Justthinking's Posts
Nairaland Forum › Justthinking's Profile › Justthinking's Posts
 Programming › Re: Ethical Hackers by justthinking(op): 11:02am On Sep 14, 2013 |
Now that we are connected to the database we can use the command show databases; in order to discover the databases that are stored in the MySQL server. [img][/img] As a next step is to choose one database and then to try to see the tables that it contains in order to start extract data.We can do that with the command use <dbname> and the command show tables; [img][/img] We can see that there is a table user.We would like to extract the data of that table as it contains the usernames and passwords of the system.We can achieve that with the command select User, Password from user; [img][/img] As we can see there are 3 accounts with blank passwords.So now we have all the accounts of the MySQL database.We can now discover additional tables from other databases with the command show tables from <dbname>; [img][/img]
|
| Programming › Re: Ethical Hackers by justthinking(op): 10:59am On Sep 14, 2013 |
Before we use these accounts in order to connect and interact directly with the database we can use another two metasploit modules that can help us to enumerate the database accounts and to dump the usernames and password hashes of the MySQL server.Of course this can be done manually but Metasploit helps us to automate this process.So first we will configure the module mysql_enum in order to find information about the database accouts: [img][/img] We can see a sample of the output in the following image: [img][/img] Next its time to configure and run the mysql_hashdump module in order to dump the passwords hashes from all the database accounts: [img][/img] Next its time to configure and run the mysql_hashdump module in order to dump the passwords hashes from all the database accounts: [img][/img] Now we can use any mysql client to connect to the database.Backtrack has already a client so we can use the command mysql -h IP -u username -p password.In our case our IP of the target is 172.16.212.133 and we will use as username the root that has been discovered from the mysql_login module before.We will be prompted for a password but we will leave it blank because the password for the account root is blank.
|
| Programming › Re: Ethical Hackers by justthinking(op): 10:56am On Sep 14, 2013 |
How to hack mysql server using Metasploit: MySQL is one of the most used databases that is being used by many applications in nowadays.So in a penetration testing engagement it is almost impossible not to find a system that will run a MySQL server.In this article we will see how we can attack a MySQL database with the help of Metasploit framework. Lets say that is in the scope of our penetration test is a MySQL server.The first step is to discover the version of the database.Metasploit Framework has a module that allows us to find the version of the database.Knowing the version of the database will help us to discover additional vulnerabilities. [img]mysql-enumeration[/img] The only thing that we have to do is to insert the remote IP address and to execute it with the run command. [img]mysql-enumeration1[/img] Now we can use the mysql_login module in combination with our wordlists in order to discover at least one valid database account that will allow us to login to the MySQL database.It is always a good practice as a penetration testers to check the database for weak credentials. [img]mysql-login[/img] The scanner was successful and now as we can see from the results we have two valid accounts (guest and root) for remote connection.Both of these accounts they don’t have a password set. [img]valid-accounts-mysql[/img]
|
| Programming › Re: Ethical Hackers by justthinking(op): 10:45am On Sep 14, 2013 |
centrex: JOIN US AS @ CENTREX AS WE CELEBRATE CYBER SECURITY MONTH IN NIGERIA ....wow, dat great but the question i want to ask is what do ur company really do. am sorry if that sound somehow, but is it that u go around educating ppl on cyber security or u do another tin like do u create software e.t.c. i just blieve we might be able to help u better if we really understand wat is it u really do even wen dis ur campain is over. |
| Programming › Re: Ethical Hackers by justthinking(op): 9:08pm On Sep 12, 2013 |
megatran: thanks...but u could just guess....ok i will do just that. i presently work as a software engineer for a company so i learn hacking for mostly for the fun part. i just love to make computer do funny things. but in cas someone nid to break a system legally am alway here to help. u can also share urs if you want. |
| Programming › Re: Ethical Hackers by justthinking(op): 2:43pm On Sep 12, 2013 |
megatran: wow! what a coincidence...i just hacked into my schools microbiology router as at yesterday and i did reconfiguration by using some specific ip and mac address of people that i knew where in the hot server zone and violla i was in i did that admin thing and alas it worked. welll i was quite too inquisitive as i over changed protocol on the device and that lead to the rouiter crashing..its now completely off the network as we speak as i hid it in a specific ip that i cant even get to run anymore..but not to worry sha i guess maybe they would send their engineers to fix it. i have also hacked other passwords for my schools wlan hotspot that only staff use. what is ur average download speed on ur schools ict on idm cos mine is capped at 200kBps and i have being trying to increase it but no luck...nice feat by the way@just thinkinglol. dat great  . wich skl are u? |
| Programming › Re: Ethical Hackers by justthinking(op): 11:21am On Sep 12, 2013 |
megatran: LETS MAKE THIS LIVELY. what if we throw random hacking tutorials and maybe feats that have being conquered by us in the hacking worklol. one of my hacking trick involve wen i break into one of UNAAB router without using any hacking software. i was logged in the network so i just decide to play around a little bit. i open my cmd to check the default router ip address. i just copied it and paste it in my browser and the router configuration homepage just displayed asking for username and password. i just did some guessing and i enter admin as username and root as password and i was in. so i just change some configuration wich include the username and password for the router and i left. u can also share urs. |
| Programming › Re: Ethical Hackers by justthinking(op): 11:11am On Sep 12, 2013 |
DonCrust: You're right about 64bit OS not as good as 32bit OS and the fact that i run windows 8 makes it terrible. Often times, i have to reinstall or restore my pc due to errors and stuffs. Maybe i'll switch back to windows 7. By the way, what's the size of backtrack and if i may ask, what isp are you guys using? I'm spending too much on data these daysbacktrack size is around 3gb of size. |
| Programming › Re: Ethical Hackers by justthinking(op): 11:08am On Sep 12, 2013 |
wisemania: Hello ladies n gentlemen....i've been following diz thread and i must say am impressed....am currently a studnt of uniben studying pet engine bt av got a zeal for HACKING...i strted lenin html,css 2mnths ago,ofwc am currently on javascript ,later wud b movin 2 jQuery and Ajax...den 2php Sql and d rest as regards webdesign...i felt starting wif these will make hacking very easy 4me coz am an aspiring HACKER ,webapps and mobileapps developer...n i hp am on d ryt track....anywaz my question iz how can i bkom an an ETHICAL hacker....dis question goes to my Javanian,Just-thinking,LordZouga,logica,webdezzy,seun,kodewriter,sbucareer(if shez stil on dis netwrk) and others wif ideas...thanks and God bless ya'll...incase of any necessity my no is-08169103459..it is simple boss. determination and learning. try to read as many books u can and practicalize. doing the practical is very important just as learning. get a good hacking book after that set up ur hacking lab and sir the sky is ur limit. |
| Programming › Re: Ethical Hackers by justthinking(op): 11:07am On Sep 12, 2013 |
wisemania: Hello ladies n gentlemen....i've been following diz thread and i must say am impressed....am currently a studnt of uniben studying pet engine bt av got a zeal for HACKING...i strted lenin html,css 2mnths ago,ofwc am currently on javascript ,later wud b movin 2 jQuery and Ajax...den 2php Sql and d rest as regards webdesign...i felt starting wif these will make hacking very easy 4me coz am an aspiring HACKER ,webapps and mobileapps developer...n i hp am on d ryt track....anywaz my question iz how can i bkom an an ETHICAL hacker....dis question goes to my Javanian,Just-thinking,LordZouga,logica,webdezzy,seun,kodewriter,sbucareer(if shez stil on dis netwrk) and others wif ideas...thanks and God bless ya'll...incase of any necessity my no is-08169103459..it is simple boss. determination and learning. try to read as many books u can and practicalize. doing the practical is very important just as learning. get a good hacking book after that set up ur hacking lab and sir the sky is ur limit. |
| Programming › Re: Ethical Hackers by justthinking(op): 8:44am On Sep 10, 2013 |
DonCrust: I have a HP 620 laptop with 280gb memory, 2gb ram, 2.30gh processor speed and windows 8 running on It. Is this a good pc to start with?it is a gud specs. just try to increase ur RAM to 3gb incase u want to create a virtual lab so that ur system will not slow down. |
| Programming › Re: Ethical Hackers by justthinking(op): 8:33pm On Sep 09, 2013 |
megatran: thats a cool spec u have got..by computer do u mean desktop, if yes i would like to know why u prefer a desktop. the addon hosting is a paid hosting site do u have an alternative free hosting site that can work with botnets?no it is a laptop. i dont knw any free hosting website to host the botnet. blieve me it is difficult to even see a paid hosting website that allow botnet talkless to free. |
| Programming › Re: Ethical Hackers by justthinking(op): 8:19pm On Sep 09, 2013 |
megatran: 9ja and internet tech are kind of parallel lines...too much politics and religon flowing in their head i tell u. and JT wats d spec and type of laptop u use if u dnt mind160gb Hard disk, 3gb Ram and 2gh processor speed. trying to get a computer? |
| Programming › Re: Ethical Hackers by justthinking(op): 6:27pm On Sep 09, 2013 |
bonef: this is unbelievable, I went to the almighty NIIT center in ph to inquire for c and C++ course and they told me they don't offer that course there, ok, as if that was not enough they advised me not to go else where to learn here in naija that other IT centers claiming to run such course could be a flop at the end. if a whole NITT of all IT center no get such course that means person go begin hustle visa go yankee just to learn c and c++ ni, abeg where I fit learn c and c++ for naija?to say the truth boss. i av neva for once put my faith and life in this God forsaken country(am sorry if that get anyone angry. it is just my opinion). all am saying is i av neva blieve in nigeria helping me wen we are talking about IT. i av always been my own helper. i learnt almost everytin myself. if u av any oppourtunity to travel nd go learn dis things please dont think twice. wen i was doing my ND in skl. i av always bin knwn as a computer guy nd am really a less social person so i really dont av much friends. i do alot of research then but it is not that easy because how MUCH and FAST our internet is (ironically). so most time it takes me very long time to complete a research. i can even remenber one of my friend saying he can neva become a programmer because of the wahala he sometimes see me go thru. dis my same friend travel to malaysia after our ND. blieve me this guy av bcom a total computer freak in just 6 month. it seems as if he achieve wat takes me a year and half to achieve in 6 month. i ask him how he get from been a computer dont care to computer freak. nd all he told me was " av a professor of computer science tell u before that u are talented, that he bliev in u even wen he doesnt blieve in himself". he even said he was chosen for a computer competition in united state. they didnt win. but wen dey return to malaysia the professor told them He didnt send them dare to win. that he just wanted them to go and learn. he said that wat fire him up nd also he av all the resources in the world. tell me any university in nigeria that will spend thousand of dollars for ur transportation, accomodation and feeding just for u to go and learn (not to win). all am saying is i go out of this talent killer we call a country and go learn but if u dont av any resources to travel. try to learn as much as u can in this contry. go to google download books and read. u want to learn c language . download the book and practicalize it. send me ur email if i can send u a some of my books. |
| Programming › Re: Ethical Hackers by justthinking(op): 5:58pm On Sep 09, 2013 |
bonef: good question bro, I run 100% FUD Trojan services to people using a friends host successfully, I asked him several times to tell me the kind of hosting site suitable for botnets and it turned out to be quarrel because he never wanted to tell me. each time I upload Trojan files to different hosting sites my account gets suspended. But when I upload to my friends cpanel I run it successfully.try to use Addon Hosting. it is quite nice offshore bullerproof hosting site. but be carefull not to release ur personal information.@mega. |
| Programming › Re: Ethical Hackers by justthinking(op): 1:09am On Sep 08, 2013 |
Dozymorehectonw: Does any one knows how to make any keylogger FUD using hex editor without buying cripter software. Wat are the keys word or code to change in other to deceive anti-virususing hex editor is quite complex nd u can easily screw up the rat server. since u said u dont want to buy a crypter. why dont u use msfencode to make it FUD. if u av metasploit with cywin install on ur windows system u can use "msfencode -e x86/shikata_ ga_nai -c 10 -i /root/Desktop/server.exe -o /root/ server2.exe" or u can just copy the server to backtrack and use the linux terminal. 2 Likes |
| Programming › Re: Ethical Hackers by justthinking(op): 3:06pm On Sep 06, 2013*. Modified: 5:08pm On Sep 06, 2013 |
Funny and easy way to break and hack a linux operating system. i knw alot of people have been saying that linux os is very secure that windows operating system. even though wen we compare the number of vulnerability they both av u will find out that windows is more vulnerable than linux but that doesn mean linux is 100% safe. this is a trick on how to easily hack into linux os. all u nid for this hack is just a live linux cd. either ubuntu, fedora, open suse e.t.c. just insert the live cd into the computer and boot it from cd rom. after the live cd has completed its loading process. open ur terminal. i guess we all knw that a linux os is a file like os. almost everytin is in form of a file. all ur drive is store in the dev folder of the os. enter the command in ur terminal. "mkdir recover" this will creat a folder called recover. this is where we will mount the data on the hard disk to. after that enter "mount /dev/sda1 /recover". this command will mount ur hard disk (sda1) to the recover folder. after that u can enter the recover folder and do whatever u like. like copy folder, files e.t.c. u can also change the computer password without knowing the old password from dare. to change the password u will need to get th hash value of the new password. since almost all linux variant uses md5 DES hashing algorithm. all u have to do is just search for text to linux hash converter in google. any site i gives u enter the new password and convert. it will convert it to hash. copy the hash value down. after that use ur terminl and enter "gedit /recover/etc/passwd". the passwd file is where the hashed password is stored. it is more like the windows SAM file. in gedit now copy password of any username u want to chaange(it is advisiable for you to make backup before u continue). delete it and paste the new password hash value. save the file nd close it. but in case u are more interested in cracking the password. just copy all the username and password nd paste it in a text file. u can then u any password hacking software(john the ripper prefered) to crack the password. |
| Programming › Re: Ethical Hackers by justthinking(op): 2:53pm On Sep 06, 2013 |
u can reach me at arotob@gmail.com. but i will prefer u posting ur question here so that we can all learn. |
| Programming › Re: Ethical Hackers by justthinking(op): 2:47pm On Sep 06, 2013 |
megatran: thanks for ur reply, i av tried the dc with my victim on same hotspot with no sucess. i also tried my victim on a airtel modem network while i was loogged in on the hotspot yet no progress. u said something about using portforwarding on the modem i dont get it..can u pls help me with steps on how u created urs, maybe it will be clearer that way. i am on yahoo messenger. incase u there too. megatransmitter@yahoo.com is the mailok i understand u now. am sorry to say but it seem u are confusing urself a little. so maybe i shuld try to explain some tins to u. wen u are on a hotspot, u are on a local area network i.e ur local ip address cannot be routed on the internet. so wen u use ur airtel modem and still connect to the hotspot u are on two different network entirely i.e both network are working independable on each other. if your victim is on the network you are. it means you airtel network will not be able to acces that network because u will be assign a private ip address. to clear up some tins try to read abt networking a little(subnetting, nat ) that two topic will make u understand some tins. to create ur RAT. try to do this. go to cmd (i hope u knw how to do that ) and enter "ipconfig /all". since u said u are on hotspot try to look for ur wireless adapter u will see ur ipaddress. try to copy it down. now go back to dark comet setup. wen u are setting it up dont use the no-ip address just enter ur local ip address into the RAT server address textfield( i.e the address u copied down frm cmd) and dont put any password during the set up. after that send the server to the victim computer and run it. for testing purpose disable victim compute firewall and antivirus. also disable ur firewall and anti virus and see if it will connect. i would have created one for you but dare is no way for me to knw ur ipaddress. try dat and give me feedback sir. |
| Programming › Re: Ethical Hackers by justthinking(op): 10:56am On Sep 06, 2013 |
megatran: thanks for ur reply...but the issue of portforwarding is an issue because i cant do that cos i am not the admin and dont have priviledges like that to the router. i have tried using modem with my victim while i stay logged in on the hotspot connection but it doesnt find the victim. i am probably thinking i dont have a very good dcrat file. could you help me with your rat file so i will be clear on this. thanksam sorry i dont seem to get sumtin. are you on the same network with the victim or u are not. port forwarding is optional it is just in case u are connected through a router and since u said u are using modem modem i dont see any need for port forwarding. and also try to unlock port 200 on ur computer or disable ur firewall nd try to reconnected. if u set password during the dark comet setup. try to create a new one without password and connect to it. if u av a virtual box u can test it between ur virtual sysyem before and see maybe u can connect before deployement on victim systems. i would like to knw if u are on the same network with the victim or not. i mean i u trying to connect to victim computer that is connect to the same hotspot has u do? |
| Programming › Re: Ethical Hackers by justthinking(op): 10:02pm On Sep 05, 2013 |
megatran: hello just thinking, it seems u really a boss in this hacking stuff. well, if u dont mind, i am having issues with creating a rat using darkcomet rat, i have used all necessary process, i used dcrat5.1, configured my no-ip, and since i couldnt buy a router, i had to hack into my schools wifi for some fruits and thats what i ported to on my rat..the ports already opened on the hotspot were 80,443,21, 22. i also tried using proxpn and other freely customizable vpn but the issue is that my virus works when i run it on my pc but on other pc i cant get em...pls it has really been a hadache to me but i have hopes that u could help me somehow. i would also suggest that u graciously drop ur yahoo mail or anonymous facebook so we could chat with u more often..thanks a lotok. but b4 i continue i would like to understand some tins. are you trying to use your RAT on computer you are on the same network i.e LAN or u trying to use it for computer on WAN. becos no-ip is like a free dns for dynamic ip address. that mean u are on WAN. all am saying is that if u are on the same network as the victim computer you dont need no-ip. all you just have to do is enter your local ip-address during the RAT setup and u are fine. but in case u are not on the same network then u can use no-ip but u to do port-forwarding try to read dis tutorial nd see if it helps you http://zero-security.org/Thread-TuT-How-To-Setup-DarkComet-Rat-5-3-1-Port-Forwarding-Noip-FuD-Crypter-TuT |
| Programming › Re: Ethical Hackers by justthinking(op): 11:05pm On Sep 04, 2013 |
ifyonu5: Hello house iam seriously in need of the services of an ethical hacker to assist me in some internent security issues please anybody interested shld pls get in touch with me through ifyonu5@gmail.comwhat internet issues is that. try to post it here so that u can get solution frm different ppl nd we can also learn frm the solution. |
| Programming › Re: Ethical Hackers by justthinking(op): 5:16pm On Aug 30, 2013 |
ardovee: pls am needing help with any vpn software free version,i have been tryng to to sign up on tunnel bear after the download but it keeps rejecting my sign up..pls is there any one with ideas,gr8 hackersi tink you can use proxy. try hidemyass.com or try to learn about TOR. |
| Programming › Re: Ethical Hackers by justthinking(op): 12:41pm On Aug 29, 2013 |
oleku: Dark Comet is a tool, Kali is a OS with more than enough tools. They are 2 different things and RAT is 1 out of thousands of possible methods of compromising user systemok boss. it is more of a backrack. u knw matriux. |
| Programming › Re: Ethical Hackers by justthinking(op): 7:41pm On Aug 27, 2013 |
oleku: Its Crap ... you don't need that .. Just get Kalii tink u can also try dark comet it is a goot RAT 1 Like |
| Politics › Re: FG Borrows $1.6b To Expand Power Transmission – Nebo by justthinking: 2:13pm On Aug 27, 2013 |
well am just thinking in case nigeria split who will pay back all this money. |
| Programming › Re: Ethical Hackers by justthinking(op): 8:09am On Aug 27, 2013 |
bonef: people still using phising site/fake site to get passwords in this new age? that is outdated, brothers please anyone with good botnet should please drop the setup method here. thanks.lol. u are rite for saying that phishing is an old method of hacking but that does not mean it is outdated. it has been proving more than once that social engineering( using human error to hack a victim) is still the greatest hacking trick in the world. evem security analyst still find it sumhow difficult to prevent againt this type of hack. do u knw dat u can even phish a website on the fly in a lan without even trying to trick the user into fake website. try to read more about backtrack social engineering toolkit (SET) nd u will probably understand wat am saying. about botnet u can either user zeus( father of all botnet) it is a finacial botnet use for fraud. wen dis botnet was first release in underground hacker world it is sold for about $100,000. u can download and learn how to use it in the website. vctools.net/forum/Thread-tutorial-setup-zeus-bot-with-pictures-tutorial--1432. another one is cythisia. this one is mostly use for causing DDOS. u can also get more information from vctools.net/forum/Thread-vctut-cythisia-botnet---detailed-set-up-with-pictures--10932. |
| Politics › Re: Militants Kill 44 In A Mosque In Borno. by justthinking: 6:15pm On Aug 13, 2013 |
onyxo76: agreed, but which religion do they practise??hmm. i think i av an idea to cus more problem to nigeria. i will just organize some thugs nd anytime we kill someone will be saying in jusus name. i think that will qualify me to be a christian or wait all christian are 419 because i knw some pastors that are. nd also all christian are prostitute cus i knw some christian who are. all christian are theive are rapist cus i knw some who are e.t.c becus of the above christianity is the religion of the devil. |
| Programming › Re: Ethical Hackers by justthinking(op): 5:54pm On Aug 13, 2013 |
kiddie: now this is my place i wanna knw if i can get backtrack 5 r3 in ikejalol. that can only happen in ur dream( i might be wrong). i just downloaded r1 from backtrack site 3 Likes |
| Politics › Re: Militants Kill 44 In A Mosque In Borno. by justthinking: 9:23am On Aug 13, 2013 |
Al PicapcI: But why is the islamic countries still in war? And the bombings in nigeria is majored in the north?and not in the banana eating east? That's the teachings of mohammed..u better accept Christ b4 its too late 4 u.....maybe u shuld try to read about how peaceful all dis islamic countries are before the intervention of US(mainly christian county). as for nigeria. why did all the madness start during goodluck tenure. atleast we dont av dis issue during obasanjo( another christian) tenure. it is political. nd Allah will judge them. 2 Likes |
| Politics › Re: Militants Kill 44 In A Mosque In Borno. by justthinking: 7:53am On Aug 13, 2013 |
jametex: I hate islam,a blood sucking religion.. |
| Politics › Re: Militants Kill 44 In A Mosque In Borno. by justthinking: 7:53am On Aug 13, 2013 |
jametex: I hate islam,a blood sucking religion..if ppl can seriously like this comment, then am not surprise abt wat is happening in nigeria |
so are there anyways u really make money from hacking cos i av being doing it for fun all this time. it was just quite recently i had to channel thots towards coin being regularly placed upon palm considering the fact that my number of years lived are not growing shotter. if u have any idea that u may not like to say here u could add me on facebook so we could break proper words..wat do u think?