Today we’re continuing on our series on exfiltrating documents with a USB Rubber Ducky. In the last part we tackled the stager payload which enumerated the drive letter of our USB flash drive and executed the staged payload. Today we’re looking at those stages and how they work. Then finally we’ll be wrapping this up […]

Read more

A reused Apple ID could be bad for your privacy, 3 million android devices are vulnerable to hacks, and you can steal cookies from a locked pc with a super cheap device. Coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://threatpost.com/iphone-call-history-synced-to-icloud-without-user-consent-knowledge/122030/ https://thehackernews.com/2016/11/icloud-backup.html https://blog.elcomsoft.com/2016/11/iphone-user-your-calls-go-to-icloud/ […]

Read more

Exfiltrate documents from a target computer within seconds with this USB Rubber Ducky attack! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Full shownotes will be available at http://www.hak5.org

Read more

Turning a Burner Phone into an OpenWRT or WiFi Pineapple LTE modem, this time on Hak5! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— NEW! AppleTV App for your viewing pleasure: https://itunes.apple.com/us/app/hak5-tv/id1076116664?mt=8 Mad Props to Richard Hyde for his hard work on developing this app! Today we’re using a […]

Read more

You can now hack your car legally, a printer can also be a fake cell phone tower, and did the Mirai botnet really take down Liberia? All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://www.wired.com/2016/10/hacking-car-pacemaker-toaster-just-became-legal/ https://www.cnet.com/roadshow/news/modders-rejoice-its-legal-to-tweak-your-cars-software-now/ https://www.wired.com/2016/11/evil-office-printer-hijacks-cellphone-connection/ http://arstechnica.com/information-technology/2016/11/this-evil-office-printer-hijacks-your-cellphone-connection/ https://julianoliver.com/output/stealth-cell-tower http://www.securityweek.com/mirai-botnet-takes-down-internet-liberia https://medium.com/@networksecurity/shadows-kill-mirai-ddos-botnet-testing-large-scale-attacks-sending-threatening-messages-about-6a61553d1c7#.iz5za4xl3 […]

Read more

The 3 Second Reverse Shell with a USB Rubber Ducky In this tutorial we’ll be setting up a Reverse Shell payload on the USB Rubber Ducky that’ll execute in just 3 seconds. A reverse shell is a type of shell where the victim computer calls back to an attacker’s computer. The attacking computer typically listens […]

Read more

The Shadow Brokers are back with more NSA data, the FCC passes some new privacy laws, and should hacking back, or counterattacking, be legal?. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://motherboard.vice.com/read/shadow-brokers-nsa-hackers-dump-more-files https://medium.com/@shadowbrokerss/message-5-trick-or-treat-e43f946f93e6#.447qr63g2 http://pastebin.com/RK73grmu https://twitter.com/musalbas/status/793001139310559232 https://www.washingtonpost.com/world/national-security/government-alleges-massive-theft-by-nsa-contractor/2016/10/20/e021c380-96cc-11e6-bb29-bf2701dbe0a3_story.html https://krebsonsecurity.com/2016/10/senator-prods-federal-agencies-on-iot-mess/ http://www.warner.senate.gov/public/index.cfm/pressreleases?ContentRecord_id=CD1BBB25-83E0-494D-B7E1-1C350A7CFCCA https://threatpost.com/mirai-vulnerability-disclosed-but-exploits-may-constitute-hacking-back/121644/ https://www.invincealabs.com/blog/2016/10/killing-mirai/ […]

Read more

In this episode of Hak5 we’re joined by Samy Kamkar, the maker of many portable hacker devices like the MagSpoof and KeySweeper just to name a couple. Read about his developments at https://samy.pl/ ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 ——————————

Read more

The internet goes down, more IoT things are being hacked, and a product recall. All that coming up now on ThreatWire! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://www.businessinsider.com/amazon-spotify-twitter-github-and-etsy-down-in-apparent-dns-attack-2016-10 https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/ https://www.dynstatus.com/incidents/nlr4yrr162t8 https://thehackernews.com/2016/10/iot-dyn-ddos-attack.html https://intel.malwaretech.com/botnet/mirai/?h=24 https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/ https://krebsonsecurity.com/2016/10/iot-device-maker-vows-product-recall-legal-action-against-western-accusers/ https://mp.weixin.qq.com/s?__biz=MzA4MDQ4NjMwOA==&mid=2651450911&idx=1&sn=f4d41b6fae77ece8493fdec1197d97f0&chksm=845ec4d4b3294dc23df1d6ecba1e76ccec9ac6533aef4403ecf34f9b72e4cb3c7c94e57dfc89&mpshare=1&scene=1&srcid=1024DskPGO5o4Jgp1qYNtrDZ#wechat_redirect Youtube Thumbnail credit: https://upload.wikimedia.org/wikipedia/en/a/ad/Webcam.JPG

Read more

Decrypting Morse code with a simple terminal command and a PC sound card, this time on Hak5! Shannon’s call sign is KM6FPP! Listen for her on the radio soon. Installing and setting up XDEMorse: sudo apt-get install xdemorse cd /usr/share/doc/xdemorse/examples/ sudo gunzip xdemorserc.example.gz cp xdemorserc.example ~/.xdemorserc nano ~/.xdemorserc xdemorse & xdemorse http://www.qsl.net/5b4az/pkg/morse/xdemorse/xdemorse.html rscw http://wwwhome.ewi.utwente.nl/~ptdeboer/ham/rscw/ minimodem […]

Read more

On this episode of Hak5 we chat with Nick Cano about hacking video games for fun! Plus, Gene Bransfield joins us to chat War Collar Industries and their new Dope Scope, a directional WiFi Sniffing device that fits in the palm of your hand. https://twitter.com/nickcano93 https://www.nostarch.com/gamehacking https://www.youtube.com/watch?v=I_ExILIAw0Y http://warcollar.com/ https://forums.warcollar.com/ https://www.derbycon.com/ ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire […]

Read more

The makers of Signal get a subpoena, Yahoo experiences more bad press, an NSA contractor is in hot water, and the EU wants to make IoT devices more secure. All that coming up now on Threat Wire. Links: https://whispersystems.org/bigbrother/eastern-virginia-grand-jury/ https://www.aclu.org/blog/free-future/new-documents-reveal-government-effort-impose-secrecy-encryption-company https://theintercept.com/2016/10/10/subpoena-to-encrypted-app-provider-highlights-overbroad-fbi-requests-for-information/ http://www.reuters.com/article/us-yahoo-nsa-exclusive-idUSKCN1241YT https://motherboard.vice.com/read/yahoo-government-email-scanner-was-actually-a-secret-hacking-tool https://theintercept.com/2016/10/07/ex-yahoo-employee-government-spy-program-could-have-given-a-hacker-access-to-all-email/ http://arstechnica.com/tech-policy/2016/10/report-fbi-andor-nsa-ordered-yahoo-to-build-secret-e-mail-search-tool/ https://theintercept.com/2016/10/05/nsa-theft-suspect-works-for-contractor-that-sells-the-government-tech-for-spotting-rogue-employees/ https://www.cnet.com/news/harold-thomas-martin-iii-booz-allen-hamilton-edward-snowden-leak/ https://www.wired.com/2016/10/nsa-contractor-arrested-taking-top-secret-documents/ https://krebsonsecurity.com/2016/10/europe-to-push-new-security-rules-amid-iot-mess/ https://www.euractiv.com/section/innovation-industry/news/commission-plans-cybersecurity-rules-for-internet-connected-machines/ Youtube Thumbnail credit: https://cdn0.vox-cdn.com/thumbor/6HssVl1ip74KsAGiWiizB9l234g=/0x53:1020×627/1600×900/cdn0.vox-cdn.com/uploads/chorus_image/image/51187061/signal-003.0.jpg ——————————- […]

Read more

Hak5 heads to DerbyCon in Louisville, KY to chat with Tim MalcomVetter about breaking tokenization in the credit card industry. Plus, RenderMan joins us to discuss the security and privacy flaws in internet of things connected adult toys. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— https://twitter.com/malcomvetter https://www.youtube.com/watch?v=17UcQohAjXw https://www.derbycon.com/ […]

Read more

Emergency text alerts get a well needed upgrade, but with that I also have some concerns. DDoS gets more costly and more widespread, and Yahoo! faces more problems. All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— https://www.wired.com/2016/09/emergency-alert-texts-getting-much-needed-upgrade/ https://www.cnet.com/news/new-phone-amber-alerts-could-include-photo-of-missing-child/ http://arstechnica.com/security/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/ http://arstechnica.com/security/2016/10/brace-yourselves-source-code-powering-potent-iot-ddoses-just-went-public/ https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/ […]

Read more

Hak5 heads to Louisville, KY for DerbyCon 6.0, to chat with the Dave Kennedy, founder of DerbyCon. Plus the winners of the Hack My Derby Contest, AgentSixty6 and Gangrif chat about their mods! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— https://twitter.com/HackingDave https://www.trustedsec.com/ https://github.com/trustedsec https://www.derbycon.com/ https://twitter.com/agentsixty6 https://twitter.com/gangrif http://hackmyderby.com/about https://www.undrground.org/hmd2015

Read more

An InfoSec Journalist is Censored by a DDoS, the Yahoo Hack Leaks Half a Billion Creds, and Researchers remotely hack a tesla’s brake system. All that coming up now on Threat Wire. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: https://threatpost.com/questions-mount-around-yahoo-breach/120876/ […]

Read more

Stealing creds from a locked PC using a Hak5 LAN Turtle, plus Mubix joins us! This time on Hak5! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Stealing creds from a locked PC using a Hak5 LAN Turtle, plus Mubix joins us! This time on Hak5! https://room362.com/ – Mubix’s […]

Read more

Today we review MOSH an alternative to SSH that’s better at high latency and intermittent Internet connections. Plus, your USB Rubber Ducky questions and tips! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— https://mosh.org/ ConsoleHost_history.txt is kept under %APPDATA%\Microsoft\Windows\PowerShell\PSReadline\ConsoleHost_history.txt, you can check where your system keeps this file by […]

Read more

Steal passwords from a locked PC, 911 is still vulnerable to hacks, and Chrome calls out non secure sites. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: Learn more about NTLM Challenge Response Authentication: https://msdn.microsoft.com/en-us/library/windows/desktop/aa378749(v=vs.85).aspx http://arstechnica.com/security/2016/09/stealing-login-credentials-from-a-locked-pc-or-mac-just-got-easier/ https://github.com/Spiderlabs/Responder http://www.exploit-monday.com/2016/09/introduction-to-windows-device-guard.html https://room362.com/post/2016/snagging-creds-from-locked-machines/ http://www.cnet.com/news/chrome-warning-insecure-http-websites-expose-passwords-credit-card-numbers/ https://blog.chromium.org/2016/09/moving-towards-more-secure-web.html […]

Read more

Previously on Hak5, we showed off an USB Rubber Ducky payload to steal plaintext Windows passwords in 15 seconds. So, what if we told you we could get just the logon hash in under two? A 2 second technique for stealing Windows password hashes and otherwise auditing corporate USB drive policies! Learn more on today’s […]

Read more

Clinton’s got an Email Problem, Dropbox and Last.Fm 2012 Hacks get leaked, and is Ford going to introduce a new way to unlock their cars? All that coming up now on Threat Wire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://arstechnica.com/security/2016/09/over-40-million-usernames-passwords-from-2012-breach-of-last-fm-surface/ http://www.last.fm/passwordsecurity https://www.cnet.com/roadshow/news/ford-could-replace-your-key-fob-with-radio-button-passcodes/ http://www.freepatentsonline.com/20160244022.pdf https://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-accounts https://www.wired.com/2016/08/hack-brief-four-year-old-dropbox-hack-exposed-68-million-peoples-data/ https://blogs.dropbox.com/dropbox/2012/07/security-update-new-features/ […]

Read more

Pilfering Passwords with the USB Rubber Ducky Can you social engineer your target into plugging in a USB drive? How about distracting ’em for the briefest of moments? 15 seconds of physical access and a USB Rubber Ducky is all it takes to swipe passwords from an unattended PC. In honor of the USB Rubber […]

Read more

Was the ShadowBrokers NSA hack an inside Job?, ATM’s Hacked through EMV Chips, Update Your iPhone NOW, Voter Records Stolen in a State Hack. All that coming up now on ThreatWire! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— Links: http://arstechnica.com/security/2016/08/hints-suggest-an-insider-helped-the-nsa-equation-group-hacking-tools-leak/ https://motherboard.vice.com/read/former-nsa-staffers-rogue-insider-shadow-brokers-theory?trk_source=popular https://taia.global/2016/08/shadowbroker-is-a-native-english-speaker-trying-to-appear-non-native/ http://www.reuters.com/article/us-intelligence-nsa-commentary-idUSKCN10X01P http://arstechnica.com/security/2016/08/nsa-linked-cisco-exploit-poses-bigger-threat-than-previously-thought/ http://www.securityweek.com/leaked-cisco-asa-exploit-adapted-newer-versions https://threatpost.com/cisco-begins-patching-equation-group-asa-zero-day/120124/ https://threatpost.com/ripper-atm-malware-uses-malicious-evm-chip/120192/ http://www.securityweek.com/ripper-atm-malware-linked-thailand-heist […]

Read more

Pilfering Passwords with the USB Rubber Ducky Can you social engineer your target into plugging in a USB drive? How about distracting ’em for the briefest of moments? 15 seconds of physical access and a USB Rubber Ducky is all it takes to swipe passwords from an unattended PC. In honor of the USB Rubber […]

Read more

DEF CON 24: Warwalking at DEF CON, Semaphor and Consumer Privacy, Mousejack and Keysniffer, this week on Hak5! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— D4rkm4tter talks warwalking at DEF CON and his upgrade to deploying 12 nodes at DEF CON 24 http://www.palshack.com Alan Fairless, Founder of Spideroak […]

Read more

Did the NSA get hacked? Pokemon Go users fall prey to malware, and a TCP vulnerability is found on many Android devices. All that coming up now on ThreatWire. ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 —————————— https://threatpost.com/pokemon-go-spam-ransomware-on-the-rise/119948/ https://threatpost.com/malicious-pokemon-go-app-installs-backdoor-on-android-devices/119174/ https://threatpost.com/tcp-flaw-in-linux-extends-to-80-percent-of-android-devices/119897/ http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf http://www.techinsider.io/nsa-cyberweapon-auction-shadow-brokers-2016-8 https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/ http://arstechnica.com/security/2016/08/group-claims-to-hack-nsa-tied-hackers-posts-exploits-as-proof/ https://webcache.googleusercontent.com/search?q=cache:owtq6OBSmgEJ:https://theshadowbrokers.tumblr.com/+&cd=1&hl=en&ct=clnk&gl=us http://arstechnica.com/tech-policy/2016/08/snowden-speculates-leak-of-nsa-spying-tools-is-tied-to-russian-dnc-hack/ https://securelist.com/blog/incidents/75812/the-equation-giveaway/ https://www.wired.com/2016/08/shadow-brokers-mess-happens-nsa-hoards-zero-days/ Youtube […]

Read more

Today on HakTip we’re talking Vi, the powerful text editor for Linux systems! ——————————- Shop: http://www.hakshop.com Support: http://www.patreon.com/threatwire Subscribe: http://www.youtube.com/hak5 Our Site: http://www.hak5.org Contact Us: http://www.twitter.com/hak5 ——————————

Read more