|Preview - Reverse Engineering and Password Breaking.pdf|
The summer is almost over, but to make those last moments of freedom more bearable we present you a new issue of Hakin9! This time we don’t have a main theme but various articles about different topics. We start with Reverse Engineering and Password Breaking. In this tutorial prepared by Jan Kopia you will learn how to bypass a password protection using common and easily available tools. If you need more basic information or to refresh your knowledge about Reverse Engineering start with Matthew Miller’s article. If you prefer something more hands-on, don’t forget to check Reverse Engineering IoT Devices. by talented author Ayan Pahwa. In his hands-on tutorial you will learn how to manipulate smart LED RGB light bulb with reverse engineering techniques.
If you wish to read more practical article, you must check out Build Your own NIDS with Scapy made by Hadi Assalem. This article will present a Lightweight Network Intrusion Detection system based on the Scapy library to detect the common Data Link layer attacks like (ARP - DNS) spoofing and also some web app attacks. OSSIM Deploying, Configuring and Administering Part 1 by our author Luis Borralho is divided into two parts, and the second part will be presented in next edition of Hakin9.
Jacob Bell once again reminds us why Ransomware is the biggest cyber threat. His article will give you the most important information about preventing this attack. Samrat Das also returns with another article, this time focused on Java Deserialization Exploit: Remote Code Execution. For those of you that look for more information about Burp Macros, I recommend article by Prashant Kumar Khare and Sarang Dabadghao. It’s a must read for all security specialists.
If you want to become more familiar with Tshark, the article written by Felipe Durate will give you a great overview of this tool. Finally, Why More Businesses Should Hire Hackers by Kayla Matthews presents some very important points about the role that hackers have in securing your systems.
We hope you find something for yourself in the issue. As always, huge thanks to all the authors, reviewers, to our amazing proofreader, and of course you, our readers - without you this wouldn’t be possible!
Reverse Engineering: Basics
by Matthew Miller
This article has given the basics of reverse engineering and discussed two tools, gcc and objdump. Have fun and happy reversing!
The Pervasive Effects of Ransomware and What Organizations Can Do To Prevent and Mitigate Them
by Jacob Bell
The purpose of this paper is to explore what steps organizations can take to enhance their security and how they can avoid falling victim to such attacks. Attention will also be placed on defining what ransomware is, detailing its origins, identifying the types of criminals that utilize ransomware, and the countries from where these attacks most frequently originate. Recent ransomware attacks will be analyzed to highlight what organizations did right in their response and what they could have done differently to prevent the attacks’ occurrence and mitigate the damage that occurred.
Reverse Engineering and Password Breaking
by Jan Kopia
This article gives a basic introduction to reverse engineering and will demonstrate how to bypass a password protection using common and mostly freely available tools. At the end, the reader will have an understanding of the entire reverse engineering process from statically inspecting a PE file and dynamically analyzing it using tools such as IDA Pro and Ollydbg.
Why More Businesses Should Hire Hackers
by Kayla Matthews
Your idea of hacking might involve people who do their deeds in secret to steal information or get revenge. Some hackers, known as black hat hackers, still have those priorities, but there’s a growing number of them who are transparent about what they do and get paid for it.
They’re known as ethical hackers, and many forward-thinking businesses are hiring them.
Reverse Engineering IoT Devices
by Ayan Pahwa
As an IoT enthusiast and night time security researcher, it always intrigues me how easy our lives have become with IoT applications that we use on a daily basis, intuitively, and this scratches that part of my brain which always wanted to see what’s going on deep down inside, from using a mobile application to monitoring and controlling devices, what all is making it possible.
Build Your own NIDS with Scapy
by Hadi Assalem
This article will present a Lightweight Network Intrusion Detection system based on the scapy library to detect the common Data Link layer attacks like (ARP - DNS) spoofing and also some Web apps attacks. We start with building attacking tools and then the detection tools.
Java Deserialization Exploit: Remote Code Execution
by Samrat Das
Welcome Readers, among the plethora of test cases out there for thick clients, one particularly interesting is about “Remote Code Execution on thick clients”. For this particular RCE, among one of the thick clients I was testing-is based on Java Application. While researching possible exploits, I noticed that there are custom deserialization methods in Apache commons-collections, which has a particular “reflection logic”. This can be exploited and can lead to remote command injection as well as lethal arbitrary code execution.
Mailbox Overflow by Triggering Python Application Using Virtual Environment
by Sumanta Kumar Deb and Rohan Dutta
The idea is to develop a set of virtual environment from one or multiple terminals that can trigger Python based applications that send iterative unwanted e-mails with attachments to a dedicated inbox by directly connecting with the dedicated SMTP server. None of the mails goes to the spam box. All the mails will reserve some memory space of the inbox. Due to not enough memory in the inbox message queue or pool there will be a temporary problem with the mail server, meaning the incoming mails will not be delivered from the temporary storage queue to the inbox and it cannot be read.
Tshark, Wireshark in command line
by Felipe Duarte
Like Wireshark, Tshark is a network protocol analyzer that allows network administration to do an analysis of real-time protocols or analysis of protocols that have been saved to a log file in pcap format this is a standard format For many network programs used by network administrators but it is also not limited to just the pcap, its list of compatible files is very extensive including, automatically detects files compressed with the gzip extension.
Automating Manual Security Testing Using Burp Macros to Accelerate Manual Security Testing
by Prashant Kumar Khare and Sarang Dabadghao
The purpose of this paper is to cite an implementation approach of using automation in security testing which enhances the efficiency of doing manual security testing of a tester in much less time than anticipated. In this paper, the tool that will be referenced is Burp Suite (free version) provided by Portswigger and a demo application. This paper will cover automation using Macros in Burp Suite and its integration with Intruder and Repeater.
OSSIM Deploying, Configuring and Administering Part 1
by Luis Borralho
This article is intended to give an overview of OSSIM AlienVault USM (Unified Security Management). This overview will have topics on how to install and deploy OSSIM Alien Vault Server, configuration of OSSIM, adding an additional sensor to it and configuring this sensor. The OSSIM is a very powerful tool; with this tool you can have information about security and vulnerabilities associated with the devices connected to your network or networks, configuring many sources like Checkpoint firewalls, Cisco products, F5 BIG IP, WebSense, Forcepoint, Squid, pfSense firewalls, and many more.