Default password lists

I’ve decided to centralize the default password lists for multiple vendors. I’m making this a sticky post and will update this list when as I find these types of sites:

* http://bit.ly/2S6SToW – NETGEAR Default Password List
* http://bit.ly/2S37j9u – Linksys Default Password List
* http://bit.ly/2S3gPJV – D-Link Default Password List
* http://bit.ly/2S8KWzJ – Cisco Default Password List
* http://bit.ly/2S37FwQ – Default Router Usernames and Passwords (multiple vendors)
* http://bit.ly/2HrgT3O – Telnet, MySQL and other Linux and Windows service passwords courtesy of n0tazombie.

Always available CTF Labs

I have identified the following CTF labs which are 24/7 and most if not all are free:

To everyone that made me aware of these thank you!

Tsunami: Google publishes a modular security scanning framework

The folks over at Google have recently open sourced a modular security scanning framework called Tsunami. Right now it uses nmap and ncrack as it’s core underlying tools, but they built it in a modular fashion that makes integrating other tools easier and they also are focused on having no false positives which tends to be the Achilles’ heel of most vulnerability scanners.

Links:

SIGRed: A 17 year old bug in Windows DNS server

SIGRed (CVE-2020-1350) was recently discovered by Checkpoint Security and is a vulnerability in Windows Domain Server (DNS) which will allow for anonymous remote code execution (RCE) by sending a malformed DNS response and will allow an attacker to run as SYSTEM. This has been in the Windows DNS Server since Windows Server 2003 and affects even Windows Server 2019 and could easily be turned into a self replicating worm. This has a CVSS score of 10.0 on a 10 point scale, which is the highest rating on the scale. A patch is now available from Microsoft.

Links:

BlueFrag: The Android Bluetooth exploit

I posted about a back in February about a new Android bug in the Bluetooth stack (CVE-2020-0022). This is a nasty bug that affects Android 8-10 devices and requires no user interaction the attack just needs to be in proximity to any Android device that has Bluetooth enabled. In Android 8 and 9 it’ll gain remote code execution and in Android 10 it’ll just crash the Bluetooth stack. BlueFrag is the name of the exploit that takes advantage of this vulnerability.

Links:

DEF CON 28 officially cancelled!

I just read on the official DEF CON Twitter account that Dark Tangent has decided to cancel DEF CON 28 due to the COVID-19 pandemic. The good news is he said it was the “in-person” conference held in Las Vegas, so there is still hope that they will have a virtual version of it just like Way West Wild Hackin’ Fest did in March for their in-person conference for the same reason.

Links:

Two SDR dedicated Linux distros

I guess one of the benefits of being on lockdown is that security engineers have a lot of free time on their hands to create new Linux distributions and in this case there are two new Linux distros that have been developed focusing on software defined radios.

    • DragonOS – DragonOS LTS an out-of-the-box Lubuntu 18.04 based x86_64 operating system for anyone interested in software defined radios. All source installed software is located in the /usr/src directory while the remaining software was installed by package managers. This is a brief summary of the software included, while not complete, it covers the bigger named packages and some of the drivers installed for the various supported SDRs such as the HackRF One, RTL-SDR, and LimeSDR. This distro includes the following SDR related tools: Universal Radio Hacker, GNU Radio, Aircrack-ng, GQRX, Kalibrate-hackrf, wireshare, gr-gsm, rtl-sdr, HackRF, IMSI-catcher, Zenmap, inspectrum, qspectrumanalyzer, LTE-Cell-Scanner, CubicSDR, Limesuite, ShinySDR, SDRAngel, SDRTrunk, Kismet, BladeRF
    • Gorizont-rtlsdr – This distribution contains only RTL2832U chipset family rtl_sdr drivers and modules, and concentrates on providing terrestial HF/VHF/UHF signal processing and portable DAB+ reception with the cheapest and most available equipment. No other devices are supported. This distribution is intended for experimentation and legal listening purposes only. NOTE: No TETRA or similar trunked system decoders are included in this distribution for legal reasons.