File Blockchain Hacking preview.pdf
In March we wanted to touch on the topic that is rapidly gaining popularity and made its way even into the mainstream - Blockchain Hacking. Inside of this issue, you’ll learn both many offensive techniques, as well as how to protect yourself. Without further ado, let’s dive into it!
We start off with Guidance for Improving your Security as a Crypto User, in which Dr. Dennis Kengo Oka focuses on potential risks and vulnerabilities of crypto protocols, and how a crypto user can defend themselves against security threats. Later on, coming with a more offensive topic, we have An Introduction to Blockchain Dis-Assembly with Octopus by Atlas Stark.
Next we have Exploring Common DeFi Attacks, in which Anthony Zamore will cover, among others, reentrancy attacks, draining a smart contract, flash loan attacks, and how to prevent them. In the Cloud Cryptojacking - Millionaire Loses, Felipe Hifram will explain what a cryptojacking attack is and how to use it to hijack a cloud environment.
In the next article, Takshil Patil will present some of the less common Smart Contract Vulnerabilities. If you’re blockchain security savvy, this one's for you!
But that’s not all! This issue is enriched with amazing articles on such topics as converting a router into Kali Linux desktop, hacking into Linux with various kinds of cyber attacks, SQL injections and web application firewalls, user input sanitization, and more!
We hope this issue will keep you entertained while the spring is setting in, and that you’ll enjoy those amazing tutorials as much as we did.
Stay safe and enjoy!
Magdalena Jarzębska and Hakin9 Editorial Team
Table of Contents
Guidance for Improving your Security as a Crypto User
Dr. Dennis Kengo Oka
With a global cryptocurrency market cap of over $2 trillion , blockchain technology is changing the financial industry with the emergence of decentralized finance (DeFi) solutions. [...] However, these new DeFi solutions also attract financially motivated cybercriminals. It is important to recognize that there have been attacks in the past against centralized crypto exchanges  and vulnerabilities in protocols  and smart contracts  that have resulted in the loss of millions of dollars. But protection against these risks is often out of the control of the traditional crypto user. Instead, this article focuses on security risks that typical users are exposed to and provides practical guidance on how you can protect yourself against such risks.
An Introduction to Blockchain Dis-assembly with Octopus
Blockchain for data protection and authenticity purposes has become highly attractive to organizations trying to safeguard critical assets and maintain complete accuracy of client data. It’s also extremely attractive to adversaries that want to abscond the assets that are being protected. Instead of trying to launch a 51% attack, which takes a wealth of resources and time, unless you’re attacking a minuscule target, which in turn there is usually not enough to peak anyone’s curiosity. Instead, we should be looking to launch some type of tool that will give us a closer look at our target and assist us in locating errors within the Blockchain implementation. This way we can automate our efforts to some extent. There is a project in GitHub I think that will help us out tremendously and get us acquainted with reverse engineering a variety of Blockchain implementations.
Exploring Common DeFi Attacks
With the sheer number of projects, development activity and innovation, it’s easy to forget that the DeFi industry is still in its infancy. According to the Electric Capital report mentioned earlier, less than 1,000 full-time developers are responsible for over $100 billion in total value locked in smart contracts. With so few developers responsible for such valuable contracts coupled with the inherent complexity of DeFi, security issues are likely to continue and perhaps even increase in the coming years. However, in order for DeFi to gain mass adoption, users must have confidence in the security of the underlying platforms. The demand for DeFi services coupled with the short supply of developers and security experts certainly makes DeFi the right space to be in if you are interested in security.
Cloud Cryptojacking - Millionaire Loses
More than at any other time, malware and ransomware have targeted cloud services, due to the obvious fact that this type of service has become widely used by virtually all large companies in all sectors. According to an article published by Bitglass, it is possible that around 44% of all organizations have malware in at least one of their cloud services. And taking into account the growth in cases of 358% for common malware and 435% for ransomware, in the year 2020 alone, we come to the conclusion that most companies can actually be infected right now. To illustrate the greatest source of concern at the moment, we need to look at the general state of the society in which we live.
Smart Contract Vulnerabilities
This article discusses common Smart Contract Vulnerabilities. Smart Contracts are critical lines of code; developers need to develop smart contracts in such a way that only necessary code and logic is present, which needs to be run on blockchain, as rest of the functionalities can be handled by frameworks such web3.JS, which acts as an interface to smart contracts. This developed Smart Contract code is then audited, generally by multiple 3rd party auditors to ensure the Smart Contract does not have any vulnerabilities. This article focuses on the area of finding vulnerabilities and bugs. The article only discusses one approach and gives just enough practical details to realize why a particular bug is a security issue and how attackers can exploit the vulnerabilities. This article does not focus on how to patch these security issues.
Evil Router - Kali Dropbox
Daniel W. Dieterle
In this article, we will take a look at using the SeeedStudio Dual Giga Port OpenWRT Router as a Kali Linux Pentest Dropbox. This article is a continuation of my previous article from the December 2021 Hakin9 issue. In that issue, we covered the actual conversion of the router into a Kali Desktop. In this article, we will look at running some enumeration and web app testing tools on it. This article is an adaptation of two of my chapters from my latest book, “Advanced Security Testing with Kali Linux”. The difference being this article is focused solely on using them on the SeeedStudio Router instead of a regular Kali Desktop system. Spoiler alert, there really is no actual difference. The Raspberry Pi version of Kali is almost exactly identical to the normal Desktop version - only a handful of tools won’t work on the Pi.
Hacking Into Linux
Fall Abdou Aziz, Ameurlain Abdelaziz
This article explains how you can exploit unprotected passwords to compromise the Linux environment, as well as many ethical hacking techniques, such as network scanning with Nmap, enumeration, exploitation with Hydra and msfvenom, privilege escalation, and more.
SQL Injection and Web Application Firewalls: A Never-Ending Love Story
In this article, we will see how to bypass a security mechanism designed to mitigate some web attacks, such as SQL Injection. This allows us to exploit an SQL Injection vulnerability I discovered about a year ago in ImpressCMS, an open source Content Management System (CMS). Successful exploitation of this vulnerability might eventually allow unauthenticated attackers to execute arbitrary PHP code on the webserver (Remote Code Execution). Furthermore, we will see how the very same SQL Injection technique could be abused to bypass certain Web Application Firewalls, such as OWASP ModSecurity CRS, Cloudflare, and probably others, too…
User Input Sanitization
In this paper, we’re going to investigate a few methods and their implementation in PHP code to perform sanitization on web servers and database data entry places. Sanitizing data is one of the key phases coming after designing and configuring websites. That is a method to alleviate vulnerabilities stemming from data construction techniques exploited by attackers. Maybe it blows your mind, how about Data Validation? But as a matter of fact, Data Validation is a way to assure data appearance sounds healthy but that data can still be risky because many parts of our application respond to special strings in several ways, from the database to HTML. Instead of detecting threats embedded in a string (which in turn could be tough enough and untouchable), to be practical, one should first do some sort of data analysis in order to reduce the risk of rendering unprocessed input data.
Creating Phishing Campaigns with GoPhish
Joas Antonio dos Santos
Cyber attacks are increasingly recurrent and APT groups are using end-user-focused strategies, as exploiting systems ends up generating logs and becoming a great risk. However, affecting an ill-prepared and untrained user is the best way of hacking; we can even see this in Mr. Robot. Because of this, many groups are using phishing techniques to compromise their targets and execute malicious files. And here I come to share my case study of phishing totally directed to the legal department of the company I work for. First I will explain the types of social engineering techniques, then I’ll show you how to conduct a phishing campaign using GoPhish.