Evil Access Point with Auto-Backdooring Part 2!

by DG
This post are some next steps and notes I took after my original post about using Kali NetHunter to set up an evil access point that automatically backdoors executables downloaded over HTTP. For context please see the first post. How BDF Proxy Does What it Does In BDFProxy's config file /etc/bdfproxy/bdfproxy.cfg you can see the different sections containing the PATCH_TYPE and PATCH_METHOD settings for the supported executable architectures: [[[WindowsIntelx86/x64]]] PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND # PATCH_METHOD overwrites PATCH_TYPE with jump PATCH_METHOD = automatic I had some troubles with getting certain backdoored PEs
Read More

Evil Access Point with Auto-Backdooring FTW!

by DG
This post is about setting up an evil access point that will automatically backdoor executables that connected users download. Pretty neat, right? This tutorial is inspired by muts' NetHunter video of BDFProxy on NetHunter. I am using Kali NetHunter 2.0 running from a Nexus 9. I am using a TP-LINK TLWN722N (the 150Mbps version) as my secondary network interface. I recently purchased a Nexus 9 tablet and decided to load it up with Kali NetHunter. NetHunter is a release of Kali made specifically for hackers on-the-go. It’s packed with lots of cool stuff like one-click scripts, HID Keyboard
Read More

0-day? More like 4260-day!

by DG under sulley, fuzzing
TL;DR As the title suggests there are no zero days disclosed here. This blog post is a narrative of my first encounters setting up and running the Sulley Fuzzing Framework. I rediscovered a very old bug in a very old and unsupported piece of software, but learned a lot along the way! INTRO I wanted to learn the Sulley Fuzzing Framework. I read Fuzzing: Brute Force Vulnerability a few years ago, and I ended up doing some simple file type and ActiveX fuzzing, but I never took the time to learn the fuzzing framework discussed in the book. I
Read More