Cracking tools:
https://www.radare.org/r/
http://www.ollydbg.de/
https://x64dbg.com/#start
Tutorials:
https://error4hack.com/x64dbg-tutorial/
Assembly programming:
http://www.interq.or.jp/chubu/r6/masm32/tute/tute001.html
Reverse Engineering:
https://www.youtube.com/watch?v=fv9ii3W5htQ&list=PLHJns8WZXCdvaD7-xR7e5FJNW_6H9w-wC
Monday, December 30, 2019
Wednesday, December 18, 2019
Friday, December 13, 2019
Tuesday, December 10, 2019
Hacking Facebook and SS7
https://www.youtube.com/watch?v=kRCIsy9URyw&t=262s
https://www.computerworld.com/article/3058020/hackers-only-need-your-phone-number-to-eavesdrop-on-calls-read-texts-track-you.html
https://www.securitynewspaper.com/2018/02/19/intercept-mobile-communications-calls-messages-easily-without-hacking/
https://medium.com/@vasanthavanan59439/ss7-the-deadliest-attack-6423de7fe8c0
https://blog.securegroup.com/phone-hacking-through-ss7-is-frighteningly-easy-and-effective
https://cyware.com/news/can-you-hack-a-facebook-account-by-just-using-the-phone-number-yes-you-can-19617269
https://alltop9.com/phone-number-facebook-hack/
https://www.rtl-sdr.com/hacking-gsm-signals-with-an-rtl-sdr-and-topguw/
https://www.youtube.com/watch?v=da1CLA82jw8
RTL-SDR
https://www.youtube.com/watch?v=FqtJ-TvtLTQ [stopped 6.54]
https://www.youtube.com/watch?v=37q53h0b4q8 [ how to setup rtl-sdr in kali linux]
Malaysian Maxis, Digi, Celcom band allocation:
https://www.malaysianwireless.com/2016/02/spectrum-maxis-900mhz-1800mhz/
https://forum.lowyat.net/topic/3333921/all
https://en.wikipedia.org/wiki/GSM_frequency_bands
Sellers:
https://www.lazada.com.my/products/100khz-17ghz-uv-hf-rtl-sdr-usb-tuner-receiver-uv-antenna-diy-kits-i529008531-s1045654004.html?ef_id=EAIaIQobChMIx92f0IWv5gIV2Q0rCh0DSQ-IEAQYASABEgIhFfD_BwE:G:s&s_kwcid=AL!3150!3!244160057898!!!u!294357559827!&exlaz=d_1:mm_150050845_51350205_2010350205::12:1032211143!54400014687!!!pla-294357559827!c!294357559827!1045654004!137976772!244160057898&gclid=EAIaIQobChMIx92f0IWv5gIV2Q0rCh0DSQ-IEAQYASABEgIhFfD_BwE
Go for Rtl2832U, TXC0 0.5 ppm crystal, R820T2 Tuner
https://www.computerworld.com/article/3058020/hackers-only-need-your-phone-number-to-eavesdrop-on-calls-read-texts-track-you.html
https://www.securitynewspaper.com/2018/02/19/intercept-mobile-communications-calls-messages-easily-without-hacking/
https://medium.com/@vasanthavanan59439/ss7-the-deadliest-attack-6423de7fe8c0
https://blog.securegroup.com/phone-hacking-through-ss7-is-frighteningly-easy-and-effective
https://cyware.com/news/can-you-hack-a-facebook-account-by-just-using-the-phone-number-yes-you-can-19617269
https://alltop9.com/phone-number-facebook-hack/
https://www.rtl-sdr.com/hacking-gsm-signals-with-an-rtl-sdr-and-topguw/
https://www.youtube.com/watch?v=da1CLA82jw8
RTL-SDR
https://www.youtube.com/watch?v=FqtJ-TvtLTQ [stopped 6.54]
https://www.youtube.com/watch?v=37q53h0b4q8 [ how to setup rtl-sdr in kali linux]
Malaysian Maxis, Digi, Celcom band allocation:
https://www.malaysianwireless.com/2016/02/spectrum-maxis-900mhz-1800mhz/
https://forum.lowyat.net/topic/3333921/all
https://en.wikipedia.org/wiki/GSM_frequency_bands
Sellers:
https://www.lazada.com.my/products/100khz-17ghz-uv-hf-rtl-sdr-usb-tuner-receiver-uv-antenna-diy-kits-i529008531-s1045654004.html?ef_id=EAIaIQobChMIx92f0IWv5gIV2Q0rCh0DSQ-IEAQYASABEgIhFfD_BwE:G:s&s_kwcid=AL!3150!3!244160057898!!!u!294357559827!&exlaz=d_1:mm_150050845_51350205_2010350205::12:1032211143!54400014687!!!pla-294357559827!c!294357559827!1045654004!137976772!244160057898&gclid=EAIaIQobChMIx92f0IWv5gIV2Q0rCh0DSQ-IEAQYASABEgIhFfD_BwE
Go for Rtl2832U, TXC0 0.5 ppm crystal, R820T2 Tuner
Sunday, December 8, 2019
Friday, November 22, 2019
Kevin Mitnick Quotes
"People are used to having a technology solution [but] social engineering bypasses all technologies, including firewalls," Mitnick said
Wednesday, November 20, 2019
Hacking Windows 7
https://www.youtube.com/watch?v=05o-w3S83sY [ eternal blue exploit ]
https://www.youtube.com/watch?v=vweWCTVWdxU [ eternal blue - Loi ]
https://www.youtube.com/watch?v=vweWCTVWdxU [ eternal blue - Loi ]
Tuesday, November 5, 2019
Unlocking Redmi 7A
Followd these instructions:
https://www.androidexplained.com/redmi-7-unlock-bootloader/
Created a xiaomi account with login: 0174xxxx and passwd x------
at: https://account.xiaomi.com/
Downloaded: this tool:
https://en.miui.com/unlock/download_en.html
connected phone to pc via usb then ran the miflash_unlock.exe
then logged in with the above credentials.
But it asks to wait 168 hours ( 1 week ). Today is 5 Nov, 2019
Others also same:
https://forum.xda-developers.com/Mi-9/how-to/unlocking-bootloader-immediately-t3926424/page11
Other references:
`````````````````````
https://c.mi.com/thread-1857937-1-1.html
Do not logout of xiami account on phone, or you will need to wait another 168 hours:
https://c.mi.com/thread-2262302-1-0.html
https://www.androidexplained.com/redmi-7-unlock-bootloader/
Created a xiaomi account with login: 0174xxxx and passwd x------
at: https://account.xiaomi.com/
Downloaded: this tool:
https://en.miui.com/unlock/download_en.html
connected phone to pc via usb then ran the miflash_unlock.exe
then logged in with the above credentials.
But it asks to wait 168 hours ( 1 week ). Today is 5 Nov, 2019
Others also same:
https://forum.xda-developers.com/Mi-9/how-to/unlocking-bootloader-immediately-t3926424/page11
Other references:
`````````````````````
https://c.mi.com/thread-1857937-1-1.html
Do not logout of xiami account on phone, or you will need to wait another 168 hours:
https://c.mi.com/thread-2262302-1-0.html
Monday, November 4, 2019
Saturday, November 2, 2019
Fake Access Point
Ghost Phisher:
https://www.youtube.com/watch?v=CuhtEDdTjdM [ Not working ]
https://www.youtube.com/watch?v=CLViFZ5Luds [ Not working ]
https://dalewifisec.wordpress.com/2013/05/16/evil-twin-access-point-attack-explained/
Airgeddon:
https://null-byte.wonderhowto.com/how-to/hack-wi-fi-stealing-wi-fi-passwords-with-evil-twin-attack-0183880/
https://github.com/v1s1t0r1sh3r3/airgeddon/issues/287 [issues]
mdk3 flood ssid:
https://www.youtube.com/watch?v=svAvpcS_UwQ
Fix for network-manager conflict with airmon-ng :
https://rootsh3ll.com/evil-twin-attack/
https://www.youtube.com/watch?v=CuhtEDdTjdM [ Not working ]
https://www.youtube.com/watch?v=CLViFZ5Luds [ Not working ]
https://dalewifisec.wordpress.com/2013/05/16/evil-twin-access-point-attack-explained/
Airgeddon:
https://null-byte.wonderhowto.com/how-to/hack-wi-fi-stealing-wi-fi-passwords-with-evil-twin-attack-0183880/
https://github.com/v1s1t0r1sh3r3/airgeddon/issues/287 [issues]
mdk3 flood ssid:
https://www.youtube.com/watch?v=svAvpcS_UwQ
Fix for network-manager conflict with airmon-ng :
https://rootsh3ll.com/evil-twin-attack/
Wednesday, October 23, 2019
how to remote desktop
https://www.youtube.com/watch?v=lW5vYPtApLc
Then edit /etc/xrdp/xrdp.ini by adding address=0.0.0.0 below line #background
also set port to 3390 in the [Globals] section
Then adduser -home /home/eve eve [ not necessary ] can login as root
/etc/init.d/xrdp start|stop
passwd 123456
No need to adduser. Just logout root on local machine. Then RDP from windows.
Then in windows 10, rdp client, set to size 1280 by 800 pixels
high color 16 bit
Connect to 192.168.0.105:3390
[no need]
How to fix problem with keyboard fn key always down problem.
RDP to linux from windows. Then press Fn + Esc.
Then logout from windows rdp session. Relogin locally on linux.
[just do this]
Another fix is to logout locally. Then relogin again locally.
Monday, October 21, 2019
Don't waste time with Bug Bounty Hunting
1. Only the elite top few (less than 3%) are doing well, the rest are doing miserably.
2. It is active income, not passive income.
3. You earn less than insect exterminators:
https://www.theregister.co.uk/2019/01/15/bugs_bounty_salary/
4. You work about 75 hours a week but earn only an average of USD187 per month.
That's 10.7 hours a day and getting paid only USD6.23 per day.
2. It is active income, not passive income.
3. You earn less than insect exterminators:
https://www.theregister.co.uk/2019/01/15/bugs_bounty_salary/
4. You work about 75 hours a week but earn only an average of USD187 per month.
That's 10.7 hours a day and getting paid only USD6.23 per day.
Thursday, October 10, 2019
Friday, October 4, 2019
Thursday, September 26, 2019
DV-PI3 Damn Vulnerable Pi setup and hacks
How to install and setup:
https://paulraspberrypinotes.blogspot.com/2019/09/setting-up-vulnerable-raspberry-pi.html
Then ssh to it with putty, ssh pi@192.168.1.48, passwd: raspberry
If you are using rndis (direct usb connection with bonjour), then :
ssh dv-pi3.local using putty
Then:
dv-pi status # Show status of vulnerable applications
dv-pi start # Start vulnerable applications
dv-pi stop # Stop vulnerable applications
Hacking rpi0:
`````````````````
https://www.youtube.com/watch?v=p5QwtYYeZZY [ basic msfconsole and msfvenom ]
https://shaneoneill.io/2018/11/17/hacking-your-own-raspberry-pi-part-2-wordpress-exploits/
https://paulraspberrypinotes.blogspot.com/2019/09/setting-up-vulnerable-raspberry-pi.html
Then ssh to it with putty, ssh pi@192.168.1.48, passwd: raspberry
If you are using rndis (direct usb connection with bonjour), then :
ssh dv-pi3.local using putty
Then:
dv-pi status # Show status of vulnerable applications
dv-pi start # Start vulnerable applications
dv-pi stop # Stop vulnerable applications
Hacking rpi0:
`````````````````
https://www.youtube.com/watch?v=p5QwtYYeZZY [ basic msfconsole and msfvenom ]
https://shaneoneill.io/2018/11/17/hacking-your-own-raspberry-pi-part-2-wordpress-exploits/
Sunday, September 22, 2019
How to adjust screen brightness in kali linux
go to
/sys/class/backlight/intel_backlight
sudo -s
vim brightness
set the integer value, eg 300
ref:
https://www.youtube.com/watch?v=navv_XHysmM
/sys/class/backlight/intel_backlight
sudo -s
vim brightness
set the integer value, eg 300
ref:
https://www.youtube.com/watch?v=navv_XHysmM
Saturday, September 21, 2019
How to install Kali LInux
Download the iso image and use Rufus to burn to pendrive. When prompted select dd image, not iso.
Boot from pen drive and select graphical install.
References:
https://null-byte.wonderhowto.com/forum/fix-failed-detect-and-mount-cd-rom-problem-when-installing-kali-linux-0177158/
Boot from pen drive and select graphical install.
References:
https://null-byte.wonderhowto.com/forum/fix-failed-detect-and-mount-cd-rom-problem-when-installing-kali-linux-0177158/
Friday, September 20, 2019
Wifi Adapters for Kali
https://miloserdov.org/?p=2196
https://shop.hak5.org/products/ralink-usb-wifi-rt5370
[atheros 9271]
https://www.lelong.com.my/150mbps-mini-usb-2-0-port-wireless-wifi-adapter-antenna-winsonyap86-214762007-2021-08-Sale-P.htm
Same seller [ 1 and 2 below]
1. [rt5370]
https://www.lelong.com.my/wifi-rt5370-adapter-freesat-alphabox-5151wornall-206177735-2020-07-Sale-P.htm
2. [rtl8811au - dual band]
https://www.lelong.com.my/600mbps-dual-band-5ghz-wireless-lan-usb-pc-wifi-adapter-802-11ac-5151wornall-I6143827-2007-01-Sale-I.htm [ does not work on Kali Linux ]
Tried below also did nto work:
https://www.youtube.com/watch?v=zZG65GkWGdU [zaid ]
https://unix.stackexchange.com/questions/369045/kali-linux-and-rtl8812au
https://edimax.freshdesk.com/support/solutions/articles/14000041287-how-to-install-ew-7811-ac600-ew-7822uac-in-linux-with-kernel-higher-than-v4-1
Finally this works:
https://www.prado.lt/how-to-install-realtek-8811cu-wireless-lan-802-11ac-usb-nic-on-ubuntu-19-04
cd to /usr/src, then:
rtl8821CU/core
Then,
make
make install
Then:
[switch_usbmode.sh]
#!/bin/sh
usb_modeswitch -KW -v 0bda -p 1a2b
-------------------------------------------------------------
Below is how you switch 1a2b into c811:
``````````````````````````````````````````````````
https://github.com/yklove/rtl8821cu
Works:
https://shop.hak5.org/products/ralink-usb-wifi-rt5370
[atheros 9271]
https://www.lelong.com.my/150mbps-mini-usb-2-0-port-wireless-wifi-adapter-antenna-winsonyap86-214762007-2021-08-Sale-P.htm
Same seller [ 1 and 2 below]
1. [rt5370]
https://www.lelong.com.my/wifi-rt5370-adapter-freesat-alphabox-5151wornall-206177735-2020-07-Sale-P.htm
2. [rtl8811au - dual band]
https://www.lelong.com.my/600mbps-dual-band-5ghz-wireless-lan-usb-pc-wifi-adapter-802-11ac-5151wornall-I6143827-2007-01-Sale-I.htm [ does not work on Kali Linux ]
Tried below also did nto work:
https://www.youtube.com/watch?v=zZG65GkWGdU [zaid ]
https://unix.stackexchange.com/questions/369045/kali-linux-and-rtl8812au
https://edimax.freshdesk.com/support/solutions/articles/14000041287-how-to-install-ew-7811-ac600-ew-7822uac-in-linux-with-kernel-higher-than-v4-1
Finally this works:
https://www.prado.lt/how-to-install-realtek-8811cu-wireless-lan-802-11ac-usb-nic-on-ubuntu-19-04
cd to /usr/src, then:
git clone https://github.com/brektrou/rtl8821CU.gitbefore make, edit the rtw_debug.c file to comment out the __DATE__ line. The rtw_debug.c file is in
rtl8821CU/core
Then,
make
make install
Then:
usb_modeswitch -KW -v 0bda -p 1a2b[switch_usbmode.sh]
#!/bin/sh
usb_modeswitch -KW -v 0bda -p 1a2b
-------------------------------------------------------------
Below is how you switch 1a2b into c811:
``````````````````````````````````````````````````
https://github.com/yklove/rtl8821cu
Works:
If wifi can be detected, congratulations. If not, maybe you need to switch your device usb mode by the following steps in terminal:
- find your usb-wifi-adapter device ID, like "0bda:1a2b", by type:
lsusb
- switch the mode by type: (the device ID must be yours.)
sudo usb_modeswitch -KW -v 0bda -p 1a2b
It should work.
Friday, September 13, 2019
Protection against netcut attacks
https://www.raymond.cc/blog/protect-your-computer-against-arp-poison-attack-netcut/
http://www.linuxandubuntu.com/home/tuxcut-a-tool-to-protect-linux-against-arpspoof-attacks
https://github.com/aarreedd/ARP-Defense
https://www.youtube.com/watch?v=M3l6FRF2KVU
https://www.youtube.com/watch?v=rOeyfG7vq3k [ Good ]
http://www.linuxandubuntu.com/home/tuxcut-a-tool-to-protect-linux-against-arpspoof-attacks
https://github.com/aarreedd/ARP-Defense
https://www.youtube.com/watch?v=M3l6FRF2KVU
https://www.youtube.com/watch?v=rOeyfG7vq3k [ Good ]
Evil Twin Attacks
Hacking starbucks with kali linux and raspberry pi
https://www.youtube.com/watch?v=q7HkIwbj3CM
https://www.youtube.com/watch?v=q7HkIwbj3CM
Wednesday, September 11, 2019
Tuesday, September 10, 2019
DIY Wifi Pineapple
https://oct8l.gitlab.io/posts/2019/54/making-a-knockoff-wifi-pineapple-from-a-gl-inet-ar150m/
http://gerryk.com/posts/using_ghidra_to_reverse_wifi_pineapple_protection/
https://www.lazada.com.my/products/90smart-gl-ar150-mini-smart-router-w-openwrt-16mb-flash-white-i421520687-s613301966.html
Original Wifi Pineapple:
https://www.ebay.com.sg/itm/WiFi-Pineapple-Nano-6th-Generation-Hak5-/182394830532
Kali Linux vs Wifi Pineapple:
https://forums.hak5.org/topic/46147-nano-vs-kali-linux/
http://gerryk.com/posts/using_ghidra_to_reverse_wifi_pineapple_protection/
https://www.lazada.com.my/products/90smart-gl-ar150-mini-smart-router-w-openwrt-16mb-flash-white-i421520687-s613301966.html
Original Wifi Pineapple:
https://www.ebay.com.sg/itm/WiFi-Pineapple-Nano-6th-Generation-Hak5-/182394830532
Kali Linux vs Wifi Pineapple:
https://forums.hak5.org/topic/46147-nano-vs-kali-linux/
Sunday, September 8, 2019
Monday, September 2, 2019
Bad USB
https://mashable.com/2014/10/03/bad-usb/
https://shopee.com.my/DIY-WIFI-Version-Bad-USB-RUBBER-DUCKY-TEENSYfor-Hak5-HiD-Lazy-U-Disk-Arduino-IED-i.78780680.1560641635
https://www.youtube.com/watch?v=hEpk56Qy5W0
DIY Using digispark:
https://www.youtube.com/watch?v=fGmGBa-4cYQ
Additional boards manager: http://digistump.com/package_digistump_index.json
https://hackernoon.com/low-cost-usb-rubber-ducky-pen-test-tool-for-3-using-digispark-and-duck2spark-5d59afc1910
https://www.nixu.com/blog/hidden-gem-low-cost-digispark-usb-now-quacks-duckyscript
https://www.lelong.com.my/digispark-kickstarter-attiny85-usb-development-module-board-sainapse-io-F1625020-2007-01-Sale-I.htm
https://www.youtube.com/watch?v=b5E0u4qNH4s
https://www.youtube.com/watch?v=YXWxEzLHXuw
Lazada with sdcard:
https://www.youtube.com/watch?v=3A53g0j-ugw
https://www.youtube.com/watch?v=ksvo1WDYQ7s (program duckduino onto device, then put duck scripts on sdcard)
Lazada pendrive with keychain:
https://www.youtube.com/watch?v=FChGkR38Eso
https://www.lazada.com.my/products/cfb-badusb-beetle-bad-usb-microcontroller-atmega32u4-virtual-keyboard-i543946575-s1079160374.html
https://www.youtube.com/watch?v=Z93Cp6XkJio
http://www.areresearch.net/2017/12/some-fun-with-bad-usb-devices-not.html
DIY Bad USB With Wifi:
https://www.youtube.com/watch?v=Utq4C9S3-uI
Seytonic's Playlist:
https://www.youtube.com/playlist?list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj
Buying List for Seytonic's project:
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm
https://www.lelong.com.my/5-unit-mini-tactile-switch-push-button-momentary-arduino-pic-nadieleczone-F1199273-2007-01-Sale-I.htm
https://www.lelong.com.my/microsd-card-module-sainapse-io-F810741-2007-01-Sale-I.htm
https://www.lelong.com.my/dip-switch-2-54mm-2p-3p-4p-5p-8p-littlecraft-I5292329-2007-01-Sale-I.htm
About Arduino Pro Micro:
https://deskthority.net/wiki/Arduino_Pro_Micro
Buying List for Seytonic's DIY Wireless Bad USB:
( based on this: https://www.youtube.com/watch?v=Utq4C9S3-uI&t=11s )
Only need Arduino Pro Micro and microUSB Adapter, you can reuse your existing NodeMCU.
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm ( Optional, can use normal microusb cable )
Another reference similar to Seytonic:
( Supremeduck )
https://github.com/michalmonday/supremeDuck
Raspberry PI Bad USB:
https://www.youtube.com/watch?time_continue=1&v=I_BjCdJlCo4
https://maltronics.com/blogs/blog/exfiltrating-files-with-a-pi-zero
Ducky Script Payloads:
https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
--------------------------- DIGISPARK ---------------------------------
Ducky Script to Digispark converter:
https://github.com/CedArctic/digiQuack [ C++ Some errors ]
https://github.com/uslurper/digiduck [ Python Not working ]
https://github.com/mame82/duck2spark [ Python ]
https://github.com/toxydose/Duckyspark [ Python - USE THIS]
Digiduck howto:
https://github.com/uslurper/digiduck/wiki/A-Brief-Overview-of-Digiduck-and-Why-It-Isn't-Working-for-You
Warning:
When adding environment variables C:\Python27 need to add a backward slash like this:
C:\Python27\
What works for me for Digispark:
https://0x00sec.org/t/a-complete-beginner-friendly-guide-to-the-digispark-badusb/8002
https://github.com/CedArctic/DigiSpark-Scripts
I downloaded Duckyspark_translator.py from https://github.com/toxydose/Duckyspark and renamed it to duckspark.py
Also followed Seytonic's video:
https://www.youtube.com/watch?v=fGmGBa-4cYQ&list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj&index=6
DigiKeyboard.h reference:
https://github.com/digistump/DigistumpArduino/blob/master/digistump-avr/libraries/DigisparkKeyboard/DigiKeyboard.h
C:\Users\paul\AppData\Local\Arduino15\packages\digistump\hardware\avr\1.6.7\libraries\DigisparkKeyboard
If you find some keys not defined, then you can include the defines yourself in the .ino code
Try converting some ducky script with duckyspark and you can see an example.
They keys are missing from DigiKeyboard.h and you will need to add them manually:
#define KEY_ESC 41
#define KEY_BACKSPACE 42
#define KEY_TAB 43
#define KEY_PRT_SCR 70
#define KEY_DELETE 76
#define KEY_ARROW_RIGHT 0x4F
#define KEY_ARROW_DOWN 0x51
#define KEY_ARROW_UP 0x52
Upload badusb scripts to http://ezishopper.site/badusb/ for experiments. It is a namecheap ac.
https://shopee.com.my/DIY-WIFI-Version-Bad-USB-RUBBER-DUCKY-TEENSYfor-Hak5-HiD-Lazy-U-Disk-Arduino-IED-i.78780680.1560641635
https://www.youtube.com/watch?v=hEpk56Qy5W0
DIY Using digispark:
https://www.youtube.com/watch?v=fGmGBa-4cYQ
Additional boards manager: http://digistump.com/package_digistump_index.json
https://hackernoon.com/low-cost-usb-rubber-ducky-pen-test-tool-for-3-using-digispark-and-duck2spark-5d59afc1910
https://www.nixu.com/blog/hidden-gem-low-cost-digispark-usb-now-quacks-duckyscript
https://www.lelong.com.my/digispark-kickstarter-attiny85-usb-development-module-board-sainapse-io-F1625020-2007-01-Sale-I.htm
https://www.youtube.com/watch?v=b5E0u4qNH4s
https://www.youtube.com/watch?v=YXWxEzLHXuw
Lazada with sdcard:
https://www.youtube.com/watch?v=3A53g0j-ugw
https://www.youtube.com/watch?v=ksvo1WDYQ7s (program duckduino onto device, then put duck scripts on sdcard)
Lazada pendrive with keychain:
https://www.youtube.com/watch?v=FChGkR38Eso
https://www.lazada.com.my/products/cfb-badusb-beetle-bad-usb-microcontroller-atmega32u4-virtual-keyboard-i543946575-s1079160374.html
https://www.youtube.com/watch?v=Z93Cp6XkJio
http://www.areresearch.net/2017/12/some-fun-with-bad-usb-devices-not.html
DIY Bad USB With Wifi:
https://www.youtube.com/watch?v=Utq4C9S3-uI
Seytonic's Playlist:
https://www.youtube.com/playlist?list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj
Buying List for Seytonic's project:
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm
https://www.lelong.com.my/5-unit-mini-tactile-switch-push-button-momentary-arduino-pic-nadieleczone-F1199273-2007-01-Sale-I.htm
https://www.lelong.com.my/microsd-card-module-sainapse-io-F810741-2007-01-Sale-I.htm
https://www.lelong.com.my/dip-switch-2-54mm-2p-3p-4p-5p-8p-littlecraft-I5292329-2007-01-Sale-I.htm
About Arduino Pro Micro:
https://deskthority.net/wiki/Arduino_Pro_Micro
Buying List for Seytonic's DIY Wireless Bad USB:
( based on this: https://www.youtube.com/watch?v=Utq4C9S3-uI&t=11s )
Only need Arduino Pro Micro and microUSB Adapter, you can reuse your existing NodeMCU.
https://www.lelong.com.my/atmega32u4-pro-micro-5v-16mhz-atmega-32u4-arduino-board-nadieleczone-F1646733-2007-01-Sale-I.htm
https://www.lelong.com.my/usb-adapter-type-male-micro-b-male-newfroggyonline-214224512-2019-09-Sale-P.htm ( Optional, can use normal microusb cable )
Another reference similar to Seytonic:
( Supremeduck )
https://github.com/michalmonday/supremeDuck
Raspberry PI Bad USB:
https://www.youtube.com/watch?time_continue=1&v=I_BjCdJlCo4
https://maltronics.com/blogs/blog/exfiltrating-files-with-a-pi-zero
Ducky Script Payloads:
https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
--------------------------- DIGISPARK ---------------------------------
Ducky Script to Digispark converter:
https://github.com/CedArctic/digiQuack [ C++ Some errors ]
https://github.com/uslurper/digiduck [ Python Not working ]
https://github.com/mame82/duck2spark [ Python ]
https://github.com/toxydose/Duckyspark [ Python - USE THIS]
Digiduck howto:
https://github.com/uslurper/digiduck/wiki/A-Brief-Overview-of-Digiduck-and-Why-It-Isn't-Working-for-You
Warning:
When adding environment variables C:\Python27 need to add a backward slash like this:
C:\Python27\
What works for me for Digispark:
https://0x00sec.org/t/a-complete-beginner-friendly-guide-to-the-digispark-badusb/8002
https://github.com/CedArctic/DigiSpark-Scripts
I downloaded Duckyspark_translator.py from https://github.com/toxydose/Duckyspark and renamed it to duckspark.py
Also followed Seytonic's video:
https://www.youtube.com/watch?v=fGmGBa-4cYQ&list=PL2YepVFF1azFjaLd5PYCYg2lKeB6t1xcj&index=6
DigiKeyboard.h reference:
https://github.com/digistump/DigistumpArduino/blob/master/digistump-avr/libraries/DigisparkKeyboard/DigiKeyboard.h
C:\Users\paul\AppData\Local\Arduino15\packages\digistump\hardware\avr\1.6.7\libraries\DigisparkKeyboard
If you find some keys not defined, then you can include the defines yourself in the .ino code
Try converting some ducky script with duckyspark and you can see an example.
They keys are missing from DigiKeyboard.h and you will need to add them manually:
#define KEY_ESC 41
#define KEY_BACKSPACE 42
#define KEY_TAB 43
#define KEY_PRT_SCR 70
#define KEY_DELETE 76
#define KEY_ARROW_RIGHT 0x4F
#define KEY_ARROW_DOWN 0x51
#define KEY_ARROW_UP 0x52
Upload badusb scripts to http://ezishopper.site/badusb/ for experiments. It is a namecheap ac.
Sunday, September 1, 2019
Wifi Hacking
Evil Twin Attack:
https://pikdo.net/p/faisalyahya/2118124885757667190_187669594
Wifi Pineapple:
https://shop.hak5.org/products/wifi-pineapple
https://www.lazada.com.my/products/1pcs-wifi-pineapple-wireless-network-wifipineapple-wireless-security-auditing-hak5-high-quality-i557402589-s1108500118.html
https://pikdo.net/p/faisalyahya/2118124885757667190_187669594
Wifi Pineapple:
https://shop.hak5.org/products/wifi-pineapple
https://www.lazada.com.my/products/1pcs-wifi-pineapple-wireless-network-wifipineapple-wireless-security-auditing-hak5-high-quality-i557402589-s1108500118.html
Wifi Jammer with Raspberry PI
https://dephace.com/how-to-make-a-wifi-jammer-with-raspberry-pi-3/
https://www.evilsocket.net/2018/07/28/Project-PITA-Writeup-build-a-mini-mass-deauther-using-bettercap-and-a-Raspberry-Pi-Zero-W/
https://www.shellvoide.com/wifi/how-to-turn-raspberry-pi-into-wireless-jammer/
https://www.hackster.io/mehedishakeel/make-a-wifi-jammer-using-raspberry-pi-3-fb73dd
https://www.evilsocket.net/2018/07/28/Project-PITA-Writeup-build-a-mini-mass-deauther-using-bettercap-and-a-Raspberry-Pi-Zero-W/
https://www.shellvoide.com/wifi/how-to-turn-raspberry-pi-into-wireless-jammer/
https://www.hackster.io/mehedishakeel/make-a-wifi-jammer-using-raspberry-pi-3-fb73dd
Tuesday, August 27, 2019
Hacking Windows Password
Cp cmd.exe to utilman.exe
https://www.youtube.com/watch?v=meqXmnXcgBc
Using chntpw
https://www.youtube.com/watch?v=O4j1j3cu-HI
https://www.youtube.com/watch?v=meqXmnXcgBc
Using chntpw
https://www.youtube.com/watch?v=O4j1j3cu-HI
Monday, August 26, 2019
Cloning USB drive
Doesn't work because of multiple partitions on source usb:
https://www.youtube.com/watch?time_continue=133&v=PYLDTrxwt80
https://www.backup-utility.com/clone/usb-clone-tool-4348.html
This one works:
Need to use a linux PC.
fdisk -l
/dev/sda
this is your hard disk
Insert source usb
fdisk -l
/dev/sdb1
/dev/sdb2
Insert destination disk:
fdisk -l
/dev/sdc
Then, do:
dd if = /dev/sdb of=/dev/sdc bs=4096 conv=noerror
Ref:
https://www.pclinuxos.com/forum/index.php/topic,118627.15.html?PHPSESSID=a6t30g1s6jouarhddbjqdbm0j5
https://www.youtube.com/watch?time_continue=133&v=PYLDTrxwt80
https://www.backup-utility.com/clone/usb-clone-tool-4348.html
This one works:
Need to use a linux PC.
fdisk -l
/dev/sda
this is your hard disk
Insert source usb
fdisk -l
/dev/sdb1
/dev/sdb2
Insert destination disk:
fdisk -l
/dev/sdc
Then, do:
dd if = /dev/sdb of=/dev/sdc bs=4096 conv=noerror
Ref:
https://www.pclinuxos.com/forum/index.php/topic,118627.15.html?PHPSESSID=a6t30g1s6jouarhddbjqdbm0j5
Saturday, July 20, 2019
NodeMCU hacking projects
Deauthentication attacks:
https://hackernoon.com/deauthentication-attack-and-other-wifi-hacks-using-an-esp8266-module-14f9142b063d
https://null-byte.wonderhowto.com/how-to/scan-fake-attack-wi-fi-networks-with-esp8266-based-wifi-deauther-0193837/
https://www.lazada.com.my/products/wifi-deauther-mini-wifi-attacktest-esp8266-open-source-development-board-i556718682-s1107126756.html
Following Spacehun's method:
https://github.com/spacehuhn/esp8266_deauther/wiki/Installation
http://deauth.me/
https://www.youtube.com/watch?v=oQQhBdCQOTM
Nimbalkar's method:
https://www.youtube.com/watch?v=N5JVQ-m5Kd0
https://www.instructables.com/id/DIY-Wifi-Jammer-With-ESP8266-and-Mobile-App/
Shops:
https://hackerwarehouse.com/
https://shop.hak5.org/
https://hackernoon.com/deauthentication-attack-and-other-wifi-hacks-using-an-esp8266-module-14f9142b063d
https://null-byte.wonderhowto.com/how-to/scan-fake-attack-wi-fi-networks-with-esp8266-based-wifi-deauther-0193837/
https://www.lazada.com.my/products/wifi-deauther-mini-wifi-attacktest-esp8266-open-source-development-board-i556718682-s1107126756.html
Following Spacehun's method:
https://github.com/spacehuhn/esp8266_deauther/wiki/Installation
http://deauth.me/
https://www.youtube.com/watch?v=oQQhBdCQOTM
Nimbalkar's method:
https://www.youtube.com/watch?v=N5JVQ-m5Kd0
https://www.instructables.com/id/DIY-Wifi-Jammer-With-ESP8266-and-Mobile-App/
Shops:
https://hackerwarehouse.com/
https://shop.hak5.org/
Tuesday, July 16, 2019
Wifi adapter that supports 2.4 and 5 Ghz
https://www.youtube.com/watch?v=0lqRZ3MWPXY
Lelong:
https://www.lelong.com.my/alfa-awus036ach-1200mbps-wifi-usb-3-0-adapter-tunglt-210708602-2019-12-Sale-P.htm?_ga=2.131794639.1583809003.1563333487-1268787103.1563333487
Lelong:
Alfa AWUS036ACH 1200Mbps WiFi USB 3.0 Adapter
| Chipset | RTL8812AU |
Tuesday, July 9, 2019
Subscribe to:
Comments (Atom)