New Book Overview: “Basic Security Testing with Kali Linux, 3rd Edition”

My newest book, a cover to cover update of my Basic Kali book is now available! After numerous requests for an update, the new “Basic Security Testing with Kali Linux, 3rd Edition” is here!

What was intended to be a quick version change update, turned into a 6-month overhaul. It is amazing how much can change in the security world in 2 years. All chapters have been revamped, with a lot of new material added. The latest book is also 50 pages longer than the previous version!

What’s New:

  • The entire book was updated to Kali Linux 2018
  • All tools & tutorials updated
  • Obsolete tools removed
  • Many new tools added
  • Password Cracking section expanded
  • Kali on RPi chapter totally revamped
  • Kali NetHunter chapter added

Table of Contents List:

I was going to use Metasploitable3 for the Windows target in this book, but with the install complexity (and install issues) of Ms3, I decided to stay with Windows 7. I also occasionally use Windows 10 as a test target and Server 2016 is mentioned a few times as well. I will most likely use Ms3 for the upcoming advanced book. Metasploitable2 is still used for some of the Linux tutorials, as it is very easy for new users to use and follow.

The Basic Kali book is used by Universities, Training Centers, and in Ethical Hacking classes worldwide. It is also used as a training aid for multiple US Government Agencies. I have also been told numerous times that my Kali series is excellent prep material for the OSCP certification. The book is now in its third revision, with major changes made from user feedback and requests.

I have been completely shocked and humbled by the popularity of a book that was originally written as an extension of my blog posts and has evolved into a worldwide basic training guide for the exceptional Kali Linux ethical hacking platform. This continuing project would have never been possible without the flood of support and feedback from the infosec community. I am very excited to present this new version to the community and look forward to hearing your feedback and comments.

Check it out on Amazon.com.

Thank you so much for your continued support!

Advertisements

Disguised Raspberry Pi that can Hack your Network

I’ve been playing around with a Raspberry Pi on and off for a while now. The credit card sized, fully functional computer can do many things, including being transformed into a security testing tool!

There is a great article on TunnelsUp.com that demonstrates disguising a Raspberry Pi computer as a power plug and configuring it to connect out to a control server using SSH. Basically making it into something like the popular Pwnie Plug device.

When assembled, the device looks like a any other power adapter that clutters our power hungry offices. Except this one allows someone on the outside of the building to connect into the building, possibly allowing them to perform attacks against your infrastructure.

Though the author mentions just using “A Linux OS” on the PI, using something like this and placing Kali Linux on it would make it a very powerful (and affordable) attack/ security testing platform. Kali is the latest version of the Backtrack penetration testing platform, is loaded with security tools and works exceptionally well on a Raspberry Pi.

Very cool project, this should jog the creative mind of penetration testers and hopefully be a warning to IT departments to keep an eye out for rogue devices such as this.

Hard Drive Hacking – Hardware Backdoor even if Drive Wiped!

Hard Drive Hack

With all eyes on the Vegas security conferences, some amazing news comes out of OHM2013, a security conference in The Netherlands. At the show a security researcher demonstrated how a hacker could re-program the firmware on a hard drive to maintain a backdoor, and apparently the attack would still work even if the hard drive was erased and reformatted!

This week at a European security conference a security researcher demonstrated an attack that would allow a hacker to access and modify the Flash Firmware on a hard drive and program it to protect his access.

Firmware is code stored on a special flash-able chip on the drive. The built in code tells the drive how to work, how to read and write data. It is flashable (can be reprogrammed) so the manufacturer can release updates to the firmware. Most people never re-flash or update their hard drive firmware.

At the security conference, the presenter demonstrated how the attack works. He ran the program to modify the firmware on a drive. He pretended his access was detected and the administrator password was reset.

The firmware was programmed to look for a special trigger code, a special website address perhaps, that once the hard drive cache sees, it grabs the password file the next time it is accessed and changes the password back to what the hacker set it to.

And it worked!

So basically, if the hard drive firmware is compromised by a hacker, they could change it to allow them to have access to the compromised system again, even if the entire drive was erased and re-formatted.

Crazy stuff.

For more information, including a step by step explanation and proof of concept code, check out Spritesmods.com.

Will Emergency Alert Vulnerability lead to new Zombie Attack Warnings?

You are sitting with your best friend watching TV when the shrill warning of the Emergency Alert Warning goes off on your TV.  As the text scrolls across the screen you wonder if it could it be an approaching storm or worse, a tornado warning. But not this time.

It is something much better,

A Zombie attack!

But before you pile into your car, grab your girlfriend Liz, then head to the Winchester to have a nice cold pint and wait for all of this to blow over  like in ‘Shaun of the Dead’. The zombie apocalypse you are being threatened with could just be a fake warning posted by a hacker.

This is exactly what happened to TV viewers in Great Falls, Montana back in February. An infomercial was interrupted by the familiar warning bell and an Emergency Alert warning stating “bodies of the dead are rising from their graves and attacking the living“. They were warned “Do not attempt to approach or apprehend the bodies as they are considered extremely dangerous.”

The warning was fake of course, as a hacker had obtained control of the Emergency Alert System. And it could happen again as a new security vulnerability has been found in the system.

According to The Register, security “researchers at IOActive have found that systems used to receive and authenticate emergency alert messages are vulnerable to remote attack.”

Apparently root level SSH keys in some Linux Web App Servers used by the alert system have been publicly released in a firmware upgrade.

This key allows an attacker to remotely log on in over the internet and can manipulate any system function. For example, they could disrupt a station’s ability to transmit and could disseminate false emergency information. For any of these issues to be resolved, we believe that re-engineering needs to be done on the digital alerting system side and firmware updates to be pushed to all appliances,” said Mike Davis of IOActive.

Not good, as many rely heavily on the Emergency Alert System. Especially in areas that have strong or unpredictable weather patterns.

Until the situation is remedied, if you receive a Zombie Apocalypse warning from the TV, think twice before you grab your shotgun and head down to the cemetery to play Left 4 Dead 2 in real life…