Skip to main content

Posts

Showing posts from 2016

RESOLVED. Fatal error: Call to a member function do_all_hook() on a non-object in /home/public_html/wp-includes/plugin.php on line 837

The latest version of WordPress is v4.7. It is always recommended to upgrade to the latest released to minimize vulnerabilities (exposure) and improve use of content management service. Always backup before you upgrade, copy your WordPress files and download the database. This will give us way to roll-back just in case we run into "unknown" issue. It is not always perfect when you upgrade. During my upgrade to v4.7 to one of my customer website. I've got this error. Fatal error: Call to a member function do_all_hook() on a non-object in /home/public_html/wp-includes/plugin.php on line 837 A quick fix is to re-upload the plugin.php file from my old backup to the /wp-includes folder. This works! But I want to use the latest plugin.php file not the old copy. Searching the internet trying to find out if anyone has encounter the same error when upgrading to the latest version of wordpress. No surprise! It is already been discussed, issue and alternative solutions to fix it. I …

A new phishing attack targeting Office 365 business email users

A new phishing attack targeting Office 365 business email users was found using Punycode to go undetected by both Microsoft’s default security and desktop email filters, Avanan security researchers warn. The attack is meant to steal Office 365 credentials and abuses a vulnerability in how Office 365 anti-phishing and URL reputation security layers deal with Punycode. The attack starts with fake FedEX email that include benign looking URLs meant to take users to malicious website. See image below. By using Punycode and leveraging said flaw in the phish-detection engine, the URL actually resolves to two different domains, one safe, which is detected by Office 365, and the other malicious, which is followed by the browser. The underlining issue is that Office 365’s default security treats the domain as plain ASCII when verifying whether it is legitimate or not. Because all modern browsers support Unicode character, the address is translated to its Unicode format when launched in the bro…

CTF – Hacking Mr. Robot

Another learning experience to improve my penetration testing skills by hacking Mr. Robot virtual machine as my target machine. My private network for this penetration testing exercise. Kali Linux, my tool to exploit the target machine. IP Address 192.168.159.131Mr.Robot, my target machine. IP Address: UnknownLet's begin. My objective is to find the three hidden keys. Sponsored by Termed.com Life Insurance. I have no knowledge of my target machine (Mr. Robot) IP Address, so let me begin running nmap tool. Of course, you can also use other network discovery tool to scan your network. I prefer nmap tool, it is available to my pentest machine. root@kali:~# nmap -T4 192.168.159.0/24 Starting Nmap 7.31 ( https://nmap.org ) at 2016-11-30 10:41 EST
Nmap scan report for 192.168.159.131
Host is up (0.00037s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE
22/tcp closed ssh
80/tcp open http
443/tcp open https
MAC Address: 00:0C:29:F8:73:37 (VMware) Nmap scan report for 192.168.159.254
Host…

Gooligan malware breached 1Million Android smart phone users

FYI Android users, you have to read this article courtesy by HelpNetSecurity.com if you're an Android smart phone user. I actually read it first from CNN website and again today. Check Point security researchers have revealed a new variant of Android malware, breaching the security of more than one million Google accounts. Key findingsThe campaign infects 13,000 devices each day and is the first to root over a million devices.Hundreds of email addresses are associated with enterprise accounts worldwide.Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74% of Android devices in use today.After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim.Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began. Check Point reached out to the Google security team immediately with infor…

CTF – Hacking Necromancer

Capture The Flag - Necromancer. Practicing my penetration testing skills to hack a target machine.  Here's my test environment in my own private virtual network. I setup my Kali Linux in host virtual network and my target machine (Necromancer) which I downloaded a OVA image from VulnHub website. When I started my Kali Linux virtual machine, I have an assigned IP Address 192.168.231.129. This most likely a different IP address when you setup your own private network. And my target machine Necromancer IP address is 192.168.231.128. I saw this when I started the Necromancer virtual machine. This save me some time to scan all /24 within my network. Anyway, if you still want to scan your network you can use "netdiscover" tool. If you're not sure what options to use simply run "netdiscover --help". Okay, got it? Now run # netdiscover -r 192.168.231.0/24 [Enter] to scan your private network. Here's the result of my network. I run "ifconfig" in my Kal…

Weebly Breach Affects Over 43 Million Users

Hackers have managed to steal information associated with more than 43 million accounts belonging to customers of Weebly, a San Francisco-based web hosting service that provides a drag-and-drop website builder. According to LeakedSource, the attackers stole 43,430,316 accounts after breaching the company’s systems in February. The compromised information includes usernames, email addresses, IPs and password hashes. Weebly has been in touch with LeakedSource and confirmed that the exposed information is genuine. The company has notified affected users and reset their passwords. On its website, Weebly claims to have more than 40 million users, which indicates that the breach has affected a large majority, if not all, of its customers. Sponsored by: LibertyTrust.com Weebly is still trying to determine the cause of the breach, but the company says it has already started improving network security. In addition to resetting passwords, it has introduced a new feature that allows users to moni…

New gTLDs Domain Extensions

Interesting article to read posted at TechCrunch regarding the new gTLDs availability to register a domain name using different extensions 1000+ of them from .GURU .NINJA .anything you can think. In my humble opinion. I think the new gTLDs are good for personal blog and website. But I will not recommend this for a business use as your primary site for online e-commerce. Why will you build your online business using anything.extensions to give free advertising to the owner of .com domain? Where you work hard to establish your online brand, spending time and money to spread the words to all the people you knew about your business. Related: New TLDs domain names has no impact to our business. People knows .com is a trusted website to conduct business, plain and simple to do business online. This is also the reason I rebrand from KING.NET to QUE.COM, yes it's not an easy task and not cheap too. This is why I always recommend to my clients, do it right the first time get your business a…

Mangrove Paddle Boat Tour in Puerto Princesa

If you are in Puerto Princesa, you've got to visit Mangrove Paddle Boat Tour. Mangroves are very important in supporting the rich marine life in the region where smaller fishes feed and reproduce. The Mangrove Paddle Boat tour offers an educational tour by boat through Sabang's Mangrove forests. PuertoPrincesa.com – Mangrove Paddle Boat Tour. Photograph by EM@QUE.COM PuertoPrincesa.com – Mangrove Paddle Boat Tour. Photograph by EM@QUE.COM PuertoPrincesa.com – Mangrove Paddle Boat Tour. Photograph by EM@QUE.COM PuertoPrincesa.com – Mangrove Paddle Boat Tour. Photograph by EM@QUE.COM Our friendly boat guide Ms. Chi PuertoPrincesa.com – Mangrove Paddle Boat Tour. Photograph by EM@QUE.COM And our hard working boat man "Ronchi".

Learning Vulnerability Scanning by KING.NET

Learning Vulnerability Scanning is fun and easy. So I hope you enjoy reading this short how to guide on how to use vulnerability scanning to secure your servers and networks. NMAP is the swiss tool that you need to learn if you're serious in Cyber Security profession. The NMAP tool can be use with NSE scripting (Nmap Scripting Engine) to automate your tasks. For example using NSE Script using a single vulnerability (cold fusion) to scan our test lab machine. root@kali:~# nmap -v -p 80 --script http-vuln-cve2010-2861 10.11.1.220 Starting Nmap 6.47 ( http://nmap.org ) at 2016-07-22 17:34 EDT
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 17:34
Scanning 10.11.1.220 [1 port]
Completed ARP Ping Scan at 17:34, 0.04s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 17:34
Completed Parallel DNS resolution of 1 host. at 17:35, 13.01s elapsed
Initiating SYN Stealth Scan at 17:35
Scanning 10.11.1.220 [1 port]
Completed SYN Stealth Sca…