[ METASPLOIT ] : Packet Sniffing with Meterpreter ...
Packet Sniffing with Meterpreter ...
http://pentest101.blip.tv
http://pentest101.blip.tv
[ METASPLOIT ] : searcH emaiL collectoR
searcH emaiL collectoR ... by mr-gefara (my friend)
http://p3ntest.blip.tv/
http://blip.tv/file/3171290
http://p3ntest.blip.tv/
http://blip.tv/file/3171290
svn co http://www.metasploit.com/svn/framework3/trunk/modules/auxiliary/gather
cp -r gather /pentest/exploits/modules/auxiliary
go to msfconsole
search gather
use gather/search_email_collector
show options
set domain yoursite.com
run
[ PYTHON ] : local buFF fuzz tools
local buFF fuzzeR tools (python) ...
hi ,every one ...
To speed up your work
[+] fuzz1.py
[+] md5 maker :
[*] finish ...
have fun ...
hi ,every one ...
To speed up your work
[+] fuzz1.py
#!/usr/bin/python
# coded by data$hack 2010
# usage : python fuzz1.py
import os
import sys
os.system("cls")
d = raw_input("badchar [exemple (A)] : ")
g = d
g += " * ? [exemple (15000)] : "
b = input(g)
s = raw_input("file extension [exemple (m3u)] : ")
a = '\x41' * b;
k = "EvilFile."
k += s
try:
fileHandle = open(k,'w')
fileHandle.write ( a )
fileHandle.close()
except:
print "error check something ..."
sys.exit("")
print "\nfile created succ ..."
[+] md5 maker :
import hashlibftp fuzzer by pentest101 [very soon]
import os
import string
os.system("cls")
d = input("give me a number : ")
k = 0
j = 0
while (k < d):
k = k + 32
j = j + 1
i = 0
cat = ""
while (i < j): i += 1 m = hashlib.md5() # don't forget to "import hashlib" m.update(str(i)) md5 = m.hexdigest() cat += md5 n = len(cat) while (n > d+1):
n = len(cat)
kl = cat[n-1]
cat = cat.rstrip(kl)
fileHandle = open ('md5.md5','w')
fileHandle.write ( cat )
fileHandle.close()
[*] finish ...
have fun ...
[ METASPLOIT ] : Add soundrecorder meterpreteR script to metasploit3 ...
Add soundrecorder meterpreteR script to metasploit3 ...
hi every one ...
[+] open terminal :
hi every one ...
[+] open terminal :
su
http://www.darkoperator.com/meterpreter/soundrecorder.zip
unzip soundrecorder.zip
cp soundrecorder/soundrecorder.rb /opt/metasploit3/msf3/scripts/meterpreter [your meta location]
cp soundrecorder/linco.exe /opt/metasploit3/msf3/data
cp soundrecorder/oggenc.exe /opt/metasploit3/msf3/data
meterpreter soundrecorder by pentest101 [here] ...
[*] finish ...
[ VIDEOS ] : (2009)بعض شروحاتي
(2009)بعض شروحاتي
hi every one ...
:========1===========
اقوى الشروحات :شرح ال metasploit من بداية الاستغلال الى meterpreter commands
========2===========
شرح فيديو internet exp 7 memory corruption exploit [fast-track
الشرح اليوم من الشروحات المتقدمة وهو شرح لثغرة internet exp 7 memory corruption exploit
الشرح اليوم من الشروحات المتقدمة وهو شرح لثغرة internet exp 7 memory corruption exploit
الادوات : fast-track and netcat
هذه الثغرة موجودة بالميتا fast-track . ولاكن للاسراع قليلا تم الشرح بال
=======3===========
simple remote buffer over... exploitation
thx to corelan for the .c code
ستجدون الكود و الاستغلال مع الشرح
ان شاء الله يكون بداية لكم في ال : remote buffer overflow
ان شاء الله يكون بداية لكم في ال : remote buffer overflow
=======4===========
نظرا للاستفسارات الكثيرة حول ال mitm او man in the midle .
حبيت اسوي شرح بسيط جدا ولاكن مهم جدا ببرنامج cain برنامج معروف عالميا .
و هذا الشرح يظهر كيفية سرقة الباسوردات من الشبكة ،مثلا تكون شابك من مقهى انترنات يكون هناك العديد من الضحاية ,تكون انت في الوسط تقوم بعملك .
الشرح لغرض تعليمي فقط .
نظرا للاستفسارات الكثيرة حول ال mitm او man in the midle .
حبيت اسوي شرح بسيط جدا ولاكن مهم جدا ببرنامج cain برنامج معروف عالميا .
و هذا الشرح يظهر كيفية سرقة الباسوردات من الشبكة ،مثلا تكون شابك من مقهى انترنات يكون هناك العديد من الضحاية ,تكون انت في الوسط تقوم بعملك .
الشرح لغرض تعليمي فقط .
========fin=========
[ METASPLOIT ] : encode backdoor and sniffing
hi every one
make and encryption backdoor (with metasploit and sniff email username/password)
make and encryption backdoor (with metasploit and sniff email username/password)
arabic:
صنع و تشفير backdoor
and sniff email
صنع و تشفير backdoor
and sniff email
have fun (*_*)
[ LINUX ] : install hamster in ubuntu (sidejacking attack)
install hamster in ubuntu (sidejacking attack) :
[*] open terminal
sudo su
apt-get install libpcap-dev
-----if you don't have a [pentest folder make one]
cd /
mkdir pentest
cd /pentest
wget http://hamster.erratasec.com/downloads/hamster-2.0.0.zip
unzip hamster-2.0.0.zip
mv hamster hamster2
cd hamster2/build/gcc4
make
cd /pentest/ferret/build/gcc4
make
cd /pentest
mkdir hamster
cp /pentest/ferret/bin/ferret /pentest/hamster
cp /pentest/hamster2/bin/favicon.ico /pentest/hamster
cp /pentest/hamster2/bin/hamster /pentest/hamster
cp /pentest/hamster2/bin/hamster.css /pentest/hamster
cp /pentest/hamster2/bin/hamster.js /pentest/hamster
cd /pentest
rm -rf ferret
rm -rf hamster2
rm -f hamster-2.0.0.zip
scrpit to install hamster [very soon] by pentest101
HTTP Session hijacking [here] by pentest101
[*] finish
[ Penetration Testing ]
A penetration test is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution. The intent of a penetration test is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full security audit.
Subscribe to:
Posts (Atom)
