-
Posts
423 -
Joined
-
Last visited
Everything posted by Undeath
-
Nu.Imi cer scuze daca postul acesta te-a deranjat indirect , fiind un post in plus in aceasta comunitate. M-am prins ca nu ma exprim indeajuns de suparat ca tie sa-ti placa.. Naspa , nu ?
-
A venit din nou timpul s? deschidem înregistr?rile pentru encoderi, de data aceasta pentru toate grupurile. Ce ave?i de f?cut? 1. Înregistra?i-v? pe acest forum; 2. Dup? ce v-a?i înregistrat, loga?i-v? ?i accesa?i pagina principal?; 3. Da?i click pe imaginea aferent? grupului pentru care dori?i s? aplica?i; 4. Completa?i formularul; 5. Submit! Pentru întreb?ri folosi?i aceasta categorie.
-
Fratica , muta butoanele alea de socializare la sfarsitul postului si fa-le mai mici.Totodata , lasa facebook like si facebook share. Imparte posturile in 2 coloane , care sa se evidentieze.
-
Beton. A mai fost folosit.Po'a l-a folosit cineva inainte , bafta !
-
Frate , poate ne extermini pe toti cu modul asta de nehaleala , ce zici ? Imi pare rau ca pana si avatarul meu nu e in stare sa fie halit ..
-
Deci efortul pe care-l faci ar fi total egal cu ban pentru mine daca nu mi se dovedesc cuvintele ? Depinde ce vezi tu interesant si ce vad eu interesant. Hai k' am prins ca nu ne halesti .. Ce sa zic , imi pare rau ca tool'u asta nu e destul de suparat pe viata ca sa fie pe placut tau ... sau nu. Salut !
-
Te-ai lasat moale , aa ?
-
Tu suferi de ceva ? Dece nu ai lasat posturile sa iti vedem parerea de smecher IT ? Tu .. amnezie sau ? //em toate posturile ti-s editate . ce pot sa-ti zic , beton frate
-
Shakalule te astept la un chat p' rstchat pe la 2 dimineata , ca de obicei ! Nu uita .. "Smilies are On"
-
Prietenas pe tine te asteptam ! Zambeste ca esti ok ! Welcome
-
Auzi .. Ai avea ceva împotriva sa-mi sugi pula ?
-
E un stealer pe acolo ba babuinilor.Probabil ceva FUD.Ce idei aveti "actiuni ilegale"
-
Transforming your Android Phone into a Network Pentesting Device
Undeath replied to Undeath's topic in Tutoriale in engleza
Te referi la o tableta cu sistem de operare Android ? @daca da , nu. Orice aparat care are ca sistem de operare Android 2.3 (sau versiunea mai noua) poate face asta (atata timp cat este valabil wifi-ul) -
Lester: Hey Nash, are you scanning our school’s network with just your smartphone? Nash: Well, yes I am! I’m using a network penetration suite just to check out if the students are aware and practicing what they learned from my network security class, and because I just told them about password sniffing… Lester: Ah, I see…you just want to test if they are prepared and secured…hehe nice one! Have you ever wanted to turn your android phone into a penetration testing tool or a handy dandy network analysis device? You tried booting it up with a Linux distro and installed some network penetration testing and networking applications, but you discovered that it consumes a lot of your phone’s RAM or it hangs up your phone. No need to worry about that, because dSploit has been unleashed (although it is still in its beta stage) by Simone Margaritelli a.k.a evilsocket, which is also sponsored by the BackBox Linux as one of its projects just like Weevely, Fang and NetCommander. dSploit is an Android network penetration suite or an all-in-one network analysis application that is free to download for you to try out. The said application allows a user or a tester to perform network security assessments and penetration tests by just clicking on the available modules and options that are pre-compiled in the app. It is designed to be fast, handy, and easy to use (more of a point and click app). How to Install dSploit in Your Android Device What you need first is to secure or get an Android device that has at least the 2.3 ( Gingerbread ) version of the Operating System, and then root it. If you haven’t rooted your Android device yet, then the article entitled ‘The Always Up-To-Date Guide to Rooting the Most Popular Android Phones‘ from Lifehacker.com could maybe help you solve your problem. After rooting your device, install the Busybox app on your phone. Make sure that you install all of its utilities or do a full install! Then download the apk file by scanning the “QR Code” to easily download the file onto your Android device. In my case, I used the QR Droid app to scan the “QR Code” from the URL. After scanning the code, it should prompt you to open a URL that automatically downloads the apk file. After the device has finished downloading the apk file, you should be able to open it and install dSploit. Take note that before you open up the dSploit app, make sure that you are currently connected to a network through a wireless connection or WiFi so that you could already start your network security assessments and your dSploit exploration. I know you are very excited, so let’s move on with the basics of dSploit and how to work with it based on what I did while scanning my network, with no harm done to the network of course. dSploit Description and Basics Before we talk about digging into dSploit’s usage, let’s take a look at the available modules for the said application as introduced and explained by evilsocket of Backbox Linux in the xda-developers forum site: RouterPWN = Launch the Routerpwn 1.11.154 service to pwn your router. Trace = Perform a traceroute on target. Port Scanner = A syn port scanner to find quickly open ports on a single target. Inspector = Performs target operating system and services deep detection, slower than syn port scanner but more accurate. Vulnerability Finder = Search for known vulnerabilities for target running services upon National Vulnerability Database. Login Cracker = A very fast network logon cracker which supports many different services. Packet Forger = Craft and send a custom TCP or UDP packet to the target. MITM = A set of man-in-the-middle tools to command & conquer the whole network. (See the images below for the complete MITM tools with their description) Once dSploit is opened or started, it automatically maps the network you are currently connected to and fingerprints the active or alive hosts in your network, including your device, just like the image below. As you can see from the image above, the application recognizes your network subnet mask, your network gateway or the router, your Android device (my Samsung Galaxy Pocket GT-S5300) on 192.168.10.6, the active devices that are connected to the network, and the mac addressees of the devices. By selecting your network subnet mask or a certain device and host that is connected to the network (e.g the IP address 192.168.10.7 which is my laptop), you can easily perform man-in-the-middle attacks such as network sniffing (http, ftp, imaps, irc, msn, telnet logins, mysql, ssh, etc.), session hijacking, kill connections, redirect all the http traffics to a certain web address, replace all images and YouTube videos on web pages with a specified one, inject a JavaScript in every visited web page, and replace custom text on web pages with a specified one by using the MITM module. Here is a screenshot I took after selecting the IP address 192.168.10.7 as my target and selected the MITM module specifically the Password Sniffer option while logging in to a website that I was registered to and while establishing a telnet connection to a free OpenVMS cluster in deathrow.vistech.net. By default the sniffer logs are stored in the /sdcard/dsploit-password-sniff.log but you can also change its log file name under the Password Sniffer File option of the dSploit Settings. Thus, you keep the logs for future references. Aside from the MITM module, if you have selected a certain device as your target (e.g 192.168.10.7 which is running Ubuntu Linux) you can also perform a syn port scan by using the Port Scanner module, but I prefer using the Inspector module which does a deep scan on your operating system and identifies the services that are up and running. It also recognizes the operating system or kernel and is more accurate but slower than the syn port scan. There are still a lot of improvements to be done for the scanning option of the Inspector module, but at least it has detected that my LAMP (Linux Apache MySQL, PHP / Perl / Python) server is running. Then you can use the Vulnerability Finder module to check for the known vulnerabilities that the target is running as scanned by the Inspector module. It uses the National Vulnerability Database as its reference. Take note that you cannot select the Vulnerability Finder module without using the Inspector module first. Selecting the Kill Connections option under the MITM module could really prevent a certain target from reaching any website, which reminds me of a similar app called Wifi Kill, but the target still remains connected to the network. This can be used for trolling other users if they are watching pr0n (LOL). By selecting your router or network gateway as your target you can use all the modules including the exceptional RouterPWN module, which launches a web application that helps you in the exploitation of known vulnerabilities for SOHO (Small Office / Home Office) routers like the exploits; Huawei HG5XX Mac2wepkey Default Wireless Key Generator, EasyBox Standard WPA2 Key Generator, Backdoor password in Accton-based switches (3com, Dell, SMC, Foundry and EdgeCore), D-Link WBR-1310 Authentication Bypass set new password, D-Link DIR-615, DIR-320, DIR-300 Authentication Bypass, D-Link DAP-1160 Authentication Bypass, 704P denial of service, DSL-G624T DSL-G604T directory traversal, DWL-7x00AP configuration disclosure, G604T DSL Routers “firmwarecfg” Authentication Bypass, HG520c HG530 Listadeparametros.html information disclosure, HG510 rebootinfo.cgi denial of service, Arris Password of The Day Generator, OfficeConnect 3CRWE454G72 configuration disclosure, and many more to mention. For each of the exploits in the RouterPwn web application, you can change the destination IP by clicking on the [iP] link next to the exploit. Although there are still exploits for Huawei that are not included, which I hope to be included next time, like the Huawei bm622 Local file disclosure under the 192.168.1.1/html/management/account.asp address and the default usernames and passwords for some Huawei devices in telnet and for its web application. The RouterPWN module is only available for use if the target is detected as your network gateway or router just like the targets below. Aside from scanning and probing your network, you can also add a custom or a foreign target by selecting the ‘+’ sign. Then you can just type and enter the URL, hostname, or IP address just like the image below. In my case, I chose my favorite search engine website which is Google. Based on the target that I have just chosen, I can use the modules: Trace, Port Scanner, Inspector, Vulnerability Finder, Login Cracker, and the Packet Forger. And so here are some screenshots I took in the selection of the modules Trace, Port Scanner, Inspector, and Vulnerability Finder. What’s good about dSploit is that it checks for updates everytime the application is started and prompts you to download the new version. You can actually disable the update under the Settings page, where in you can also the edit and change the Module options like Sniffer Sample Time, HTTP Max Buffer Size, and the Password Sniffer File, but I prefer updating it if there is a new version available. Anti and DroidSheep Guard In this section we will talk about two other network related apps which could be of interest to you, so that we could really unleash your phone with network exploration tools. There is an application similar to dSploit called Anti which is an Android Network Toolkit from ZImperium LTD. Sad to say that the free version has only tools for OS Detection, Traceroute, Port Connect, WIFI Monitor, and HTTP server, but the premium version has tools for man-in-the-middle attacks, remote exploitation, etc. In terms of application, dSploit wins because it is free. Hurrah! But the good thing about Anti is that it determines vulnerabilities and the app can run exploits from Metasploit and ExploitDB for final pawnage. Because we are talking about MITM attacks like network sniffing, session hijacking, etc., most of you may now be so worried about such attacks that you are already afraid to login to your network. No need to worry again, because DroidSheep Guard will protect and alert you from such attacks and is also an anti-Droidsheep app. DroidSheep Guard is developed by the creator of DroidSheep, which is an Android app used for session hijacking. FYI, the DroidSheep (not DroidSheep Guard) development has been stopped because in Germany (where the author lived) has some very strict laws against hacking tools, and the development and distribution of such tools is prohibited by the law in their country, but you can still find it in other websites. For more information about DroidSheep Guard, visit its official usage guide. And so guys, I leave the rest to all of you in exploring these tools. Have fun as always, but don’t abuse these tools…. Resources: DroidSheep | Simple OpenSource Session hijacking on Android devices https://github.com/evilsocket/dsploit dSploit, Android network penetration suite | BackBox Linux [APP][2.3+] dSploit v1.0.31b - An Android network penetration suite - xda-developers Source : www.resources.infosecinstitute.com/
-
https://rstforums.com/forum/60871-bug-bounty-programs.rst
-
Daca omul vrea sa-si deschisa un videochat din care chiar ies bani , el mentionand ca are toata aparatura necesara dar nu i-o dat cheie la proiect , tu ce ai avea impotriva ? Ce , esti asa de inteligent incat sa-i zici sa se duca la munca , ci nu sa-si frece pula ? De unde pula mea nu stii tu ca omul are un job stabil si are 2 ML-uri si un x5 ? Va faceti niste idei despre anumiti oameni fara sa-i cunoasteti.E ca si cum ti-as zice eu tie "dute ba la munca nu fute menta pe RST".Va manca-n pula pe voi sa intrati in discutie , chiar daca nu aveti habar pe ce lume traiti. Aiurea. sTrEs ai PM.
-
// primesc eroarea pe Chromium /// testat cu Arora si totul e ok debian
-
Inainte de a studia o retea wireless cu echipamentele specifice , informeaza-te despre tipul antenelor folosite pentru captarea si emiterea semnalului wireless -- pentru rezultate surprinzatoare. WiFi Antennas | Selecting a WiFi antenna I.Links https://sites.google.com/site/weefiproject/antennas-howto-1 http://www.zero13wireless.net/foro/index.php http://www.exe64.com/mirror/wokfi/ http://www.diywireless.net/ http://www.tweaktown.com/articles/1575/using_an_old_router_as_a_diy_wireless_access_point/index.html http://en.wikipedia.org/wiki/Wireless_network https://rstforums.com/forum/61587-noi-lucruri-despre-re-elele-wireless.rst II.Tools for wireless monitoring III.Wireless hacking - un site foarte complex http://www.wi-foo.com/index-3.html - cracking of wireless networks http://en.wikipedia.org/wiki/Cracking_of_wireless_networks http://www.ethicalhacker.net/content/view/16/24/ http://www.insecure.in/wireless_hacking.asp http://www.aeonity.com/david/how-hack-wireless-internet-connections
-
- 1
-
- pentru cei neprinsi
-
Tot respectul omule , dar ultimul catch e din 2012-03-03 - - sunt putrezite mai toate. O seara faina !
-
Un sentiment de mandrie pe voi al dreq'u , nu v-ati plictisit sa deschideti gura ? Lipseste cineva ! Have a nice day
-
So hell yeah ; Am nevoie de o persoana care stie sa foloseasca Audacity si o persoana open mind + - sa aiba idei de promovare si chef de viata. Intentionez sa deschid un website din care sa scoatem profit. Audacity is a free digital audio editor and recording application, available for Windows, Mac OS X, Linux and other operating systems Imi rezerv dreptul de a raspunde prin PM doar anumitor persoane.Nu vreau users cu 20 posturi. Chestie serioasa !