Collaborate Disseminate
I’m trying to recreate a DHCP spoof (MITM) attack where the following is done:
Step 1 is to perform a DHCP starvation attack to exhaust the DHCP server’s IP pool, making it unable to issue IP addresses to new clients.
Step 2 is to set up a… Continue reading DHCP NAK from original DHCP server interfering with Rogue DHCP server
I am connecting to a wi-fi network and blocked all IP addresses in this network with a regular Windows 10 firewall. The only available IP addresses are:
192.168.1.1 = gateway
192.168.1.102 = my own IP address
Some people from the wi-fi s… Continue reading Windows 10 Update – Man In The Middle Attack – Tamper Update [duplicate]
It’s a really cool and super-simple trick. The question is, “Will it help?” Continue reading Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
The RomCom RAT has been making the rounds — first in Ukraine as it went after military installations, and now in certain English-speaking countries such as the United Kingdom. Initially a spear-phishing campaign, the RomCom attack has evolved to include domain and download spoofing of well-known and trusted products. In this piece, we’ll break down […]
The post RomCom RAT Attack Analysis: Fake It to Make It appeared first on Security Intelligence.
Continue reading RomCom RAT Attack Analysis: Fake It to Make It
I have been looking to do bluetooth hacking but my internal bluetooth adapters are not working on either of my laptops with spooftooph. I was seeing if I could get a used MultiBlue dongle but no one is selling theirs online (not a big surp… Continue reading What bluetooth dongle works with spooftooph?
Currently we are working to secure our internal LAN and due to this we are planning to stop mobile devices (such as personal laptops and mobile phones) to connect on corporate network. Our key area of interest is to counter such users who … Continue reading How to block personal devices on corporate network
Well, this is embarrassing! Imagine sending a multibillion-dollar rover to an ancient lakebed on Mars only to discover after a year of poking around at the rocks that it might …read more Continue reading Hackaday Links: December 4, 2022
Assume that I never check the server fingerprint when logging in to an SSH server. This means that certain configurations of SSH can be impersonated. For example, I can log into a server that only has my public key. Obviously this doesn’t … Continue reading Can an SSH server in password mode be impersonated if I ignore the fingerprint warning?
I will be publishing a fingerprinting app that shows its user how much access to their Android phone’s identifiers it has. I haven’t started writing it because I need to understand how can any Android phone be identified by using only its … Continue reading Retrieving Android phone’s identifiers
Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it:
On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees. The result is PCspooF, an attack that allows a single non-critical device connected to a single plane to disrupt synchronization and communication between TTE devices on all planes. The attack works by exploiting a vulnerability in the TTE protocol. The work was completed by researchers at the University of Michigan, the University of Pennsylvania, and NASA’s Johnson Space Center…