Practice Hacking: the Command Injection ISO

Pentester Academy
This entry is part 11 of 11 in the series [ Hacker Night School ]
I love sites like HackThisSite.org and root-me.org, where you can practice your hacking skills legally and safely.
There are also some cool pre-vulnerable-ized web applications/sites that you can download, unzip and use on your hacking lab, like DVWA and Mutillidae.
Then there are the dedicated virtual machines like Metasploitable, that give you a whole OS environment to wreck to your heart’s content. Here’s an example a friend recently pointed out to me, the Command-Injection-ISO from PenTester Academy.
“We’ve packaged 10 real world applications into an Ubuntu Desktop based ISO. These applications are vulnerable to command injection attacks which you will need to find and exploit. Please note that not all applications are on port 80 :)” – https://sourceforge.net/projects/commandinjectioniso/ .
Give it a try and tell us what you think! Thanks –
Glenn

Learn Python in 43 Minutes (if you’re a really fast learner)

This entry is part 10 of 11 in the series [ Hacker Night School ]

Learning new programming languages is an endless task, because languages go in and out of vogue, and new one offer some substantial improvements (none of them will find you a spouse yet, unfortunately). After a while I recognized that all languages have more in common than they have differences, so when I need to pick up a new one or just brush up one one I haven’t used recently, I look to quick, clear training. W3Schools is terrific for a lot of things, including my recent refresh of Python. But there are other ways to teach and learn. These days a lot of people prefer video to text.

So I went looking for good examples of “instant” Python training, and of them, I like this particular video best: “Learn Python in One Video”:

Hacker Night School: Bug Bounty: Hack Facebook for Fun and Profit!

Security Padlock
This entry is part 9 of 11 in the series [ Hacker Night School ]

Ashley King writes about an experience with bug bounty:

“Whilst working on the Facebook Bug Bounty Program in June 2018 we had identified an issue with the webview component used in the Facebook for Android application. The vulnerability would allow an attacker to execute arbitrary javascript within the Android application by just clicking a single link.

“I was able to execute this at 3 different end points before we concluded the issue was primarily with the webview component rather than just the reported end points themselve. After going back and forth with the Facebook security team they quickly patched the issue and I was rewarded with $8500 under their Bug Bounty Program.”
https://ash-king.co.uk/facebook-bug-bounty-09-18.html?fbclid=IwAR1D47yyW9B6YadOcF3PxrwxHiQiySEhFzqijNQMKMjwuv1eSzz8OuVZBzc

Have you checked out the bug bounty opportunities? You don’t necessarily have to be a code wizard to try this; victory goes to the person who notices the right thing. Read the article linked above to see how Ashley did it.

TOR Browser Search Engines

This entry is part 8 of 11 in the series [ Hacker Night School ]

Tor search engines

  1. Disconnect.me
  2. Torch http://xmh57jrzrnw6insl.onion/
  3. Ahmia http://Ahmia.fi
  4. AlphaBay http://pwoah7foa6au2pul.onion/
  5. Candle http://gjobqjj7wyczbqie.onion/
  6. Not Evil https://hss3uro2hsxfogfq.onion.to/
  7. The Hidden Wiki http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page
  8. Grams http://grams7enufi7jmdl.onion/helix/light
  9. Helix http://grams7enufi7jmdl.onion/
  10. StartPage https://startpage.com
  11. Duckduckgo.com!

Excellent, well-written hacking lessons: HackingTutorials.org

This entry is part 2 of 11 in the series [ Hacker Night School ]

It might seem funny for School for Hackers to like or endorse another hacking tutorial site, but the truth is that sites like Hacking Tutorials are terrific resources for all of us. This really excellent site features detailed, well-written step-by-step tutorials on up-to-the-minute vulnerabilities and exploits: The Top 10 Wifi Hacking Tools in Kali Linux and Penetration Testing from the Cloud, for instance.

Here at S4H we incorporate materials from the best sources and services we can find, and we encourage students to learn from YouTube videos, HackThisSite.org, root-me.org, and anywhere else you or we can find good stuff. In this case, I strongly recommend taking a tour through the site:

http://www.hackingtutorials.org/

Finding and Using Browser-saved Passwords: Another video from Starry Sky

This entry is part 3 of 11 in the series [ Hacker Night School ]

Yeah, we all do it, right? We let our browser store our passwords for all those sites we visit every day. It’s easy, it’s convenient, and it’s really easy to hack. Starry shows us how to reveal these passwords, swipe them and use them in another browser. Plus: he demos what you can do about this (besides not giving your passwords away to your browser).

[ Hacker Night School ] :: [ Hiding Your Ass ] :: [ Using a VPN ]

Starry Sky (Htet Aung)
This entry is part 5 of 11 in the series [ Hacker Night School ]

Starry Sky and Glenn Norman discuss using a VPN or proxy server

Now take the Quiz:

1. What of these statements is the most accurate description of a proxy.

a. Hides your IP address
b. Makes it look like you’re coming from a different IP address
c. Makes your web traffic (ports 80 and 443) look like it’s coming from a different IP address
d. Makes ALL your network traffic look like it’s coming from a different IP address

2. What exactly does a VPN do?

a. Hides your IP address
b. Makes it look like you’re coming from a different IP address
c. Makes your web traffic (ports 80 and 443) look like it’s coming from a different IP address
d. Makes ALL your network traffic look like it’s coming from a different IP address

3. Will a proxy hide your IP if you are:

Yes    No    Streaming video
Yes    No    Downloading a torrent
Yes    No    Using instant messaging
Yes    No    Watching Flash

4. Will a VPN hide your IP if you are:

Yes    No    Streaming video
Yes    No    Downloading a torrent
Yes    No    Using instant messaging
Yes    No    Watching Flash

5. Suppose you have been given a penetration testing contract to test the security of a company’s web applications. Which type of service would give you sufficient privacy, usually at no cost, and sometimes with superior speed?

a. Proxy server
b. VPN
c. macchanger
d. Burp Suite

6. Your next pen testing contract has you scanning your client’s internal and external networks and computer systems. You’ll be using lots of non-web tools like nmap and hping3. Which type of service will give you the level of concealment you’ll need when using any networking protocol?

a. Proxy server
b. VPN server
c. Working from the nearby Starbucks
d. Kali Linux

7. How should you check to see if your proxy or VPN is working?

a. Check your external IP address after starting the VPN
b. Check your external IP address before starting the VPN
c. Both, and make sure they’re the same!
d. Both, and make sure they’re different!

8. Which would be the safest country for you to get your VPN from?

a. USA
b. Switzerland
c. China
d. Russia

Answer Key:

1: c
2: d
3: No, no, no, no
4: Yes, yes, yes, yes
5: a
6: b
7: d
8: b