Episode
114: HD
1:18:53
Published: Tue Apr 05 2022
Description
HD Moore (https://twitter.com/hdmoore) invented a hacking tool called Metasploit. He crammed it with tons of exploits and payloads that can be used to hack into computers. What could possibly go wrong? Learn more about what HD does today by visiting rumble.run/. Sponsors Support for this show comes from Quorum Cyber. They exist to defend organisations against cyber security breaches and attacks. That’s it. No noise. No hard sell. If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and specially if you are interested in Microsoft Security - reach out to www.quorumcyber.com. Support for this show comes from Snyk. Snyk is a developer security platform that helps you secure your applications from the start. It automatically scans your code, dependencies, containers, and cloud infrastructure configs — finding and fixing vulnerabilities in real time. And Snyk does it all right from the existing tools and workflows you already use. IDEs, CLI, repos, pipelines, Docker Hub, and more — so your work isn’t interrupted. Create your free account at snyk.co/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Chapters
In 1982, a robot was arrested by the police in Los Angeles for causing a commotion by handing out business cards and talking.
00:00 - 01:06 (01:06)
Summary
In 1982, a robot was arrested by the police in Los Angeles for causing a commotion by handing out business cards and talking. It turned out to be remotely controlled by two teenage boys promoting their father's robot factory business cards.
Episode114: HD
PodcastDarknet Diaries
The military runs exploits to see if their computers are vulnerable, monitoring for security events and helping secure the network better, by using tools that gather information about what computers, services, and applications are running on the network.
01:06 - 09:44 (08:37)
Summary
The military runs exploits to see if their computers are vulnerable, monitoring for security events and helping secure the network better, by using tools that gather information about what computers, services, and applications are running on the network.
Episode114: HD
PodcastDarknet Diaries
The earliest version of Metasploit was menu-based and terminal-based.
09:44 - 17:29 (07:45)
Summary
The earliest version of Metasploit was menu-based and terminal-based. One of its biggest advantages was that it offered the possibility of combining any exploit, encoder, NOP generator, and payload to create a chain to target vulnerabilities.
Episode114: HD
PodcastDarknet Diaries
The story of a hacker who spent his nights working on exploits and shell code while maintaining a professional career in cybersecurity.
17:29 - 25:15 (07:45)
Summary
The story of a hacker who spent his nights working on exploits and shell code while maintaining a professional career in cybersecurity. His work led to the discovery of a critical vulnerability in a Samba service.
Episode114: HD
PodcastDarknet Diaries
The pressure from customers, other security vendors, and professional relationships often leads cybersecurity companies to bury vulnerabilities.
25:15 - 33:10 (07:55)
Summary
The pressure from customers, other security vendors, and professional relationships often leads cybersecurity companies to bury vulnerabilities. This has ethical implications and creates a dilemma for cybersecurity researchers.
Episode114: HD
PodcastDarknet Diaries
A former hacker recounts his experience of finding a bug in Microsoft's server at a conference the company sponsored and how he revealed it to them.
33:11 - 38:03 (04:52)
Summary
A former hacker recounts his experience of finding a bug in Microsoft's server at a conference the company sponsored and how he revealed it to them.
Episode114: HD
PodcastDarknet Diaries
The speaker shares their experience finding and reporting hundreds of security vulnerabilities, and how some vendors were unresponsive to their reports.
38:03 - 41:58 (03:55)
Summary
The speaker shares their experience finding and reporting hundreds of security vulnerabilities, and how some vendors were unresponsive to their reports.
Episode114: HD
PodcastDarknet Diaries
Using a tool like Karma, hackers can create fake access points that can trick wireless clients into joining and giving up sensitive information.
41:58 - 46:54 (04:55)
Summary
Using a tool like Karma, hackers can create fake access points that can trick wireless clients into joining and giving up sensitive information. This method allows for easy exploitation and control over machines.
Episode114: HD
PodcastDarknet Diaries
The prevalence of malware written in C and its advanced communication channels and C2 contact mechanisms are highlighted in this podcast.
46:54 - 54:09 (07:14)
Summary
The prevalence of malware written in C and its advanced communication channels and C2 contact mechanisms are highlighted in this podcast. Also discussed is the use of Metasploit in exploiting a computer and the controversial decision to publish a zero day vulnerability to prompt providers to fix their products.
Episode114: HD
PodcastDarknet Diaries
The creators of Metasploit discuss liability concerns related to the use of their product for criminal behavior and the fine line they have in place to prevent it, comparing it to offering free cookies on the street and not being responsible if a criminal eats one.
54:09 - 1:00:28 (06:19)
Summary
The creators of Metasploit discuss liability concerns related to the use of their product for criminal behavior and the fine line they have in place to prevent it, comparing it to offering free cookies on the street and not being responsible if a criminal eats one.
Episode114: HD
PodcastDarknet Diaries
In this episode, they discuss Rapid7's evolution of their product from a vulnerability scanner to something more risky.
1:00:23 - 1:07:27 (07:04)
Summary
In this episode, they discuss Rapid7's evolution of their product from a vulnerability scanner to something more risky. They share how it went for them and the importance of educating people about vulnerability research and disclosure.
Episode114: HD
PodcastDarknet Diaries
Building up specialized knowledge is needed to begin working on effective exploits for hardware platforms like mobile.
1:07:27 - 1:14:03 (06:35)
Summary
Building up specialized knowledge is needed to begin working on effective exploits for hardware platforms like mobile. Companies should collaborate rather than pretending to be the sole creator of tools to avoid sharing of information that can be used to attack.
Episode114: HD
PodcastDarknet Diaries
Rumble is a tool that helps companies find everything possibly connected to their network environment.
1:14:03 - 1:19:04 (05:01)
Summary
Rumble is a tool that helps companies find everything possibly connected to their network environment. They classify every device, tell what hardware it is running on and identify things like multi-home systems that are bridging different networks.