The folks that run the website RTL-SDR have a comprehensive list of all the software defined radio (SDR) software, both commercial and free. That list can be found here:
Default password lists
I’ve decided to centralize the default password lists for multiple vendors. I’m making this a sticky post and will update this list when as I find these types of sites:
* http://bit.ly/2S6SToW – NETGEAR Default Password List
* http://bit.ly/2S37j9u – Linksys Default Password List
* http://bit.ly/2S3gPJV – D-Link Default Password List
* http://bit.ly/2S8KWzJ – Cisco Default Password List
* http://bit.ly/2S37FwQ – Default Router Usernames and Passwords (multiple vendors)
* http://bit.ly/2HrgT3O – Telnet, MySQL and other Linux and Windows service passwords courtesy of n0tazombie.
Always available CTF Labs
I have identified the following CTF labs which are 24/7 and most if not all are free:
-
- 24/7 CTF: https://247ctf.com/ (Added 11/7/2019)
- Immersive Labs: https://immersivelabs.online
- pwnable.xyz (good for people new to CTF): https://pwnable.xyz/
- 365 CSAW: https://365.csaw.io
- CTF101: https://ctf101.org/
- Shellter Hacking Express: https://shellterlabs.com/en/contests/
- Backdoor: https://backdoor.sdslabs.co/
- ShellWePlayAGame?: https://shellweplayagame.org/
- RootMe: https://www.root-me.org/?lang=en
- OverTheWire: https://overthewire.org/wargames/
- Virginia Cyber Range: https://portal.virginiacyberrange.net/
- Hack The Box: https://www.hackthebox.eu/
- FuzzyLand: https://fuzzy.land/
- Hacking Lab: https://www.hacking-lab.com/index.html
To everyone that made me aware of these thank you!
In-Depth Guide to NTLM Relay Attacks
I found this really awesome guide on Twitter this morning which walks you through what NTLM relay attacks are and then teaches you how to do this style attack against Windows and Samba.
Link:
-
- Hackndo Guide: https://bit.ly/3aEMESP
Software Defined Radio Noise Comparison Chart
I found this image posted by the officail RTL-SDR Twitter account. It gives a comparison of the noise experienced in different frequency ranges by various software defined radios (SDRs).
CTF.live: A free CTF training environment by Pentester Academy
Pentester Academy announced on Twitter that they have a free CTF training environment. You need to log in using your Google account, however they have a total of 25 challenges and you don’t need to VPN into their network, everything can be done with a web browser.
Links:
-
- CTF.live: https://bit.ly/2xBZAu2
The next generation Direct Kernel Object Manipulation techniques
Direct Kernel Object Manipulation (DKOM) is a technique that allows for software to “hook” in with the Windows operating system at the kernel level. This video is from the INFILTRATE 2019 conference and is titled “DKOM 3.0: Hiding and Hooking with Windows Extension Hosts.” Where they take advantage of a Windows subsystem introduced in Windows 7 to hook the kernel.
Links:
-
- INFILTRATE 2019 Vimeo Video: https://bit.ly/39jl2RG
- Presentation Slide Deck: https://bit.ly/3dtSLLS
ADV200006: Yet more bugs in the Windows font subsystem
Microsoft announced on Monday March 23rd that they observed two exploits being used in the wild that target the font rendering subsystem in Windows. There is NO patch for these vulnerabilities as of this posting. These require the user to open up a document or a web page that has a font in it that will then exploit the Adobe Type Manager subsystem in Windows (all versions) to gain remote code execution. Typically these types of vulnerabilities gain execution in the Windows kernel where the font subsystem code is run. This means a hacker would have SYSTEM access to a Windows target, which, you know, is not good!
Links:
-
- The Register Article: https://bit.ly/3ak03Qg
- Tech Crunch Article: https://tcrn.ch/3dr0DgV
- MS Security Advisory: https://bit.ly/2UA6R5z
DEF CON 2020 CTF qualifiers have been pushed back due to COVID-19
The Order of the Overflow (OOO) has announced on Twitter that they will be pushing back the DEF CON 2020 CTF qualifiers. The new date hasn’t been announced yet, but on their tweet they said it would be announced on May 16th.
Links:
-
- OOO Tweet: http://bit.ly/2UfRZcx
- OOO Quals Page with more information about the delay: http://bit.ly/3dgSax1
DEF CON 2019 Qualifier challenges on GitHub
Order of the Overflow (OOO) which has run the CTF held at DEF CON since 2018 has most of their challenges on GitHub. It primarily includes their qualifier challenges from last year, but they also have a few of the challenges from the CTF held last year in Las Vegas.
Links:
-
- OOO GitHub: http://bit.ly/2WnSnrY
SMBGhost: New unauthenticated RCE SMB v3 bug found in modern Windows
CVE-2020-0796, better known as SMBGhost, was accidentally announce by Microsoft during March 2020’s Patch Tuesday. This bug is in their implementation of compression in SMB v3 and is both unauthenticated and remote and will result in remote code execution on the target machine with no user interaction. This gives it potential to be turned into a worm that will spread through a Windows Active Directory network like wild fire.
Links:
-
- ZDNet Article: https://zd.net/2W9JC4K
- Article on how to disable compression on SMB v3: http://bit.ly/2Qaqvnv
- SMBGhost Scanner: http://bit.ly/2Q9DfKY
- CVE Writeup: http://bit.ly/39NbvU3
New Wi-Fi chipset bug that allows hackers to decrypt communications: Kr00k
Today at RSA Conference 2020 ESET announced a new vulnerability that affects Broadcom and Cypress Wi-Fi chipsets. ESET worked with both vendors prior to announcing it at RSAC 2020 and both vendors have firmware updates available that will patch the bug.
Links:
-
- Original Article: https://zd.net/2T2JD8C
- CVE: http://bit.ly/2w9CEl8
Pentagon, FBI, DHS jointly expose North Korea hacking efforts
What make this news so significant is this is the first time that the DoD has publicly attributed hacking activity to North Korea. Their motives are seemingly to steal money (most likely to help fund their military), but they also allegedly hacked into a nuclear power plan in India. They attribute two APT groups to North Korea:
-
- Hidden Cobra
- Lazarus Group
They also name the malware they used in their hacking efforts.
Links:
-
- CyberScoop Article: http://bit.ly/2V7QG1b
- US Cert Malware Analysis Reports: http://bit.ly/3a2hAfp