Saturday, September 26, 2015

Pyzano for Data Backup


Pyzano (https://github.com/dreilly369/PyzanoFSIC) is a tool I use for a lot for file system tasks. From monitoring for unauthorized changes, to creating malware signatures for Host-based Intrusion Detection Systems (HIDS). Today though, I want to write about Pyzano's ability to be used as a lightweight data backup and file sharing system.

Wednesday, September 16, 2015

Session Hijacking

Session Hijacking allows an attacker to masquerade as the victim on websites where the session has been successfully exploited. To accomplish this I will put a redirection proxy in-between the victims web browser and the website. An aptly named “man-in-the-Middle” attack. The goal is to trap an authentication cookie and use it on the attack machine to impersonate the victim on the website later

Sunday, September 13, 2015

Building a DarkDuino Tool

This tool is what can be referred to as a “Force Multiplier”. It is not itself an exploit. Nor does it take advantage of any security flaw which is likely to go away. In fact, it is really just a programmable keyboard. Computers trust keyboards, so by default computers trust the DarkDuino tool. The only security lapse needed is for someone to walk away, leaving their system unlocked for a minute.

Scripted RFIDler Proximity Card Grabber

Using the RFIDler to clone a card manually was relatively easy to get a grasp on. Still, to understand how to automate the process of capturing different cards, the examples from the RFIDler site will help. Take a look at https://github.com/ApertureLabsLtd/RFIDler/wiki/plotting
The steps there describe how to use the plotting library to discern tag modulation types. The key takeaway (for now) is that all the tag modulation raw data can be captured as ASKRAW. It goes on to describe the method of looking at the data plot and figuring out what the modulation scheme is. We will use this method later to determine what types of cards we captured data for and to reprint them onto clones.