For the last 1.5 months I've been working on a blind sqli brute forcer. It still a bit messy, but it works, and its pretty darn fast to boot! I know sqlmap is one of the most reliable tools that pentesters use but i needed a project and this seemed like it was going to be within my skill set. I haven't done a project since college and I'm very pleased with myself for actually (mostly) finishing something. Please consider checking it out and giving me any feedback you have!

The repo is here:

https://github.com/c3llkn1ght/BlindBrute

Hello!

Total newbie here (just started last week after taking some PTO) and first time poster in this sub. Please lemme know if I'm breaking rules or would be better served by posting somewhere else. As far as I know, this is the place for these beginner sorts of questions.

Alright! So I'm in the Tcpdump: The Basics room on TryHackMe, and I was trying to sort out a solution to the following question: "What is the IP address of the host that asked for the MAC address of 192.168.124.137?"

I answered the question in what I think is a brutish (normal for me) way by using
tcpdump -n -r traffic.pcap arp | grep 'who-has 192.168.124.137 tell *'

and got the answer right, but first I was looking at other folks' solutions and saw multiple workups (think I'm using that term right) using

tcpdump -r traffic.pcap arp and 'arp[24:4] = 0xc0a87c89'

where they converted the IP 192.168.124.137 to hexadecimal c0a87c89. I'm confused about the arp[24:4] and the 0x at the start of the hexadecimal. Could someone explain that and/or (better yet) provide some link to where I can learn more about how to use tcpdump with arp in this way or, if it seems appropriate, where I can learn more about how arp works?

I've done some googling and looked at activedirectorytools.net/arp-command , users.softlab.ntua.gr/~sivann/books/tcp-ip-illustrated/arp_addr.htm, geeksforgeeks.org/arp-in-wireshark, and linuxconfig.org/how-to-use-tcpdump-command-on-linux, but none of them seems to have an explanation for this arp[24:4] bit or the '0x' at the beginning of the hexadecimal representation of the IP address. (I also went back to the networking essentials room on tryhackme and couldn't find anything informative there for the ARP stuff above.)

Thanks for any help you can provide! :)

I need a full guide on how can i become ethical hacker or cyber security expert..cuz if i dont do anything am gonna die cuz i am a bad son..so kindly help me guyz

Hey guys! Long story short my girlfriend's Instagram is hacked by a sociopath who goes above and beyond to sabotage our plans, lives and also had a hand bringing problems to her sister's life too. I'd like to have some insight about what programs he may be using and if I can fight fire with fire.

Been trying to get this malware to work and have been following the github down to a T, but everytime I try to launch the compiled executable I either receive no error message and no connection to Google Sheets or I compile the executable as (go build gc2-sheet.go) but receive the following error message when executed:
[-] Failed to pull new command and ticker: an error occurred while pulling command and ticker from remote source: %!w(<nil>)
Any advice on how to get this to execute would be greatly appreciated.

i alr have the needed stuff

Gen 1 tp link wifi adapter

kali linux computer

I have to pick an existing CVE, implement the vulnerability, exploit it and create a proof of concept capture the flag game.

I'm not looking to some super complicated CVE, I got other things to do, any help would be appreciated.

Hello everyone! I am using John the Ripper to crack some hashes. Is the default setting using the GPU and not the CPU? If so how do I get John to use the CPU? Hashcat can do the same file in 3-7 hours while John takes 30+ hours.

Any John pros that know how to set CPU use instead of GPU??

I am facing an issue and i am new to modding. As i am trying to change some file in Clash of clans just a small change like changing its profile picture using apk editor and then saving that apk but apk editor signed apk with its custom key. So, the problem is even iam changing coc profile picture and after creating a signed apk of that (i dont have a rooted phone) and when i install that apk that is modded it just open and then close. App is not opening. So, i want to know if it is happening due to the signed key issue ? Or something else?

Anybody used them? Anybody scammed by them? They claim to provide a software app that allows you to monitor an iPhone from your own phone. Is it just BS?

Backstory: I'm a taxi driver, and our orders come through a company-issued Android phone with a locked-down system. We can only use it for orders, navigation, and a few other limited functions.

Here’s my issue: when I’m waiting at home (about a 3-minute walk from my car), I have to get to the car within 2 minutes of an order coming in so my phone can connect to the car's Bluetooth hub. If I’m not within range in time, I lose the order. If I run, I can make it. Bro, I don't want to run everytime :-)

I've been wondering if Bluetooth spoofing could solve this. I tried with several devices—desktop, laptop, two Bluetooth dongles, and a Raspberry Pi using Kali Linux—but every attempt failed, likely due to manufacturer restrictions.

Is it even possible to spoof a Bluetooth? Would this even work?

Does anyone have another suggestion how I could make it see that my phone is always connected to my hub?

I'm debugging a program in OllyDbg x32. After closing and restarting this program and Olly several times, it is now not recognized anymore in the Attach window of x32 Olly. The x64 OllyDbg recognizes it tho, but it still a 32-bit program according to Task Manager's Detail tab. If I restart windows, it goes back to normal 32-bits. Does anyone know how to fix it?

I wanna try and hack stuff but idk how too do it and what to use any1 got tips

I have a question about capturing WPA2 handshakes. I set my laptop to monitor a specific access point and then tried to connect my phone using an incorrect password. To my surprise, it indicated that a handshake was captured.

Is it normal for a handshake to be captured even if I entered the wrong password? If I use a tool like Hashcat on that handshake, will it help me find the correct password, or does the handshake only reflect the incorrect attempt?

well, I just want to first tell you all that I'm an absolute noob when it comes to programming, so what I'm posting might not even be "hackable". But, I'm putting it out there anyway because why not
anyway, to the point, I want to change the audio of this toy that I have (my pal scout; smarty paws) with something different than the songs already provided
it has a headphone jack for personalization (like adding a name and other stuff), and to do so you need to go to the toy's site
so is there any way I can change the audio with the headphone jack? And if so, how?I know it might not work since I read that I'll probably need to change some parts and put an audio fx soundboard and reset all of the audio, but I don't wanna break it, I just wanna code if I can
so if anyone knows how to, or explain why I can't, please tell me and I'll be forever grateful :D

I don't know if this is the right place to post this. if it isn't, please, feel free to donwvote me to oblivion.

I am a teacher and my company provides me with a license to various books from different publishing houses, i am trying to extract PDFs from as many as possible since the company will cancel those licenses and start using their own material. I've been able to do so very easily for a certain publishing house ( i will omit names ) through inspect element feature in google chrome.

image to illustrate: https://imgur.com/a/1oGvzAA

when doing the same for a different publishing house i get the following error message.

https://imgur.com/a/kg2TWqM

I suspect this is a security measure and the request for the image can only be validated when it comes from within the original page ( idk how to explain )

any way around this?

#💡HowToHack - Being Smart When Asking Questions

"If I had an hour to solve a problem and my life depended on the solution, I would spend the first 55 minutes determining the proper question to ask." - Albert Einstein

#🔍 Before You Post

Take at least 15 minutes to solve the problem yourself. This isn't just about courtesy - it's about developing crucial skills you'll need as a hacker.

#✍️ Writing Your Question

• State what you've already tried
• Don't expect help if you haven't made an effort
• Be precise with title and description

#🚫 Never Ask About:

• Helping to "recover" anything
• Illegal activities
• Attacking systems without permission
• Personal revenge
• Bypassing legitimate security

#🚫 Avoid These Red Flags:

• "HELP!" / "URGENT!!!"
• "DM me the answer"
• "It's not working" / "I tried everything" (without details)
• Absolutely zero spam, same for posting question in multiple subs

#🌟 Got your answer?

After receiving help, always update the discussion with the final solution. Remember, the hacking community values precision, self-reliance, and contributions to shared knowledge, so make sure your questions reflect these principles.

From a cloudflare dns I got the real ip and when I do a scan I see some open ports, but when I want to see the service in nmap I see that the service says cloudflare, obviously it is firewall but how can I bypass it to get what are the real services running on those ports.

Hi everyone, I’m trying to get the data out of a dictionary app that was put out by a government organization for the public use. The app works fully offline, but they don’t have a desktop or web version (just Android and iOS), and I really need it on my computer. They also put out a PDF, but it’s not as searchable.

I managed to extract the APK, but the data files inside are password-protected, so I can’t get into them. I tried reaching out to the devs, but no response. I’m not looking to distribute, just want to be able to use it more easily for personal purposes on my computer.

Has anyone dealt with this kind of thing before? I’ve heard of tools like APKTool and JADX for decompiling APKs, but I’m not sure how to approach it with the password protection on the files. Any advice or suggestions on tools/techniques would be a lifesaver! Thanks!

Hi,

I was starting to do SMB relay attack on my AD environment, but when i run ntlmrelayx.py script it gives me a error. I think there is some kind of dependency error when I am executing the .py script. Kindly help

┌──(root㉿kali)-[/home/kali/Downloads]
└─# python3 ntlmrelayx.py -tf target.txt -smb2support
Impacket v0.12.0.dev1 - Copyright 2023 Fortra

[*] Protocol Client IMAPS loaded..
[*] Protocol Client IMAP loaded..
[*] Protocol Client HTTP loaded..
[*] Protocol Client HTTPS loaded..
[*] Protocol Client SMTP loaded..
[*] Protocol Client MSSQL loaded..
[*] Protocol Client SMB loaded..
[*] Protocol Client DCSYNC loaded..
[*] Protocol Client LDAPS loaded..
[*] Protocol Client LDAP loaded..
[*] Protocol Client RPC loaded..
[*] Running in relay mode to hosts in targetfile
Traceback (most recent call last):
  File "/home/kali/Downloads/ntlmrelayx.py", line 499, in <module>
    c = start_servers(options, threads)
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/kali/Downloads/ntlmrelayx.py", line 188, in start_servers
    c.setKeepRelaying(options.keep_relaying)
    ^^^^^^^^^^^^^^^^^
AttributeError: 'NTLMRelayxConfig' object has no attribute 'setKeepRelaying'

How to put a reverse shell into an uploads section that only accepts .cif file uploads?

I wasn't focused and ran the same command twice, the first time the hash was cracked and the second time i got the error "No password hashes left to crack", So I was wondering if they were stored somewhere.

im learning to pentest networks and i can't find resources where it explains that.

Looking for advice/criticism on my approach

I'm a rookie and while I understand the basics I feel as though I'm not taking the best approach. I'm using hashcat 6.2.6 to try and get the answer. I downloaded the crackstation password list. I identified it to be NTLM hash. Here is what I ran in the command prompt:

hashcat -O -m 1000 -a 6 "[path to hash.txt file] "[path to crackstation.lst file]" ?a?a?a

I figured since it was NTLM the salt was needed so the hash is a txt file with just the hash: A97543E6214781FBAAD3B435B51404EE

It's running in the command prompt but quoting 20 days. Is my approach inefficient or am I just impatient?

I have played around with Cheat Engine, I understand the processing of sorting addresses and finding values, but I am more interested in how to write scripts to manipulate online games.

I am very interested in this for the sake of education. However, I can not find any information on how to write code and how to use it in a game. Any help or direction waypoints will be much appreciated.

Hello! I'm really sorry if this is a stupid question, or if I'm in the wrong place. I'm starting a degree in Cyber Operations in a few months, and I feel like I'm way behind my peers in my knowledge of offensive and defensive security. I was wondering if anyone knew any good resources to learn the basic info I'd need in order to do well in my classes.

how to find email linked to a tiktok

hi all i’m not sure if this is the best place to ask but basically me and my friend have been like profile viewed by random fake tiktok account for months now and we just really want to know who it is LOL. i’m not interested in like trying to get into the account but even if i can get like a censored version of the phone number linked to it id probably be able to figure it out. if anyone can redirect me somewhere that’d be great too lol

At my school, in our computer labs we have a software put on every computer where the teacher can see our screens, control our screens and pause/block our screens. Im not sure which it is, but i think its called LanSchool web helper. Anyone know how to bypass or disable this? (task manager, control panel and all that is disabled by adminstrator and incognito is blocked too)

A guy just came into the minecraft world of my little sister (7) that she has been working on for over 2 months. He is about 12-13 years old and just spawned tnt everywhere. How can I find more information about this guy. I don‘t want to harm him bc he‘s prolly a little kid but I just wanna have a word with him or his parents

I would like to copy a tag onto a tag that has probably gotten blocked, but used to go to the same building. It is not illegal, or at least not that illegal. It's for a friend that wants a copy of their tag so that they have a spare one.

Don't have any fancy hardware and was wondering if I could copy the tag using the mobile app MIFARE Classic Tools. There would be an image included, but I can't include one. The image would be of the read data from the bad tag. The good tag that works, reads the same except the top line on sector 0 reads a bunch of randum numbers and letters, while on the good tag, it simply reads straight zeroes. Why is this? Can I copy it? How would I go about doing that in that case?