Hakin9 Open - Botneting With Browser Extensions

HakinEN_2015 (1).pdf

Dear Hakin9 Readers,

We would like to proudly present you the newest issue of Hakin9 Open, which is free to download for everyone interested in the topic. We hope that you will find many interesting articles inside the magazine and that you will have time to read all of them.

We are really counting on your feedback here!

Let’s get a look at what you will find in this issue of Hakin9. This time we present you with an extremely wide range of topics, starting with the description of metadata where you’ll find what it is and how to extract it. Don’t skip it, it’s really engaging! Also we would like to introduce you to other amazing subjects, starting from Social Media Privacy, going through Authentication System and Car Hacking as well as Encryption Database Techniques. Just for you, our fantastic readers, we have prepared a special interview with Vincent Benony, the creator of Hopper. This unique man created a program that quickly gained extraordinary popularity among programmers. If you do not know Hopper, this is your best opportunity to change it. Be sure to read it!

The main aim of this issue is to present our publications to a wider range of readers. We want to show you how our Magazine looks like, what you can expect. With a free account you have access to all the teasers and open issues but we fully believe that you’d like to take this one step further and enjoy our publications without limits. Our premium subscription contains access to our whole archive. The virtual doors to our library are open just for you. Don’t miss out!

Did you knew that we have a blog? Unexpected, right? Why don’t you check it now at https://hakin9.org/blog? We are waiting for your feedback there as well! We would also like to thank you for all your support. It means a lot to us, more than you know. We would love to invite you to follow us on Twitter and Facebook, where you can find the latest news about our magazine.

Do you like our magazine? Would you like to share something with us? Which topics are you most interested in? Do it, like it, share it! We appreciate your every comment. As for the Hakin9 team, we are here for all of you. You are the ones who shape Hakin9!

Enjoy your reading,

Hakin9 Magazine’s

Editorial Team

Table of Content

Botneting With Browser Extensions. Demonstrate The Threat Using Beef And Armitage Integration

by Abene Bertin

Browser is a tool which used by everyone, and we use it everyday without hesitation, because it’s the easiest way to connect to the internet. Browsers rely on users and users remain, so far, the biggest weak point of security. Cybercriminals using exploits can easily break into the user’s machine and use it to compromise the browser. This threat is very high and every single IT professionals must be aware of it. This article will show you how to protect your browser.

Hacking Web Intelligence Open Source Intelligence and Web Reconnaissance Concepts and Techniques – Metadata

by Sudhanshu Chauhan and Nutan Kumar Panda

What is Metadata? Metadata is define as “data that decribes data”, but that’s very simple anwser which is vague and doesn’t reflect the full meaning of this term. Metadata is usually added to the file by the underlying software which is used to create the file. Usually we don’t notice the distinction between the actual content and it’s Metadata. It can be found in files, videos, images, websites, it also helps in managing and categorazing files. For the security puropses the most importatnt part is the process of extracting metadata.

Introduction to Social Media Investigation: A Hands-on Approach Privacy Controls

by Jennifer Golbeck Judith L. Klavans

Social media in a short time become an important part of our existence. On the Internet we share everything that happens in our lives. Our posts are seen by everyone because, social media services make them available to anyone on the internet. That is why recently a topic of privacy in social media began to rise. To protect social profiles, privacy controls are your best friend. Each social media sites have different privacy settings, that allows to limit who can see our post.

Securing SQL Server: Protecting Your Database from Attackers by Database Encryption

by Denny Cherry

One of the solutions to protect your data is to use database Encryption or Hashing. Encryption is mainly based on using one of several different algorithms, that is why every database needs different Encryption methods. While using database encryption it is important to remember that the more you encrypt, the more CPU power will be used – maintaining a balance is key to successful database Encryption.

Digital Identity Management Authentication Systems

by Christophe Kiennert, Samia Bouzefrane and Pascal Thoniel

Digital identity is a very specific collection of information that describes a person who possess it. One person can have more than on digital identity through others social communities on internet. To secure information on our electronic identity, the authentications systems are used. The most simple authentication system is a combination of a username and password. However this system is very limited and easy to break. The general knowledge of authentication system is a key to protect our digital identity.

Cyber-Attacks Within Automotive Industry

by Sebastian Koszyk

The main objective of this research paper is to show how easily a modern car can be hacked. Each year, a larger amount of technology is being installed in cars. Current automobile technology is so advanced that it is not only responsible for what we hear on the radio or how we use a GPS to find our way, but also for more significant aspects of the car such as engine, transmission or brakes, which are much more crucial and important for the safety of the people inside.

Effective Controls for the Security Principle of a SOC Report

by Clancey McNeal

The Service Organization Control (SOC) reports are based on a set of controls for service organizations outlined by the American Institute of CPAs. They are designed to help companies that provide services and information systems give their clients and customers assurances that their data is safe and secure. The SOC report accomplishes this by providing a report from an independent auditor of the processes and procedures that the company has in place.

Interview with Vincent Bénony 

by Marta Sienicka, Marta Strzelec

This project is like an adventure – Interview with Vincent Bénony, the creator of Hopper.

Operating Systems Internals and Design Principles Eighth Edition, by William Stallings

by Bob Monroe

Penetration Testing and Network Defense, by Andrew Whitaker and Daniel Newman

Reviewed by Bob Monroe

HakinEN_2015 (1).pdf

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Oldest Most Voted
Inline Feedbacks
View all comments
Beny. Bertin
8 years ago

Hi Jaime,
Very nice test. I also use it this way when I the target is a mobile phone.
you can also generate QRcode directly from Armitage with the use of this small cortana code:
Persistence with BeEF (most exactly with javascript) is a general matter. You can use the browser extensions hack described in that edition if you want a long persistence, but it’s ineffective against mobile phone.
Cheers !

jaime alexandre duarte chiquita

Awesome edition! I love the BeEF+Armitage exploitation, it worked very well on my test! I’ve extended it with the QRCODE xploit and printed a A4 poster with it and placed it on the entrance of the Shopping cinema of my town :-D it was amazing!
A good continuous myght be inclusion of a topic with persistance with BeEF. Thanks’ for it!

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.