HackMag – Page 7 – Tech magazine for cybersecurity specialists

Fake Homebrew Infects macOS and Linux Machines with infostealer

📟 News

Date: 22/01/2025

Author: HackMag

Attackers use Google ads to disguise themselves as the Homebrew website and distribute malware targeting Mac and Linux systems and stealing logon credentials, browser data, and cryptocurrency wallets.

Read full article →

Flaying three-headed sheep. How to dump Kerberos tickets in C++

Date: 21/01/2025

Author: MichelleVermishelle

Kerberos offers plenty of user authentication features. Its main ‘bricks’ are tickets; in the course of penetration testing, the attacker dumps such tickets from the LSASS process memory at least once. Today, I will explain how this operation can be performed without sophisticated hacker tools.

Read full article →

Goodbye Mimikatz! Inject tickets with your own hands

Date: 16/01/2025

Author: MichelleVermishelle

To implement a number of pass-the-ticket attacks, you have to inject a Kerberos ticket into the compromised system. Such tools as Mimikatz, Impacket, or Rubeus can be used for this purpose, but they are easily detected by antiviruses, thus, making this approach ineffective. In this article, I will explain how the ticket injection problem can be solved without special tools: all you need is WinAPI ~~and some magic~~.

Read full article →

Privileger: Now you’re in control of privileges in Windows

Date: 16/01/2025

Author: MichelleVermishelle

In Windows, privileges play a key role: only the admin has the authority to grant special rights to users so that they can perform their tasks. This article discusses a software tool called Privileger: it enables you to search the system for accounts with certain privileges and change privileges assigned to a given account.

Read full article →

Insecurity provider. How Windows leaks user passwords

Date: 16/01/2025

Author: MichelleVermishelle

In Windows, most security mechanisms are based on user account passwords. Today, you will learn several techniques making it possible to intercept a password at the time of user authentication and write code that automates this process.

Read full article →

Malformed ELFs. How to make executable Linux files debug-resistant

Date: 29/12/2024

Author: kclo3

Plenty of anti-debugging techniques are available nowadays, but one of them stands distinctive. Its main principle is not to detect a debugger, but to prevent the app from running in it. This article explains how such a goal can be achieved using parser differentials and fuzzing. You will learn how to craft amazing ELF files that are resistant to debuggers and disassemblers but run smoothly in their native Linux environment.

Read full article →

YARA to the maximum. Learn to write effective YARA rules by examples

Date: 21/12/2024

Author: Nikolai Potolenskii

Sometimes, YARA is called the Swiss Army knife of virus analysts. This tool makes it possible to create a set of rules to detect malicious and potentially dangerous programs quickly and accurately. In this article, I will explain how to write perfect YARA rules so that its engine works at full speed and without error.

Read full article →