Null Byte How-Tos

How To: Sieze Control of a Router with Routersploit

A router is the core of anyone's internet experience, but sadly most people don't spend much time setting up this critical piece of hardware. Old firmware, default passwords, and other configuration issues continue to haunt many organizations. Exploiting the poor, neglected computer inside these routers has become so popular and easy that automated tools have been created to make the process a breeze.

How To: Set Up a Practice Computer to Kill on a Raspberry Pi 3

The world is full of vulnerable computers. As you learn how to interact with them, it will be both tempting and necessary to test out these newfound skills on a real target. Today, I'll introduce a deliberately vulnerable Raspberry Pi image designed to help you practice and take your hacking skills to the next level.

Social Engineering: How to Use Persuasion to Compromise a Human Target

Social engineering makes headlines because human behavior is often the weakest link of even well-defended targets. Automated social engineering tools can help reclusive hackers touch these techniques, but the study of how to hack human interactions in person is often ignored. Today, we will examine how to use subtle, hard to detect persuasion techniques to compromise a human target.

How to Hack Radio Frequencies: Hijacking FM Radio with a Raspberry Pi & Wire

In our first part on software-defined radio and signals intelligence, we learned how to set up a radio listening station to find and decode hidden radio signals — just like the hackers who triggered the emergency siren system in Dallas, Texas, probably did. Now that we can hear in the radio spectrum, it's time to explore the possibilities of broadcasting in a radio-connected world.

How To: Load & Use Keystroke Injection Payloads on the USB Rubber Ducky

Keystroke injection attacks are popular because they exploit the trust computers have in human interface devices (HIDs). One of the most popular and easily accessible keystroke injection tools is the USB Rubber Ducky from Hack5, which has a huge range of uses beyond simple HID attacks. The USB Rubber Ducky can be used to attack any unlocked computer in seconds or to automate processes and save time.

How To: Set Up Kali Linux on the New $10 Raspberry Pi Zero W

In five short years, three generations of ultra-low-cost Raspberry Pi devices have challenged the boundaries of what a person can do with a $35 computer. With each more powerful and cheaper than the last, the addition of the Pi Zero in 2015 took the same Broadcom BCM2835 processor from the original Pi and put it on a tiny 1.18-inch board. This tiny form factor has powered attacks like PoisonTap and even drones, but the one thing lacking has been the connectivity of the Pi 3.

How To: Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux

The Raspberry Pi is a credit card-sized computer that can crack Wi-Fi, clone key cards, break into laptops, and even clone an existing Wi-Fi network to trick users into connecting to the Pi instead. It can jam Wi-Fi for blocks, track cell phones, listen in on police scanners, broadcast an FM radio signal, and apparently even fly a goddamn missile into a helicopter.

How To: Punchabunch Just Made SSH Local Forwarding Stupid Easy

SSH local forwarding is a must for covering your tracks and getting out there to do your work. Also called SSH tunneling, this process will put one or more steps between your machine and the machine you're working on, for security and other purposes. It can be a bit daunting for newbies to get down, and that's where Punchabunch comes in.

How to Hack Wi-Fi: Capturing WPA Passwords by Targeting Users with a Fluxion Attack

With tools such as Reaver becoming less and less viable options for penetration testers as ISPs replace vulnerable routers, there becomes fewer certainties about which tools will work against a particular target. If you don't have time to crack the WPA password, or it is unusually strong, it can be hard to figure out your next step. Luckily, nearly all systems have one common vulnerability you can count on—users!

How To: Create a Reusable Burner OS with Docker, Part 2: Customizing Our Hacking Container

In the first part of my containers series, we learned how to install Docker on our local machine, pull down "hello-world" and Ubuntu containers, SSH into containers, and install software when in a container. Now, we're going to work on building, customizing, and storing our refined hacking Ubuntu container. Before we dive right in, though, let's make sure we still have a functional Docker installation.

How To: Create a Reusable Burner OS with Docker, Part 1: Making an Ubuntu Hacking Container

Containers are isolated software instances representing applications, servers, and even operating systems—complete with all of their dependencies, libraries configuration files, etc.—and they're taking over the corporate world. The ephemeral, portable nature of containers help them stay current and speedy, and they can work on pretty much any computer, virtual machine, and cloud.

How To: Slip a Backdoor into PHP Websites with Weevely

Backdoors are convenient to leave behind once you've already found a way into a server, and they can come in handy for a variety of reasons. They're good for developers who want a quick way into machines they're working on, or for systems administrators who want similar access. Of course, backdoors are also a hacker's best friend, and can be added in a variety of ways. One good tool for doing this is Weevely, which uses a snippet of PHP code.

Mac for Hackers: How to Organize Your Tools by Pentest Stages

With all of the bare-bones setup out of the way in our Mac for Hackers series, your Apple machine should be ready to run a significant amount of pentesting tools. We can pull tools from GitHub and compile them, we can pull dependencies or tools from Homebrew, we have both Python and Ruby. Everything is ready to go and now it's time to start building a toolbox on our local host.

How To: Install Gitrob on Kali Linux to Mine GitHub for Credentials

GitHub is an extremely popular site that allows developers to store source code and interact with other users about their projects. Anyone can download public, open-source files on GitHub manually or with Git, and anyone can fork off someone's project to expand or improve it into its own project. It's a really great site for programmers, developers, and even inspiring hackers.

How To: An Intro to Vim, the Unix Text Editor Every Hacker Should Be Familiar With

As pentesters and hackers, we're going to be working with text frequently—wordlists, configuration files, etc. A lot of this we'll be doing on our own machine, where we have access to whatever editor we prefer. The rest of it will be on remote machines, where the tools for editing will be limited. If nano is installed, we have an easy-to-use terminal text editor, but it isn't very powerful.

How To: Use UFONet

With the release of the Mirai source code, botnets are back in a big way. In the early days of botnets, zombies (infected hosts) would report to IRC (Internet Relay Chat) channels for CNC (command and control) instructions. Modern botnets have evolved, but they continue to use the same concepts as their predecessors.

Mac for Hackers: How to Create an Encrypted Disk Image

Before we dive any further into getting your Mac ready for hacking, I wanted to continue on with the concept of encryption. In the last part, we talked about full disk encryption on your Mac, but now I want to quickly cover the encryption of disk images before we dive into managing passwords, terminal emulators, etc.

How To: Use a Misconfigured SUID Bit to Escalate Privileges & Get Root

Gaining access to a system is always exciting, but where do you go from there? Root or bust. Sure, a compromised host is a great way to run a botnet, or do some other boring, nefarious thing—but as hackers, we want root. We also want to take the easiest path possible, search out low-hanging fruit, and exploit them. SUID programs are the lowest of the low-hanging fruit.

How To: Diceware Gives You Truly Random Yet Easy-to-Memorize Passwords

Passwords are everywhere. We use them to unlock phones, computers, websites, encrypted disks, encrypted files... the list just goes on and on. Savvy users will already have a password manager of some sort that can generate a very strong password on a per site basis. However, these password managers also require a password. Not only that, it has to be something memorable.

Mac for Hackers: How to Get Your Mac Ready for Hacking

When it comes to hacking guides, most are written from the perspective of a Linux user. There are a few outliers, but it's mainly Linux, which leads to the idea that Linux is the only OS that's viable for hacking. This couldn't be further from the truth. A properly set up Apple machine can do quite a bit of heavy lifting.

How To: Create an Undetectable Trojan Using a Domain Name

In this tutorial I am going to show you how to create an undetectable Meterpreter Trojan using a Domain name. I have taken a few guides/tutorials and built it into one. The first part is creating the DNS Payload. The second part is creating the Executable file. Part 3 is using both in Shellter to create your undetectable Trojan. Part 4 is setting up your listener using Armitage.

How To: VBScript for DDosing Sites

Hello Guys, Today I have made a script for ddosing sites with VBScript! And I don't know how you guys do it, but I've made a script that refreshes the page in a chosen amout of milliseconds. And if you want it a number of times or if you want it to go on and on. And this is a script to run it on your botnet. But again I don't know if this works on your botnet too.

Prev Page