The folks that run the website RTL-SDR have a comprehensive list of all the software defined radio (SDR) software, both commercial and free. That list can be found here:
I’ve decided to centralize the default password lists for multiple vendors. I’m making this a sticky post and will update this list when as I find these types of sites:
* http://bit.ly/2S6SToW – NETGEAR Default Password List
* http://bit.ly/2S37j9u – Linksys Default Password List
* http://bit.ly/2S3gPJV – D-Link Default Password List
* http://bit.ly/2S8KWzJ – Cisco Default Password List
* http://bit.ly/2S37FwQ – Default Router Usernames and Passwords (multiple vendors)
* http://bit.ly/2HrgT3O – Telnet, MySQL and other Linux and Windows service passwords courtesy of n0tazombie.
I have identified the following CTF labs which are 24/7 and most if not all are free:
- 24/7 CTF: https://247ctf.com/ (Added 11/7/2019)
- Immersive Labs: https://immersivelabs.online
- pwnable.xyz (good for people new to CTF): https://pwnable.xyz/
- 365 CSAW: https://365.csaw.io
- CTF101: https://ctf101.org/
- Shellter Hacking Express: https://shellterlabs.com/en/contests/
- Backdoor: https://backdoor.sdslabs.co/
- ShellWePlayAGame?: https://shellweplayagame.org/
- RootMe: https://www.root-me.org/?lang=en
- OverTheWire: https://overthewire.org/wargames/
- Virginia Cyber Range: https://portal.virginiacyberrange.net/
- Hack The Box: https://www.hackthebox.eu/
- FuzzyLand: https://fuzzy.land/
- Hacking Lab: https://www.hacking-lab.com/index.html
To everyone that made me aware of these thank you!
First discovered by a Reddit user, he observed his Samsung device making calls out to Chinese owned domains. The software that was responsible for this is installed on nearly all Samsung’s line Android products, including their smart phones and tablets. Further research revealed that Samsung had partnered with Qihoo 360, a Chinese owned firm with a reputation for censoring users at the request of the Chinese government, to develop software that can’t be uninstalled of the device. Samsung released a public statement stating that the only data being sent to China is model, storage, and operating system version [for now].
- Original Article: http://bit.ly/2uAD6rX
Spectrum Software went out of business last year and they have just released their commercial circuit simulator, Micro-Cap for free! This simulation software includes over 33,000 parts in it’s library and retailed for $4500.
Today on Twitter I found a really easy to follow walk through about how Kerberos works in Windows Active Directory networks. It walks you through each step of the authentication process, what machines are involved and what is happening underneath the hood. It’s a great read for anyone want to know more about how modern day Windows authentication works.
- Original Article: http://bit.ly/2FDwknq
Black Hills Information Security (BHIS) recently wrote a blog post on how to debug embedded firmware via a JTAG port. The author, Raymond Felch, used a JTAGulator and a multi-meter to find the JTAG ports left on a Linksys router that he got at a yard sale.
In May of 2019 Microsoft (MS) released a major update for Windows Subsystem for Linux (WSL). The original WSL used parts of Hyper-V to run a full on Linux distro, such as Ubuntu or Kali. This May MS released WSL 2 which greatly enhanced both the capabilities and speed of this subsystem. They haven’t really publicized it’s release very well which is why I’m making a post to promote it. Next time you play a CTF instead of using a Kali VM try out WSL 2 with Kali installed!
- Microsoft’s Official WSL 2 Documentation: http://bit.ly/2MItlyj
At first I could only laugh at the fact that someone had bothered making a Windows pentesting distribution, but upon closer inspection it is well suited for taking advantage of the Windows Remote Management (WinRM) capabilities that are shipping with all modern day Windows distributions. This means you can remotely control any Windows machine in the domain if you have the right credentials. Since Microsoft introduced Windows Subsystem for Linux v2 (WSL2) you now have the ability to run Kali on a Windows system, but it still has issues interfacing with proprietary Windows protocols like what WinRM uses. It includes core tools such as Covenant, nmap, Wireshark, etc. I will post the GitHub link to the Hacker Tools page.
This tool was posted on Twitter last week. Looks like it has great support for hash types and it uses a hybrid system to crack passwords where it’ll generate a rainbow table based on a wordlist, such as rockyou.txt to accelerate breaking hashes. This project has also been added to the Hacker Tools page.
Link to project’s GitHub: http://bit.ly/35QfXzu
I just found a new Internet of Things (IoT) testing framework called HomePwn. It boasts the following features:
- Bluetooth Low-Energy (BLE)
- Near Field Communication (NFC)
- Simple Service Discovery Protocol (SSDP)
- Multicast Domain Name System (MDNS)
- Xiaomi device support
- SmartTV support
- Metasploit-like command line interface
Paul Clark, who literally wrote the book on using software defined radios, gave a presentation on how he built a custom data exfiltration box using software defined radios (SDRs) for Black Hills Information Security (BHIS). By all accounts this capability could be very challenging to spot especially because listing on a single MHz of the RF spectrum would generate 8MB of data per second and if you do frequency hopping it significantly increases the complexity. He also goes through how GNURadioCompanion (GRC) actually generates Python code from the flow graphs that you build the user interface. At the tail end of the presentation Paul discusses the work of Josh Conway and how he built a device he calls the SigInt Tablet for about $150 that will allow for sampling of the RF spectrum and also how he found he could actually transmit data simply by applying voltage to a GPIO pin which could potentially used to interfere or even jam a RF transmission.
- BHIS Presentation by Paul Clark: http://bit.ly/2Z6AOfA
- Slides for presentation: http://bit.ly/2M6GqBe
- Paul Clark’s GitHub: http://bit.ly/2M3TdUX
- Factoria Labs (Paul Clark’s company): http://bit.ly/2IozC0A
- GNURadio: http://bit.ly/2LE4gUK (create custom RF applications)
- GNURadioCompanion: http://bit.ly/2M3R1wH (provides GUI interface)
- GNURadio Inspector GitHub Repo: http://bit.ly/2S7IzQI (this is great for debugging)
- Ettus B200-mini full duplex SDR: http://bit.ly/36LmMCD
- HackRF One half duplex SDR: http://bit.ly/38Mrwtz
- Josh Conway’s SigInt Tablet GitHub repo: http://bit.ly/2MonApp