Sneaky Password Exfiltration w/ CanaryTokens & the Nugget!


On this episode of HakByte, @Alex Lynd demonstrates how to modify a password grabbing payload to include remote exfiltration over WiFi, using a free tool called CanaryTokens! Support the show and buy a Nugget: https://hakcat.com -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ USB Nugget Docs: https://usbnugget.com USB Nugget Payloads: https://ift.tt/AxlvHj1 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Alex's Twitter: https://twitter.com/AlexLynd Alex's Website: http://alexlynd.com Alex's GitHub: https://ift.tt/US879JB -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Chapters: 00:00 Intro 00:18 Sponsor Ad 00:34 What is Data Exfiltration? 01:02 Remote Exfil Techniques 01:37 POC Setup 02:05 What You'll Need 02:12 CanaryTokens Setup 03:20 Web Bug Demo 03:39 What are User Agent Strings? 04:47 Using Curl to Modify the User Agent 05:48 Password Stealer Recap 06:10 Pass Data to CanaryTokens 08:17 Modifying the Exfil Payload 08:48 Upload to the USB Nugget 09:13 ATTACK Demo 09:43 Exfiltration Results 10:17 Outro & Implications 10:56 Support the Show! Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005. -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop → https://ift.tt/cHMRYpk Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://ift.tt/zQpFKLv Contact Us → http://www.twitter.com/hak5 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

Hello and welcome to the temple of cybersecurity. Now you are watching Sneaky Password Exfiltration w/ CanaryTokens & the Nugget! published at August 27, 2022 at 03:05AM.
For more hacking info and free hacking tutorials visit: https://ift.tt/ty5mEY2
follow us on:

Youtube: https://www.youtube.com/channel/UCiu1SUqoBRbnClQ5Zh9-0hQ/
Whatsapp: https://ift.tt/8i0Cqpc
Reddit: https://ift.tt/Cgo6A2r
Telegram: https://ift.tt/Y6wVxTy
NFT store: https://mintable.app/u/cha0smagick
Twitter: https://twitter.com/freakbizarro
Facebook: https://web.facebook.com/sectempleblogspotcom/
Discord: https://discord.gg/wKuknQA



Ignore tags:
#hacking,#infosec,#tutorial,#bugbounty,#threat,#hunting,#pentest,#hacked,#ethical,#hacker,#cyber,#learn,#security,#computer,#pc,#news

Comments