• 27
      Apr - 2019

      Analytics, Hacking | 1 min | 1085

      #Docker: Docker hub has been hacked

      Analytics, Hacking | 1 min | 1085


      data leak
      database
      docker
      docker hub
      github
      hacked
      hacking
      security

      Attention Docker Hub users - Docker Hub has been hacked!

      An email containing the following highlight was sent to the users whose account data may have been exposed.

      During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds (full email).

      If you got this email you should (and if you didn't receive that email, do it too ;)):

      1. Change your...

    • 12
      Nov - 2017

      Hacking, MicroPython, Security | 5 min | 4338

      #Hacking: Wemos (ESP32) & Captive Portal using MicroPython

      Hacking, MicroPython, Security | 5 min | 4338


      captive portal system
      dns
      esp32
      hacking
      micropython

      At the beginning of October I wrote a blog article called White Hacking: WeMos and SquirelCrawl!. I used the WeMos (ESP32) and the firmware provided by Hacker Arsenal to do a captive portal. As you known, a captive portal is a web page which is displayed to newly connected users before they are granted broader access to network resources [wiki]. This can be used in combination with evil portals to obtain login credentials. The firmware provided by Hacker Arsenal has multiple limitations, e.g. the web page has to be a single file, without external files, meaning that all images should be integr...

    • 05
      Oct - 2017

      Hacking, Security | 3 min | 1719

      #White Hacking: WeMos and SquirelCrawl! (update 17.10.2017)

      Hacking, Security | 3 min | 1719


      captive portal
      getting credentials
      hacking
      MITM
      python
      squirelcrawl
      webpage compressor

      I was surfing the web for new hacking software and hardware tools and I found the Hacker Arsenal website. This website offers "ARTILLERY FOR CYBER WARRIORS" as they said; it is basically hardware and firmware for pentester. In summary, they have actually three products especially for Wi-Fi Sniffing.

      Python Code: https://goo.gl/YuT5qm

      I found the Winx-Portable (update 17.10.2017: they are not offering this product anymore, they are offering the WiNX) on the website and I thought I have something like that. I look for the boards that I've recently bought, and I find the WeMos WiFi ESP32 D...