AhnLab SEcurity intelligence Center (ASEC) is monitoring attacks targeting poorly managed Linux servers by utilizing multiple honeypots. One of the most common honeypots is the SSH service using weak credentials, and a large number of DDoS and CoinMiner threat actors are attacking this service. ASEC has recently identified a case of an attack that installs […]| ASEC
In this post, I'll go over how to crack the key of a WEP-encrypted WiFi network and pivot into it to interact with vulnerable services running on it.| tbhaxor's Blog
AhnLab SEcurity intelligence Center (ASEC) monitors attacks targeting Linux servers that are inappropriately managed using honeypots. One of the representative honeypots is the SSH service that uses weak credentials, which is targeted by a large number of DDoS and coinminer attackers. ASEC has identified cases where Linux servers were attacked to install proxies. In […]| ASEC
The AhnLab SEcurity intelligence Center (ASEC) recently discovered ransomware being distributed disguised a password cracker tool. Such tools are typically used in brute force attacks. Brute force attacks involve by trying every possible combination to find the correct password. Attackers repeatedly attempt to breach a system’s authentication procedure to steal passwords. This method is particularly […]| ASEC
During the last few weeks I’ve been working on a new tool that started as a way for me to become more familiar with Rust and its| evilsocket
Given the recent topic of OTPless k9lhax installation on N3DS, I felt it would be interesting to mention the original hardware method of executing non-enhanced k9lhax on an N3DS. For the sake of documentation, this exploit was conducted in May 2015 cooperatively between myself, WulfyStylez and Dazzozo. I ended up being the one to conduct the actual hardware exploit and bruteforce while the 3DS software process was almost entirely done by WulfyStylez and Dazzozo. The original k9lhax method was...| [Segmentation Fault]
I only got to solve one of the three leet challenges. It was a cryptography challenge where I can brute force two parameters known to be between 0 and 1000 and then work backwards to figure out q based on a hint leaked in the output. From there, it’s simple RSA.| 0xdf hacks stuff
You will discover how to connect to the organization's access point using PEAP-MSCHAPv2 authentication and relay the response to the authenticator challenge This will allow you to read the private emails on a LAN-hosted POP3 server.| tbhaxor's Blog
In this post, you will learn how to obtain wifi credentials for a TTLS-PAP enterprise network, connect to the network, and access LAN resources.| tbhaxor's Blog
In this post, you will learn how to capture the 2 out of 4 EAPOL handshakes of WPA network and crack the password from a wordlist.| tbhaxor's Blog