Advanced DnSpy tricks in .NET reversing - Tracing, Breaking, dealing with VMProtect

This Video covers: Advanced usage of DnSpy, Module Breakpoints, Class Breakpoints, Advanced usage of Class, Tracepoints, Evaluation of expression in Breakpoints\Tracepoints, Execution-Flow tracing and logging into file, Dealing with VMProtected .NET Assembly

Guide and sample to download (Github)

⚠️ Always remember to use these techniques, instructions, or hardware only on devices whose owners or users have allowed it. Unauthorized access to other people's infrastructure is punishable by law. (https://t.iss.one/BlackBox_Archiv/2102)

https://www.youtube.com/watch?v=yxw4h82mQ2s

#educational #video #dnspy
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Hidden Networks in TP-Link Routers

I was debugging my WiFi settings this week when I noticed something strange. WiFi Analyzer was showing two hidden networks coming from my router, one for each frequency: 2.4GHz and 5GHz. Networks which I haven't configured and didn't appear in my router's admin interface. WTF?

A quick search revealed a forum thread where people had the exact same problem. Turns out, TP-Link thinks it's a great idea to have hidden pre-configured always-on networks on all of their routers. Just in case someone wanted to use their "OneMesh" product.

This is of course a terrible idea. Not only are these networks a security risk and a waste of energy, they also add to the existing WiFi spam plaguing cities. Having it enabled by default is just ridiculous, not providing an option to disable it is ludicrous! Sure, having multiple SSIDs under a single access point isn't as bad as having multiple access points, but there's still an unnecessary overhead and risk being introduced.

TP-Link has since very slowly been rolling out "beta" firmware updates to fix this. Specifically for anyone who sees it as a problem. Unfortunately, my router model has yet to receive one and without a timeline, I'm pretty much just waiting indefinitely. Third party firmware like OpenWrt aren't supported on this model either. I even tried reverse engineering the backups, looking for a workaround that doesn't exist.

This problem is exactly why critical software should fall under right to repair. Clearly TP-Link is unwilling or does not have the resources to provide a proper solution for all of their past, present and future models. Firmware should be open source so that we can fix these issues ourselves.

https://jahed.dev/2021/12/19/hidden-networks-in-tp-link-routers

#tplink #router
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

We got hacked today

A letter to the Fractal community

Dear Fractal community,

Earlier today, approximately 373 of our community members fell victim to a scam posted on our Discord. We are sorry. We are going to make this right.

The hacker made out with ~800 sol (~$150,000) by managing to post a fake mint link in our #announcements channel. With over 100,000 members in our community, it’s quite impressive that the hacker only managed to dupe .3% of our community.

Here are the things we are doing to address this:

https://fractal.medium.com/dear-fractal-community-70173e8a5ea7

#fractal #hacked
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

You can pentest your Android apps on Windows 11 using WSA

Many would argue that the best way to perform mobile application penetration testing on Android is physically connecting a bunch of Android smartphones to a PC or Mac and debugging them. This combination does offer a plethora of control options for pentesting, and for many testing scenarios, a higher degree of swiftness you can’t get from typical Android emulators.

Even if you don’t have access to multiple devices, then Android Studio’s built-in virtual device (AVD) has typically been the go-to for such testing jobs. Rooting the AVD is possible and it integrates perfectly with the debuggers, so everything works out of the box.

But if you’re running Windows 11 and you want to dip your toes into the Android app pentesting, you can easily do so without relying on emulators or VMs, courtesy of Windows Subsystem for Android (WSA).

https://www.xda-developers.com/wsa-android-apps-pentesting-windows-11/

#windows #android #pentesting #wsa
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Apache Log4j bug: China’s industry ministry pulls support from Alibaba Cloud for not reporting flaw to government first

China’s internet security regulator has disciplined Alibaba Group Holding’s cloud computing services unit for failing to first report to the government a critical vulnerability in Apache’s Log4j software that has alarmed the cybersecurity community, Chinese media reported on Wednesday.

The Ministry of Industry and Information Technology (MIIT) is suspending work with Alibaba Cloud as a cybersecurity threat intelligence partner for six months because the company did not immediately report a severe bug in the widely used logging software to the government agency, the 21st Century Business Herald reported. The ministry also said it would reassess whether to resume the partnership at that time, based on measures Alibaba has taken to correct the problem.

https://www.scmp.com/tech/big-tech/article/3160670/apache-log4j-bug-chinas-industry-ministry-pulls-support-alibaba-cloud

#log4j #log4shell #alibaba #china
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Attackers test “CAB-less 40444” exploit in a dry run

An updated exploit takes a circuitous route to trigger a Word document into delivering an infection without using macros...

https://nitter.pussthecat.org/SophosLabs/status/1473307005213368323

via Twitter

https://news.sophos.com/en-us/2021/12/21/attackers-test-cab-less-40444-exploit-in-a-dry-run

💡 Read as well:
CVE-2021-40444 - Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

#exploit #cabless #microsoft #word
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Amazon, Lee Child & John Grisham Win $7.8m Judgment Against eBook Pirates

In 2020, Amazon teamed up with publisher Penguin Random House and authors including Lee Child and John Grisham to sue several pirate eBook sites operating out of Ukraine. After a tortuous legal process, a Washington court has awarded the maximum available statutory damages of $7.8 million.

In a summer 2020 lawsuit, Amazon Content Services, publisher Penguin Random House and several authors including John Grisham and Lee Child, accused several pirate eBook sites of infringing their copyrights.

The sites, which operated under the ‘Kiss Library’ brand, were available from domains including Kissly.net, Wtffastspring.bid, Libly.net, and Cheap-Library.com. Together they provided access to copyrighted works at “unbeatable prices”, largely due to the eBooks being pirated, the plaintiffs said.

The lawsuit aimed to put the sites out of business and also claw back damages from Ukrainian nationals Rodion Vynnychenko and Artem Besshapochny, who were said to be behind the platforms.

https://torrentfreak.com/amazon-lee-child-john-grisham-win-7-8m-judgment-against-ebook-pirates-211226/

#ebook #pirates
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

‘Widevine Dump”: Leaked Code Downloads HD Video from Disney+, Amazon, and Netflix

A GitHub user who goes by the name "Widevinedump" has published several repositories that allow people to download HD video from popular streaming platforms, including Disney+, Amazon, and Netflix. The code appears to be the real deal but the 'free' use is fairly limited and may not be very secure either.

With more ways to stream online video than ever before, protecting video continues to be a key issue for copyright holders.

This is often achieved through Digital Rights Management, which is often referred to by the initials DRM. In a nutshell, DRM is an anti-piracy tool that dictates when and where digital content can be accessed.

Widevine DRM is one of the leading players in the field. The Google-owned technology is used by many of the largest streaming services including Amazon, Netflix and Disney+. As such, keeping it secure is vital.

https://torrentfreak.com/widevine-dump-leaked-code-downloads-hd-video-from-disney-amazon-and-netflix-211227/

https://github.com/widevinedump

#leak #code #disney #amazon #netflix #download
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Spider-Miner: With Great Power Comes Great Problems!

To lure in as many victims as possible, attackers must stay up to date with trending topics.

In this case, we are facing someone who has placed a Monero miner in a torrent download of what seems to be the new movie Spider-Man: No Way Home.

The file identifies itself as “spiderman_net_putidomoi.torrent.exe,” which translates from Russian to “spiderman_no_wayhome.torrent.exe.” The origin of the file is most likely from a Russian torrenting website.

This miner adds exclusions to Windows Defender, creates persistence, and spawns a watchdog process to maintain its activity.

https://blog.reasonlabs.com/2021/12/23/spider-miner-with-great-power-comes-great-problems/

#spiderminer #monero #miner
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

#emotet #reminder #warning
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Digital Justice Awards 2021 are open for nomination!

Is there a friend, an activist, a company, a (non-profit) organisation, a political party or a governmental agency that has done something outstanding for digital civil rights? Sign them up!

The Digital Justice Awards is a yearly award that is given to reputable instances and people who care about digital rights as much as you do.

https://digital-justice.com/articles/nominations-2021.html

#digitaljustice #award
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

LastPass users warned their master passwords are compromised

Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations.

The email notifications also mention that the login attempts have been blocked because they were made from unfamiliar locations worldwide.

"Someone just used your master password to try to log in to your account from a device or location we didn't recognize," the login alerts warn.

"LastPass blocked this attempt, but you should take a closer look. Was this you?"

Reports of compromised LastPass master passwords are streaming in via multiple social media sites and online platforms, including Twitter, Reddit, and Hacker News.

https://www.bleepingcomputer.com/news/security/lastpass-users-warned-their-master-passwords-are-compromised/

#lastpass
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Court Orders WhatsApp To Block Groups Sharing Pirated Newspapers

India's largest newspaper publishing group has filed a complaint at the Delhi High Court against dozens of defendants said to have illegally offered its copyrighted publications via WhatsApp. The full case will be heard next year but in the interim, WhatsApp is required to take down or block the infringing groups.

Sharing copyrighted content online is certainly nothing new but over the years the sharing mechanisms have expanded to incorporate new methods of distribution.

Where once peer-to-peer services were the obvious choice, these days people also utilize platforms such as WhatsApp, Discord and Facebook, which add social elements to the sharing experience by bringing like-minded people together, often around a central topic.

This is proving to be a problem at DB Corp Ltd, India’s largest newspaper publishing group. The company publishes five newspapers with 61 editions but when people illegally share its digital content online, its ability to generate revenue comes under threat, the publisher says.

https://torrentfreak.com/court-orders-whatsapp-to-block-groups-sharing-pirated-newspapers-211228/

#whatsapp #india #pirated #newspaper
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Stop general data retention in the EU – current plans for mass surveillance

In this joint talk, four internet freedom advocates will expose and criticize current plans for general mass collection of everyone's communication data. 2022 will bring threats to Internet freedoms but also opportunities for civil society to act.

We need to get back to basics: Let's set the default to zero mass surveillance.

⚠️ This Talk was translated into multiple languages (english/german). The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.

https://media.ccc.de/v/rc3-2021-cwtv-879-stop-general-data-rete

#ccc #rc3 #surveillance #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

LogMePwn

LogMePwn is a fully automated, multi-protocol, reliable, super-fast scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

💡 Tool Highlights:

- Inherent support for automatic Canary Tokens generation using emails or webhooks.
- Multi-protocol support: HTTP, IMAP, SSH, FTP, etc.
- Support for multiple HTTP methods (GET, POST, PUT, DELETE, PATCH, etc)
- Customized HTTP request body fuzzing (JSON, XML, etc).
- Custom callback server and payload support.
- CIDR range scanning.
- Everything is multi-threaded and super fast (its written in Go).
- ...and many more. Checkout the documentation and the tool below!

https://github.com/0xInfection/LogMePwn

#LogMePwn #log4j #log4shell #vulnerability #toolkit
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The Current State Of Play In Autonomous Cars

Bluster around the advent of self-driving cars has become a constant in the automotive world in recent years. Much is promised by all comers, but real-world results – and customer-ready technologies – remain scarce on the street.

Today, we’ll dive in and take a look at the current state of play. What makes a self-driving car, how close are the main players, and what can we expect to come around the corner?

https://hackaday.com/2021/12/29/the-current-state-of-play-in-autonomous-cars/

#hackaday #autonomous #cars
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Big Data May Not Know Your Name. But It Knows Everything Else

Data brokers claim that deidentified data on millions of Americans is risk-free. Lawmakers need to know that “anonymity” is an abstraction.

Companies like Acxiom, LexisNexis, and others argue that there’s nothing to worry about collecting and sharing Americans’ sensitive data, as long as their names and a few other identifiers aren’t attached. After all, their reasoning goes, this “anonymized” data can’t be linked to individuals, and is therefore harmless.

But as I testified to the Senate last week, you can basically reidentify anything. “Anonymity” is an abstraction. Even if a company doesn’t have your name (which they probably do), they can still acquire your address, internet search history, smartphone GPS logs, and other data to pin you down. Yet this flawed, dangerous narrative persists and continues to persuade lawmakers, to the detriment of strong privacy regulation.

Data on hundreds of millions of Americans’ races, genders, ethnicities, religions, sexual orientations, political beliefs, internet searches, drug prescriptions, and GPS location histories (to name a few) are for sale on the open market, and there are far too many advertisers, insurance firms, predatory loan companies, US law enforcement agencies, scammers, and abusive domestic and foreign individuals (to name a few) willing to pay for it. There is virtually no regulation of the data brokerage circus.

Many brokers claim there’s no need for regulation, because the data they buy and sell “isn’t linked to individuals” simply because there isn’t, say, a “name” column in their spreadsheet detailing millions of Americans’ mental illnesses. The consumer credit reporting company Experian, for example, says its wide sharing of data with third parties includes information that is “non-personal, de-identified, or anonymous.” Yodlee, the largest financial data broker in the US, has claimed that all the data it sells on Americans is “anonymous.” But corporations saying that such "anonymity" protects individuals from harm is patently false.

https://www.wired.com/story/big-data-may-not-know-your-name-but-it-knows-everything-else/

#bigdata #BigData #databrokers #privacy #ourdata
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

BIG DATA - 3.0 - "L1ZY"

Introducing the most advanced artificial intelligence platform in modern history...BIG DATA - 3.0 - "L1ZY"

https://www.youtube.com/watch?v=RfqM63CAC8g

#BigData #L1ZY #video #thinkabout #why
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Happy new year to all of you 😊
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

When Wikileaks bumped into the CIA: Operation Kudo exposed

This talk is about the experience of the Wikileaks project when it bumped into a small problem with the CIA. While it builds up on my last years talk 'CIA vs. WL' I am now able to provide a detailed report about how the operations unfolded and what it triggered; with refreshing material from various sources.

https://media.ccc.de/v/rc3-2021-chaoszone-409-when-wikileaks-bu

⚠️ This Talk was translated into multiple languages (en/ger/fr). The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.

#ccc #rc3 #wikileaks #cia #surveillance #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Huge New Global Anti-Piracy Coalition Will Tackle Manga & Anime Piracy

Japan-based anti-piracy group CODA is building a huge coalition dedicated to tackling illegal online distribution of anime, manga and similar copyrighted content. The International Anti-Piracy Organisation will be compromised of 32 local companies including publisher Kodansha, Hollywood studios plus Netflix, and around 450 companies in China.

In the summer of 2017, some of the world’s largest entertainment groups formed a huge coalition with a mission to reduce online piracy.

Comprised of more than 30 companies, the Alliance for Creativity is now at the forefront of global anti-piracy enforcement. By combining its members’ resources to tackle infringement wherever it may occur in the world, the cross-border nature of piracy is now being addressed more effectively.

A new anti-piracy group set to launch this April appears to have similar goals in mind.

https://torrentfreak.com/huge-new-global-anti-piracy-coalition-will-tackle-manga-anime-piracy-220103/

#piracy #antipiracy #manga #anime
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv