evilsocket/dsploit airmon-ng Description This script can be used to enable monitor mode on wireless interfaces. It may also be used to go back from monitor mode to managed mode. Usage usage: airmon-ng <start|stop><interface> [channel] or airmon-ng <check|check kill> Where: <start|stop> indicates if you wish to start or stop the interface. Usage Examples Typical Uses Check status and/or listing wireless interfaces ~# airmon-ng PHY Interface Driver Chipset phy0 wlan0 ath9k_htc Atheros Communications, Inc. Checking for interfering processes When putting a card into monitor mode, it will automatically check for interfering processes. ~# airmon-ng check Found 5 processes that could cause trouble. Killing interfering processes This command stops network managers then kill interfering processes left: ~# airmon-ng check kill Killing these processes: PID Name 870 dhclient 1115 wpa_supplicant Enable monitor mode Note: It is very important to kill the network managers before putting a card in monitor mode! Disable monitor mode Usage Tips
Angry IP Scanner raffaele-forte/pycryptocat RainbowCrack Project - Crack Hashes with Rainbow Tables raffaele-forte/climber Android Hack-Tool Steals PC Info He managed to find a sample (MD5:283d16309a5a35a13f8fa4c5e1ae01b1) for further investigation. When executed, the sample (detected as Hack-Tool:Android/UsbCleaver.A) installs an app named USBCleaver on the device: When the app is launched, it directs the user to download a ZIP file from a remote server: It then unzips the downloaded file to the following location: /mnt/sdcard/usbcleaver/system folder. The files saved are essentially utilities used to retrieve specific pieces of information when the device is connected via USB to a Windows machine. The following details are grabbed from the connected PC machine: • Browser passwords (Firefox, Chrome and IE) • The PC's Wi-Fi password • The PC's network information The app gives the user the option of choosing what information they want to retrieve: To run the utilities, the sample creates an autorun.inf and go.bat file at /mnt/sdcard. Analysis by — Yeh
dSploit Backdoor.Adwind Technical Details The Trojan may arrive as a malicious attachment from spam emails. The Trojan was developed in Java and can be run on multiple operating systems, including: WindowsMac OSLinux When the Trojan is executed, it creates the following files: %UserProfile%\Application Data\Iexplorer\Chrome.jar%UserProfile%\Application Data\Iexplorer\Desktop.ini%Temp%\JNativeHook_[RANDOM DIGITS].dll%UserProfile%\.plugins2\001.server%UserProfile%\.plugins2\002.server%UserProfile%\.plugins2\003.server%UserProfile%\.plugins2\004.server%UserProfile%\.plugins2\005.server%UserProfile%\.plugins2\006.server%UserProfile%\.plugins2\007.server%UserProfile%\.plugins2\008.server%UserProfile%\.plugins2\009.serverIt also creates the following folder: %UserProfile%\logss Next, the Trojan opens a back door on the compromised computer and connects to the following domain: pepepepe.myvnc.com Note: Backdoor.Adwind can be built with a kit and can be configured to access any URL.
Getting Started In order to make phone calls, WarVOX needs to be configured with one or more service providers. For a list of VoIP ISPs, please see the Service Providers section. To add a new provider to WarVOX, access the web interface, click the Providers link, and fill in the New Provider form. This form allows you to specify a nickname for the provider and indicate how many concurrent outbound calls can be made using this account. Once one or more service providers have been configured, click the Jobs link. The phone number range is specified by entering the phone number (country code first), with numbers replaced by X's where an entire range should be dialed. The seconds field indicates the number of seconds to spend on each call, including the ring time. The outgoing line count is limited by the number of providers available and the number of lines available at each provider. Once the job parameters have been specified, click the Create button to start dialing.