Friday, 10 August 2018

Getting in or getting OUT... what do you do when your network MAC has been blacklisted...Part1

Getting in or getting OUT... what do you do when your network MAC has been blacklisted...Part1


* A. this is for education ... and will only used for education!!! 

You see what most scanners or  (Windows) system admins do on networks . Is to BLACKLIST your MAC address or monitor it ... I am going to show you how to ... unfuck yourself.

You see this is hard when you have a Windows OS ... on Linux different story.Lets use a example. 

A bar close to my home decided that FREE wifi ... is not free when you start doing the things we do. Its easy to blacklist a MAC address. 


This means that you can not access wifi or that you are getting "logged". You will either have limited or no access...What is a MAC address?A media access control address (MAC address) of a device is a unique identifier assigned to a network interface controller (NIC) for communications at the data link layer of a network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi. In this context, MAC addresses are used in the medium access control protocol sublayer.
This means it your device "finger print" that associates your device to a network....All systems work like this LAN, Wifi and even GSM and LTE (that is for the later sometime) ;)


Install with apt-get As root or sudo run the following:apt-get install macchanger, had it installed so apt upgrade it ... thank you linux....You


1. apt-get (I use Kali and Ubuntu) Install a package called macchanger.
2. basic network commands iwconfig, ipconfig... and how to use it ...
3. When to change it ... you should always do this .... even when wardriving (WIFI Hacking)
4. Build your script. Linux bash scripting is easy to use.
5. Delete all evidence ... include in a purge log part / delete /var/log/messages
ith 

This means that this is installed.

2. Shutdown change and connect ...

Google is your friend ... google  ifconfig , iwconfig . this is basic networking commands for devices.
Wifi : wlan0 or wlp3s0 on my ubuntu ... kali still uses wlan0 
LAN : lan0 or enp0s25 on my ubuntu ... kali lan0 ... this might change,

wl -- wifi
lan -- network 

I will use wifi  as a example.
run the following :
ifconfig  wlp3s0(or ifconfig wlan0 ... kali)


ether is the Cool PART its your MAC address.

Now you need to shutdown the active device and change your MAC. 

Run the following as root.
ifconfig  wlp3s0 down
This will shutdown the device and allow you to change the config.

You will not see any response ... that is good.

The current MAC was :
Current MAC:   84:3a:4b:16:83:18 
increase the 18 part to 19 ...lol.
06:27:33 root@osiris ~ →  macchanger  --mac 84:3a:4b:16:83:19 wlp3s0

Current MAC:   84:3a:4b:16:83:18 (Intel Corporate)
Permanent MAC: LOL NO.... (Intel Corporate)
New MAC:       84:3a:4b:16:83:19 (Intel Corporate)
FYI Permanent is your real MAC




Reconnect to wifi hotspot and YES you will have access...!!!
Parts 4 and 5 I am busy building and will upload it on github... in a day or so ...;)




Wednesday, 1 August 2018

Have your email account been hacked ???? Maybe or not....

Your email account, has it been hacked ???? Maybe or not....

By nature all people are lazy ... and we believe we are safe and secure.

A little tool on the net ... 

https://haveibeenpwned.com/

Use it ! 

Most people do not know you have been hacked. 

The art is getting the dump file of the hack... and to "decrypt"

Example of Linkedin hacked and my account.


Lets stop with my email... hash password is next . And its a art to "decrypt" passwords . 

Follow: 
http://www.netsuite.co.uk/portal/uk/platform/infrastructure/password.shtml

FYI . 

RAINBOW TABLES!  --- 

A few thing about our friends at Facebook

A few things about our friends at Facebook ... things you should maybe not know...

Good reading :


I love the net ... I love the way we see, feel and think. Social media is our stage and what we say impacts many things. 

I have two FB accounts , one for friends and one for the world.

So I am going to show you how some of it works.

1. Data Selfie


Nice little tool to see how Facebook sees you , your top friends "or enemies" , your just a number on FB and what you see , feel and say can be tracked back. Not to hurt you but to rate you ... you see they our "system" needs to know how to predict outcome. By using FB we give them a eye into our life and our friends. The CIA would have had killed for this tech in the Cold War ... and FBI. That means they become better at predicting outcome... And they have learned manufacture consent.  


Fun tool ... fyi see if you can reverse engineer it ;) its all code.

2. Closing FB ... what they send you in a ZIP file.

This is a example of what facebook sends you on request of closing your profile... 
I ask you why would FB want to know how long and with who I am talking to ? The proof is in the zip file .


Also check out sub directories in zip.
- security_and_login_information
calls_and_messages
- location.

Makes me think ....

FYI... to hack FB is not easy ... hack the target not the tech. MIM attacks are still they only real way.


Monday, 23 July 2018

Shodan fun,fun and more scary fun....





Shodan is a search engine that lets the user find specific types of computers (webcamsroutersservers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.[1] This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server.

I call it fucken art . Think of "google" for all connected devices and I do mean ALL devices.


But let start by accessing the site SHODAN. I suggest create a proton mail account . So "searches" needs you to have a community account. When done let also download Brave 


The new Brave browser blocks the ads and trackers that slow you down, chew up your bandwidth, and invade your privacy. Brave even lets you contribute to your favorite creators automatically.



Now lets start the fun .... I stay in South Africa so I will use shodan to see all devices around me and in the area.


Some basics.


First example 1. Routers.


Let do netgear 


Netgear in my area and city ... If you understand Google Dorking the you will understand how shodan searches devices. 


So I would like all netgear devices in South Africa in my City of Pretoria.


The search looks as follow:


 netgear  country:ZA city:pretoria


Enter it in your search bar 






This show you a listing of 442 devices in my town you can also see the public facing IP and Netgear model.



Let us the third example . 



By clicking on Details you will open the device info page. With some cool info  like open ports , services and Geo Location. Also the public IP


This so wrong its right , by clicking on the green arrow you will be redirect to the router  login page...

Fun yes ... the most important part on the detail page is?


realm="NETGEAR DGN2200v3"
This show you the model of the router ..... which is bad. Reason...
Checkout https://github.com/threat9/routersploit
RouterSploit - Exploitation Framework for Embedded Devices
This means with Kali , little common sense and these two tool you can exploit and access netgear routers.
What is important is the device model. Unpatched router = FREE Wifi!!!!  Amen.

More info :
Shodan is a search engine for Internet-connected devices. Web search engines, such as Google and Bing, are great for finding websites. But what if you're interested in measuring which countries are becoming more connected? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to find the control servers for malware? Maybe a new vulnerability came out and you want to see how many hosts it could affect? Traditional web search engines don't let you answer those questions.
Shodan gathers information about all devices directly connected to the Internet. If a device is directly hooked up to the Internet then Shodan queries it for various publicly-available information. The types of devices that are indexed can vary tremendously: ranging from small desktops up to nuclear power plants and everything in between.
So what does Shodan index then? The bulk of the data is taken from banners, which are metadata about a software that's running on a device. This can be information about the server software, what options the service supports, a welcome message or anything else that the client would like to know before interacting with the server. For example, following is a FTP banner:
220 kcg.cz FTP server (Version 6.00LS) ready.
This tells us a potential name of the server (kcg.cz), the type of FTP server (Solaris ftpd) and its version (6.00LS). For HTTP a banner looks like:
HTTP/1.0 200 OK
Date: Tue, 16 Feb 2010 10:03:04 GMT
Server: Apache/1.3.26 (Unix) AuthMySQL/2.20 PHP/4.1.2 mod_gzip/1.3.19.1a mod_ssl/2.8.9 OpenSSL/0.9.6g
Last-Modified: Wed, 01 Jul 1998 08:51:04 GMT
ETag: "135074-61-3599f878"
Accept-Ranges: bytes
Content-Length: 97
Content-Type: text/html
The information gained from these services is applied to many areas:
  • Network Security: keep an eye on all devices at your company that are facing the Internet
  • Market Research: find out which products people are using in the real-world
  • Cyber Risk: include the online exposure of your vendors as a risk metric
  • Internet of Things: track the growing usage of smart devices
  • Tracking Ransomware: measure how many devices have been impacted by ransomware
As you can tell the use cases for the data are varied. We provide the platform that ensures accurate, consistent and up-to-date information on Internet-facing devices - it's up to you to decide what type of information you're most interested in.

How is it different than Google?

The most fundamental difference is that Shodan crawls the Internet whereas Google crawls the World Wide Web. However, the devices powering the World Wide Web only make up a tiny fraction of what's actually connected to the Internet. Shodan's goal is to provide a complete picture of the Internet.
Another difference with Google is that Shodan requires you to understand the search query syntax. For example, you can't simply enter power plant into Shodan and expect to get proper results. We designed Shodan for engineers/ developers and to get the most out of the data you need to understand the search query syntax.
Basic filters: City: The ‘city’ filter is used to find devices that are located in that particular city. Eg:iis city:New York Country: The ‘country’ filter is used devices running in that particular country. Eg:iis country: United States Port: The ‘port’ filter narrows the search by searching for specified ports. Eg. https port:443 Os: The ‘os’ filter is used to find specific operating systems. Eg: microsoft-iis os:"windows 2003" Geo: The ‘geo’ filter according to certain longitudes and latitudes that are within a given radius. Only 2 3 parameters are allowed and 3 parameter by default is the radius which is 5 km. Eg: apache geo:42.9693,-74.1224 Net: The ‘net’ filter is used to find devices according to certain ip address and subnet mask Eg: iis net:216.0.0.0/16 Hostname: The ‘hostname’ filter always searches host containing a particular hostname. Eg: Akamai hostname:.com After and Before: The ‘after’ and ‘before’ filter helps you to devices after and before a particular date. The format allowed is dd/mm/yyyy dd-mm-yy Eg: apache before:1/01/2014 nginx after:1/01/2014 Note: Most of the filters will work when you are logged in.

Tuesday, 15 May 2018

Hack like A BLACKHAT ... with PROXY Chains!

What is Proxy-Chains???



ProxyChains is a UNIX program, that hooks network-related libc functions
  in DYNAMICALLY LINKED programs via a preloaded DLL (dlsym(), LD_PRELOAD)

  and redirects the connections through SOCKS4a/5 or HTTP proxies.
  It supports TCP only (no UDP/ICMP etc).

 
On most Linux Distro's just 

sudo apt-get install proxychains

Or 

git clone https://github.com/rofl0r/proxychains-ng.git
 
# needs a working C compiler, preferably gcc
  ./configure --prefix=/usr --sysconfdir=/etc
  make
  [optional] sudo make install
  [optional] sudo make install-config (installs proxychains.conf)

  if you dont install, you can use proxychains from the build directory
  like this: ./proxychains4 -f src/proxychains.conf telnet google.com 80

Configuration:
--------------

proxychains looks for config file in following order:
1) file listed in environment variable PROXYCHAINS_CONF_FILE or
 provided as a -f argument to proxychains script or binary.
2) ./proxychains.conf
3) $(HOME)/.proxychains/proxychains.conf
4) $(sysconfdir)/proxychains.conf  **

** usually /etc/proxychains.conf

Usage Example:

 $ proxychains telnet targethost.com

in this example it will run telnet through proxy(or chained proxies)
specified by proxychains.conf

Usage Example:

 $ proxychains -f /etc/proxychains-other.conf telnet targethost2.com

in this example it will use different configuration file then proxychains.conf
to connect to targethost2.com host.

Usage Example:

 $ proxyresolv targethost.com

in this example it will resolve targethost.com through proxy(or chained proxies)
specified by proxychains.conf
After install it look at the following :
https://github.com/sleeyax/Chainforger
INSTALL IT!

This is a tool that will help you create the needed proxychain.conf file.

eXAMPLE:




eNJOY!!!

VPN setup for Ubuntu .... or Kali ....

VPN setup for Ubuntu .... or Kali ....

This is the shit!!!!

vpngate-with-proxy

VPN GATE client for linux
  • Be able to connect to open vpn servers at http://www.vpngate.net/en/ directly or through proxy
  • Auto add DNS to fix DNS leak.
  • Auto filter out dead VPN servers. (updated on August 16th)
  • Can execute user defined script after vpn_tunnel is established or broken.
For Ubuntu and Kali 

sudo apt-get install gir1.2-appindicator3-0.1 gir1.2-notify-0.7 python-gobject

Dependency:

  • python 2.7.x: should already be shipped with your linux
Except python 2.7.x, all below dependencies should be automatically installed at first run.
  • openvpn$ sudo apt-get install openvpn
  • python-requests$ sudo apt-get install python-requests
  • python-urwid 1.3+$ sudo apt-get install python-urwid , for tui version (terminal user interface)
  • wmctrl$ sudo apt-get install wmctrl, for Indicator of tui version, use for focusing window from indicator.

How to use:

0. Pre-installation

  • If your network is behind a proxy
  $ export http_proxy="http://your_proxy:your_port"
  $ export https_proxy="http://your_proxy:your_port"
  • If you has just installed your os, please update your os for it to fetch packages list and know where to download other packages later.
$ sudo apt-get update && sudo apt-get upgrade
  • Please check the os clock and calendar if it is correct for openvpn authentication to work properly.

1. Installation:

Using git:
$ sudo apt-get install git
$ git clone https://github.com/Dragon2fly/vpngate-with-proxy.git
If your network is behind a proxy:
$ sudo -E apt-get install git
$ git clone https://github.com/Dragon2fly/vpngate-with-proxy.git
You can also download the zip file It contains the "vpngate-with-proxy" folder. Extract it into anywhere you want eg: $HOME.
user_script:
Within this folder, there should be a file user_script.sh. This file allow you to run extra commands to fit your need. You have to manually edit this file and don't change the file name. Commands are divided into 2 groups:
  • up: execute after vpn tunnel is established successfully.
  • down: execute after vpn tunnel is broken/terminated.

2. First run:

If you have configured system wide proxy or proxy in firefox, it'd better to turn it off. After vpn tunnel is established, the programs that use system wide proxy may failed to connect to the internet using your proxy.
Launch vpngate-with-proxy by
$ cd vpngate-with-proxy
$ ./run [arg]
  • arg could be either none or tui or cli.
  • vpnproxy_tui.py has better UI, colorful and easier to use. Run when arg is none or tui
  • vpnproxy_cli.py is normal terminal application, lightweight and is aim to run on server (RaspberryPi ?). Run when argis cli
Then the program will first setup a configuration file config.ini by asking you for proxy if needed to connect to the Internet. After that it will show the default configuration of the program. Change any parameter to suit you and press Enter to continue. Next time launching this program, you won't see this configuration again. Either modify config.ini or check 5. Some notes
If no thing goes wrong, the vpn server's list will show up.

3. Interaction:

  • Connect to a specific vpn server by typing its index number (eg: 3) and then Enter. If nothing went wrong, a successfully message show up.
  • Your currently chosen server will be highlighted with dark blue color.
  • All connected servers before the current one is show in dark red color.
  • Change your desire setting by press the F# key corresponding to that setting. Hit that F# key again to discard all changes and close setting popup. Setting will only be saved when you hit <OK> or Enter.
    • F2Proxy, use http proxy? address? port?
    • F3DNS, change DNS when connecting to vpn? which dns to change to?
    • F4Country, looking for a specific country or all that available?
    • F5Sort by, sort these servers by what parameter?
  • Vpn command: As you mentioned above, give an index of the server then hit Enter will open a vpn tunnel from your to that server. And there are still some more.
    • rrefresh: fetch new server's data from vpngate.net or mirrors
    • restore: will restore your system DNS back to original one
    • kill: send SIGTERM to all openvpn processes
    • q: terminate vpn tunnel, then quit the program
    • log: check if current season is logged or not. Log file is vpn.log and is in the same folder with this program. Every time you start the program, log file is rewritten (old content will be lost) if log is turned on.
      • log on: turn on logging
      • log off: turn off logging
  • Other keys and combinations:
    • Up, Down, PgUp, PgDown: scroll the server list
    • F10 : toggle logging on/off
    • Esc : clear the text in any input form (vpn commandProxyCountry)
    • Ctrl + F5: the same as r or refresh command
    • Ctrl + r : the same as restore command
    • Ctrl + k : the same as kill command
    • Ctrl + c : if connected to vpn server, terminate vpn tunnel, turn back to normal state. Else, quit the program

4. After VPN Tunnel is established successfully:

A successful connection doesn't mean you have access to the Internet. If you can access the Internet through selected vpn server, that doesn't mean you are totally safe.
  1. Check if you can access the Internet:
  • try browse some websites. Low score VPN servers tend to block you out of the Internet
  1. Check DNS leak:
If you are serious about privacy, this is necessary. DNS server knows the web addresses that you connected to, unless you type IP address directly.
To know your current DNS provider, https://www.dnsleaktest.com or https://ipleak.net
If DNS is not changed, make sure that you have turned off your system wide proxy and try again. While using the ethernet for vpn, connected to wifi may reset your DNS.
You could also use below command in Ubuntu to see trace route:
$ mtr -rw google.com

5. Some notes:

  • To view or change settings before the program fetches server's list, use one of below:
$ ./run config
$ ./run cli config
$ ./run tui config
  • (vpnproxy_cli.py only) To view or change settings at server's list: type Vpn command c or config then Enter
  • Ctrl+z: Try not to press this combination while program is running. It will not terminate the vpn tunnel nor kill the program properly. Which means iptable may be left messed up, DNS won't reset to original, you may be still in vpn.
  • The program only shows the last log line at the bottom of terminal. In fact, there is 20 last lines of the log. To view these lines, you just need to extend the high of the terminal window. log The log is shown up side down so the latest information will be in the highest place
  • If your terminal looks weird after program crashed or Ctrtl+z$ reset would help


Example :