/r/hacking
A subreddit dedicated to hacking and hackers.
Constructive collaboration and learning about exploits, industry standards, grey and white hat hacking, new hardware and software hacking technology, sharing ideas and suggestions for small business and personal security.
A subreddit dedicated to hacking and hacking culture.
What we are about: quality and constructive discussion about the culture, profession and love of hacking.
This sub is aimed at those with an understanding of hacking - please visit /r/HowToHack for posting beginner links and tutorials; any beginner questions should be directed there as they will result in a ban here.
Guides and tutorials are welcome here as long as they are suitably complex and most importantly legal!
Bans are handed out at moderator discretion.
Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
Damn kids. They're all alike.
Keep it legal Hacking can be a grey area but keep it above board. Discussion around the legality of issues is ok, encouraging or aiding illegal activities is not
We are not your personal army. This is not the place to try to find hackers to do your dirty work and you will be banned for trying. This includes:
No "how do i start hacking?" posts. See /r/howtohack or the stickied post. Intermediate questions are welcomed - e.g. "How does HSTS prevent SSL stripping?" is a good question. "How do I hack wifi with Kali?" is bad.
No "I got hacked" posts unless it's an interesting post-mortem of a unique attack. Your nan being phished doesn't count.
Sharing of personal data is forbidden - no doxxing or IP dumping
Spam is strictly forbidden and will result in a ban. Professional promotion e.g. from security firms/pen testing companies is allowed within the confines of site-wide rules on self promotion found here, but will otherwise be considered spam.
Off-topic posts will be treated as spam.
Low-effort content will be removed at moderator discretion
We are not tech support, these posts should be kept on /r/techsupport
Don't be a dick. Play nice, support each other and encourage learning.
/r/hacking
This is my first crack at writing malware. Its a lightweight Remote Access Trojan in Rust. Any feedback and suggestions would be greatly appreciated, especially in regards to advancing the obfuscation and evasion mechanisms. If you wanna play around with it the pre built release is on github along with the source, here: (Art3misRAT Github). Note that the ip is set to 127.0.0.1 in the release so it will only work on local machine, if you wanna connect to a remote ip you'll have to build from source. Hoping to evolve it into a free tool for the community with enough useful features, but primarily to evade AV detection since Meterpreter seems to be very difficult to get past windows defender lately. Hope yall like it and any feedback is greatly appreciated! Edit: Use it responsibly and legally!
Is it good to have an explicit DML GRANT statement on a CREATE table statement SQL and then upload it to GitHub just to avoid DBA dependency and for one-click deployment?
Example: Execute immediate GRANT insert, update, delete on x_table to x_user; [Oracle Database] (Suggestion/Feedback please).
i was updating my sistem (using apt update, apt upgrade and at last apt full-upgrade). i had my eth0 connected to the internet, no wifi card at this moment. i rebooted my kali vm after the download finished, and it just stopped working. i reinstalled the driver thru this repo, but it still doesnt work. when i connect the adapter to the computer, the vm sometimes doesnt see it and i need to go to the USB settings (from the oracle virtual machine settings), delete it and re-connect it, and when i finally manage to connect it, it cant connect to any wifi nor search for nearby wifis, and monitor mode doesnt even work, its start but can never find anything.
(sorry for my bad english, its 2 am currently lol)
Hi guys,
does someone has a free option in his mind?
I know the SOCKS5 from vpnunlimited which is free to use...
Are there any other known consistent working SOCKS5 Proxies in this world?
I just want one for Telegram to keep it anonymous all the time... nothing more.
You can't find reliable options. ProtonVPN offers free VPN... all the premium providers don't care anymore about SOCKS5 ... I really need one.
I am working on a project involving the Walabot, a device typically used for detecting structures within walls. My application, however, is a bit more complex—I create and stitch together heatmaps of objects through various materials using the Walabot. The original version of the device would tether over USB and didn't require any fancy interfacing.
The newer, wireless model of Walabot I’m using generates its own Wi-Fi access point named "Walabot_40XXXXX2," but it's secured with a WPA2 Personal password, the app starts and finds said network and after a second or two begins to communicate and stream data the Walabot.
The support team has been unclear or unable to understand my request, telling me its's "not open source" when asking for the WPA2 password. My thought is that it might unfortunately be using some type of rolling WPA code or that its generated per connection by making requests against some kind of backend.
My first thought had been to try and intercept the communication with a wifi bridge running on a raspberry pi between the Walabot and the Phone with a pair of the RTL8821AU USB adapters I have and hopefully capture the password being transmitted, but I can't authenticate so that doesn't seem the workable.
I know I am overthinking this, any software or hardware recommendations that could simplify this process?
Hi guys, what phones are best for changing their imei?
If you have any affordable suggestions please let me know!
Thanks in advance.
Hi All,
Despite what has probably been days worth of attempts, I cannot seem to get BloodHound to work. The password that's supposed to generate never does. The only time it ever works is on a fresh install of both my Kali Linux VM and docker. Any ideas as to what could be causing this?
This is what happens when I run the CE command for reference:
curl -L https://ghst.ly/getbhce | docker compose -f - up
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 190 100 190 0 0 354 0 --:--:-- --:--:-- --:--:-- 353
100 3779 100 3779 0 0 3680 0 0:00:01 0:00:01 --:--:-- 3680
[+] Running 3/0
✔ Container kali-graph-db-1 Created 0.0s
✔ Container kali-app-db-1 Created 0.0s
✔ Container kali-bloodhound-1 Created 0.0s
Attaching to app-db-1, bloodhound-1, graph-db-1
app-db-1 |
app-db-1 | PostgreSQL Database directory appears to contain a database; Skipping initialization
app-db-1 |
app-db-1 | 2024-06-24 22:17:37.835 UTC [1] LOG: starting PostgreSQL 13.2 (Debian 13.2-1.pgdg100+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 8.3.0-6) 8.3.0, 64-bit
app-db-1 | 2024-06-24 22:17:37.836 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432
app-db-1 | 2024-06-24 22:17:37.836 UTC [1] LOG: listening on IPv6 address "::", port 5432
app-db-1 | 2024-06-24 22:17:37.837 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
app-db-1 | 2024-06-24 22:17:37.842 UTC [26] LOG: database system was shut down at 2024-06-24 01:09:16 UTC
app-db-1 | 2024-06-24 22:17:37.848 UTC [1] LOG: database system is ready to accept connections
graph-db-1 | Changed password for user 'neo4j'. IMPORTANT: this change will only take effect if performed before the database is started for the first time.
graph-db-1 | 2024-06-24 22:17:43.039+0000 INFO Starting...
graph-db-1 | 2024-06-24 22:17:43.483+0000 INFO This instance is ServerId{a64e6864} (a64e6864-f5b4-4a80-9fd7-6b36fe107906)
graph-db-1 | 2024-06-24 22:17:44.825+0000 INFO ======== Neo4j 4.4.34 ========
graph-db-1 | 2024-06-24 22:17:45.893+0000 INFO Performing postInitialization step for component 'security-users' with version 3 and status CURRENT
graph-db-1 | 2024-06-24 22:17:45.893+0000 INFO Updating the initial password in component 'security-users'
graph-db-1 | 2024-06-24 22:17:48.282+0000 INFO Bolt enabled on [0:0:0:0:0:0:0:0%0]:7687.
graph-db-1 | 2024-06-24 22:17:49.245+0000 INFO Remote interface available at http://localhost:7474/
graph-db-1 | 2024-06-24 22:17:49.250+0000 INFO id: 963A3E4D8C908F6B217B1EC3AEC8FD6FE4332D96244BCE702E18C015C630C1F1
graph-db-1 | 2024-06-24 22:17:49.250+0000 INFO name: system
graph-db-1 | 2024-06-24 22:17:49.251+0000 INFO creationDate: 2024-06-13T16:48:45.929Z
graph-db-1 | 2024-06-24 22:17:49.251+0000 INFO Started.
bloodhound-1 | {"level":"info","time":"2024-06-24T22:17:58.9828149Z","message":"Reading configuration found at /bloodhound.config.json"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:17:58.990210847Z","message":"Logging configured"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:17:59.09303125Z","message":"No database driver has been set for migration, using: neo4j"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:17:59.093126633Z","message":"Connecting to graph using Neo4j"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:17:59.112994306Z","message":"No new SQL migrations to run"}
bloodhound-1 | {"level":"error","time":"2024-06-24T22:18:01.204519579Z","message":"Invalid neo4j configuration supplied; returning default values"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:18:01.204731194Z","message":"Starting daemon API Daemon"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:18:01.204741409Z","message":"Starting daemon Tools API"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:18:01.204744621Z","message":"Starting daemon Data Pruning Daemon"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:18:01.204747518Z","message":"Starting daemon Data Pipe Daemon"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:18:01.20475059Z","message":"Server started successfully"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:02.501916336Z","message":"Fetching group members for 10 AD nodes"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:02.814084942Z","message":"Collected 5 group members"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:03.94841676Z","message":"Expanding all AD group and local group memberships"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:03.974732205Z","message":"Collected 52 groups to resolve"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:04.700488023Z","message":"Finished post-processing 18 active directory computers"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:04.853332373Z","message":"Finished building adcs cache"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:05.23596484Z","message":"Started Data Quality Stats Collection"}
bloodhound-1 | {"level":"info","time":"2024-06-24T22:19:05.555914546Z","message":"Cache successfully reset by datapipe daemon"}
bloodhound-1 | {"level":"info","elapsed":4311.566385,"measurement_id":1,"time":"2024-06-24T22:19:05.556071505Z","message":"Graph Analysis"}
I tried try hack me’s KOTH challenge and I made now progress, I honestly feel pretty terrible about it. I’m practicing a few ones on the platform as well as on rootme. But I’ve studying so much for such a long time and it stills feels like I know nothing.
How to avoid and prevent SIM Card swapping
My friend got his mobile number stolen essentially and is being used by someone else to get into his accounts(bank, credit cards, apple pay, etc.)
Almost certain his mobile provider's support was social engineered into thinking it was him requesting a phone number transfer
HOW DO WE PREPARE AGAINST THIS?? We can't stop social engineering, so what do we do for future?
EDIT: Looks like the best things are: attempt to find a provider that will take seriously you saying "I want my account locked down tight, always require me to be there physically with ID before making changes or transferring my number", and don't rely on your mobile number for 2fa with everything
Good luck finding a provider that takes your security concerns seriously though
I noticed recently planet fitness doesn't allow their members to pay with credit card. Everything is dirctly with their bank accounts.
I'm actually very surprised nobodys breached planet fitness appearing how lax they are on their security with the third party. Let alone breached third party.
What do you think the outcome could be if somebody got a hold of direct bank account information?
Are there any phone number triangulation softwares that are not proprietary or reserved for law enforcement?
Hellow gophers friends
I just made a initial release (v0.1.0) of earlymooon.
🌟 Install it from:- https://github.com/codedsprit/earlymoon.git
Feel free to contribute ❤️
UPDATE: the hash was cracked!! Thanks so much, we now got access to his bank account, I love you all.
Trying to hack a secured note from a deceased friend, succeed to test all 4 characters password using hashcat on my 4080 Laptop GPU, took a good 7min, but alas, no password. trying higher char count obs increased the required time (12h for 5, 44days for 6 characters).
Any other suggestions or reading about this subject?
EDIT: Here is the hash: $ASN$*62*20000*bf5c2e2f4a2db130e5446b04cfce7b76*f271c4bab89a72be5925cf7f01a1721b3b568dc9e92f3b91
I might try to setup an EC2 instance as well
Has anyone here used the O.MG cable? I have several questions and desperately need help/guidance. Thank you!
Want to give it a try, my WiFi is slow. But it says it may take up to 30 days to start working. 🤣
I'm using an TP-Link TL-WN722N V2 adapter with the aircrack-ng modified driver for monitor mode on Arch Linux. However, the modified driver seems to work half of the time. It sometimes doesn't find devices and APs, sometimes packet injection doesn't work, and sometimes no devices appear in airodump-ng (and I get no packets in Wireshark on that interfave). I have the correct driver loaded, others are unloaded. Monitor mode starts fine and sometimes the adapter is working correctly. What could be the issue?
I’ve tried changing my Mac Address through the registry but I didn’t work. I think the network is configured in a way that prevents me from bypassing it that way.
Are there any other methods I can use, preferably without alerting the network administrator
I've got someone .fbx files I wanted to mess with in blender or Maya. I tried to open them, but got the "error these files might be damaged". Anyways, opened them up, and it's complete gibberish. How would I go about making them readable? They're not encrypted, other people have done it. I'm just not sure how to myself.