10 2019 档案
摘要:Hacking is gaining unauthorized access to anything. Preparation Setting up a lab and installing needed applications and operating systesm. Basics abou
阅读全文
摘要:Automatically Discovering Vulnerabilities Using the Vulnerability Scanner 1. Modify the run_scanner method in the scanner class. 2. Test this new auto
阅读全文
摘要:Implementing Code To Discover XSS in Parameters 1. Watch the URL of the XSS reflected page carefully. 2. Add the test_xss_in_link method in the Scanne
阅读全文
摘要:VULNERABILITY_SCANNER How to discover a vulnerability in a web application? 1. Go into every possible page. 2. Look for ways to send data to the web a
阅读全文
摘要:EXPLOITATION - XSS VULNS EXPLOITING XSS Run any javascript code. Beef framework can be used to hook targets. Inject Beef hook in vulnerable pages. Exe
阅读全文
摘要:EXPLOITATION - XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript code into the page. The code is executed when the pag
阅读全文
摘要:Extracting & Submitting Forms Automatically Target website:http://10.0.0.45/dvwa/vulnerabilities/xss_r/ Class Scanner. Vulnerability scanner. The prog
阅读全文
摘要:Polish the Python code using sending requests in a session Class Scanner. Vuln_scanner. The program runs fine.
阅读全文
摘要:VULNERABILITY_SCANNER How to discover a vulnerability in a web application? 1. Go into every possible page. 2. Look for ways to send data to web appli
阅读全文
摘要:HTTP REQUESTS BASIC INFORMATION FLOW The user clicks on a link. HTML website generates a request(client-side) The request is sent to the server. The s
阅读全文
摘要:Guessing Login Information on Login Pages Our target website: http://10.0.0.45/dvwa/login.php Execute the Python Script.
阅读全文
摘要:CRAWING SPIDER Goal -> Recursively list all links starting from a base URL. 1. Read page HTML. 2. Extract all links. 3. Repeat for each new link that
阅读全文
摘要:CRAWLING SUMMARY Our crawler so far can guess: Subdomains. Directories. Files. Advantages: ->Discover "hidden" paths/paths admin does not want us to k
阅读全文
摘要:CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories. Ex: target.com/directory plus.google.com/discover
阅读全文
摘要:WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. PHP, Python ...etc. Web application is executed he
阅读全文
摘要:Converting Python Programs to Linux Executables Note: You can not execute the program on Linux by double click. Install the PyInstaller. Covert the Py
阅读全文
摘要:Convert Python Programs to OS X Executables https://files.pythonhosted.org/packages/4a/08/6ca123073af4ebc4c5488a5bc8a010ac57aa39ce4d3c8a931ad504de4185
阅读全文
摘要:Spoofing File Extention - A trick. Use the Kali Linux Program - Characters 1. Open the program. 2. Find Right-to-left Override. 3. Copy Character and
阅读全文
摘要:Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Convert the downloaded png file to an icon file. https:/
阅读全文
摘要:BYPASSING ANTI-VIRUS PROGRAMS AV programs detect viruses based on: 1. Code - compare files to huge databases of signatures. ->Use own code, obfuscatio
阅读全文
摘要:DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantages: User needs internet connection. Files have to be uploa
阅读全文
摘要:TROJANS A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc). When executed: 1. Opens the normal file that the user ex
阅读全文
摘要:Polish the Python code by adding the become_persistent function. Convert to Windows executable file. Execute the reverse_backdoor file on the victim W
阅读全文
摘要:PRESISTENCE Persistence programs start when the system starts. Backdoors -> maintain our access. Keylogger -> spy on target. Reports -> send report on
阅读全文
摘要:PACKAGING FOR WINDOWS FROM LINUX For best results package the program from the same OS as the target. EG if the target is Windows then package the pro
阅读全文
摘要:PACKAGING Convert python program into an executable that: Packages all program files into a single executable. Works without a python interpreter. Get
阅读全文
摘要:Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specific resources. Result: They work on any OS with a py
阅读全文
摘要:Handling Errors: If the client or server crashes, the connection will be lost. Backdoor crashes if: An incorrect command is sent. The correct command
阅读全文
摘要:File Upload: A file is a series of characters. Uploading a file is the opposite of downloading a file. Therefore to transfer a file we need to: 1. Rea
阅读全文
摘要:File Download: A file is a series of characters. Therefore to transfer a file we need to: 1. Read the file as a sequence of characters. 2. Send this s
阅读全文
摘要:REVERSE_BACKDOOR - cd command Access file system: cd command changes current working directory. It has 2 behaviours: cd -> shows current working direc
阅读全文
摘要:BACKDOORS Sockets Problem: TCP is stream-based. Difficult to identify the end of message/batch. Solution: Make sure the message is well defined. Imple
阅读全文
摘要:Refactoring - Creating a Listener Class Creating a Backdoor class:
阅读全文
摘要:REVERSE_BACKDOOR Access file system. Execute system commands. Download files. Upload files. Persistence. BACKDOORS An interactive program gives access
阅读全文
摘要:Object-Oriented Programming Keylogger Classes Way of modeling program(blueprint). Logically group functions and data. Makes code more readable. More r
阅读全文
摘要:Report function: Run in the background. Don't interrupt program execution. Every X seconds, send the report. ->Great case for threading.
阅读全文
摘要:A program that records keys pressed on the keyboard. Common features: Store logs locally(local keyloggers). Report logs to an email or remote server(r
阅读全文
摘要:DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. Simple but powerfull. Can be used in many situati
阅读全文
摘要:Stealing WiFi Password Saved on a Computer
阅读全文
