The Power of Scapy

Dear Readers,

The summertime is almost over! As sad as it is, we hope that you spend your vacation relaxing. Today we would like to present to you our new issue The Power of Scapy! This time we don’t have the main theme as we had in the previous issues. You will find a various article like a report about PokemonGo, an introduction to Raspberry Pi and of course the presentation of Scapy. Github Corner is always open for a new proposition, so if you would like to present your project in our section, just send us an email! As always we’ll finish off the issue with a few links to our blogs, in case you want something a little bit more - we hope that if you don’t frequent our blog already this will give you an incentive to start.

Enjoy your reading,   

Hakin9 Magazine’s  

Editorial Team

>>Table of Contents<<

GitHub Corner

Cybersecurity in Software-Defined Networking (SDN)
by Santiago Hernández Zambrano, José Manuel Postigo Aguilar and Carlos Rodríguez Hernández

Cybersecurity is one of the great challenges facing organizations today, with the safeguarding of the organization’s data and that of its clients and users being a top priority. The year 2015 has been one of the most tumultuous in terms of computer network attacks. Cyberattacks on companies like Ashley Madison and organizations such as the Internal Revenue Service (IRS) in the United States have highlighted the vulnerability of networks and how easily cyber criminals can penetrate them.

Starbucks Critical Flaws Allow Hackers To Phish & Steal User's Creditcards and Perform Remote Code Execution
by Mohamed M.Fouad

Today I will show you how I discovered a lot of critical security vulnerabilities at Starbucks. It can lead to a very harmful impact on all users by forcing users to change their passwords, add alternative emails or change anything in their stored profile settings and steal users’ stored credit-cards. Also, it can allow an attacker to perform phishing attacks on users and remote code execution on Starbucks servers.

Uber Promo-Codes Predictable Vulnerability
by Mohamed M.Fouad

Today I will talk about a high risky vulnerability in Uber that allows an attacker to use the Uber service for free by using other people’s promo-codes.

Vulners – Google for hacker: How the best vulnerability search engine works and how to use it
by Alexander Leonov

A common task - you need to find all information about some vulnerability: how critical the bug is, whether there is a public exploit, which vendors already released patches, which vulnerability scanner can detect this bug in the system. Previously, you had to search it all manually in dozens of sources (CVEDetails, SecurityFocus, Rapid7 DB, Exploit-DB, CVEs from MITRE / NIST, vendor newsletters, etc.) and analyze the collected data. Today, this routine can be (and should be!) automated with specialized services. One of these services is Vulners.com, the coolest search engine for bugs. And most importantly – it’s free and has an open API. Let’s see how it can be useful for us.

Elastix: An Open Source Unified Communications Server: Understanding real-world scenarios and how to minimize security risks
by Sergio Hernandez Rodriguez and Amelia Araneo

In today’s world, VoIP technology is vital to the success of any organization in order to support communications, minimize costs, reduce disruptions to operations and increase profitability. Besides, VoIP is the keystone in new emerging technologies including, but not limited to, “IoT” (Internet of Things), “UC” (Unified Communications), “M-2-M” (Machine-toMachine) systems, among others. Attacks on networks using VoIP could degrade performance, steal important information, and generate large expenses in any organization, if it does not have the correct security mechanisms. If you are reading this, then you might know that VoIP inherited some security issues from the existing layers and protocols. Different signaling protocols have been proposed for VoIP. Currently, SIP is one of the most used because it is standard and presents advantages. As any other Internet protocol, it is susceptible in terms of security, and thus it is prone to receive different kinds of attacks. This article proposes three basic scenarios, representing common network architectures, VoIP supported. A set of general guidelines is established in terms of the aforementioned architectures, in order to provide effective solutions to minimize existing security risks.

NightCrawler: WebScraper on Python
by snoopymx

Everybody can imagine how life was for an average software developer 20 years ago. At the early stages of computer programming, develop and maintenance of large-scale software was a very difficult task. If you have some knowledge of C programming, you probably will agree with the fact that it’s a little hard to create and maintain data structures such as lists, trees or graphs in that language. These structures, although very powerful, are more delicate in the sense that you need to pay attention to the details, not only “the solution”. You have to deal with memory allocation (malloc) and if your code is not well designed, you probably are going to have memory leaks (valgrind and gdb helps a little).

Power of Scapy
by Omar Ahmed

When I was introduced to Scapy for the first time, four years ago, I didn't know much about the tool, and I thought I would try it, to see its limits, and back then there was literally just a few resources about this tool. Now after four years, I would say that this tool has no limits. When using Scapy you have infinite possibilities.

Raspberry Pi for Hacking
by Luis Borralho

In this article, I will show how to install a penetration testing operating system, used for hacking, on a Raspberry Pi 2 and how to do some basic configurations, like hardening your ssh connection to your Raspberry Pi, to make it connectable via vnc server, in a way that if you’re not so comfortable with the command line, you can use graphic access to it from your network. This article is not intended to teach you how to hack, but to be able to create your own Raspberry box for hacking purposes, white hat ones I hope :). I hope you will enjoy.

Get Kali Linux running on Cloud
by Carlos Rombaldo Jr

When it comes to open source tools for hackers, it is impossible not mention Kali Linux, which offers a complete set of free security tools out of the box and ready to rock. In addition, nowadays we have uncountable cloud providers offering cheap or even free virtual machines, why not have a Kali Linux instance running on Cloud? Unfortunately, most cloud providers do not offer Kali as supported flavour. This article presents a technique that allows you to install Kali in such environments. This technique consists of installing Kali by launching two virtual machines, one for Kali itself and another to provide the resources required to install from network boot using the PXE technology. These machines are referred to here as KALI VM and PXE VM respectively.

PokemonGo: Malware Analysis Report
by Dhawal Desai

PokemonGO has recently created a sensation within the gaming community. This is a one of a kind mobile game that links the real world with the virtual world. The application is built on Niantic’s Real World Gaming Platform that uses real locations, encouraging players to search far and wide in the real world to discover Pokémon. PokémonGO enables you to find and catch various species of Pokémon as you explore your surroundings. In this game, the player plays as a trainer with an objective to train, compete and capture.

Blog News

Protecting WordPress CMS as Simple as Breath

by  Karen Shahbazian