Hot Null Byte Posts

How To: SSH into Your Raspberry Pi Using a USB-to-TTL Serial Cable

Using a headless Raspberry Pi without a network connection can be a frustrating experience, but with the help of an old-school technique, we can SSH directly into our Pi with only a USB-to-TTL serial cable. This is also handy if we don't have a power source since we can both access and power our Linux distro with no peripherals needed.

How to Hack Wi-Fi: Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher

Welcome back, my tenderfoot hackers! Do you need to get a Wi-Fi password but don't have the time to crack it? In previous tutorials, I have shown how to crack WEP, WPA2, and WPS, but some people have complained that cracking WPA2 takes too long and that not all access points have WPS enabled (even though quite a few do). To help out in these situations, I present to you an almost surefire way to get a Wi-Fi password without cracking—Wifiphisher.

How To: Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux

The Raspberry Pi is a credit card-sized computer that can crack Wi-Fi, clone key cards, break into laptops, and even clone an existing Wi-Fi network to trick users into connecting to the Pi instead. It can jam Wi-Fi for blocks, track cell phones, listen in on police scanners, broadcast an FM radio signal, and apparently even fly a goddamn missile into a helicopter.

How To: Exploit PHP File Inclusion in Web Apps

File inclusion can allow an attacker to view files on a remote host they shouldn't be able to see, and can even allow us to run code on a target! Today we'll be exploring PHP file inclusion using the Damn Vulnerable Web App to practice on. I will cover how both remote file inclusion and local file inclusion work, with the goal of achieving shell access to the vulnerable host.

How To: Use SSH Local Port Forwarding to Pivot into Restricted Networks

SSH is a powerful tool with more uses than simply logging into a server. This protocol, which stands for Secure Shell, provides X11 forwarding, port forwarding, secure file transfer, and more. Using SSH port forwarding on a compromised host with access to a restricted network can allow an attacker to access hosts within the restricted network or pivot into the network.

How to Hack Wi-Fi: Capturing WPA Passwords by Targeting Users with a Fluxion Attack

With tools such as Reaver becoming less and less viable options for penetration testers as ISPs replace vulnerable routers, there becomes fewer certainties about which tools will work against a particular target. If you don't have time to crack the WPA password, or it is unusually strong, it can be hard to figure out your next step. Luckily, nearly all systems have one common vulnerability you can count on—users!

Buyer's Guide: Top 20 Hacker Holiday Gifts for Christmas 2017

Hackers can be notoriously difficult to buy gifts for, so we've curated a list of the top 20 most popular items Null Byte readers are buying during their ethical-hacking studies. Whether you're buying a gift for a friend or have been dying to share this list with someone shopping for you, we've got you covered with our 2017 selection of hacker holiday gifts — just in time for Christmas.

How to Hack Wi-Fi: Creating an Evil Twin Wireless Access Point to Eavesdrop on Data

Welcome back, my greenhorn hackers! Now that we're familiar with the technologies, terminology, and the aircrack-ng suite, we can finally start hacking Wi-Fi. Our first task will be to creating an evil twin access point. Many new hackers are anxious to crack Wi-Fi passwords to gain some free bandwidth (don't worry, we'll get to that), but there are so many other Wi-Fi hacks that are far more powerful and put so much more at risk than a bit of bandwidth.

Hack Like a Pro: How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite

Welcome back, my hacker novitiates! In an earlier tutorial, I had introduced you to two essential tools for cracking online passwords—Tamper Data and THC-Hydra. In that guide, I promised to follow up with another tutorial on how to use THC-Hydra against web forms, so here we go. Although you can use Tamper Data for this purpose, I want to introduce you to another tool that is built into Kali, Burp Suite.

How To: The Hacks Behind Cracking, Part 1: How to Bypass Software Registration

If you've ever wondered how software pirates can take software and crack it time and time again, even with security in place, this small series is for you. Even with today's most advanced methods of defeating piracy in place, it is still relatively easy to crack almost any program in the world. This is mainly due to computer processes' ability to be completely manipulated by an assembly debugger. Using this, you can completely bypass the registration process by making it skip the application'...

How To: An Intro to Vim, the Unix Text Editor Every Hacker Should Be Familiar With

As pentesters and hackers, we're going to be working with text frequently—wordlists, configuration files, etc. A lot of this we'll be doing on our own machine, where we have access to whatever editor we prefer. The rest of it will be on remote machines, where the tools for editing will be limited. If nano is installed, we have an easy-to-use terminal text editor, but it isn't very powerful.

Hack Like a Pro: How to Clone Any Website Using HTTrack

Welcome back, my hacker novitiates! Recently, I demonstrated a hack where you could redirect traffic intended for one site, such as bankofamerica.com, to your fake website. Of course, to really make this work, you would need to make a replica of the site you were spoofing, or better yet, you could simply simply make a copy of the original site and host it on your own server!

How To: Fix Defective Pixels & Improve Image Quality on LCD & LED Monitors

I have owned quite the plethora of electronics in my life. A commonality between most of these devices' screens is frozen or dead pixels. This is probably the most annoying thing about buying new hardware—your LCD, or worse, LED display has one or more pixels that continues to stay lit. Most of the time, this will appear in the form of a brightly colored pixel that never changes, or a pixel that never displays the right color. Once you notice it's there, you just can't stop staring at it. It ...

Mac for Hackers: How to Get Your Mac Ready for Hacking

When it comes to hacking guides, most are written from the perspective of a Linux user. There are a few outliers, but it's mainly Linux, which leads to the idea that Linux is the only OS that's viable for hacking. This couldn't be further from the truth. A properly set up Apple machine can do quite a bit of heavy lifting.

Video: How to Crack Weak Wi-Fi Passwords in Seconds with Airgeddon on Parrot OS

A weak password is one that is short, common, or easy to guess. Equally bad are secure but reused passwords that have been lost by negligent third-party companies like Equifax and Yahoo. Today, we will use Airgeddon, a wireless auditing framework, to show how anyone can crack bad passwords for WPA and WPA2 wireless networks in minutes or seconds with only a computer and network adapter.

Prev Page