Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'via'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Categories

  • Files
  • Online Book
  • Services

Categories

  • Hacking

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

  1. Proxies: Yes HQ Bots: 100 Email:Pass Capture: Name / Unread Mails / DOB / PSN Details: Paid Purchases / 2fa / Has Payment Method / History / Wallet Amount [hide][Hidden Content]]
  2. Masky is a python library providing an alternative way to remotely dump domain users’ credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes, and TGT on a larger scope. This tool does not exploit any new vulnerability and does not work by dumping the LSASS process memory. Indeed, it only takes advantage of legitimate Windows and Active Directory features (token impersonation, certificate authentication via Kerberos & NT hashes retrieval via PKINIT). A blog post was published to detail the implemented technics and how Masky works. [hide][Hidden Content]]
  3. The more predictable you are, the less you get detected A technique of hiding malicious shellcode based on low-entropy via Shannon encoding. Entropy is the measure of the randomness in a set of data (here: shellcode). The higher the entropy, the more random the data is. Shannon Entropy is an algorithm that will produce a result between 0 and 8, where 8 means there is no pattern in the data, thereby it's very random and 0 means data follows a pattern. [hide][Hidden Content]]
  4. 6 downloads

    15 Earn Via Facebook Ads paid Courses Collection Size: 50GB+ Download: Free for users PRIV8
    $110 PRIV8
  5. View File 15 Earn Via Facebook Ads paid Courses Collection 15 Earn Via Facebook Ads paid Courses Collection Size: 50GB+ Download: Free for users PRIV8 Submitter dEEpEst Submitted 01/06/22 Category Libro Online Password ********  
  6. EV is a tool that allows you to craft TCP packets and leverage some well-known TCP/IP packet manipulation techniques to evade IDS devices. It supports HTTP protocol but unfortunately not HTTPS protocol. The handshake process of TLS is quite complicated and I haven’t figured out how to craft TLS packets elegantly. This tool is written in Python and QT5, using Scapy to make packets. So though this software is tested on the Windows platform only, it theoretically works on other platforms like Linux or MacOS. Fill IP, Port, and Payload fields and click the “Send” button to send the TCP packet to the target. You can also set TCP options and source port. Remember that TCP options are tcp options supported by scapy. You can view response packets in the “Received packets” window and click the packet to view it in the “View Received Packet” window. This is implemented by scapy’s sniff() function, it finds packets that match the target IP or is ICMP protocol(so that you can find TTL exceeded packets). However, sniff() sometimes records packets duplicately. So I strongly recommend users use WireShark if you’ve installed one to see received packets. Request Split You can use TCP Segmentation and IP Fragmentation to break the TCP packet into pieces and send them to the target. This may defeat IDS devices that don’t support TCP/IP reassembly. Increasing wait time or sending packets out of order may also circumvent IDS devices who has a very limited capability in TCP/IP reassembly. Sending Distractor Packets Distractor packets are packets that might be ignored by the target and be recognized by IDS devices. Small TTL distractor packets are packets’ TTL are subtracted to 0 between the IDS device and the target. The target will not receive this packet because the packet has been dropped before reaching the target. But IDS might think that the packet arrives at the target. Therefore, sending small TTL distractor packets containing junk data or RST flags may distract the process of reassembling TCP packets, leading to an evasion. Bad Checksum packets are packets with the wrong TCP checksum. Packets with the wrong checksum are ignored by the target, but IDS devices may not calculate the checksum and reassemble all packets directly, which leads to an evasion. Corrupt ack distractor packets are packets’ ACK field is corrupted. The target ignores such packets because of the wrong ACK field, but IDS might reassemble all packets directly, which leads to an evasion. [hide][Hidden Content]]
  7. View File Learn how to Reverse Engineer Apps & Softwares via this detailed Course Learn how to Reverse Engineer Apps & Softwares via this detailed Course * Learn How To Crack Software Legally And More.. Download Link: Free for users PRIV8 Submitter dEEpEst Submitted 28/04/22 Category Libro Online Password ********  
  8. 10 downloads

    Learn how to Reverse Engineer Apps & Softwares via this detailed Course * Learn How To Crack Software Legally And More.. Download Link: Free for users PRIV8
    $110 PRIV8
  9. SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. Why on earth didn't I create a PR to SysWhispers2? The reason for SysWhispers3 to be a standalone version are many, but the most important are: SysWhispers3 is the de-facto "fork" used by Inceptor, and implements some utils class which are not relevant to the original version of the tool. SysWhispers2 is moving towards supporting NASM compilation (for gcc/mingw), while this version is specifically designed and tested to support MSVC (because Inceptor will stay a Windows-only framework for the near future). SysWhispers3 contains partially implemented features (such as egg-hunting) which would not be sensible to include in the original version of the tool. [hide][Hidden Content]]
  10. This tool only extracts information that is public, not use for private or illegal purposes. [hide][Hidden Content]]
  11. SysWhispers helps with AV/EDR evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are supported and example generated files available in the example-output/ folder. Difference Between SysWhispers 1 and 2 The usage is almost identical to SysWhispers1 but you don’t have to specify which versions of Windows to support. Most of the changes are under the hood. It no longer relies on @j00ru‘s syscall tables and instead uses the “sorting by system call address” technique popularized by @modexpblog. This significantly reduces the size of the syscall stubs. The specific implementation in SysWhispers2 is a variation of @modexpblog’s code. One difference is that the function name hashes are randomized on each generation. @ElephantSe4l, who had published this technique earlier, has another implementation based in C++17 which is also worth checking out. The original SysWhispers repository is still up but maybe deprecated in the future. Introduction Various security products place hooks in user-mode API functions which allow them to redirect execution flow to their engines and detect suspicious behavior. The functions in ntdll.dll that make the syscalls consist of just a few assembly instructions, so re-implementing them in your own implant can bypass the triggering of those security product hooks. This technique was popularized by @Cn33liz and his blog post has more technical details worth reading. SysWhispers provides red teamers the ability to generate header/ASM pairs for any system call in the core kernel image (ntoskrnl.exe). The headers will also include the necessary type of definitions. [hide][Hidden Content]]
  12. ADBSploit A python-based tool for exploiting and managing Android devices via ADB. Functionalities v0.2 Added: Fixed setup and installation Extract Contacts Extract SMS Send SMS Recovery Mode Fastboot Mode Device Info Kill Process v0.1 List Devices Connect Devices TCPIP Forward Ports Airplane Managment Wifi Managment Sound Control List/Info Apps WPA Supplicant Extraction Install/Uninstall Apps Shutdown/Reboot Logs Start/Stop/Clear Apps Show Inet/MAC Battery Status Netstat Check/Unlock/Lock Screen Turn On/Off Screen Swipe Screen Screencapture Send Keyevent Open Browser URL Process List Dump Meminfo/Hierarchy [hide][Hidden Content]]
  13. Using Encryption Via SSL ━━━━━━━━━━━━━ Most legitimate websites use what is called “secure sockets layer” (SSL), which is a form of encrypting data when it is being sent to and from a website. This keeps attackers from accessing that data while it is in transit. Look for the padlock icon in the URL bar, and the “s” in the “[Hidden Content] to make sure you are conducting secure, encrypted transactions online. It’s a good idea to access sites using SSL when: You store or send sensitive data online. If you use the internet to carry out tasks such as filing your taxes, making purchases, renewing your driver’s license, or conducting any other personal business, visiting sites using SSL is a good idea. Your work requires it. Your workplace may have encryption protocols, or it may be subject to regulations that require encryption. In these cases, encryption is a must.
  14. Functions Desktop Capture Webcam Capture Sound Capture Computer Power Shutdown Restart Logoff BSoD Startup Management Add to Autorun Uninstall Files Manager Current Directory List of Files Remove a File Remove all Files Upload File Download File Run File Run File as Administrator Process Manager Process list Process Kill Kill all Processes Disable Task Manager Send Message Speak Message Open URL Set wallpapers ForkBomb Get Passwords Get Cookies Get History Clipboard editing Block Input Remote Shell Navigation buttons Bugs fixed / Input blocking added / Process protection added 😉 [HIDE][Hidden Content]]
  15. Functions: ComputerInfo, BatteryInfo, Location, Whois, ActiveWindow, Webcam, Microphone, Desktop, Keylogger, ClipboardSet, ClipboardGet, ProcessList, ProcessKill, ProcessStart, GetPasswords, GetCreditCards, GetHistory, GetBookmarks, GetCookies, OpenCD, CloseCD, DownloadFile, UploadFile, RunFile, RunFileAdmin, ListFiles, RemoveFile, RemoveDir, MoveFile, MoveDir, CopyFile, CopyDir, Speak, Shell, MessageBox, OpenURL, SendKeyPress, ScanNetwork, SetWallPaper, BlockInput, Monitor(off/on), DisplayRotate, ForkBomb, BsoD, Shutdown, Reboot, Hibernate, Logoff, Help, About, Uninstall. [HIDE][Hidden Content]]
  16. This Metasploit module exploits a flaw in the WSReset.exe Windows Store Reset Tool. The tool is run with the "autoElevate" property set to true, however it can be moved to a new Windows directory containing a space (C:\Windows \System32\) where, upon execution, it will load our payload dll (propsys.dll). View the full article
  17. This Metasploit module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the binary as a privileged user. View the full article
  18. Checker on balance. Saving The Bad's You can write any host. Base login:pass [HIDE][Hidden Content]] Use Tor as a proxy for brute After the launch, a text writer with IP:PORT will appear. data - tor browser itself, if that you can update yourself! But first set up: Write how much proxy you need. 1 proxy holds exactly 20 streams! That's why you don't need to make 100 proxies if you're a brute in 100 threads. [HIDE][Hidden Content]]
  19. There's a task in Windows Task Scheduler called "SilentCleanup" which, while it's executed as Users, automatically runs with elevated privileges. When it runs, it executes the file %windir%\system32\cleanmgr.exe. Since it runs as Users, and we can control user's environment variables, %windir% (normally pointing to C:\Windows) can be changed to point to whatever we want, and it'll run as admin. View the full article
  20. Linux suffers from a page->_refcount overflow via FUSE with ~140GiB RAM usage. View the full article
  21. Buy Bitcoin via PayTM 1. Go To : [Hidden Content] 2. Select Offer 3. Register your account 4. Enter Details 5. Proceed To Payment 6. Done
  22. It was discovered that virtual address 0 is mappable via privileged write() to /proc/*/mem on Linux. View the full article
  23. This Metasploit module can run commands on the system using Jenkins users who has JOB creation and BUILD privileges. The vulnerability is exploited by a small script prepared in NodeJS. The sh parameter allows us to run commands. Sample script: node { sh "whoami" } In addition, ANONYMOUS users also have the authority to JOB create and BUILD by default. Therefore, all users without console authority can run commands on the system as root privilege. View the full article
  24. RAT-via-Telegram Windows Remote Administration Tool via Telegram (now in Python 3.7!) | Originally created by Ritiek Why another one? The current Remote Administration Tools in the market face 2 major problems: Lack of encryption. Require port forwarding in order to control from hundreds of miles. This RAT overcomes both these issues by using the Telegram bot API. Fully encrypted. The data being exchanged cannot be spied upon using MITM tools. Telegram messenger app provides a simple way to communicate to the target without configuring port forward before hand on the target. Features: Keylogger with window title log included Get target PC's Windows version, processor and more Get target PC's IP address information and approximate location on map Delete, Move files Show current directory Change current directory List current or specified directory Download any file from the target Upload local files to the target. Send your image, pdf, exe or anything as file to the Telegram bot Autostart playing a video in fullscreen and no controls for a youtube video on target Take Screenshots Execute any file Access to microphone Start HTTP Proxy Server Freeze target's keyboard Schedule tasks to run at specified datetime Encode/Decode all local files Ping targets Update .exe -- thanks LearnerZone Self-Destruct RAT Change wallpaper from file or url Execute cmd shell Take snapshots from the webcam (if attached) Execute arbitrary python 3.7 on the go Freeze target's mouse [TODO] Browser (IE, Firefox, Chrome) cookies retrieval [TODO] Password retrieval [TODO] Monitor web traffic (graphically?) [TODO] Bandwidth monitoring (stepping stone to web traffic monitoring) - started 28/10/2018 [TODO] Fine-tuning scripting (i.e.: if app x is opened y is executed) [TODO] Capture clipboard (Text, Image) [TODO] Hide desktop icons [TODO] Audio compression [TODO] Name server lookup (/nslookup - #19) Thanks Dviros: Chrome login/password retrieval Display ARP table Get active processes and services Shutdown/Reboot computer Display DNS Cache & More coming soon! Screenshots: Installation & Usage: Clone this repository. Set up a new Telegram bot talking to the BotFather. Copy this token and replace it in the beginning of the script. Install the dependencies: pip install -r requirements.txt. Install PyHook and PyAudio 64-bit or 32-bit depending on your system from lfd.uci.edu To run the script: python RATAttack.py. Find your bot on telegram and send some command to the bot to test it. To restrict the bot so that it responds only to you, note down your chat_id from the console and replace it in the script and comment out the line return True. Don't worry, you'll know when you read the comments in the script. - A folder named `RATAttack` will be created in your working directory containing `keylogs.txt` and any files you upload to the bot. Deploy quickly: Clone the repo Create a bot with BotFather and save the token Go into RATAttack.py and replace tokenwith the token you saved Run setup_rat.py Commands: When using the below commands; use / as a prefix. For example: /pc_info. arp - display arp table capture_pc - screenshot PC cmd_exec - execute shell command cp - copy files cd - change current directory delete - delete a file/folder download - download file from target decode_all - decode ALL encoded local files dns - display DNS Cache encode_all - encode ALL local files freeze_keyboard - enable keyboard freeze unfreeze_keyboard - disable keyboard freeze get_chrome - Get Google Chrome's login/passwords hear - record microphone ip_info - via ipinfo.io keylogs - get keylogs ls - list contents of current or specified directory msg_box - display message box with text mv - move files pc_info - PC information ping - makes sure target is up play - plays a youtube video proxy - opens a proxy server pwd - show current directory python_exec - interpret python reboot - reboot computer run - run a file schedule - schedule a command to run at specific time self_destruct - destroy all traces shutdown - shutdown computer tasklist - display services and processes running to - select targets by it's name update - update executable wallpaper - change wallpaper You can copy the above to update your command list via BotFather so you don't have to type them manually. Compiling: How To Compile: Either: Replace your path in compileAndRun.bat (running this will actually run the executable) Or: Run `pyinstaller --onefile --noconsole C:\path\to\RATAttack.py`. You can also pass `--icon=<path\to\icon.ico>` to use any custom icon. Once it is compiled successfully, find the .exe file in C:\Python37\Scripts\dist\. You can change the name of the .exe to anything you wish. BEWARE! If you run the compiled .exe, the script will move itself to startup and start with your PC to run at startup. You can return to normal by using the /self_destructoption or manually removing C:\Users\Username\AppData\Roaming\Portal directory and C:\Users\Username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\portal.lnk(although I recommend removing them manually for the time being). Modifying Settings: You can also modify the name of hidden .exe file and location & name of the folder where the hidden .exe will hide itself. To do this; modify compiled_name and hide_folder respectively. Assign your known chat ids to beginning of RATAttack.py Download: [HIDE]. [Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.