Mrs. King - School Year 2010-2011

Saturday, May 9, 2020

CLOUDKiLL3R - Bypasses Cloudflare Protection Service Via TOR Browser


CLOUDKiLL3R bypasses Cloudflare protection service via TOR Browser !

CLOUDKiLL3R Requirements :
  • TOR Browser to scan as many sites as you want :)
  • Python Compiler

CLOUDKiLL3R Installation ?
Make sure that TOR Browser is up and running while working with CLOUDKiLL3R .
Make sure that the IP AND PORT are the same in TOR Browser preferences > advanced > Networks
Include the files below in one folder :
  • FILTER.txt
  • CK.pl
Make Sure The Modules Below Are Installed If NOT > use this command to install one : pip install [module name]
  • argparse
  • socks
  • socket
  • requests
  • sys

Contact :
Twitter.com/moh_security


Related articles

Thank You To Volunteers And Board Members That Worked BlackHat Booth 2019

The OWASP Foundation would like to thank the OWASP Las Vegas Chapter Volunteers for taking the time out of their busy schedule to give back and volunteer to work the booth at BlackHat 2019.  It was great meeting our Las Vegas OWASP members and working with Jorge, Carmi, Dave, and Nancy.  
Also, take a moment to thank Global Board Members Martin Knobloch, Owen Pendlebury, and Gary Robinson for also working the booth and speaking with individuals and groups to answer questions on projects and suggestions on the use of our tools to address their work problems.
OWASP can not exist without support from our members.  

Read more


Friday, May 8, 2020

OWASP Web 2.0 Project Update

Some of you likely recall the talk back in 2016 or so of updating the OWASP Foundation website to not appear so much like a...well, a wiki.  That talk was carried forward into 2017 and 2018 and, with each year, the proposal got pushed ahead as there were other, deeper projects to tackle.  With the arrival of 2019 and a firm project plan under the guidance of Mike McCamon, Executive Director, we are finally moving toward a functioning, modern website that will be a whole lot less...wiki-like.  The journey has been circuitous and, while we are not anywhere near complete, we have a set plan in place to bring it to fruition within the calendar year (second quarter of the year, actually).

TLDR: How Can You Help? 

There are certainly ways in which you can get involved now.  For instance, we are looking for a clean way to get wiki pages into GitHub markdown format for archival.  I have done some work here but there are parsing issues with some of the tools.  Do you know a good tool or have you done similar work?  Also, are you or do you know a good designer, someone familiar with GitHub pages that can provide some useful help and feedback along the way?  A Jekyll expert to help code a theme with a handful of templates would be a great addition.  In addition, we could use website server admins who could help with assigning redirects to maintain search integrity.  Finally, there will be a great many pages to move that we will also eventually need community involvement in.  

So, What Have We Done? 

Thus far we have researched various ideas for standing up a new site, including modifying the current wiki, spinning up our own web server, contracting a third party to host and build a new site, and also using existing infrastructure with our own content to launch a new face for OWASP.  Our discussions led us to a familiar place, one that nearly every developer in the OWASP space is familiar with: GitHub.   

In our conversations with GitHub, it became readily apparent that using the platform would be a win for the Foundation as well as GitHub.  Nearly everyone who runs a project at OWASP (documentation or otherwise) uses GitHub.  Because our target audience is also mostly developers we know that they are also very comfortable with the platform.  And while GitHub has a number of high profile companies using their GitHub Pages, the use of the platform as the basis for the entire website of the number one non-profit foundation in the application security sector is a big draw.

We have run with that GitHub Pages idea and have spent internal manpower on a proof of concept.  This proof of concept is less about the UX of the site than the functionality, the ability to utilize the authentication systems, and the ability to utilize automation to push out changes quickly.

Where Are We Now?

We are doing the final stages of website architecture. We are also planning what needs to be in the site, how the pieces will integrate with current projects and chapters, and how we might utilize the community to integrate the pieces so that we have a visually and functionally cohesive website that spans across multiple repositories.

What Is Next?

We will soon be looking for a modern website design that is responsive and clean.  We will begin using the knowledge gained from our proof of concept to build out the internals of the website and then we will start implementing the highest traffic pages and administrative areas into the new platform.  Once we have the big-ticket items moved we will start looking at what is left and moving over those pieces.  The eventual goal would be to have a new, modern website for the future of OWASP while keeping the wiki as an archive of really useful information.


We hope you are as excited as we are about the future of the OWASP Foundation website and will join us as we move toward a modern web presence.  If you have any questions or would like to volunteer your time, experience or knowledge, please contact me at harold.blankenship@owasp.com

More articles


  1. Hacking Netflix Account
  2. Tecnicas De Hacking
  3. Hacking Programs
  4. Hacker Definicion
  5. Diferencia Entre Hacker Y Cracker
  6. Curso Hacker
  7. Phishing Hacking
  8. Hacking Netflix Account
  9. Curso Hacking Etico
  10. Crack Definicion
  11. Hacking Programs

Thursday, May 7, 2020

How To Start | How To Become An Ethical Hacker

Are you tired of reading endless news stories about ethical hacking and not really knowing what that means? Let's change that!
This Post is for the people that:

  • Have No Experience With Cybersecurity (Ethical Hacking)
  • Have Limited Experience.
  • Those That Just Can't Get A Break


OK, let's dive into the post and suggest some ways that you can get ahead in Cybersecurity.
I receive many messages on how to become a hacker. "I'm a beginner in hacking, how should I start?" or "I want to be able to hack my friend's Facebook account" are some of the more frequent queries. Hacking is a skill. And you must remember that if you want to learn hacking solely for the fun of hacking into your friend's Facebook account or email, things will not work out for you. You should decide to learn hacking because of your fascination for technology and your desire to be an expert in computer systems. Its time to change the color of your hat 😀

 I've had my good share of Hats. Black, white or sometimes a blackish shade of grey. The darker it gets, the more fun you have.

If you have no experience don't worry. We ALL had to start somewhere, and we ALL needed help to get where we are today. No one is an island and no one is born with all the necessary skills. Period.OK, so you have zero experience and limited skills…my advice in this instance is that you teach yourself some absolute fundamentals.
Let's get this party started.
  •  What is hacking?
Hacking is identifying weakness and vulnerabilities of some system and gaining access with it.
Hacker gets unauthorized access by targeting system while ethical hacker have an official permission in a lawful and legitimate manner to assess the security posture of a target system(s)

 There's some types of hackers, a bit of "terminology".
White hat — ethical hacker.
Black hat — classical hacker, get unauthorized access.
Grey hat — person who gets unauthorized access but reveals the weaknesses to the company.
Script kiddie — person with no technical skills just used pre-made tools.
Hacktivist — person who hacks for some idea and leaves some messages. For example strike against copyright.
  •  Skills required to become ethical hacker.
  1. Curosity anf exploration
  2. Operating System
  3. Fundamentals of Networking
*Note this sites





Continue reading


HaCode - FUD Backdoor Generator / Remote Administration Tool

Related links

Wednesday, May 6, 2020

What Is Brave Browser And How Does It Compares To Chrome ?

       There are more competing web browsers than ever, with many serving different niches. One example is Brave, which has an unapologetic focus on user privacy and comes with a radical reimagining of how online advertising ought to work.

Brave is based on Chromium, the open-source code that forms the basis for Google Chrome. But is it any good? And for those using Google Chrome, is it worth switching to Brave?

A Brief History of Brave

When Brendan Eich and Brian Bondy founded Brave in 2015, they wanted to address what they perceived as the biggest problem with the modern internet: intrusive advertising.

Advertising is the fuel that powers the modern internet, allowing websites and digital creatives to monetize their content without charging users for each article read or every video watched. That said, Eich and Bondy think it's got some pretty significant downsides, citing the potentially privacy-harming nature of advertising trackers, as well as the negative impact it has on the overall user experience.

Brave's first release came about amidst two significant trends, which ultimately defined the new browser.

First, the cryptocurrency revolution was in full swing. Companies and individuals alike—like the pseudonymous Satoshi Nakamoto—were creating their own decentralized cryptocurrencies, which quickly reached billion-dollar market capitalizations. Second, ad-blocking technology entered the mainstream. By the decade's halfway point, millions of people were blocking ads online across all browsers, desktop, and mobile.

Brave was one of the first browsers to include built advertisement and tracker blockers, leapfrogging the likes of Opera. It also came with its own cryptocurrency, called BAT (or Basic Attention Token), allowing users to reimburse the sites and creators they like.

Essentially, Brave wants to re-imagine how the Internet works: not just on a usability level, but on an economic level. It's an undeniably radical vision, but you wouldn't expect any less, given its founding team.

Brendan Eich is the inventor of the JavaScript programming language and co-founded the Mozilla Foundation, which created the popular Firefox web browser. He also briefly served as the foundation's CEO before resigning following a bitter controversy over his political donations. Brian Bondy is also ex-Mozilla, and spent time at education startup Khan Academy.

Beyond that, Brave is a reasonably standard browser. Like Edge, Chrome, and Opera, it's built upon the Blink rendering engine, which means webpages should work as you expect. Brave is also compatible with Chrome extensions.

To Track or Not to Track?

The Brave browser is characterized by an unapologetically pathological focus on user privacy. Its primary mechanism for delivering this is something called Brave Shields, which combines traditional tracker-blocking technology, paired with several under-the-hood browser configuration tweaks. This feature is turned on by default, although users can easily de-activate it should it cause websites to break.

As you might expect, Brave blocks trackers based on whether they appear in several public blocklists. Going beyond that, it also uses cloud-based machine learning to identify trackers that slipped through the net, in addition to browser-based heuristics.

Brave Shields also forces sites to use HTTPS, where both an encrypted and unencrypted option is available. By forcing users to use an encrypted version of a website, it makes it harder for those on your network to intercept and interfere with the content you visit. While this sounds abstract, it's more common than you think. Public Wi-Fi hotspots, like those found in airports, routinely inject their own ads into websites being visited. Although upgrading to SSL isn't a silver bullet against all security and privacy, it's a pretty significant security upgrade.

Separately from Shields, Brave also includes a built-in TOR browser. TOR allows users to circumvent local censorship — like that which occurs on a national or ISP level — by routing traffic through other computers on its decentralized network.

The tool, which was funded by the US Department of Defence, is frequently used by dissidents living under authoritarian governments to escape surveillance and censorship. Both Facebook and the BBC offer their own TOR 'onion' sites for this reason. Somewhat of a double-edged sword, it's also used by bad actors — drug dealers, hackers, and other online criminals — to operate free from the scrutiny of law enforcement.

Going Batty for BAT

As mentioned, Brave uses its own cryptocurrency, called BAT, for rewarding websites for the content they appreciate. Microtransaction-based tipping is nothing new. Flattr pioneered it almost a decade ago. What's different about BAT is both the implementation and the scale.

While Flattr used traditional fiat-based currencies (by that, I mean currencies like pounds, dollars, and euros), Flattr has its own fungible (essentially, convertible) cryptocurrency based on the Ethereum blockchain. And, as a browser with mainstream aspirations, Brave can deliver this concept to millions of people.

So, let's talk about how it works. Firstly, it's entirely optional. Users can choose to use brave without even touching the BAT micropayments system. By default, it's turned off.

If you decide to opt-in, users can purchase BAT through a cryptocurrency exchange, like Coinbase. They can also earn it by viewing "privacy-respecting" ads. Rather than traditional banner-based advertising, these present as push notifications. Users can choose to dismiss a notification or view it in full-screen.

Unlike traditional advertising networks, the calculations determining what advertisements to show you are performed on your own device. This means the advertiser isn't able to build a profile of you and your interests.

Of all advertising revenue that Brave receives, it shares 70 percent with users, keeping a 30 percent share. It's also worth noting that Brave's advertising program is only available in a handful of countries, mostly scattered across Europe and the Americas, plus Israel, India, Australia, South Africa, the Philippines, Singapore, and New Zealand.

Once you have some BAT, you can spend it. You can choose to automatically contribute to specific sites or tip creators on an ad-hoc basis. You can even tip individual tweets. When you open Twitter through your browser, Brave will automatically add a button to each post within your newsfeed. Pressing it will open a drop-down window, where you confirm your tip.

The sites accepting BAT include The GuardianThe Washington Post, and Slate, as well as popular tech publications like Android Police and The Register. Brave also plans to allow users to spend their rewards for more tangible rewards: like hotel stays, gift cards, and restaurant vouchers. At the time of publication, this system isn't yet available.

How Does Brave Compare to Google Chrome?

Google Chrome commands the majority of the browser market, with other competitors, including Brave, trailing behind. Independent figures about Brave's adoption aren't readily available. It doesn't show on NetMarketShare or W3Counter, as it uses Chrome's user-agent string. In October, however, the company behind Brave reported eight million monthly active users and 2.8 million daily active users.

While that's pocket change in the broader Internet ecosystem, it's still fairly impressive for a young company that's trying to disrupt a market dominated by a small handful of well-entrenched players, like Mozilla, Google, Microsoft, and Apple.

Brave promises to be faster and less energy-intensive than rival browsers, and it delivers on this. Scientific benchmarks, plus my own anecdotal experiences, pay testament to this. Furthermore, when you open a new tab, Brave shows you how much time you've saved by using it.

However, there are small annoyances you perhaps wouldn't get with other browsers. Functionality that comes standard in Chrome, like the ability to automatically translate webpages, is only available through plug-ins.

You also occasionally encounter webpages that force you to "drop" your shield to access it. And while this isn't Brave's fault, it does highlight the fact that a huge part of the conventional Internet isn't quite prepared to embrace its utopian vision of how content should be monetized.

A Brave New World?

Should you ditch Google Chrome for Brave? Maybe. There's a lot to appreciate about this browser. While it's generally fast, it also feels extremely polished. I appreciate the fact that it comes with both light and dark themes and the ease in which it allows users to protect their privacy from cross-site trackers.

But Brave is more than a browser. It's a statement about how the Internet should work. And while most people will agree that the pace and scale of online tracking should be rolled back, many may disagree whether cryptocurrencies are the best way to monetize content that is otherwise funded by traditional in-browser advertising. And are push notification-based advertisements on your desktop really a less irritating form of advertising?

Ultimately, the question is whether you agree with Brave's approach or not.

@£√£RYTHING NT

Related word


Tuesday, May 5, 2020

Ganglia Monitoring System LFI


Awhile back when doing a pentest I ran into an interesting web application on a server that was acting as a gateway into a juicy environment *cough*pci*cough*, the application was "Ganglia Monitoring System" http://ganglia.sourceforge.net
The scope of the test was extremely limited and it wasn't looking good....the host that was in scope had a ton of little stuff but nothing that looked like it would give me a solid foothold into the target network. After spending some time looking for obvious ways into the system I figured it would be worth looking at the Ganglia application, especially since I could find no public exploits for the app in the usual places....

First step was to build a lab up on a VM (ubuntu)
apt-get install ganglia-webfrontend

After apt was done doing its thing I went ahead and started poking around in the web front end files (/usr/share/ganglia-webfrontend). I looked to see if the application had any sort of admin functionality that I could abuse or some sort of insecure direct object reference issues. Nothing looked good. I moved on to auditing the php.

Started out with a simple grep looking for php includes that used a variable....bingo.

steponequit@steponequit-desktop:/usr/share/ganglia-webfrontend$ egrep 'include.*\$' *
class.TemplatePower.inc.php: if( isset( $this->tpl_include[ $regs[2] ]) )
class.TemplatePower.inc.php: $tpl_file = $this->tpl_include[ $regs[2] ][0];
class.TemplatePower.inc.php: $type = $this->tpl_include[ $regs[2] ][1];
class.TemplatePower.inc.php: if( isset( $this->tpl_include[ $regs[2] ]) )
class.TemplatePower.inc.php: $include_file = $this->tpl_include[ $regs[2] ][0];
class.TemplatePower.inc.php: $type = $this->tpl_include[ $regs[2] ][1];
class.TemplatePower.inc.php: $include_file = $regs[2];
class.TemplatePower.inc.php: if( !@include_once( $include_file ) )
class.TemplatePower.inc.php: $this->__errorAlert( 'TemplatePower Error: Couldn\'t include script [ '. $include_file .' ]!' );
class.TemplatePower.inc.php: $this->tpl_include["$iblockname"] = Array( $value, $type );
graph.php: include_once($graph_file);
The graph.php line jumped out at me. Looking into the file it was obvious this variable was built from user input :)
$graph = isset($_GET["g"]) ? sanitize ( $_GET["g"] ) : NULL;
....
....
....
$graph_file = "$graphdir/$graph.php";


Taking at look at the "sanitize" function I can see this shouldn't upset any file include fun

function sanitize ( $string ) {
return escapeshellcmd( clean_string( rawurldecode( $string ) ) ) ;
}

#-------------------------------------------------------------------------------
# If arg is a valid number, return it. Otherwise, return null.
function clean_number( $value )
{
return is_numeric( $value ) ? $value : null;
}
Going back to the graph.php file

$graph_file = "$graphdir/$graph.php";

if ( is_readable($graph_file) ) {
include_once($graph_file);

$graph_function = "graph_${graph}";
$graph_function($rrdtool_graph); // Pass by reference call, $rrdtool_graph modified inplace
} else {
/* Bad stuff happened. */
error_log("Tried to load graph file [$graph_file], but failed. Invalid graph, aborting.");
exit();
}

We can see here that our $graph value is inserted into the target string $graph_file with a directory on the front and a php extension on the end. The script then checks to make sure it can read the file that has been specified and finally includes it, looks good to me :).
The start of our string is defined in conf.php as "$graphdir='./graph.d'", this poses no issue as we can traverse back to the root of the file system using "../../../../../../../../". The part that does pose some annoyance is that our target file must end with ".php". So on my lab box I put a php file (phpinfo) in "/tmp" and tried including it...


Win. Not ideal, but it could work....

Going back to the real environment with this it was possible to leverage this seemingly limited vulnerability by putting a file (php shell) on the nfs server that was being used by the target server, this information was gathered from a seemingly low vuln - "public" snmp string. Once the file was placed on nfs it was only a matter of making the include call. All in a hard days work.

I have also briefly looked at the latest version of the Ganglia web front end code and it appears that this vuln still exists (graph.php)

$graph = isset($_GET["g"]) ? sanitize ( $_GET["g"] ) : "metric";
...
...
...
$php_report_file = $conf['graphdir'] . "/" . $graph . ".php";
$json_report_file = $conf['graphdir'] . "/" . $graph . ".json";
if( is_file( $php_report_file ) ) {
include_once $php_report_file;


tl;dr; wrap up - "Ganglia Monitoring System" http://ganglia.sourceforge.net contains a LFI vulnerability in the "graph.php" file. Any local php files can be included by passing its location to the "g" parameter - http://example.com/ganglia/graph.php?g=../../../../../../../tmp/shell
Related word

  1. Cracker Definicion
  2. Libros De Hacking Pdf
  3. Aprender Hacking
  4. Hacking Informatico
  5. Hacker Definicion
  6. Penetration Testing A Hands-On Introduction To Hacking
  7. Hacking Hardware Tools
  8. Hacking Meaning
  9. Diferencia Entre Hacker Y Cracker
  10. Hacking Definicion
  11. Machine Learning Hacking
  12. Best Hacking Games
  13. Hacking School
  14. House Hacking
  15. Hacking Desde Cero
  16. Como Hackear

Blog Archive