Tag: Hacks

Let’s Begin

Note that all the CCTV cameras are operated and connected to the Wi-Fi network. so if I wanted to hack into CCTV camera system I must get into the Wi-Fi network. Now there are a lot of easy ways and articles with which you can find on how to hack Wi-Fi networks.

So I will skip this step. After getting access to a Wi-Fi network the first thing I did is I typed the router address into the browsers URL.

   192.168.1.1 

If you are not sure about whats the IP address for the specific router you can simply look for a router, it’s brand and just simply Google it. Like if I want to know the IP address [Admin Panel address] of a TP-link router I will Google “TP Link admin panel IP address” that’s it and you will get it. !

Now moving towards all I have to do is to get into the router setting now most of the time people don’t change the default username and password for the router so you can always try for simple configuration like :

AUsername: password Admin:admin Admin:12345

And there are a lot of things! you can get the list on the internet just simply Google “the router name brand and the default username and password”. if your friend is smart enough to change the username and password you can still get into it refer to this article: You want password cracking then you seaech my name on search bar and learn

,

Since he was using the default username and password I got into its routers admin panel

then I remember that he had few webcams and few devices connected to it. Luckily in the admin table, I configure and figure out all the devices with hostname. Like if you are using a Lenovo PC then it’s name should be there likeLenovo laptop if you are using a mobile of Samsung the it should display etc and you can just assume that rest of the devices are printer or webcam for CCTV cameras. etc.

So instead of searching to all the connected devices and looking for the open port I decided to use a smart way I decided an app to view the stream of the webcam that automatically find all the CCTV cameras connected to the network with the same Wi-Fi

Now I know that what was the company of the CCTV cameras so I search the company name model and its vulnerability it had one vulnerability and I took advantage of it.

I examine the vulnerable code and I found that there is a vulnerability which can be exploited to get into the webcam so I open the termux app on my cell phone and started to hack into a system

wget http://192.168.1.99//proc/kcore | strings | nano

checking the memory leak I couldn’t find the password so I search forward with exactly words like admin because I thought that admin is the default username and password is usually near the username and it was a lucky guess! I was able to find the username and password so I took the advantage of this vulnerability and easily hack into the system



The very next thing I did was to report the vulnerability to the company’s office and my friend I also advised him to change the default username and password and give him a tip that the username and password should be difficult which includes hexadecimal character and a combination of capital and small alphabets with also some special characters and numeric values!

This way you can hack into any CCTV camera if it has a vulnerability.

With just some googling and basic knowledge you can do this very easily. Share this article and I will soon share more awesome Hacking related and pentesting related articles.

Get in touch with us on every social platform!

  

STEP 1: Create Server for Hacking Passwords

First of all, for hacking any Facebook account password, we have to create our keylogger server that will run on the victim’s machine, capturing his keystrokes and emailing us the record. The keylogger server building process consists of several steps:

1. First of all download the Keylogger and a good binder. Binders are easily available via a Google search. 

2. Extract the RAR file. Now you will get one folder and three files.

3. Open the Keylogger file. Here you will need a gmail ID and password. For safer use, create a fake Gmail account.

4. Click on server settings as shown. Here, enter the time at which you want to receive reports; it’s always preferable to use a 20 minute timer for receiving files. Click on the Output box to choose the location of the file and give it a name. We recommend using a system process name to make it undetectable, like svchost, or check any process name from your task manager and name it. Other fields are optional.

5. Click on Log and Result Setting. In Log Email Title enter the subject of email like “my keylogger report” or anything else that you you like. Click the last two options that add computer name and add the victim’s name.

6. Now click on “Other Options.” In this section you just have to do one thing. Most hackers prefer warning message POP up, but I prefer keylogger using any message – so unclick the message button. When you bind it with any other software it should not have a warning message attached, otherwise it will be detectable.

7. Finally click on Build Keylogger. You will see your keylogger file at the location that you have chosen in the 4th step. This keylogger server file will be used to bind with other software in Binding Step.

 8. Now your keylogger server is ready for you to hack Facebook accounts. 

Step 2: Extracting the icon file from any installer (resource hacker)

1. Open the resource hacker folder and select the reshacker file.

2. Go to its menu and open any setup file. Suppose we want to attach our keylogger to a Ccleaner setup file. Open the Ccleaner setup with resource hacker. 

3. In the menu, there is one action button. Click on it and then click save all resource.

 4. Save all the resources to the desktop or any other location of your choice.

5. It consists of two files. One is icon file and other is res file. We only need the icon file, so you can delete the other one.

6. That leaves us with the icon of installer file (Ccleaner setup icon).

Step 3: Bind the Keylogger server with any software

1. Go to keylogger folder and open the Binder.

2. Click on the button shown below to add files.

3. Add the keylogger server and the setup software (in our case it’s Ccleaner setup).

4. In the Binder menu, go to Settings. There, select the icon that we have generated in the previous step and set the location of the output file as shown in the figure.

5. Now again go to file’s menu in Binder and click on Bind files.

6. Now your Binded keylogger is ready. You just need to spread it or send it to the victim that is your friend.

Step 4: How to spread the keylogger

1. Now you have one software setup file with a keylogger attached to it. (In our case, we have Ccleaner setup with keylogger attached with it)

2. Spread your keylogger through forums. If you are a member of various forums, use them to spread your keylogger in the form of software posts.

3. Spread it through pendrives or USB hard drives. Suppose a friend asked you for a software, give them the software with the keylogger attached to it on the hard drive. 

Note: you can also attach keyloggers to images, but that can be detectable by antivirus, so we recommend avoiding that route.

Hacking someone’s Facebook account takes more than a few minutes. 

 Features:

• Bypassing CSP using polyglot JPEGs

• Encoding Web Shells in PNG IDAT chunks 

• Hidden malvertising attacks (with Polyglot images)

• XSS payload revisiting (in PNG and IDAT chunks)

• XSS Facebook upload (Wonky and PNG content)

Tools:

bmp.pl, gif.pl, jpg.pl, png.pl

Requirements:

GDString::CRC32Image::ExifTool

Install

Clone the repo:

$ git clone https://github.com/chinarulezzz/pixload.git

Note: Debian users need to install the following packages:

$ sudo apt install libgd-perl libimage-exiftool-perl libstring-crc32-perl

Pixload Usage Examples

BMP Payload Creator/Injector

Usebmp.pl to create BMP Polyglot image with custom/default payload, or inject payload into existing image:

$ ./bmp.pl [-payload \’STRING\’] -output payload.bmp 

If the output file exists, then the payload will be injected into the existing file. Else the new one will be created. 

GIF Payload Creator/Injector

$ ./gif.pl [-payload \’STRING\’] -output payload.gif

JPG Payload Creator/Injector

There are two ways in which you can achieve this:

1. Comment section injection:

$ ./jpg.pl -place COM -output payload.jpg

2. DQT table injection:

$ ./jpg.pl -place DQT -output payload.jpg

PNG Payload Creator/Injector

$ ./png.pl [-payload \’STRING\’] -outp

This tutorial is not very difficult and probably nothing new, but I haven\’t seen anything of this methond on this forum yet and some people created threads asking about Snapchat hacking related stuff. Maybe for some of you this is no big deal, but I think not everyone knows that this is possible. This tutorial should also show an efficient way of this method. Keep in mind that this method is for getting the data of random people, not a specific victim.

First of all, Snapchat provides the opportunity to log into your account via browser on https://accounts.snapchat.com/accounts/login

Once you are logged in you can go to \”My Data\” and Snapchat creates a ZIP file for you which contains various information about your Snapchat account. The ZIP file also contains a link with which you can download the memories of that Snapchat account via browse

What is even the use of getting the memories of someone\’s snapchat account? Primarly just getting nudes. A lot of girls save them in their snapchat memories.

There you need the email/account name of the victim as well as the phone number. This is not always the case if you don\’t know much about the person. You also need to rely on the possibility that the person falls for your SMS.

So let\’s get started:

What you need:

1. A good combolist /database. It is important that you have an email:pass list where you know you get a lot of hits. There are some good new leaked databases in this forum, you\’ll find something.

2. A VPN

Firstly you focus on a specific country your victim has to be from. Choose an email that gets used by the people from this country. (For example Germany live.de, hotmail.de, gmx.de etc.). Then connect with your VPN program to a German server. NordVPN isn\’t maybe the best VPN to use for yourself, but I guess it is used by most of you and you can easily connect to a big number of countries.

It is important that you use an IP from the country your victim is from. With a gmail address for example it is difficult to predict where from the person is.

I don\’t have a Snapchat cracker and also didn\’t really search for it. So we are talking about copy & paste the login info manually.

There are now 3 outcomes:

1. The login info is incorrect -> Try the next person

2. The login info is correct and you can successfully log in.

3. The login info is correct but Snapchat recognizes suspicious activity.

Let\’s focus first on outcome number 2. After that number 3.

So now since you could log in without any problems go to the option \”My Data\”. Scroll down and click on \”Submit Request\”. Now Snapchat creates the ZIP file. It depends on the amount of memories the victim has in his/her snapchat account how long it takes until the ZIP file is created. It can take to 1-2hours if it is a lot of data (!). If it takes very long it is possible that Snapchat wants you to type in the password again, so look that you don\’t loose the password.

Very rarely Snapchat fails to create the ZIP file, I don\’t know why. (Usually a sign that it failed is when you click on \”Submit Request\” again and Snapchat starts to create a ZIP file again and doesn\’t say it is still creating it.)

Once the ZIP file is created, download and open it. Now open the html folder and open the memories_history.html file with your browser. Now you can see all the memory files of the victim. But as you also can see you have to download every photo/video separately: https://imgur.com/a/08lygg8

Snapchat doesn\’t give you the option of download it all at once.

But for this I also have a solution: https://github.com/ToTheMax/Snapchat-All-Memories-Downloader

This is a node.js script that lets you download all the memories at once. There is also a readme how to use it. Extract the Snapchat ZIP file in the same folder as the All-Memories-Downloader. So now just open the command prompt, navigate to that folder, type in node main.js and it should work. You can find all memories in the Downloads folder. Done.

 HACKING ANDROID COURSES 

Part 1: Penetration Testing 

Part 2: Setup Your Lab 

 https://mega.nz/folder/TM1jyABL#40eUd_dpLEchdUAxbXPEiQ

Part 3: Finding Your way around Kali  https://mega.nz/folder/fVl3hI7J#tKsrQ4rjzd97b7sah6gwYw

Part 4: IMPORTANT TOOL  

 https://mega.nz/folder/fB9T0CAD#6jdad6-5XW-fSFhuhYO7Uw

Part 5: Exploitations 

 https://mega.nz/folder/fElDXIwA#y6qSr6jMk5dTkXUaDeEe_w

Part 6: Hacking Android Devices  https://mega.nz/folder/HJ8BwQrI#JiQhByO7NvsuU_nRslRhZw

Part 7: Social Engeneering 

 https://mega.nz/folder/vUshmAgD#lJpAwyKwLss9ogVZzrnFvw

Part 8: Hacking Using Android Devices  

 https://mega.nz/folder/aVsFzQ4S#MYrQ9rc3pjDjq2pjVHCtoA

1. What Is Ethical Hacking And Penetration Testing, And How Can You Use It

2. Introduction From Your Co-Instructor Snehil Khare about Ethical Hacking

3. Environment setup lecture

4. Stealing facebook credentials via phishing 

5. How to defend against phishing attacks

6. User Browser hacking using Beef exploitation framework

7. How to defend against browser attacks

8. User machine hacking via word and excel documents

9. Hacking android phones for fun and profit 

10. Backdooring android apps for Profit

11. How to defend against android attacks

12. Chaining multiple commands together

13. Download and build the target

14. Hacking with Kali Linux your target system

Link https://drive.google.com/file/d/1e8IhYxkmpTGE32vutY2EHK4BzqY60r-B/view

Dedsec All Courses

BlackHat Hacking Course By DedSec

Antivirus Evasion Course By DedSec

Complete Course Of Android Hacking By DedSec

Complete Course Of Kali Linux By DedSec

Complete Course Of WiFi Hacking By DedSec

ERC Course By DedSec

Facebook And Instagram Hacking Course By DedSec

Online Account cracking Course By DedSec

Reverse Engineering Course By DedSec

Dedsec Latest Fud Ransomware

Spamming Course 

​​Kali Linux – Complete Training Program from Scratch 

[ Grand Of 2020  ]

WHICH COST $2000k

But now [100% Free.]

Link : https://bit.ly/3dWUGby

Follow the website instructions to download course.

[ Trending of 2020 ]

WHICH COST $28000k

But now [100% Free Of Cost.]

Bee care full very powerful content.

Very useful courese for hacking to go next level Noob to Pro. 

Also you get advance course of how to enter darkweb safely just using ur Android or ISO devices.

Follow the website instructions to download course.

Library content 🧾

├───Group 0 [ Miscellaneous ]

│      01 The Tagled Web A Guide to Securing Modern Web Applications.pdf

│      02 [Michal_Zalewski]_Silence on the Wire A Field Guide to Passive Reconnaissance and Indirect Attacks.pdf

│      03 Metasploit-The Penetration Tester s Guide.pdf

│      04 the car hackers handbook.pdf

│      05 practical forensic imaging.pdf

│      06 [Nikolay_Elenkov]_Android_Security_Internals-_An_I(b-ok.cc).pdf

│      07 gray hat c sharp.pdf

│      08 Practical_Malware_Analysis.pdf

│      09 iOS Application Security_ The Definitive Gude for Hackers and Developers – David Thiel.pdf

│      10 Black Hat Python Python Programming for Hackers and Pentesters.pdf

│      11 mwri-a-penetration-testers-guide-to-the-azure-cloud-v1.2.pdf

│      12 Hacking- The Art of Exploitation (2nd ed. 2008) – Erickson.pdf

│      13 Serious Cryptography A Practical Introduction to Modern Encryption (2).pdf

│      14 Penetration Testing – A hands-on introduction to Hacking.pdf

│      15 Attacking Network Protocols by James Forshaw.pdf

│      pic.jpg

│

├───Group 1 [ Network Security ]

│      Comp_TIA_Security_Guide_to_Network_Secur.pdf

│      New CCNA 200-301.pdf

│      Nmap Network Scanning _The Official Nmap Project Guide to Network Discovery and Security Scanning.pdf

│      understanding digital signal processing.pdf

│      Understanding Network Hacks Attack and Defense with Python.pdf

│      Wireshark Network Security.pdf

│

├───Group 2 [ Reverse Engineering – Malware Analysis ]

│  │  Advanced Windows Debugging.Nov.2007.pdf

│  │  Eldad_Eilam-Reversing__Secrets_of_Reverse_Engineering-Wiley(2005).pdf

│  │  Firmware_Security_Testing_Methodology_Version1.pdf

│  │  Inside Windows Debugging_ A Practical Guide to Debugging and Tracing Strategies in Windows.pdf

│  │  Malware Data Science Attack Detection and Attribution by Joshua Saxe Hillary Sanders.pdf

│  │  Mastering Malware Analysis by Alexey Kleymenov, Amr Thabet.pdf

│  │  Practical_Malware_Analysis.pdf

│  │  Professional Assembly Language.pdf

│  │  RE4B-EN.pdf

│  │  UEFI原理与编程_戴正华(著) 机械工业出版社_完整版.pdf

│  │

│  └───eLearnSecurity – Malware Analysis Professional

│          101_Introduction_To_Malware_Analysis.pdf

│          102_Static_Analysis_Techniques.pdf

│          103_Assembly_Crash_Course.pdf

│          104_Behavior_Analysis.pdf

│          105_Debugging_And_Disassembly_Techniques.pdf

│          106_Obfuscation_Techniques.pdf

│

│

│

├───Group 4 [ Web Penetration Testing ]

│  │  Bug Bounty Playbook.pdf

│  │  Practical_Attacks_using_HTTP_Request_Smuggling.pptx

│  │  The.Web.Application.Hackers.Handbook.Oct.2007.pdf

│  │  XSS CHEAT SHEET 2020 edition.pdf

│  │

│  ├───elearnsecurity WAPTx

│  │      WAPTx sec 1.pdf

│  │      WAPTx sec 2.pdf

│  │      WAPTx sec 3.pdf

│  │      WAPTx sec 4.pdf

│  │      WAPTx sec 5.pdf

│  │      WAPTx sec 6.pdf

│  │      WAPTx sec 7.pdf

│  │      WAPTx sec 8.pdf

│  │      WAPTx sec 9.pdf

│  │

│  └───Lists

│          OWASPv4_Checklist.xlsx

│          summary.jpg

│          Web Application Attacks List.txt

│          Web Security Topics for selfstudy.txt

│

├───Group 5 [ Offensive-Security ]

│      Kali Linux Revealed Mastering the Penetration Testing Distribution.pdf

│      Offensive Security OSCP v2020.pdf

│

├───Group 6 [ EC-Council ]

│  │  CEH v10 EC-Council (Certified Ethical Hacker Complete).pdf

│  │

│  └───Computer Hacking Forensic Investigator CHFIv9

│      │  CHFIv9 Module 00.pdf

│      │  CHFIv9 Module 01 Computer Forensics in Today_s World.pdf

│      │  CHFIv9 Module 02 Computer Forensics Investigation Process.pdf

│      │  CHFIv9 Module 03 Understanding Hard Disks and File Systems.pdf

│      │  CHFIv9 Module 04 Data Acquisition and Duplication.pdf

│      │  CHFIv9 Module 05 Defeating Anti-forensics Techniques.pdf

│      │  CHFIv9 Module 06 Operating System Forensics.pdf

│      │  CHFIv9 Module 07 Network Forensics.pdf

│      │  CHFIv9 Module 08 Investigating Web Attacks.pdf

│      │  CHFIv9 Module 09 Database Forensics.pdf

│      │  CHFIv9 Module 10 Cloud Forensics.pdf

│   

  │  CHFIv9 Module 11 Malware Forensics.pdf

│      │  CHFIv9 Module 12 Investigating Email Crimes.pdf

│      │  CHFIv9 Module 13 Mobile Forensics.pdf

│      │  CHFIv9 Module 14 Forensics Report Writing and Presentation.pdf

│      │  CHFIv9 References.pdf

│      │

│      └───Labs

│              CHFIv9 Labs Module 00.pdf

│              CHFIv9 Labs Module 02 Computer Forensics Investigation Process.pdf

│              CHFIv9 Labs Module 03 Understanding Hard Disks and File Systems.pdf

│              CHFIv9 Labs Module 04 Data Acquisition and Duplication.pdf

│              CHFIv9 Labs Module 05 Defeating Anti-forensics Techniques.pdf

│              CHFIv9 Labs Module 06 Operating System Forensics.pdf

│              CHFIv9 Labs Module 07 Network Forensics.pdf

│              CHFIv9 Labs Module 08 Investigating Web Attacks.pdf

│              CHFIv9 Labs Module 09 Database Forensics.pdf

│              CHFIv9 Labs Module 10 Cloud Forensics.pdf

│              CHFIv9 Labs Module 11 Malware Forensics.pdf

│              CHFIv9 Labs Module 12 Investigating Email Crimes.pdf

│              CHFIv9 Labs Module 13 Mobile Forensics.pdf

│

├───Group 7 [ SANS ]

│      SANS 501.rar

│      SANS 660.rar

│      sans-listing.txt

│      SANS_Collection.torrent

│      SEC 560.rar

│

├───Group 8 [ (ISC)² ]

│      CISSP_CheatSheet.zip

│      Official (ISC)² guide to the HCISPP CBK.pdf

│      Official ISC2 Guide to the CISSP CBK.pdf

│      The Official (ISC)2 Guide to the CCSP CBK.pdf

│

└───Group 9 [ CompTIA ]

        CompTIA A+ Certification All-in-One 220-801 & 220-802 Exam Guide, [8th Edition].pdf

        CompTIA CySA+ Practice Tests.pdf

        CompTIA IT Fundamentals Study Guide.pdf

        CompTIA Linux+ Practice Tests Exam XK0-004.pdf

        Comptia Pentest+ Practice Tests Exam Pt0-001.pdf

        CompTIA Server+ Study Guide.pdf

The Complete Django 3 Course for Beginners (Step by Step) 

[Expire In Two Days]

Welcome To The World Of Ethical Hacking! If You Are A Complete Beginner, This Course Is A Gem For You! Learn Everything You Need To Know About Hacking, Before Attacking Your Target!

Description:

Welcome to the world of Ethical Hacking! If you are a complete beginner, this course is a gem for you! Learn everything you need to know about hacking, before attacking your target!

This is the first part of my Ethical Hacking and Cyber Security Bundle with the name “TechHacker Pre-Hacking Online Course”, in which you will step into the world of hacking from the very basics and know everything it takes before exploiting or attacking the target. – Bitten Tech

What will this course give you? After taking this course, you will be able to:

Step into the world of hacking and know what exactly it is

Know the history of this field and its fundamentals

Introduce yourself to Information Security and it’s sub fields

Know and understand whatever is required to learn before and after hacking

Know why you should learn hacking?

Know that hacking is NOT ALWAYS ILLEGAL

How to make a career in Ethical Hacking

Know the basics of cyber security and its terminologies

Setup your own personalized hacking environment with most popular tools and softwares

Know each and every detail of what you are doing, conceptually

Be able to run your own commands, install your own tools and manage them

Learn about Linux and everything about it to work with it

Learn major Windows and Linux Commands

Learn about Computer Networking conceptually and whatever you need in infosec

Refresh your networking concepts of every layer, mainly application layer in detail

Know about the working of VPNs, proxies, TOR, SSH, Telnet and many more

Know the phases of ethical hacking and pentesting and how important information gathering is

Be able to do reconnaissance and footprinting on a target systematically

Be able to gather as much information about the target as you can with popular tools and techniques practically

Know the importance of scanning and how to find vulnerabilities in a target

Learn every methodology professionally and ethically

Learn about proper documentation of scan results

Be able to apply the concepts hands on effectively

Learn about enumeration and its types

Learn how hacking is done in corporate environment

Size: 2.3GB

Link :-

 https://mega.nz/folder/OLYgkAbb#j5pyTT5ydfemRC2AtJwcBg

Tiktok Phishing v2 – Fake Followers Phishing Script NOT MINE , I DONT OWN IT , WE WONT BE RESPONSIBLE FOR WHAT YOU DO WITH IT.

TikTok Fake Followers Phishing Script Installation

1.Upload this zip file any webhosting site.I recommend 000webhost.com

2.Extract zip file in home directory and delete the zipfile

3.Edit install.php and enter your email address and notedown username and passwordPrerequisites:    Web hosting site    Basic knowledge on using computerLegal Disclaimer:Usage of this tool for attacking targets without prior mutual consent is illegal. It\’s the end user\’s responsibility to obey all applicable local, state any federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

This course provides an intense approach to penetration testing in high security environments. You will learn to exploit networks using various methods, including SQL injection attacks, cross-site scripting, and local and remote file inclusion, while gaining the knowledge to understand the defender of the network you are penetrating. Unethical hackers are becoming more devious and cunning than ever before. They are also becoming smarter and savvier when it comes to technology. That means that advanced level ethical hackers are needed to stay ahead of them. In our Advanced Penetration Testing course, you will learn to attack as the bad guys do to help create more secure networks and systems for high security environments. The course also covers the post-exploitation process, including how to enable RDP/VNC, backdoor SSH logins, and other data exfiltration techniques. The Advanced Penetration Testing course had a total clock time of 14 hrs. and 36 mins. and you will receive a certificate of completion upon finishing the course. Georgia Weidman, penetration testing and hacking subject matter expert, author, and well-known industry event speaker, will teach you everything you need to know in this free course!

Download :-