β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π Brute SSH the remote server:
Brute SSH the remote server
For brute-force attacks (brute-force attacks), we will use the Hydra tool , which is included with the Kali Linux distribution. SSH is present on any Linux or Unix server and is generally the primary use for administrators to access and control their systems.
Warning: Hydra is an attack tool
β Use it only on your own systems and networks unless you have written permission from the owner. Otherwise, it is illegal . "
To implement the attack, use the command:
# hydra -s 22 -l root -P / usr / share / wordlists / fasttrack .txt 192.168.1.1 -t 4 ssh
Now let's analyze it:
- s - The flag indicates the port. It is worth noting that administrators can replace the default port 22 for the ssh service , in order to find out on which port the service is running, it is necessary to perform an initial scan of the target using the Nmap tool . We wrote about how to do this earlier in the article .
- l - the flag indicates the login, in our example we use root and admin. (we can provide a link to the dictionary here)
- P - the flag indicates the password, in our case we use the fasttrack .txt dictionary from the kali distribution , which is located in the / usr / share / wordlists / directory
It is worth noting that in order to effectively carry out a brute-force attack, it is worth paying due attention to the preparation of the dictionary, namely: taking into account geographical and linguistic peculiarities, including the name of the company, the names of its subsidiaries, the names of the services and applications running, the names of employees, etc.
192.168.1.1 - ip address of the target, since the target we are using has a white ip, it is smeared
- t - the flag indicates the number of simultaneously used threads. We indicate 4
ssh - used protocol
Based on the results of the team's work, we see that the passwords from the dictionary did not fit for the admin and root
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π Brute SSH the remote server:
Brute SSH the remote server
For brute-force attacks (brute-force attacks), we will use the Hydra tool , which is included with the Kali Linux distribution. SSH is present on any Linux or Unix server and is generally the primary use for administrators to access and control their systems.
Warning: Hydra is an attack tool
β Use it only on your own systems and networks unless you have written permission from the owner. Otherwise, it is illegal . "
To implement the attack, use the command:
# hydra -s 22 -l root -P / usr / share / wordlists / fasttrack .txt 192.168.1.1 -t 4 ssh
Now let's analyze it:
- s - The flag indicates the port. It is worth noting that administrators can replace the default port 22 for the ssh service , in order to find out on which port the service is running, it is necessary to perform an initial scan of the target using the Nmap tool . We wrote about how to do this earlier in the article .
- l - the flag indicates the login, in our example we use root and admin. (we can provide a link to the dictionary here)
- P - the flag indicates the password, in our case we use the fasttrack .txt dictionary from the kali distribution , which is located in the / usr / share / wordlists / directory
It is worth noting that in order to effectively carry out a brute-force attack, it is worth paying due attention to the preparation of the dictionary, namely: taking into account geographical and linguistic peculiarities, including the name of the company, the names of its subsidiaries, the names of the services and applications running, the names of employees, etc.
192.168.1.1 - ip address of the target, since the target we are using has a white ip, it is smeared
- t - the flag indicates the number of simultaneously used threads. We indicate 4
ssh - used protocol
Based on the results of the team's work, we see that the passwords from the dictionary did not fit for the admin and root
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Wifi Hacking
any linux
R E Q U I R E M E N T S :
- libpcap >= 0.8.1
- libnet >= 1.1.2.1 (>= 1.1.5 for IPv6 support)
- openssl >= 0.9.7
- libpthread
- zlib
- libgeoip
- CMake 2.8
- Curl >= 7.26.0 to build SSLStrip plugin
If you don't want to enable SSLStrip plugin you have to disable it.
(more information about disabling a plugin in the README.GIT file)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Ettercap/ettercap
2) The easiest way to compile ettercap is in the form:
mkdir build
3) cd build
4) cmake ..
(Use ccmake . to change options such as disabling IPv6 support,
5) add
6) plugins support, etc).
7) make install
8) choose options depend on wifi security
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Wifi Hacking
any linux
R E Q U I R E M E N T S :
- libpcap >= 0.8.1
- libnet >= 1.1.2.1 (>= 1.1.5 for IPv6 support)
- openssl >= 0.9.7
- libpthread
- zlib
- libgeoip
- CMake 2.8
- Curl >= 7.26.0 to build SSLStrip plugin
If you don't want to enable SSLStrip plugin you have to disable it.
(more information about disabling a plugin in the README.GIT file)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Ettercap/ettercap
2) The easiest way to compile ettercap is in the form:
mkdir build
3) cd build
4) cmake ..
(Use ccmake . to change options such as disabling IPv6 support,
5) add
6) plugins support, etc).
7) make install
8) choose options depend on wifi security
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Ettercap/ettercap: Ettercap Project
Ettercap Project. Contribute to Ettercap/ettercap development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST SSH WNDOWS APPS(from rating):
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
https://www.vandyke.com/products/securecrt/
https://www.solarwinds.com/free-tools/solar-putty/registration?CMP=BIZ-RVW-ADP-SW_WW_PP_PPD_X_CQ_EN_FTLAN_X-FSPTY-DL_X_X-Q218
https://mremoteng.org/
https://eugeny.github.io/terminus/
https://chrome.google.com/webstore/detail/secure-shell-app/pnhechapfaindjhompbnflcldabbghjo?hl=en
https://www.cygwin.com/
https://winscp.net/eng/index.php
https://code.visualstudio.com/
https://www.termius.com/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST SSH WNDOWS APPS(from rating):
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
https://www.vandyke.com/products/securecrt/
https://www.solarwinds.com/free-tools/solar-putty/registration?CMP=BIZ-RVW-ADP-SW_WW_PP_PPD_X_CQ_EN_FTLAN_X-FSPTY-DL_X_X-Q218
https://mremoteng.org/
https://eugeny.github.io/terminus/
https://chrome.google.com/webstore/detail/secure-shell-app/pnhechapfaindjhompbnflcldabbghjo?hl=en
https://www.cygwin.com/
https://winscp.net/eng/index.php
https://code.visualstudio.com/
https://www.termius.com/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Free Dynamic Analysis :
* [Autoruns](https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns)
* [Process Monitor](https://docs.microsoft.com/en-us/sysinternals/downloads/procmon)
* [Process Explorer](https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer)
* [Process Hacker](https://processhacker.sourceforge.io/)
* [Noriben - Portable, Simple, Malware Analysis Sandbox](https://github.com/Rurik/Noriben)
* [API Monitor](http://www.rohitab.com/apimonitor)
* [INetSim: Internet Services Simulation Suite](http://www.inetsim.org/)
* [FakeNet](https://practicalmalwareanalysis.com/fakenet/)
* [Volatility Framework](https://github.com/volatilityfoundation/volatility)
* [Stardust](https://my.comae.io/login)
* [LiME: Linux Memory Extractor](https://github.com/504ensicsLabs/LiME)
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Free Dynamic Analysis :
* [Autoruns](https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns)
* [Process Monitor](https://docs.microsoft.com/en-us/sysinternals/downloads/procmon)
* [Process Explorer](https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer)
* [Process Hacker](https://processhacker.sourceforge.io/)
* [Noriben - Portable, Simple, Malware Analysis Sandbox](https://github.com/Rurik/Noriben)
* [API Monitor](http://www.rohitab.com/apimonitor)
* [INetSim: Internet Services Simulation Suite](http://www.inetsim.org/)
* [FakeNet](https://practicalmalwareanalysis.com/fakenet/)
* [Volatility Framework](https://github.com/volatilityfoundation/volatility)
* [Stardust](https://my.comae.io/login)
* [LiME: Linux Memory Extractor](https://github.com/504ensicsLabs/LiME)
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Docs
Autoruns - Sysinternals
See what programs are configured to startup automatically when your system boots and you login.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Mac os hacking new tool :
This hack doesn't work on systems with SIP (System Integrity Protection) enabled, and it's enabled by default since El Capitan. It can be easily disabled from Recovery Mode but it's another layer of security which is always good to have so disabling it permanently is not the wisest idea. I'll implement some solution to bypass this restriction when I have time.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
-git clone https://github.com/gebeto/macos-hacks
-cd macos-hacks
-cd <APPLICATION>
-make
-You can use run.sh, it's a wrapper script that sets necessary environment variables to insert the lib and launches Applications (it assumes that installed to /Applications, edit the script if it differs for you).
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Mac os hacking new tool :
This hack doesn't work on systems with SIP (System Integrity Protection) enabled, and it's enabled by default since El Capitan. It can be easily disabled from Recovery Mode but it's another layer of security which is always good to have so disabling it permanently is not the wisest idea. I'll implement some solution to bypass this restriction when I have time.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
-git clone https://github.com/gebeto/macos-hacks
-cd macos-hacks
-cd <APPLICATION>
-make
-You can use run.sh, it's a wrapper script that sets necessary environment variables to insert the lib and launches Applications (it assumes that installed to /Applications, edit the script if it differs for you).
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - gebeto/macos-hacks: MacOS Apps Hacks
MacOS Apps Hacks. Contribute to gebeto/macos-hacks development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How really can you remove any malware from windows:
1) Delete the illegal program started with the system in the registry, then search for all the key values ββin the registry and delete it. A virus program started as a system service will hide in Hkey_Local_Machine/System/ControlSet001/services and controlset002/services, and then be eliminated when found.
γ
2) Stop the problematic service and change it to ban automatically.
γ
3) If the file system32/drivers/etc/hosts has been tampered with, restore it, that is, only one line of valid value "127.0.0.1localhost" is left, and the remaining lines are deleted. Then set the host to read-only.
γγ
4) Restart the computer and press F8 to enter "Safe Mode with Network". The purpose is to prevent the virus program from starting, but also to patch the Windows upgrade and upgrade the anti-virus software.
γγ
5) Search for the executable file of the virus and wipe it out manually.
γγ
6) Patch Windows upgrades and upgrade anti-virus software.
γγ
7) Turn off unnecessary system services, such as remoteegistryservice.
γ
8) After the completion of step 6, use anti-virus software to perform a comprehensive scan on the system to eliminate the fish that missed the net.
γγ
9) After the previous step is completed, restart the computer to complete all operations.
γγ
> This is the end of the virus prevention process. I hope you have mastered it.
As long as the computer system is infected with a virus, there will always be abnormal phenomena in the computer system. When these phenomena are found, it should usually be suspected that the system has been invaded by a virus.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How really can you remove any malware from windows:
1) Delete the illegal program started with the system in the registry, then search for all the key values ββin the registry and delete it. A virus program started as a system service will hide in Hkey_Local_Machine/System/ControlSet001/services and controlset002/services, and then be eliminated when found.
γ
2) Stop the problematic service and change it to ban automatically.
γ
3) If the file system32/drivers/etc/hosts has been tampered with, restore it, that is, only one line of valid value "127.0.0.1localhost" is left, and the remaining lines are deleted. Then set the host to read-only.
γγ
4) Restart the computer and press F8 to enter "Safe Mode with Network". The purpose is to prevent the virus program from starting, but also to patch the Windows upgrade and upgrade the anti-virus software.
γγ
5) Search for the executable file of the virus and wipe it out manually.
γγ
6) Patch Windows upgrades and upgrade anti-virus software.
γγ
7) Turn off unnecessary system services, such as remoteegistryservice.
γ
8) After the completion of step 6, use anti-virus software to perform a comprehensive scan on the system to eliminate the fish that missed the net.
γγ
9) After the previous step is completed, restart the computer to complete all operations.
γγ
> This is the end of the virus prevention process. I hope you have mastered it.
As long as the computer system is infected with a virus, there will always be abnormal phenomena in the computer system. When these phenomena are found, it should usually be suspected that the system has been invaded by a virus.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β