H101 - Hacking 101

[Asphyxia]

Ever wonder how they do it? Those crazy hackers and their magic tricks.

It is not magic, it is an illusion much like a magic show. Security itself is also somewhat illusional. Oftentimes systems look safer than they actually are. A car looks safe until it goes off the road at 80 MPH and smacks into a hard surface. A self-driving car sounds safe until someone wires a cellphone to the car, then is able to remotely control it with people inside (swerve off a bridge over water).

This video like the above text will give you ideas about the hacker mindset. This video is meant for educational purposes only. Not responsible for direct, indirect, incidental, or consequential damages resulting from misuse of presented information.

 

[Kieran]

You see that server? That mah bitch. Tightes pussy ever my G. She my GF an I'll marry'er

Great video

 

[Kleberstoff]

Very cool, funny and yet informational Video, loving it, looking forward to more of it!

You see that server? That mah bitch. Tightes pussy ever my G. She my GF an I'll marry'er

Great video

I died at that part and had to rewatch it because i laughed to hard.

 

[Kieran]

Very cool, funny and yet informational Video, loving it, looking forward to more of it!


I died at that part and had to rewatch it because i laughed to hard.

Yes these hilarious comparison are awesome xD I watched the video when I was on the bus to work and had a hard time trying not to laugh

 

[Qraktzyl]

Yahoo servers keep getting penetrated from all ends. Not tight at all.

 

[Asphyxia]

Here is the second video:

Sorta tired making that video.. so yeah ;]

 

[Laszl0w]

Here is the second video:

Sorta tired making that video.. so yeah ;]

"Learn how to hack"

 

[Kleberstoff]

Don't know why it's not here, but here is H103 - Going Virtual.

H104 - Unhack yourself (Fix broken Sudo on Ubuntu)

H105 - Snapshots; Backup Your Backups

 

[Asphyxia]

H106 - Ditching The VM For Docker Containers

H107 - Docker With Debian Bind Port 80 Mapping Apache

 

[Asphyxia]

H108 - Docker With DVWA

Pull image:
docker pull infoslack/dvwa


Start with random mysql password:
docker run -d -p 80:80 infoslack/dvwa

Or set environment variable:
docker run -d -p 80:80 -p 3306:3306 -e MYSQL_PASS="mypass" infoslack/dvwa

netstat -aon | findstr 0.0:80

tasklist /fi "pid eq "

taskkill /f /pid

 

[Asphyxia]

I have a new H108 because apparently I messed up the other one:

This one hits a little closer to home, using TeamSpeak 3 as an example for a possible malicious payload.

 

[Asphyxia]

Just published H111 on Windows registry hives, especially focusing on RunMRU:

regjump.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

You will need regjump for this.

Also

reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f