David E Lares S davidlares

NPM Commands

npm init: NPM package manifest wizard
npm whoami: check for the authenticated user
npm adduser: add a user to the NPM session
npm init --scope=<username>: add the auth user to the NPM .json manifest
npm install <modulename>: installing a specific NPM module or package
npm ls: dependencies listing (specific directory)
npm test: run tests using the scripts located at the package.json file

Backdooring Android Apps with FatRat and Metasploit Framework

We have to set a point, mobile applications are a HUGE market today. Many entrepreneurs left behind web-based experiences for building disruptive mobile solutions. The battle of smart-phones remains today between IOs and Android. Both have pros and cons, they are designed and configured with default security settings that maybe not the ideal for non-experienced people.

This writing demonstrates a practical and simple example on how to generate a Reverse TCP back-door on an existing APK file.

This is a pretty common "Social Engineering Attack", and it's focused on generating a reverse TCP connection, where the attacker easily can generate shell access to your Android phone in the time you are using the infected application and do some harmful stuff or access your private information without any concern.

And when a mean “Social Engineering Attacks” is because the way it propagates, I’ll explain in a bit how are the

A basic YAML syntax review concepts

In a short note, YAML files represent configuration data in most of the times. According to Wikipedia: YAML "is a human-friendly data serialization standard for all programming languages". Basically we can say that is similar to XML and JSON notation and it is pretty used on DevOps activities for IaC configurations and for sharing data across multiple applications.

Features

key-Value Pair: there's nothing more to say to this. You have a "Key" that acts as an Identification for value itself.

Here's an example:

	curl -sL https://deb.nodesource.com/setup_8.x \| sudo -E bash -
	curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg \| sudo apt-key add -
	echo "deb https://dl.yarnpkg.com/debian/ stable main" \| sudo tee /etc/apt/sources.list.d/yarn.list
	sudo apt-get update
	sudo apt-get install -y git-core curl zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev python-software-properties libffi-dev nodejs yarn
	cd
	git clone https://github.com/rbenv/rbenv.git ~/.rbenv
	echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
	echo 'eval "$(rbenv init -)"' >> ~/.bashrc
	exec $SHELL

	#!/usr/bin/python

	import urllib2

	class DisallowPresent(Exception):

	def __init__(self, path) :
	self.disallowed = path

	def __str__(self) :

	#!/usr/bin/python

	# socket network module (methods and APIs)
	import socket
	import sys

	# creating a TCP Socket -> listening to an specific port
	# AF_INET -> address family , SOCK_STREAM -> Kind of socket (required)
	tcpSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

	#!/usr/bin/python

	import socket
	import struct

	# creating a rawSocket for communications
	# PF_SOCKET (packet interface), SOCK_RAW (Raw socket) - htons (protocol) 0x08000 = IP Protocol
	rawSocket = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.htons(0x0800))

	# deciding interface - packet sniffing and then injection

	name: Copy file to target servers
	hosts: all
	tasks:
	- name: Copy file
	copy:
	src: /tmp/test-file.txt
	dest: /etc/foo.conf

	[server]
	Here goes your Droplet IP
	[server:vars]
	ansible_user=root
	ansible_ssh_private_key_file=~/.ssh/id_rsa.pub