All posts by thekindkiller007

Hacked Remote Turns off Any TV prank

Advertisements

Learn Real Hacking Playing Games

After ‘Mr.Robot’ the perfect hacking TV serial, now a perfect hacking game with “real hacking” Hacknet

Don’t actually want to hack but at the same time interested in hacking? Well, now there are hacking games for that uncertain feeling. Hacknet is the latest, and it has a lot of stimulating promises and not least that you will be doing “real hacking”. This fundamentally means that Hacknet uses terminal and genuine UNIX commands and would not appear like the type of hacking usually carried out in hip 1990 films by neon-haired teenagers.

Developed by Team Fractal Alligator, an Australian one-man studio, Hacknet is “an immersive, terminal-based hacking simulator for PC.”

Here’s the official promotional trivial:

Dive down a rabbit hoIe as you follow the instructions of a recently deceased hacker, whose death may not have been the accident the media reports. Using old school command prompts and real hacking processes, you’ll solve the mystery with minimal hand-holding and a rich world full of secrets to explore.
 
Bit, a hacker responsible for creating the most invasive security system on the planet, is dead. When he fails to reconnect to his system for 14 days, his failsafe kicks in, sending instructions in automated emails to a lone user. As that user, it’s up to you to unravel the mystery and ensure that Hacknet-OS doesn’t fall into the wrong hands.
 
Exploring the volatile nature of personal privacy, the prevalence of corporate greed, and the hidden powers of hackers on the internet, Hacknet delivers a true hacking simulation, while offering a support system that allows total beginners get a grasp of the real-world applications and commands found throughout the game.

Hacknet releases on the Humble Store and Steam on August 12. For those who are not familiar with hacking or the hacking game genre, this promises to be helpful and might even end up learning something.

Check out the trailer in video form, which makes it look more worthy than just a cursory glance:

How all Your Intel Computers and Intel Cars are Vulnerable

Researchers show how to remotely exploit the DRAM “Rowhammer” bug by using JavaScript

Security researchers believe that the cyber attackers could adapt the existing Rowhammer exploits to their attack techniques and easily gain root privileges to the computer.

A team of Austrian and French security researchers have now discovered a new security exploit which they refer as “Rowhammer”. As per the researchers this vulnerability can be exploited remotely by using JavaScript.

The team claims this to be the first remote software-induced hardware fault attack.

The downside here is that it is a hardware flaw and not a software flaw, thus it could be present in any computer which has the Intel Processor built since 2009.

The next bad news is that hackers can exploit this flaw through any webpage.

Researchers say that there is a design defect in the Intel’s ‘Dynamic Random Access Memory’ or DRAM chips which provides an easy access to the malicious hackers who are just waiting for the right opportunity to attack the user and collect their personal credentials.

The security researchers say that memory cells in DRAM chips are placed closely, this is done to increase the capacity and decrease the size. However it is this particular placing of the memory cells which leads to the vulnerability, because it becomes difficult to prevent the cells from electrically interacting with each other and repeated access of specific memory locations results in bit flips which can be exploited by the hackers for privilege escalation.

Websites usually have the JavaScript codes which aids in easy navigation of the site. It is due to the JavaScript coding that users can get access to the interactive tools such as drop-down menus and animations, so we can say that JavaScript is ubiquitous and can be found on almost all the websites on the Internet.

Now, coming back to our topic, these malicious hackers use the JavaScript coding on the websites to get an access to the security vulnerability in the DRAM chips present in the Intel computer chips.

Next, hackers amalgamate the animations or images with their malware and just wait patiently for the user to click this file. Once user clicks the malicious animation or image, the crooks get an easy access to their computer.

The research paper published last week reads “Rowhammer.js is possible because today’s JavaScript implementations are well optimized and achieve almost native code performance for our use case. JavaScript is strictly sandboxed and the language provides no possibility to retrieve virtual or physical addresses. However, the usage of large pages allows determining parts of the physical address.”

Proof-of-Concept (PoC)

The team of security researchers comprising of Daniel Gruss Graz from University of Technology, Austria, Cl´ementine Maurice Technicolor, Rennes, France and Stefan Mangard Graz University of Technology, Austria have published a detailed Proof-of-Concept on the Rowhammer bug which can be accessed here.

Now, Windows as well as Mac computers use Intel chips, which means any computer holds the risk of getting infected by the hackers at any point of time.

Another bad news is that there is no patch, as of now, to fix this issue!

Researchers say that the flaw is not related to the Web server or search engine; however it is something to do with the hardware and internal parts of the computer. Hence, the only solution for now would be to actually replace millions of DRAM chips which are present in the CPU of the computer.

Hopefully, Intel is working to get some solution to this issue soon.

For now, Apple and other hardware manufacturers have released BIOS updates to reduce the Rowhammer attacks.

However, it is a fact that most of the users never update the BIOS and hence the security experts have advised the browser vendors to incorporate certain mechanisms in their products which will protect users against the Rowhammer attacks.

How To Build A Cheap Super Computer

Here’s how to build a cheap super computer using Raspberry Pi’s – When you think about building your own rig, you probably think of setting up a crazy ass gaming computer or creating a computer on a budget to get the best possible components for the least amount of money. You’re almost certainly not considering putting together a supercomputer. Maybe you should. making a cluster large enough to be classed as a super computer using Raspberry Pi’s (RPi) can be done for less than $1,000.

Raspberry Pi is a single-board Linux-powered computer. They’re powered by 700MHz ARM11-processors and include a Videocore IV GPU. The Model B+ comes with 512MBs of RAM, four USB ports and a 10/100 BaseT Ethernet port. The processors can be overclocked to 1GHz.
Here is the first video showing you how to put together a small cluster of raspberry pi’s
The second video shows you how to load the software required for the Pi
This final video demonstrates how awesome it can be when 32 Pi’s are connected together

Windows 10 Bugs : Too many Start Menu Apps will break it

Windows 10 bug : Having more than 512 Apps in the Start Menu breaks the Start Menu and apps go missing

Windows 10 has arrived and with it come a whole new set of flaws, vulnerabilities, zero-days and bugs, mostly bugs because its new operating system. One of the bug that has been reported is that if the Start Menu has more than 512 Apps it can break it from rendering the applications links go missing.

In Microsoft’s new releases OS, Windows 10, the Start menu includes an All Apps list which gives users quick access to their Applications.

Windows 10 bug : Having more than 512 Apps in the Start Menu breaks the Start Menu and apps go missing

However Microsoft engineers seem to have placed some sore of limit on the total number of menu Apps to 512 entries. On the Windows Forum a user called Lurtzi reported the issue :

I have the same problem, I had a little over 500 apps listed and after a secure reboot all my start menu links were gone and they’re missing now from all apps, too. There is no way to get Windows to recognize them again. Very annoying bug.

I brought down the number under 500 by deinstalling some stuff, but it still doesn’t work. Hope this gets fixed real soon or I’ll have to look at third party software for the start menu…

While Microsoft Program Manager, ArunjeetSingh2 published a way for Windows 10 users to find out whether they are affected by the issue :

I believe we now have a workaround for this issue. The issue seems to affect people with more than 512 apps in their “All apps” list. To tell whether you’re one of them:

  • Bring up the Start menu and search for Windows
  • Powershell
  • Run Windows Powershell
  • Run the command “Get-StartApps | measure” (without the quotes) in the command window
  • If you see a number larger than or equal to 512 you are affected by this issue. We are working on a fix to this issue.

If you have more than 512 Apps, uninstalling the unwanted and less important apps and bringing the number of Apps back to below 512 to get the Start Menu work normally.

Another workaround for the issue is using a third party Start menu such as Stardock’s Start10 while we wait for Microsoft engineers to lift the 512 limit placed on the Start menu.

WPA/WPA2 Automated Evil Twin

About

Wifiphisher is a security tool that mounts fast automated phishing
attacks against WPA networks in order to obtain the secret passphrase.
It is a social engineering attack that unlike other methods it does not
include any brute forcing. It is an easy way for obtaining WPA
credentials.

Wifiphisher works on Kali Linux and is licensed under the MIT license.

From the victim’s perspective, the attack makes use in three phases:

  1. Victim is being deauthenticated from her access point.
    Wifiphisher continuously jams all of the target access point’s wifi
    devices within range by sending deauth packets to the client from the
    access point, to the access point from the client, and to the broadcast
    address as well.
  2. Victim joins a rogue access point. Wifiphisher sniffs
    the area and copies the target access point’s settings. It then creates a
    rogue wireless access point that is modeled on the target. It also sets
    up a NAT/DHCP server and forwards the right ports. Consequently,
    because of the jamming, clients will start connecting to the rogue
    access point. After this phase, the victim is MiTMed.
  3. Victim is being served a realistic router config-looking page.
    wifiphisher employs a minimal web server that responds to HTTP &
    HTTPS requests. As soon as the victim requests a page from the Internet,
    wifiphisher will respond with a realistic fake page that asks for WPA
    password confirmation due to a router firmware upgrade.

 

 Below is the screenshot that how MiTM attack works

You can get more info about the program and download link from : HERE

Play GTA V in Browser via new Tool

If you are a gaming enthusiast, you would have played GTA V numerous times till now. But, some of you might have missed the fun as you laptop isn’t powerful enough to run a game like that. So, what do you need to do? Well, upgrading your hardware is an option, but here’s another way to enjoy the game.

A developer named Dominic Szablewski, who has made an app called Instant Webcam in the past, utilized the same technique to stream a game to any web browser. He writes on his blog post that it works “way better than it should.”

This open-source program is called jsmpeg-vnc and you can download it for free. This small program encodes the 60fps captured screen into an MPEG1 video. After it, all you need to do is to use the web browser on some other device. jsmpeg-vnc is a small Windows application written in C and it also takes input from your mouse and keyboard.

This app uses ffmped for encoding, libwebsockets for the WebSocker server and jsmpeg in the browser. The resulting jsmpeg-vnc program is published under the GPLv3 License.

So, using this program, you can use your PC and play your favorite games in the browser with minimal lag. This program is just a local network tool only, so you shouldn’t worry about the network congestion.

This tool works on any browser, in all devices. In the video, you can see the developer playing the GTA V game in his iPhone at 648×480 in phone’s browser.

The full source code and binary releases are available on GitHub.

Did you like this tool? Tell us in comments below.