HackMag – Page 9 – Security, malware, coding, devops

Lateral movement guide: Remote code execution in Windows

Written by s0i37

Penetration into the target network is just the first stage of a hacking attack. At the next stage, you have to establish a foothold there, steal users’ credentials, and gain the ability to run arbitrary code in the system. This article discusses techniques used to achieve the above goals and explains how to perform lateral movement in compromised networks.

Read full article →

Fatal mistakes. How to identify logical vulnerabilities in web apps

Written by Twost

Analysis of all kinds of vulnerabilities is one of the main HackMag topics. In this article, I will use four classical pentesting tasks to explain how to identify bugs in web apps.

Read full article →

Searching for leaks: How to find and steal databases

Written by Mikhail Artyukhin

News portals report large-scale data leaks nearly on a daily basis. Such accidents occur with all kinds of computer systems all over the world; the severity of their consequences varies from devastating to disastrous. In this article, I will show how easy it is to gain access to vast arrays of data.

Read full article →

Controlling Android. Dangerous APIs enable hackers to intercept data and reset smartphone settings

Written by Eugene Zobnin

In addition to traditional permissions, Android has three metapermissions that open access to very dangerous APIs enabling the attacker to seize control over the device. In this article, I will explain how to use them so that you can programmatically press smartphone buttons, intercept notifications, extract text from input fields of other apps, and reset device settings.

Read full article →

Coronavirus in darknet. New arrivals on black markets amid the pandemic

Written by Yuriy Skvortsov

Amid the COVID-19 pandemic, plenty of products supposed to protect you against COVID-19, or ease the course of the disease, or even heal you became available on the darknet (as well as on legitimate marketplaces). Because the shady segment of the global network is of utmost interest to hackers, I decided to examine the assortment of goods offered there and compare the prices on the darknet and in ‘regular’ stores.

Read full article →

How to fool MSI installer: Instruction for lazy hackers

Written by MVK

To run a program, you must install it first. But what if the installer doesn’t want to start, or even worse, refuses to install the app? In that situation, you have no choice but to hack it. Today, I will show how to do this easily, quickly, and effectively.

Read full article →

Long live the data! How to recover information from a bricked flash drive in Linux

Written by icoz

As you are well aware, computer specialists are often asked to recover data from broken flash drives. Today, I will explain how to use TestDisk and PhotoRec for data restoration. And then I will show that all you need to recover data from a bricked memory stick are, in fact, a Hex editor and some wits.

Read full article →