Tools
  29. Game Hacking
  30. Pentest Tools Port Scanner
  31. Hackrf Tools
  32. Easy Hack Tools
  33. Hacker Tools Github
  34. Pentest Tools
  35. Free Pentest Tools For Windows
  36. New Hacker Tools
  37. Pentest Tools Free
  38. Pentest Tools Alternative
  39. Android Hack Tools Github
  40. Hacker Tools 2019
  41. Hacking App
  42. Hacking Tools Windows 10
  43. Hacker Techniques Tools And Incident Handling
  44. Pentest Automation Tools
  45. Pentest Tools Alternative
  46. Hacker Tools
  47. Best Hacking Tools 2019
  48. Pentest Tools Free
  49. Hacking Tools And Software
  50. Hack App
  51. Hacking Tools For Windows
  52. Hack Tools For Mac
  53. Pentest Tools
  54. Hacking Tools Github
  55. Hacking Tools And Software
  56. Pentest Automation Tools
  57. Ethical Hacker Tools
  58. Free Pentest Tools For Windows
  59. Hacking Tools For Windows
  60. Top Pentest Tools
  61. Pentest Tools List
  62. Growth Hacker Tools
  63. Github Hacking Tools
  64. Pentest Tools
  65. Beginner Hacker Tools
  66. Hack Tools For Ubuntu
  67. Pentest Tools Download
  68. Hacker Tools Online
  69. Pentest Reporting Tools
  70. Pentest Tools Port Scanner
  71. Easy Hack Tools
  72. Hacker Security Tools
  73. Hacker Tools Free Download
  74. Wifi Hacker Tools For Windows
  75. Ethical Hacker Tools
  76. Game Hacking
  77. Hacker Tools Online
  78. Hacker Tools For Mac
  79. Tools 4 Hack
  80. Best Hacking Tools 2020
  81. Hackrf Tools
  82. Hack Tool Apk No Root
  83. Hack Tool Apk No Root
  84. Hacking Tools For Windows
  85. Pentest Tools Framework
  86. Hacker Tools Linux
  87. Hack App
  88. Hacker Tools
  89. Hacker Tools List
  90. Hack Tools Mac
  91. Hacker Tools List
  92. Hacking Tools
  93. Hack And Tools
  94. Hack Tools For Games
  95. Pentest Tools For Android
  96. Hacker Tools Apk Download
  97. Hacker Tools Apk Download
  98. Hacker Tools List
  99. Black Hat Hacker Tools
  100. Hacker Tools Mac
  101. Pentest Tools Apk
  102. Hacker Tools 2019
  103. Blackhat Hacker Tools
  104. Hacking Tools Online
  105. Hacker Tools 2019
  106. Hak5 Tools
  107. World No 1 Hacker Software
  108. Blackhat Hacker Tools
  109. Hacker Tools List
  110. Hacker Tools Github
  111. Hack Tools For Pc
  112. Hack Tools For Ubuntu
  113. Hacking Tools 2019
  114. Hacker Tools List
  115. Hacking Tools 2020
  116. Hacker Tools Online
  117. Hacker Tools Github
  118. Pentest Tools Linux
  119. Hacker Tools Apk
  120. Hacking Tools Mac
  121. Hacking Tools Pc
  122. Hack Tools Online
  123. Hacking Tools Download
  124. Hacker Tools For Ios
  125. Hacking Tools For Windows
  126. Hacker Tools Apk
  127. Hacker Tools Github
  128. Pentest Tools Download
  129. Hack Tools Pc
  130. Pentest Reporting Tools
  131. Hack Tools For Games
  132. Bluetooth Hacking Tools Kali
  133. Hack Tools Github
  134. Hacking Tools Name
  135. How To Hack
  136. Hacking Tools Kit
  137. Pentest Reporting Tools
  138. Pentest Tools Bluekeep
  139. Pentest Tools Kali Linux
  140. Hacks And Tools
  141. Growth Hacker Tools
  142. Hacker Tools 2020
  143. Nsa Hacker Tools
  144. Pentest Tools Open Source
  145. Pentest Tools Nmap
  146. Hacker Techniques Tools And Incident Handling
  147. Hack Tools For Windows
  148. What Are Hacking Tools
  149. Hack Tools For Windows
  150. Pentest Tools Website
  151. Hacker Tools Github
  152. Hacker Tools
  153. Pentest Tools Website Vulnerability
  154. Hacker Tools Apk
  155. Hacker Search Tools
  156. Hacking Tools Software
  157. Hack Tools Online
  158. Hacking Tools Hardware
  159. Hack Tools For Pc
  160. Hacker Tools Github
  161. Hacker Tools Linux
  162. Pentest Tools Nmap
  163. Pentest Tools For Ubuntu
  164. Pentest Tools For Mac
  165. Pentest Tools Tcp Port Scanner
  166. Black Hat Hacker Tools