HackDig : Dig high-quality web security articles for hacker

UNIX and Linux setUID advice and guidance

It is a topic that often comes up on client engagements, usually when running structured build reviews of Linux “gold builds”, but occasionally when trying to explain in detail how we used a Linux system to pivot internally. SetUID and setGID files are inevitably a risk, potentially allowing attackers to elevate privileges to root from a basic us
Publish At:2017-10-27 17:20 | Read:4115 | Comments:0 | Tags:Blog AIX analysis auditing blueteam FreeBSD Linux root Solar

Exploring Windows Subsystem for Linux

Whilst there has been quite a lot of analysis of Microsoft’s new Windows Subsystem for Linux (aka WSL or Bash on Ubuntu on Windows) and how it functions (particularly from Alex Ionescu), most of this has focused on how it affects the Windows security model. Being a keen UNIX focused researcher, I decided to take it for a spin. The first thing I did onc
Publish At:2017-10-27 17:20 | Read:2585 | Comments:0 | Tags:Blog analysis Linux root Windows

Dogspectus ransomware campaign relies on Leaked Hacking Team Exploits and Towelroot

Blue Coat spotted a new ransomware-based campaign serving the Dogspectus malware. Crooks combined a Hacking Team exploit and the Towelroot exploit. Security experts at Blue Coat have spotted a new campaign spreading an Android Ransomware dubbed Dogspectus. The malicious code hijacks mobile advertisements to scam gift cards, it locks the device in a state tha
Publish At:2016-04-26 15:35 | Read:3046 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Mobile Android CVE

How a few legitimate app developers threaten the entire Android userbase

A handful of app distributors are putting hundreds of millions of Android users at risk by bundling powerful root exploits with their wares, computer scientists have found. The researchers presented a paper on Thursday that shows how the exploits—which legitimate developers openly use to give Android phones added functionality—can be easily reverse-engineere
Publish At:2015-10-16 18:20 | Read:2080 | Comments:0 | Tags:Gear & Gadgets Risk Assessment Technology Lab android rootin

VERT IoT Hack Lab: Developing Your Inner Hacker

Getting root is fun, and with IoT gadgets, getting root is generally easy. This is why the IoT Hack Lab @ SecTor will be so much fun!If you still reminisce about (or look forward to) the first time you got root on a device, and you will be in Toronto on October 20-21, visit us at the convention centre where we’ll be setup in the expo hall. Expo passes are fr
Publish At:2015-10-14 14:25 | Read:3377 | Comments:0 | Tags:Featured Articles Tripwire News hack IoT Hack Lab root SecTo

Android adware wields potent root exploits to gain permanent foothold

Researchers have uncovered yet another Android-based adware campaign targeting people who download what they believe are trusted titles from websites and other third-party app stores.The apps use repackaged icons to disguise themselves as popular titles and are offered for download through pop-up ads on visited websites and in-app promotions, according to a
Publish At:2015-10-08 05:15 | Read:2424 | Comments:0 | Tags:Gear & Gadgets Law & Disorder Risk Assessment Technology Lab

padmin to root: Roles on AIX

Following a recent post from a consultant at IBM discussing how how privileged access should be performed on VIOS, I figured it was time to share some of our research in this arena. Those of you that are regular readers will know that I love root. For those of you that are new, welcome aboard. Let’s start by defining what VIOS is. VIOS is a subsystem t
Publish At:2015-10-03 05:00 | Read:3532 | Comments:0 | Tags:Blog AIX analysis auditing exploit root UNIX

How to root the LG Watch Urbane ( B285 )

A few days ago I've bought a LG Watch Urbane from the Google Store since it seemed to me the very first "elegant" wear device. I really like old fashioned wrist watches so I waited for something similar to be on the market before getting a Wear device. Unfortunately, being it a relatively new device, there aren't many informations on the web on how to root
Publish At:2015-06-16 03:25 | Read:3784 | Comments:0 | Tags:android LG Watch Urbane root android wear wear TWRP SuperSU

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud