This Week in Security: PHP Attack Defused, Scoreboard Manipulation, and Tillitis

If you use PHP, you likely use the Composer tool for managing dependencies, at least indirectly. And the good folks at SonarSource found a nasty, potential supply chain attack in …read more Continue reading This Week in Security: PHP Attack Defused, Scoreboard Manipulation, and Tillitis

125 New Flaws Found in Routers and NAS Devices from Popular Brands

The world of connected consumer electronics, IoT, and smart devices is growing faster than ever with tens of billions of connected devices streaming and sharing data wirelessly over the Internet, but how secure is it?

As we connect everything from cof… Continue reading 125 New Flaws Found in Routers and NAS Devices from Popular Brands

Reaver Download – Hack WPS Pin WiFi Networks

Reaver Download – Hack WPS Pin WiFi Networks

Reaver download below, this tool has been designed to be a robust and practical tool to hack WPS Pin WiFi Networks using WiFi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases.

It has been tested against a wide variety of access points and WPS implementations.

The original Reaver implements an online brute force attack against, as described in here [PDF]. reaver-wps-fork-t6x version 1.6b is a community forked version, which has included various bug fixes and additional attack method (the offline Pixie Dust attack).

Read the rest of Reaver Download – Hack WPS Pin WiFi Networks now! Only available at Darknet.

Continue reading Reaver Download – Hack WPS Pin WiFi Networks

Wikileaks Unveils ‘Cherry Blossom’ — Wireless Hacking System Used by CIA

WikiLeaks has published a new batch of the ongoing Vault 7 leak, this time detailing a framework – which is being used by the CIA for monitoring the Internet activity of the targeted systems by exploiting vulnerabilities in Wi-Fi devices.

Dubbed “Cherry Blossom,” the framework was allegedly designed by the Central Intelligence Agency (CIA) with the help of Stanford Research Institute (SRI

Continue reading Wikileaks Unveils ‘Cherry Blossom’ — Wireless Hacking System Used by CIA

Ubiquiti Wi-Fi Gear Hackable Via 1997 PHP Version

We actually use Ubiquiti Wi-Fi Gear and have found it pretty good, I didn’t realise their security was so whack and they were using PHP 2.0.1 from 1997! In this case a malicious URL can inject commands into a Ubiquiti device which surprise, surprise, runs the web service as root. Apparently, they also got scammed […]

The post Ubiquiti Wi-Fi…

Read the full post at darknet.org.uk

Continue reading Ubiquiti Wi-Fi Gear Hackable Via 1997 PHP Version

Fluxion – Automated EvilAP Attack Tool

Fluxion is an automated EvilAP attack tool for carrying out MiTM attacks on WPA Wireless networks written in a mix of Bash and Python. Fluxion is heavily based off Linset the Evil Twin Attack Bash Script, with some improvements and bug-fixes. How it Works Scan the networks. Capture a handshake (can’t be used without a […]

The post Fluxion…

Read the full post at darknet.org.uk

Continue reading Fluxion – Automated EvilAP Attack Tool