World’s first Power outage using Malware

July 20, 2016January 5, 2016 by Gaurav Mahajan

Die Hard 4.0 seems real enough now as we have the world’s first power outage accomplished by a malware. The culprits are…..you guessed it, the blackhats.

Now hackers have used a highly elegant and destructive malware to successfully infect at least three regional Ukrainian power authorities. So, their pre-Christmas 23rd December was pretty much a …lights out.

The region Infected was the Ivano-Frankivsk.

Prykarpattyaoblenergo, a local energy provider was claimed to be under the attack of cyber crooks by the energy ministry. As I said, Christman kinda went a dud!

The malware responsible disconnected the electrical substation. Now, this is frighteningly believable as no power grids were touched but the computers controlling them were.

World’s First power-outage-inducing malware

The name that is given to this malware that brought down the power is dubbed BLACKENERGY.

This BlackEnergy trojan was first discovered in 2007. Back then, it was a relatively simple tool to conduct DDoS attacks(Denial Of Service). It got an update about two years ago with a butt-load of new features. Features that were not limited to making a computer unbootable.

“Russian Security Service” was the launcher of this malware. its targets were industrial control systems and sensitive politicians.

The internet antivirus provider called ESET said that the virus was recently updated to include utilities such as

KillDisk: As the name suggests, kills the disk or to be more sophisticated “Screws with the crucial parts of an industrial system”
Backdoored Secure Shell Turns your computer into infidel women aka infects the computer with a permanent access of the “other guy”/the hacker.

The how?

Researchers revealed that the hackers’ backdoor came from the macros linked in the booby-trapped Microsoft office documents. Malicious macros caused the Ukraine’s power pop. The initial point of infection is believed to be caused by just that.

My two cents

This is definitely a disturbing news. A simple SE(Social Engineering) trick, however inelegant, can also be used to disrupt the power. What’s sad is that there might be no John McLane to save us this time.

Search engine for hackers, and it lists every device on the net

December 11, 2015December 11, 2015 by Gaurav Mahajan

Meet Censys, a Shodan like search engine for hackers.

Last month the security consultants at the SEC realized that the work-shy manufacturers of IoT(Internet Of Things) using the same old set of hardcoded cryptographic keys leaving over 3 million of IoT devices vulnerable to mass hijacking. But how did they found out the exact number??

Easy! Censys told them. A search engine that ransacks the net for vulnerable devices.

It knows everything and sees everything

Censys is designed for one purpose, to scan for the poor bastards who got logged on to the net without much thought about unauthorized access to them. Clarification, the poor bastards are the devices. In this aspect Censys is a lot like shodan .

However, the methodology used by Censys is much more complex. All this to make internet a safer place.

Released for free in October by the researchers at the University of Michigan, is powered by google, world’s biggest search engine.

As a part of an open source project, census was created to keep track of every data on the internet. And then create a database out of it. the goal of this is to help companies to unearth their vulnerabilities on the net.

Modus Operandi of Censys.

This search engine for hackers does daily scans of Ipv4 address space. By this it collects the information of hosts and websites. Two tools are plied for this purpose

Zmap : Open Source network Scanner
ZGrab: Application layer scanner

Then databases are maintained after the collection of data(DUH!). This gives the information about how websites are configured.

Zmap’s job is to scan over 4 billion IP addresses every day. What’s more is this helps determining to whether fix the machines right away or not. Whether the prowling eyes of hackers is upon the device already?

Flaws caused by IT administrator can’t hide either.

So what do ya thing about this? Should this exist? And if it has to, how vulnerable are you?

Post your comments and enlighten our asses.

Optic hacking or hacking through eyes

April 30, 2019December 8, 2015 by Gaurav Mahajan

NO !NO! Its not some cool ass Adam Jensen microchip eye, but a rather creepy hacking way that you may go through all day in the cyber cafe…and that rhymes!

What is Visual hacking?

Visual Hacking or i would like to say quaintly Optic Hacking is one of the major security threat on a system. Its like social engineering without being social, but being creepy. Let me give you an example. You are in the cyber cafe doing your own thing, minding your own business. Then someone just walks in and is looking at your screen. In addition to this being creepy and disturbing, what you don’t observe that this seemingly harmless(but creepy nonetheless) act is compromising your digital data. Who knows what you might be doing in your computer. Well, the guy looking at your system other then you now do. That data can be really damning. THAT my un-observing friends is part of a hacking. And this threat is more dangerous then you realize.

With 90% success rate, this Optic hacking/visual hacking is sure a threat you must not ignore. And I am not just making this up! The genius intellects of HP thing the same thing. So you can either do THIS

in a public place or you hide your screen just like you hide your paper while examination.

“With the increasing usage of computer in open places., Collecting confidential information through optic hacking is a major security risk” said a genius at HP. AWW Hell! Is nothing sacred anymore.

Competition leads to focus and focus leads to carelessness, carelessness leads to loss. that’s kinda the today scenario, the more focused you are the more unattentive you are to the outside world. Laptop users are suffering from the same scenario and hence there data is at the risk of compromise on a daily basis. As research show, optic hacking has a very high success rate of 90%. Hp has taken steps for this. With their creation of privacy screens they plan to curb stomp this visual hacking scenario. Optic hacking still sounds cooler.

But will be the screen worth it? Will the screens that are suppose to avoid optic hacking will be good for our optics.

What do YOU think about this Optic Hacking? Or visual hacking. tell us in the comment section

Top 10 insecure programming languages

April 30, 2019December 5, 2015 by Gaurav Mahajan

New research shows that scripting languages cause web vulnerabilities

To this news, I was like.WHHHHHHHAAAAAAAAAAttt?? But it is true. A new research showed that scripting languages, in general, spawn security vulnerabilities regarding web applications. Now this got many on the web their panties got all twisted. As millions are websites are now under potential security bugs that earlier we weren’t aware of.

Veracode, an app security firm has recently released its State Of Security: Focus On Application Development report. The PDF is available too. In this report the analyzed data of over 200,000 separate application from Oct 31st, 2013, to March 31st, 2015 is present.

To prepare this report, security researchers crawled through most of the popular languages including but not limited to

PHP,
Java,
JavaScript,
Ruby,
.NET,
C and C++,
Microsoft Classic ASP,
Android,
iOS,
and COBOL

and alongside it hundreds of thousands of applications for the past 18 months.

Now the comparison they used for the graphical statistics of the languages is with OWASP(Online web Application Security project). The analysis was how much of the passing rate of individual programming language was with OWASP. In short Classic AHP and ColdFusion are the riskiest programs and java and net are the safest of the bunch. But safe doesn’t mean completely shielded. So here below is the stat of each program.

This below is the list of Top 10 insecure programs,

Classic ASP – Has 1,686 flaws/MB (1,112 of them are critical)
ColdFusion –Has 262 flaws/MB (227 of them are critical)
PHP –Has 184 flaws/MB (47 of them are critical)
Java –Has 51 flaws/MB (5.2 of them are critical)
.NET -Has 32 flaws/MB (9.7 of them are critical)
C/C++ –Has 26 flaws/MB (8.8 of them are critical)
iOS –Has 23 flaws/MB (0.9 of them are critical)
Android –Has 11 flaws/MB (0.4 of them are critical)
JavaScript -Has 8 flaws/MB (0.09 of them are critical)

The most vulnerable web apps are the ones that got PHP ..but why? Is PHP at the third position? The reason for that is ColdFusion is for niche users and Classic ASP is not taken any heed to.

A close inspection of PHP shows the following vulnerabilities

Almost 86% of applications written in PHP have at least one XSS vulnerability
56% of apps included SQLi (SQL injection), which is easily exploitable…Read (Hack puts kid/parents data in danger)
67% of apps aren’t immune to directory traversal.
61% of apps aren’t immune to code injection.
58% of apps had problems with managing credentials
73% of apps are storehouse for cryptographic issues
50% aren’t immune to information leakage.

Now we know that OWASP almost never changes, but the new security vulnerabilities always pop up putting SQL and XSS (Cross Site Scripting) right at the top of Owasp

Now about how to tackle all this:

Using scripting language wisely is your salvation. Less then a quarter of java applications have SQL flaws which is much lower than PHP.

“Knowledge is amazing but is inconsequential if there is no wisdom behind that knowledge’s usage”

Top 3 antivirus for Top 3 Windows OS

April 30, 2019November 25, 2015 by Gaurav Mahajan

In this awesome age of gaming and OS, you gotta be protected. So these are the TOP 3 antivirus for the TOP 3 Windows OS.

Let’s start with the oldest but still the best(for me atleast). Windows 7

Now we all know that HOW ABSURDLY pathetic the microsoft antivirus solution is. Always bringing out false positives and not detecting the obvious threats to the system. That’s why for this year Microsoft’s inbuilt AV is at the very very very bottom of the list of recommendable AV’s.

That’s why BitDefender is the top security solution for this window and if you are interested in freeware, its Avira. 1st BitDefender , 2nd for McAfee and 3rd for Kaspersky .Below is the graph related to the performance of each and every antivirus for windows 7.

Now let’s talk about Windows 8.1. The vista of this generation. Clearly not my first choice but I won’t impale you if you use this.

This too has BitDefender at the top. And avira at the top freeware. With Kapersky again NOT at the 1st position. The Graph says it all

Its Windows 10’s turn now. The awesome but really really restrictive windows. that slaps the free software use(that is obtained illegally of course.).

Here is the contradiction at best. Avira a free Antivirus tops as its protector. like Jackie chan in that movie he was in. So, an obligatory graph here too.

So after some deep calculations. We see BitDefender in 2 of the OS. Avira in all 3 and Kaspersky in 2 and Bitdefender holding the top in 2. So the TOP 3 ANTIVIRUS FOR TOP 3 Windows OS are (DRUMROLL…………………………………………….)

Avira
BitDefender
Kapersky

Why Avira is at number one you ask? Simple, I like free shit!

Look forward for my next Blog about something inside something!!

10 benefits to Upload c99 php webshell | SQL injection Test

October 28, 2018October 3, 2014 by Vijay Kumar

What after Upload c99 php webshell

Hey, Here is very important thing that what will you do after upload c99 PHP webshell. Ok first I am going to what is c99 php and what the use of this. So let me introduce first “c99.php is a webshell written in php languge used for” :

Travel across directories
• View files
• Edit files
• Upload files
• Download files
• Delete files
• Execute MySql queries / commands
• Bypass mod_security
• Permissions to directory/folders
• Execute shell commands
Video:

PHP file uploader | SQLinjection Part 7

October 28, 2018October 3, 2014 by Vijay Kumar

PHP file uploader | sqlinjection

PHP file uploader is a script written in php language used for uploading files on the server using web browser. After creating this file attacker’s next step upload this script on the server by using sql injection attack. Attacker access this file later then upload any malicious file on the server

Video:

Run Netcat commands through webshell | SQLi Test 6

October 28, 2018October 3, 2014 by Vijay Kumar

Run Netcat commands through webshell

As we have discussed about web shell in previous tutorial. “Netcat is a computer networking service for reading from and writing to network connections using TCP or UDP. Netcat is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts”.

Video:

SQL Injection Attack Creating and Uploading Web shell | SQL injection test 5

October 28, 2018October 3, 2014 by Vijay Kumar

SQL Injection Attack Creating and Uploading Web shell

Web shell is a type of shell it can be used to run commands on the victim server through web site. it directly interact with the command line of server. Creating a webshell backdoor in php language then upload on the server by sql injection attack.

Video:

SQL Injection attack and data dump into csv file | SQLi test 4

October 28, 2018October 3, 2014 by Vijay Kumar

SQL Injection attack and data dump into csv file

This topic will cover how to dump data of tables from the database into the file by sql injection attack. This file save in csv format. Attacker can access this file later to see the dumped data.

Video: