16 Hacking Websites & forums - Underground hacker sites

• Hack Forums: Emphasis on white hat, with categories for hacking, coding and computer security.
• Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
• Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
• Offensive Security Training: Developers of Kali Linux and Exploit DB, and the creators of the Metasploit Unleashed and Penetration Testing with Kali Linux course.
• KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
• Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
• DEFCON: Information about the largest annual hacker convention in the US, including past speeches, video, archives, and updates on the next upcoming show as well as links and other details.
• Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
• Phrack Magazine: Digital hacking magazine.
• NFOHump: Offers up-to-date .NFO files and reviews on the latest pirate software releases.
• SecurityFocus: Provides security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
• SecTools.Org: List of 75 security tools based on a 2003 vote by hackers.
• The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
• Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
• HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.
• Black Hat: The Black Hat Briefings have become the biggest and the most important security conference series in the world by sticking to our core value: serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment.

One Reason Why InfoSec Sucked In The Past 20 Years - The "Security Tips" Myth

From time to time, I get disappointed how much effort and money is put into securing computers, networks, mobile phones, ... and yet in 2016 here we are, where not much has changed on the defensive side. There are many things I personally blame for this situation, and one of them is the security tips.

The goal of these security tips is that if the average user follows these easy to remember rules, their computer will be safe. Unfortunately, by the time people integrate these rules into their daily life, these rules either become outdated, or these rules were so oversimplified that it was never true in the first place. Some of these security tips might sound ridiculous to people in InfoSec nowadays, but this is exactly what people still remember because we told them so for years.

PDF is safe to open

This is an oldie. I think this started at the time of macro viruses. Still, people think opening a PDF from an untrusted source is safer than opening a Word file. For details why this is not true, check: https://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-497/Adobe-Acrobat-Reader.html

On an unrelated note, people still believe PDF is integrity protected because the content cannot be changed (compared to a Word document).

Image stolen from Kaspersky

Java is secure

One of the best ones. Oracle started marketing Java as a safe language, where buffer overflows, format strings and pointer-based vulnerabilities are gone. Unfortunately, they forgot to tell the world that instead of "unsafe programs developed by others" they installed their unsafe program on 3 billion devices. 

Stay away from rogue websites and you will be safe

This is a very common belief I hear from average people. "I only visit some trusted news sites and social media, I never visit those shady sites." I have some bad news. At the time of malvertising and infected websites, you don't have to visit those shady sites anymore to get infected.

Don't use open WiFi

I have a very long explanation of why this makes no sense, see here. Actually, the whole recommendation makes no sense as people will connect to public WiFis, no matter what we (InfoSec) recommend.

The password policy nightmare

Actually, this topic has been covered by myself in two blog posts, see here and here. Long story short: use a password manager and 2-factor authentication wherever possible. Let the password manager choose the password for you. And last but not least, corporate password policy sux.

Sites with a padlock are safe

We tell people for years that the communication with HTTPS sites are safe, and you can be sure it is HTTPS by finding a randomly changing padlock icon somewhere next to the URL. What people hear is that sites with padlocks are safe. Whatever that means. The same goes for WiFi - a network with a padlock is safe.

Use Linux, it is free from malware

For years people told to Windows users that only if they would use Linux they won't have so much malware. Thanks to Android, now everyone in the world can enjoy malware on his/her Linux machine.

OSX is free from malware

It is true that there is significantly less malware on OSX than on Windows, but this is an "economical" question rather than a "security" one. The more people use OSX, the better target it will become. Some people even believe they are safe from phishing because they are using a Mac!

Updated AV + firewall makes me 100% safe

There is no such thing as 100% safe, and unfortunately, nowadays most malware is written for PROFIT, which means it can bypass these basic protections for days (or weeks, months, years). The more proactive protection is built into the product, the better!

How to backup data

Although this is one of the most important security tips which is not followed by people, my problem here is not the backup data advise, but how we as a community failed to provide easy to use ways to do that. Now that crypto-ransomware is a real threat to every Windows (and some OSX) users, even those people who have backups on their NAS can find their backups lost. The only hope is that at least OSX has Time Machine which is not targeted yet, and the only backup solution which really works.

The worst part is that we even created NAS devices which can be infected via worms ...

Disconnect your computer from the Internet when not used

There is no need to comment on this. Whoever recommends things like that, clearly has a problem.

Use (free) VPN to protect your anonimity

First of all. There is no such thing as free service. If it is free, you are the service. On another hand, a non-free VPN can introduce new vulnerablities, and they won't protect your anonymity. It replaces one ISP with another (your VPN provider). Even TOR cannot guarantee anonymity by itself, and VPNs are much worse.

The corporate "security tips" myth

"Luckily" these toxic security tips have infected the enterprise environment as well, not just the home users.

Use robots.txt to hide secret information on public websites

It is 2016 and somehow web developers still believe in this nonsense. And this is why this is usually the first to check on a website for penetration testers or attackers.

My password policy is safer than ever

As previously discussed, passwords are bad. Very bad. And they will stick with us for decades ...

Use WAF, IDS, IPS, Nextgen APT detection hibber-gibber and you will be safe

Companies should invest more in people and less into magic blinking devices.

Instead of shipping computers with bloatware, ship computers with exploit protection software

Teach people how to use a password safe

Teach people how to use 2FA

Teach people how to use common-sense

Conclusion

Computer security is complex, hard and the risks change every year. Is this our fault? Probably. But these kinds of security tips won't help us save the world. 

Related word

• Hacking Network
• Pentest Security
• Hacker Language
• Hacker Wifi Password
• Pentest Questions
• Hacker Wifi Password
• Pentest
• Pentest Ftp
• Hackerrank Sql
• Pentest Training
• Hacker Kevin Mitnick
• Hacking Linux
• Pentest Blog
• Pentest Example Report
• Pentest Example Report
• Pentest Wordpress
• Pentest Lab Setup
• Pentest With Metasploit

Ransomware.OSX.KeRanger Samples

Research: New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer by Claud Xiao

Sample credit: Claud Xiao

File information

d1ac55a4e610380f0ab239fcc1c5f5a42722e8ee1554cba8074bbae4a5f6dbe1 
1d6297e2427f1d00a5b355d6d50809cb 
Transmission-2.90.dmg

e3ad733cea9eba29e86610050c1a15592e6c77820927b9edeb77310975393574 
56b1d956112b0b7bd3e44f20cf1f2c19 
Transmission

31b6adb633cff2a0f34cefd2a218097f3a9a8176c9363cc70fe41fe02af810b9
14a4df1df622562b3bf5bc9a94e6a783 
General.rtf

d7d765b1ddd235a57a2d13bd065f293a7469594c7e13ea7700e55501206a09b5 
24a8f01cfdc4228b4fc9bb87fedf6eb7 
Transmission2.90.dmg

ddc3dbee2a8ea9d8ed93f0843400653a89350612f2914868485476a847c6484a
3151d9a085d14508fa9f10d48afc7016 
Transmission

6061a554f5997a43c91f49f8aaf40c80a3f547fc6187bee57cd5573641fcf153 
861c3da2bbce6c09eda2709c8994f34c 
General.rtf

Download

Download. Email me if you need the password (New link)

More articles

1. Hacker Types
2. Pentest Enumeration
3. Pentest Open Source
4. Hacking Typer
5. Pentesterlab
6. Pentest
7. Hacking Wifi
8. Pentest Vs Ethical Hacking
9. Hacker Types
10. Pentest+ Vs Oscp
11. Pentest Keys

Learning Web Pentesting With DVWA Part 6: File Inclusion

In this article we are going to go through File Inclusion Vulnerability. Wikipedia defines File Inclusion Vulnerability as: "A file inclusion vulnerability is a type of web vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. A file include vulnerability is distinct from a generic directory traversal attack, in that directory traversal is a way of gaining unauthorized file system access, and a file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application."
There are two types of File Inclusion Vulnerabilities, LFI (Local File Inclusion) and RFI (Remote File Inclusion). Offensive Security's Metasploit Unleashed guide describes LFI and RFI as:
"LFI vulnerabilities allow an attacker to read (and sometimes execute) files on the victim machine. This can be very dangerous because if the web server is misconfigured and running with high privileges, the attacker may gain access to sensitive information. If the attacker is able to place code on the web server through other means, then they may be able to execute arbitrary commands.
RFI vulnerabilities are easier to exploit but less common. Instead of accessing a file on the local machine, the attacker is able to execute code hosted on their own machine."
In simpler terms LFI allows us to use the web application's execution engine (say php) to execute local files on the web server and RFI allows us to execute remote files, within the context of the target web server, which can be hosted anywhere remotely (given they can be accessed from the network on which web server is running).
To follow along, click on the File Inclusion navigation link of DVWA, you should see a page like this:

Lets start by doing an LFI attack on the web application.
Looking at the URL of the web application we can see a parameter named page which is used to load different php pages on the website.

http://localhost:9000/vulnerabilities/fi/?page=include.php

Since it is loading different pages we can guess that it is loading local pages from the server and executing them. Lets try to get the famous /etc/passwd file found on every linux, to do that we have to find a way to access it via our LFI. We will start with this:

../etc/passwd

entering the above payload in the page parameter of the URL:

http://localhost:9000/vulnerabilities/fi/?page=../etc/passwd

we get nothing back which means the page does not exist. Lets try to understand what we are trying to accomplish. We are asking for a file named passwd in a directory named etc which is one directory up from our current working directory. The etc directory lies at the root (/) of a linux file system. We tried to guess that we are in a directory (say www) which also lies at the root of the file system, that's why we tried to go up by one directory and then move to the etc directory which contains the passwd file. Our next guess will be that maybe we are two directories deeper, so we modify our payload to be like this:

../../etc/passwd

we get nothing back. We continue to modify our payload thinking we are one more directory deeper.

../../../etc/passwd

no luck again, lets try one more:

../../../../etc/passwd

nop nothing, we keep on going one directory deeper until we get seven directories deep and our payload becomes:

../../../../../../../etc/passwd

which returns the contents of passwd file as seen below:

This just means that we are currently working in a directory which is seven levels deep inside the root (/) directory. It also proves that our LFI is a success. We can also use php filters to get more and more information from the server. For example if we want to get the source code of the web server we can use php wrapper filter for that like this:

php://filter/convert.base64-encode/resource=index.php

We will get a base64 encoded string. Lets copy that base64 encoded string in a file and save it as index.php.b64 (name can be anything) and then decode it like this:

cat index.php.b64 | base64 -d > index.php

We will now be able to read the web application's source code. But you maybe thinking why didn't we simply try to get index.php file without using php filter. The reason is because if we try to get a php file with LFI, the php file will be executed by the php interpreter rather than displayed as a text file. As a workaround we first encode it as base64 which the interpreter won't interpret since it is not php and thus will display the text. Next we will try to get a shell. Before php version 5.2, allow_url_include setting was enabled by default however after version 5.2 it was disabled by default. Since the version of php on which our dvwa app is running on is 5.2+ we cannot use the older methods like input wrapper or RFI to get shell on dvwa unless we change the default settings (which I won't). We will use the file upload functionality to get shell. We will upload a reverse shell using the file upload functionality and then access that uploaded reverse shell via LFI.
Lets upload our reverse shell via File Upload functionality and then set up our netcat listener to listen for a connection coming from the server.

nc -lvnp 9999

Then using our LFI we will execute the uploaded reverse shell by accessing it using this url:

http://localhost:9000/vulnerabilities/fi/?page=../../hackable/uploads/revshell.php

Voila! We have a shell.

To learn more about File Upload Vulnerability and the reverse shell we have used here read Learning Web Pentesting With DVWA Part 5: Using File Upload to Get Shell. Attackers usually chain multiple vulnerabilities to get as much access as they can. This is a simple example of how multiple vulnerabilities (Unrestricted File Upload + LFI) can be used to scale up attacks. If you are interested in learning more about php wrappers then LFI CheetSheet is a good read and if you want to perform these attacks on the dvwa, then you'll have to enable allow_url_include setting by logging in to the dvwa server. That's it for today have fun.
Leave your questions and queries in the comments below.

References:

1. FILE INCLUSION VULNERABILITIES: https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/
2. php://: https://www.php.net/manual/en/wrappers.php.php
3. LFI Cheat Sheet: https://highon.coffee/blog/lfi-cheat-sheet/
4. File inclusion vulnerability: https://en.wikipedia.org/wiki/File_inclusion_vulnerability
5. PHP 5.2.0 Release Announcement: https://www.php.net/releases/5_2_0.php

More information

• Hacker Box
• Hackerrank Sql
• Pentest Bootcamp
• Hacking Bluetooth
• Hacker Kevin Mitnick
• Hacking Device
• Hackintosh
• Pentest Questions

SigPloit SS7 Tool

Related word

1. Hacker Wifi Password
2. Pentest Environment
3. Pentester Academy
4. Hacking Books
5. Pentest Azure
6. Hacking Link
7. Hacking Forums
8. Hacking Link
9. Pentest Network
10. Basic Pentest 1 Walkthrough
11. Hacking With Python

How To Bind Payload Any Software Using Shellter

Related posts

• Pentest Smtp
• Hacking Growth
• Pentesterlab
• Hacking Language
• Hacker Ethic
• Pentest Practice Sites
• Pentest Vs Ethical Hacking
• Pentest Vs Red Team
• Hacking Websites
• Pentest Windows 7

Voodoo-Kali - Kali Linux Desktop On Windows 10

How it works?
 * Kali Linux with XFCE Desktop Environment in Windows Subsystem for Linux (WSL)
 * VcXsrv X Server for Windows is doing the hard GUI lifting
 * XFCE is started natively in WSL and displayed by VcXsrv

Install Voodoo-Kali:
 1, Enable WSL and install Kali Linux from the Microsoft Store. Read Install Kali Linux desktop on Windows 10 from Microsoft Store

 2, To start Kali Linux in Windows 10, open Command Prompt and enter the command: kali

 3, Enter this commands:
      apt install wget -y 
      wget https://raw.githubusercontent.com/Re4son/WSL-Kali-X/master/install-WSL-Kali-X
      bash ./install-WSL-Kali-X

 4, Download and install VcXsrv Windows X Server from SourceForge

 5, Start VcXsrv, accept change in firewall rules, exit VcXsrv

Run Voodoo-Kali:
   Start kali in Windows as normal user (that's default), and launch Voodoo-Kali:
    * as normal user: ./start-xfce
    * as root: sudo /root/xtart-xfce

Run Kali Desktop in an RDP session:
   In Kali Linux WSL, type: sudo /etc/init.d/xrdp start
   In Windows 10, open Run and enter mstsc.exe and connect to "127.0.0.1:3390"

Status: Voodoo-Kali is in its infancy and it is far from being elegant. I'm working on it though and step by step I'll push out improvements. Below a snippet of the To-Do list:
 * Clean up and comment the scripts
 * Make for a cleaner exit
 * Better error handling and dependency checking (get rid of sleep, etc.)
 * Improve stability of Java programs
 * Improve the looks??
 * …

   Any help is truly appreciated, in any shape or form – from tips to pull requests.
   Why don't you join the forums to discuss?

Further Information:
 * Offsec – Kali Linux in the Windows App Store
 * MSDN – Windows Subsystem for Linux Overview

                                       Download Voodoo-Kali

Related articles

1. Pentest Wordpress
2. Hacking Attack
3. Hacking To The Gate
4. Pentest Gear
5. Pentest Reporting Tool
6. Pentest Usb
7. Pentest Android App
8. Hacking Typer

BASIC OF CAND C++ PRograming Langauage

BASIC OF C AND C++ PROGRAMMING LANGUAGE

BASIC OF C AND C++ PROGRAMMING LANGUAGE

Introduction.

Every thing have some basic terminology and when you learn these basic things then you will be able to handle your work more easily.in the same case you Cannot learn C AND C++programing language in easy way if you does not know about the basic  component of C AND C++ programming language it must be known those who really want to learn C programming language and want to be a programmer.

Basic of C AND C++ programming Language.

If you want to write  a programme in C programming language then you must know  about its basic rule  that how to write a programme using C language. without these basics you Cannot write a programme using C language.                                                                                                                                                                         C programming language have some basics component which is must be known every beginner who start to learn C programming language. some of the basic of C programming language is given below.

C language is develop by Dennis Ritchie  in 1970. C is the hybrid of two previous programming language from B and BCPL. B ( basic ) and BCPL mean (basic Combine programming language) BCPL was develop by Martin Richard in 1967.

Character Set.

                                C and C++ contain three type of character set which are most important and basic element which are given below.

v  Numeric Character.

v  Alphabetic Character.

v  Escape Character.

What Is Numeric Character.

Numeric Character are used for Calculation purpose and these are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9.

What Is Alphabetic Character.

Alphabetic Character are used for naming a variable or writing programming or for user define words etc…

What is Escape Character.

Every language have some special Character which are used for special purpose C programming language have also some special Character which is Called Escape Character.

And these Escape Character are used for specific purpose.

'\' (backslash) is a special Character and is called escape Character.

If you use this '\' Character with n just like this ( \n ) then it tell the compiler that jump to the next line. It is used to leave the first line and start a new line.

Example

               cout("asad  \n mirza")

so when the programme is executed then it will print like

asad

mirza

How to Name a Variable.

 There is some rule which are important to give a name to  a variable.  

    In C and C++ language you can use A to Z alphabet to name a variable.

A = 5    

Here A is a variable and 5 is value which is assign to it. You can also choose a name for assigning data with your own choice

 forexample:

Weight=56  

Age=29

Length=45

Pirce=50

Average=3.4

And so on

But keep in mind that

Ø  variable name must be unique in the programme.

Ø  Name of a variable is also called user define words.

Ø  First letter of a variable must be written in capital words as above.

here

average=4.5                  wrong

which is wrong variable and cause error because first alphabet of a variable must be start with  capital words and here first alphabet is in lower case.

Ø  Forexample

Average =5                 right  

Here Average is start with capital words so this is right.

Ø  No space is allowed to name a variable only '_' is used in the place of space.

Age_of_ali=35                   right

Becase under score'_' is used.

Age of ali=5                   wrong

Because space ' ' is used.

Separate variable name with comma ', ' .

Ali,Rno,Phone_no;                   right

Comma is used between two variable.

Ali rno phone no                        wrong

Space is used between two variable.

Ø  After name a variable in the last put simi colon ';' which is mean that the variable is ended.

                  Example :

                                                void main()

                                                {

                                                int  age,name,cotact_no;

                                                }

How To Assign A Value To Variable

C and C++ provide you three data type for assigning a value to variables.

This three data type is.

·        int

·        float

·        char

In C language equal sign '=' is used to assign a value to avariable it is also called assignment operator.

int data type is used for integer value. And thses are (0,1,2,3,4,5,5,6,7,8,9).

float is used for decimal point value.   (0.1,3.4,5.9  ……..).

char is used to give a name to a variable or to give some text to variable.

(asad, copy, ali, reg_no, name……).

Keep in mind that the data type is case sensitive and must be given in lower case letter(a,b,c,…z).

Example:

            int A=5;

            float B=3.5;

            char C=college_name;

A simple programme

Void main()

{

char name;

int age;

float height;

name=ali;

age=18;

height=5.9;

}

Be With Us

£V£RYTHING NT

More articles

1. Pentest Cyber Security
2. Pentest Software
3. Pentest Wiki
4. Pentest Active Directory
5. Pentestbox
6. Pentest Vs Ceh
7. Pentestmonkey
8. Pentest Practice
9. Pentest Tools Free
10. Pentest Tools
11. Pentest Box
12. Hacking Tools
13. Hacking For Dummies
14. Hacker Tools