Article: Extract & decrypt Chrome & IE passwords from Remote PC - published over 11 years ago. Content: In previous post i mentioned how we can extract saved passwords from firefox & thunderbird from rempote PC. Today we are going to extract saved passwords from Google chrome & IE. If you want to know more technical detail you can visit this site. Chrome stores all the sign-on secrets into the internal database file called 'Web data' in the current u... https://tipstrickshack.blogspot.com/2013/09/extract-decrypt-chrome-ie-passwords.html Published: 2013 09 18 15:47:00 Received: 2024 02 20 16:43:01 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
Article: The History of OpenIOC - published over 11 years ago. Content: With the buzz in the security industry this year about sharing threat intelligence, it's easy to get caught up in the hype, and believe that proper, effective sharing of Indicators or Intelligence is something that can just be purchased along with goods or services from any security vendor. It's really a much more complex problem than ... http://www.fireeye.com/blog/threat-research/2013/09/history-openioc.html Published: 2013 09 17 23:36:51 Received: 2021 06 06 09:05:12 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Extract & decrypt passwords from Firefox & Thunderbird. - published over 11 years ago. Content: Today we are going to extract password from Fireox & Thunderbird which are saved in browser and then try to decrypt that passwords from remote PC. Before some times ; i posted here that how to extract information from saved sqlite database of skype, firefox, chrome using python script. Most of the morden browser save information in sqlite format. When ... https://tipstrickshack.blogspot.com/2013/09/extract-decrypt-passwords-from-firefox.html Published: 2013 09 17 08:23:00 Received: 2024 02 20 16:43:01 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: Is It Android malware? Is it Ransomware? Is it a banking Trojan? - published over 11 years ago. Content: I recently was added to a list titled "Avast Pro Free". I decided to take a look as I knew anti virus it a common way blackhats spread malware. The account which added me (now suspended) had hxxp://thecheatplanet(dot)com/avast-keygen/ in the profiles bio. URL query gives analysis of http://urlquery.net/report.php?id=5433826 (leads to BlackHole).What's next? ... http://trojan7malware.blogspot.com/2013/09/is-it-android-malware-is-it-ransomware.html Published: 2013 09 16 13:51:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Back to Basics Series: OpenIOC - published over 11 years ago. Content: Over the next few months, a few of my colleagues and I will be touching on various topics related to Mandiant and computer security. As part of this series, we are going to be talking about OpenIOC - how we got where we are today, how to make and use IOCs, and the future of OpenIOC. This topic can't be rolled into a single blog p... http://www.fireeye.com/blog/threat-research/2013/09/basics-series-openioc.html Published: 2013 09 12 19:33:56 Received: 2021 06 06 09:05:12 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Is Anti-Virus Dead? - published over 11 years ago. Content: After seeing this debate for a while I decided to write up my view. It's hard to get your point across in 140 characters ;). My opinion:My personal opinion is that anti virus has had it's time and its now time for a new method to take the reins. Ill break down several reasons why AV (Anti virus) is dead.Bypass: It's been common knowledge for several years th... http://trojan7malware.blogspot.com/2013/09/is-anti-virus-dead.html Published: 2013 09 12 11:31:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Pentesting of coldfusion web-application. - published over 11 years ago. Content: ColdFusion is a commercial rapid web application development platform. CFML = ColdFusion Markup Language ColdFusion = Adobe’s product that handles CFML page/libs – Runs on Windows, Solaris, HP/UX and Linux – Apache, IIS, Jrun Following modules are Available in metasploit for coldfusion. msf > search coldfusion auxiliary/gather/coldfusion_pwd_props... https://tipstrickshack.blogspot.com/2013/09/pentesting-of-coldfusion-web-application.html Published: 2013 09 11 13:19:00 Received: 2023 04 01 17:22:46 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: Interview with The Syrian Electronic Army. - published over 11 years ago. Content: Recently I was lucky enough to hold an interview with The Syrian Electronic Army (SEA). A Syria based pro-Assad hacktivist group. Most commonly known for spear phishing attacks against some of the west's biggest media outlets. I won't be editing the answers in anyway, shape or form. This is the SEA words in raw format. I'd like to thank SEA for agreeing to b... http://trojan7malware.blogspot.com/2013/09/interview-with-syrian-electronic-army.html Published: 2013 09 08 21:46:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: LoL phishing domain. - published over 11 years ago. Content: I came across this phishing campaign in email spam. Strangely, the same email I use on a LoL account. LoL aka league of legends is a hugely popular online game with millions of players worldwide. Pictures of panel: http://imgur.com/P4aXBCS Whois of the website: http://who.is/whois/http://leagueoflegends.byethost33.com/Spam email: "Dear Player,As you're most ... http://trojan7malware.blogspot.com/2013/09/lol-phishing-domain.html Published: 2013 09 08 17:26:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: PayPal spam leads to malware. - published over 11 years ago. Content: "Hello customer, We have detected malicious activity attempting to hack your account. We have provided a password reset link and password security tips to aid you in account security. Please view the attached file for details on the malicious activity" File download virustotal analysis https://www.virustotal.com/en/file/00d15353a414fd233fb9f3aa1ff6fe86644c7c... http://trojan7malware.blogspot.com/2013/09/paypal-spam-leads-to-malware.html Published: 2013 09 06 14:30:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Twitter DM spam leads to phishing page - published over 11 years ago. Content: As I do every day I began going through the endless stream of diet,muscle,workout and drama dm's on twitter that my honeypot account gathers. I came across http://imgur.com/RYTdTRm. What does it lead too? http://imgur.com/9UNFhU3 a phishing page. Now you're hacked what happens? A lot. That's the simplest way to put it. Firstly, you spam links to a download f... http://trojan7malware.blogspot.com/2013/09/twitter-dm-spam-leads-to-phishing-page.html Published: 2013 09 02 11:45:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Exploit for IE 9 on Windows 7 SP1 - published over 11 years ago. Content: This is a memory corruption bug found in Microsoft Internet Explorer. On IE 9, it seems to only affect certain releases of mshtml.dll. For example: This module can be used against version 9.0.8112.16446 Target IE 9 on Windows 7 SP1 (mshtml 9.0.8112.16446) msf > use exploit/windows/browser/ms13_059_cflatmarkuppointer msf exploit(ms13_059_cflatmarkuppo... https://tipstrickshack.blogspot.com/2013/09/exploit-for-ie-9-on-windows-7-sp1.html Published: 2013 09 01 17:05:00 Received: 2024 02 20 16:43:02 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: Access backtrack from remote computer using ssh & vnc. - published over 11 years ago. Content: If you want to access your local computer through remote computer ; first you need configure ssh daemon .Because nowadays people are not using telnet due to plain text protocol. How to configure ssh in Backtrack 5 r3? (1)First we have to generate ssh key.So type following in terminal. ssh-keygen It will generate public/private rsa key pair.By default ... https://tipstrickshack.blogspot.com/2013/08/access-backtrack-from-remote-computer.html Published: 2013 08 29 11:51:00 Received: 2024 02 20 16:43:02 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: Android Malware Spreads Via KIK - published over 11 years ago. Content: So. I was casually browsing twitter and spam account told me to her on kik. Me been the inquisitive person I am and with the boom in android malware (kik can run on android) I decided to see what the bot would tell me to download. (Bot telling me to download) http://imgur.com/uzMlcE3 sorry for the inappropriate language but its crucial.First time the link le... http://trojan7malware.blogspot.com/2013/08/android-malware-spreads-via-kik.html Published: 2013 08 28 17:55:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: NYT and Twitter hack wasn't that bad after all. - published over 11 years ago. Content: Recently, the Syrian Electronic Army or SEA as they're commonly known as hijacked the DNS's of NYT and Twitter. They edited the front page of New York Times website to display a message and a image. This quickly became the top trend worldwide on twitter and everybody who's anybody knew about SEA and the hack. I'm sure many people in NYT office ran around lik... http://trojan7malware.blogspot.com/2013/08/nyt-and-twitter-hack-wasn-that-bad.html Published: 2013 08 28 14:55:00 Received: 2023 12 01 16:22:31 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: NYT and Twitter hack wasn't that bad after all. - published over 11 years ago. Content: Recently, the Syrian Electronic Army or SEA as they're commonly known as hijacked the DNS's of NYT and Twitter. They edited the front page of New York Times website to display a message and a image. This quickly became the top trend worldwide on twitter and everybody who's anybody knew about SEA and the hack. I'm sure many people in NYT office ran around lik... http://trojan7malware.blogspot.com/2013/08/nyt-and-twitter-hack-wasn-that-bad.html Published: 2013 08 28 14:55:00 Received: 2021 06 06 09:05:03 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Did It Execute? - published over 11 years ago. Content: You found a malicious executable! Now you've got a crucial question to answer: did the file execute? We'll discuss a few sources of evidence you can use to answer this question. In this post, we will focus on static or "dead drive" forensics on Windows systems. We will cover four main sources of evidence: Windows Prefetch, Registry, Lo... http://www.fireeye.com/blog/threat-research/2013/08/execute.html Published: 2013 08 27 22:26:05 Received: 2021 06 06 09:05:12 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Exploit Oracle Endeca Server with metasploit. - published over 11 years ago. Content: This module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. On the other hand, the injection has been found to be Windows specific. T... https://tipstrickshack.blogspot.com/2013/08/exploit-oracle-endeca-server-with.html Published: 2013 08 27 07:51:00 Received: 2024 02 20 16:43:02 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: How to get plain text source from shc compiled bash script? - published over 11 years ago. Content: Shc is used to protect your shell script from modification or inspection. If you created bash script want to distribute it , but dono`t want them to easily readble by other people , then you can use it. First we see how to compiled bash script to binary? wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgz tar -xvzf shc-3.8.7.tgz cd ... https://tipstrickshack.blogspot.com/2013/08/how-to-get-plain-text-source-from-shc.html Published: 2013 08 25 07:39:00 Received: 2024 02 20 16:43:02 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
|
Article: Why Did I Quit? - published over 11 years ago. Content: I decided to write this post after been asked this question at least 5 times a day. I'm going to explain why,in detail I quit. What did I do?During my time as a blackhat I was part of several "gangs". My main role was social engineer/vulnerability hunter. I'd find exploits in applications like java,flash and windows and then sell/use them for my teams gains.... http://trojan7malware.blogspot.com/2013/08/why-did-i-quit.html Published: 2013 08 24 13:34:00 Received: 2021 06 06 09:05:04 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Post exploitation & swaparoo backdoor. - published over 11 years ago. Content: Today we are going to create valid RDP user in victim pc using two method. (1)As usual get meterpreter session of victim using metasploit.We need system privilege So use getsystem .(getsystem will work in xp. But if victim has windows 7 than you have to use bypassuac module;it will work if victim has admin provilage.But most of time detecetd by AV. So you ... https://tipstrickshack.blogspot.com/2013/08/post-exploitation-swaparoo-backdoor.html Published: 2013 08 23 15:25:00 Received: 2024 02 20 16:43:02 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
Article: Post exploitation using Nishang. - published over 11 years ago. Content: Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests. This framework is written by Nikhil Mittal who is also author of Kautilya framework.For more i... https://tipstrickshack.blogspot.com/2013/08/post-exploitation-using-nishang.html Published: 2013 08 21 16:21:00 Received: 2024 02 20 16:43:02 Feed: Hacking and Tricks Source: Hacking and Tricks Category: Cyber Security Topic: Cyber Security |
Article: Why Small Business's Should Be Serious About Hackers - published over 11 years ago. Content: I decided to write this blog post after I contacted a local business about a serious vulnerability (SQLi). The company is a luxury boat reseller. You simply select your boat and "checkout". The website handles Credit cards (CC) so SQLi is a incredibly dangerous vulnerability. I reported the vulnerability and I received no response. So I decided to take act... http://trojan7malware.blogspot.com/2013/08/why-small-business-should-be-serious.html Published: 2013 08 20 12:31:00 Received: 2023 12 01 16:22:31 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
Article: Why Small Business's Should Be Serious About Hackers - published over 11 years ago. Content: I decided to write this blog post after I contacted a local business about a serious vulnerability (SQLi). The company is a luxury boat reseller. You simply select your boat and "checkout". The website handles Credit cards (CC) so SQLi is a incredibly dangerous vulnerability. I reported the vulnerability and I received no response. So I decided to take act... http://trojan7malware.blogspot.com/2013/08/why-small-business-should-be-serious.html Published: 2013 08 20 12:31:00 Received: 2021 06 06 09:05:04 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: How To Hack Any Amazon Account - published over 11 years ago. Content: As always with any blog post on this website I'm not responsible it you get arrested. This method is incredibly easy for fast thinking,clever and experienced social engineers. It's also a good starting method. With this method you'll be able to get full access to a account. This includes the ability to see credit card details,address and order numbers.... http://trojan7malware.blogspot.com/2013/08/how-to-hack-any-amazon-account.html Published: 2013 08 18 23:01:00 Received: 2023 03 31 23:02:35 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: How To Make A Profitable Botnet - published over 11 years ago. Content: This post is purely for educational reasons. If you follow ANY of these steps and get arrested I am not responsible. This tutorial is designed from a theoretical prospective. The world of botnets and blackhats is seriously messed up. Leave your morals at home.Budget:What's your budget? To get a botnet started you'll need a minimal of 1.5k. This will include ... http://trojan7malware.blogspot.com/2013/08/how-to-make-profitable-botnet.html Published: 2013 08 14 15:24:00 Received: 2021 06 06 09:05:04 Feed: Trojan7Malware Source: Trojan7Malware Category: Cyber Security Topic: Cyber Security |
|
Article: Episode #169: Move Me Maybe - published over 11 years ago. Content: Tim checks the mailbag Carlos IHaveNoLastName writes in asking for a way to move a directory to a new destination. That's easy, but the directory should only be moved if the the directory (at any depth) does NOT contain a file with a specific extenstion. Here is an example of a sample directory structure: SomeTopDir1 |-OtherDir1 | |-File1 | |-File2 | ... http://blog.commandlinekungfu.com/2013/08/episode-169-move-me-maybe.html Published: 2013 08 06 09:00:00 Received: 2023 03 31 08:44:32 Feed: Command Line Kung Fu Source: Command Line Kung Fu Category: News Topic: Security Tooling |
|
Article: Oracle Critical Patch Update Advisory - July 2013 - published over 11 years ago. Content: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html Published: 2013 07 16 19:30:54 Received: 2021 06 06 09:03:27 Feed: Oracle Security Alerts Source: Oracle Security Alerts Category: Alerts Topic: Vulnerabilities |
|
Article: Call for hacker visual artwork - published over 11 years ago. Content: http://www.zone-h.org/news/id/4744 Published: 2013 07 10 09:06:00 Received: 2021 06 06 09:05:22 Feed: Zone-H.org News Source: Zone-H.org News Category: Cyber Security Topic: Cyber Security |
|
Article: Episode #168: Scan On, You Crazy Command Line - published over 11 years ago. Content: Hal gets back to our roots With one ear carefully tuned to cries of desperation from the Internet, it's no wonder I picked up on this plea from David Nides on Twitter: Request today, we need 2 scan XX terabytes of data across 3k file shares 4any files that have not been MAC since 2012. Then move files to x.— David Nides (@DAVNADS) March 13, 2013 Whenever ... http://blog.commandlinekungfu.com/2013/07/episode-168-scan-on-you-crazy-command.html Published: 2013 07 02 09:00:00 Received: 2023 03 31 08:44:32 Feed: Command Line Kung Fu Source: Command Line Kung Fu Category: News Topic: Security Tooling |
Article: Oracle Java SE Critical Patch Update Advisory - June 2013 - published over 11 years ago. Content: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html Published: 2013 06 18 19:30:54 Received: 2021 06 06 09:03:27 Feed: Oracle Security Alerts Source: Oracle Security Alerts Category: Alerts Topic: Vulnerabilities |
|
Article: Episode #167: Big MAC - published over 11 years ago. Content: Hal checks into Twitter: So there I was, browsing my Twitter timeline and a friend forwarded a link to Jeremy Ashkenas' github site. Jeremy created an alias for changing your MAC address to a random value. This is useful when you're on a public WiFi network that only gives you a small amount of free minutes. Since most of these services keep track by not... http://blog.commandlinekungfu.com/2013/06/episode-167-big-mac.html Published: 2013 06 18 09:00:00 Received: 2023 03 31 08:44:32 Feed: Command Line Kung Fu Source: Command Line Kung Fu Category: News Topic: Security Tooling |
Article: Utilities Industry in the Cyber Targeting Scope - published over 11 years ago. Content: There's often a lot of rhetoric in the press and in the security community around threats to the utilities industry, and risk exposure surrounding critical infrastructure. We've determined that the utilities industry (power, water, waste) has been, and likely will continue to be, a target for cyber espionage primarily from Chinese APT ... http://www.fireeye.com/blog/threat-research/2013/06/utilities-industry-cyber-targeting-scope.html Published: 2013 06 17 20:40:56 Received: 2021 06 06 09:05:12 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: [TUT] WAF Bypass Sql Injection - published over 11 years ago. Content: Today I am going to show you how to bypass Web Application Firewalls ( WAF ). I will demonstrate from the Simpliest and most Basic Techniques to the Most Advanced ones! NOTE: If you don’t know SQL Injection, read this first… What is WAF? WAF stands for Web Application Firewall. It is widely used nowadays to detect and defend SQL Inject... http://hacking-share.blogspot.com/2013/06/tut-waf-bypass-sql-injection.html Published: 2013 06 13 13:34:00 Received: 2023 04 02 10:42:10 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
Article: Vulnerability Summary for the Week of June 3, 2013 - published over 11 years ago. Content: https://www.cisa.gov/news-events/bulletins/sb13-161 Published: 2013 06 10 21:11:05 Received: 2023 03 17 16:04:21 Feed: CISA Bulletins Source: Cybersecurity and Infrastructure Security Agency (CISA) Category: Bulletins Topic: Cyber Security |
|
Article: Whonix OS - A complete anonymous TOR OS - published over 11 years ago. Content: About whonix OS :Whonix is a general purpose operating system working on virtual box, Debian GNU/Linux and Tor.Whonix is designed in a way that IP and DNS leaks are not possible, even a malware with administrative rights can not find out User's real IP adress and Location. (Image: GUI Desktop whonix OS) This works by running two virtual machines,one runs... http://hacking-share.blogspot.com/2013/05/whonix-os-complete-anonymous-tor-os.html Published: 2013 05 22 08:48:00 Received: 2024 02 07 05:20:21 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
Article: WAF Bypass Sql Injection Tips - published over 11 years ago. Content: This is for who knows sql injection. Sometimes there will be a 403 forbidden error or not acceptable error its because of the WAF (web application firewall) you can bypass this by using the following queries. If u dont know sql injection you can learn it HERE Order By Not Working? You can simply bypass it by using group by instead of order by Union Sel... http://hacking-share.blogspot.com/2013/05/waf-bypass-sql-injection-tips.html Published: 2013 05 16 17:39:00 Received: 2023 04 02 10:42:10 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
Article: BLIND and TIME-BASED SQL INJECTIONS - published over 11 years ago. Content: In today’s tutorial I will be doing my best to show you some examples of how to perform BLIND SQL Injections to extract information from a vulnerable backend database. This method is a little harder than the UNION method but is still very viable in the wild, if you are patient enough to stick with it to the end. I will follow similar form as previous tutor... http://hacking-share.blogspot.com/2013/05/blind-and-time-based-sql-injections.html Published: 2013 05 08 09:43:00 Received: 2023 04 02 10:42:10 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
|
Click to Open Code Editor