Saturday, May 27, 2023

KPOT Info Stealer Samples


KPOT Stealer is a "stealer" malware that focuses on stealing account information and other data from various software applications and services


Download. Email me if you need the password (see in my profile)

Download 1  (from Didier Stevens' post)
Download 2  (Proofpoint)

Links updated: Jan 19, 2023

References

1.  2020-04-19 Didier Stevens posted analysis of KPOT infostealer on the Infosec Handlers Diary blog "KPOT Analysis: Obtaining the Decrypted KPOT EXE"
These are samples to follow his analysis routine.

2. 2019-05-09 Proofpoint. New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials







Download

             Other malware - Airtable




Download. Email me if you need the password (see in my profile)

Hashes

1. From Didier Stevens' post

 MD5  56ad7b243511ee7398d43df7643dc904
SHA-1  ae5ab7798ca267b1265a0496c562f219821d17cf
SHA-256  3fd4aa339bdfee23684ff495d884aa842165e61af85fd09411abfd64b9780146

 2. From Proofpoint

MD5 7d7667ddce8fd69a0fd50bb08c287d10
SHA-1 087fc3e9a082983ee6a2b25f0ccb09eb723e0f39

SHA-256 67f8302a2fd28d15f62d6d20d748bfe350334e5353cbdef112bd1f8231b5599d

MD5 45ddc687f88b45fc3fec79f9dc8b38e2
SHA-1 de37b748e0e32d96c31f469f9ba4ea4f11e3e78b
SHA-256 36dcd40aee6a42b8733ec3390501502824f570a23640c2c78a788805164f77cecontagio.deependresearch.org/crime/kpotstealer(proofpoint)_win_samp.zip
Related news
  1. Hack And Tools
  2. Hacker Techniques Tools And Incident Handling
  3. Pentest Tools Kali Linux
  4. Hacker Tools Online
  5. Pentest Tools Linux
  6. Wifi Hacker Tools For Windows
  7. Free Pentest Tools For Windows
  8. Pentest Tools For Mac
  9. Hak5 Tools
  10. Ethical Hacker Tools
  11. Hack Tools For Pc
  12. Hacker Tools For Windows
  13. Pentest Tools For Windows
  14. Hack App
  15. Hack And Tools
  16. Hack Tools Pc
  17. Pentest Tools Open Source
  18. Nsa Hack Tools
  19. Hacking Tools Mac
  20. Hacking Tools Windows
  21. Black Hat Hacker Tools
  22. Hacking Tools For Windows
  23. Pentest Automation Tools
  24. How To Make Hacking Tools
  25. Hacking Tools Github
  26. Tools Used For Hacking
  27. Hack Tools Github
  28. Hacker Tools
  29. Hacker Search Tools
  30. Hack And Tools
  31. Tools For Hacker
  32. Pentest Recon Tools
  33. Hacking Tools
  34. Pentest Tools Free
  35. Ethical Hacker Tools
  36. Hacker Tools Apk Download
  37. Hack Rom Tools
  38. Hacker Tool Kit
  39. Pentest Tools For Windows
  40. Hacking Tools 2019
  41. Pentest Tools Website
  42. Hacking Tools For Pc
  43. Hacking Apps
  44. Android Hack Tools Github
  45. Bluetooth Hacking Tools Kali
  46. Growth Hacker Tools
  47. Hack Apps
  48. Hacker Tools Apk
  49. Hack Tool Apk No Root
  50. Hack Tools For Windows
  51. Hack Tools 2019
  52. What Is Hacking Tools
  53. Best Pentesting Tools 2018
  54. Tools For Hacker
  55. Hack Tools Github
  56. Beginner Hacker Tools
  57. Hacking Tools And Software
  58. Pentest Tools Nmap
  59. Hacker Tools Free Download
  60. World No 1 Hacker Software
  61. Pentest Tools Port Scanner
  62. Hack Tools Mac
  63. Hack Tools
  64. Hack Tools Github
  65. Hacker Security Tools
  66. Hacker Tools Free
  67. Hacking Tools For Windows
  68. World No 1 Hacker Software
  69. Pentest Reporting Tools
  70. Pentest Tools Download
  71. Hacker Security Tools
  72. Hack Tools For Pc
  73. Pentest Tools Linux
  74. Hacker Tools Windows
  75. Pentest Tools
  76. Pentest Tools Kali Linux
  77. How To Make Hacking Tools
  78. What Are Hacking Tools
  79. New Hack Tools
  80. Pentest Tools Bluekeep
  81. Top Pentest Tools
  82. Growth Hacker Tools
  83. Pentest Tools Find Subdomains
  84. Hack Website Online Tool
  85. Hacker Tool Kit
  86. Nsa Hacker Tools
  87. Hacker Security Tools
  88. Pentest Tools Subdomain
  89. Nsa Hack Tools
  90. Hack Tools Mac
  91. Hacking Tools Download
  92. Growth Hacker Tools
  93. Pentest Tools For Mac
  94. Hacking Tools 2019
  95. Pentest Tools Tcp Port Scanner
  96. Hacker Tools Apk
  97. Pentest Tools Bluekeep
  98. Github Hacking Tools
  99. Tools 4 Hack
  100. Free Pentest Tools For Windows
  101. Hacker Tools 2019
  102. Hack And Tools
  103. Hack Tools
  104. Hacker Tools Apk Download
  105. New Hack Tools
  106. Hacks And Tools
  107. Hacking Tools Github
  108. Hacker Hardware Tools
  109. Black Hat Hacker Tools
  110. Hacking Tools For Windows 7
  111. Pentest Tools Subdomain
  112. Hacker Tools Hardware
  113. Hacking Tools For Pc
  114. Pentest Tools Website Vulnerability
  115. Hacker Tools Free

posted by Lobo Grandez at 5:58 PM 0 comments

Blockchain Exploitation Labs - Part 2 Hacking Blockchain Authorization


Bypassing Blockchain Authorization via Unsecured Functions


Note: Since the first part of this series I have also uploaded some further videos on remediation of reentrancy and dealing with compiler versions when working with this hacking blockchain series.  Head to the console cowboys YouTube account to check those out.  Haha as mentioned before I always forget to post blogs when I get excited making videos and just move on to my next project… So make sure to subscribe to the YouTube if you are waiting for any continuation of a video series.. It may show up there way before here. 

Note 2:  You WILL run into issues when dealing with Ethereum hacking, and you will have to google them as versions and functionality changes often... Be cognizant of versions used hopefully you will not run into to many hard to fix issues. 

In the second part of this lab series we are going to take a look at privacy issues on the blockchain which can result in a vulnerably a traditional system may  not face. Since typically blockchain projects are open source and also sometimes viewable within blockchain explorers but traditional application business logic is not usually available to us. With traditional applications we might not find these issues due to lack of knowledge of internal functionality or inability to read private values on a remote server side script.  After we review some issues we are going to exploit an authorization issues by writing web3.js code to directly bypass vertical authorization restrictions.

Blockchain projects are usually open source projects which allow you to browse their code and see what's going on under the hood.  This is fantastic for a lot of reasons but a developer can run into trouble with this if bad business logic decisions are deployed to the immutable blockchain.  In the first part of this series I mentioned that all uploaded code on the blockchain is immutable. Meaning that if you find a vulnerability it cannot be patched. So let's think about things that can go wrong..

A few things that can go wrong:
  • Randomization functions that use values we can predict if we know the algorithm
  • Hard-coded values such as passwords and private variables you can't change.
  • Publicly called functions which offer hidden functionality
  • Race conditions based on how requirements are calculated

Since this will be rather technical, require some setup and a lot of moving parts we will follow this blog via the video series below posting videos for relevant sections with a brief description of each.  I posted these a little bit ago but have not gotten a chance to post the blog associated with it.  Also note this series is turning into a full lab based blockchain exploitation course so keep a lookout for that.

In this first video you will see how data about your project is readily available on the blockchain in multiple formats for example:
  • ABI data that allows you to interact with methods.
  • Actual application code.
  • Byte code and assembly code.
  • Contract addresses and other data.

 Lab Video Part 1: Blockchain OSINT: 



Once you have the data you need to interact with a contract on the blockchain via some OSINT how do you actually interface with it? That's the question we are going to answer in this second video. We will take the ABI contract array and use it to interact with methods on the blockchain via Web3.js and then show how this correlates to its usage in an HTML file

Lab Video Part 2: Connecting to a Smart Contract: 




Time to Exploit an Application:

Exploit lab time, I created an vulnerable application you can use to follow along in the next video. Lab files can be downloaded from the same location as the last blog located below. Grab the AuthorizationLab.zip file:

Lab file downloads:



Ok so you can see what's running on the blockchain, you can connect to it, now what?   Now we need to find a vulnerability and show how to exploit it. Since we are talking about privacy in this blog and using it to bypass issues. Lets take a look at a simple authorization bypass we can exploit by viewing an authorization coding error and taking advantage of it to bypass restrictions set in the Smart Contract.  You will also learn how to setup a local blockchain for testing purposes and you can download a hackable application to follow along with the exercises in the video..

Lab Video Part 3:  Finding and hacking a Smart Contract Authorization Issue: 





Summary:

In this part of the series you learned a lot, you learned how to transfer your OSINT skills to the blockchain. Leverage the information found to connect to that Smart Contract. You also learned how to interact with methods and search for issues that you can exploit. Finally you used your browsers developer console as a means to attack the blockchain application for privilege escalation.
Related links

posted by Lobo Grandez at 9:07 AM 0 comments

DNSSEC, From An End-User Perspective, Part 3

In the first post of this DNSSEC series, I have shown the problem (DNS vulnerabilities), and in the second post, the "solution." In this third post, I am going to analyze DNSSEC. Can DNSSEC protect the users against all of the attacks? Or just part of them? What about corner cases?

The following list are the attack types from the first post, where DNSSEC can protect the users:

  • DNS cache poisoning the DNS server, "Da Old way"
  • DNS cache poisoning, "Da Kaminsky way"
  • ISP hijack, for advertisement or spying purposes
  • Captive portals
  • Pentester hijacks DNS to test application via active man-in-the-middle
  • Malicious attacker hijacks DNS via active MITM

The following list are the attack types from the first post, where DNSSEC cannot protect the users:

  • Rogue DNS server set via malware
  • Having access to the DNS admin panel and rewriting the IP
  • ISP hijack, for advertisement or spying purposes
  • Captive portals
  • Pentester hijacks DNS to test application via active man-in-the-middle
  • Malicious attacker hijacks DNS via active MITM

If you are a reader who thinks while reading, you might say "What the hell? Am I protected or not???". The problem is that it depends… In the case where the attacker is between you and your DNS server, the attacker can impersonate the DNS server, downgrade it to a non DNSSEC aware one, and send responses without DNSSEC information.

Now, how can I protect against all of these attacks? Answer is "simple":
  1. Configure your own DNSSEC aware server on your localhost, and use that as a resolver. This is pretty easy, even I was able to do it using tutorials.
  2. Don't let malware run on your system! ;-)
  3. Use at least two-factor authentication for admin access of your DNS admin panel.
  4. Use a registry lock (details in part 1).
  5. Use a DNSSEC aware OS.
  6. Use DNSSEC protected websites.
  7. There is a need for an API or something, where the client can enforce DNSSEC protected answers. In case the answer is not protected with DNSSEC, the connection can not be established.

Now some random facts, thoughts, solutions around DNSSEC:

That's all folks, happy DNSSEC configuring ;-)

Note from David:
Huh, I have just accidentally deleted this whole post from Z, but then I got it back from my browsing cache. Big up to Nir Sofer for his ChromeCacheView tool! Saved my ass from kickin'! :D

Related links


  1. Pentest Tools Online
  2. Pentest Tools For Windows
  3. Tools Used For Hacking
  4. Hacker Tools Windows
  5. Hacking Tools For Mac
  6. Best Pentesting Tools 2018
  7. Hacker Tools For Mac
  8. Hacker Tools Github
  9. Hack Rom Tools
  10. Hack Rom Tools
  11. Ethical Hacker Tools
  12. Hacker Security Tools
  13. Hacking Tools Windows 10
  14. Hack Tool Apk
  15. Underground Hacker Sites
  16. Tools For Hacker
  17. Hack Apps
  18. Hacker Tools Hardware
  19. Computer Hacker
  20. Hacker
  21. Pentest Reporting Tools
  22. How To Make Hacking Tools
  23. Hacker
  24. Hacker Tools For Ios
  25. Pentest Tools Url Fuzzer
  26. Nsa Hacker Tools
  27. Pentest Automation Tools
  28. Hacker Tools 2020
  29. Nsa Hack Tools Download
  30. Hacking Tools Online
  31. Hacker Tools
  32. New Hacker Tools
  33. Computer Hacker
  34. Android Hack Tools Github
  35. Hacker Tools Hardware
  36. Pentest Tools Tcp Port Scanner
  37. Hak5 Tools
  38. How To Hack
  39. Hacking Tools Mac
  40. Hack Tools For Pc
  41. Pentest Tools For Mac
  42. Hacker Tools For Ios
  43. Pentest Tools Github
  44. Hacker Tools Software
  45. Hack Tools
  46. Hacker Tools Online
  47. Hack Tools For Games
  48. Hacking Tools For Mac
  49. Pentest Tools For Mac
  50. Ethical Hacker Tools
  51. Pentest Tools Website Vulnerability
  52. Hackers Toolbox
  53. Hacking Tools For Pc
  54. Hack Tools For Windows
  55. Nsa Hack Tools Download
  56. Tools Used For Hacking
  57. Hacking Tools 2020
  58. Hacker Techniques Tools And Incident Handling
  59. Pentest Tools Windows
  60. Hack Tools
  61. Tools 4 Hack
  62. Ethical Hacker Tools
  63. Hacker Tools Mac
  64. Nsa Hacker Tools
  65. Hack Apps
  66. Physical Pentest Tools
  67. Usb Pentest Tools
  68. Hack Tools For Games
  69. Usb Pentest Tools

posted by Lobo Grandez at 12:37 AM 0 comments

Friday, May 26, 2023

Hackerhubb.blogspot.com

Hackerhubb.blogspot.com

Related links


posted by Lobo Grandez at 4:09 PM 0 comments