Latest Post


I wasn’t sure if I should even post this video, but I think you all deserve to see it. I had no idea how serious this was. If he found the RAT, he could probably find any of us. I’m going to get off the grid for a while. Watch your backs…




We wrote about Bruter v1.0 ALPHA version back in 2008, recently they announced the release of v1.0 Final!
Bruter is a parallel network login brute-forcer on Win32. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication.
It currently supports following services:
  • FTP
  • HTTP (Basic)
  • HTTP (Form)
  • IMAP
  • MSSQL
  • MySQL
  • POP3
  • SMB-NT
  • SMTP
  • SNMP
  • SSH2
  • Telnet
  • VNC
Recent Changes
  • Re-licensed to new-BSD license
  • Added proxy support (CONNECT, SOCKS4, SOCKS5)
  • Allowed more delimiter in combo file
  • Added password length filtered in combo and dictionary mode
  • Fixed miscellaneous bugs
  • Updated openssl library to 0.9.8n
You can download Bruter v1.0 Final here:

If you don’t know, Brutus is one of the fastest, most flexible remote password crackers you can get your hands on – it’s also free. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future. Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 downloads and over 175,000 visitors to this page. Development continues so new releases will be available in the near future.



Brutus was written originally to help me check routers etc. for default and common passwords.
Features
Brutus version AET2 is the current release and includes the following authentication types :
  • HTTP (Basic Authentication)
  • HTTP (HTML Form/CGI)
  • POP3
  • FTP
  • SMB
  • Telnet
Other types such as IMAP, NNTP, NetBus etc are freely downloadable from this site and simply imported into your copy of Brutus. You can create your own types or use other peoples.

The current release includes the following functionality :
  • Multi-stage authentication engine
  • 60 simultaneous target connections
  • No username, single username and multiple username modes
  • Password list, combo (user/password) list and configurable brute force modes
  • Highly customisable authentication sequences
  • Load and resume position
  • Import and Export custom authentication types as BAD files seamlessly
  • SOCKS proxy support for all authentication types
  • User and password list generation and manipulation functionality
  • HTML Form interpretation for HTML Form/CGI authentication types
  • Error handling and recovery capability inc. resume after crash/failure.
You can download brutus-aet2.zip here (the password is darknet123):


1. Nmap
I think everyone has heard of this one, recently evolved into the 4.x series.
Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works with a client-server framework.
Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
3. John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
4. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
5. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.
If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.
6. p0f
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
– machines that connect to your box (SYN mode),
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
7. Wireshark (Formely Ethereal)
Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.
Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.

8. Yersinia
Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
The best Layer 2 kit there is.
9. Eraser
Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.
An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.
10. PuTTY
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4x0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.
11. LCP
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.
A good free alternative to L0phtcrack.
LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article.
12. Cain and Abel
My personal favourite for password cracking of any kind.
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
13. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
14. NetStumbler
Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
  • Verify that your network is set up the way you intended.
  • Find locations with poor coverage in your WLAN.
  • Detect other networks that may be causing interference on your network.
  • Detect unauthorized “rogue” access points in your workplace.
  • Help aim directional antennas for long-haul WLAN links.
  • Use it recreationally for WarDriving.
15. hping
To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills.
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
Yah I’ve stayed away from commercial products in this article, perhaps I’ll cover those another day.

Image result for darknet drugs pictures

The 2016 World Drug Report stated that the deepweb is fueling an international drug trade. According to Stijn Hoorens and David Décary-Hétu, the claim is not reinforced by empirical evidence. RAND Europe and the Universities of Montreal and Manchester conducted a study that ultimately disproved the 2016 WDR’s claims.
Global law enforcement agencies routinely arrest succesful deepweb vendors, indicating there is no shortage of online drug transactions. Many arrested vendors were able to tap into revenue streams that would have been nonexistent if not for the deepweb. There is no disputing that international transactions are a commonplace on darknetmarkets. However, researchers believe that such drug trade has had no substantial impact on global drug markets.
Judith Aldridge from the University of Manchester, David Décary-Hetu from the University of Montreal, and Stijn Hoorens from RAND conducted a massive deepweb scrape. The scrape contained data from 50 marketplaces and independent shops with a focus on both vendor and buyer demographics. Similar to recent findings from Monica Barratt and Aldridge, the RAND scrape shows online drug trade tripling since 2013.
Hoorens and Décary-Hétu write “but how global is this trade?”
The researchers found that marketplaces are dominated by vendors from the US, the UK and Australia. Vendor location was determined by looking at merchandise listings that indicated where the product would be shipping from. US-based vendors have the highest market share of cryptomarket drugs (35.9 percent of total drug revenues). The UK (16.1 percent) and Australia (10.6) are next in line.
Emerging economies have the least vendors, the study indicates:
Cryptomarkets offer potential customer outlets for vendors who are closely located to source regions. Our data suggests, however, that very few vendors operate from emerging economies, such as Southern Asia (heroin), Latin America (cannabis, cocaine), northern Africa (cannabis resin), or China (synthetic drugs and new psychoactive substances).
Deriving data about the buyer location is far more difficult. However, vendors often indicate locations they will ship to, giving researchers a starting point. The potential shipping routes were analyzed, revealing that North America and Oceania were the two most common destinations. Europe was the third most common.
The most common routes of darknet market drug trade were within North America, Europe, and Oceania. The researchers note that one-third of the transactions take unknown routes, so the data was difficult to estimate precisely. Regardless, this analysis indicates that majority of drugs bought online are shipped domestically or intra-continentally. Respectively few drugs traveled between continents.
The publication points out the discrepancy between their findings and the current beliefs:
This finding is interesting because it challenges the convention that cryptomarkets facilitate the globalization of drug retail markets. Countries such as Australia and the US have implemented strict monitoring of internationally shipped parcels, which explains the reluctance of vendors to ship across international borders. Contrast that to the limited or lack of monitoring of domestically shipped postal packages. With American buyers able to source cannabis, for example, from Colorado and Washington, where the drug has been legalized, why risk purchase from abroad?
An anomaly manifests itself when examining the Netherlands in light of domestic drug sales vs. international ones. Local law enforcement provided the researchers with intelligence suggesting that domestic sales from Dutch vendors are of little importance. However, the Netherlands has dominated global sales of MDMA with twenty-three percent of overall revenue. “The 225 vendors operating from the Netherlands generated $1.1 million in drug revenues per month and ranked fifth, after the US, UK, Australia, and Germany,” Hoorens Décary-Hétu wrote.
Looking at the Netherlands example, one can see that online international drug trade is only occurring with specific drugs. In this case, the Netherlands is the MDMA center of the world. In some countries, MDMA costs tenfold domestically what it would cost if ordered internationally from the Netherlands. The conclusion here is that international sales theoretically only take place for substances that justify the risk associated with international travel.
The researchers conclude that the full impact the darknet has on international drug trade is still somewhat inconclusive. However, aside from the Netherlands, the majority of the drug trade takes place within domestic borders. Darknet transactions have massively increased in number since 2013, but their impact on international drug trade is not yet of major significance.

Author Name

Contact Form

Name

Email *

Message *

Powered by Blogger.