Posts

Showing posts from 2017

Bad information

Image
I recently found some blogs about various anonymous functions online which appear to be seeding bad information. Either by being wrong, misleading, or inadequate. To start with, here's one I saw that people were sharing in a forensics group.

https://vallejo.cc/2017/11/11/using-gathering-information-tools-through-tor-network/

Yes you can totally do an nmap scan over tor with proxychains, yes these particular copypasta scans can work. However lets discuss why a bit further. Yes, there are limitations on scanning capabilities on what can/will go through socks, there is also limitations on what scans can do what functions. As a test, I used tcpdump on the server being attacked with a monitor of my own ip address. If there was even a single packet to or from my attacking ip, it was a complete failure.


nmap attemptResults (did it hide our ip)proxychains nmap -Pn -sT -sV -O -p80 {MY HOST}Failed when added os detection (+O)proxychains nmap -Pn -sT -sV -T5 -p80 {MY HOST}Success, despit…

Training

Image
You must train for the worst; prepare for the worst, and hope for the best. training for what you have going right now is not apt for training. you must do what you need right now /and/ train for the future. That's my belief anyhow.

Data Data Data

Image
Data data data. Data data data data, data data. Data data data data data data data.

Developers developers de... oh whoops, wrong one. Data data data.

I wanted to talk a bit on data, it's perceptions, and how it is used or misused. So, to uphold this conversation, I would like people to look at the first too lines of this post. To a computer, specifically an ai, this may appear as a sequence representing some choice in lexical ambiguity or it may see it as simply some ascii strings with which we could map to known words, which we could map to known usage and habitual usage to find most likely meaning. In either case we think about this, a computer may see the first sentence by itself and assume one situation, then the second and assume it is another, or both together and assume it's a 3rd. This is a fundamental issue with data, even to a computer: perception changes how we investigate, diagnose, or define it.

Now lets say that I wanted to run this data myself, how would I figur…

PlasmaRat: why use shitty malware?

Image
I wanted to discuss some issues I find in the realm of choosing malware and why its perfectly fine to use bad software once in a while. In this, I will detail a plan of action to leverage multiple sets of well known/easily detected malware for various purposes. So lets begin with a soft story. You people love story time right? In this story a threat actor, before they become a studied attack profile by major organizations, was just a young nooblet looking to see what they could do. While developing their plans and their chess game, they found tools. Now, immediately you're probably thinking script kiddie and fundamentally you'd be right. These people used what was available to them rather than learning what it took to do it themselves. Eventually, the habbits and traits learned by doing this turned into an actionable plan and money was made. When money was made, people stop trying to perfect an art and start looking to more free answers. Instead, our protagonist decides h…

Lets play a game.

Image
http://0daz.io/index.boogiepop
Rules:

I give you a private and public key pair when you access the page. It's up to you to understand how to use them. This is a programming game. You are given my public key (same one for keybase) for when you find answers. Send your answers on keybase (chat:answers are pgp encrypted or won't be accepted), or as a get request to the server(preferred). Answers should be in the notion of http://0daz.io/boogiepop.phantom?answer={username:code}. You will get a 404, and winners will be updated to the original page along with timestamps of when they sent winning data. (future updates, I intend to make it show date since you got your username used for the challenge calculable in milliseconds, as well as time since the challenge was posted. this is not yet a feature)This is not a ctf, but if you hack my shit, the worse you can do is get it flagged or shutdown, best you can do is fix my code. I won't be hurt either way in these regards. PS: if someon…

scopin'

Image

Unrelated ranting

Image
So, I wrote this earlier elsewhere, but I feel I need to expand on it more so let me tell you a story:

Once upon a time people could say that things would never happen, it's all just some people's wild imagination. People thought things would never happen, are the same who built paths towards the rejection of belief in orwellian or similar dystopian existences. Can you believe it? A day existed where people could challenge this with arbitrary means and be considered right?

I guess some examples are in order. We would never burn books en masse, we would never absorb ourselves so much that we don't understand functional principles of life, we would never be stuck with governance over our minds and thoughts and it would never be illegal to think about things that don't fit in with the masses. Governments wouldn't poison their own people, that would make them look bad and hence they wouldn't do it. Governments wouldn't spy on their own people or fraudulently re…

Dear self

do you think that people understand when you make allusions to anything? Pop culture to dark humor, sometimes it seems like no one will ever get it. But, allusions are so fun sometimes because of the things you can say with them. Like building a story that shortens sentences or paragraphs as it progresses so that you can identify a rushing or crumbling ideology. Or like references of situations that are built of the situations, one after another/in sequence to each other, in the idea of showing a common pattern of events without ever stating a single event only references to them. These are the joys of communication but sometimes people just never bother to pay attention. In a world full of those who refuse to pay attention, I guess it could be assumed this will never have a place in people's hearts or minds.

Oh well, lets go back to drinking. That's one way to waste time.

Apathetically.

Ferasdour
https://keybase.io/ferasdour

away from the tech

Image
You know, I find myself often curious about the world. I find myself wondering what topology is used to inform the state about car specifics so they can print a little tag for you. I find myself curious how to poll cell towers for gps locations of people at another tower. I find myself curious about the atm protocol and how atms (machines/systems) work. I find myself picking apart nfc devices to find what their data is and wanting to write these to something else. If these activities seem criminal to you, then I guess I am a criminal. Oh, you want me to get licensed to be able to do these things with a magnifying glass waiting for me to fuck up? Why allow myself to be beaten out of existence?
At a young age, I found myself interested in taking things apart and studying them. As a kid it seems like innocent curiosity and no one cares when a kid makes a new method for absorption and storage of ambient/static energy. Well, some people cared, but only because people pushed it under their f…

Passive Intelligence

Image
Now, I'm not some fancy big shot who wanted to define things my way and tell everyone else to piss off. However, I don't entirely understand how other people claim passive intelligence the way they do. So, as an example, I continue on my dive into finding various notions from data within comparing unique malware domain resolutions. In this case, over on http://0daz.io/useful.log I found several domains were being built on a common provider (000webhostapp). The domains that were shown on that, were found to be malicious and put on the malware domains list of domains (http://malwaredomains.lehigh.edu/files/domains.txt). So, first thoughts would be that there is some unique design on how malwaredomains finds those specifically while very few, if any, no-ip and similar sites are on there. Regardless, I took the approach of how much I can find about 000webhostapp based on these.

curl http://0daz.io/useful.log 2>/dev/null|grep -i 000webhostapp.com|awk '{print $2}'|sort|uni…

Malware Domains and Botnet Jacking

Image
Okay, now some of you white hat "the rules make ethics" types may not like anyone discussing it, but lets do this. Domain and botnet jacking, as it pertains to not only threat actors but for blueteamers as well. In this thread, we discuss how a simple script can find domains to take over, how to monitor changes in botnets, and identify how people build their domain resolution pools. Protip: a lot of people just fake it. That 200 bot domain is actually more like 4 and a vpn, at best. But we're not actually messing with that yet.


We start today with this little bit of nonsense. It's simple python script designed to create a webpage based on domain resolution tracking. The page shows numerous domains and how they change.

lists=[ ]filetowrite="/var/www/html/index.html"failedtowrite="./faileddomains.log"initialinfo="<html><head><title>DomainTracking</title></head><body>Begin Run<br>Domain ip loggedtime<b…

Fancy toys

Image
Now that I finally got me some fancy toys and a fancy blog, I guess all that's left to do is brag about my fancy toys.

The wifi pinapple sucks.

There, I fucking said it.

But it's not like it's hardware sucks, it's just the people who put it together (hak5?) shouldn't do this anymore. Needs more space, needs better control, needs package management that works, needs to alert on conflicts instead of silently failing, don't need to log it as much as it needs any details of what happened, though logging would be nice too.

The modules and setup for web interface is almost not worth having, might as well skip that for just an interactive shell. Pineap? This is like if a pi had better wifi hardware and someone didn't know how to setup a malicious ap. "Push the configure button" "no wait, not that one, the other one hidden behind a drop down you can't see and don't really know what it's there anyway." If this is years of design please…

Easy Start

Image
Lets start this off easy by saying, hi my name is irrelevant and everything should stay disassociative, however if you spent 30 seconds of google, especially because of using a google service, you can find me and I encourage it. I have no ill-will towards those who want to spend the effort to learn something, even the trivial things. That is what we do, as a species and as the infosec/hacking community. We live to peer into things you would rather hide, we see things others would rather lie about. No reason to sugar coat it, laws are irrelevant and only the truth exists. It's the "white hat" community that gave the title of blackhats and whitehats and this (ugh) claim of grey hats. By blackballing people who were willing to commit crimes you segregated the world into black and white instead of accepting that they do the same things you do but use it for other purposes. With that said, if anyone is still paying attention, today I've been playing with a few rats and wa…