Jump to content

SmX

Members
  • Content Count

    11
  • Joined

  • Last visited

  • Days Won

    6

SmX last won the day on July 7

SmX had the most liked content!

Community Reputation

17 Good

3 Followers

Recent Profile Visitors

537 profile views
  1. Vou tentar fazer um tutorial gente, tava MT tempo sem entrar no forum
  2. Eu não sei postar aqui, sorry mesmo A página ficou assim Resultado foram uns 20 facebook coloquei alguns ai nos print
  3. Scan exploit cve-2017-010 Eternalblue-doublepulsar Ta ai um scanner pra verificar se o sistema alvo esta vulnerável a falha ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## # auxiliary/scanner/smb/smb_ms_17_010 require 'msf/core' class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::SMB::Client include Msf::Exploit::Remote::SMB::Client::Authenticated include Msf::Auxiliary::Scanner include Msf::Auxiliary::Report def initialize(info = {}) super(update_info(info, 'Name' => 'MS17-010 SMB RCE Detection', 'Description' => %q{ Uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. This module does not require valid SMB credentials in default server configurations. It can log on as the user "\\" and connect to IPC$. }, 'Author' => [ 'Sean Dillon <[email protected]>' ], 'References' => [ [ 'CVE', '2017-0143'], [ 'CVE', '2017-0144'], [ 'CVE', '2017-0145'], [ 'CVE', '2017-0146'], [ 'CVE', '2017-0147'], [ 'CVE', '2017-0148'], [ 'MSB', 'MS17-010'], [ 'URL', 'https://technet.microsoft.com/en-us/library/security/ms17-010.aspx'] ], 'License' => MSF_LICENSE )) end def run_host(ip) begin status = do_smb_probe(ip) if status == "STATUS_INSUFF_SERVER_RESOURCES" print_warning("Host is likely VULNERABLE to MS17-010!") report_vuln( host: ip, name: self.name, refs: self.references, info: 'STATUS_INSUFF_SERVER_RESOURCES for FID 0 against IPC$' ) elsif status == "STATUS_ACCESS_DENIED" or status == "STATUS_INVALID_HANDLE" # STATUS_ACCESS_DENIED (Windows 10) and STATUS_INVALID_HANDLE (others) print_good("Host does NOT appear vulnerable.") else print_bad("Unable to properly detect if host is vulnerable.") end rescue ::Interrupt print_status("Exiting on interrupt.") raise $! rescue ::Rex::Proto::SMB::Exceptions::LoginError print_error("An SMB Login Error occurred while connecting to the IPC$ tree.") rescue ::Exception => e vprint_error("#{e.class}: #{e.message}") ensure disconnect end end def do_smb_probe(ip) connect # logon as user \ simple.login(datastore['SMBName'], datastore['SMBUser'], datastore['SMBPass'], datastore['SMBDomain']) # connect to IPC$ ipc_share = "\\\\#{ip}\\IPC$" simple.connect(ipc_share) tree_id = simple.shares[ipc_share] print_status("Connected to #{ipc_share} with TID = #{tree_id}") # request transaction with fid = 0 pkt = make_smb_trans_ms17_010(tree_id) sock.put(pkt) bytes = sock.get_once # convert packet to response struct pkt = Rex::Proto::SMB::Constants::SMB_TRANS_RES_HDR_PKT.make_struct pkt.from_s(bytes[4..-1]) # convert error code to string code = pkt['SMB'].v['ErrorClass'] smberr = Rex::Proto::SMB::Exceptions::ErrorCode.new status = smberr.get_error(code) print_status("Received #{status} with FID = 0") status end def make_smb_trans_ms17_010(tree_id) # make a raw transaction packet pkt = Rex::Proto::SMB::Constants::SMB_TRANS_PKT.make_struct simple.client.smb_defaults(pkt['Payload']['SMB']) # opcode 0x23 = PeekNamedPipe, fid = 0 setup = "\x23\x00\x00\x00" setup_count = 2 # 2 words trans = "\\PIPE\\\x00" # calculate offsets to the SetupData payload base_offset = pkt.to_s.length + (setup.length) - 4 param_offset = base_offset + trans.length data_offset = param_offset # + 0 # packet baselines pkt['Payload']['SMB'].v['Command'] = Rex::Proto::SMB::Constants::SMB_COM_TRANSACTION pkt['Payload']['SMB'].v['Flags1'] = 0x18 pkt['Payload']['SMB'].v['Flags2'] = 0x2801 # 0xc803 would unicode pkt['Payload']['SMB'].v['TreeID'] = tree_id pkt['Payload']['SMB'].v['WordCount'] = 14 + setup_count pkt['Payload'].v['ParamCountMax'] = 0xffff pkt['Payload'].v['DataCountMax'] = 0xffff pkt['Payload'].v['ParamOffset'] = param_offset pkt['Payload'].v['DataOffset'] = data_offset # actual magic: PeekNamedPipe FID=0, \PIPE\ pkt['Payload'].v['SetupCount'] = setup_count pkt['Payload'].v['SetupData'] = setup pkt['Payload'].v['Payload'] = trans pkt.to_s end end
  4. Eu travei no ip por que no hydra não batia conexão estava usando 141.255.154.101 e não 141.255.*152*.*245*, mas foi bem elaborado o desafio
  5. Author: Fahad awan Requirements: ¡) Cpanel to host Botnet server ¡¡) Webpanel, which will be upload in Cpanel: Step 1: In the very first step you have to host the botnet server on Cpanel where you'll receive victims details, Now start with uploading files in cpanel. Upload the web panel folder as it is (zip form) in Cpanel, and than extract it. Step 2: Go back to cpanel home and proceed to Database section, And select My SQL database Wizard Step 3: Create a New database, With any name like[/align] Step 4: Let's Proceed to Next Step, Where you have to set Database's Username and Password. Step 5: Click on create user, and then check on ALL PRIVILEGES box. Then proceed to next button. Step 6: Now you have successfully created the database, Return to Cpanel Home and database section, Now select PHPMYADMIN [/align] Step 6: Now in the left column you'll find the database which you've created Step 7: Click on the database, A new page will appear, Find SQL tab in the top, Go in SQL tab You'll find page like image mention below Step 8: Extract webpanel.zip in your computer and you'll find SQL folder in that open the folder their will a file name vertexnet.sql, Open that file in notepad copy all data and paste it in phpmyadmin, As shown in the image: Step 9: Now click on the GO button. Go back to Cpanel home, Click on file manager then go in Web panel folder, find a folder named inc, go in that folder, You'll find a file named with connection.inc.php, Click right click and edit the file, Now their You have to replace 'vertex'with the database you created, 'root' with the username and password you assigned for database, As shown in the image Now you are done with creating crap! Step 10: Now open the web folder in url along the site name . You'll find a login page like this: If this login page appearing than BINGO soldier you have made it Step 11: Login with following credentials Username: root Password: toor Now you are logged in the server where all you bot victims details will be shown. So in this part we will teach you how to setup a Botnet. Step 1: Now after hosting the server, Extract Bot builder in you computer. Step 2: After extracting, you'll a application for BOT Building with 'VNBuilder' name. Run the application. It would be like as shown in image step 3: Check the box in the below. Step 4: Now go in the 'Web Setting' Tab. Type the website where you have set your server in ROOT WEBSITE URL column. Remember your website url should be like www.yourwebsite.com this, No Http:// in starting. Leave the port number as it is. Now type the folder in which your server is set, And it should be like /folder name/. leave All other thing as it is. As it is shown in image: http://oi49.tinypic.com/2e51s1y.jpg Step 5: Now Go to Load settings tab, check the 'INSTALL LOADER TO START UP' option. Like in the image: http://oi48.tinypic.com/14wv9k9.jpg Step 6: Proceed to last Tab BUILD LOADER, Now if you want to change icon of your virus than go to top right of under build loader tab, You can add icons their for your virus, additional icons are given with builder. You can even change the extention from .exe to .bat and few others, In the bottom of window you can find option to change extension. Now In the last click Build. Builder will ask where to save with which name, provide your desire one. Step 7: You've successfully created Bot. Now in order to check whether the bot is working or not RUN it in you Computer, Turn your antivirus It'll detect the virus. After running virus, go and login in the server you made in part one of this tutorial. If your virus is created Successfully than you IP will be appearing in the server list with your computer name. Like mine: http://oi45.tinypic.com/1231non.jpg
  6. Vi que uma galerinha usa o smartphone para alguns testes, então vim aqui postar uma ferramentinha útil pra android... Ferramentas: All Web Vulnerability Scanners including: SQL injection scanner XSS scanner DDOS scanner CSRF scanner SSL misconfiguration scanner Remote and Local File Inclusion (RFI/LFI) scanners Useful utilities such as: WHOIS lookup, IP finder, Shell, SSH, Blacklist lookup tool, Ping tool, Forensic tools (in imlementation) such as malware analyzers, hash crackers, network sniffer, ZIP/RAR password finder, social engineering toolset, reverse engineering tool Vulnerability research lab (sources include: Shodan vulnerability search engine, ExploitSearch, Exploit DB, OSVDB and NVD NIST Self scan and Defence tools for your Android phone against vulnerabilities Connectivity Security Tools for Bluetooth, Wifi and Internet. (NFC, Wifi Direct and USB in implementation Download [align=center] [/align]
  7. [align=center]Esse é um artigo que venho querendo escrever faz um bom tempo mas nunca tive o tempo para isso. O título pode ser meio enganador, mas a verdade é que estarei mostrando como o verdadeiro hacking foi hackeado.[/align] [align=center]Esse é um post que eu acredito que gerara diversas controversas, ainda mais de [/align] [align=center]pessoas que “ajudam” a destruir o hacking, porém é um post necessário.[/align] [align=center]Não faz muito tempo que hacking virou uma ferramenta da mídia, qualquer notícia contendo a palavra hacker gera repercussão e junto com isso veio aquela ideia de movimento hacker, hackatons, hackspaces, etc. E a essência do hacking, aquela anarquia, subversão, a idéia do caos e do lulz, foram desaparecendo.[/align] [align=center]Empresas criam hackatons não para “promover” o hacking e sim para ficar de olho em novas idéias e rouba-las para grandes comporações, já pensou desse jeito? Ou até esses eventos são usados para os governos ficarem de olho em possíveis “ameaças”?[/align] [align=center]Pessoas entram no hacking para ter um diploma e conseguir um emprego, não para hackear de verdade(ao menos que seja pago pra isso rs), esse problema nos mostra o que muitos já temiam… a capitalização do hacking, cursos custando milhares de reais e não ensinando nada além de receitas com conteúdos que podem ser achados de graça na internet.[/align] [align=center]Talvez eu não esteja certo, mas que isso faz sentido, todos devem admitir. Eu li essas idéias num blog e desde aquela época elas me perseguem… E infelizmente eu tenho que admitir que aquele hacking subversivo não existe mais, sim… fomos hackeados.[/align] [align=center]Como o hacking, não apenas no Brasil e sim no mundo, está seguindo esse caminho de “amor”, sendo que hacking em si é o oposto? Porque os novos vulgos “hackers” não pensam em hackear pelo “feeling” e sim pela atenção que isso trás ou até pelo dinheiro?[/align] [align=center]Será que algum dia vamos perceber o que está realmente acontecendo e lutar contra?[/align] [align=center] [/align] [align=center]A um tempo atrás o hacker phineas fisher nos deixou a grande mensagem:[/align] [align=center]"Neste mundo há muitos hacker melhores que eu, mas, infelizmente, eles desperdiçam seus conhecimentos trabalhando para prestadores de serviços de "defesa", para as agências de inteligência, para proteger os bancos e corporações e para defender a ordem estabelecida."[/align] [align=center]Phineas deixou claro nessa mensagem o meu ponto de vista sobre esse assunto e tentou também avisar à todos sobre o que está acontecendo. Não existe mais a resistência “Fuck The System” no hacking, os hackers estão se juntando às grandes corporações, governos e os ajudando(EUA pedem a hackers que ataquem seus sites para testar segurança).[/align] [align=center]É como diz a frase: “Se você não faz parte da solução, faz parte do problema”. Apesar do post defender a minha visão, não espero que todos concordem, até porque se concordassem nada disso estaria acontecendo. Mas, principalmente estou o escrevendo para que você também questione e tire suas próprias conclusões sobre o assunto.[/align] [align=center]Obs.: O post que me “inspirou” a escrever isso aqui está presente no pdf The_book_with_no_name escrito pela Pr1v8 [/align] [align=center]Texto por Pr1mus @Pr1v8[/align]
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.