Visit us on Google+

Wednesday, October 22, 2014

Prevent Mobile SMS hijacking

mobile hijacking, sms hijacking, retrieve sms, redirect sms

This tool allows you to prevent SMS hacking most normally called SMS hijack. It will identify the mobile malware sent via SMS to any mobile phone that does not have any antivirus installed. Initially designed to stop the Zitmo, the mobile version of the Zeus malware that will hijack a banking victim account.

The Zitmo focus on Android devices but it was also found on Blackberry, Windows Mobile and Symbian devices.

How many times you thought if it is possible to see other people SMS without the receiver noticing it? This can be for several goals like gossip attempts which many people would find it pretty good to do, but this has another goal that is way more harmful.

The main propose of this hijack task is to redirect the incoming SMS to another server that is able to control and watch any incoming SMS in your device, meaning they can see your account login protection code that has been sent to your mobile device to gain you access, so you wont receive that code but other people will do it.

Main goal for the Zitmo NoM is to prevent and totally disable the Zitmo. It is still in developing stage but you can take a look about this app if you want to test it out when released.

Zitmo NoM

By Dustin Greer.



Saturday, October 4, 2014

Attack and hack SIP / voIP servers

hack voip server how to hack sip servers


This tool allows to test penetration modules at VoIP servers/networks. It manages to perform an analysis for the SIP and Skinny protocols, as well the IP Phone services using TCP/TLS support for SIP.

It also offers vendor extentions support, Cisco DCP snoofer and sniffer and a Cisco Skinny protocol analysers. With VOSS exploits and network analysis modules.

You also have in hand the SIP and Skinny development libraries for a custom fuzzing and analyse modules.

This app can be also used for just fun or to get profit, thats where hackers are the most intented for such application.

You can watch this YT video explaining how you can manage to perform a simple attack:




Does not matter if you are not interested in security purposes, this app will get you a lot of fun.

You can get it from the source right here:

VIPROY

Feel free lo leave comments about this attack tool.

By Dustin Greer.

Monday, September 22, 2014

Retrieve malware directly from the hosted server

remove malware retrieve malware from servers hack malware app

The main purpose of this app is to allow you to retrieve malware out from the source host server.

This open source app will enable the malware anaysts to retrieve the most fresh samples that are available parsing through an URL list, but the most important part is that will alow to know the hosted location.

This will help people to manage threat intelligence related tasks.
With tasks like crawling URL blacklists for malware, supporting the Cuckoo Sandbox for detonating and sample analysis and a VxCage that allows malware sample repository management.

It was originally made as a mwcrawler fork. It will retrieve malware from some sites that includes:
VX Vault
URLqery
CleanMX
Malc0de
Malware Black List / Malware Domain List

Maltrieve also includes these improvements:

Proxy support / Multithreading for improved performance
Logging of source URLs / Multiple user agent support
Better error handling / VxCage and Cuckoo Sandbox support


And the Dependencies:

Python 2 (2.6 and up)
BeautifulSoup version 4 / feedparser / Requests

You can find it here:

MALTRIEVE 

Tuesday, September 16, 2014

How to Hack and Exploit Amazon Cloud Servers Infrastructure

Hack amazon servers how to


Today you will learn about an app that allows you to perform an exploit at the Amazon Cloud Infrastructure. Letting you understand the cloud computing.

It will allow you to setup an environment to perform fingertrips and exploits to the Amazon API.

For being able to do this in a legal environment you will have to use the nimbostratus-target found here:

nimbostratus-target


This process is better known as pivoting in the amazon clouds. The main propose goals are to have a knowledge about the Amazon EC2:

-Allowing to enumerate access to the AWS services for current IAM role.
-Use a poorly configured IAM role to create a new AWS user.
-Allowing you to extract the current AWS credentials from the meta-data , boto.cfg, the environment variables and more.
-Letting you clone the DB to access the information stored in a snapshot.
-Injecting raw Celery task for a pickle attack.


For example, with a instance meta-data you will be able to get inside this information:

-Local IP Address
-User-data
-Instance Profile: with AWS API credentials.
-The Amazon Machine Images , AMI.


The Amazon EC2 instance will generate a script that will be run by the EC2 instance OS as one of the last booting steps. The script that is also called "user data" will be stored by the AWS in the meta data instancing and retrieved by the OS when boots.

At ubuntu the cloud-init daemon will be responsible from retrieving and running the script.

The user data scripts are the common way to configure the Amazon EC2 instances and the common structure are as follows:


-Base package installation and updating
-Installing the Git Client
-Defining variables such as the source code repository URL, branch and SSH keys.
-Download the app source code used in this instance from the repository.
-Compiling and/or deploying the source code
-Starting the required daemons.


As in most of the cases the repository where the instance app source code is private. the SSH keys are used to access to it.
GitHub, BitBucket and other high range usd source  repositories call these "Deploy SSH Keys". These keys used to access the repository are normally hard-coded into the user data script or stored into an alternate location where the script can download those.

For further information and a full explanation follow the links at the end of the article.

Here you have how to start the setup for this app:

Installation

git clone git@github.com:andresriancho/nimbostratus.git
cd nimbostratus
pip install -r requirements.txt

Usage
Providing AWS credentials

With some nimbostratus sub-commands it will require you to provide the AWS credentials. You can manage to get those with the following command line arguments:

    --access-key
    --secret-key
    --token , which is only used when the credentials were extracted from the instance profile.

Dump credentials
This identify the credentials available in this host and prints them out to the console. This is normally the first command you have to run after gaining the access to the EC2 instance.

$ nimbostratus dump-credentials
Found credentials
  Access key: ...
  Secret key: ...

After you manage to the the credentials from EC2 instance you've exploited, you are able to
continue to work from any other host with internet access, just remember: The EC2 instances are in many cases spawned for a specific task and then will be terminated.

VERY IMPORTANT: This procedure will extract info from boto's credential configuration sources and from the instance meta-data. If the system uses other libraries to connect to AWS the specific credentials wont be dumped.

For the full usage tutorial follow this link:

Nimbostratus

You can research now for yourself following these links from the authors:

Pivoting in Amazon Clouds ( PDF )


Also feel free to comment about the Amazon Cloud Exploiting tutorial.

By Dustin Greer.

Thursday, September 11, 2014

Manage free security risk simplified for your business website

risk security for websites free


The security risk management allows you to avoid making the wrong decision for your business website.

This contains a lot of threats as well like potential virus, malware attacks, spywares and a lot of more.

Main problem with the management is most of the times it needs several tools and is also expensive. Most companies pays to professionals a lot of money and also spends in high cost tools to perform this task.

Some of the people that wants to begin with this task fails at the first attempt as not anyone can afford such costs for a risk management, so they just loses this particular task and face a lot of future mistakes and damages to their business.

For this task there is something called SimpleRisk. An unique invention that allows to perform this activites for free. This could sound too good to be true but in fact is a reality.

This app can be utilized in a few minutes allowing you to do tasks such as plan mitigations, submit the risks, facilitate you the management reviews, project planning priorization and  being able to track the regular reviews.

You can configure the app in a really wide range and it also performs a dynamic report with the ability for tweaking risk formulas live. This app is continously updated with more features and you can use it for free, that is what it makes it unique for the field.

You can get it here:

RISK MANAGEMENT SIMPLERISK

Feel free to leave comments about this app.

By Dustin Greer.

RELATED POSTS:

Hack Websites with Hypertext Access Exploit
Hack the web by surfing anonymously showing restricted sites


Tuesday, September 9, 2014

The Definitive Carding Tutorial for beginners


When you never heard about the term "carding" you could think it is about something else, but for the hackers this term means the act of using usable credit cards from other holders. This can be also called a financial data hack.

The Carding needs to follow some rules that im about to explain in this tutorial.
First of all you have to get working credit card details but also sites that allows the carding, means that the site has to be "cardable".

A cardable website is one of those that the payment processor is vulnerable enough that you wont have issues by using someone else credit card to make the payment, you just need the full information from the holder and you are set to go.

Some other sites will have higher security and are the most in quantity nowadays. For those you will need to break and confuse the payment processor making it believe you are the real holder. For doing this properly you have to use a SOCKS5 VPN.

For example, lets say you want to purchase something online and your cc info holder city is Los Angeles, you must use a SOCKS5 VPN from this exact city. This will give you an IP close to the IP from your detail, making the bank issuer believe the real holder is doing the transaction.
If you use common VPN, free or for example the TOR browser you will face a void card at first attempt. Most important websites have the security level to be able to block the credit cards when this is caught.

Some will popup a message saying your credit card has been blocked for security reasons, but others wont say anything at all, you will just get it declined or no funds message. When this happens the people that does not knows well how to do carding tries to purchase again at the same site or others, making the card void at last since some will block it eventually or the bank issuer will get informed about the suspicious activities and disable it right away.

You can also get your detail void if you use a paid quality VPN but you select other city or state, since here you will be getting it void by the bank issuer.

The next part is the Verified by VISA (VBV) or MasterCard Secure Code.

When you reach a webiste that needs to approve the transaction by entering the password/digits or receiving a SMS to approve, you could think there is no way to go, but there is one. To be able to use the details at those websites you have to get unrolled credit card info, which means you can enrol the details yourself at the bank issuer website. For this you need SSN, Birthdate, MMN sometimes that obviously you should already have all that info with your credit card detail. When you have all this you will be able to setup yourself the VBV or Mastercard Secure Code password setup, even the SMS by entering your phone number ( of course not yours, some cloned/prepaid one ).

Now that you have got everything working you must follow some rules at the purchasing field.

You cant go and buy stuff for like $ 500 or more at once , since does not matter you are using all the tricks you have to use, we are in the 21 century and the bank issuer will always re check when the holder is doing some unusual transaction amount. This means sometimes when you are using a classic level card you cant go and make a high amount purchase, since the bank knows the holder does not do those kind of transactions normally.

You can also face that you are using a detail that the holder uses from time to time, meaning the bank also knows this holder only uses it to pay for bills, you get the idea.
The only way to get over this is by always purchasing low amounts at different sites and by doing it wisely in time frames.

Some holders are "premium" or "platinum" or high class levels, where you know this just by checking the credit card detail level. With those you are able to do some higher transactions with no problems but again wisely with the time frame when purchasing.

There is another class of credit cards that are only business/enterprises/companies owned. With these you have to be really sure you are using it at the same places from where they are being used normally, easily traceable by knowing where it belongs.

With knowing the rules now you are ready to being with carding. Just be sure you read and follow the steps explained here and you wont go wrong.

Check the blog for further posts about updated cardable sites list.

Feel free to post comments about your carding experiences.

By Dustin Greer.

RELATED POSTS:

Find out credit and debit cards validity with bin checking
How to get real credit card information

Sunday, September 7, 2014

Attack Smartphones Security with Penetration Tools Tutorial


How to hack smartphones with framework penetration tool

Learn how to attack the mobile smartphone security with a penetration tool.

There is some mobile security apps out there but this one stands out.

SMARTHPHONE PENTEST FRAMEWORK

In security testing tools you are able to do a lot of tasks like assess the security in a matter that allows you to reach private information from the companies.

At this time most important IT and top executives will rely on having constant access to the company data and communications, so it will be expected that employees will also have access to their respective company e-mails and system files at their smartphone mobile devices.

For this scenario the companies normally have two options, giving to their employees a company owned smartphone or allow them to use their personal mobile phone to be used at their network.

This has pro and cons but the most important is the assessing to the security posture of the smarthphone in the workplace, which is a critical issue.

The chosen functionality focuses on unique features to the smarthphones platforms, like the functionality that uses the mobile modem instead the traditional TCP/IP protocol remote shell.

With this tool updates and some new future tools the devs hopes that the penetration testing framework will massively attract the community support such how has been seen with other penetration tools like the Metasploit.

Now we continue to the framework components.

Smarphone testing framework


The framework consists of a management console that is a web based graphical UI, management app and a platform specific payloads or agents.

The management console, GUI and app are used to launch the new remote attacks, gathering info about the smartphones, create the social engineering attacks or just interact with deployed agents.

The management console, GUI and app can also interact with the smartphones via a mobile modem or TCP/IP protocol, in particular agents some receive the commands through SMS and HTTP.

The mobile modem based attacks and commands can be sent through an attached smartphone with management app installed or through the mobile modem connected to the computer with the management console installed.

The TCP/IP protocol based attacks and commands are sent through a web server.

The management console uses a command line interface that will allow to the user interaction with agents, allowing to launch the new attacks, view gathered info and more but without the knowledge of the commands or the exploits, using a series of menus.

The graphical user interface is the same as last one but with the difference that allows the user to interact with a GUI instead using the command line.

The associated app is a smartphone based that will allow the users to do these same functions directly from a mobile smartphone attached to the management console.

Also you can launch attacks or commands to an agent with the mobile modem having this app installed on it.

This penetration testing framework includes a selection of functions for spanning the phases of a penetration test. When given a set of phone numbers the framework will gather information by searching the public records and databases. If the smartphone can be traced on the local network there will be a port scan as well.

The framework will search for vulnerabilites like the default SSH password for jailbroken devices. It provides a selection of remote, client side and social engineering based exploitation attacks.

One example, the smartphone sends a SMS to a potential victim disguised as a common advertisement that comes from vendors with a link, when the users does a click to this link they will be directed to the framework controlled web server that launches a client side attack against the smartphone browser.

You can research yourself with this penetration tool that is actually unique in its kind and pretty powerful.

Feel free to leave comments about this tool.

By Dustin Greer.

RELATED POSTS:

Hacking at Android Mobile Phones using Hackode 
Make FREE CALLS to Any Mobile Or Landline  

Friday, September 5, 2014

Hack Websites with Hypertext Access Exploit


hack websites hacking sites

This time we are giving you something unique that allows to hack websites by bypassing the restrictions from a web application allowing you to see the private directory.

The app is called Hypertext Access Exploit.

This app is a python-based tool that uses an exploit to reach weakness to the .htaccess files allowing you to reach the web directory without authorization.

With this tool you will be able to see the content of a protected directory in a web server ( websites )

The typical usage is as follows:

htexploit -u [URL] [options]


You have these options available:

 -h, --help
    it will show this help message and exit
-m MODULE, --module=MODULE
    Allows you to select the module to run , as default it will detect it.
-u URL, --url=URL
    Allows you to specify the URL you want to scan
-o OUTPUT, --output=OUTPUT
    Allows you to specify the output directory you want to place the results
-w WORDLIST, --wordlist=WORDLIST
    Allows you to specify the word list you want to use
-v, --verbose
    Just do a verbose

You can download this app here:

Hypertext Access Exploit

Feel free to leave comments about this exploit.

By Dustin Greer.

RELATED POSTS:

Manage free security risk simplified for your business website
How to EASILY Hack Email Accounts, Windows Passwords, & Wordpress Websites

Thursday, September 4, 2014

Check your IP Traceroute using Google Maps


check your ip what is my ip

This time we are going to explain how to discover your IP address route over the globe.

This is normally made by interest ends but a hacker must see whats going on in the IP traceroute before doing anything at all.

This is good to know if you are a beginner hacker or you just want to know how your computer is connecting through the world wide web to reach a specific site or IP.

We start simple with one that works just fine for 50 searches everyday for free:

HACKTARGET IP-TRACE

This online traceroute checking allows you understand the network TTL ( the time to live ) . Where packets reach the hops router in the network the Time to Live raises. Those packets are normally ICMP/UDP and there is also other version using TCP.

What you have to learn that by using this you see how using different protocols is good since at some networks the firewall or router itself could block the packets showing you the wrong path across the net.

If you use different protocols you will get rid of systems blocking other kind of packets.

Now we move on to another tracer.

TRACEROUTE-ONLINE


This checker will also provide to you with a google map showoff for the hops in the network path.
Just keep in mind that Geo Location is not exact, you need something else so if you are going to check exact location using this, you are at the wrong place.


TRACEROUTE MONITIS

This one in particular also uses google map but it looks a bit better. It also allows you to monitor a site or IP 24/7 for free. Is a good way to monitor an entire site traceroute all the time, if that is what you are looking for.

We will add more later, feel free to comment and add any other tracers that can provide more usual info.

By Dustin Greer.

RELATED POSTS:

Best Proxy Services for Hackers
Hack the web by surfing anonymously showing restricted sites

Tuesday, September 2, 2014

Best Proxy Services for Hackers

free proxy list socks5 vpn protocol


When you need to be safe, anonymous and also untracked you must be sure you are using a quality proxy service. For any person that wants the best safety online is a must, but for hacker this is a rule, so we are going to post here some of the best Proxy Services available to date.



  • HMA VPN


 This proxy uses more than 55,000 IPs, about 60 servers across the world and it also uses a 128-bit encryption to get you the best quality possible. With HMA VPN you are also able to use 3 virtual private network connections.

It also works on Apple and Android devices apart from also being provided to the desktop PC.



  • PURE VPN


This proxy allows you to use 5 devices connected with the same account, meaning you have 5 VPN for the price of only one.

It also povides you with their Split-Tunneling allowing you to use the VPN and normal browsing whenever you want, saving you time and speed for your needs.

It also offers you a switch that will kill any connection as soon as you disconnect, meaning you are safe all the time does not matter if you are not browsing.

This one uses 256-bit data encryption, giving you the best security.



  • IP VANISH


This proxy calls it self  the only tier-1 VPN service worldwide. 

It has the most fastest secure connections and best pricing. Their network uses more than 14,000 IPs with about 135 servers at the most important countries in the world. 

It also provides safety for mobile devices, as well it allows you to use Skype or any Voip service changing the country, meaning you will get lower bills. 


This proxy also disables the Deep Packet checking some ISPs does blocking your internet speed.


Soon we will add some more to the list.

Feel free to comment what are the best proxy services for you.

By Dustin Greer.

RELATED POSTS:


Check your IP Traceroute using Google Maps
Hack the web by surfing anonymously showing restricted sites