z3r0

LvL-23
  • Content Count

    11
  • Avg. Content Per Day

    0
  • Joined

  • Last visited

Community Reputation

23 Excellent

About z3r0

  • Rank
    Leech
  • Birthday 04/15/1990

Converted

  • Location
    r00t

Converted

  • Interests
    Hacking, Spamming, Coding, Programming, Pentest

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit. A brand new Faraday version is ready! Faraday v1.0.20 (Community, Pro & Corp) is here, bringing more functionality to our GTK interface and other cool new features. You will probably notice the most our new conflict resolution dialog, which improves on our design for QT and highlights the differences between the two conflicting objects, not to mention it requires one less click from you when fixing a conflict. Also, you will notice the status bar now displays relevant information about your workspace, so you know exactly where you stand regarding the number of hosts, services and vulnerabilities. Your workflow will also be improved by the new exit command support, which now behaves as you'd expect - if you exit from a tab inside Faraday, the tab will close. Big new features are exciting, but bug fixes and small add-ons are important too. The terminal now features infinite scrolling and scroll bars, there are more descriptive labels, the sidebar is resizable and you can search for specific workspaces by name. However, our web UI wasn't left behind, including fixes and improvements in the hosts and services views. Also, in this version we added the report import event to the commands history, so it can be viewed in the dashboard. We believe this feature will enable you to keep track of all the movements in the workspace, so we hope you enjoy it! Pro & Corp changes: Fixed a bug in report creation - removed relative paths in the generation script so it can be run from another directory Community, Pro & Corp changes: Fixed bugs in plugins: Acunetix - Nmap - Nikto Removed description from Hosts list in web UI Fixed sort in Hosts list in web UI Fixed ports sorting in Host view in web UI Added search link for OS in Hosts list in web UI Removed description from Services list in web UI Added version to Services list in web UI Modified false values in Hosts list in web UI Added search links in Services list in web UI Added scrollbar in Gtk Terminal Added workspace status in Gtk interface Added conflict resolution support for the Gtk interface Added search entry for workspaces in Gtk Added support for 'exit' command inside Faraday's Gtk terminal Improved handling of uncaught exceptions in Gtk interface Improved text formatting in Gtk's log console Fixed several small bugs in Faraday GTK Added support for resize workspace bar Added a quote for imported reports in web UI Added support for a new type of report in Qualysguard plugin DOWNLOAD LINKS AND OTHER INFO [Hidden Content] [Hidden Content] [Hidden Content]
  2. WifiChannelMonitor is a utility for Windows that captures wifi traffic on the channel you choose, using Microsoft Network Monitor capture driver in monitor mode, and displays extensive information about access points and the wifi clients connected to them. WifiChannelMonitor also allows you to view the information about wifi clients that are not connected to any access points, including the list of SSIDs (network names) that they are trying to connect. For every access point, the following information is displayed: SSID, MAC Address, Device Manufacturer , PHY Type, Channel, RSSI, Security, Beacons Count, Probe Responses Count, Data Bytes, Retransmitted Data Bytes, and more... For every client, the following information is displayed: MAC Address, Device Manufacturer, SSID list that the client tries to connect, Sent Data Bytes, Received Data Bytes, Probe Requests Count, and more... System Requirements Windows 10/Vista/7/8/2012 - 32-bit or 64-bit. (In previous version of Windows , there is no support for wifi monitor mode) Microsoft Network Monitor 3.x - You can download and install it from this Web page or from this Web page . Wireless network adapter and a driver that works properly in 'monitor mode' under Windows. See the remarks about that in the 'Known Problems' section below, it's very important !! You can also use WifiChannelMonitor to watch wifi information offline by importing a capture pcap file created under Linux with airodump-ng or wireshark. In this case, there is no need for capture driver and you can also use it under Windows XP. WifiChannelMonitor vs Other Tools Capturing data using monitor mode allows WifiChannelMonitor to show information that other wifi tools cannot get: Detect and show all wifi clients (Tablets, Smartphones, computers with wifi adapter, and so on... ), Including wifi clients that are not connected to any access point, but only tries to connect... For wifi clients that try to connect to one or more APs - WifiChannelMonitor displays the list of network names (SSIDs) that the wifi client tries to connect. WifiChannelMonitor can also detect clients with a wired connection to the router. WifiChannelMonitor shows the number of sent/received data bytes for every access point and for every wifi client connected to the access point. WifiChannelMonitor can show the name of hidden network. (The name is detected only when somebody connects this wireless network) Start Using WifiChannelMonitor Before you start capturing wifi data with WifiChannelMonitor, you have to install the Microsoft Network Monitor 3.x from this Web page or from this Web page. Except of the Microsoft Network Monitor driver, there is no need for any installation process or additional dll files. In order to start using WifiChannelMonitor, simply run the executable file - WifiChannelMonitor.exe After running WifiChannelMonitor, press F6 to start capturing in wifi monitor mode. On the 'Capture Options' window, you have to choose the correct wireless network adapter and the channel number you want to monitor. It's recommended to start monitoring with one of the 3 major wifi channels - 1, 6, or 11. After choosing the channel and adapter, click the Ok button to start monitoring. After a few seconds, you should see the access points information in the upper pane. If you don't see any information , stop the capture (F7) , go to the 'Capture Options' window (F9) and try to change from 802.11n to 802.11g. After that press F6 to start the capture again. Wifi Clients Modes (Lower Pane) There are 3 different modes that you can view the wifi clients in the lower pane: Show Clients Of Selected AP: In this mode, WifiChannelMonitor only displays the wifi clients that are connected to the access point you select in the upper pane. Show All Clients: In this mode, WifiChannelMonitor displays all detected clients. Show All Clients Without AP: In this mode, WifiChannelMonitor displays all clients that are not connected to any access point. Show All Clients With AP: In this mode, WifiChannelMonitor displays all clients that are connected to access point. Show Only Clients+APs In My List: In this mode, WifiChannelMonitor displays only the clients and APs that appear in the MAC Addresses List (Ctrl+F8) AP Columns Description SSID: The name of the wireless network MAC Address: MAC address of the access point. Company: Company that manufactured this access point, determined according to the MAC address. PHY Type: 802.11g, 802.11n, and so on... Frequency: Channel frequency in MHz. Channel: Channel number. RSSI: Specifies the signal strength, in dBm. Some drivers don't provide the correct RSSI values in monitor mode. Security: None, WPA-PSK, WPA2-PSK, WPA-PSK + WPA2-PSK, WPA-EAP, WPA2-EAP, WPA-EAP + WPA2-EAP, or WEP. Cipher: None, WEP, TKIP, CCMP, TKIP+CCMP. Beacons: The total number of beacons sent by the access point. Beacon is a packet sent frequently by the access point and contains essential information that the wifi client need to identify and connect it. Probe Responses: The total number of times that the access point responded to a probe request sent by a wifi client. Data Bytes: Total number of data bytes sent and received by this access point. Retransmitted Data: Total number of retransmitted data bytes sent and received by this access point. Device Name: The name of the device. This value is displayed only for devices that support WPS. Device Model: The device model. This value is displayed only for devices that support WPS. WPS: Specifies the WPS status: No (No WPS Support), Configured, Not Configured, or Locked. Start Time: Displays the last time that access point was possibly started/restarted/rebooted. Be aware that some access points reset their timestamp periodically without restart/reboot action, and thus for these APs, the time value displayed on this column doesn't represent the correct start time. First Data Detected On: The first time that sent/received data was detected for this AP. Last Data Detected On: The last time that sent/received data was detected for this AP. Wifi Client Columns Description MAC Address: MAC address of the wifi client. Company: Company that manufactured this wifi client, determined according to the MAC address. For example, if the wifi client is iPhone or iPad, you'll see 'Apple' in this column. RSSI: Specifies the signal strength, in dBm. Some drivers don't provide the correct RSSI values in monitor mode. SSID List: When wifi client tries to connect one or more access points, this field will display the list of network names (SSIDs) that this client tries to connect. Sent Data Bytes: Total number of data bytes sent by the client. Received Data Bytes: Total number of data bytes received by the client. Retransmitted Sent: Total number of retransmitted data bytes sent by the client. Retransmitted Received: Total number of retransmitted data bytes received by the client. Client Type: Wifi Client, Router, or Unknown. Wifi Client means that this client uses wireless connection. Router means that this client is the router (Yes... the router is also displayed as a client in the network). Unknown means that this client uses wired connection or wireless connection. Device Name: The name of the device. This value is displayed only for devices that support WPS. Device Model: The device model. This value is displayed only for devices that support WPS. WPS: Specifies the WPS status: No (No WPS Support), Configured, Not Configured, or Locked. PHY Type: 802.11g, 802.11n, and so on... Security: None, WPA-PSK, WPA2-PSK, WPA-EAP, WPA2-EAP, or WEP. This field is filled only when the client tries to connect the access point. Cipher: None, WEP, TKIP, CCMP, TKIP+CCMP. This field is filled only when the client tries to connect the access point. Probe Requests: Total number of probe requests sent by this client. First Detected On: The first date/time that this client was detected. Last Detected On: The last date/time that this client was detected. Association Status Code: Specifies the last Association Status Code that might be useful to disgnose wifi connection problems. You can find the meaning of these codes in this Web page. Deauthentication Code: Specifies the last Deauthentication Code that might be useful to disgnose wifi connection problems. You can find the meaning of these codes in this Web page. Association Requests: Specifies the number of association requests sent by the client. Device Description If the MAC address of the device is identical a MAC address in your MAC Addresses List (Ctrl+F8), then the description of the device in this list is displayed in this column. Meaning of Icons Green Icon - The AP or wifi client sent or received data in the last 10 seconds. (You can change the number of seconds in the 'Advanced Options' window) Orange Icon - The AP or wifi client sent or received data in the last 60 seconds. (You can change the number of seconds in the 'Advanced Options' window) Red Icon - No sent/received data in the last 60 seconds. Command-Line Options >/cfg Start WifiChannelMonitor with the specified configuration file. For example: WifiChannelMonitor.exe /cfg "c:\config\wf.cfg" WifiChannelMonitor.exe /cfg "%AppData%\WifiChannelMonitor.cfg" DOWNLOAD LINK :- [Hidden Content]
  3. Re: Hob0Rules - Password Cracking rules for Hashcat based on Statistics and Industry Patterns ok brother :)
  4. Password cracking rules for Hashcat based on statistics and industry patterns. The following blog posts on passwords explain the statistical signifigance of these rulesets: Statistics Will Crack Your Password Praetorian Password Cracking Rules Released Useful wordlists to utilize with these rules have been included in the wordlists directory Uncompress these with the unfollowing command >gunzip rockyou.txt.gz hob064 This ruleset contains 64 of the most frequent password patterns used to crack passwords. Need a hash cracked quickly to move on to more testing? Use this list. >hashcat -a 0 -m 1000 wordlists/rockyou.txt -r hob064.rule -o cracked.txt d3adhob0 This ruleset is much more extensive and utilizes many common password structure ideas seen across every industry. Looking to spend several hours to crack many more hashes? Use this list. >hashcat -a 0 -m 1000 wordlists/english.txt -r d3adhob0.rule -o cracked.txt [HIDE-THANKS] DOWNLOAD LINK :- [Hidden Content] [/HIDE-THANKS]
  5. Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance. Transfer.sh support currently the s3 (Amazon S3) provider and local file system (local). Usage Upload: >$ curl --upload-file ./hello.txt [Hidden Content] Encrypt & upload: $ cat /tmp/hello.txt|gpg -ac -o-|curl -X PUT --upload-file "-" [Hidden Content] Download & decrypt: $ curl [Hidden Content] -o- > /tmp/hello.txt Upload to virustotal: $ curl -X PUT --upload-file nhgbhhj [Hidden Content]/virustotal Add alias to .bashrc or .zshrc: === transfer() { # write to output to tmpfile because of progress bar tmpfile=$( mktemp -t transferXXX ) curl --progress-bar --upload-file $1 [Hidden Content]$(basename $1) >> $tmpfile; cat $tmpfile; rm -f $tmpfile; } alias transfer=transfer === $ transfer test.txt Development >npm install bower install go get github.com/PuerkitoBio/ghost/handlers go get github.com/gorilla/mux go get github.com/dutchcoders/go-clamd go get github.com/goamz/goamz/s3 go get github.com/goamz/goamz/aws go get github.com/golang/gddo/httputil/header go get github.com/kennygrant/sanitize go get github.com/dutchcoders/go-virustotal go get github.com/russross/blackfriday grunt serve grunt build go run transfersh-server/*.go -provider=local --port 8080 --temp=/tmp/ --basedir=/tmp/ Build go build -o transfersh-server *.go Docker For easy deployment we've enabled Docker deployment. docker build -t transfersh . docker run --publish 8080:8080 --rm transfersh --provider local --basedir /tmp/ Creators Remco Verhoef [Hidden Content] [Hidden Content] DOWNLOAD LINK :- [Hidden Content]
  6. z3r0

    Hello World

    Re: Hello World man its a joke, i read all rules :)
  7. HostedNetworkStarter is a simple tool for Windows 7 and later that allows you to easily create a wifi hotspot with your wireless network adapter, using the Wifi hosted network feature of Windows operating system. With the wifi hotspot created by this tool, you can allow any device with wifi support to access the network and the Internet connection available in your computer. System Requirements Any version of Windows, starting from Windows 7 and up to Windows 10, 32-bit or 64-bit systems. (In older versions of Windows, there is no support for Wifi hosted network) Wireless network adapter that supports Wifi hosted network. Start Using HostedNetworkStarter HostedNetworkStarter doesn't require any installation process or additional DLL files. In order to start using it, simply run the executable file - HostedNetworkStarter.exe After running HostedNetworkStarter, the 'Hosted Network Options' window is opened, allowing you to choose the desired configuration of your Wifi hotspot. After filling the network name ,the network key, and choosing the desired Internet connection to share, you should press the Start button to start the Wifi Hotspot. After starting the wifi hotspot, the main window of HostedNetworkStarter displays information about the started hotspot. The upper pane displays general statistics about the active hotspot (Hosted Network State, Channel Number, number of Connected clients, Sent Bytes, Received Bytes, and so on) , and the lower pane displays the list of clients that are currently connected to your hotspot If there was any error during the hotspot activation, the error code or message will be displayed in one or more of the following lines in the upper pane: 'Hosted Network Error', 'Hosted Network Reason Code', and 'Internet Connection Sharing Error'. The 'Hosted Network Options' window Here's the description of all options available in the 'Hosted Network Options' window: Network Name (SSID):The name of your Wifi hotspot. Network Key:The network key of your Wifi hotspot. Persistent Key:If this option is checked, Windows operating system will store your network key, and it'll use it in the future if the 'Network Key' field is empty. Storing the network key inside the .cfg file: Tells HostedNetworkStarter how to store the network key inside HostedNetworkStarter.cfg (located in the same folder of the .exe file): Don't store the network key inside the .cfg file (The default) Store the network key inside the .cfg file without encryption Store the network key inside the .cfg file with Windows encryption If you choose to store the network key with Windows encryption, HostedNetworkStarter will be able to get load the key only when running it on the same computer with the same user. Share the Internet and the network from the following connection: If this option is checked, the devices that connect to your hotspot will be able to use the Internet from the selected network connection as well as to access other computers and devices on your network. HostedNetworkStarter automatically activates the Internet connection sharing when you start the wifi hotspot and deactivates it when you stop wifi hotspot. If this option is turned off, you can still manually activate the Internet connection sharing from the settings window of your network adapter. If this option is turned off and you don't activate the Internet connection sharing manually, then the devices connect to your hotspot will only be able to access the computer that runs HostedNetworkStarter and any other device that is connected to the wifi hotspot. Maximum number of connected devices: The maximum number of wifi devices that will be able to connect your wifi hotspot concurrently. DOWNLOAD LINK :- [Hidden Content]
  8. Marfil is an extension of the Aircrack-ng suite, used to assess WiFi network security. It allows to split the work of performing long running dictionary attacks among many computers. Motivation The Aircrack-ng suite provides the aircrack-ng tool, which is a 802.11 WEP and WPA/WPA2-PSK key cracking program. When cracking the latter, a dictionary or word list has to be used. The longer these dictionaries are, the longer the process takes. Depending on your hardware it could even take days or weeks. If you happen to have some additional hardware at your disposal aircrack-ng does not allow you to distribute the load between them: you have to choose the fastest one and stick to it. This is exactly where Marfil comes to play. Solution Marfil is a php-based tool that distributes the cracking load between different nodes. The approach followed is considerably simple: instead of using only one node to crack a .cap file using a big dictionary it splits the dictionary and distributes it among the rest of the nodes. The high-level process goes like this: Dictionaries to use are configured in the server node A client node sends a crack request to the server includes a .cap file and the BSSID of the target network) Clients ask the server for work Once work is needed the server answers with a .cap file and BSSID along with a dictionary piece Clients perform the cracking on their own and when finished return the result The server updates the status of the crack request according to the result Eventually, either the .cap file is processed against all parts of a dictionary without success or the password is found The process repeats. Note the first step is only needed for the first time or whenever the dictionaries are updated. The server node can also work as a client node. Requirements aircrack-ng suite PHP >= 5.5.9 SQLite module for PHP5 (only needed for the server node) Composer (only needed if you do not download the release from the releases section) Marfil has only been tested on Linux so far. However, the approach followed and the tools used are considerably platform-independent so it should also work on Windows or Mac. Setup Initial setup and dictionary configuration Download the most up-to-date file in the release section Decompress it in all your nodes (server and clients) Install PHP5 and the aircrack-ng suite in all clients On Debian Linux you can do this by running this command: >sudo apt-get install php5 aircrack-ng Install SQLite module for PHP5 on the server On Debian Linux you can do this by running this command: >sudo apt-get install php5-sqlite On the server node, start a web server setting the root as the public directory in the Marfil directory Using PHP's built-in web server, this can be done by running the following command in the Marfil directory: >php -S 0.0.0.0:8080 -t public You can test this worked by accessing [Hidden Content] in a browser on your server node and see an empty list of crack requests Make sure you can access the web server from your clients by accessing [Hidden Content] in a web browser from your clients Place dictionaries in the storage/app/dictionaries directory. Search the web for word lists, if you don't have any Execute this command in the Marfil directory to split the dictionaries into pieces and prepare the dictionary database (depending on the size of the dictionaries, it might take a while): >php artisan marfil:refresh-dictionaries Adding crack requests and working on them In order to add crack requests, a .cap file with the WPA handshake and the BSSID of the target network is needed. This can either be done through the web server interface or by executing the following command in the Marfil directory of any node: >php artisan marfil:crack YOUR_SERVER_IP_ADDRESS:8080 path/to/file.cap 01:23:45:67:89:AB Any successfully generated crack request can be displayed in the web server interface Any of the nodes can be used as a worker client. In order to do so just run the following command in the Marfil directory: >php artisan marfil:work YOUR_SERVER_IP_ADDRESS:8080 This command will make the client ask for work every 60 seconds. When the server responds with work, the client will download the needed files and try to crack the .cap file. Progress can be tracked by means of the web interface Support If any issue is found, please, report it providing all the needed information to reproduce it. Failing to do so will result in the ticket being closed. Some additional notes: It is possible to watch server logs by monitoring storage/logs/lumen.log file The database can be regenerated by running this command: >php artisan migrate:refresh DOWNLOAD LINK :- [Hidden Content]
  9. WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 > git clone [Hidden Content] cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer to the wiki for Installation Features Rogue Wi-Fi Access Point Deauth Attack Clients AP Probe Request Monitor DHCP Starvation Attack Credentials Monitor Transparent Proxy Windows Update Attack Phishing Manager Partial Bypass HSTS protocol Support beef hook Mac Changer ARP Poison DNS Spoof Plugins Plugin Description net-creds Sniff passwords and hashes from an interface or pcap file dns2proxy This tools offer a different features for post-explotation once you change the DNS server to a Victim. sslstrip2 Sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks based version fork [MENTION=4022]LeoNardo[/MENTION]Nve/@xtr4nge. sergio-proxy Sergio Proxy (a Super Effective Recorder of Gathered Inputs and Outputs) is an HTTP proxy that was written in Python for the Twisted framework. Transparent Proxy Transparent proxies that you can use to intercept and manipulate HTTP/HTTPS traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "Proxy" automatically will be listed on PumpProxy tab. Plugins Example The following is a sample module that injects some contents into the tag to set blur filter into body html page: > from Plugin import PluginProxy class blurpage(PluginProxy): ''' this module proxy set blur into body page html response''' _name = 'blur_page' _activated = False _instance = None _requiresArgs = False @staticmethod def getInstance(): if blurpage._instance is None: blurpage._instance = blurpage() return blurpage._instance def __init__(self): self.LoggerInjector() self.injection_code = [] def setInjectionCode(self, code): self.injection_code.append(code) def inject(self, data, url): injection_code = ''' ''' self.logging.info("Injected: %s" % (url)) return data.replace('',injection_code ) FAQ I can't install it have a look at the Installation I have this message warning Error Network Card You system not have support run Wifi-Pumpkin with Wireless connection hi , is it work on X Wireless Adapters ? I don't know, check this page I can't install package X Try installing the package via pip, Google is your friend! It Windows supported? No, It will never be DOWNLOAD LINK :- [Hidden Content]
  10. z3r0

    Hello World

    Re: Hello World i hate rules :p hahaha :)
  11. z3r0

    Hello World

    Hola Senor's :) Como Estas ? Que Haces ?? Hello Forum, my name is z3r0 and i am new on your forum, my 1 friend invite me thats why i join this forum, i am n00b but i have little bit skills in cyber world for exmple SPAMMING, PENTEST, C++, CSS HTML PHP, SCANNING, LINUX BASED OS, MALWARE ANALYSING, AND LITTLE BIT NOW ABOUT REVERSE ENGINEERING JUST 20% LOL :) why i join this forum?? :- i join this forum to share my knowledge :) and i am not good in spanish i learn little bit because of my girlfriend she teach me and she teach me everyday new word :) Gracias Level 23 :)