Monthly Archives: October 2016

//October

Linux/x86-64 – Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: CripSlick
#include <stdio.h>
#include <string.h>
 

 
//|=========================================================================================
//|=============== CripSlick’s Persistent Bind-Shell with Port-Range + password ============
//|
//|
//| CODE 3 Has everything to offer that CODE2 has and more. CODE2 has everything to offer
//| that CODE1 has and more. CODE1 is still great due to being a very short bind shell.
//| […]

By |October 31st, 2016|Exploits|

Linux/x86 – NetCat Bind Shell with Port using C Programming

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: CripSlick
#include <stdio.h>
#include <string.h>
#include <unistd.h> //| needed for C “fork”
#include <stdlib.h> //| needed for C “system”
 
//|=====================================================================================================
//|================================ CripSlick’s Short NetCat Bind Shell ================================
//|
//|
//| Why use CripSlick’s NetCat Bind Shell?
//| Because it is short and that is about the only reason. If you can spare some bytes, I […]

By |October 31st, 2016|Exploits|

Windows/x86 – Password Protected TCP Bind Shell

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Brother Roziul Hasan Khan
/*
    # Title : Windows x86 password protected bind shell tcp shellcode
    # size : 637 bytes
    # Tested On : Windows 7 ultimate x86 x64
*/
/*
Disassembly of section .text:
 
00000000 <_start>:
   0:   99                      cltd  
   1:   64 8b 42 30             mov    %fs:0x30(%edx),%eax
   5:   8b 40 0c                mov    0xc(%eax),%eax
   8:   8b […]

By |October 29th, 2016|Exploits|

Cisco ASA – Authentication Bypass ‘EXTRABACON’ (Improved Shellcode)

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: RiskSense
Cisco ASA Authentication Bypass (EXTRABACON) Better Shellcode (69 bytes);

 Description:
            This is not the same shellcode as the Equation Group version,
            but accomplishes the same task of disabling the auth functions
            […]

By |October 29th, 2016|Exploits|

Telegram Web 0.5.5 Username Bypass Vulnerability – Easy Mode

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Malware4u
#########################################################################
# Exploit Title: Telegram Web Empty Username Bypass
# version : Telegram Web 0.5.5
# Tested on: Windows 10
##########################################################################
Description:
Telegram filters null bytes for username input but you can bypass this
filter with “NOP”s (0x90) on web version of Telegram because this
filter isn’t from server’s codes side
##########################################################################
Step 1:
First […]

By |October 29th, 2016|Exploits|

DNS Spoofing – Advanced LAN Hacking Technique

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

This tutorial is meant to be purely educational. By reading this tutorial, you agree that you will not replicate the steps I have listed below on ANY Wi-Fi but your own; and you will not use these techniques to manipulate the web requests of anyone […]

By |October 22nd, 2016|Papers|

Shodan A Search Engine For Hackers

Ethical Hacking Training Institute
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan
Shodan: A Search Engine For Hackers
It’s true that we are increasingly connected day by day, this may be due to the Internet of Things (IoT).  Internet of Things (IoT) consists of a complex network of systems and physical devices that allow devices to communicate and […]

By |October 8th, 2016|Papers|