The document discusses security issues in mobile applications on iOS and Android. It provides an overview of iOS security features like sandboxing, the secure enclave, and full disk encryption. It also discusses potential risks like what data is stored in app bundles and sandboxes. For Android, it describes the more open ecosystem and risks of data storage on external storage or via backups. The document outlines threats like malware targeting banking apps and issues with permissions, exported app components, and inter-process communication.
The document provides an overview of privacy and anonymity on blockchains. It discusses how early Bitcoin users thought it was anonymous but exchanges required real identities. It describes analysis of Bitcoin transactions and better privacy with tools like coinjoins, Tornado Cash and future ideas like stealth addresses. It summarizes criminal cases where privacy failures led to arrests and emphasizes that blockchains provide a permanent record so one should not do illegal activities or link identities to addresses.
Cloud DFIR techniques and tools were discussed, including terminology, shared responsibility models, identity and access management, instance metadata services, various log sources, and traffic mirroring capabilities across AWS, Azure, and GCP cloud platforms. Key points covered include the different log types available, default configurations and retention periods, and tools like SOF-ELK that can help centralize and parse cloud logs. Challenges of cloud forensics such as non-standardized terminology, lack of default log collection, and limitations of traffic mirroring were also noted.
This document discusses hacking in Minecraft. It provides an overview of Minecraft's history and the author's history playing the game. It then covers topics like decompiling Minecraft, running your own server, scanning for servers like LiveOverflow, connecting to LiveOverflow, using mods like Fabric and mixins, coordinate exploits from 2018, and the 2021 Log4Shell vulnerability. The document concludes by discussing X-ray mods and expressing concern that Minecraft taught players it is okay to run random JAR files from servers.
The document discusses security issues in mobile applications on iOS and Android. It provides an overview of iOS security features like sandboxing, the secure enclave, and full disk encryption. It also discusses potential risks like what data is stored in app bundles and sandboxes. For Android, it describes the more open ecosystem and risks of data storage on external storage or via backups. The document outlines threats like malware targeting banking apps and issues with permissions, exported app components, and inter-process communication.
The document provides an overview of privacy and anonymity on blockchains. It discusses how early Bitcoin users thought it was anonymous but exchanges required real identities. It describes analysis of Bitcoin transactions and better privacy with tools like coinjoins, Tornado Cash and future ideas like stealth addresses. It summarizes criminal cases where privacy failures led to arrests and emphasizes that blockchains provide a permanent record so one should not do illegal activities or link identities to addresses.
Cloud DFIR techniques and tools were discussed, including terminology, shared responsibility models, identity and access management, instance metadata services, various log sources, and traffic mirroring capabilities across AWS, Azure, and GCP cloud platforms. Key points covered include the different log types available, default configurations and retention periods, and tools like SOF-ELK that can help centralize and parse cloud logs. Challenges of cloud forensics such as non-standardized terminology, lack of default log collection, and limitations of traffic mirroring were also noted.
This document discusses hacking in Minecraft. It provides an overview of Minecraft's history and the author's history playing the game. It then covers topics like decompiling Minecraft, running your own server, scanning for servers like LiveOverflow, connecting to LiveOverflow, using mods like Fabric and mixins, coordinate exploits from 2018, and the 2021 Log4Shell vulnerability. The document concludes by discussing X-ray mods and expressing concern that Minecraft taught players it is okay to run random JAR files from servers.
HUN Hackersuli - How to hack an airplanehackersuli
This document discusses how to hack airplanes and get away with it. It provides an aviation security primer, describing security boundaries, certification requirements, and the "Swiss cheese model" of security. It also defines various aviation industry acronyms and terms. The document examines potential attack surfaces in different parts of an airplane system, including data loading interfaces. It presents a case study on portable data loaders used for updating airplane software, outlining the data loading process, attack surfaces, and potential threat scenarios involving the loader.
[Hackersuli] [HUN] Windows a szereloaknanhackersuli
This document discusses using the Autoruns tool to analyze startup programs and hidden files on a Windows system. It recommends using Autoruns to save a list of startup programs, copying files to a clean system for offline analysis, and notes that the SHIM database is not detected by Autoruns. The document also covers using alternate data streams to hide files like using "echo secret > test.txt:secret.txt" and provides the Streams.exe tool for viewing these hidden files.
[HUN] Hackersuli - Console and arcade game hacking – history, present, futurehackersuli
This document provides a history of console and arcade game hacking, from early consoles like the Sega Saturn and PlayStation 1 that were hacked through modchips and workarounds, to newer consoles like the PlayStation 4 and Nintendo Switch that require chaining software exploits to achieve jailbreaking. It discusses the motivation for game preservation and homebrew development. Security measures by companies like Capcom and techniques used by hackers to eventually break the protections are outlined. The current state of hacking modern consoles like the PlayStation 4 and Nintendo Switch through exploit chains is described, as well as challenges for hacking future systems.
Hackersuli - Linux game hacking with LD_PRELOADhackersuli
This document discusses using LD_PRELOAD and DYLD_INSERT_LIBRARIES to inject code into processes via shared object preloading on Linux and macOS respectively. It provides examples of modifying system calls and injecting code into applications at runtime. It also explains how to compile shared objects for injection and discusses some techniques for preventing injection, such as using setuid/setgid bits.
This document provides an overview of malware types, notable malware incidents, and techniques used by malware authors to evade detection. It discusses the Morris Worm in 1988, the transition of malware motives from fame to money, and exponential growth in new malware samples daily. Methods used by antivirus to detect malware and techniques used by malware to avoid detection are outlined. Cybercrime groups and interesting malware cases that were creative or exploited vulnerabilities are also summarized.
[Hackersuli][HUN]MacOS - Going Down the Rabbit Holehackersuli
This document discusses macOS privilege escalation techniques using benign App Store apps. It describes how dylib hijacking can be used to gain root privileges by subverting the installation process and dropping files in privileged locations. It provides a demonstration using a "Crontab Creator" app to drop a cronjob that executes a script with root privileges. The document also discusses monitoring tools and how Apple addressed the vulnerability in later macOS versions.
[HUN][Hackersuli] Androidos alkalmazássebészet, avagy gumikesztyűt fel és irá...hackersuli
A januári hackersulin belemerülünk az androidos alkalmazások nagyon mély lelkivilágába. Könyékig fogunk túrni az androidos "assembly"-ben és megnézzük, hogy mire lehet használni a szanaszéjjel cincált byte kódot, hogy lehet mókolni vele. Hónaljig merülünk a java compiler és a dalvik rejtelmeibe és a fejünk búbja is tocsogni fog a processzorregiszterek vakargatásától. Móka és kacagás az egész családnak!
Halálcsillag, pizza, süti, üccsi, gyakorlati példák, jó fej meetupra látogató, IT biztonság iránt érdeklődő emberkék és ultrajófej előadók mind várhatóak.
Gyertek és adjátok tovább!
[HUN][Hackersuli] iOS hekkelés, avagy egyik szemünk zokog, a másik meg kacagv...hackersuli
"Van publikus iBoot exploit az iOS-hez!"
Ha erre a mondatra nem vigyorogsz, gyere el és fogsz. Ha viszont zokognál, akkor arra is van okod - hogy miért, gyere el és megtudod :)
A decemberi első* Hackersuli meetupon iOS-ről fogunk beszélni mind alkalmazáshekkelési/penteszter szemszögből, mind pedig abból nézve, hogy most akkor beadhatod-e nyugodt szívvel az iPhone-odat kijelzőcserére az araboknak a Nyugatinál.
Kriptovaluták, hashbányászat és okoscicákhackersuli
Zoltan Balazs provides a simplified explanation of Ethereum smart contracts for a five-year-old audience. He begins by explaining blockchain and cryptocurrencies using metaphors involving math puzzles and a fictional currency called "moneZ". He then explains how smart contracts allow digital agreements to be "carved into stone" by encoding them as code on the blockchain. Smart contracts use a programming language called Solidity and run on Ethereum's virtual machine. While promising, smart contracts also introduce new hacking risks as code vulnerabilities cannot be fixed like legal contracts. Examples of past hacks involving The DAO and a Parity wallet library vulnerability are briefly described to illustrate this risk.
This document summarizes a presentation about escaping locked down networks. It discusses using tools like XFLTReaT to bypass network restrictions by tunneling traffic through unfiltered protocols. Specific techniques covered include changing the MAC address, using alternative gateways, exploiting misconfigured proxies or firewalls, and setting up tunnels through protocols like SSH, ICMP, or RDP. The presentation also demonstrates how to install and use XFLTReaT on Linux and Windows systems to test what protocols are unfiltered on a network.
Hogy néz ki egy pentest meló a gyakorlatban?hackersuli
This document provides an overview of how to conduct a penetration test of a web application. It discusses the importance of project management and scope definition. Key steps include gathering intelligence on the target system, understanding the application functionality, using both automated scanning tools and manual testing of business logic flaws. Guidelines are provided around legal and ethical aspects, as well as communications with the client.
HUN Hackersuli - How to hack an airplanehackersuli
This document discusses how to hack airplanes and get away with it. It provides an aviation security primer, describing security boundaries, certification requirements, and the "Swiss cheese model" of security. It also defines various aviation industry acronyms and terms. The document examines potential attack surfaces in different parts of an airplane system, including data loading interfaces. It presents a case study on portable data loaders used for updating airplane software, outlining the data loading process, attack surfaces, and potential threat scenarios involving the loader.
[Hackersuli] [HUN] Windows a szereloaknanhackersuli
This document discusses using the Autoruns tool to analyze startup programs and hidden files on a Windows system. It recommends using Autoruns to save a list of startup programs, copying files to a clean system for offline analysis, and notes that the SHIM database is not detected by Autoruns. The document also covers using alternate data streams to hide files like using "echo secret > test.txt:secret.txt" and provides the Streams.exe tool for viewing these hidden files.
[HUN] Hackersuli - Console and arcade game hacking – history, present, futurehackersuli
This document provides a history of console and arcade game hacking, from early consoles like the Sega Saturn and PlayStation 1 that were hacked through modchips and workarounds, to newer consoles like the PlayStation 4 and Nintendo Switch that require chaining software exploits to achieve jailbreaking. It discusses the motivation for game preservation and homebrew development. Security measures by companies like Capcom and techniques used by hackers to eventually break the protections are outlined. The current state of hacking modern consoles like the PlayStation 4 and Nintendo Switch through exploit chains is described, as well as challenges for hacking future systems.
Hackersuli - Linux game hacking with LD_PRELOADhackersuli
This document discusses using LD_PRELOAD and DYLD_INSERT_LIBRARIES to inject code into processes via shared object preloading on Linux and macOS respectively. It provides examples of modifying system calls and injecting code into applications at runtime. It also explains how to compile shared objects for injection and discusses some techniques for preventing injection, such as using setuid/setgid bits.
This document provides an overview of malware types, notable malware incidents, and techniques used by malware authors to evade detection. It discusses the Morris Worm in 1988, the transition of malware motives from fame to money, and exponential growth in new malware samples daily. Methods used by antivirus to detect malware and techniques used by malware to avoid detection are outlined. Cybercrime groups and interesting malware cases that were creative or exploited vulnerabilities are also summarized.
[Hackersuli][HUN]MacOS - Going Down the Rabbit Holehackersuli
This document discusses macOS privilege escalation techniques using benign App Store apps. It describes how dylib hijacking can be used to gain root privileges by subverting the installation process and dropping files in privileged locations. It provides a demonstration using a "Crontab Creator" app to drop a cronjob that executes a script with root privileges. The document also discusses monitoring tools and how Apple addressed the vulnerability in later macOS versions.
[HUN][Hackersuli] Androidos alkalmazássebészet, avagy gumikesztyűt fel és irá...hackersuli
A januári hackersulin belemerülünk az androidos alkalmazások nagyon mély lelkivilágába. Könyékig fogunk túrni az androidos "assembly"-ben és megnézzük, hogy mire lehet használni a szanaszéjjel cincált byte kódot, hogy lehet mókolni vele. Hónaljig merülünk a java compiler és a dalvik rejtelmeibe és a fejünk búbja is tocsogni fog a processzorregiszterek vakargatásától. Móka és kacagás az egész családnak!
Halálcsillag, pizza, süti, üccsi, gyakorlati példák, jó fej meetupra látogató, IT biztonság iránt érdeklődő emberkék és ultrajófej előadók mind várhatóak.
Gyertek és adjátok tovább!
[HUN][Hackersuli] iOS hekkelés, avagy egyik szemünk zokog, a másik meg kacagv...hackersuli
"Van publikus iBoot exploit az iOS-hez!"
Ha erre a mondatra nem vigyorogsz, gyere el és fogsz. Ha viszont zokognál, akkor arra is van okod - hogy miért, gyere el és megtudod :)
A decemberi első* Hackersuli meetupon iOS-ről fogunk beszélni mind alkalmazáshekkelési/penteszter szemszögből, mind pedig abból nézve, hogy most akkor beadhatod-e nyugodt szívvel az iPhone-odat kijelzőcserére az araboknak a Nyugatinál.
Kriptovaluták, hashbányászat és okoscicákhackersuli
Zoltan Balazs provides a simplified explanation of Ethereum smart contracts for a five-year-old audience. He begins by explaining blockchain and cryptocurrencies using metaphors involving math puzzles and a fictional currency called "moneZ". He then explains how smart contracts allow digital agreements to be "carved into stone" by encoding them as code on the blockchain. Smart contracts use a programming language called Solidity and run on Ethereum's virtual machine. While promising, smart contracts also introduce new hacking risks as code vulnerabilities cannot be fixed like legal contracts. Examples of past hacks involving The DAO and a Parity wallet library vulnerability are briefly described to illustrate this risk.
This document summarizes a presentation about escaping locked down networks. It discusses using tools like XFLTReaT to bypass network restrictions by tunneling traffic through unfiltered protocols. Specific techniques covered include changing the MAC address, using alternative gateways, exploiting misconfigured proxies or firewalls, and setting up tunnels through protocols like SSH, ICMP, or RDP. The presentation also demonstrates how to install and use XFLTReaT on Linux and Windows systems to test what protocols are unfiltered on a network.
Hogy néz ki egy pentest meló a gyakorlatban?hackersuli
This document provides an overview of how to conduct a penetration test of a web application. It discusses the importance of project management and scope definition. Key steps include gathering intelligence on the target system, understanding the application functionality, using both automated scanning tools and manual testing of business logic flaws. Guidelines are provided around legal and ethical aspects, as well as communications with the client.
2. This meetup is NOT about/for
WHOLE CRYPTO WORLD IS A SCAM!!!!
Smart contract developers
Financial advise on which shitcoin to invest in
Crypto exchange hacks
Where cryptocurrency is used as a form of payment, nothing else
e.g. ransomware
5. How did we get here?
Lot of people got rich from cryptocurrencies
Lot of people want to get rich from cryptocurrencies
Total market capitalisation is around 2 trillion USD
2,000,000,000,000
New complex technology with crappy UI
What could possibly go wrong?
6. What is Bitcoin anyway?
https://youtu.be/5AN5veSPfY4
Let’s hear it from a trusted, 3 Grammy
award winner Blockchain expert!
7. Üdvözletem,
Ez az utolsó
fi
gyelmeztetés.
A rendszere veszélybe került.
Minden adatot átmásoltunk az Ön készülékéről a szervereinkre.
Volt egy videófelvétel is a kamerádról, amelyen pornót nézel.
A vírusom egy nemrégiben megnyitott felnőtteknek szóló weboldalon keresztül fertőzte meg a készülékét.
Ha nem tudod, hogyan működik, megosztom veled a részleteket.
A Trójan vírus teljes hozzáférést és ellenőrzést biztosít az Ön által használt eszköz felett.
Ennek eredményeként láthatom az egész képernyődet, bekapcsolhatom a kamerádat és a mikrofonodat, és te még csak nem is fogsz tudni róla.
A képernyődről és a kamerás eszközödről videófelvételt készítettem, és megszerkesztettem a videót, amelyen a képernyő egyik részén egy maszturbáló videót látszik, a másik
részén pedig egy pornográf videót, amelyet abban a pillanatban nyitottál meg.
Látom a teljes névjegyzékét a telefonjáról és az összes közösségi médiáról.
Ezt a videót egy pillanat alatt elküldhetem a telefonos, e-mailes és közösségi médiás kapcsolataid teljes listájára.
Ezenkívül mindenkinek tudok adatokat küldeni az e-mailjéből, valamint az üzenetküldőkből is.
Örökre tönkretehetem a hírnevedet.
Ha el akarja kerülni ezeket a következményeket, akkor:
1400 USD (US dollár) átutalása a bitcoin pénztárcámba
(ha nem tudja, hogyan kell ezt megtenni, írja be a Google keresőjébe, hogy “Bitcoin vásárlás”).
Bitcoin tárcám (BTC Wallet): bc1q5cpne7expp2t333l58jnnv4gh6emmr9vv2czaz
Amint megérkezik a
fi
zetés, azonnal megsemmisítem a videódat, és garantálom, hogy nem foglak többé zavarni.
50 órája (valamivel több mint 2 nap) van arra, hogy teljesítse ezt a ki
fi
zetést.
Automatikus értesítést kapok, amikor elolvasom ezt az e-mailt. Hasonlóképpen, az időzítő automatikusan leáll, miután elolvasta az aktuális e-mailt.
Ne próbálj meg reklamálni sehol, mivel a pénztárca nem követi, a posta, ahonnan a levél érkezett, és nem követik és automatikusan létrejön, így nincs értelme írni nekem.
Ha megpróbálja megosztani ezt az e-mailt bárkivel, a rendszer automatikusan kérést küld a szervereknek, és azok továbbítják az összes adatot a közösségi hálózatoknak.
A jelszavak megváltoztatása a közösségi hálózatokon, levelezésen, eszközön nem segít, mert az összes adat már le van töltve a szerverfürtömre.
Sok szerencsét, és ne csinálj semmi hülyeséget. Gondoljon a hírnevére
8. Covert pre-mine
Ripple launched in December 2012
100% already pre-mined
Founding team controlled 50-70% of all
McCaleb leaves Ripple Labs in 2014, pocketing 135M USD
December 2020: SEC
fi
les lawsuit against Ripple
11. Step 1: Buy a lot from something
what is cheap and has low volume
Step 2: Advertise as the NEXT BIG
THING
Step 3: Sell on top
Step 4: PROFIT
Optional Step 5: Short on top
12. Rug pull
Similar to pump and
dump
But you are the owner/
developer of the
cryptocurrency/token/
whatever
Even Conti ransomware
group knew about
SQUID
19. Buy (fake) wallet.dat
https://bitcointalk.org/index.php?topic=5315310.0
I have decided to check every single huge bundle packs of wallet.dat's that is going around with copied Information's
from allprivatekeys & have found a HUGE list of fake wallets. They're editing the public view keys of wallets with bank on
them with blank wallet encrypted private key with an unbreakable password of like a gazillion increments so they can sell
over & over & over again.
If anybody wants these wallet packs for FREE then ask me, you can have them. I won't charge you for them.
20.
21. Insider trading/knowledge
Ribbon tokens airdrop
Could not be cashed out before October 8
Cluster of 36 wallets quickly cashed out the tokens on October 8
Accounts were created before the airdrop to receive the airdrops!
23. Ponzi: Proof of weak hands
It is totally not a pyramid scheme, just look at our logo …
Was hacked due to poor programming :)
10% of all buys and sells are returned back to all the holders of the P3D coin as dividend
26. SIM swap
Crypto exchange password/2FA recovery tied to phone number
Use social engineering or bribery for SIM swap
Reclaim account
Will not work on all exchanges
28. What is an NFT?
Let’s hear it from our enthusiastic NFT expert,
Mr. Victor Chaos
26:08
29. What is an NFT anyway?
https://twitter.com/zh4ck/nft
https://etherscan.io/nft/0x06012c8cf97bead5deae237070f9587f8e7a266d/
634517
https://etherscan.io/tx/
0xfe21bd24d7748890c4deb2453bcd22ab451349fdacb5e812422e16772a66472
3#eventlog
https://etherscan.io/address/
0xb77feddb7e627a78140a2a32cac65a49ed1dba8e#code
30. The “magical” world of NFTs …
Snoop Dog - 2500 ETH
Justin Bieber - 500 ETH
Eminem - 123.45 ETH
Paris Hilton BAYC - 119 ETH
https://etherscan.io/token/0xbc4ca0eda7647a8ab7c2061c2e118a18a936f13d#readContract
https://ipfs.io/ipfs/QmeSjSinHpPnmXmspMjwiXyN6zS4E9zccariGR3jxcaWtq/9055
https://cid.ipfs.io/#QmTHcV6mGxHGeeXCnYtV129eRiR8Exni4sT8dDikBWBgzY
34. The attack appears to have exploited a
fl
exibility in the Wyvern Protocol…
Targets signed a partial contract, with a
general authorization and large portions
left blank.
With the signature in place, attackers
completed the contract with a call to their
own contract, which transferred
ownership of the NFTs without payment.
Opensea 2022 January
https://kalis.me/unlimited-erc20-
allowances/
37. NFT airdrop scam
Some scammers will restrict the sale in the contract, and users can
only buy, so the price of tokens will rise all the way
…
The authorization of these “.io” tokens before the transaction must go
to the of
fi
cial website of these scammers. Once authorized on those
websites, it is equivalent to Hand in hand with your wallet, the
scammer will have the power to transfer all the assets in your wallet.
50. Best practices
don’t trust random people on social media
check source of the app/dapp
don’t send funds to someone you dont trust, or check via mobile
block people/email sharing login, password, private key, seed phrase, backup phrase
how to check email addresses?
extra careful to interact with unknown smart contracts
use password manager
enable 2fa, don’t use SMS based
use HW wallet if you have a lot to protect
keep PC free of malware
cold wallet for valuables - like you don’t store your life savings in your pocket wallet
take time, don’t rush
follow https://twitter.com/scams_alarms