Connor Fairman

THE MIRAI BOTNET ARCHITECTS ARE NOW FIGHTING CRIME WITH THE FBI

September 19, 2018 by Connor Fairman 1 Comment

A trio of hackers who orchestrated a denial of service attack that hijacked thousands of IOT devices are now cooperating with the FBI. Initially, their goal was to take down rival Minecraft users’ hosts, but they somehow caused much more damage than they intended.

The original article about the crime is here: https://www.wired.com/story/mirai-botnet-minecraft-scam-brought-down-the-internet/

You can check out the Mirai source code on Github here: https://github.com/jgamblin/Mirai-Source-Code

It is wise of the FBI and other agencies in the US to recruit these people instead of sentencing them to prison, assuming they aren’t complete sociopaths. The old system of requiring clearances in order to make an impact is frustrating, un-enticing and prevents talent from entering the government. If we can allow more people with skills in this area into the cyber security realm in our government in an expedited process, our country’s cyber security game will be substantially improved. In all likelihood, very few of these prospective employees would pass a background check.

https://www.wired.com/story/mirai-botnet-creators-fbi-sentencing/

Why is Ruby relevant to what we do?

September 17, 2018 by Connor Fairman 1 Comment

I found myself curious about why Ruby was so relevant to penetration testing and hacking in general and was fortunate enough to find this article on Null Byte.

First, some of the most popular exploitation frameworks are written in Ruby, such as Metasploit: https://github.com/rapid7/metasploit-framework

In the article below, you can use one line of Ruby code in the command line to do things such as dump passwords saved in the attacked computer’s web browser. This requires first hiding Ruby payloads in a PDF file which execute in the background (unbeknownst to the user) after the PDF is opened.

There are a number of other “how to” links in this article that take you further into the “how” of a procedure like this.

https://null-byte.wonderhowto.com/how-to/hacking-macos-hack-macbook-with-one-ruby-command-0186686/

Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later.

September 16, 2018 by Connor Fairman Leave a Comment

A vulnerability in Fair Dice’s C++ source code was exploited by a hacker to steal $200,000 worth of EOS cryptocurrency from crypto-betting site, Fair Dice. The vulnerability involved the emplacement of an object which contained the amount of money to transfer into a vector. The problem was that there were not adequate parameters on the values that could be emplaced into this vector, which allowed the hacker to siphon this large amount of money. Moral of the story, always check your boxes when you are coding something involving other people’s money. It doesn’t take long to set instance variables, object parameters, etc. Better safe and have done some tedious work than very sorry.

source code:

https://github.com/Dappub/fairdicegame/blob/master/fairdicegame/include/fairdicegame.hpp#L240

original article:

https://www.zdnet.com/article/blockchain-betting-app-mocks-competitor-for-getting-hacked-gets-hacked-four-days-later/

What is Metasploit?

September 12, 2018 by Connor Fairman Leave a Comment

Apparently Metasploit is one of the most commonly used penetration tools available. I discovered this after reading about how attackers can use Meterpreter to gain control over a user’s computer/device. Relevant to our class is the fact that the most recent version of Metasploit is in Ruby, which means that your computer must have Ruby installed in order to run this software. Good for those who have macs because I’m pretty sure they already have some version of Ruby installed on them.

The interesting bit about this is not that it’s commonly used or free, but that it seems relatively easy to download to start using. All you need is a machine with Ubuntu and a very minimal understanding of how to use the command line and you’re set. Another interesting thing to consider is that this software, while useful for testing purposes, can be exploited to do some truly alarming deeds, many of which are detailed thoroughly on the null-byte website.

https://null-byte.wonderhowto.com/how-to/hack-like-pro-getting-started-with-metasploit-0134442/

How to Hack into Someone’s Laptop Camera

September 12, 2018 by Connor Fairman Leave a Comment

Honestly this is something that I have wondered about for years now ever since the Lower Merion School District’s camera hacking controversy. Apparently it’s not that difficult to control someone’s camera after all. Step one is accidentally allowing someone to install Meterpreter on our computer, via an email attachment or something of the like. Through Meterpreter, the attacker gains access to our command shell aka our terminal. They can even run shell scripts on your computer through Meterpreter, which sends data back to the attacker in a way that doesn’t risk detection. Once meterpreter is installed, the attacker can list our devices’ cameras and access them via the command line. That simple.

https://null-byte.wonderhowto.com/how-to/hack-like-pro-secretly-hack-into-switch-on-watch-anyones-webcam-remotely-0142514/

https://null-byte.wonderhowto.com/how-to/hack-like-pro-hacking-samba-ubuntu-and-installing-meterpreter-0135162/

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

September 9, 2018 by Connor Fairman 1 Comment

MikroTik routers have a security vulnerability that was revealed after a wikileaks report detailed a CIA hacking tool, known as Chimay Red. What I found immediately interesting was that someone reverse engineered Chimay Red and it is now available for cloning from someone’s github: https://github.com/BigNerd95/Chimay-Red

With Chimay Red, you can add a payload to the router. It also seems like you can use it to overload a thread’s stack, which traditionally contains variables, functions, pointers, etc. that are in local scope. This allows us to write POST date into ANOTHER stack after we overload the current one. How we know what the next stack is, though, is unclear to me because threads are asynchronous, or rather they are used to handle asynchronous tasks.

Back to MikroTik, the key important detail here is that hackers can hijack devices if they take advantage of this vulnerability. Moreover, hackers can reroute traffic from compromised routers to themselves. This allows them to monitor their victims.

https://thehackernews.com/2018/09/mikrotik-router-hacking.html