... neuere Einträge
Sunday, 15. January 2012
Ghost Phisher - Linux
Am Sunday, 15. Jan 2012 im Topic 'Tools'
Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honey pot , could be used to service DHCP request , DNS requests or phishing attacks
Requirements:
python
python-qt4
dhcp3-server
xterm
subversion
Download
http://code.google.com/p/ghost-phisher/downloads/list
To get the source code for this project from SVN, here's the checkout link:
root@host:~# svn checkout http://ghost-phisher.googlecode.com/svn/Ghost-Phisher
To install simply run the following command in terminal after changing directory to the path were the downloaded package is:
root@host:~# dpkg -i ghost-phisher_1.3_all.deb
Requirements:
python
python-qt4
dhcp3-server
xterm
subversion
Download
http://code.google.com/p/ghost-phisher/downloads/list
To get the source code for this project from SVN, here's the checkout link:
root@host:~# svn checkout http://ghost-phisher.googlecode.com/svn/Ghost-Phisher
To install simply run the following command in terminal after changing directory to the path were the downloaded package is:
root@host:~# dpkg -i ghost-phisher_1.3_all.deb
Thursday, 12. January 2012
FreeDOS
Am Thursday, 12. Jan 2012 im Topic 'Tools'
FreeDOS 1.1 has been released after being in development for several years. FreeDOS is an opensource operating system aiming to provide the same (or better) functionality as Microsoft'sold MS-DOS. Right now the main use is running old games and software, but you might encounter it on somefreshly sold computers, motherboard setup CDs, BIOS flashing diskettes, embedded hardware and other uses.
Download
http://www.freedos.org/freedos/files/
Download
http://www.freedos.org/freedos/files/
Monday, 2. January 2012
Reaver Cracking WPA
Am Monday, 2. Jan 2012 im Topic 'Tools'
Reaver is a WPA attack tool developed by Tactical Network Solutions that exploits a protocol design flaw in WiFi Protected Setup (WPS). This vulnerability exposes a side-channel attack against Wi-Fi Protected Access (WPA) versions 1 and 2 allowing the extraction of the Pre-Shared Key (PSK) used to secure the network. With a well-chosen PSK, the WPA and WPA2 security protocols are assumed to be secure by a majority of the 802.11 security community.
Download
http://code.google.com/p/reaver-wps/downloads/list
Usage is simple just specify the target BSSID and the monitor mode interface to use:
# reaver -i mon0 -b 00:01:02:03:04:05
Info
http://securityxploit.blogger.de/stories/1970771/
Download
http://code.google.com/p/reaver-wps/downloads/list
Usage is simple just specify the target BSSID and the monitor mode interface to use:
# reaver -i mon0 -b 00:01:02:03:04:05
Info
http://securityxploit.blogger.de/stories/1970771/
Bluelog- Linux
Am Monday, 2. Jan 2012 im Topic 'Tools'
Bluelog is a simple Bluetooth scanner designed to tell you how many discoverable devices there are in an area as quickly as possible. It is written in C. That so eliminating compatibility issues in most platforms.
Download
ftp://ftp.digifail.com/downloads/software/bluelog/bluelog-1.0.0.tar.gz
Download
ftp://ftp.digifail.com/downloads/software/bluelog/bluelog-1.0.0.tar.gz
Password Security Scanner
Am Monday, 2. Jan 2012 im Topic 'Tools'
This utility scans the passwords stored by popular Windows applications (Microsoft Outlook, Internet Explorer, Mozilla Firefox, and more...)
Supported Applications
Internet Explorer 4.0 - 6.0
Internet Explorer 7.0 - 9.0
Mozilla Firefox (All Versions)
Dialup/VPN passwords of Windows
MSN/Windows Messenger
Microsoft Outlook
Windows Live Mail
Download
http://www.nirsoft.net/utils/password_security_scanner.html
Supported Applications
Internet Explorer 4.0 - 6.0
Internet Explorer 7.0 - 9.0
Mozilla Firefox (All Versions)
Dialup/VPN passwords of Windows
MSN/Windows Messenger
Microsoft Outlook
Windows Live Mail
Download
http://www.nirsoft.net/utils/password_security_scanner.html
Monday, 12. December 2011
Automatic shellcode generator FOR METASPLOIT
Am Monday, 12. Dec 2011 im Topic 'Tools'
Source by Astr0baby
http://pastebin.com/PDJdHbRz
Edit by Vanish3r
http://pastebin.com/7xmvGnks
In order to be able to compile the generated payload we must install the following packages ; Mingw32 gcc which you can install by :
root@bt:~# apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
After the installation we must move our shell-script - Vanish.sh - to default Metasploit folder (/pentest/exploits/framework) and execute it. Recommended Seed Number = 7000 and Number of Encode = 14 .
http://pastebin.com/PDJdHbRz
Edit by Vanish3r
http://pastebin.com/7xmvGnks
In order to be able to compile the generated payload we must install the following packages ; Mingw32 gcc which you can install by :
root@bt:~# apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
After the installation we must move our shell-script - Vanish.sh - to default Metasploit folder (/pentest/exploits/framework) and execute it. Recommended Seed Number = 7000 and Number of Encode = 14 .
Monday, 5. December 2011
BozoCrack – MD5 Cracker - Linux
Am Monday, 5. Dec 2011 im Topic 'Tools'
BozoCrack is a depressingly effective MD5 password hash cracker with almost zero CPU/GPU load. Instead of rainbow tables, dictionaries, or brute force, BozoCrack simply finds the plaintext password. Specifically, it googles the MD5 hash and hopes the plaintext appears somewhere on the first page of results.
Download
https://github.com/juuso/BozoCrack/blob/master/bozocrack.rb
Download
https://github.com/juuso/BozoCrack/blob/master/bozocrack.rb
Saturday, 3. December 2011
WeBaCoo - Backdoor Cookie - Linux
Am Saturday, 3. Dec 2011 im Topic 'Tools'
Initially the backdoor PHP code is generated using payloads containing main PHP system functions that operate under a basic Cookie handling mechanism. This code is then injected, after which the client can send shell commands hidden in Cookie headers obfuscated with base64 encoding. On the server side the shell command is executed and the output is transmitted back to client hidden (base64 encoded too) in Cookie headers.
ReadMe
https://github.com/anestisb/WeBaCoo/#readme
Download
http://github.com/anestisb/WeBaCoo/zipball/master
ReadMe
https://github.com/anestisb/WeBaCoo/#readme
Download
http://github.com/anestisb/WeBaCoo/zipball/master
Friday, 25. November 2011
Intercepter NG Sniffing - Windows
Am Friday, 25. Nov 2011 im Topic 'Tools'
Features:
+ Sniffing passwords\hashes of the types:
ICQ\IRC\AIM\FTP\IMAP\POP3\SMTP\LDAP\BNC\SOCKS\HTTP\WWW\NNTP\CVS\TELNET\MRA\DC++\VNC\MYSQL\ORACLE
+ Sniffing chat messages of ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
+ Promiscuous-mode\ARP\DHCP\Gateway\Smart Scanning
+ Raw mode (with pcap filter)
+ eXtreme mode
+ Capturing packets and post-capture (offline) analyzing
+ Remote traffic capturing via RPCAP daemon
+ NAT
+ ARP MiTM
+ DNS over ICMP MiTM
+ DHCP MiTM
+ SSL MiTM + SSL Strip
Download
http://intercepter.nerf.ru/Intercepter-NG.v09.zip
FAQ
Q: My adapter's IP is 0.0.0.0
A: Turn off ipv6 in TCP\IP settings
Q: I dont see my adapter in list
A: WinPcap does not support your card
Q: Intercepter doesn't run, just nothing
A: Try to 'Run As Admin' or remove wpcap\packet dlls
and install original WinPcap
http://www.winpcap.org/install/default.htm
Q: Im running WiFi card and nothing work, even arp poison
A: Disable 'Spoofing' option. WiFi doesn't allow to spoof mac
and disable 'EnableICMPRedirect' in registry.
Also make sure that Stelth IP is able to connect to inet.
+ Sniffing passwords\hashes of the types:
ICQ\IRC\AIM\FTP\IMAP\POP3\SMTP\LDAP\BNC\SOCKS\HTTP\WWW\NNTP\CVS\TELNET\MRA\DC++\VNC\MYSQL\ORACLE
+ Sniffing chat messages of ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
+ Promiscuous-mode\ARP\DHCP\Gateway\Smart Scanning
+ Raw mode (with pcap filter)
+ eXtreme mode
+ Capturing packets and post-capture (offline) analyzing
+ Remote traffic capturing via RPCAP daemon
+ NAT
+ ARP MiTM
+ DNS over ICMP MiTM
+ DHCP MiTM
+ SSL MiTM + SSL Strip
Download
http://intercepter.nerf.ru/Intercepter-NG.v09.zip
FAQ
Q: My adapter's IP is 0.0.0.0
A: Turn off ipv6 in TCP\IP settings
Q: I dont see my adapter in list
A: WinPcap does not support your card
Q: Intercepter doesn't run, just nothing
A: Try to 'Run As Admin' or remove wpcap\packet dlls
and install original WinPcap
http://www.winpcap.org/install/default.htm
Q: Im running WiFi card and nothing work, even arp poison
A: Disable 'Spoofing' option. WiFi doesn't allow to spoof mac
and disable 'EnableICMPRedirect' in registry.
Also make sure that Stelth IP is able to connect to inet.
Tuesday, 22. November 2011
WAFP - Finger Printer Tool -Linux
Am Tuesday, 22. Nov 2011 im Topic 'Tools'
WAFP is a Web Application Finger Printer written in ruby using a SQLite3 DB. WAFP fetches the files given by the Finger Prints from a webserver andchecks if the checksums of those files are matching to the given checksums from theFinger Prints. This way it is able to detect the detailed version andeven the build number of a Web Application.
Download
http://mytty.org/wafp/wafp-0.01-26c3.tar.lzma
Download
http://mytty.org/wafp/wafp-0.01-26c3.tar.lzma
... ältere Einträge