[ home / board list / faq / random / create / bans / search / manage / irc ] [ ]

/hax/ - Hacking & Pentesting

100% Tor users

Catalog

See 8chan's new software in development (discuss) (help out)
Please read: important information about failed Infinity Next migration
Name
Email
Subject
Comment *
File *
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Embed
(replaces files and can be used instead)
Options
Password (For file and post deletion.)

Allowed file types:jpg, jpeg, gif, png, webm, mp4, swf, pdf
Max filesize is 8 MB.
Max image dimensions are 10000 x 10000.
You may upload 5 per post.


The Hackers Formerly Known as Anonymous

File: 1437089260474-0.jpg (58.49 KB, 1400x788, 350:197, iphone6.jpg)

File: 1437089260477-1.png (312.29 KB, 2664x1496, 333:187, screenshot.png)

2b874e No.915[Reply]

Im a complete newfag, but i figured it would be cool to use a smartphone (iPhone in my case pls no bully) as a pentesting device. So i did:

> Jailbreak

> Install MTerminal and basic stuff like wget, subversion, git, gcc, awk

> Find guide to install Metasploit on an iPhone

> Try to install the ported dependencies, realize that the only host, ininja.com, has some weird htaccess issue and wget can't download

> All the guides, forums and videos are from around 2012 and the community is either dead or there are just some skiddies like myself left

> Finally download them somehow on desktop, upload them to my own server, wget them again, install dependencies

> git clone Metasploit

> try to run ruby msfupdate

> "Illegal instruction: 4"

> There is exactly one faggot in the internet dealing with the issue, made one shitty video, says this command does the trick:

 sed -i'' ' s-\x00\x30\x93\xe4-\x00\x30\x93\xe5-g;s-­\x00\x30\xd3\xe4-\x00\x30\xd3\xe5-g;'­; /usr/local/bin/ruby 

> run it, all it does is enter a dead and empty console just showing ">", giving new empty lines on any input

> ^C out, back to metasploit, still doesn't work

What do? Just end this misery?

2 posts omitted. Click reply to view.

e49453 No.924

Man this board is slow.

>>919

Alright, i'll report it next time.

> encoded "delete fucking everything" command

I was a bit suspicious as well but it didn't do anything evil so far. Really have no idea what to do now though.


194673 No.951

>>915

check the command

its malformed


f0e1b2 No.989

using an iphone as a "pentesting" device is horrendous shit.

you cant even put your wireless interface into monitoring mode anymore for use with aircrack-ng/reaver/mitm attacks etc

if youre really into this: get a raspberry pi, a usb wireless adapter, and a pretty good external battery with micro usb charger (watch the mA)

put fucking kali on it

- put another wireless usb for use as an AP if you want to ssh into it with your phone while your setup sits in your backpack. very unsuspecting.

or

- get a 4" touchscreen for it

- get some crappy bluetooth mini keyboard

- people in places with public wifi will start asking what the fuck you are doing with this

this complete setup cost me about 80€ and im stealing and "pentesting" shit everytime im on a train


f0e1b2 No.990

>>989

also you will need to know how to properly use udhcpd, hostapd, iptables and basic *nix commands.

so forget doing that with an iphone or ipad. i got both so no bully.


383ab9 No.1045

>>990

>>989

Thank you, good to know that i would've been running into a dead end anyways.

Does it matter which wireless adapter you get? I remember that i once tried to use Backtrack on a Netbook and that the internal wireless adapter didn't work with aircrack-ng etc.

The complete setup

- Raspberry Pi in some sort of case

- 2 usb wireless adapters

- Battery pack

- Phone to SSH into it

sounds a bit unpractical to me after looking at the hardware. Couldn't you just leave a laptop in your bag with disabled standby and SSH into that with an additional wireless usb?

By the way, is there another board on 8chan that deals with this kind of stuff, and i didn't find it yet? It's so incredibly slow around here. Where is everyone?




File: 1443893434217.jpg (60.76 KB, 480x720, 2:3, 12046651_12205299279624573….jpg)

b512f8 No.1033[Reply]

Any neat Android apps that you may recommend?

79edbe No.1034

if you want to go full blown skiddie try

>kali nethunter

>zanti

>HE network tools

>reaver maybeb


ca4494 No.1037

>>1033

Andrognito 2




File: 1428463633815.jpg (7.36 KB, 184x184, 1:1, GotoReaction.jpg)

d76ab3 No.775[Reply]

Shame this page is so empty.
Anyways I am using wireshark to monitor traffic on my wireless router. Its set to promiscuous mode. But for some reason i only get the traffic from my laptop. I have cellphones a WiiU and another computer connected also. How do i see traffic from other devices? Thanks for your expertise.
2 posts and 1 image reply omitted. Click reply to view.

9ac4a0 No.836

>>782

:O I did not know that members of a secured network couldn't sniff each others' traffic - I thought it was a shared key


cc8554 No.921

>>909

Could I ask. I am a complete nub scrub tier pos wintard user. Would I need a proxy/Vpn to use Demochan? Is it safe for normfags to use?

Thank you for your time.


f22fd6 No.932

Try sniffing the routers gateway address


31268b No.941

>>921

Demochan was compromised, there was a thread on /b/ a while back.


8083f4 No.1035

just fucking use cain and able.

its 200% better wallahi




File: 1443713892584.png (467.24 KB, 829x415, 829:415, 1443711066836.png)

40e29e No.1028[Reply]

#SuperExtremeShitPostingTeam hacked Patreon.

Have fun

https://mega.nz/#!IdxGgIhJ!iRRR5F8k5sHRfS1Qq6gPW9TLjxslny-yY5R1a91SYUo

218a8c No.1032

it got removed. provide torrent or another link




File: 1424141494546.gif (867.57 KB, 500x281, 500:281, under attack.gif)

f4dc27 No.717[Reply]

In this topic, we spoonfeed people with infographics and source codes.
23 posts and 7 image replies omitted. Click reply to view.

7111f9 No.886

>>717

Anyone have anything(webpages, articles, material) on SQL injection?


cdce01 No.897

>>886

all yours friend. included with this article is a link to an article that shows you how to do this manually with ANY browser. I do not suggest viewing this website without some layer of protection. http://www.kalitutorials.net/2014/03/hacking-website-with-sqlmap-in-kali.html


df015e No.898

>>897

Oh wow thanks man.

Will check it out when I'm on my main computer.


f5f797 No.1026

Do you guys have any IRC channel where you constantly hang out or something? That would be nice.


f4dc27 No.1027

>>1026

>>1026

I might make one on rizon, hang around and we will see.




File: 1441948425712.jpg (692.62 KB, 1698x1131, 566:377, 1425332433805.jpg)

a967fd No.993[Reply]

hey guys im here with a really noob question but ill give it a shot.

is there any way to run Kali 2.0 in Virtualbox and have access to wireless networks?without getting new usb wifi adapter?

bridged network doesnt work.

i upgraded my kali and downloaded some 06/26/10 network setting but it didnt help shit.

how am i suposed to run kali? live cd? ive seen plenty of people having virtuallab with kali…

again, sorry for retarded question

000000 No.995

>>993

>using kali

Just boot it of a usb/sd, it's faster, easier to destroy and you can use the wifi shit without any problems.


4948d3 No.1015

File: 1442772976996.png (268.58 KB, 343x463, 343:463, curdos_jockson.PNG)

>>995

B…but…I've been having trouble with wifi running kali from Live USB. Fuckin' shit just won't work. I fired it up, it dindu nuffin.


b7ab9e No.1016

>>1015

Kali is shit with its wifi autoconfig, plug it directly into the router.




File: 1441835790086.jpg (54.14 KB, 560x370, 56:37, da life.jpg)

ccc1e4 No.991[Reply]

Hey, I recently found an encrypted .7z file on an old flash drive and have been trying to crack it. I've tried John the ripper, but it doesn't seem to work with .7z files. Does anyone have any recommendations for patches or other software?

907b41 No.1012

>>991

write your own in c, it shouldn't be that hard

7z has its own command line

in your iterator, spawn a thread that tries the pass




File: 1439166095141.png (19.96 KB, 500x500, 1:1, Jaguar__.png)

a695b2 No.929[Reply]

What is the best password list? I'm currently trying to break into a WPA2 wifi network via dictionary attack and my list isn't cutting it.

Suggestions welcome.

3 posts omitted. Click reply to view.

000000 No.936

>>930

>>931

Unfortunately I don't have any neighbors affected by this. Damn router manufacturers.

>>934

Thanks!


4284e1 No.940

File: 1439321987806.png (118.98 KB, 516x432, 43:36, kuyby.png)

Are you using that 13gb wpa/wpa2 list? If you haven't seen it try and get it; you can pick it up almost everywhere these days.

Nice pic btw, fuckin saved.


d6ef9c No.942

>>930

>>931

I've toyed around with the WPS exploit quite a bit, reaver and whatnot, and I still find that it's pretty hard to actually carry out the attack.

I've finally found a router that wouldn't lock the WPS after 3 attempts, but it still can only try one password roughly ever 20s.

I mean it can do more, but the router gets "hot" starts failing to respond to various messages. etc.

I've noticed that bursts can also work, "burst and wait" but even then… the router will eventually stop responding to requests.

At this rate it will take a couple days to perform the WPS crack.

Is there something I'm missing here?


dfc835 No.947

>>942

is this router in the US?

passwords are ten characters. US Phone numbers are ten characters. Find the phone number of the owner, try that.


68d5ff No.948

I use Crackstation's wordlist. 15GB, 1.5 trillion unique words/phrases/strings. I broke the uncompressed file into 100 150MB files.

https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm




File: 1434335842883.png (85.25 KB, 745x584, 745:584, cryptolocker.png)

b755de No.868[Reply]

I want to run and analyze certain malware samples. What's a safe method of sandboxing it so that my host machine isn't affected?

I was thinking about doing a Virtualbox VM within a VMware VM, because I've heard of some malware that's capable of breaking out of virtualized environments. My logic here is that even if a virus is capable of breaking out of one kind of VM it probably doesn't know how to break out of other ones, and it probably isn't assuming that it's being run in a VM within a VM.

Would this be a good idea? Or do you have any better ones?

2 posts omitted. Click reply to view.

b755de No.882

>>879

But the ways in which they "detect" the VM vary greatly. One method I heard about was just checking the number of threads. Since most people don't dedicate much resources to their VMs, one kind of malware would close if there weren't at least 2 threads available. Easy solution is to dedicate at least 2 threads to the VM. Good thing I have an AMD moarcoars CPU.


63498b No.883

File: 1434866959224.gif (766.87 KB, 500x517, 500:517, what - ears.gif)

>>882

Shitty methods. Here are some things I made in c++ a looong time ago to detect vm's, sandboxes, and debuggers.


BOOL CheckAntis()
{
BOOL bRetValue = FALSE;

if(//DetectVMWare() == TRUE ||
DetectAnubis() == TRUE ||
DetectJoeBox() == TRUE ||
IsSandBoxiePresent() == TRUE ||
IsNormanSandboxAnalyzer() == TRUE)
{
bRetValue = TRUE;
}

return bRetValue;
}

BOOL IsDbgProcess()
{
BOOL bDebug = FALSE;

char szFiber[MAX_LINE_LONG_A] = {0};

DeleteFiber(szFiber);

if(GetLastError() != 0x00000057)
{
#ifdef DEBUG
DbgPrintStringA("IsDbgProcess", "Process Is Being Debugged! Detection Method: [DeleteFiber]");
#endif
bDebug = TRUE;
}
else
{
CheckRemoteDebuggerPresent(NtCurrentProcess(), &bDebug);

if(bDebug != FALSE)
{
#ifdef DEBUG
DbgPrintStringA("IsDbgProcess", "Process Is Being Debugged! Detection Method: [CheckRemoteDebuggerPresent]");
#endif
bDebug = TRUE;
}
else
{
if(IsDebuggerPresent() != FALSE)
{
#ifdef DEBUG
DbgPrintStringA("IsDbgProcess", "Process Is Being Debugged! Detection Method: [IsDebuggerPresent]");
#endif
bDebug = TRUE;
}
else
{
contagion.bAllowExecution = TRUE;
}
}
}

return bDebug;
}
BOOL DetectVMWare()
{
BOOL bVMWareIsPresent = TRUE;

__try
{
__asm
{
push edx
push ecx
push ebx

Post too long. Click here to view the full text.

37cbbd No.908

Why does everyone overcomplicate so much?

>Back up HDD

>Wipe HDD a few times

>Install gentoo

>test viruses

>Wipe HDD again

>Restore back up of HDD

(this assumes you will restart securely a few times when doing this)


b755de No.918

>>908

BIOS rootkits mang

I mean it's not a huge deal if you have a dedicated box that you never use for anything other than malware testing but you definitely don't want to use your regular computer for that kind of shit

but even so, just add BIOS reflashing to that list


606da4 No.944

>>918

switch to uefi

also you're right who knows where the fuck your computer manufacturer fucked up




File: 1437636042852.jpg (56.57 KB, 500x413, 500:413, tumblr_nrp2kriXKf1r3rdh2o1….jpg)

0bb2c1 No.922[Reply]

Currently, I'm using an Aegis Padlock DT (FIPS 140-2 Level 2 Validated) hard drive along with Tails OS. Not to mention, even though Tails routes all connections through TOR, I use my neighbors internet connection (they don't know of course). In addition, I use sock5 proxies from VIP72 on-top of TOR. What can I do to protect myself even more or is my current setup safe enough? I've thought about investing in a hardware security module, but they're so god damn expensive.

a7ad32 No.939

>>922

What do you have to defend against bootkits and such currently?


eaf713 No.943

>>922

>>922

"Safe enough"

everyone always wants to know this. Depends on what you're doing man.

If you're downloading kiddie pronz then that seems like secure enough for me.




File: 1435994195021.png (199 KB, 376x302, 188:151, LIVING_ON_THE_EDGE.png)

75f1db No.893[Reply]

As an absolute beginner, where would I start? I've always been interested in this sort of thing.

42379b No.895

read the sticky and find websites that will teach you to do sql injections and use various tools that you would find on kali or blackarch or something. I advise starting with kali in a vm, and use i2p or a vps to provide internet to the vm. Learn to use google dorks through startpage and you will be well on your way to exploiting databases.

ALWAYS HAVE A BACKUP STATE FOR YOUR VM THAT IS CLEAN. YOU WILL ENCOUNTER MOMENTS WHERE A HDD WIPE IS EASY AND THERE IS NO HDD EASIER TO WIPE THAN A VIRTUAL ONE.


42379b No.896

>>895

*where a hdd wipe is neccessary




YouTube embed. Click thumbnail to play.

000000 No.875[Reply]

Hey, /hax/, I was told to come here from /tech/. I made a thread there earlier about getting passwords when I have physical access to one's computer. Here's what I wrote in the OP:

Not asking for l33t hax0ring, but close.

There are people not ex-gf since never had one whose passwords I want to get, and I might get access to their pc/laptop/pad/phone.

How do I do it?

For Firefox, I know I can just go to the settings or whatever and get the passwords, and I think Safari is the same. For Chrome, it asks for admin password, but that doesn't matter since I can just see which sites it has passwords for, go to the log in pages of those, and inspect element of the password and change it to "text".

I made a simple temporary keylogger that can run off a USB and log the inputs in a JPG to be opened later with notepad, just in case they have no saved passwords on their browser (I'll handle pulling this one off, don't worry about the details), but I still don't think it's enough.

For the phone (if Android), I'm thinking about convincing them to install an app that would help locate their phone if lost (called Lost Android), but isn't simply that; it allows the owner to log in to their website and gain control of the phone and has many functions. Is there anything similar for the iPhone?

There's another thing called Mouse Server. It's an app that can remotely control a PC that has its program installed on it and on, but only if they're on the same Wi-Fi network. It has limited uses for what I want, but I'm wondering if there's anything like it that can show the screen from the phone?

Is there a way to see passwords on a phone like inspect element and changing to text?

I'm asking all this because I have a target I'm getting to in a month, and won't be seeing them for perhaps another year or two. My other option would be social engineering, which I've never done before.

Post too long. Click here to view the full text.

e565d4 No.877

>>875

>Is there a way to see passwords on a phone like inspect element and changing to text?

mfw I see this.

anyways, I have never looked at grabbing phone passwords, but my guess is it is not much different than that of the standard sql-lite db's of that on computers.

OP, what platform are you after?


e565d4 No.878


000000 No.880

>>877

I don't know, but I'm guessing it'll be an iPhone.


000000 No.881

>>878

How's this used?


e0566b No.890

>>878

ho fuck, thank you for dropping this.




File: 1433043278515.gif (1.96 MB, 300x169, 300:169, 1432919527958.gif)

46ae6c No.825[Reply]

Sup /hax/. I've been lurking this board infrequently since the first exodus and it seems like it's mostly dead around here, but there appear to be a handful of regular posters, so:

I realize there are a plethora of links on the sticky and many resources out there available to people who want to into pentesting and NetSec, but all of these resources for learning either presuppose a significant amount of general knowledge on computers, software, networks, etc., or they should. Because who wants to be a skiddie, right?

So, I'm thinking of this as the sort of thread for major noobs to get advice on where to start before getting into /-/@xX01^1Ng. To what extent do you need to know how things work before you can start breaking them?

I say individual computers and networks, but I feel like there's a lot more detail to those two things that I'm not aware of and possible other aspects of computing that I'm not aware of and that I need to know.

1b8329 No.827

>>825

Sounds good OP, I would be very interested in this.


d9e3a5 No.828

File: 1433168966013.jpg (101.37 KB, 1280x720, 16:9, number rape.jpg)

>To what extent do you need to know how things work before you can start breaking them?

You should at least understand the basics of what you are doing, before you attack. You don't always need a "microscopic view", but you need enough of an understanding that you can do it without z, y, or z tutorial.

For instance, sql injection is well known. If you find a skid that knows sqli, chances are he won't know why it works, just that it works. A bit more seasoned people can tell you why. A bad example, as sqli is really simple, but you get the idea.


2aa5f7 No.847

>>825

Okay. http://www.cybrary.it/ is a fantastic spot to learn everything. It'll give you a good base, then build knowledge on top of it. Then it'll let you branch out. If you don't know shit start their A+ course, then network+, then security+, or pen testing and ethical hacking. After that you should have a good enough of a base of knowledge to learn most things. You need to know the basics before learning the actual hacking, or you'll just be another skid.


267bda No.853

>>825

Sup, i've been hacking for about 3 years. I consider myself adept to intermediate. I have talked to and worked with hackers who have been doing this for thirteen plus years. Some of the advice i will give n00bs. In the beginning, don't try to do anything illegal, I have seen young kids ruin their lives just to look cool to strangers on the internet. Their curiosity and ego grows to much and they get to close to the sun and burn their ass for life. In the US, a hacking conviction is a felony, with a prison sentence of usually 5 years.You can read up on it here

>http://www.protectivehacks.com/hackinglaws.html

Keep in mind, a felony conviction makes it harder for you to get a job, and if it is a conviction with unauthorized computer access, you can forget any job that has to deal with computers.

Another tip i would have is learn python,perl and c and x86/ASM assembly. Download Linux(not kali, it is a bloated piece of shit) I would recommend Debian. Its fairly easy to use. Learn as much as you can about the system you are planning to attack. Want to brake into a WiFi network? Learn how WPA/PSK and WEP works, learn how encryption works, talk to other hackers on IRCs. Don't be a faggot. Think of this as a martial art, you need to be disciplined, level headed, and smart when doing this stuff and learning this stuff. Try to give back to the community when you can, be it blogs or code.


6068c8 No.888

So let me preface this by saying I'm a huge faggot who is getting his start by being a huge skiddy.

>There's a forum client–IP Board that I need to into for reasons.

>Some quick research says that SQL injection is the fastest way.

>Found the exploit.

>Can't figure out how to get the damn thing going. If it's not a syntax error it's something else. Doesn't help that I'm next to illiterate.

> Here's the raw text.

# Exploit Title: Invision Power Board <= 3.4.7 SQL Injection

# Date: 29.05.2015

# Exploit Author: ZeroDay

# Software Link: http://www.invisionpower.com/

# Version: <= 3.4.7

# Tested on: 3.4.7

# About: For the G-Owl with Love

vuln code

admin/applications/members/modules_public/list/view.php

//—————————————–

// Custom fields?

//—————————————–

if ( count( $this->custom_fields->out_fields ) )

{

foreach( $this->custom_fields->out_fields as $id => $data )

{

if ( !empty($this->request[ 'field_' . $id ]) )

{

$_queryPP = true;

if( is_array($this->request[ 'field_' . $id ]) )

{

foreach( $this->request[ 'field_' . $id ] as $k => $v )

{

$this->request[ 'field_' . $id ][ $k ] = urldecode($v);

$url['field_' . $id] = "field_{$id}[{$k}]=" . $v;

}

Post too long. Click here to view the full text.



File: 1433346670105.jpg (112.67 KB, 1280x720, 16:9, 1419544912539.jpg)

48f5ef No.831[Reply]

HOLA FIREFOX PLUGIN SOURCE.

https://mega.co.nz/#!NtBHjZqA!YWkygjOdPCgFJX4EyyzN2imVCYrXKc5VDKNLoL_wAnE

Unobfuscated. Unprotected. Have fun.

116714 No.884

File: 1434944605273.jpg (74.23 KB, 960x719, 960:719, 11055258_10155302692435117….jpg)

nice one bruv!




File: 1434171644973.png (65.2 KB, 151x199, 151:199, FDGRIAMCE.png)

660e47 No.860[Reply]

Bandit Level 12 → Level 13

Level Goal

The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!)

Commands you may need to solve this level

grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd, mkdir, cp, mv

Helpful Reading Material

Hex dump on Wikipedia

Hey guys, if anyone could help me that would be awesome. I run the data.txt file with the xxd -r command to reverse the hexdump, then run it through the strings -a command so it I read it, but I am stuck and don't know what to do past that point.

step 1. cat data.txt

0000000: 1f8b 0808 34da 6554 0203 6461 7461 322e ….4.eT..data2.

0000010: 6269 6e00 013f 02c0 fd42 5a68 3931 4159 bin..?…BZh91AY

0000020: 2653 5982 c194 8a00 0019 ffff dbfb adfb &SY………….

0000030: bbab b7d7 ffea ffcd fff7 bfbf 1feb eff9 …………….

0000040: faab 9fbf fef2 fefb bebf ffff b001 3b18 …………..;.

0000050: 6400 001e a000 1a00 6468 0d01 a064 d000 d…….dh…d..

0000060: 0d00 0034 00c9 a320 001a 0000 0d06 80d1 …4… ……..

0000070: a340 01b4 98d2 3d13 ca20 6803 40d1 a340 .@….=.. h.@..@

0000080: 1a00 0340 0d0d 0000 000d 0c80 6803 4d01 …@……..h.M.

0000090: a3d4 d034 07a8 0683 4d0c 4034 069e 91ea …4….M.@4….

00000a0: 0f50 1a1a 1ea3 40e9 ea0c 8Post too long. Click here to view the full text.

660e47 No.861

I'm also looking for help, not just the answer. If someone could guide me in the right direction, I am happy to read.


000000 No.864

00000000 54 68 65 20 70 61 73 73 77 6f 72 64 20 69 73 20 |The password is |

00000010 38 5a 6a 79 43 52 69 42 57 46 59 6b 6e 65 61 68 |8ZjyCRiBWFYkneah|

00000020 48 77 78 43 76 33 77 62 32 61 31 4f 52 70 59 4c |HwxCv3wb2a1ORpYL|

00000030 0a |.|

00000031

look man file




[]
[1] [2] [3]
| Catalog
[ home / board list / faq / random / create / bans / search / manage / irc ] [ ]