/r/HowToHack
Welcome! This is your open hacker community designed to help you on the journey from neophyte to veteran in the world of underground skillsets. Ask, Answer, Learn.
Visit us on discord
http://iso.linuxquestions.org/
We teach you how to do it, use it at your own risk.
/r/HowToHack
Hey! So i was trying to use a ssh tunnel to show this survey website "Swagbucks" that I'm from the US but it somehow keeps identifying that I'm not. I even turned off location on my phone. Still no luck. Any idea how they would track that and what I should do?
Hey guys, I am having the following issue.
I have an e-mail account on privatemail.com (user@torguard.tg).
I tried to send an email from test@test.com to my real email (lets say real@gmail.com) using setoolkit with no success.
So, I tried using sendemail: sendemail -xu user@torguard.tg -xp password_here -s smtp.privatemail.com:587 -f "test@test.com" -t "real@gmail.com" -u "Test" -m "Test"
again no success.
Then I said to myself, why not trying with the same account of the smtp so I did: sendemail -xu user@torguard.tg -xp password_here -s smtp.privatemail.com:587 -f "user@torguard.tg" -t "real@gmail.com" -u "Test" -m "Test"
AND IT DID WORK!
But that doesn't work for me because I need to spoof.
Any ideas on what I can do?
I am trying to use hydra on my home network on a Linksys router to try and brute force the admin login page password and it isn't working on a form-like basis so you can't see where the input is being stored exactly.
You can see the X-Jnap-Authorization when using burp suite and stuff but idk what to put in to hydra anymore...
here's the hydra input:
sudo hydra -l admin -P /usr/share/wordlists/rockyou.txt -f 7.7.7.1 -s 80 http-post-form "/ui/1.0.99.190349/dynamic/login.html:adminPass=^PASS^:F=<div class='rt-content form-container left text-orphan'>" -v
it always displays a different password as the correct one
Hey people. A friend of mine broke the screen of his phone and wants me to get his data back. It is a completely locked box. It has a passcode, It does not have USB Debugging or OTG enabled, and the screen does not work at all, and neither does the the touch function. The device does make noise for charging and notifications still, so it is alive, but the screen doesn't work.
Where do I start to break into this thing to pull the data off? I have Kali Linux and I've worked with ADB a little bit, but don't have the detailed knowledge to break in.
When I do labs I find a relevant CVE but I don't find any detailed information only short explanations aimed at website owners. Where should I look for more in-depth explanations about how they work so I can write an exploit?
Pretend the title says bits and not octets, still new to the terminology of subnetting.
I started learning subnetting about an hour ago and it's pretty simple to understand the technical stuff, but I don't entirely understand the use case yet and I'm trying to notetake before I forget or get unmotivated. A lower CIDR in subnetting means more hosts on a network and less bits allocated to the network itself. What is the downside of having a /16 CIDR compared to a /24 or /30 CIDR. I understand the upside is to be able to have more hosts. Is it something simple like network speed and efficiency, or is it too complex for a newbie to understand just yet. Basically, what do those bits allocated to the network even do?
Also, if my CIDR is like /30 and my mask is 255.255.255.252 or 253, idk if that thing applies but anyway, if its like that, how does that impact the range of my ip? So the first three octets are definitely locked. like 10.1.0.0, but is the 4th octet not locked, but perhaps severely limiting to the range of addresses? What does limiting that range do to affect me negatively anyway, what would be the reason to care about having the first three octets lock?
Sorry for all the questions, don't feel the need to answer everything, I'll probably find out eventually, thanks
Does anyone know any very easy hacking labs as Ive been looking for some but I've always ended up using walkthroughs to help me which I don't want to. I've tried pickle rick ctf and some one about aliens I forgot the name but I ended up using walktrhoughs which I'm kinda upset about since I really want o do one myself. I have basic knowledge of the basics like John the ripper, burp, hydra and some others. I can hack simple machines that are basic like the ones thm uses to explain the topics does anyone know of any easy ones like these.
The scenario is like this: there is a wifi printer connected to a device which is connected to a router (wpa2 encryption). The printer has its own ssid which is open (no password) . The printer is an HP Smartank. Is there any way to extract plain text password of the wifi router? Thanks in advance.
I'm new to openbullet and everything seems to be running fine but I haven't gotten any hits, retries or bads. Does this mean it's not working at all? I would assume I should be getting bads if the attempt is unsuccessful but maybe I've just done something wrong. Any help would be appreciated!
edit: the status of all says 'FINISHED WITH RESULT: NONE'
I had seen the pinned post, the Github roadmap,i want to choose the hobbiest roadmap (the English its not My first Language,sorry) but some rooms are premium,i cant afford the premium cuz i am from a Third world country,so,Continue without the premium? Or i need to choose some alternative? In that case,which one?
I have created a simple ngrok link to track android device or any device that opens that link.
Now is it possible to somehow create a new link that automatically redirects it to the link I created? Or is it possible to merge it in a file discreetly so that when the user downloads the file the link gets open automatically?
Can anybody help me with this ?
I'm not sure if this is the right place to ask these questions. If not just let me now, where to ask.
In my current uni dorm we are required to log in in a web portal with a personalized user name and password to access the internet (similar to public WiFi), and they log us out every week.
Is there a way to not have to log in every week?
I've read that normally when bypassing web login for internet access you have to change your MAC address, but how do I determine which MAC address should I change my device to?
Also is this even legal? Meaning bypassing the log in process.
Everytime I try to start the phishlet on evilginx3 it says invalid version format must be (x.y.z) but evilginx is 3.3.0 and so is the phishlet, so what can I do?
Hi there! I don’t know if this is an appropriate post for this page but I’d figure I would try.
So my uncle just passed, him & I used to spend hours upon hours gaming together. From random games we found on Steam, Rust, Val, CS, WoW, etc, etc. He helped me build my first computer when I was 12 and bought me my first graphics card because it wasn’t in my budget. He showed me to build my first website, taught me how to use photoshop, etc, etc.
He’s the one who got me into gaming and got me into technology and today I’m studying to become a computer engineer so I accredit this to him.
Anywho, it is ironic but in spite of studying to becoming a computer engineer, I need some computer help. Right now his computer is unlocked and that’s why I want to make sure I’m doing the right thing before I tamper with it. I need to figure out a way to remove his computer password so I can log back in before turning it off. I figure with it being unlocked this gives me the best opportunity to remove the password so I was hoping someone could help me out here and guide me in doing so.
Thanks so much in advanced.
Is there a way to learn how deanonymize vpn users? maybe a tor site or something that talks about it, i know that you need the key of encryption to do that, and that only the vpn providers have this key, but maybe there is a way to do it anyway? because everyone says that you can't be 100% anonymous on the internet, so if it is true somebody have the capacity to deanonymize people? Or its meant that usually you can stay anonymous at 100% but if you are part of something big and illegal so the government can ask help to the isp and the vpn provider?
Hi, long-time programmer here newly getting into red teaming. I know that there are many resources for legally practicing penetration testing, but I'm wondering about other aspects of red team operations such as social engineering and physical attacks. Seems like many of those aspects are illegal unless you're able to get a job doing it, but even in that case I wonder how often red team employees get to actually do full operations. Perhaps I'm just looking for a legal outlet for my heist fantasies, but I am interested in how one would even learn and practice those fields without learning on the job.
So I've been facing a problem in pinging a virtual machine (metasploitable). All the firewalls are disabled, they're on the same internet (basically all the check boxes are ticked and the virtual machine is on NAT). I tried pinging it with a virtual Kali machine on the same pc, it worked. But with another pc with kali as base it's not. The main Kali pc is pinging the kali VM and the windows 11 (which is a base OS on my other PC)
Even the metasploitable is pinging the main Kali machine and the Kali virtual Machine but only the main Kali machine is facing problem in pinging the virtual Metasploitable machine.
Just to Clarify here are the two pcs and the OS they're running:
PC 1: Windows 11 (Base OS) Kali Linux (Virtual Machine) Metasploitable 2 (Virtual Machine)
PC 2: Kali Linux (Base OS)
So any help would be appreciated since I've tried everything!!
MODS PLEASE DONT DELETE THIS SINCE I'VE SEARCHED THE ENTIRE INTERNET AND COULDNT FIND ANY SOLUTION TO THIS PROBLEM. I DON'T EVEN THINK SOMEONE FACED IT YET!!
I guess the question simplified is: can you do anything with just a cc number?
I assume I'm missing something obvious here. For example, I was ordering food online and when I went the website it would automatically check if the credit card number was valid or invalid as soon as you typed the last character. No cooldown.
I even messed around with it for a bit and ended up putting in random numbers and got a match. Is getting the name, cvv, etc nearly impossible without more information? Is the credit card number too large to keep checking it that way?
I had this question pop up into mind but couldn’t find a subreddit to ask it in. As the title suggests, I want to question how many of the same character repeated over and over as a password you would need in order to create a “strong” password by today’s standards, assuming that there is no limit to the maximum length of this password. Theoretically, how many do you think you would need? (If you know something about how a password-cracking algorithm works)
edit: the hacker does not know that you're just using "A" in your password, they just have to brute force the regular way
I’ve searched high and low but can’t seem to find any information, so I figured someone here would help… I’m still learning, so excuse my ignorance, but I’ve been playing around with John The Ripper and generally just trying to learn. But I’ve hit of issue. I have a zipped and password protected folder containing around 22 mp3 files. I’ve run zip2john and saved the text file, but the damn thing is around 800+mb in size. Only the folder is locked, but looking at the txt, it appears to have produced hashes for each and every file. Am I doing something wrong? Or is it possible to have John save the hash for just one file, which presumably, once cracked would provide the password for the main folder?
First lab of Clickjacking path consists of performing a simple clickjacking attack.
For this purpose, we incorporate the account page into our exploit server as follow:
<iframe src=[account-url]></iframe>
The issue that I encounter is that when I log into the account page, my session cookie isn't passed in the iframe tag. It results of showing a login page that I cannot exploit.
I've watched the solution and did as it was shown but nothing change: when viewing the exploit, the page incorporated in the web page is the login page (with a different cookie session). Does anyone got an idea on how to solve my issue ? Thanks a lot.
Stumbled upon a telegram group giving out free logs as zip files
Some decent information although old BUT a couple of the files had malware in it that Microsoft defender picked up
Now I'm wondering what it didn't Pick up cos my PC is suddenly Very slow and don't know how to scan and remove anything
Hello! This may be stupid and may not even be possible but I have an old garmin nuvi 260 from like 2007 and it no longer works. Is it possible to flash the software to make it into a photo viewer or video player? I've never tried anything like this before and have been searching for over a week and can't find any information (I could be looking up the wrong keywords or something.) I don't want to trash it because the battery holds a charge, it still is in amazing condition so I want to try and utilize it in daily life, even if it's just a photo viewer. Is it even possible?
Please let me know.
hello im new to pen testing and thro learning i came cross xss
i got these errors
|| || |CVSSv3.1 Score|Vulnerability CVE-ID CVE|Vulnerability Type| |5.5 Medium|CVE-2021-41184|CWE-79 - Cross-site scripting| |5.3 Medium|CVE-2021-41182|CWE-79 - Cross-site scripting| |5.3 Medium|CVE-2021-41183|CWE-79 - Cross-site scripting| |4.1 Medium|CVE-2022-31160|CWE-79 - Cross-site scripting|
i searched the web for it to find what it is and how to exploit / prevent it
still when i try to do the <script> alert < /script>
nothing shows thro burpsuite or manual typing
any tips ? thanks
I am looking for a new laptop and was wondering about the spec necessary for pentesting.
One of them was the monitor mode on WiFi card. Is this really a must have for pentesting ?
All I can think of is WiFi cracking and it is not very common in the field, so I was looking for more situation where I would need to use monitor mode on my wifi card.
I'm new to hacking and am working through a book by Bob Bittex. In it, we have to use Cain and Abel but I can't seem to download it.
Does anyone have any suggestions?
in my class we had an assignment to code an MMO in python, after that we now begin to hack into each other's games to learn and gain experience.
however, iv'e never done this before so I'm a bit clueless
we run the loadbalancer and servers in docker and then run a .exe file to run the game, I tried putting the files in IDA and recording packages in wireshark but the data is coded so I tried using an online hash decoder yet no luck. I don't know how to proceed further and any help will be really appreciated!
I am very interested in technology/ethical hacking and often wonder about topics like C2 servers or similar subjects, specifically how people manage to remain anonymous. After all, you need to be able to control the operations from somewhere.
Does anyone have any reading material on this topic?
Hello,
so have been facing this issue when performing sqli's on params or forms, usually I get this error when I try to retrieve any information about the database,
this issue has been explained here
https://github.com/sqlmapproject/sqlmap/issues/384#issuecomment-290774905
am not sure if its a false positive or not but have not been able to solve it, any help would be appreciated
here is some screenshots:
https://postimg.cc/gallery/Zqd60b6
instead of actual database information i just get '\'
here is the ghauri options i used,its basically same options when i use sqlmap
proxychains4 -q ghauri -u "https://example.com/user/gallery.php?id=img1" -p "id" -v=3 --level=3 --prefix='///!12345' --suffix=/// --dbs --hostname --banner --delay=5 --time-sec=10
target is protected by waf(immunify),