Author Archives: Professional Hackers

Find, Lock and Erase All Data On Your Phone Without Touching It

Did you know that you can actually lock your android phone without physical contact? Yes! Lock your android phone remotely and easily.

Of course! You are devasted you lost your beloved phone because someone stole it or you lost it somewhere and someone found it but won’t return it to you and you were deeply worried because someone might actually be browsing your private data such as images, videos, and text messages. Well, worry no more because this tutorial will teach you to totally erased all the data you have on your lost phone and lock it for good!

Requirements:

These requirements are important to get everything done remotely. So, it’s important you set these up beforehand in case the time comes you lost your phone. And also, if you realized you lost your phone you should immediately perform these actions otherwise, you are giving the thief a handful of time to make something to your phone.

  • Phone Location must be turned on.
  • The phone itself must be turned on.
  • It must be signed to your Google Account.
  • It must have an internet connection.
  • The “Find my Device” Feature must be turned on.

Find Your Phone Remotely

You can easily find your phone EXACT location using this feature! Yes, the exact location simply follows the tutorial and requirements must be met first.

Tutorial:

  • To get everything started to go android.com/find
  • Sign in with your Google email the same that account was signed on your phone.
  • Give time to connect to your phone.
  • Then it will give you the real-time location of your phone! Yes, REAL-TIME.

How to Find Android Phone Remotely

Lock Your Phone Remotely

Now on locking your android device its just a few clicks away. Lock your phone and enter your phone number know the holder of your phone to contact you. Which is unlikely if your phone was stolen.

Tutorial:

  • Click the “Lock” Option and then enter a message and your phone number to get your contact.
  • Just like the image below.
  • On the right (phone’s end), this is what it will look like.

How to Lock Android Device Remotely

Erase Data On Your Phone Remotely

If every action you do fails. The thief won’t return your phone then this is your last resort. Erase all the data in it for GOOD! This will erase all your pictures, videos, contact list, messages and everything. The phone will be like the phone you have just bought it, empty on anything. And it will still remain locked after this.

Tutorial:

  • Go to Erase feature and then click on the erase.
  • Done!
  • This will erase everything you have on your phone.

How to Erase all Data on your Phone Remotely

Google put a lot of effort there to get everything is secured for you and your data. These features are all put together to protect your data but your phone can still be operational after everything. The thief can still do some magic on your phones program and reset everything bypassing every security feature and make the phone working again.

Discover Sub-Domains From SSL Certificates through – GetAltName

GetAltName it’s a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.

GetAltName - Discover Sub-Domains From SSL Certificates

 

It’s useful in a discovery phase of a pen-testing assessment, this tool can provide you with more information about your target and scope.

Features of GetAltName to Discover Sub-Domains

  • Strips wildcards and www’s
  • Returns a unique list (no duplicates)
  • Works on verified and self-signed certs
  • Domain matching system
  • Filtering for main domains and TLDs
  • Gets additional sub-domains from crt.sh
  • Outputs to clipboard

GetAltName Subdomain Exctraction Tool Usage

You can output to a text file and also copy the output to your clipboard as a List or a Single line string, which is useful if you’re trying to make a quick scan with Nmap or other tools.

 

GetAltName Required

  • colorama
  • ndg-httpsclient
  • pyperclip
  • requests
  • tldextract

You can download GetAltName here:

getaltname-1.0.0.zip

Or read more here.

 

Share Your View Below In Comments For More Detail Implementations.

How to root Android phones or tablets (and unroot them) in 2018

Do you want unlimited control over your phone? Android rooting opens up a world of possibility, but it can also void your warranty, leave you with a broken smartphone, or worse. It isn’t for the faint of heart.

Manufacturers and carriers have a vested interest in dissuading you from rooting — if done incorrectly, it can irreparably damage your phone. Even so, the potential benefits are well worth it. With a rooted phone, you can remove bloatware, speed up your processor, and customize every element of your phone software’s appearance.

This guide on how to root Android devices will walk you through the necessary steps to root your phone. Some devices can be rooted in minutes. Others take a little research. But one thing is clear: Rooting your phone is one of the best ways to tap into your Android device’s true potential.

WHAT IS ROOTING?

Rooting an Android phone or tablet is akin to jailbreaking an iPhone — basically, it allows you to dive deeper into a phone’s sub-system. It will allow you to access the entirety of the operating system to customize just about anything on your Android device. With root access, you can also get around any restrictions that your manufacturer or carrier may have applied.

Rooting is best undertaken with caution. You will want to back up your phone’s software before you install — or “flash,” in rooting terms — a custom ROM (modified version of Android).

WHY WOULD YOU ROOT?

sony unlock how to root android

One of the biggest incentives to root your Android device is to rid yourself of bloatware that’s impossible to uninstall otherwise (although you can sometimes disable it . On some devices, rooting will enable previously disabled settings, like wireless tethering. Additional benefits include the ability to install specialized tools and flash custom ROMs, each of which can add extra features and improve your phone or tablet’s performance.

There’s no overabundance of must-have root apps, but there are enough to make it worthwhile. Some apps, for example, let you to automatically back up all of your apps and data to the cloud, block web and in-app advertisements, create secure tunnels to the internet, overclock your processor, and make your device a wireless hot spot.

WHY WOULDN’T YOU ROOT?

There are essentially four potential cons to rooting your Android.

  • Voiding your warranty: Some manufacturers or carriers will void your warranty if you root your device, so it is worth keeping in mind that you can always unroot. If you need to send the device back for repair, simply flash the software backup you made and it’ll be good as new.
  • Bricking your phone: If something goes wrong during the rooting process, you run the risk of bricking — i.e., corrupting — your device. The easiest way to prevent that from happening is to follow the instructions carefully. Make sure the guide you are following is up to date and that the custom ROM you flash is specifically for it. If you do your research, you won’t have to worry about bricking your smartphone.
  • Security risks: Rooting introduces some security risks. Depending on what services or apps you use on your device, it could create a security vulnerability. And certain malware takes advantage of rooted status to steal data, install additional malware, or target other devices with harmful web traffic.
  • Disabled apps: Some security-conscious apps and services do not work on rooted devices — financial platforms like Google’s Android Pay and Barclays Mobile Banking do not support them. Apps that serve copyrighted TV shows and movies, like Sky Go and Virgin TV Anywhere, will not start on rooted devices, either.

One of the easiest ways to root an Android device is by using an app, and a number of rooting apps have garnered attention over the years — KingRootFirmware.mobiKingo RootBaiduRoot, and One Click Root. They will root your device in the time it takes you to brush your teeth. But some only support devices running older versions of Android. If you’re looking to root an older device, you may need to check CFRoot’s older site.

While it used to be that rooting Android versions from Android 7.0 was more difficult — verified boot would check the device’s cryptographic integrity to detect if your device’s system files have been tampered with, and this would previously inhibit legitimate rooting apps. Thankfully, rooting apps have caught up with the curve, and rooting Android Nougat is much easier than it used to be. Kingo is one of the one-click apps that support Android 7.0 Nougat. Their list of supported manufacturers include:

If your phone isn’t compatible with a one-click rooting app, you will have to spend a little time researching alternatives on Android forums. The best place to start is XDA Developers Forum — look for a thread about your phone or tablet and you’re likely to find a method.

Preparation for root

Back up everything you cannot live without before you start. You should also always back up your phone’s current ROM before you flash a new one.

You will want to ensure that your device is fully charged before you begin.

You will need to turn on USB debugging, as well as OEM Unlocking.

Open Settings on your device. If you do not see Developer Options toward the bottom of the Settings screen, follow these steps to activate them.

  1. Tap on About Phone and find the Build Number.
  2. Tap on the Build Number seven times and the Developer Options will appear on the main page of the Settings.
  3. Tap on the Back key to see the Developer Options.
  4. Tap on Developer Options.
  5. Check to enable USB Debugging.
  6. Check to enable OEM Unlocking.

Installing the Android SDK tools

For the next step, you may have to install ADB and Fastboot on your computer.

  1. Click here to download and install the Android SDK Tools from Google’s developer site. There are choices for Windows, Mac, and Linux. These instructions are for Windows machines.
  2. When asked what directory to install the software to, we recommend that you set it to C:android-sdk. If you choose a different location, just make sure you remember it.
  3. Once the Android SDK Tools are installed, launch it from the Start Menu.
  4. The SDK Manager will open. Just uncheck everything except Android SDK Platform-tools. It’s at the top.
  5. Click on Install 2 packages at the bottom right.
  6. Check Accept license and click Install.

Installing device drivers

To ensure your computer can properly communicate with your smartphone or tablet, you will need to install the appropriate USB driver.

Here is a list of drivers from the most popular manufacturers:

Follow the installer’s instructions. Once the drivers is installed, proceed to the next step.

Unlock your bootloader

Before you get started, you’ll need to unlock your device’s bootloader. The bootloader, simply put, is the program that loads the device’s operating system. It determines which applications run during your phone or tablet’s startup process.

Some manufacturers require you to obtain a key in order to unlock the bootloader. MotorolaHTCLG, and Sony provide step-by-step instructions on how to do so, but a word of warning: They require you to register for a developer account.

Once you have taken those steps, you can embark on the unlocking process. You will need to put your device in fastboot mode. It’s different for every phone, but on most devices, rebooting the device and holding down the Power and Volume Down buttons for ten seconds does the trick (HTC phones require that you hit the Volume Down key and press the Power button to select it.)

Once you have booted into fastboot, open your computer’s command prompt by holding down Shift+Right Click and choosing “Open a Command Prompt Here.” If your device requires a code, you will get a long string of characters. Paste it into the box on your device manufacturer’s website, submit the form, and await an email with a key, file, and further instructions.

To unlock your device’s bootloader, connect it to your computer and place it in fastboot mode again. Pull up the command prompt.

For Google Nexus and Pixel devices, the commands are easy:

  • Nexus phones: Type “fastboot oem unlock” (without quotes) and hit enter
  • Pixel phones: Type “fastboot flashing unlock” (without quotes) and hit enter

Motorola’s command is a little different:

  • Type “oem unlock UNIQUE_KEY” (without quotes), replacing “UNIQUE KEY” with the code you received

So is HTC’s:

  • Type “unlocktoken Unlock_code.bin” (without quotes), replacing “Unlock_code.bin” with the file you received.

Confirm the unlock, and you’re one step closer to rooting your Android device.

Some manufacturers and carriers don’t sanction bootloader unlocking, but that doesn’t mean it can’t be done. Try searching the the XDA Developers forum for workarounds and unofficial solutions.

How to Track Facebook Profile Visitors 2018 ?

Track Facebook Profile Visitors – Here We Have something Amazing that Now  You are Able to Track Facebook Profile Visitors without any software Easily by a Simple Facebook Trick. There is not a Facebook Feature and Offered by Facebook. You can Get and all the List of the Facebook Profiles who visit on your Facebook profile. On Facebook, Every User wants to See that Who is Secretly view their Profile. So, That why we share this Crazy Facebook Tricks to Track Profile Visitor.

On the Internet, People are also searching for “fb profile visitor app” or “facebook visitor tracker free download” terms like that but according to me there is no such facebook profile tracker app for android so searching on google about this is just a waste of time. You can track facebook profile visitor or check who is viewed your facebook profile by the following trick. this is for people who search on google about “facebook track who views your profile” so that’s why I am compiling here some great tips and tricks on facebook. People who search for track facebook profile ip you can check this link out and know how you do you know that from which IP your facebook profile is used.

How to Track Facebook Profile Visitors ?
How to Track Facebook Profile Visitors?

Now, Today We are Going to show a Facebook Trick to Track Facebook Profile Visitors. This is not Officially Permitted by Facebook but many of Geeks or Computer Worms find a Way to Track your Profile Visitors in Facebook Page View Source. Facebook has not Added this Cool Feature because they do not want to Reveal Information about Profile Visitors. Now on the Internet, this is the very Popular trick to Track your Facebook Profile Visitor. People want to Know who is Open Their Profiles and See their Pictures and Status. It is very Cool Trick that You can Now find who is Visit on your Facebook Profile.

 

How to Track Facebook Profile Visitors?

  1. Log in your Facebook Account.
  2. By Default you are on Facebook Home Page But If you are not Go to Facebook Home.
  3. Press CTRL+U and a New Window Open Where you see the Source Code of Facebook Page or You can also Do it By Right Click >> Open Source Code.
  4. Now Press CTRL+F and Search for this InitialChatFriendsList and You will see that Many Profile ID’s starting with 1000 is the Facebook Profile ids. You can Pick up any ID to see who is visit your Profile. In Below Picture You see that there are many People who View Facebook Profiles Secretly.These are the Facebook Profile IDs that Visit on your Profile
  5. Use These Profile ID’s like www.facebook.com/ID and Paste in Browser URL and See People who Watching you.
  6. These all are Facebook Profile IDs who is Visiting your Facebook Profile.
  7. Now you need to Pick Each of Profile Code and use this Process Again and Again. This is Little Complicated but 100% Working Trick.

This is Very Easy Trick to Track Facebook Profile Visitor and See Who is Watching you in Their Free Time and It may be your Lover, Hater, Relative or a Friend. Hackers are also View your Facebook Profile first before to perform an attack on your Facebook Account. They Target Facebook to get all User Information about Hobbies, Friends, and Relatives, Date of Birth. In Other Word, they use Brute Force to get Access your Facebook Account.

 

So Beware Before Updating Your Info On Facebook. If You have any questions you can comment below

Pros and cons of using a VPN

Pros and cons of using a VPN

The benefit of using a secure VPN is it ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. The justification for using VPN access instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network — e.g., for a traveling sales rep — or it is too costly to do so.

VPN performance can be affected by a variety of factors, among them the speed of users’ internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. Performance can also be affected by poor quality of service and conditions that are outside the control of IT.

 

VPN protocols

There are several different protocols used to secure and encrypt users and corporate data:

IP security (IPsec)
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
Point-To-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
OpenVPN

 

The most common types of VPNs are remote-access VPNs and site-to-site VPNs.

Remote-access VPN

A remote-access VPN uses a public telecommunication infrastructure like the internet to provide remote users secure access to their organization’s network. This is especially important when employees are using a public Wi-Fi hotspot or other avenues to use the internet and connect into their corporate network. A VPN client on the remote user’s computer or mobile device connects to a VPN gateway on the organization’s network. The gateway typically requires the device to authenticate its identity. Then, it creates a network link back to the device that allows it to reach internal network resources — e.g., file servers, printers and intranets — as though it was on that network locally.

A remote-access VPN usually relies on either IPsec or Secure Sockets Layer (SSL) to secure the connection, although SSL VPNs are often focused on supplying secure access to a single application, rather than to the entire internal network. Some VPNs provide Layer 2 access to the target network; these require a tunneling protocol like PPTP or L2TP running across the base IPsec connection.

VPN design, What is VPN

Site-to-site VPN

A site-to-site VPN uses a gateway device to connect the entire network in one location to the network in another — usually a small branch connecting to a data center. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common to use carrier MPLS clouds, rather than the public internet, as the transport for site-to-site VPNs. Here, too, it is possible to have either Layer 3 connectivity (MPLS IP VPN) or Layer 2 (Virtual Private LAN Service, or VPLS) running across the base transport.

BEST FAST AND SECURE VPN ANDROID APP

 

Some Thoughts on Malicious Software Prevention and Protection

Today I got a message from a business associate of mine apologizing for a delay in the work, because he’d been hit by malicious software (malware). As it turned out, I replied, computer security is what passes for a day job for me. So I came up with some instructions for him to help improve his security. These should be fairly easy for a non-technical person to use, though a moderately technical person may need to set things up.

Preventing malware infection

  1. Make your account a “Limited User” instead of “Administrator”. This prevents the malware from running on your system without you first entering your password.
  2. If you are running Windows, make sure you are on 7 or higher. Windows 7 provides lots more security controls that balance protection with usability. One key feature is AppLocker which prevents unknown software from running without entering your password. The downloadable tool EMET enhances protections and Windows Defender is excellent, free anti-virus software.
  3. Keep all your software updated. Windows does a nice job of updating itself, but other software isn’t always as good. I don’t generally like to recommend specific software, but in this case it’s hard to find if I don’t: Secunia PSI is free for personal use and keeps you updated about…well updates.
  4. Be skeptical before opening email attachments or links. This takes some practice, but it’s as easy as stopping and asking whether something makes sense or not. Many of the email scams today look real, unless you apply some skepticism. Why would a) this person/company be b) sending me this information c) through email and d) how can I see if it’s legit?

Reducing fallout from malware

  1. Work with your financial institution to increase account security. Many people erroneously assume that banks reimburse for financial loss from malware, but that’s only for personal accounts. Banks differ in what they offer and can help you figure out what works best for you.
  2. Use online backup storage. You can store your documents on the Internet securely, so if something happens to your computer you can still get your documents back. Several companies offer a small amount of storage for personal use for free. Also store software licenses so you can rebuild.
  3. Use password safe technology. This is software that will track your passwords and store them protected on your computer and the Internet, as well as generate strong passwords. This means you can have a strong, unique password for each website which reduces the likelihood of having multiple accounts compromised at once.

Cleaning up after malware infection

  1. Notify financial institutions immediately. They will put more scrutiny on your transactions and can work with you to add security measures to your account.
  2. Even the best cleaning may leave malware behind. It’s best to wipe everything and start over. Download applications from their legitimate website. Stored copies and third-party sites could have malware embedded in the legitimate software.
  3. Change passwords from a known-clean system. Start first with the websites that could cause the most damage, such as financial institutions or where you could have fraudulent charges against accounts (for example, iTunes and Skype).

Busting some common misconceptions about malware

Anti-virus and a firewall are NOT very effective. 
Your firewall is designed prevent random computers on the Internet from starting to talk to yours. But most malware is spread through the web and email, which means you start to talk with the computer with the malware. That means your firewall is largely useless.

Anti-virus software works by trying to know all of the malware out there and blocking it. The problem is that malware is generated faster than anti-virus can keep up, using techniques that ensure anti-virus companies don’t see the exact malware you’ve downloaded. Anti-virus fails more often than it succeeds at blocking malware in real-world testing.

Malicious software is NOT just spread through sketchy sites.
Most malware today is actually spread through legitimate websites. Malicious attackers break into and store their malware legitimate sites, infecting visitors. It’s also common for ads to contain malware  so even large and well-protected websites present some risk.

One web browser is NOT inherently more secure than another.
This was true at one time, but it’s not anymore. Some malware still spreads by attacking the web browser, but much more will attack supporting applications like Adobe Reader or Sun Java – two technologies that are independent of your web browser.

How to Get Started in Information Security

I’ve seen a lot of people lately asking how to get started in the Information Security industry. I think there are a lot of misconceptions about what you need, like expertise with tools, certifications, experience in a role, etc. Those help, but I don’t think that’s the number one thing that gets you into the industry. I think the biggest things are curiosity and dedication. Those two things will ensure that the rest follows. And if you don’t have those drives for an Infosec career then you haven’t found what you want to be doing for the rest of your life, so keep looking.

But there’s more to it that you’ll pick up along the way. Rather than tell you what I think you should do I’ll tell you how I got into the industry then try to distill the lessons and skillsets that I think have been most important for me. The story will hopefully tell you why I think the skillsets are important so you can understand for yourself what’s the best path for you.

I started out working break-fix PC support. Someone would call the help desk and if they couldn’t work it out over the phone I’d go out and fix it. I got good at malware cases – spyware, popups, network worms, etc. because I was curious about how to get rid of the malware, not just reimage the system. That doesn’t always cure the issue, as I learned, but it was typically quicker to fix and less work on my part because I didn’t have to copy the data, reinstall software, etc. On larger-scale malware incidents then I was on the front lines to help. And whatever I learned I wrote up for others so they didn’t have to learn the same thing.

I also made sure to take care of the whole problem before leaving. Again, mainly because I was trying to be more efficient (some might say lazy). If I didn’t I’d have to come back out to solve the original problem. And that often meant walking through some basic awareness information so that the system didn’t become reinfected. I wasn’t great at that, but the people appreciated it. It was this bedside manner that meant I was assigned to the higher profile cases with the folks who were more important in the organization.

When a security role opened up I applied for it. I researched for the interview and conversations, looked over what I’d been working on most and how I’d solved those problems. Then all of the questions were about appsec rather than anything I’d been doing. Oops. I guess I still did OK because I got an offer. It was lower than I knew it should be so I asked for industry average. I didn’t get it, but I did get about 5% more than the original offer.

I started reading all the blogs and magazine articles I could, in between doing security things. I figured I’d start writing too. I started my own blog to pass on lessons learned in plain English (go back to the early days of Beau’s Cybersecurity Blog and see how raw that stuff was). And comment on other peoples’ blogs and stories. People started to notice and comment back, email me, etc. and that encouraged me and keep up my momentum.

When I told my boss I was hitting the ceiling she said she understood and was glad – it meant I was growing and thriving. There wasn’t room for me to move up so I let her know I was going to start looking at other organizations. She said that was a good idea – it’s always easier to turn down an offer than to get one in the first place.

So I took stock – what was my passion, how could I best monetize my skills and why was I doing this? My passion was helping people fix problems. My most in-demand skillset was my communications and problem solving skillset, as well as my familiarity (not expertise) with security tools. My why (this is always the most important one) was so I could travel the world and work from anywhere, which meant I needed to improve my network connections and ability to make them more than anything.

So I began a low-intensity search – I still had a job so I could afford to wait for the right opportunity. Trawling job boards, Craigslist, companies I wanted to work for, asked friends, etc. Within a month I found one that looked perfect. I reached out, looked around and found who the hiring company was and applied directly too. Just like the last time I did lots of research and preparation and built a dossier on all the people I’d be talking with, as well as their execs in case I met one of them. All of that came in handy and they hired me. (They also found my blog and liked what I was writing about so that helped too.)

Repeat that process a few more times and here I am.

Below are a couple of lists. The first is traits I found inside myself when I found the right outlet – the area I felt I belonged and was passionate about. The second is the skillets I worked to improve along the way. Both lists are in order that I feel were most important. You’ll see that there aren’t any specific tools listed – that’s because I don’t think a large investment in time in those really helps. But familiarity and some experience playing with the top tools in what you want to do certainly does. If you’re just going for an entry-level job then that’s all they’ll be expecting.

Traits

 

  • Curiosity
  • Desire to get better
  • Self-exploration
  • Humility
  • Ambition

 

Skillets I worked hard at improving 

 

  • Communication (quantity and quality)
  • My value and place I fit best
  • Root-cause analysis
  • Patience
  • Perspective
  • Some technical tools

 

BootStomp – Find Android Bootloader Vulnerabilities

BootStomp is a Python-based tool, with Docker support that helps you find two different classes of Android bootloader vulnerabilities and bugs. It looks for memory corruption and state storage vulnerabilities.

BootStomp - Find Bootloader Vulnerabilities

 

Note that BootStomp works with boot-loaders compiled for ARM architectures (32 and 64 bits both) and that results might slightly vary depending on angr and Z3’s versions. This is because of the time angr takes to analyze basic blocks and to Z3’s expression concretization results.

How does BootStomp find Android Bootloader Vulnerabilities?

BootStomp implements a multi-tag taint analysis resulting from a novel combination of static analyses and dynamic symbolic execution, designed to locate problematic areas where input from an attacker in control of the OS can compromise the bootloader’s execution or its security features.

Using the tool the team found six previously-unknown vulnerabilities (of which five have been confirmed by the respective vendors), as well as rediscovered one that had been previously reported. Some of these vulnerabilities would allow an attacker to execute arbitrary code as part of the bootloader (thus compromising the entire chain of trust), or to perform permanent denial-of-service attacks.

The vulnerabilities impact the Trusted Boot or Verified Boot mechanisms implemented by vendors to establish a Chain of Trust (CoT). The team using BootStomp discovered vulnerabilities in the bootloaders used by Huawei, Qualcomm, MediaTek, and NVIDIA.

The team analyzed bootloader implementations in many platforms, including Huawei P8 ALE-L23 (Huawei / HiSilicon chipset), Sony Xperia XA (MediaTek chipset), Nexus 9 (NVIDIA Tegra chipset), and two versions of the LK-based bootloader (Qualcomm).

 

How to use BootStomp

The easiest way to use BootStomp is to run it in a docker container. The folder docker contains an appropriate Dockerfile, these are the commands to use it:

 

You can download BootStomp here:

BootStomp-master.zip

Ransomware: New free decryption key can save files locked with Cryakl

Victims of Cryakl ransomware are now able to get their files back without paying a ransom to cybercriminals, after the decryption key was released for free as part of the No More Ransom initiative.

Launched by Europol in 2016, the scheme brings law enforcement and private industry together in the fight against cybercrime and has helped thousands of ransomware victimsretrieve their encrypted files without lining the pockets of crooks.

Cryakl has been active since September 2015 and, like other forms of ransomware, it searches an infected system for files, encrypts them, then demands payment for providing the key needed to retrieve the files. It also threatens to delete the encrypted files if payment isn’t received within a week.

Unlike more recent forms of ransomware which ask for payments to be made into a cryptocurrency wallet, victims of Cryakl are asked to contact the attackers by email.

The ransomware is most prolific in Russia, but Cryakl has claimed victims across Europe. Kaspersky Lab told ZDNet there has been over 2,000 infections in Italy, over 2,000 in Germany, over 1,000 in Spain and hundreds across the UK, Belgium, France, Poland, and Austria.

Decryption tools for Cryakl ransomware have been added to the No More Ransom portalfollowing work by the Belgian National Police and Kaspersky Lab as part of an ongoing investigation.

 

“Free decryption keys for Cryakl ransomware can be considered as proof of this policy, and yet another reminder that there is always a chance of winning in the fight with criminals.”

The addition of keys for Cryakl brings the total number of ransomware decryption tools available on the No More Ransom portal to 52. They can be used to decrypt 84 forms of ransomware including MarsJoke, Teslacrypt, LamdaLocker, Wildfire, and CryptXXX.

According to Europol, over 35,000 people have used No More Ransom to decrypt their files for free, preventing cyber criminals from obtaining ransoms worth over €10m.

Initially launched by Europol, the Dutch National Police, McAfee, and Kaspersky Lab, the number of partners working on No More Ransom has now risen to over 120, including 75 cybersecurity companies.

The Belgium National Police’s role in helping to decrypt Cryakl has seen it promoted to become an associate partner in the scheme — the second law enforcement body to do so after founding member the Dutch National Police.

Europol has also announced new partners for No More Ransom: the Cypriot and Estonian police are the most recent law enforcements agencies to join, while KPN, Telenor, and the College of Professionals in Information and Computing (CPIC) have joined as new private sector partners.

Learn how to bypass MAC filtering on wireless networks

In this tutorial we will be looking at how to bypass MAC filtering on a wireless network. MAC filtering, or MAC white- or blacklisting, is often used as a security measure to prevent non-whitelisted or blacklisted MAC addresses from connecting to the wireless network.

MAC Address stands for media access control address and is a unique identifier assigned to your network interface. With MAC filtering you can specify MAC addresses which are allowed or not allowed to connect to the network. For many occasions MAC filtering can be sufficient as a security measure but in others it is certainly not.

MAC filtering is totally useless to protect company networks and data or to prevent networks from being hacked over WiFi because is it so easy to bypass. When MAC filtering is in place you can easily determine whitelisted MAC addresses by scanning for connected clients using a tool like airodump-ng.

In this case we can assume that every connected MAC address is part of the whitelist or not on the black list.

In this tutorial we will be bypass MAC filtering on a TP link WR-841N router by spoofing the MAC address of a connected client. The connected client’s MAC address is whitelisted, otherwise it would not have been able to connect to the wireless network. We will put our wifi adapter in monitoring mode and retrieve the MAC address of connected clients with Airodump-NG on Kali Linux.

Then we will be using the Macchanger tool to spoof our MAC address, bypass MAC filtering and connect to the wireless network. Hacking the WiFi network password is outside the scope of this tutorial. You can have a look at the following WiFi hacking tutorials and tools to learn how to retrieve the password (and prevent this from happening):

MAC filtering settings

First we will be configuring the MAC filtering functionality in the router settings. We will be adding one client to the whitelist which will be our connected client:

Bypass MAC Filtering on wireless network - MAC Filtering on TP-link router

We’ve added one MAC address to the whitelist.

Let’s try to connect from another client in Kali Linux 2.0:

Bypass MAC Filtering on wireless network-2

Unable to connect from a non whitelisted MAC Address

Even if we use the right password is does not allow us to connect to the wireless network. We end up in an endless loop without authentication. This tells us the MAC filtering is active and working like a charm.

Bypass MAC Filtering

First we will have to put our WiFi adapter in monitoring mode using Airmon-ng and kill all the processes Kali Linux is complaining about:

airmon-ng start wlan0

kill [pid]

Then we launch Airodump-ng to locate the wireless network and the connected client(s) using the following command:

airodump-ng –c [channel]–bssid [target router MAC Address]–i wlan0mon

Airodump-ng now shows us a list of all connected clients at the bottom of the terminal. The second column lists the MAC Addresses of the connected client which we will be spoofing in order to authenticate with the wireless network.

Bypass MAC Filtering on wireless network-3

One connected client with a whitelisted MAC Address.

Spoofing the MAC Address with Macchanger

Now that we know a MAC address that is whitelisted in the TP Link router settings we can use it to spoof our own MAC address in order to authenticate with the network. Let’s spoof the MAC address of your wireless adapter but first we take need to take down the monitoring interface wlan0mon and the wlan0 interface in order to change the MAC address. We can do this by using the following command:

airmon-ng stop wlan0mon

Now we take down the wireless interface who’s MAC address we want to spoof with the following command:

ifconfig wlan0 down

Now we can use Macchanger to change the MAC address:

macchanger -m [New MAC Address] wlan0

And bring it up again:

ifconfig wlan0 up

Now that we have changed the MAC address of our wireless adapter to a whitelisted MAC address in the router we can try to authenticate with the network and see if we’re able to connect:

Bypass MAC Filtering on wireless network-4

Connected!

As you can see we have managed to connect to the wireless network using a spoofed MAC address of a connected client. This tutorial shows us that it was extremely easy to bypass MAC filtering on a wireless network and that MAC filtering is generally useless to protect your network from hackers.