Sunday, December 4, 2016

Hello Guys,
You know basic of Sql injection and want to proceed further with some practical & don`t know how to?

Don`t worry. I came across wonderful challenge site which i thought to share.


Reference link:
Site 1: Practical Challenge
http://zixem.altervista.org/SQLi/



Author given total 10 (MISSION) challenges start from basic to expert level. time to crack it :)

Say Thanks later :)

I will Add more one by one later on :)



Saturday, November 26, 2016

Decrypt the encrypted url using HackBar | web pentesting Challenge

TUTORIAL:

Decrypt the encrypted url using HackBar | Web Pentesting Challenge

It is being observed Sqli & Other Challenger encoding the URL to make it difficult.
Many of Noobs having question, What it is & how to decrypt it.
I made a Video which will give you basic understanding to crack it.
=======================================================================

Requirement:
Hackbar (for fastest process)
Basic of Encryption & Decryption concept & Method (not compulsary)
=======================================================================

Ex: URLs need to decode. copy it on Hackbar and Follow me.
Hex:
0x687474703a2f2f74687265617468756e7465722e626c6f6773706f742e696e2f

URL Encode:
%68%74%74%70%3a%2f%2f%74%68%72%65%61%74%68%75%6e%74%65%72%2e%62%6c%6f%67%73%70%6f%74%2e%69%6e%2f

Base64:
aHR0cDovL3RocmVhdGh1bnRlci5ibG9nc3BvdC5pbi8=


=======================================================================

Solve it:


JTMwJTc4JTM2JTM4JTM3JTM0JTM3JTM0JTM3JTMwJTMzJTYxJTMyJTY2JTMyJTY2JTM3JTM0JTM2JTM4JTM3JTMyJTM2JTM1JTM2JTMxJTM3JTM0JTM2JTM4JTM3JTM1JTM2JTY1JTM3JTM0JTM2JTM1JTM3JTMyJTMyJTY1JTM2JTMyJTM2JTYzJTM2JTY2JTM2JTM3JTM3JTMzJTM3JTMwJTM2JTY2JTM3JTM0JTMyJTY1JTM2JTM5JTM2JTY1JTMyJTY2

0x253638253734253734253730253733253361253266253266253737253737253737253265253636253631253633253635253632253666253666253662253265253633253666253664

%30%78%36%31%34%38%35%32%33%30%36%33%34%38%34%64%33%36%34%63%37%39%33%39%33%33%36%34%33%33%36%33%37%35%36%32%36%64%34%36%37%61%35%39%35%33%33%35%36%65%36%32%33%33%35%39%37%36


Video Demo:



=======================================================================
Like & Subscribe My YouTube Channel


Sunday, April 3, 2016

Mine of Hacking Tools for analyst

🔵 Password Hacking Software 

 1.haviz
2.metasploit
3.hydra
4.wireshark
5.Dsniff
6.InSSIDer
7.Aircrack-ng
8.Aircrack
9.Brutus
10.Cain And Abel
11.IKECrack

 🔴Wireless Hacking Software

 12.Kismet
13.KisMAC
14.Firesheep
15.NetStumbler
16.WepLab

 🔵Network Hacking Software

 17.Map
18.SuperScan
19.Angry IP Scanner

 🔴Packet Crafting To Exploit Firewall Weaknesses software

 20.Hping
21.Scapy
22.Netcat
23.Yersinia
24.Nemesis
25.Socat

 🔵Traffic Monitoring for Network Related Hacking software

 26.Splunk
27.Nagios
28.P0f
29.Ngrep

 🔵Packet Sniffers To Analyze Traffic software

 30.Wireshark
31.Tcpdump
32.Ettercap
33.Dsniff
34.EtherApe
35.Paros
36.Fiddler
37.Ratproxy
38.Sslstrip
39.SSL/TLS Security 

 🔴Test By High-Tech Bridge
Rootkit Detectors To Hack File Systemsoftware

 40.Netfilter
41.PF: OpenBSD Packet Filter
42.Skipfish
43.Wfuzz
44.Wapiti
45.W3af
46.Sleuth Kit
47.Helix
48.Maltego
49.Encase

 🔴Debuggers To Hack Running Programs software

 50.Immunity Debugger
51.Netcat
52.Traceroute
53.Ping.eu
54.Dig
55.CURL

 🔵Hacking Operating Systems software

 56.Backtrack 5r3
57.Kali Linux
58.SELinux
59.Knoppix
60.BackBox Linux
61.Pentoo
62.Matriux Krypton
63.NodeZero
64.Blackbuntu
65.Samurai Web Testing Framework
66.WEAKERTH4N
67.OpenSSL
68.Open PuTTy
69.Tor
70.openvpn
72.Stunnel
73.KeePass

 🔴Intrusion Detection System And The IDS Tools

 74.Snort
75.NetCop

 🔵Hacking Vulnerability Exploitation Tools

 76.Sqlmap
77.Sqlninja
78.Social Engineer Toolkit
79.NetSparker
80.BeEF
81.Dradis

 🔵Vulnerability Scanners tools

 82.nessus
83.OpenVAS
84.Nipper
85.Secunia PSI
86.Retina
87.QualysGuard
88.NexPose

 🔴Web Vulnerability Scanners tools

 89.Burp Suite
90.Webscarab
91.Websecurify
92.Nikto
93.W3af

 Enjoy!!

Friday, March 25, 2016

Download VMware Workstation PRO 12 With License Keys


Hello Guys,
Thought to share with you.Download VMware Workstation PRO 12 With License Keys



VMware Workstation 12 PRO : is the easiest, fastest and most reliable way to evaluate new operating systems, software applications and patches, and reference architectures in an isolated and safe virtualized environment. No other desktop virtualization software offers the performance, reliability, and cutting edge features of Workstation.






VMware Workstation 12 PRO Features :
  1. Ready for the Latest Hardware.
  2. Enhanced Connectivity.
  3. Build Virtual Networks.
  4. Built for Microsoft Windows 10 and More.
  5. Display Powerful 3D Graphics.
  6. Ready for High Resolution Displays.
  7. Create Powerful Virtual Machines.
  8. Leverage the Power of vSphere and vCloud Air.
  9. Take Productivity to the Next Level.
  10. Awesome User Interface.
  11. Protect Your Work and Save Time.
  12. Run Restricted Virtual Machines.
  13. Expiring Virtual Machines.
  14. Virtual Machine Cross Compatibility.


How to Register VMware Workstation 12 ?
Install VMware Workstation 12 PRO Trial Setup.
After Installation >> It will ask for a License Key To Activate VMware Workstation.
Use License Key Provided Below To Register VMWare Workstation.
Thats It! Enjoy VMware Workstation 12 PRO Full Version For Free.
VMware Workstation 12 License Key :
5A02H-AU243-TZJ49-GTC7K-3C61N

Download WYSIWYG Web Builder 11 With Keygen & Loader

Hello Guys,
         Thought to share with you. Download WYSIWYG Web Builder 11 With Keygen & Loader
WYSIWYG Web Builder 11 : has been released and there are more than 160 new features has been added in this new release, and few bugs were fixed.
 
WYSIWYG Web Builder 11 Features : (What’s New!)
  • Responsive Web Design.
  • No HTML knowledge required! Just drag & drop objects to the page.
  • HTML5 Audio/Video, YouTube, Flash Video and more.
  • Slidehows, photo galleries, rollover images, rollover text.
  • Navigation bars, Menu bar and many other navigation options.
  • Outputs standard HTML4, HTML5, XHTML, CSS3, PHP.

How to Register Activate Or Crack WYSIWYG Web Builder 11 ?

  • Install WYSIWYG Web Builder 11 Setup.exe
Copy Loader.exe to :
For 32 Bit – C:\Program Files \WYSIWYG Web Builder 11
For 64 Bit – C:\Program Files (x86)\WYSIWYG Web Builder 11
  • Run Loader.exe as “administrator” > Click “continue with trial”
  • Run > WYSIWYG Web Builder 11 it will ask for email and serial key
  • Run Keygen and copy serial and email from keygen back to WYSIWYG Web Builder 11 (activation window).
  • Click Activate “button” Error will popup “serial is invalid”
  • Launch WYSIWYG Web Builder 11 go to about tab > you can see program is registered. 😉
All done, Enjoy! WYSIWYG Web Builder 11 Full Version For Free.. 😀 [Do not update]

Note: Download it at your own risk. I am not responsible if any damage happened.
I am putting it for download further reference to internet articles.
 
reference URL: http://fullsoftwarecity.blogspot.in/2016/03/wysiwyg-web-builder-11-with-keygen.html
 
 
 

Download Cracked NetLimiter PRO Enterprise 4.0.19

Hello Guys,
         Thought to share with you. the cracked NetLimiter PRO Enterprise 4.0.19 

 NetLimiter 4 : 
         can give you full network control over your pc.NetLimiter can set download / upload transfer rate limits for applications or even single connection and monitor their internet traffic. it also offers comprehensive set of internet statistical tools which includes real-time traffic measurement and long-term per-application internet traffic statistics. 




How to Crack Activate Or Register Net Limiter 4 ? 

  • Install NetLimiter 4 trial setup.exe
  • After installation > Run patch.exe “as administrator”> Select your OS 32 / 64 Bit
  • Click > Search > and > Select required DLL file (select DLL “file” that patch is asking for)
  • After that > Click > Crack Now “Button”
  • Now run Net Limiter 4 > Go to > Help “tab” and > click > Register “button”
  • Use Registration details provided below and activate. 😀
  • All done, Enjoy! Net Limiter 4 Full Version For free… :)
Net Limiter 4 Registration details :
Name : www.PirateCity.NET
Key : CRACKEDBYPIRATECITYDOTNET

Note: Download it at your own risk. I am not responsible if any damage happened.
I am putting it for download further reference to internet articles.
 
reference URL:  http://fullsoftwarecity.blogspot.in/2016/03/netlimiter-pro-enterprise-4019-with.html

Shocker - A tool to find and exploit servers vulnerable to Shellshock

Hello Guys,
   Here I am again back for New article on Shellshock.
I came across a tool which find and exploit the Shellshock vulnerability named as Shocker.

 Technical details:

Shocker

A tool to find and exploit servers vulnerable to Shellshock
Released as open source by NCC Group Plc - https://www.nccgroup.trust/
Developed By:
  • Tom Watson, tom [dot] watson [at] nccgroup [dot] trust
Released under AGPL see LICENSE for more information


Help Text

usage: shocker.py
-h, --help show this help message and exit
--Host HOST, -H HOST A target hostname or IP address
--file FILE, -f FILE File containing a list of targets
--port PORT, -p PORT The target port number (default=80)
--exploit EXPLOIT, -e EXPLOIT Command to execute (default=/bin/uname -a)
--cgi CGI, -c CGI Single CGI to check (e.g. /cgi-bin/test.cgi)
--proxy PROXY A BIT BROKEN RIGHT NOW Proxy to be used in the form 'ip:port'
--ssl, -s Use SSL (default=False)
--threads THREADS, -t THREADS Maximum number of threads (default=10, max=100)
--verbose, -v Be verbose in output

Usage Examples

./shocker.py -H 127.0.0.1 -e "/bin/cat /etc/passwd" -c /cgi-bin/test.cgi
Scans for http://127.0.0.1/cgi-bin/test.cgi and, if found, attempts to cat /etc/passwd
./shocker.py -H www.example.com -p 8001 -s
Scan www.example.com on port 8001 using SSL for all scripts in cgi_list and attempts the default exploit for any found
./shocker.py -f ./hostlist
Scans all hosts listed in the file ./hostlist with the default options

Dependencies

Python 2.7+

Change Log

Changes in version 1.0 (March 2016)
  • Some additional scripts contributed and updates to some comments, URLs and contact details
Changes in version 0.72 (December 2014)
  • Minor corrections to logic and typos
Changes in version 0.71 (December 2014)
  • Added timeout to urllib2.urlopen requests using a global 'TIMEOUT'
Changes in version 0.7 (November 2014)
  • Add interactive 'psuedo console' for further exploitation of a chosen vulnerable server
  • Attemped to clean up output buffering issues by wrapping sys.stdout in a class which flushes on every call to write
  • Added a progress indicator for use in time consuming tasks to reassure non vebose users
Changes in version 0.6 (October 2014)
  • Preventing return codes other than 200 from being considered successes
  • Added ability to specify multiple targets in a file
  • Moved the 'cgi_list' list of scripts to attempt to exploit to a file
  • Fixed some output formatting issues
  • Fixed valid hostname/IP regex to allow single word hostnames
Changes in version 0.5 (October 2014)
  • Added ability to specify a single script to target rather than using cgi_list
  • Introduced a timeout on socket operations for host_check
  • Added some usage examples in the script header
  • Added an epilogue to the help text indicating presence of examples
Changes in version 0.4 (October 2014)
  • Introduced a thread count limit defaulting to 10
  • Removed colour support until I can figure out how to make it work in Windows and *nix equally well
  • Spelling corrections
  • More comprehensive cgi_list
  • Removes success_flag from output
Pre 0.4 (October 2014)
  • No idea

TODO

  • Identify and respond correctly to HTTP/200 response - false positives - Low priority/hassle
  • Implement curses for *nix systems - For the whole application or only psuedo terminal? - Low priority/prettiness
  • Thread the initial host check now that multiple targets are supported (and could be make this bit time consuming)
  • Change verbose to integer value - quiet, normal, verbose, debug?
  • Add option to skip initial host checks for the sake of speed?
  • Add a summary of results before exiting
  • Save results to a file? Format?
  • Eventually the idea is to include multiple possible vectors but currently only one is checked.
  • Add Windows and *nix colour support - Low priority/prettiness
  • Add a timeout in interactive mode for commands which don't return, e.g. /bin/cat /dev/zero
  • Prettify - Low priority/pretinness (obviously)
  • Add support for scanning and explointing SSH and SMTP? https://isc.sans.edu/diary/Shellshock+via+SMTP/18879
  • Add SOCKS proxy support, potentially using https://github.com/rpicard/socksonsocks/ from Rober Picard
  • Other stuff. Probably.

Download & Reference Link

http://www.kitploit.com/2016/03/shocker-tool-to-find-and-exploit.html
Download URL: https://github.com/nccgroup/shocker

Thanks to...

Anthony Caulfield @ NCC for time and effort reviewing early versions
Brendan Coles @ NCC for his support and contributions

Subscribe to: Posts (Atom)