Memcache Scanner Interactions

On the 5th March 2018 the worlds biggest DDOS attack was reported against a US based service provider. The DDos had a bandwidth of 1.7Tbps and was achieved using mis-configured Memcache servers. Memcached is a Linux daemon which caches data called from databases and allows subsequent database lookups to be pulled from the cache rather…

NTP Amplification Discovery

Introduction NTP amplification attacks are a form of DDOS which use NTP servers to turn small requests into large responses which can be directed to the victims computer. NTP amplification makes use of the MONLIST command. The MONLIST command directs the NTP server to respond with the last 600 IP addresses which used the server….

VNC Authentication checking with Python

In this post i describe a small python script which can be used to determine the type of authentication used on a VNC Server. It uses the Scapy packet manipulation program to perform all the network data transmissions and retrievals. The program may not be perfect, but with my limited testing it seemed to work…

Hacking the TalkTalk HUAWEI HG523a Router Part 2

For part 1 please Click Here. OK. So i have access to the routers busybox console. I found by typing the busybox command it displays all the commands available on the device. # busybox BusyBox vv1.9.1 (2012-03-05 00:16:52 CST) multi-call binary Copyright (C) 1998-2007 Erik Andersen, Rob Landley, Denys Vlasenko and others. Licensed under GPLv2….

Hacking the TalkTalk HUAWEI HG523a Router Part 1

I got my hands on a TalkTalk HUAWEI HG523a. This is one of the routers distributed to TalkTalk subscribers. This is my first attempt of doing any kind of embedded device analysis so i decided it would be beneficial to document the steps i take. As i progress i will write new posts detailing what…

Malware Analysis Part 2: First Attempt

Please read part 1 first if you would like to know how the analysis lab is set up. There are various sites you can use to download sample malicious software. The one i used is called openmalware.org. I wasn’t completely sure which sample to choose. I wanted one which was recent so i decided to…

Malware Analysis Part 1: Lab Setup

At this stage I know very little about the Malware analysis process. I recently purchased a book on the subject called “Practical Malware Analysis” by Michael Sikorski and Andrew Honig. My aim is to read through the book and practice the techniques taught on real examples of malicious code. Updating this blog as i progress….

True Random Number Generator using the Raspberry Pi

Last weekend i made my Raspberry Pi into a true random number generator using the static from a TV. Here in the UK we no longer receive analog terrestrial broadcasting so finding static on my TV is as simple as putting it on the analogue channel. The setup i was using is an eSecure USB…

Packet Sniffing using the Raspberry Pi

In this post i intend to detail how i setup the raspberry pi to perform packet sniffing between two network devices. I made a YouTube video in which i explain how it works and below you will find both the shell script and python script i used to setup the bridge and dump the packets…

Dumping Linux Password Hashes

In my push to keep learning the Python programming language i thought a next good step is to make a simple script that grabs the password hashes on a Linux device and dump them to a file. The dump is formatted so that it is easy to read unlike the formatting used in the shadow…