Ethical Hackers Vol. 2

2022-06-24 01:00:44 Simple C2 over Trello's API (Proof-of-Concept) By: Fabrizio Siciliano (@0rbz_ (https://www.twitter.com/0rbz_)) Update 12/30/2019 Removed hardcoded (https://www.kitploit.com/search/label/Hardcoded) API key and Token, use input() instead.
Requirements Python 3.x Setup Create a Trello account: https://trello.com/signup Once logged in, get your API key: https://trello.com/app-key Generate a Token (same page as app-key, follow the "Token" link) Save both API key and Token, they're used in both the agent and operator scripts. Browse to your board https://trello.com/b/[random]/[membername].json (https://trello.com/b/%5Brandom%5D/%5Bmembername%5D.json) to get the list ID which is required in the agent script. You can find this in the json output under the "lists" item and within the "Things To Do" item "id" value. Usage Run agent.py on the target system. This is the implant, and once run, will supply the operator with a "CID" value. This is the card ID and is needed on the operator-side. Run the operator.py script on the attacker host. It will prompt for the agent's CID which is provided at agent.py runtime. Do what thou wilt... The operator script currently only has two commands; "show_commands" and "kill_implant". The "show_commands" command simply prints the help menu while the "kill_implant" command deletes the card associated with agent which terminates the agent connection. Typing "?" at the operator prompt will also display the commands menu. Limitations The Trello API "description" field for cards, which is used for temporarily storing commands and resulting command output, is limited in size. I think it's something around 16k characters. This is OK for most commands, however, commands that return large output will cause the agent to die due to the Trello API returning a 400 Bad Request (size too large) status. Be mindful of commands and their expected outputs. I'll eventually work in some logic to determine command output size before sending it back to trello's servers for operator consumption. This is not OPSEC-safe. All commands and command output will temporarily pass through Trello's servers and output will exist (https://www.kitploit.com/search/label/EXIST) in the agents' "card" in cleartext temporarily. Although the traffic (https://www.kitploit.com/search/label/Traffic) is TLS encrypted (in-transit) courtesy of Trello, and although the operator script makes an effort to "wipe the slate" clear of the command output, there's no telling whether this information is stored indefinitely. Ideally, the commands and command output should be saved to a "card" in an encrypted format, (i.e., AES), pulled down, and decrypted locally. This hasn't been built into the tool yet, and in its current state would require the machine the agent lives on to have certain libraries which might not be present in a default situtation. (Something to work on) The operator script and implant are currently both designed to be run on Linux-based boxes. Windows (https://www.kitploit.com/search/label/Windows) implants are a work in progress at this point in time. Misc Note: This is simply a proof-of-concept to demonstrate legitimate services as command and control infrastructure (https://www.kitploit.com/search/label/Infrastructure) and is 100% in alpha dev. Use at your own risk and on systems you've been authorized to access. (i.e., wherever the agent lives) Credits (ideas and concepts inspired by other works): https://github.com/daniel-infosec/wikipedia-c2 https://github.com/PaulSec/twittor https://github.com/Coalfire-Research/Slackor

Download TrelloC2 (https://github.com/secmode/TrelloC2) Open / Comment

2022-06-24 01:00:44 Open / Comment

2022-06-24 01:00:44 TrelloC2 - Simple C2 Over The Trello API
http://www.kitploit.com/2022/06/trelloc2-simple-c2-over-trello-api.html Open / Comment

2022-06-23 15:33:49 Created by D3Ext Extra If you are using bspwm, you can add this line to your bspwmrc for launching the xterm windows always beeing in floating mode (for a prettier design) bspc rule -a XTerm state=floating

Copyright 2022, D3Ext

Download WEF (https://github.com/D3Ext/WEF) Open / Comment

2022-05-17 09:22:10 Time for another Kali Linux release! – Kali Linux 2022.2. This release has various impressive updates.
The summary of the changelog (https://bugs.kali.org/changelog_page.php) since the 2022.1 release from February 2022 (https://www.kali.org/blog/kali-linux-2022-1-release/) is:GNOME 42 - Major release update of the popular desktop environmentKDE Plasma 5.24 - Version bump with a more polished experienceMultiple desktop enhancements - Disabled motherboard beep on Xfce, alternative panel layout for ARM, better support for VirtualBox shared folders, and lots moreTweaks for the terminal - Enhanced Zsh syntax-highlighting, inclusion of Python3-pip and Python3-virtualenv by defaultApril fools - Hollywood mode - Awesome screensaverKali Unkaputtbar - BTRFS snapshot support for KaliWin-KeX 3.1 - sudo support for GUI appsNew tools - Various new tools addedWPS attacks in Kali NetHunter - Added WPS attacks tab to the NetHunter app
More info here (https://www.kali.org/blog/kali-linux-2022-2-release/).


Download Kali Linux 2022.2 (https://www.kali.org/get-kali/) Open / Comment

2022-05-17 09:22:10 Open / Comment

2022-05-17 09:22:10 Kali Linux 2022.2 - Penetration Testing and Ethical Hacking Linux Distribution
http://www.kitploit.com/2022/05/kali-linux-20222-penetration-testing.html Open / Comment

2022-05-17 00:40:15 BirDuster is a Python based knockoff of the original DirBuster. BirDuster is a multi threaded Python application designed to brute force (https://www.kitploit.com/search/label/Brute%20Force) directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden (https://www.kitploit.com/search/label/Hidden) within.
Installation Use PIP: pip3 install --user BirDuster Clone source: git clone https://www.github.com/ytisf/BirDuster
cd BirDuster
pip3 install --user -r requirements.txt
python3 BirDuster.py --help Usage BirDuster has the following flags and options (which you can see with the -h flag): -h/--help: Show help and exit. -v,-vv,-vvv/--verbosity: Verbosity level. -p/--port: Port to use while dirbusting. Default 80/443. -P/--pfile: If you want to test several ports just write them to a file with newlines. -t/--threads: Amount of concurrent threads. Default is 15. -o/--output: Output CSV of responses. Default is domain_output.csv. -l/--dlist: Directory (https://www.kitploit.com/search/label/Directory) list file. Default is dir_list.txt. -w/--writereponse: Will write HTTP/S responses to files. Default is False. -i/--ignorecertificate: Ignore SSL certificate errors. Default is False. -u/--useragent: User-Agent to use. Default is random user-agent. --ssl: Use SSL or not. -i flag will automatically turn on SSL. --timeout: Change default socket (https://www.kitploit.com/search/label/Socket) timeout. Default is 3 seconds. usage: dirbus.py [-h] [-v] [-p PORT] [-P PFILE] [-t THREADS] [-o OUTPUT]
[-l DLIST] [-w] [-i] [-u USERAGENT] [--ssl]
[--timeout TIMEOUT]
domain

positional arguments:
domain domain or host to buster

Download BirDuster (https://github.com/ytisf/BirDuster) Open / Comment

2022-05-17 00:40:15 Open / Comment

2022-05-17 00:40:15 BirDuster - A Multi Threaded Python Script Designed To Brute Force Directories And Files Names On Webservers
http://www.kitploit.com/2022/05/birduster-multi-threaded-python-script.html Open / Comment