How to Open a Backdoor in Android Devices

Dear readers,

We would like to present to you our newest issue, the first one in 2018. We hope you will find the articles interesting and will have time to read them all.

We will start with learning about PortSpoof tool and active defense technique, where you initiate a counter attack targeting the attackers. Then we will dive into SCADA security and find out how it influences the cybersecurity field. And for Python users we have a special article, in which you will learn how to make your own botnet and have fun with the MQTT protocol.

Make sure to read our main article; How to open a backdoor in Android devices. Together with the author we will follow simple steps to infect an Android application with a payload, which allows remote access to the victim’s device.We will do all of that using Metasploit Framework!

With Mark Bishop’s article you will have a chance to see how to encrypt the password list. Jacob Bell will present the most important aspects of DDoS attacks and Peter Anderson Lopes will demonstrate the main steps to perform an invasion test in his article about exploiting SMB and Kerbos to obtain administrator access. All of this and more can be found inside this issue.

We would also like to thank you for all your support. We appreciate it a lot. If you like this publication, you can share it and tell your friends about it! Every comment means a lot to us.

Enjoy your reading,

Hakin9 Magazine

Editorial Team

---

>>If you are a subscriber, download your magazine here!<<

>>Download Free Preview<<

---

>> Table Of Contents <<

---

PortSpoof-Active Defense Tool

by Osama Alaa

Is it right that organizations are hacked due to lack of defensive layers? I don’t think so; in fact, everyone focuses on securing the environment by different methods, such as hardening, patching and blocking suspicious Indicators of Compromise “IOCs”, others may do regular assessments, etc., and we can say they are PROACTIVE. But meanwhile, attackers’ techniques nowadays are more sophisticated than before where some of these methods may not be effective against specific types of threats.

That’s why, in our article, we will discuss an interesting approach “Active Defense”, where we will defend ourselves in addition to initiating counter attacks targeting attackers themselves.

---

SCADA -Security in the Wild

by Prasenjit Kanti Paul

In the real world, all things are becoming digital, automated and smart. The same things are applicable for a Supervisory Control and Data Acquisition (SCADA) system. SCADA is a part of an Industrial Control System (ICS). On the verge of cyber world war, it’s essential to know about security measurement and controls related to SCADA/ICS systems.

---

Python for IOT: Make your own botnet and have fun with the MQTT protocol

by Adrian Rodriguez Garcia

First, we’re going to talk about the main attacks that have occurred during this year. The objective is to show the big security problem that exists today due to the knowledge of cybercriminals and the lack of knowledge or awareness of people. Then, we will use the Python language and the enormous power of its libraries to demonstrate how to create a basic botnet by indirect attack. That is, no attack will be made to any system because it will be the people who install malicious software made by us. Next, we will make a direct attack to Android systems with the objective to obtain a botnet. For this, we will use a search engine for devices, like Shodan. Finally, we will talk about an MQTT protocol, very frequently used in the IOT world, and as it will be seen, very dangerous if it’s not secured correctly.

---

How To Open a Backdoor in Android Devices  

Through the Insertion of a Payload in a Legitimate APK

by Lucas García

We will follow simple steps to determine the application’s infection as the payload’s exploitation to open a backdoor. We will do everything through Metasploit Framework as it is very well known and is used by professionals. Msfvenom is Metasploit’s tool that combines msfpayload and msfencode: msfpayload creates infected executables with payloads and msfencode camouflages them or obfuscates to the antivirus.

---

“I want it to be a good tool that I can be proud of” 

Interview with Daniel Araujo, creator of Proctal

---

Distributed Denial of Service Attacks: Recent Incidents and how Organizations can Mitigate Impacts 

by Jacob Bell

Distributed Denial of Service (DDoS) attacks have become more prominent in recent years and are often targeted at businesses and organizations. Attacks are growing in scale and are becoming more severe. This paper will aim to define what DDoS attacks are, identify the major types of attacks, and discuss the factors that allow them to be successful. This paper will also highlight recent DDoS attacks: their origins, consequences, and the types of organizations that were impacted. Strategies of defending against DDoS attacks will be discussed, with a large emphasis placed on what businesses can do to mitigate damage should they become victims of DDoS invasions.

---

Exploiting SMB and Kerberos to obtain Administrator access

by Petter Anderson Lopes

The present article aims to demonstrate the main steps to perform an invasion test. Serving as a solution to the growing demand for increased need to keep people connected, wireless networks have come to play a key and indispensable role in corporate networks. These networks, in turn, need effective monitoring and the professionals who manage them must understand the risks and map out the existing vulnerabilities. The procedures for detecting safety flaws can be automated through tools or made by a qualified professional who will manually validate each critical point, this being the Pentester. This work aims to demonstrate the steps of performing an intrusion test in order to obtain critical data such as Network Administrator access. By using intrusion testing, network administrators can identify vulnerabilities and thus propose improvements and fixes to avoid being the target of some invasion by digital criminals.

---

Implementing a One-Time-Pad-Based Password Vault: A Poor Person’s Solution

by Mark Bishop  

This article presents one way of encrypting personal password lists, an alternative where we can know all of the details of the very simple implementation. It relies on a powerful, intrinsically simple encryption method: the Vernam Cipher or one-time pad (OTP). I have used the solution discussed here, implemented on a Linux platform, to protect my personal password lists. The author provides no warranty for the approach, not even any implied warranty of merchantability or fitness for a particular purpose. 

---

Correlation of Log SOC

by Seifallah Karaa

Recently, the hacking attacks are becoming more and more frequent. In fact, the main targets of these attacks are governments and multinational corporations. In fact, this increase of hacking attacks is due to the lack of experts or their inexistence in these institutions so that they cannot assure the instantaneous protection of their information systems. This has also resulted in serious losses, either financially, materially or in terms of privacy and secrecy. For this reason, some Security Operation Center (SOC) solutions have to be implemented in the information systems of these institutions as a way of prevention against such potential threats. In this article, I am going to mention some of the main functions of SOC solutions with a special focus on the correlation of log file explained through an example of Brute Force Attack.

---

Cloud Beyond the Hacking

by Andrea Cavallini

Cloud is the methodology that permits us to have applications and, in general, all resources that we dream configured and stored in the Internet network without our management. The cloud providers (Amazon, Microsoft, Google, etc.) have in their placements all necessary hardware structures to allow us an easy job. In the past, the hosting services provided the resources, they created a remote server and the developer had to manage it, from code deploy to vulnerability assessment.