HackDig : Dig high-quality web security articles for hackers

Diff’ing Some Files Across Similar Directory Trees

The “diff” command is a very nice tools in *NIX environments to compare the content of two files. But there are some situations where diff is a pain to use. The classic case is when you need to compare many files from different directory trees (by example two different releases of a tool) located in the following directories: /data/tool-1.0/ /
Publish At:2020-02-23 08:59 | Read:565 | Comments:0 | Tags:Unix

SetUID program exploitation: Crafting shared object files without a compiler

In this post we look at an alternative to compiling shared object files when exploiting vulnerable setUID programs on Linux. At a high level we’re just going to copy the binary and insert some shellcode. First we take a look the circumstances that might lead you to use this option. Also check out this previous post on setUID exploitation. A hacker chal
Publish At:2019-09-19 17:35 | Read:956 | Comments:0 | Tags:Blog analysis exploit root UNIX

Where 2 worlds collide: Bringing Mimikatz et al to UNIX

Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Over the past fifteen years there’s been an uptick in “interesting” UNIX infrastructures being integrated into customers’ existing AD forests. Whilst the threat models enabled by this should be quite familiar to anyone securing a heter
Publish At:2019-09-19 17:35 | Read:985 | Comments:0 | Tags:Presentations analysis auditing Black Hat Europe blue team c

An offensive introduction to Active Directory on UNIX

By way of an introduction to our talk at Black Hat Europe, Security Advisory EMEAR would like to share the background on our recent research into some common Active Directory integration solutions. Just as with Windows, these solutions can be utilized to join UNIX infrastructure to enterprises’ Active Directory forests. Background to Active Directory i
Publish At:2019-09-19 17:35 | Read:1127 | Comments:0 | Tags:Blog analysis auditing Black Hat Europe blue team conference

Automatic Extraction of Data from Excel Sheet

Excel sheets are very common files in corporate environments. It’s definitively not a security tool but it’s not rare to find useful information stored in such files. When these data must be processed for threat hunting or to collect IOC’s, it is mandatory to automate, as much as possible, the processing of data. Here a good example: Everyd
Publish At:2017-10-24 21:20 | Read:3478 | Comments:0 | Tags:Software Unix Automation Excel Python Script Tool

Unix: A Game Changer in the Ransomware Landscape?

by Joachim Suico (Threat Research Engineer) 2016 was the year when ransomware reigned. Bad guys further weaponized extortion into malware, turning enterprises and end users into their cash cows by taking their crown jewels hostage. With 146 families discovered last year compared to 29 in 2015, the rapid expansion and development of ransomware is projected to
Publish At:2017-02-13 22:40 | Read:4994 | Comments:0 | Tags:Ransomware Linux Mac OSX ransomware Unix

NOPC version 0.4.7 released

NOPC, the Nessus-based offline patch checker for Linux distributions and UNIX-based systems has had some changes made and been made available in our tools section. This article discusses the new features in detail and provides some working examples. Updated features and bug fixes Improvements to the interactive mode (e.g. asking for what format for results
Publish At:2015-10-29 00:10 | Read:3264 | Comments:0 | Tags:Blog analysis training UNIX

padmin to root: Roles on AIX

Following a recent post from a consultant at IBM discussing how how privileged access should be performed on VIOS, I figured it was time to share some of our research in this arena. Those of you that are regular readers will know that I love root. For those of you that are new, welcome aboard. Let’s start by defining what VIOS is. VIOS is a subsystem t
Publish At:2015-10-03 05:00 | Read:4226 | Comments:0 | Tags:Blog AIX analysis auditing exploit root UNIX

Despite Hacking Team’s poor opsec, CEO came from early days of PGP

Further ReadingDays after Hacking Team breach, nobody fired, no customers lostEric Rabe: "The company is certainly in operation. We have a lot of work to do."Many years before his corporate e-mails would be plastered all over the Internet following a major security breach of his company, a young David Vincenzetti often posted to various Usenet groups, ge
Publish At:2015-07-08 17:15 | Read:4529 | Comments:0 | Tags:Law & Disorder Risk Assessment David Vincenzetti milan pgp U

Beyond Root: Securing Privileged Access in Linux

Posted January 20, 2015   Randy Franklin SmithLike UNIX, at its core, Linux’s security model is basically monolithic – you either have root access or you don’t. But root access is too powerful for so many reasons; routinely using the actual root account – while easy and still frighteningly common – is so dangerous it borders on negligent. Audi
Publish At:2015-01-20 14:10 | Read:3054 | Comments:0 | Tags:Privileged Account Management beyond root linux pbul sudo su

Hackers running Linux Operation Windigo are changing tactics targeting porn sites

Security Experts at ESET firm discovered that Windigo campaign is still active and that bad actors are changing their tactics to remain under the radar. Windigo is a sophisticated malware-based campaign uncovered by security Experts at ESET in March 2014, hackers behind the campaign that exploited the Linux/Ebury backdoor comp
Publish At:2015-01-12 13:15 | Read:3521 | Comments:0 | Tags:Cyber Crime Malware backdoor botnet Cybercrime Eset LINUX Li

Experts warn on Mayhem shellshock attacks worldwide

The experts at The Malware Must Die detected numerous attack worldwide exploiting the Bash Bug flaw to spread the Mayhem botnet. The researchers at Malware Must Die published a report warning of Mayhem Shellshock attack, the experts explained to have detected a significant number of Linux and UNIX systems infected by several I
Publish At:2014-10-10 05:10 | Read:4391 | Comments:0 | Tags:Malware BashBug Hacking LINUX malware Mayhem botnet Shellsho

How To Prevent Your Data From Getting Shellshocked

The Shellshock “Bash Bug” vulnerability, uncovered last week, affects most versions of Unix and Linux based systems. This vulnerability has the potential to allow an attacker to gain control of an affected computer via Bash, which is the shell component that is utilized in multiple versions of both operating systems. Bash is a command line interp
Publish At:2014-10-02 08:20 | Read:3172 | Comments:0 | Tags:Security Symantec Security Insights Blog Data Center Securit

Shellshock: Bash Bug 脆弱性について知っておくべきこと

Linux および Unix、さらには Unix ベースである Mac OS X の多くのバージョンに影響する可能性がある新たな脆弱性が確認されています。GNU Bash におけるリモートコード実行の脆弱性(GNU Bash Remote Code Execution Vulnerability)(CVE-2014-6271)は、「Bash Bug」または「Shellshock」と呼ばれており、攻撃者がこの脆弱性の悪用に成功すると、標的のコンピュータを制御できる恐れがあります。脆弱性の影響を受ける Bash はシェルと呼ばれる共通コンポーネントで、Linux や Unix の多くのバージョンに搭載されています。Bash はコマンド言語インタープリタとして動作します。つまり、これにより、ユ
Publish At:2014-09-29 17:20 | Read:5210 | Comments:0 | Tags:Security Security Response Endpoint Protection (AntiVirus) B

The majority Mac users safe from Bash Bug while Oracle warns its customers

Apple says users of its OS X are “safe by default” from the Bash Bug, meanwhile Oracle warns its customers that 32 products are affected by the flaw. The recently discovered Bash Bug vulnerability is menacing billions of devices that could be exposed to cyber attacks which exploit the flaw, the situation appears
Publish At:2014-09-28 13:30 | Read:5783 | Comments:0 | Tags:Security Bash Bug CVE-2014-7169 Hacking LINUX Oracle RedHat


Share high-quality web security related articles with you:)