/r/hacking

Photograph via snooOG

A subreddit dedicated to hacking and hackers.

Constructive collaboration and learning about exploits, industry standards, grey and white hat hacking, new hardware and software hacking technology, sharing ideas and suggestions for small business and personal security.

A subreddit dedicated to hacking and hacking culture.

What we are about: quality and constructive discussion about the culture, profession and love of hacking.

This sub is aimed at those with an understanding of hacking - please visit /r/HowToHack for posting beginner links and tutorials; any beginner questions should be directed there as they will result in a ban here.

Guides and tutorials are welcome here as long as they are suitably complex and most importantly legal!

Bans are handed out at moderator discretion.

Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...

Damn kids. They're all alike.


Rules:

  1. Keep it legal Hacking can be a grey area but keep it above board. Discussion around the legality of issues is ok, encouraging or aiding illegal activities is not

  2. We are not your personal army. This is not the place to try to find hackers to do your dirty work and you will be banned for trying. This includes:

  • Asking someone to hack for you
  • Trying to hire hackers
  • Asking for help with your DoS
  • Asking how to get into your "girlfriend's" instagram
  • Offering to do these things will also result in a ban
  • No "how do i start hacking?" posts. See /r/howtohack or the stickied post. Intermediate questions are welcomed - e.g. "How does HSTS prevent SSL stripping?" is a good question. "How do I hack wifi with Kali?" is bad.

  • No "I got hacked" posts unless it's an interesting post-mortem of a unique attack. Your nan being phished doesn't count.

  • Sharing of personal data is forbidden - no doxxing or IP dumping

  • Spam is strictly forbidden and will result in a ban. Professional promotion e.g. from security firms/pen testing companies is allowed within the confines of site-wide rules on self promotion found here, but will otherwise be considered spam.

  • Off-topic posts will be treated as spam.

  • Low-effort content will be removed at moderator discretion

  • We are not tech support, these posts should be kept on /r/techsupport

  • Don't be a dick. Play nice, support each other and encourage learning.


  • Recommended Subreddits:

    /r/hacking

    2,715,121 Subscribers

    1

    Linux vs Windows Malware Development

    I am not an expert in this field but upon searching "a few times" on google about "linux malware development" it's mostly about courses and some github repos. Unlike Windows, you can already see guides, blog posts, courses like MalDev academy, and so on. Pretty much there's a resource for developing malware on Windows. Instructions on how to use the Windows API. Reverse Engineering existing malwares (you can do the same for linux too). Hiding shellcodes from EDRs. Process injection. Loading share libraries. Etc.

    I'm pretty sure developing malware for linux is not much harder than windows. So, why people barely talk about it compared to windows?

    Is this because of windows dominating the marketshare being the prime target for malware developers? Or maybe I just didn't search enough.

    I'd like to hear your thoughts.

    4 Comments
    2024/05/20
    11:21 UTC

    1

    Will, username Impressive_Air4167

    Hi,

    I was discussing with someone on here but I think their account got deleted. If you see this, reach out to me again or drop a comment

    Thanks

    2 Comments
    2024/05/20
    11:09 UTC

    0

    Creating a daily drive honeypot? Counterstrike Malware (trojans really?)

    So I'm trying to create a type of honeypot, but this isn't a fake system or traditional honeypot, I'm going to be planting fake juicy files everywhere on my actual laptop that I use every day. It's a laptop running a Linux distro. (It's not my main main daily driver, but more of a part-time daily driver) 

    It has no personal info, no logins ever made to any of my emails, google, etc etc. But I'm going to plant tons of fake files everywhere and even fake images with malware hidden inside them. Example fake passport picture, fake bank login link, fake encrypted file (forcing them to take the file out of my computer or copy it)

    Fake crypto keys and all sorts of fake files are infected, as well as a fake list of links titled "Compromised hacking targets 2024" etc etc.

    I have no interest in finding out who the attackers are or logging their IPs etc, this will be strictly for executing malicious payloads and scripts into the attackers' system. Have any of you here got experience in setting up this type of honeypot, or defensive payload executable? 

    Any tips from experienced people are appreciated, I would also like to hear your stories related to this.

    Also, keep in mind that I am focusing on malware and viruses that do not spread to linked machines instantly. I do not want and will not be using any wildfires, and will be sticking to more isolated payloads that render the hacker machine out of commission. Please do not recommend malware that spreads  

    So more along the lines of Trojan behavior, rather than a worm/virus that spreads uncontrollably, I know there are many nuances between types of worms/trojans/viruses/malware, etc. this specific setup I'm going for is intended to minimize electronic casualty to innocent people the hackers might also be at risk of infecting, so please keep that in mind. I will be checking each suggestion thoroughly, so don't try to sneak some BS into this because I will find out lol.

    Any tips or tricks or even funny anecdotes are welcome, would love to hear similar setups other people have gone for.

    Also, interested in setting up a remote poisoning script maybe through TFTL or remote shell injection? Say for example I get remote access, leave my trivial open, allowing somebody to set up remote access, and then auto inject payloads into their system. Thought this would be a cool idea.

    22 Comments
    2024/05/20
    10:54 UTC

    296

    Saw in an Apartment Building

    How bad is this? What kind of trouble/mischief/shenanigans could be done?

    56 Comments
    2024/05/20
    04:53 UTC

    0

    Signal jammers for sale?

    So pls don't judge but i just want to ask a question if signal jammers are illegal why tf am i able to just go to Google or shoppy and be able to find signal jammers for sale.

    26 Comments
    2024/05/20
    02:03 UTC

    2 Comments
    2024/05/20
    01:16 UTC

    3

    Does SAMDUMP2 still work for Windows 11?

    Hey y’all, I’m asking this question on here since the internet is not turning up any results here.

    I have a windows SYSTEM and SAM registry file exported onto my VM that I’m trying to extract password hashes from. I’ve been testing SamDump2, but it doesn’t seem to be working as intended (I know my password. When hashing it with Windows’ NT/LM algorithms, the results aren’t matching with what SamDump2 is giving me).

    My question is - does SamDump2 still work for windows 11, and if not, what’s a tool that works for that version?

    7 Comments
    2024/05/19
    22:42 UTC

    0

    Best way to open zip with password if I have the password

    Hey all. I've been downloading some password protected zip files from Patreon recently, but the artist is providing the password to their members. But ever since my free trial of Winzip expired I don't know how to open these files now. I've seen a number of ways to open these files if you don't have the password from this community, but what's the best way to open them if you do? Am I just dumb, and Windows has a way to open them itself? Or is there some other means? Thank you.

    16 Comments
    2024/05/19
    14:53 UTC

    65

    Cracking a bios password - what are the options?

    I saved from a ewaste bin an old HP compaq 6730s. It ran on windows Vista but it has every boot options aside from hard disk locked out by an unretrievable bios password. I'd like to put Linux on it and I managed to install OS swapping the HD on another machine, problem is I really want to get rid of that password for future updates. Now I know I can probably buy an unprotected eeprom chip ans swap it but I'm not this good at soldering and I'd prefer to explore software solutions.

    HP has a command line tool (part of its client management tool set) called bios configurator utility. My understanding is that it requires the old password to replace it with a new one and it may accept plain text options for both (although I'm not sure if it only accept hashed versions in bin files at least for the old one. My questions are

    • may a bruteforce approach be viable? What would you suggest me to use first (e.g. Dictionary, rainbow tables...)in a hypotetical powershell script to cycle through, considering that I'm not a skilled programmer and it would be run on a slow machine?
    • are there other no-solder approaches I should also consider? Like, can I dump the eeprom chip and try to decode the password from there?

    Other things I tried: CMOS battery is not an option: it ran out but password is still there and if I input the wrong passwords I don't get to read the code that can be used for retrieving hard-coded backdoors

    64 Comments
    2024/05/19
    12:15 UTC

    0

    How do I solve this burp collaborator issue ?

    5 Comments
    2024/05/19
    08:38 UTC

    9

    Opsec (wifi)

    What would be the most optimal way of utilizing a gl.inet travel router for anonymity?

    Would it be using a sim for internet with a wireguard vpn?

    (I don’t quite understand how a VPN through the router provides more anonymity then a vpn application besides all devices connected being routed through)

    3 Comments
    2024/05/19
    07:55 UTC

    0

    Anyone know if it's possible to use packet injection to send commands to other computers?

    I'm pretty new to packet injection, just curious to see if anyone knew of a way to accomplish this.

    5 Comments
    2024/05/18
    16:18 UTC

    0

    XSS doubt for bug bounty

    I have a huge list of URLs like this "https://'''''''''''''''''''/events/2022-06-09/?ical=FUZZ

    https://'''''''''''''''''/events/2023-05-04/?outlook-ical=FUZZ

    https://''''''''''''''''/events/2022-04-26/?ical=FUZZ

    https://'''''''''''''''/events/2023-05-21/?ical=FUZZ

    https://'''''''''''''''/events/2022-04-07/?ical=FUZZ

    https://'''''''''''''''/events/2022-04-10/?ical=FUZZ

    https://'''''''''''''''/events/2023-05-08/?outlook-ical=FUZZ

    http://'''''''''''''''/?page_id=FUZZ

    https://'''''''''''''''/events/month/2023-02/?outlook-ical=FUZZ

    https://'''''''''''''''/events/2023-03-04/?ical=FUZZ

    https://'''''''''''''''/events/2022-06-20/?ical=FUZZ" and 100k+

    Now I want to test xss on all of them with automation any tool(Pls name some ), How can I?

    4 Comments
    2024/05/18
    16:07 UTC

    0

    If someone knows my email and its password am I screwed?

    I have 2fa and already changed the passwords but if someone knew them what could they possibly do with that info? Can they easily get passed 2fa?

    16 Comments
    2024/05/18
    12:14 UTC

    11

    Hitag2 Crack2 implementation working on Proxmark3

    The second key recovery vector outlined in the Gone in 360 seconds paper by F Garcia et al, implemented by Kev Sheldrake in RFIDLer 2017, now work in Proxmark3.

    It is a time/trade memory attack, with a online part and a secondary offline part.

    We can now gather the 2048 bits of crypto key stream needed for the second part of the attack in the pm3 client.

    You all need to create the 1.2tb lookup database file in order to execute the offline part of the attack.

    You find all you need in tools\hitag2crack\crack2

    3 Comments
    2024/05/18
    09:06 UTC

    143

    Best Approach?

    My wife has not been able to play a game for a few weeks due to bad development. I've reviewed the crash logs generated by game, and it appears there is one particular item, a fountain, that is placed in her game that is causing the crash. The profile.json is encrypted, so I can't just go in there and find that entry and remove it. I'm guessing it uses AES encryption since the crash log mentions Rijndael. What would the best approach be to digging for the key? I've opened up files with ghidra, but for some reason, findcrypt isn't showing up for me to use in analysis. My wife loves this game and I really want to figure this out for her. Is there a better approach to doing this?

    Update2: I feel like I'm making progress as of 20:00 5/18 I was able to use IL2CPPDumper to break apart the GameAssembly.dll. I am in the process of decompiling GameAssembly.dll so that I can apply the data from IL2CPPDumper to Ghidra, but becuase the dll is so big, Ghidra would freeze up after trying to decompile it. I found a workaround by using analyzeHeadless. It's running now. Thank you again for all the input!

    Update1:
    Thank you for all the help so far! You’ve given me so many more ideas to try.

    Here are the dmp details.

    EXCEPTION_RECORD: (.exr -1)
    ExceptionAddress: 00007ffc989b6196 (GameAssembly!mono_class_has_parent+0x00000000005a0606)
    ExceptionCode: c0000005 (Access violation)
    ExceptionFlags: 00000000
    NumberParameters: 2
    Parameter[0]: 0000000000000000
    Parameter[1]: ffffffffffffffff
    Attempt to read from address ffffffffffffffff

    Here are the log details:
    Unloading 2 Unused Serialized files (Serialized files now loaded: 1724)
    Unloading 4307 unused Assets to reduce memory usage. Loaded Objects now: 85482.

    Total: 177.784700 ms (FindLiveObjects: 11.103100 ms CreateObjectMapping: 4.718700 ms MarkObjects: 159.846400 ms DeleteObjects: 2.116200 ms)

    Exception: Fountain01(Clone) not found in Profile.World.Keyholes (IsKeyHole: False, guid: )

    56 Comments
    2024/05/18
    01:54 UTC

    3

    Tips for investigating a series of websites as part of brand protection. (Cross-Post)

    1 Comment
    2024/05/17
    22:44 UTC

    2

    Resources to use in conjunction with Try Hack Me

    tl;dr - What do you use with THM or HtB to help you remember what they've taught you (specifically when you're early on)?


    I've been doing Try Hack Me for about a month or so. I've done enough to start to get at the meat and potatoes of hacking, but still far from being able to do it on my own.However, I do have a concern. As I'm continuing my journey on this website, I'm finding that I'm forgetting some things. I'll know the general idea, but not the exact bits of information I'd need in the moment.

    I know the default answer to this is just study, but even if I strap myself to a chair and pin my eyelids open like I'm in Clockwork Orange, I still struggle to remember stuff. I learn best by doing and repetition of the doing, but I'm not sure what I can use aside from THM and Hack the Box. I'm still not at a point to be doing an CTF challenges (as far as I know), so those aren't really an option.

    What I want to know, is what do you guys use in conjunction with these? I looked at the wiki, and I plan on trying some of them out, but I worry that they're going to be too dense/technical for me. Are there any other resources to help familiarize yourself with hacking concepts/tools? Key word being "familiarize". I've done the lessons, but need reminders before I can fully commit it to memory.

    EDIT: I should mention that I do takes notes as I go through the lessons, and it does help, but it doesn't help me full grasp these concepts when it's just simple tidbits of information

    3 Comments
    2024/05/17
    19:02 UTC

    3

    PCB hacking project

    Hey, recently I won a pcb gift card for around 200 bucks, and was wondering if I could use it for a hacking tool. I already made a nfc buisness card, and a macropad so I have some experience in pcb design. I was wondering if there were any hacking projects specifically that can be made using pcb designing. It can be illegal but need to be on the gray line between illegal or legal, just like pwnagotchi. Some ideas that I already have is this https://www.hackster.io/pablotrujillojuan/hackbat-1dfdbc, I would be grateful towards anyone's input.

    Thanks!

    6 Comments
    2024/05/17
    00:07 UTC

    20

    Bachelors Degree in Cybersecurity vs CS

    Hey everyone,

    I've been weighing my options lately and could really use some advice. I'm stuck between pursuing a Bachelor's degree in Cybersecurity or Computer Science. Money is a big concern for me, especially since my dad is retiring soon leaving me in-charge of being the breadwinner of the family, taking care of both my parents and my sibling who will at one point sooner or later also be going to university...

    Here's the deal: I'm not exactly a math whiz, and the thought of getting tangled up in complex equations in a CS program is daunting. I've heard that Cybersecurity might be a bit lighter on the math, which sounds like a relief.

    But I also want to make sure I'm setting myself up for a solid career path with good job prospects and financial stability on a global scale. So, which field do you think offers a more secure role and better opportunities in the long run?

    Any insights or experiences you can share would be super helpful. Thanks in advance for your input!

    40 Comments
    2024/05/16
    20:10 UTC

    16

    USDoD launches new Breached forum - goes live July 4th

    8 Comments
    2024/05/16
    14:35 UTC

    89

    Update on the PicoUSB (Raspberry Pi RP2040 Bad USB)

    I wanted to share a quick update on PicoUSB, the RP2040 powered "bad USB" that I introduced a while back. (Original post)

    First off, I want to thank this community for the incredible response and feedback I received when I first shared about PicoUSB. Your insights and suggestions have been invaluable in shaping the development of this project.

    Since then, I've been hard at work refining PicoUSB to make it even easier to produce and ship. I'm incredibly excited about the progress We've made with PicoUSB. We are now at final Version: V0.6. As always, I welcome your thoughts, feedback, and suggestions as we continue to evolve and improve PicoUSB.

    https://preview.redd.it/50y1ab5shs0d1.png?width=1600&format=png&auto=webp&s=58c3604890ab61d2d135ff0545066efe6e31f8eb

    If you're interested in learning more about PicoUSB or have any questions, feel free to drop them in the comments below, and I'll do my best to answer them.

    Get PicoUSB
    Facebook
    Github

    Tomislav - PicoUSB

    12 Comments
    2024/05/16
    13:23 UTC

    15

    Do you prefer books for learning or not?

    Hi Everyone.

    Background:
    I am new to penetration testing/hacking etc. I've been interested in the field of computers for long, and know basic Python, Java, etc. A short while ago my spare PC's windows did not boot up properly, so I messed around with it and remembered how much I enjoy understanding systems etc. which lead to rediscovering my interest in hacking, cybersecurity, etc.

    Anyway, I am looking for good learning materials, but I am not sure whether books are worth while or if it is better to learn directly from the internet. I usually prefer books, but I also know the world of computing advances fast.

    My question:
    Are there good books/youtube etc. accounts/websites you would suggest to a beginner?

    Thanks for taking the time to read and respond, I appreciate it.

    30 Comments
    2024/05/16
    13:02 UTC

    0

    How do you get a CVE number using searchsploit?

    If you are searching for a vulnerability in searchsploit it isn't showing the corresponding CVE. How do you get that?

    10 Comments
    2024/05/15
    23:06 UTC

    400

    Doxbin and Breachforums taken down on the same day

    49 Comments
    2024/05/15
    16:21 UTC

    Back To Top