Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: Hackers Hacking Hackers - When you use someone else's code , you should know that it could be a trojan.

Thursday, November 9, 2017

Vulnerability Scanning script found with Backdoor
Remember, Nothing is free in this world.

First, it scans a set of IP addresses to find GoAhead servers vulnerable to a previously disclosed Authentication bypass vulnerability (CVE-2017-8225) in Wireless IP Camera (P2P) WIFI CAM devices.
In the background, it secretly creates a backdoor user account (username: VM | password: Meme123) on the wannabe hacker's system, giving the attacker same privilege as root.
Script also extracts the IP address of the wannabe hacker, allowing script author to access the compromised systems remotely.
Moreover, it also runs another payload on the script kiddie’s system, eventually installing a well-known botnet, dubbed Kaiten.

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net