CyberNews404 - If you are looking for a free hacking tool on the Internet, then be careful. The most widely available tool, claiming to be a swiss army knife for hackers is just a hoax. For example, the Cobian RAT can actually be used to hack, but from the person behind Cobian RAT and not from you who use it.
Now, a security researcher has found another hacking tool IoT Vulnerability Scanning - this time is a PHP script - which is freely available on some popular hacking forums and allows one to find vulnerable IP Cameras that run vulnerable versions of embedded GoAhead web servers.
However, after carefully analyzing the scanning scripts, Newsky Security analyst Ankit Anubhav found that this tool also contains a secret backdoor, which essentially allows its creators to "hack hackers".
"For an attacker's perspective, it can be very useful to hack the hacker," Anubhav said.
"For example, if the script kiddie has 10,000 IoT botnets and if he is being hacked, the entire botnet is now controlled by the attacker who controls this kiddie script system. Therefore, by utilizing one device, he can add thousands of botnets to his troops. "
The rise of the IoT botnet and the release of the Mirai source code - the biggest IoT-based malware threat that emerged last year and managed to take down the Dyn DNS service - has prompted criminal hackers to make their big botnets either to launch DDoS attacks against their targets or to rent in order to get money.
As shown in the explanation flowchart, the IoT Vulnerability Scanning script works in four stages:
1. First, it scans a set of IP addresses to find GoAhead servers that are weak to previously uncovered authentication bypass vulnerabilities (CVE-2017-8225) at WIFI CAM Wireless Camera (P2P) devices.
2. In the background, secretly create a backdoor user account (username: VM | password: Meme123) on the kiddie script system, which gives the attacker privileges as root.
3. The script also extracts the IP address of the kiddie script, allowing the backdoor maker to access the remote compromised system.
4. In addition, he also runs another payload on the kiddie script system, which eventually installs a famous botnet dubbed Kaiten.
This tool is another example of a backdoor that is getting more and more distributed in various forums underground to hack hackers.
nice
ReplyDelete