RSS


Top Linux Commands Related To Hardware With Descriptive Definitions

0
Posted by KP-3မိသားစု |


Commands in Linux are just the keys to explore and close the Linux. As you can do things manually by simple clicking over the programs just like windows to open an applications. But if you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well. In this blog you will exactly get the content about Linux hardware commands which are related to CPU and memory processes.

dmesg

The dmesg command is used in Linux distribution for the sake of detecting hardware and boot messages in the Linux system.

cat /proc/cpuinfo

The cat command is basically used to read something over the terminal like cat index.py will display all the content which exist in index.py over the terminal. So cat /proc/cpuinfo will display the model of the CPU over the terminal.

cat /proc/meminfo

This command is similar to the above command but the only difference is that this command shows the information of hardware memory over the terminal. Because it will open the memory info file over the terminal.

cat /proc/interrupts

This command is also similar to the above command but there is the difference of one thing that this command will display lists the number of interrupts per CPU per input output device.

lshw

This command is used in Linux operating system to displays information on hardware configuration of the system in Linux.

lsblk

The "lsblk" command is used in Linux operating system to displays block device related information in the Linux operating system.

dmidecode

The "dmidecode" command is used in Linux distributions to display the information about hardware from the BIOS.

hdparm -i /dev/sda

The hdparm command basically used to display the information about the disks available in the system. If you wanna know the information about the "sda" disk so just type "hdparm -i /dev/sda" and if you wanna know the information about "sdb" so just type "hdparm -i /dev/sdb".

hdparm -tT

The "hdparm" command is used for displaying the information about disks as we discussed in above command. If you wanna do a read speed test on the disk sda or sdb just type the command "hdparm -tT /dev/sda".

badblocks -s /dev/sda

This command is used in linux to display test operations for unreadable blocks on disk sda. If the command is like "badblocks -s /dev/sdb" it will display test operations for unreadable blocks on disk sdb.More information
  1. Pentest Plus
  2. Pentest Vs Ceh
  3. Pentest Basics
  4. Pentest Wordpress
  5. Hacker Prank
  6. Pentest Tools For Windows
  7. Pentest Vs Ethical Hacking
  8. Pentest Bootcamp
  9. Hacker Types
  10. Pentest Wiki
  11. Pentest Framework
  12. Pentest Tools
  13. Pentest Tools Framework
  14. What Hacking Is
  15. Hacking Meaning
  16. Hacking Online Games
  17. Pentest Windows

Read more »


How To Hack Any Whatsapp Account In 2020

0
Posted by KP-3မိသားစု |

The article will also be broken down into different subtopics and subcategories. This to make it easy for those who are just interested in skimming through the article to pick the part of WhatsApp hack they are most interested in. Just incase you don't have enough time to go through the entire article.

Search queries like these are a common place; Can WhatsApp be hacked? Can you read WhatsApp messages? How safe is the most popular trade fair in the world? This article gives you all the solution you need to hack any WhatsApp account, as well as how to protect yourself from a WhatsApp hack attack.

Although the messenger is now on an end-to-end encryption, WhatsApp is still not totally safe from espionage. WhatsApp chats and messages can still be accessed and read remotely, and old &deleted WhatsApp chats and messages retrieved.

WhatsApp Spy: Hack WhatsApp Chats and Messages

A very simple solution is to use a software that can hack WhatsApp remotely. All manufacturers offer to read the WhatsApp messages an extra web portal. In addition to the Whatsapp messages but can also spy on other messengers. So you can also have access to social media accounts.

The software may only be installed on a smartphone. If the user of the smartphone has been informed about the installation and effects.

WhatsApp Hacker: 3 Steps to Hack WhatsApp in 2020

You can hack Whatsapp using a second cell phone. No extra SIM card is necessary for this. The guide also works with a tablet. With this method, the other phone only needs to clone WhatsApp messages is internet connection.

The trick to hack Whatsapp successfully is not a software bug. It's the way WhatsApp has developed the setup wizard. Since there are no user accounts with passwords and you log in via the mobile number, here lies the vulnerability. But you can also protect yourself from the Whatsapp hack.

Hack WhatsApp Chat with the Best WhatsApp Hacking Tool

To read Whatsapp messages, the mobile phone number of the target must be known. The cell phone can remain locked. There is no need to install software to hack and read Whatsapp messages. Even with the PIN or fingerprint, the Whatsapp account can be hacked.

STEP 1: Create a New WhatsApp Account

To hack an account from Whatsapp, the app from the App Store must be installed on the second cell phone. After the installation of Whatsapp, target's phone number is entered. A confirmation request must be waited until access to the smartphone of the victim exists.

STEP 2: WhatsApp Account Confirmation

The confirmation of the Whatsapp account is the actual security risk of the messenger. Whatsapp usually confirms the registration via SMS. Occasionally the confirmation will also be sent by automated phone call via a phone call.

Calls and text messages can be read and taken by anyone even when the screen is locked. So that the WhatsApp hack does not stand out, the SMS must be removed from the start screen by swiping.

STEP 3: Enter Confirmation

The stolen verification PIN is now entered on the second smartphone. As a result, the WhatsApp account has been taken over by you. You can read the WhatsApp messages, which respond to this mobile phone number.

The downside to this trick is that the victim immediately notices the Whatsapp hack as soon as Whatsapp is opened. If the victim goes through the sign-in process again. The attacker loses access to the messages and no Whatsapp messages can be read.

How to Hack Someone's WhatsApp in 2020

A good way to hack a WhatsApp account is to hack whatsapp online. Here you can read WhatsApp messages via a browser and also write. The target user can continue to use his cell phone (works for iOS, Android phone etc) and does not notice the WhatsApp hack.

STEP 1: Access the Cell Phone

In order to be able to read WhatsApp messages by installing software. Access to the unlocked smartphone is required for a short time. In addition, cell phone, a computer or laptop is necessary. On this the Whatsapp messages will be read later.

STEP 2: Access WhatsApp Web

If you have access to the unlocked smartphone, Whatsapp must be started there. The Whatsapp settings include Whatsapp Web . If this is selected, Whatsapp opens a QR code scanner with the hint to open WhatsApp Web in the browser.

If the QR code is scanned in the browser with the smartphone. There is a permanent connection and Whatsapp messages can be read. If you want to hack Whatsapp in this way. You have full access to all incoming messages and you can even write messages yourself.

STEP 3: Read WhatsApp Messages

The target usually sees this Whatsapp hack only when the settings are invoked to Whatsapp Web in the app. Whatsapp messages can be read via the browser. Regardless of whether the smartphone is on home Wi-Fi or on the move. You can also hack group chats admin by just having any of the contact details.

WhatsApp Hack: How to Hack any WhatsApp account

Which is the most popular messaging app globally? Of course, you can use different apps from Android or iOS to send and receive messages. But Whatsapp remains everyone's favorite globally!

Whatsapp is one of the popular apps in the world. There are more than 2 billion active users on Whatsapp, messaging daily with the app. Why do people love WhatsApp? Whatsapp is very convenient and easy to use.

Other messaging apps like Facebook Messenger, still needs a special account to sign up for this app. If you change a new app, you'll need to add another account. This can be stressful, as you have to remember a lot of new passwords and usernames.

HACKER NT

More info


  1. Basic Pentest 1 Walkthrough
  2. Hacking With Raspberry Pi
  3. Pentest Firewall
  4. Pentest Wiki
  5. Hacking Google
  6. Pentest Windows 7
  7. Hacker News
  8. Pentest Documentation
  9. Pentest Vs Ceh
  10. Pentest Magazine

Read more »


Zirikatu Tool - Fud Payload Generator Script

0
Posted by KP-3မိသားစု |

More info

  1. Hacker Forum
  2. Pentest Usb
  3. Hacking Typer
  4. Pentest Practice
  5. Pentest Tools For Windows
  6. Pentest Standard

Read more »


CloudFrunt - A Tool For Identifying Misconfigured CloudFront Domains

0
Posted by KP-3မိသားစု |


CloudFrunt is a tool for identifying misconfigured CloudFront domains.

Background
CloudFront is a Content Delivery Network (CDN) provided by Amazon Web Services (AWS). CloudFront users create "distributions" that serve content from specific sources (an S3 bucket, for example).
Each CloudFront distribution has a unique endpoint for users to point their DNS records to (ex. d111111abcdef8.cloudfront.net). All of the domains using a specific distribution need to be listed in the "Alternate Domain Names (CNAMEs)" field in the options for that distribution.
When a CloudFront endpoint receives a request, it does NOT automatically serve content from the corresponding distribution. Instead, CloudFront uses the HOST header of the request to determine which distribution to use. This means two things:

  1. If the HOST header does not match an entry in the "Alternate Domain Names (CNAMEs)" field of the intended distribution, the request will fail.
  2. Any other distribution that contains the specific domain in the HOST header will receive the request and respond to it normally.
This is what allows the domains to be hijacked. There are many cases where a CloudFront user fails to list all the necessary domains that might be received in the HOST header. For example:
  • The domain "test.disloops.com" is a CNAME record that points to "disloops.com".
  • The "disloops.com" domain is set up to use a CloudFront distribution.
  • Because "test.disloops.com" was not added to the "Alternate Domain Names (CNAMEs)" field for the distribution, requests to "test.disloops.com" will fail.
  • Another user can create a CloudFront distribution and add "test.disloops.com" to the "Alternate Domain Names (CNAMEs)" field to hijack the domain.
This means that the unique endpoint that CloudFront binds to a single distribution is effectively meaningless. A request to one specific CloudFront subdomain is not limited to the distribution it is associated with.

Installation
$ pip install boto3
$ pip install netaddr
$ pip install dnspython
$ git clone https://github.com/disloops/cloudfrunt.git
$ cd cloudfrunt
$ git clone https://github.com/darkoperator/dnsrecon.git
CloudFrunt expects the dnsrecon script to be cloned into a subdirectory called dnsrecon.

Usage
cloudfrunt.py [-h] [-l TARGET_FILE] [-d DOMAINS] [-o ORIGIN] [-i ORIGIN_ID] [-s] [-N]

-h, --help                      Show this message and exit
-s, --save                      Save the results to results.txt
-N, --no-dns                    Do not use dnsrecon to expand scope
-l, --target-file TARGET_FILE   File containing a list of domains (one per line)
-d, --domains DOMAINS           Comma-separated list of domains to scan
-o, --origin ORIGIN             Add vulnerable domains to new distributions with this origin
-i, --origin-id ORIGIN_ID       The origin ID to use with new distributions

Example
$ python cloudfrunt.py -o cloudfrunt.com.s3-website-us-east-1.amazonaws.com -i S3-cloudfrunt -l list.txt

 CloudFrunt v1.0.3

 [+] Enumerating DNS entries for google.com
 [-] No issues found for google.com

 [+] Enumerating DNS entries for disloops.com
 [+] Found CloudFront domain --> cdn.disloops.com
 [+] Found CloudFront domain --> test.disloops.com
 [-] Potentially misconfigured CloudFront domains:
 [#] --> test.disloops.com
 [+] Created new CloudFront distribution EXBC12DE3F45G
 [+] Added test.disloops.com to CloudFront distribution EXBC12DE3F45G


Related posts


  1. Hacker Software
  2. Hacking Quotes
  3. Hacking Games
  4. Pentest Vs Ceh
  5. Hacking Jacket
  6. Hacking The Art Of Exploitation
  7. Hacking The System
  8. Pentest Jobs
  9. Hacking Books
  10. Hacking Apps
  11. Pentest Red Team
  12. Hacker Prank
  13. Pentest Partners
  14. Hacker Typer

Read more »


Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers

0
Posted by KP-3မိသားစု |

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in Sybase Adaptive Server Enterprise (ASE), a relational database management software geared towards

via The Hacker News

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com
Related word
  1. Hacking Gif
  2. Hacking Jacket
  3. Pentest Firewall
  4. Pentest Magazine
  5. Pentest Tools Github
  6. Pentest Smtp
  7. Pentest Plus
  8. Hacking Forums
  9. Pentest Bootcamp
  10. Pentestgeek
  11. Pentesterlab
  12. Pentest News
  13. Hacking Growth
  14. Pentest Example Report
  15. Hacking Link
  16. Pentest Firewall

Read more »


GitHub Dorks: Buscando "Trufas" En GitHub Usando TrufleHog & GitRob

0
Posted by KP-3မိသားစု |

El teletrabajo está demostrado que puedes ser más eficiente para las empresas de lo que la mayoría de las organizaciones pensaba hasta hace unos meses. Pero también puede traer consigo un incremento de "leaks" de información confidencial si no tenemos cuidado con la manera de implementarlo. Inspirándome en el post que escribí sobre el  "Google Dorks & Low Hanging Fruit: Open Redirectspodría decirse que esta es una segunda parte, ya que vamos a usar dorks similares para encontrar "trufas" en una de las plataformas que más está dando que hablar últimamente en la comunidad: Github

Figura 1: GitHub Dorks: Buscando "Trufas"
en GitHub usando TrufleHog & GitRob

Github es una plataforma para desarrolladores donde pueden compartir código en diferentes lenguajes de programación. En ella se permite editar simultáneamente un proyecto, lo que resulta de gran utilidad en escenarios de teletrabajo, pero si no se usa con cuidado, también presenta una gran amenaza a la seguridad de las empresas, ya que en este entorno es relativamente sencillo que a alguien se le termine escapando en el código que sube alguna KEY, algún TOKEN o contraseña…

Figura 2: Hacking con Buscadores 3ª Edición
de Enrique Rando

Y ahí viene la gracia, es un entorno fantástico para aplicar todas las técnicas de Hacking con Buscadores, pero en este caso dentro de la plataforma de GitHub, así que vamos a ver cuáles son sus posibilidades. En esta plataforma cuenta con un buscador con multitud de comandos, entre los más útiles destacaría:

Figura 3: Comandos de búsqueda en GitHub

Como podéis ver, se pueden utilizar comandos bastante específicos para localizar cosas jugosas, así que ahora es el momento de ver qué tipos de GitHub Dorks podemos crear para sacar partido en un entorno de búsqueda de objetivos en un pentesting.

Github Dorks

Teniendo estos comandos claros, las posibilidades son infinitas. Podemos probar filtrando por la organización objetivo y campos como "password", "pwd", "token", "credential"….

Figura 4: Buscando "password" en GitHub

Con esta técnica podemos encontrarnos con auténticas bases de datos de usuarios y clientes volcadas en Github por descuido, así como credenciales de AWS (aws_secret), tokens calentitos que han sido recientemente indexados y que todavía no han expirado. Este tipo de técnicas son similares a las que se pueden ver en la charla de Chema Alonso de "Dorking & Pentesing with Tacyt", donde hacía dorks similares para buscar en el código fuente de las apps que el servicio de ElevenPaths tiene indexado, que es lo mismo que podemos hacer en GitHub.


Figura 5: Dorking & Pentesting con Tacyt por Chema Alonso

Aquí surge una segunda derivada, ya que si la organización cuenta con mecanismos de control contra leaks en Github, el riesgo no se mitiga por completo, ya que los trabajadores cuentan con su página personal en Github donde puede haber leaks fuera del radar de la organización. Veamos por ejemplo, Netflix, una compañía que si tiene un mecanismo de control de leaks en su repositorio oficial de Github:

Figura 6: Netflix Open Source Platform

Vemos que cuenta con 15 usuarios registrados en su repositorio oficial. Lo que podríamos hacer aquí es meternos en la página personal de cada uno de esos usuarios y buscar repositorios propios donde se suelen guardar notas o trozos de código que no están en el repositorio oficial y que son altamente peligrosos para la compañía. 

Si nos fijamos en la dimensión de Netflix, suena raro que tan solo cuente con 15 empleados desarrollando código, y esto no es así, el problema es que muchos de los que trabajan en el repositorio no han vinculado su perfil al de Netflix, algo todavía más peligroso, ya que podríamos buscar "developer" en Linkedin y filtrando por la organización podríamos obtener usuarios de Github que sabemos que trabajan pero cuyo perfil no está vinculado al de Netflix

Figura 7: Libro Open Source INTelligence (OSINT):
Investigar personas e Identidades en Internet
de Vicente Aguilera y Carlos Seisdedos

Utilizar Linkedin como fuente de datos OSINT es algo habitual, y el libro que publicaban ayer sobre OSINT y la investigación en redes sociales dedica un capítulo enorme solo a este asunto, como puedes ver en el índice del libro. Estos usuarios que trabajan en una compañía y lo anuncian en Linkedin, y luego no están vinculados a los repositorios oficiales de la empresa en Github son estos los que, por norma general, guardan la mayor cantidad de Leaks. Por suerte, Netflix ("rara avis") también tiene a estos usuarios controlados, pero no es lo habitual.

Trapos sucios de las organizaciones en Github

Otra de las curiosidades que nos está dejando esta cuarentena es una gran cantidad de discusiones en repositorios, en las que parece que los usuarios implicados no recuerdan que su conversación es pública. 

Figura 8: Issues & Discussions en GitHub

Para ello basta con buscar en las secciones "Issues" y "Discussions" donde los desarrolladores presentan un problema y discuten (no siempre de las mejores formas, poniendo en riesgo reputacional a la compañía) hasta conseguir solucionarlos.

Automatizando la búsqueda: TrufleHog & GitRob

Sería ideal que las organizaciones tuvieran alertas sobre posibles leaks en Github de sus empleados, para ello existen dos herramientas que permiten automatizar este proceso. La primera es TruffleHog que por supuesto está en GitHub y puedes ver en ejecución en la imagen siguiente en la que busca Keys de AWS que puedan estar fresquitas.

Figura 9: TruffleHog

Y la segunda que os dejo, que también está en GitHub, por supuesto, es Gitrob, que te animo a que pruebes un rato para ver qué es lo que eres capaz de encontrar. Recuerda que constantemente hay actualizaciones de código, así que siempre hay "trufas" frescas que localizar.

Figura 10: GitRob en GitHub

Hay que remarcar que las posibilidades son infinitas tanto para la parta atacante como para la atacada. Es especialmente importante que en entornos de teletrabajo seamos más cuidadosos que nunca y que trabajemos con la VPN de nuestra organización que nos permita tener una conexión segura. Estos escáneres también son susceptibles de ser usados por los "malignos" y no sería recomendable que ellos se enteraran antes que nosotros de que hemos tenido un "leak". 

Figura: Contactar con Nico Waisman

Por último, me gustaría recalcar que el equipo de seguridad de GitHub se preocupa mucho por este tipo de leaks y ayuda a la comunidad de developers constantemente con herramientas y seminarios de concienciación. Cuenta en su equipo con grandes profesionales y siempre que desde la comunidad de hackers se ha reportado algo a GitHub lo han corregido y mejorado. Son developers trabajando para developers, y eso se nota. Ha sido una alegría ver que Nico Waisman está en el equipo como Senior VP de Innovación en Seguridad de GitHub, así que os podéis hacer una idea de cómo de serio se toma la seguridad esta compañía.

Un saludo,

Autor: Pablo García Pérez

Contactar con Pablo García

Sigue Un informático en el lado del mal RSS 0xWord

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related links


Read more »
2010 Hi There Theme designed by Wordpress Theme| Blogger Templates by Blogger Template | Bollywood Movie Wallpaper