Security Researcher Mathy Vanhoef of Imec-DistiNet discovered a weakness within the WPA2 protocol, potentially affecting all the wireless routers supporting WPA2, an attacker can take advantage of this vulnerability by using key re-installation attacks (KRACKS).

The attack can be used to intercept passwords, Emails, chat messages and even your credit card Information. Consider if your network is not configured properly the attacker can inject ransomware and other malware into the Web sites you visit.

He says that the weakness is in the Wi-Fi Standard itself even though if your router is perfectly configured you will be affected by this attack. Mathy suggests updating the Router’s Firmware when the Vendor issues the Updates to your Router.

“Note that if your device supports Wi-Fi, it is common that it is affected. During our initial research, we learned ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some modification of the attacks. For more data about specific products, consult the database of CERT/CC, or contact your vendor.”

In the research paper, he explains the attack as “exceptionally destructive” against Android 6.0:

“Because Android uses wpa_supplicant, Android 6.0 and above further contains this vulnerability. This presents it trivial to hijack and manipulate traffic sent by these Linux and Android devices,” he addresses on the Krackattacks site explaining the flaw. “Note that currently, 41% of Android devices are exposed to this exceptionally devastating variant of our attack.”

He also says that attacks on MacOS and OpenBSD are easier to execute although we agree that some of the attack scenarios in the paper are rather impractical, do not let this fool you into believing key re-installation attacks cannot be abused in practice.

Vanhoef further explains how the attack can still work against Web Apps and native Apps that are using HTTPS, explaining how this added encryption layer can be avoided in what he describes as a worrying number of conditions he flags multiple prior instances of HTTPS being avoided “in non-browser software, in Apple’s iOS and OS X, in Android apps, in Android apps again, in financial apps, and even in VPN apps.

See also  a Proof-Concept-Video of the Attack:

ALSO READ: Hack a Windows 7/8/10 admin account password with Windows magnifier

source: https://latesthackingnews.com

The post WPA2 encryption can now be hacked with new KRACKS method appeared first on ITBlogSec.com.

This exploit takes advantage of the ease of access tool on the login page by ‘tricking’ windows into launching a fully privileged command prompt by selecting ‘make items on the screen larger – magnifier’. By using this method you can simply reset admin account password, just by having physical access to the computer.

Disclaimer: This is for use on a PC that you own. Breaking into someone else’s PC is considered a serious crime in most places. If you make a mistake or change something else, your Windows may become a non-boot. If so, just undo whatever you changed outside of the hack shown here, and it will back to normal. Need I say this is for Educational Purposes! You are responsible for your own thoughts and actions.

1. Launch any OS that allow full access to file system

Here you can use many different linux distros or even a windows disk/usb, as long as you can access the terminal/command prompt, you’re good. In this case, we are going to use Kali linux distro. Insert CD/DVD into drive and reboot the machine. Start your Live DVD. You may need to go into the BIOS screen and change the boot-up order to CD/DVD drive first, HDD second.

2. Navigate to Sys32

Use the file browser in your Linux environment, navigate to %windir%/system32/. You may have to right-click and mount the Windows partition/drive first or use the NTFS-3G command.

Article is written on a macbook with Windows dual booted, there is Windows instance named as BOOTCAMP.

3. Rename Magnify.exe

Find and rename magnify.exe (Magnifier file) to magnify.old. 

mv magnify.exe magnify.old

4. Rename cmd.exe

Find and rename cmd.exe to magnify.exe.

mv cmd.exe magnify.exe

5. Shut Down Linux & Reboot Windows

Log out and reboot, remove CD/DVD/USB, and restart into Windows.

6. Get CMD Prompt Modify Accounts

When Windows reboots, click on the ease of access button in the bottom left corner

Click the second selection “Make items on the screen larger (Magnifier)” and hit apply.

The command prompt should now be in front of you. You now have a system level command prompt. At this point is where you can change the admin password and make any modification to the system using administrator privileges. 

Tip: You can right-click on cmd.exe and click “Run as administrator” inside of Windows for escalated privileges. To edit files, it would never be allowed at basic admin level (caution). Same goes for any app in Windows right click and make the magic happen.

Type net user to get a list of accounts

Change Password: 

net user username new_password

Tip: when you do so, the password changes without prompting you again.

Add an account: 

net user username password /add

Tip: If your username has a space, like John Doe, use quotes like “John Doe”.

Admin that: 

net localgroup administrators username /add

Delete that: 

net user username /delete

Remote Desktop Users Group: 

net localgroup Remote Desktop Users username /add

Net User Syntax Reference:

net user commands 
net user for domain

7. Revert back all changes

Now you should insert your Linux Live CD/DVD/USB and rename the files back to the original names.

1. Repeat Step 1
2. Repeat Step 2
3. Rename magnify.exe back to cmd.exe
4. Rename magnify.old back to magnify.exe
5. Log out, take out CD/DVD USB, reboot into Windows

Recommended resources

Kali Linux
Create Live USB Sticks Rufus

Conclusion

Well, that was how you hack a Windows 7/8/2008/10 administrator account password with Windows Magnifier. This also demonstrates how you could Pwn a machine if you think about it some, have hands on and they have not disabled EoA.  Hope it helps you in some way.

source: https://null-byte.wonderhowto.com, https://thehacktoday.com

The post Hack a Windows 7/8/10 admin account password with Windows magnifier appeared first on ITBlogSec.com.

The HBO hackers who have been notoriously leaking unaired TV show episodes and their scripts are acting well on their promise of continuously releasing new material. In the latest wave, the hackers have released more content, but it didn’t include Game of Thrones Season 7 episodes.

According to Reuters, the hackers have released the episodes of the much-anticipated comedy series Curb Your Enthusiasm, which returns in October. Notably, Curb has been off air for 5 years. The dump also included another popular show Insecure’s Sunday night episode.

The other leaked unaired episodes are from the TV shows The Deuce and Barry. While The Deuce is an upcoming TV drama set in and around Times Square, Barry is a Bill Hader comedy series which is set to air in 2018.

For those who don’t know, HBO had suffered a massive hack after becoming the target of a hacker group who calls itself Mr. Smith. As per the claims made by the hackers, they had obtained 1.5TB of data after a 6-months long attack.

Over the past few weeks, hackers have been releasing unreleased episodes and scripts of Game of Thrones and other TV shows, employee emails, and personal contact details of GOT stars.

The hackers have made demands and asked for a 6-month salary in bitcoin, which turns out to be about $6 million to $7.5 million. It was also revealed that, in the past, HBO tried to stop the leaks by offering $250,000 for “finding out vulnerabilities in HBO’s systems.”

ALSO READ: WannaCry ransomware: researcher halts its spread by registering domain for $10.69

source: https://fossbytes.com

The post HBO Hackers Release More TV Show Episodes — No New Game Of Thrones Season 7 Material appeared first on ITBlogSec.com.

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

1. John Draper

John Thomas Draper (born March 11, 1943), also known as Captain Crunch. This phreaker (“Pirate’s phone”) whose real name is John Thomas Draper (born March 11, 1943) became famous because he managed to make free long distance calls with a whistle found in Cap’n Crunch cereal box. Indeed, the sound from this whistle had a frequency of 2600 Hertz, the same frequency as a long-distance line unoccupied continuously emitted to indicate to a telephone exchange is ready to receive a call. The phreaked called a remote toll opening an unused line that did not record billing.

[/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

2. Steve Jobs and Steve Wozniak

Both have several things in common, the two famous founders of Apple Computer have spent their youth as hackers. Before moving to Apple, they spent their days building called Blue Box devices that allowed for the whistle as John Draper to make long distance calls without paying a dime. They then started selling these devices to their classmates at the University of California.

We could add Mark Zuckerberg (founder of Facebook), Bill Gates (Microsoft founder), Linux Torvalds (Linux kernel founder) who have all some relations with hacking.

[/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

3. David Smith

All the popularity of David Smith came after creation of the worm “Melissa” on 26 March 1999. The Worm was saturated messaging systems by spreading user to user via infected emails (there are over 60 000). Damage estimates were $385 million. Smith, who was arrested, sentenced to 2 years in prison and $5000 fine sad the worm was never intended to cause damage.

The first time the Melissa worm was hidden, it was in a file containing pornographic sites passwords. Smith said that the name Melissa has just met a dancer during a trip to Florida.

[/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

4. George Hotz alias GeoHot

George Hotz is an American hacker known for unlocking the iPhone (the famous jailbreak) and its release the Playstation 3. The jailbreak of making jump the protections of devices running the iOS operating system, providing access to all the features of it, and making it possible to download and install applications without paying.

When Sony was attacked, allegedly by the group Anonymous, Hotz said he was not reponsible for the attack.

 [/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

5. Michael Calce alias MafiaBoy

Mafiaboy is a Canadian who has acquired a certain notoriety after launching in February 2000 a series of DDoS attacks against several web sites such business giants as eBay, Amazon, Yahoo!, Dell or CNN.

He was only 15 years old then, and now says he was not professional, far from it, he used the programs that his friends had done. Calce operated websites mainly for fame and to show his dominance in his group. He now works for a computer security company.

  [/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

6. Gary McKinnon

In 2002, a special message appears on the screen of a computer of the US Army: “Your security is the sh*t, I am Solo and I will continue to disrupt at the highest levels.”

It was later learned that this is a message from a British systems administrator named Gary McKinnon. McKinnon allegedly accessed 97 computers belonging to the US Army, NASA, the Army, the Air Force, the Navy, the Ministry of Defense and the Pentagon.

Gary explains that he wanted to do all this to find out once and for all if there were UFOs and thought the US had recovered an alien anti-gravity technology. Then he risked 70 years in prison, Gary was diagnosed as suffering from a form of autism and will not be extradited to the United States where he faced a big trouble.   [/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

7. Robert Tappan Morris

In 1988, the graduate student from Harvard University decided to test the size of the Internet. He created the Morris worm that infect 6000 Unix machines by making it crash. Millions of dollars of damage will then be estimated. It was probably the first worm of this kind. Morris was finally captured, fined, sentenced to three years probation and 400 hours of community service.

The disk used to write the worm is now available in Boston science museum. And Morris is now a professor at the Massachusetts Institute of Technology.

[/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

8. Adrian Limo

In December 2001, Lamo was praised by Worldcom for helping to fortify their corporate security. In February 2002, he broke into the internal computer network of The New York Times, added his name to the internal database of expert sources, and used the paper’s LexisNexis account to conduct research on high-profile subjects. The New York Times filed a complaint, and a warrant for Lamo’s arrest was issued in August 2003 following a 15-month investigation by federal prosecutors in New York. At 10:15 AM on September 9, after spending a few days in hiding, he surrendered to the US Marshals in Sacramento, California. He re-surrendered to the FBI in New York City on September 11, and pleaded guilty to one felony count of computer crimes against Microsoft, LexisNexis, and The New York Times on January 8, 2004.

In February 2009, a partial list of the anonymous donors to the WikiLeaks not-for-profit website was leaked and published on the WikiLeaks website. Some media sources indicated at the time that Lamo was among the donors on the list.
[/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

9. Kevin Poulsen

The black hat hacker in the 80s, Kevin Poulsen, became popular when he “earned” a Porsche by hacking a radio station. A radio station in Los Angeles (KMS-FM) launched a radio contest in which the 102nd caller wins a Porsche. Kevin, along with two friends entered the radio telephone system to make sure to be the 102nd caller and win the prize.

He plead guilty and was sentenced to 4 years and 3 months in prison, the longest sentence ever imposed at the time. After leaving prison, Kevin is now working as a journalist for Wired News.

[/lgc_column]

[lgc_column grid=”100″ tablet_grid=”100″ mobile_grid=”100″ last=”false”]

10. Kevin Mitnick

At age 13, Mitnick used social engineering and dumpster diving to bypass the punch card system used in the Los Angeles bus system. After he convinced a bus driver to tell him where he could buy his own ticket punch for “a school project”, he was able to ride any bus in the greater LA area using unused transfer slips he found in a dumpster next to the bus company garage. Social engineering later became his primary method of obtaining information, including user-names and passwords and modem phone numbers.

Mitnick first gained unauthorized access to a computer network in 1979, at 16, when a friend gave him the phone number for the Ark, the computer system Digital Equipment Corporation (DEC) used for developing their RSTS/E operating system software. He broke into DEC’s computer network and copied their software, a crime he was charged with and convicted of in 1988. He was sentenced to 12 months in prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into Pacific Bell voice mail computers. After a warrant was issued for his arrest, Mitnick fled, becoming a fugitive for two and a half years.

According to the U.S. Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country’s largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private e-mails.

Since 2000, Mitnick has been a paid security consultant, public speaker and author. He does security consulting for Fortune 500 companies and the FBI, performs penetration testing services for the world’s largest companies and teaches Social Engineering classes to dozens of companies and government agencies.

[/lgc_column]

The post Top 10 of the world’s most famous hackers appeared first on ITBlogSec.com.